diff --git a/.azure-pipelines/bazel.yml b/.azure-pipelines/bazel.yml index 3c440cdef934..d68973ab0ee4 100644 --- a/.azure-pipelines/bazel.yml +++ b/.azure-pipelines/bazel.yml @@ -1,85 +1,85 @@ parameters: - - name: ciTarget - displayName: "CI target" - type: string - default: bazel.release - - name: artifactSuffix - displayName: "Suffix of artifact" - type: string - default: "" - - name: rbe - displayName: "Enable RBE" - type: boolean - default: true - - name: managedAgent - type: boolean - default: true - - name: bazelBuildExtraOptions - type: string - default: "--flaky_test_attempts=2" +- name: ciTarget + displayName: "CI target" + type: string + default: bazel.release +- name: artifactSuffix + displayName: "Suffix of artifact" + type: string + default: "" +- name: rbe + displayName: "Enable RBE" + type: boolean + default: true +- name: managedAgent + type: boolean + default: true +- name: bazelBuildExtraOptions + type: string + default: "--flaky_test_attempts=2" steps: - - task: Cache@2 - inputs: - key: '"${{ parameters.ciTarget }}" | ./WORKSPACE | **/*.bzl' - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true +- task: Cache@2 + inputs: + key: '"${{ parameters.ciTarget }}" | ./WORKSPACE | **/*.bzl' + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true - - bash: .azure-pipelines/cleanup.sh - displayName: "Removing tools from agent" - condition: ${{ parameters.managedAgent }} +- bash: .azure-pipelines/cleanup.sh + displayName: "Removing tools from agent" + condition: ${{ parameters.managedAgent }} - - bash: | - echo "disk space at beginning of build:" - df -h - displayName: "Check disk space at beginning" +- bash: | + echo "disk space at beginning of build:" + df -h + displayName: "Check disk space at beginning" - - bash: | - sudo mkdir -p /etc/docker - echo '{ - "ipv6": true, - "fixed-cidr-v6": "2001:db8:1::/64" - }' | sudo tee /etc/docker/daemon.json - sudo service docker restart - displayName: "Enable IPv6" - condition: ${{ parameters.managedAgent }} +- bash: | + sudo mkdir -p /etc/docker + echo '{ + "ipv6": true, + "fixed-cidr-v6": "2001:db8:1::/64" + }' | sudo tee /etc/docker/daemon.json + sudo service docker restart + displayName: "Enable IPv6" + condition: ${{ parameters.managedAgent }} - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh ${{ parameters.ciTarget }}' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - SLACK_TOKEN: $(SLACK_TOKEN) - REPO_URI: $(Build.Repository.Uri) - BUILD_URI: $(Build.BuildUri) - ${{ if parameters.rbe }}: - ENVOY_RBE: "1" - BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --jobs=$(RbeJobs) ${{ parameters.bazelBuildExtraOptions }}" - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - ${{ if eq(parameters.rbe, false) }}: - BAZEL_BUILD_EXTRA_OPTIONS: "${{ parameters.bazelBuildExtraOptions }}" - BAZEL_REMOTE_CACHE: $(LocalBuildCache) +- script: ci/run_envoy_docker.sh 'ci/do_ci.sh ${{ parameters.ciTarget }}' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + SLACK_TOKEN: $(SLACK_TOKEN) + REPO_URI: $(Build.Repository.Uri) + BUILD_URI: $(Build.BuildUri) + ${{ if parameters.rbe }}: + ENVOY_RBE: "1" + BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --jobs=$(RbeJobs) ${{ parameters.bazelBuildExtraOptions }}" + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + ${{ if eq(parameters.rbe, false) }}: + BAZEL_BUILD_EXTRA_OPTIONS: "${{ parameters.bazelBuildExtraOptions }}" + BAZEL_REMOTE_CACHE: $(LocalBuildCache) - displayName: "Run CI script" + displayName: "Run CI script" - - bash: | - echo "disk space at end of build:" - df -h - # Cleanup offending files with unicode names - rm -rf $(Build.StagingDirectory)/tmp/*/*/external/go_sdk/test/fixedbugs - displayName: "Check disk space at end" - condition: always() +- bash: | + echo "disk space at end of build:" + df -h + # Cleanup offending files with unicode names + rm -rf $(Build.StagingDirectory)/tmp/*/*/external/go_sdk/test/fixedbugs + displayName: "Check disk space at end" + condition: always() - - task: PublishTestResults@2 - inputs: - testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" - testRunTitle: "${{ parameters.ciTarget }}" - searchFolder: $(Build.StagingDirectory)/tmp - condition: always() +- task: PublishTestResults@2 + inputs: + testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" + testRunTitle: "${{ parameters.ciTarget }}" + searchFolder: $(Build.StagingDirectory)/tmp + condition: always() - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/envoy" - artifactName: ${{ parameters.ciTarget }}${{ parameters.artifactSuffix }} - condition: always() +- task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/envoy" + artifactName: ${{ parameters.ciTarget }}${{ parameters.artifactSuffix }} + condition: always() diff --git a/.azure-pipelines/cve_scan.yml b/.azure-pipelines/cve_scan.yml index 322adae2bb71..7c951df66f68 100644 --- a/.azure-pipelines/cve_scan.yml +++ b/.azure-pipelines/cve_scan.yml @@ -15,8 +15,8 @@ schedules: pool: vmImage: "ubuntu-18.04" steps: - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh cve_scan' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - displayName: "Scan for CVEs in dependencies" +- script: ci/run_envoy_docker.sh 'ci/do_ci.sh cve_scan' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + displayName: "Scan for CVEs in dependencies" diff --git a/.azure-pipelines/pipelines.yml b/.azure-pipelines/pipelines.yml index bac100bfca96..e52b2f7f9406 100644 --- a/.azure-pipelines/pipelines.yml +++ b/.azure-pipelines/pipelines.yml @@ -1,540 +1,540 @@ trigger: branches: include: - - "main" - - "release/v*" + - "main" + - "release/v*" tags: include: - - "v*" + - "v*" # PR build config is manually overridden in Azure pipelines UI with different secrets pr: none stages: - - stage: precheck - jobs: - - job: format_pre - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh format_pre' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - displayName: "Run format pre-checks" - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/fix_format_pre.diff" - artifactName: format - # not all have fixes so improve condition/handling - condition: failed() - - - job: tooling - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh tooling' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - displayName: "Run tooling checks" - - - script: | - ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/tooling tooling' - displayName: "Upload tooling coverage to GCS" - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) - - - job: format - dependsOn: ["format_pre"] - pool: - vmImage: "ubuntu-18.04" - steps: - - task: Cache@2 - inputs: - key: "format | ./WORKSPACE | **/*.bzl" - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true - - - script: ci/run_envoy_docker.sh 'ci/check_and_fix_format.sh' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - displayName: "Run check format scripts" - - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/fix_format.diff" - artifactName: format - condition: failed() - - - job: docs - dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel. - condition: ne(variables['PostSubmit'], true) - pool: - vmImage: "ubuntu-18.04" - steps: - - task: Cache@2 - inputs: - key: "docs | ./WORKSPACE | **/*.bzl" - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true - - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh docs' - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - displayName: "Generate docs" - - - script: | - ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/docs docs' - displayName: "Upload Docs to GCS" - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) - - - job: dependencies - dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel. - pool: - vmImage: "ubuntu-18.04" - steps: - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh deps' - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - GITHUB_TOKEN: $(GitHubPublicRepoOnlyAccessToken) - displayName: "Verify dependency information" - - - stage: sync - condition: and(succeeded(), eq(variables['PostSubmit'], true), ne(variables['NoSync'], true)) +- stage: precheck + jobs: + - job: format_pre dependsOn: [] - jobs: - - job: filter_example - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - task: InstallSSHKey@0 - inputs: - hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" - sshPublicKey: "$(FilterExamplePublicKey)" - sshPassphrase: "$(SshDeployKeyPassphrase)" - sshKeySecureFile: "$(FilterExamplePrivateKey)" - - - bash: ci/filter_example_mirror.sh - displayName: "Sync envoy-filter-example" - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - - - job: data_plane_api - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - task: InstallSSHKey@0 - inputs: - hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" - sshPublicKey: "$(DataPlaneApiPublicKey)" - sshPassphrase: "$(SshDeployKeyPassphrase)" - sshKeySecureFile: "$(DataPlaneApiPrivateKey)" - - - bash: ci/api_mirror.sh - displayName: "Sync data-plane-api" - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - - - job: go_control_plane - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - task: InstallSSHKey@0 - inputs: - hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" - sshPublicKey: "$(GoControlPlanePublicKey)" - sshPassphrase: "$(SshDeployKeyPassphrase)" - sshKeySecureFile: "$(GoControlPlanePrivateKey)" - - - bash: | - cp -a ~/.ssh $(Build.StagingDirectory)/ - ci/run_envoy_docker.sh 'ci/go_mirror.sh' - displayName: "Sync go-control-plane" - workingDirectory: $(Build.SourcesDirectory) - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - AZP_BRANCH: $(Build.SourceBranch) - - - stage: linux_x64 - dependsOn: ["precheck"] - # For post-submit builds, continue even if precheck fails - condition: and(not(canceled()), or(succeeded(), eq(variables['PostSubmit'], true))) - jobs: - - job: release - timeoutInMinutes: 120 - pool: - vmImage: "ubuntu-18.04" - steps: - - template: bazel.yml - parameters: - ciTarget: bazel.release - - - stage: linux_arm64 - dependsOn: ["precheck"] - # For post-submit builds, continue even if precheck fails - condition: and(not(canceled()), or(succeeded(), eq(variables['PostSubmit'], true))) - jobs: - - job: release - timeoutInMinutes: 120 - pool: "arm-large" - steps: - - template: bazel.yml - parameters: - managedAgent: false - ciTarget: bazel.release - rbe: false - artifactSuffix: ".arm64" - bazelBuildExtraOptions: "--sandbox_base=/tmp/sandbox_base" - - - stage: check - dependsOn: ["linux_x64"] - jobs: - - job: bazel - displayName: "linux_x64" - dependsOn: [] - strategy: - maxParallel: 3 - matrix: - api: - CI_TARGET: "bazel.api" - gcc: - CI_TARGET: "bazel.gcc" - clang_tidy: - CI_TARGET: "bazel.clang_tidy" - asan: - CI_TARGET: "bazel.asan" - tsan: - CI_TARGET: "bazel.tsan" - compile_time_options: - CI_TARGET: "bazel.compile_time_options" - timeoutInMinutes: 120 - pool: - vmImage: "ubuntu-18.04" - steps: - - template: bazel.yml - parameters: - ciTarget: $(CI_TARGET) - - - job: coverage - displayName: "linux_x64" - dependsOn: [] - timeoutInMinutes: 120 - pool: "x64-large" - strategy: - maxParallel: 2 - matrix: - coverage: - CI_TARGET: "coverage" - fuzz_coverage: - CI_TARGET: "fuzz_coverage" - steps: - - template: bazel.yml - parameters: - managedAgent: false - ciTarget: bazel.$(CI_TARGET) - rbe: false - # /tmp/sandbox_base is a tmpfs in CI environment to optimize large I/O for coverage traces - bazelBuildExtraOptions: "--define=no_debug_info=1 --linkopt=-Wl,-s --test_env=ENVOY_IP_TEST_VERSIONS=v4only --sandbox_base=/tmp/sandbox_base" - - - script: ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/$(CI_TARGET) $(CI_TARGET)' - displayName: "Upload $(CI_TARGET) Report to GCS" - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) - condition: always() - - - stage: docker - dependsOn: ["linux_x64", "linux_arm64"] - jobs: - - job: docker - displayName: "linux multiarch" - pool: - vmImage: "ubuntu-18.04" - steps: - - bash: .azure-pipelines/cleanup.sh - displayName: "Removing tools from agent" - - bash: | - echo "disk space at beginning of build:" - df -h - displayName: "Check disk space at beginning" - - task: DownloadBuildArtifacts@0 - inputs: - buildType: current - artifactName: "bazel.release" - itemPattern: "bazel.release/envoy_binary.tar.gz" - downloadType: single - targetPath: $(Build.StagingDirectory) - - task: DownloadBuildArtifacts@0 - inputs: - buildType: current - artifactName: "bazel.release.arm64" - itemPattern: "bazel.release.arm64/envoy_binary.tar.gz" - downloadType: single - targetPath: $(Build.StagingDirectory) - - bash: | - set -e - mkdir -p linux/amd64 && tar zxf $(Build.StagingDirectory)/bazel.release/envoy_binary.tar.gz -C ./linux/amd64 - mkdir -p linux/arm64 && tar zxf $(Build.StagingDirectory)/bazel.release.arm64/envoy_binary.tar.gz -C ./linux/arm64 - ci/docker_ci.sh - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - AZP_SHA1: $(Build.SourceVersion) - DOCKERHUB_USERNAME: $(DockerUsername) - DOCKERHUB_PASSWORD: $(DockerPassword) - - bash: | - echo "disk space at end of build:" - df -h - displayName: "Check disk space at end" - condition: always() - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/build_images" - artifactName: docker - condition: always() - - - stage: docs - dependsOn: ["docker"] - condition: and(succeeded(), eq(variables['PostSubmit'], true), ne(variables['NoSync'], true)) - jobs: - - job: publish - pool: - vmImage: "ubuntu-18.04" - steps: - - task: Cache@2 - inputs: - key: "docs | ./WORKSPACE | **/*.bzl" - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true - - - script: ci/run_envoy_docker.sh 'ci/do_ci.sh docs' - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - displayName: "Generate docs" - - - task: InstallSSHKey@0 - inputs: - hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" - sshPublicKey: "$(DocsPublicKey)" - sshPassphrase: "$(SshDeployKeyPassphrase)" - sshKeySecureFile: "$(DocsPrivateKey)" - - - script: docs/publish.sh - displayName: "Publish to GitHub" - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - - - stage: verify - dependsOn: ["docker"] - jobs: - - job: examples - pool: - vmImage: "ubuntu-18.04" - steps: - - task: DownloadBuildArtifacts@0 - inputs: - buildType: current - artifactName: "docker" - itemPattern: "docker/envoy-docker-images.tar.xz" - downloadType: single - targetPath: $(Build.StagingDirectory) - - bash: ./ci/do_ci.sh verify_examples - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - NO_BUILD_SETUP: 1 - - job: examples_build - dependsOn: [] - pool: - vmImage: "ubuntu-18.04" - steps: - - task: DownloadBuildArtifacts@0 - inputs: - buildType: current - artifactName: "docker" - itemPattern: "docker/envoy-docker-images.tar.xz" - downloadType: single - targetPath: $(Build.StagingDirectory) - - bash: ./ci/do_ci.sh verify_build_examples - env: - ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) - NO_BUILD_SETUP: 1 - - - stage: macos - dependsOn: ["precheck"] - jobs: - - job: test - timeoutInMinutes: 180 - pool: - vmImage: "macos-latest" - steps: - - script: ./ci/mac_ci_setup.sh - displayName: "Install dependencies" - - - script: ./ci/mac_ci_steps.sh - displayName: "Run Mac CI" - env: - BAZEL_BUILD_EXTRA_OPTIONS: "--remote_download_toplevel --flaky_test_attempts=2" - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - - - task: PublishTestResults@2 - inputs: - testResultsFiles: "**/bazel-testlogs/**/test.xml" - testRunTitle: "macOS" - condition: always() - - - script: ./ci/flaky_test/run_process_xml.sh - displayName: "Process Test Results" - env: - TEST_TMPDIR: $(Build.SourcesDirectory) - SLACK_TOKEN: $(SLACK_TOKEN) - CI_TARGET: "MacOS" - REPO_URI: $(Build.Repository.Uri) - BUILD_URI: $(Build.BuildUri) - - - stage: windows - dependsOn: ["precheck"] - jobs: - - job: release - timeoutInMinutes: 120 - pool: - vmImage: "windows-latest" - steps: - - task: Cache@2 - inputs: - key: '"windows.release" | ./WORKSPACE | **/*.bzl' - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true - - bash: ci/run_envoy_docker.sh ci/windows_ci_steps.sh - displayName: "Run Windows msvc-cl CI" - env: - CI_TARGET: "windows" - ENVOY_DOCKER_BUILD_DIR: "$(Build.StagingDirectory)" - SLACK_TOKEN: $(SLACK_TOKEN) - REPO_URI: $(Build.Repository.Uri) - BUILD_URI: $(Build.BuildUri) - ENVOY_RBE: "true" - BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --config=remote-msvc-cl --jobs=$(RbeJobs) --flaky_test_attempts=2" - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - - task: PublishTestResults@2 - inputs: - testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" - testRunTitle: "windows" - searchFolder: $(Build.StagingDirectory)/tmp - condition: always() - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/envoy" - artifactName: windows.release - condition: always() - - - job: clang_cl - timeoutInMinutes: 120 - pool: - vmImage: "windows-latest" - steps: - - task: Cache@2 - inputs: - key: '"windows.release" | ./WORKSPACE | **/*.bzl' - path: $(Build.StagingDirectory)/repository_cache - continueOnError: true - - bash: ci/run_envoy_docker.sh ci/windows_ci_steps.sh - displayName: "Run Windows clang-cl CI" - env: - CI_TARGET: "windows" - ENVOY_DOCKER_BUILD_DIR: "$(Build.StagingDirectory)" - SLACK_TOKEN: $(SLACK_TOKEN) - REPO_URI: $(Build.Repository.Uri) - BUILD_URI: $(Build.BuildUri) - ENVOY_RBE: "true" - BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --config=remote-clang-cl --jobs=$(RbeJobs) --flaky_test_attempts=2" - BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com - BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance - GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) - - task: PublishTestResults@2 - inputs: - testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" - testRunTitle: "clang-cl" - searchFolder: $(Build.StagingDirectory)/tmp - condition: always() - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/envoy" - artifactName: windows.clang-cl - condition: always() - - - job: docker - dependsOn: ["release"] - timeoutInMinutes: 120 - pool: - vmImage: "windows-latest" - steps: - - task: DownloadBuildArtifacts@0 - inputs: - buildType: current - artifactName: "windows.release" - itemPattern: "windows.release/envoy_binary.tar.gz" - downloadType: single - targetPath: $(Build.StagingDirectory) - - bash: | - set -e - # Convert to Unix-style path so tar doesn't think drive letter is a hostname - STAGING_DIR="/$(echo '$(Build.StagingDirectory)' | tr -d ':' | tr '\\' '/')" - mkdir -p windows/amd64 && tar zxf "${STAGING_DIR}/windows.release/envoy_binary.tar.gz" -C ./windows/amd64 - ci/docker_ci.sh - workingDirectory: $(Build.SourcesDirectory) - env: - AZP_BRANCH: $(Build.SourceBranch) - AZP_SHA1: $(Build.SourceVersion) - DOCKERHUB_USERNAME: $(DockerUsername) - DOCKERHUB_PASSWORD: $(DockerPassword) - - task: PublishBuildArtifacts@1 - inputs: - pathtoPublish: "$(Build.StagingDirectory)/build_images" - artifactName: docker_windows - condition: always() + pool: + vmImage: "ubuntu-18.04" + steps: + - script: ci/run_envoy_docker.sh 'ci/do_ci.sh format_pre' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + displayName: "Run format pre-checks" + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/fix_format_pre.diff" + artifactName: format + # not all have fixes so improve condition/handling + condition: failed() + + - job: tooling + dependsOn: [] + pool: + vmImage: "ubuntu-18.04" + steps: + - script: ci/run_envoy_docker.sh 'ci/do_ci.sh tooling' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + displayName: "Run tooling checks" + + - script: | + ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/tooling tooling' + displayName: "Upload tooling coverage to GCS" + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) + + - job: format + dependsOn: ["format_pre"] + pool: + vmImage: "ubuntu-18.04" + steps: + - task: Cache@2 + inputs: + key: "format | ./WORKSPACE | **/*.bzl" + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true + + - script: ci/run_envoy_docker.sh 'ci/check_and_fix_format.sh' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + displayName: "Run check format scripts" + + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/fix_format.diff" + artifactName: format + condition: failed() + + - job: docs + dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel. + condition: ne(variables['PostSubmit'], true) + pool: + vmImage: "ubuntu-18.04" + steps: + - task: Cache@2 + inputs: + key: "docs | ./WORKSPACE | **/*.bzl" + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true + + - script: ci/run_envoy_docker.sh 'ci/do_ci.sh docs' + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + displayName: "Generate docs" + + - script: | + ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/docs docs' + displayName: "Upload Docs to GCS" + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) + + - job: dependencies + dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel. + pool: + vmImage: "ubuntu-18.04" + steps: + - script: ci/run_envoy_docker.sh 'ci/do_ci.sh deps' + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + GITHUB_TOKEN: $(GitHubPublicRepoOnlyAccessToken) + displayName: "Verify dependency information" + +- stage: sync + condition: and(succeeded(), eq(variables['PostSubmit'], true), ne(variables['NoSync'], true)) + dependsOn: [] + jobs: + - job: filter_example + dependsOn: [] + pool: + vmImage: "ubuntu-18.04" + steps: + - task: InstallSSHKey@0 + inputs: + hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + sshPublicKey: "$(FilterExamplePublicKey)" + sshPassphrase: "$(SshDeployKeyPassphrase)" + sshKeySecureFile: "$(FilterExamplePrivateKey)" + + - bash: ci/filter_example_mirror.sh + displayName: "Sync envoy-filter-example" + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + + - job: data_plane_api + dependsOn: [] + pool: + vmImage: "ubuntu-18.04" + steps: + - task: InstallSSHKey@0 + inputs: + hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + sshPublicKey: "$(DataPlaneApiPublicKey)" + sshPassphrase: "$(SshDeployKeyPassphrase)" + sshKeySecureFile: "$(DataPlaneApiPrivateKey)" + + - bash: ci/api_mirror.sh + displayName: "Sync data-plane-api" + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + + - job: go_control_plane + dependsOn: [] + pool: + vmImage: "ubuntu-18.04" + steps: + - task: InstallSSHKey@0 + inputs: + hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + sshPublicKey: "$(GoControlPlanePublicKey)" + sshPassphrase: "$(SshDeployKeyPassphrase)" + sshKeySecureFile: "$(GoControlPlanePrivateKey)" + + - bash: | + cp -a ~/.ssh $(Build.StagingDirectory)/ + ci/run_envoy_docker.sh 'ci/go_mirror.sh' + displayName: "Sync go-control-plane" + workingDirectory: $(Build.SourcesDirectory) + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + AZP_BRANCH: $(Build.SourceBranch) + +- stage: linux_x64 + dependsOn: ["precheck"] + # For post-submit builds, continue even if precheck fails + condition: and(not(canceled()), or(succeeded(), eq(variables['PostSubmit'], true))) + jobs: + - job: release + timeoutInMinutes: 120 + pool: + vmImage: "ubuntu-18.04" + steps: + - template: bazel.yml + parameters: + ciTarget: bazel.release + +- stage: linux_arm64 + dependsOn: ["precheck"] + # For post-submit builds, continue even if precheck fails + condition: and(not(canceled()), or(succeeded(), eq(variables['PostSubmit'], true))) + jobs: + - job: release + timeoutInMinutes: 120 + pool: "arm-large" + steps: + - template: bazel.yml + parameters: + managedAgent: false + ciTarget: bazel.release + rbe: false + artifactSuffix: ".arm64" + bazelBuildExtraOptions: "--sandbox_base=/tmp/sandbox_base" + +- stage: check + dependsOn: ["linux_x64"] + jobs: + - job: bazel + displayName: "linux_x64" + dependsOn: [] + strategy: + maxParallel: 3 + matrix: + api: + CI_TARGET: "bazel.api" + gcc: + CI_TARGET: "bazel.gcc" + clang_tidy: + CI_TARGET: "bazel.clang_tidy" + asan: + CI_TARGET: "bazel.asan" + tsan: + CI_TARGET: "bazel.tsan" + compile_time_options: + CI_TARGET: "bazel.compile_time_options" + timeoutInMinutes: 120 + pool: + vmImage: "ubuntu-18.04" + steps: + - template: bazel.yml + parameters: + ciTarget: $(CI_TARGET) + + - job: coverage + displayName: "linux_x64" + dependsOn: [] + timeoutInMinutes: 120 + pool: "x64-large" + strategy: + maxParallel: 2 + matrix: + coverage: + CI_TARGET: "coverage" + fuzz_coverage: + CI_TARGET: "fuzz_coverage" + steps: + - template: bazel.yml + parameters: + managedAgent: false + ciTarget: bazel.$(CI_TARGET) + rbe: false + # /tmp/sandbox_base is a tmpfs in CI environment to optimize large I/O for coverage traces + bazelBuildExtraOptions: "--define=no_debug_info=1 --linkopt=-Wl,-s --test_env=ENVOY_IP_TEST_VERSIONS=v4only --sandbox_base=/tmp/sandbox_base" + + - script: ci/run_envoy_docker.sh 'ci/upload_gcs_artifact.sh /source/generated/$(CI_TARGET) $(CI_TARGET)' + displayName: "Upload $(CI_TARGET) Report to GCS" + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + GCS_ARTIFACT_BUCKET: $(GcsArtifactBucket) + condition: always() + +- stage: docker + dependsOn: ["linux_x64", "linux_arm64"] + jobs: + - job: docker + displayName: "linux multiarch" + pool: + vmImage: "ubuntu-18.04" + steps: + - bash: .azure-pipelines/cleanup.sh + displayName: "Removing tools from agent" + - bash: | + echo "disk space at beginning of build:" + df -h + displayName: "Check disk space at beginning" + - task: DownloadBuildArtifacts@0 + inputs: + buildType: current + artifactName: "bazel.release" + itemPattern: "bazel.release/envoy_binary.tar.gz" + downloadType: single + targetPath: $(Build.StagingDirectory) + - task: DownloadBuildArtifacts@0 + inputs: + buildType: current + artifactName: "bazel.release.arm64" + itemPattern: "bazel.release.arm64/envoy_binary.tar.gz" + downloadType: single + targetPath: $(Build.StagingDirectory) + - bash: | + set -e + mkdir -p linux/amd64 && tar zxf $(Build.StagingDirectory)/bazel.release/envoy_binary.tar.gz -C ./linux/amd64 + mkdir -p linux/arm64 && tar zxf $(Build.StagingDirectory)/bazel.release.arm64/envoy_binary.tar.gz -C ./linux/arm64 + ci/docker_ci.sh + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + AZP_SHA1: $(Build.SourceVersion) + DOCKERHUB_USERNAME: $(DockerUsername) + DOCKERHUB_PASSWORD: $(DockerPassword) + - bash: | + echo "disk space at end of build:" + df -h + displayName: "Check disk space at end" + condition: always() + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/build_images" + artifactName: docker + condition: always() + +- stage: docs + dependsOn: ["docker"] + condition: and(succeeded(), eq(variables['PostSubmit'], true), ne(variables['NoSync'], true)) + jobs: + - job: publish + pool: + vmImage: "ubuntu-18.04" + steps: + - task: Cache@2 + inputs: + key: "docs | ./WORKSPACE | **/*.bzl" + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true + + - script: ci/run_envoy_docker.sh 'ci/do_ci.sh docs' + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + displayName: "Generate docs" + + - task: InstallSSHKey@0 + inputs: + hostName: "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + sshPublicKey: "$(DocsPublicKey)" + sshPassphrase: "$(SshDeployKeyPassphrase)" + sshKeySecureFile: "$(DocsPrivateKey)" + + - script: docs/publish.sh + displayName: "Publish to GitHub" + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + +- stage: verify + dependsOn: ["docker"] + jobs: + - job: examples + pool: + vmImage: "ubuntu-18.04" + steps: + - task: DownloadBuildArtifacts@0 + inputs: + buildType: current + artifactName: "docker" + itemPattern: "docker/envoy-docker-images.tar.xz" + downloadType: single + targetPath: $(Build.StagingDirectory) + - bash: ./ci/do_ci.sh verify_examples + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + NO_BUILD_SETUP: 1 + - job: examples_build + dependsOn: [] + pool: + vmImage: "ubuntu-18.04" + steps: + - task: DownloadBuildArtifacts@0 + inputs: + buildType: current + artifactName: "docker" + itemPattern: "docker/envoy-docker-images.tar.xz" + downloadType: single + targetPath: $(Build.StagingDirectory) + - bash: ./ci/do_ci.sh verify_build_examples + env: + ENVOY_DOCKER_BUILD_DIR: $(Build.StagingDirectory) + NO_BUILD_SETUP: 1 + +- stage: macos + dependsOn: ["precheck"] + jobs: + - job: test + timeoutInMinutes: 180 + pool: + vmImage: "macos-latest" + steps: + - script: ./ci/mac_ci_setup.sh + displayName: "Install dependencies" + + - script: ./ci/mac_ci_steps.sh + displayName: "Run Mac CI" + env: + BAZEL_BUILD_EXTRA_OPTIONS: "--remote_download_toplevel --flaky_test_attempts=2" + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + + - task: PublishTestResults@2 + inputs: + testResultsFiles: "**/bazel-testlogs/**/test.xml" + testRunTitle: "macOS" + condition: always() + + - script: ./ci/flaky_test/run_process_xml.sh + displayName: "Process Test Results" + env: + TEST_TMPDIR: $(Build.SourcesDirectory) + SLACK_TOKEN: $(SLACK_TOKEN) + CI_TARGET: "MacOS" + REPO_URI: $(Build.Repository.Uri) + BUILD_URI: $(Build.BuildUri) + +- stage: windows + dependsOn: ["precheck"] + jobs: + - job: release + timeoutInMinutes: 120 + pool: + vmImage: "windows-latest" + steps: + - task: Cache@2 + inputs: + key: '"windows.release" | ./WORKSPACE | **/*.bzl' + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true + - bash: ci/run_envoy_docker.sh ci/windows_ci_steps.sh + displayName: "Run Windows msvc-cl CI" + env: + CI_TARGET: "windows" + ENVOY_DOCKER_BUILD_DIR: "$(Build.StagingDirectory)" + SLACK_TOKEN: $(SLACK_TOKEN) + REPO_URI: $(Build.Repository.Uri) + BUILD_URI: $(Build.BuildUri) + ENVOY_RBE: "true" + BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --config=remote-msvc-cl --jobs=$(RbeJobs) --flaky_test_attempts=2" + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + - task: PublishTestResults@2 + inputs: + testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" + testRunTitle: "windows" + searchFolder: $(Build.StagingDirectory)/tmp + condition: always() + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/envoy" + artifactName: windows.release + condition: always() + + - job: clang_cl + timeoutInMinutes: 120 + pool: + vmImage: "windows-latest" + steps: + - task: Cache@2 + inputs: + key: '"windows.release" | ./WORKSPACE | **/*.bzl' + path: $(Build.StagingDirectory)/repository_cache + continueOnError: true + - bash: ci/run_envoy_docker.sh ci/windows_ci_steps.sh + displayName: "Run Windows clang-cl CI" + env: + CI_TARGET: "windows" + ENVOY_DOCKER_BUILD_DIR: "$(Build.StagingDirectory)" + SLACK_TOKEN: $(SLACK_TOKEN) + REPO_URI: $(Build.Repository.Uri) + BUILD_URI: $(Build.BuildUri) + ENVOY_RBE: "true" + BAZEL_BUILD_EXTRA_OPTIONS: "--config=remote-ci --config=remote-clang-cl --jobs=$(RbeJobs) --flaky_test_attempts=2" + BAZEL_REMOTE_CACHE: grpcs://remotebuildexecution.googleapis.com + BAZEL_REMOTE_INSTANCE: projects/envoy-ci/instances/default_instance + GCP_SERVICE_ACCOUNT_KEY: $(GcpServiceAccountKey) + - task: PublishTestResults@2 + inputs: + testResultsFiles: "**/bazel-out/**/testlogs/**/test.xml" + testRunTitle: "clang-cl" + searchFolder: $(Build.StagingDirectory)/tmp + condition: always() + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/envoy" + artifactName: windows.clang-cl + condition: always() + + - job: docker + dependsOn: ["release"] + timeoutInMinutes: 120 + pool: + vmImage: "windows-latest" + steps: + - task: DownloadBuildArtifacts@0 + inputs: + buildType: current + artifactName: "windows.release" + itemPattern: "windows.release/envoy_binary.tar.gz" + downloadType: single + targetPath: $(Build.StagingDirectory) + - bash: | + set -e + # Convert to Unix-style path so tar doesn't think drive letter is a hostname + STAGING_DIR="/$(echo '$(Build.StagingDirectory)' | tr -d ':' | tr '\\' '/')" + mkdir -p windows/amd64 && tar zxf "${STAGING_DIR}/windows.release/envoy_binary.tar.gz" -C ./windows/amd64 + ci/docker_ci.sh + workingDirectory: $(Build.SourcesDirectory) + env: + AZP_BRANCH: $(Build.SourceBranch) + AZP_SHA1: $(Build.SourceVersion) + DOCKERHUB_USERNAME: $(DockerUsername) + DOCKERHUB_PASSWORD: $(DockerPassword) + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: "$(Build.StagingDirectory)/build_images" + artifactName: docker_windows + condition: always() diff --git a/.bazelci/presubmit.yml b/.bazelci/presubmit.yml index befd00065cbd..75461d072394 100644 --- a/.bazelci/presubmit.yml +++ b/.bazelci/presubmit.yml @@ -4,34 +4,35 @@ tasks: name: "RBE" platform: ubuntu1804 test_targets: - - "//test/common/common/..." - - "//test/integration/..." - - "//test/exe/..." + - "//test/common/common/..." + - "//test/integration/..." + - "//test/exe/..." test_flags: - - "--config=remote-clang-libc++" - - "--config=remote-ci" - - "--define=wasm=disabled" - - "--jobs=75" + - "--config=remote-clang-libc++" + - "--config=remote-ci" + - "--define=wasm=disabled" + - "--jobs=75" coverage: name: "Coverage" platform: ubuntu1804 shell_commands: - - "bazel/setup_clang.sh /usr/lib/llvm-10" + - "bazel/setup_clang.sh /usr/lib/llvm-10" test_targets: - - "//test/common/common/..." - - "//test/integration/..." - - "//test/exe/..." + - "//test/common/common/..." + - "//test/integration/..." + - "//test/exe/..." test_flags: - - "--config=coverage" - - "--config=clang" - fuzz_coverage: - name: "Fuzz-Coverage" - platform: ubuntu1804 - shell_commands: - - "bazel/setup_clang.sh /usr/lib/llvm-10" - test_targets: - - "//test/server:server_fuzz_test" - test_flags: - - "--config=fuzz-coverage" - - "--config=coverage" - - "--config=clang" + - "--config=coverage" + - "--config=clang" +# Re-enable after fixing https://github.com/envoyproxy/envoy/issues/16542 +# fuzz_coverage: +# name: "Fuzz-Coverage" +# platform: ubuntu1804 +# shell_commands: +# - "bazel/setup_clang.sh /usr/lib/llvm-10" +# test_targets: +# - "//test/server:server_fuzz_test" +# test_flags: +# - "--config=fuzz-coverage" +# - "--config=coverage" +# - "--config=clang" diff --git a/.bazelrc b/.bazelrc index 21d0db6bb1a6..7d5c4ce1e86b 100644 --- a/.bazelrc +++ b/.bazelrc @@ -10,6 +10,9 @@ # Startup options cannot be selected via config. startup --host_jvm_args=-Xmx2g +run --color=yes + +build --color=yes build --workspace_status_command="bash bazel/get_workspace_status" build --experimental_strict_action_env=true build --host_force_python=PY3 @@ -46,6 +49,10 @@ build:sanitizer --test_tag_filters=-no_san build:clang --action_env=BAZEL_COMPILER=clang build:clang --linkopt=-fuse-ld=lld +# Flags for Clang + PCH +build:clang-pch --spawn_strategy=local +build:clang-pch --define=ENVOY_CLANG_PCH=1 + # Basic ASAN/UBSAN that works for gcc build:asan --action_env=ENVOY_ASAN=1 build:asan --config=sanitizer diff --git a/.bazelversion b/.bazelversion index 0b2eb36f5085..ee74734aa225 100644 --- a/.bazelversion +++ b/.bazelversion @@ -1 +1 @@ -3.7.2 +4.1.0 diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 6b7929f71eb9..77852d506a02 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -9,6 +9,7 @@ "--security-opt=seccomp=unconfined", "--volume=${env:HOME}:${env:HOME}", "--volume=envoy-build:/build", + "--network=host", // Uncomment next line if you have devcontainer.env // "--env-file=.devcontainer/devcontainer.env" ], diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index cf659d48fe60..e15c5a08f654 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,5 +1,5 @@ blank_issues_enabled: false contact_links: - - name: "Crash bug" - url: https://github.com/envoyproxy/envoy/security/policy - about: "Please file any crash bug with envoy-security@googlegroups.com." +- name: "Crash bug" + url: https://github.com/envoyproxy/envoy/security/policy + about: "Please file any crash bug with envoy-security@googlegroups.com." diff --git a/.github/actions/pr_notifier/pr_notifier.py b/.github/actions/pr_notifier/pr_notifier.py new file mode 100644 index 000000000000..066f172c0cec --- /dev/null +++ b/.github/actions/pr_notifier/pr_notifier.py @@ -0,0 +1,210 @@ +# Script for collecting PRs in need of review, and informing maintainers via +# slack + +from __future__ import print_function + +import datetime +import os +import sys + +import github +from slack_sdk import WebClient +from slack_sdk.errors import SlackApiError + +MAINTAINERS = { + 'alyssawilk': 'U78RP48V9', + 'dio': 'U79S2DFV1', + 'mattklein123': 'U5CALEVSL', + 'lizan': 'U79E51EQ6', + 'snowp': 'U93KTPQP6', + 'ggreenway': 'U78MBV869', + 'htuch': 'U78E7055Z', + 'zuercher': 'U78J72Q82', + 'phlax': 'U017PLM0GNQ', + 'jmarantz': 'U80HPLBPG', + 'antoniovicente': 'UKVNCQ212', + 'junr03': 'U79K0Q431', + 'wrowe': 'UBQR8NGBS', + 'yanavlasov': 'UJHLR5KFS', + 'asraa': 'UKZKCFRTP', +} + +# Only notify API reviewers who aren't maintainers. +# Maintainers are already notified of pending PRs. +API_REVIEWERS = { + 'markdroth': 'UMN8K55A6', + 'adisuissa': 'UT17EMMTP', +} + + +def get_slo_hours(): + # on Monday, allow for 24h + 48h + if datetime.date.today().weekday() == 0: + return 72 + return 24 + + +# Return true if the PR has a waiting tag, false otherwise. +def is_waiting(labels): + for label in labels: + if label.name == 'waiting' or label.name == 'waiting:any': + return True + return False + + +# Return true if the PR has an API tag, false otherwise. +def is_api(labels): + for label in labels: + if label.name == 'api': + return True + return False + + +# Generate a pr message, bolding the time if it's out-SLO +def pr_message(pr_age, pr_url, pr_title, delta_days, delta_hours): + if pr_age < datetime.timedelta(hours=get_slo_hours()): + return "<%s|%s> has been waiting %s days %s hours\n" % ( + pr_url, pr_title, delta_days, delta_hours) + else: + return "<%s|%s> has been waiting *%s days %s hours*\n" % ( + pr_url, pr_title, delta_days, delta_hours) + + +# Adds reminder lines to the appropriate assignee to review the assigned PRs +# Returns true if one of the assignees is in the known_assignee_map, false otherwise. +def add_reminders(assignees, assignees_and_prs, message, known_assignee_map): + has_known_assignee = False + for assignee_info in assignees: + assignee = assignee_info.login + if assignee not in known_assignee_map: + continue + has_known_assignee = True + if assignee not in assignees_and_prs.keys(): + assignees_and_prs[ + assignee] = "Hello, %s, here are your PR reminders for the day \n" % assignee + assignees_and_prs[assignee] = assignees_and_prs[assignee] + message + return has_known_assignee + + +# Returns true if the PR needs an LGTM from an API shephard. +def needs_api_review(labels, repo, pr_info): + # API reviews should always have the label, so don't bother doing an RPC if + # it's not tagged (this helps avoid github rate limiting) + if not (is_api(labels)): + return False + # repokitten tags each commit as pending unless there has been an API LGTM + # since the latest API changes. If this PR is tagged pendding it needs an + # API review, otherwise it's set. + headers, data = repo._requester.requestJsonAndCheck( + "GET", + ("https://api.github.com/repos/envoyproxy/envoy/statuses/" + pr_info.head.sha), + ) + if (data and data[0]["state"] == 'pending'): + return True + return False + + +def track_prs(): + git = github.Github() + repo = git.get_repo('envoyproxy/envoy') + + # The list of PRs which are not waiting, but are well within review SLO + recent_prs = [] + # A dict of maintainer : outstanding_pr_string to be sent to slack + maintainers_and_prs = {} + # A placeholder for unassigned PRs, to be sent to #maintainers eventually + maintainers_and_prs['unassigned'] = "" + # A dict of shephard : outstanding_pr_string to be sent to slack + api_review_and_prs = {} + # Out-SLO PRs to be sent to #envoy-maintainer-oncall + stalled_prs = "" + + # Snag all PRs, including drafts + for pr_info in repo.get_pulls("open", "updated", "desc"): + labels = pr_info.labels + assignees = pr_info.assignees + # If the PR is waiting, continue. + if is_waiting(labels): + continue + if pr_info.draft: + continue + + # Update the time based on the time zone delta from github's + pr_age = pr_info.updated_at - datetime.timedelta(hours=4) + delta = datetime.datetime.now() - pr_age + delta_days = delta.days + delta_hours = delta.seconds // 3600 + + # If we get to this point, the review may be in SLO - nudge if it's in + # SLO, nudge in bold if not. + message = pr_message(delta, pr_info.html_url, pr_info.title, delta_days, delta_hours) + + if (needs_api_review(labels, repo, pr_info)): + add_reminders(pr_info.assignees, api_review_and_prs, message, API_REVIEWERS) + + # If the PR has been out-SLO for over a day, inform on-call + if delta > datetime.timedelta(hours=get_slo_hours() + 36): + stalled_prs = stalled_prs + message + + # Add a reminder to each maintainer-assigner on the PR. + has_maintainer_assignee = add_reminders( + pr_info.assignees, maintainers_and_prs, message, MAINTAINERS) + + # If there was no maintainer, track it as unassigned. + if not has_maintainer_assignee: + maintainers_and_prs['unassigned'] = maintainers_and_prs['unassigned'] + message + + # Return the dict of {maintainers : PR notifications}, + # the dict of {api-shephards-who-are-not-maintainers: PR notifications}, + # and stalled PRs + return maintainers_and_prs, api_review_and_prs, stalled_prs + + +def post_to_assignee(client, assignees_and_messages, assignees_map): + # Post updates to individual assignees + for key in assignees_and_messages: + message = assignees_and_messages[key] + + # Only send messages if we have the slack UID + if key not in assignees_map: + continue + uid = assignees_map[key] + + # Ship messages off to slack. + try: + print(assignees_and_messages[key]) + response = client.conversations_open(users=uid, text="hello") + channel_id = response["channel"]["id"] + response = client.chat_postMessage(channel=channel_id, text=message) + except SlackApiError as e: + print("Unexpected error %s", e.response["error"]) + + +def post_to_oncall(client, unassigned_prs, out_slo_prs): + # Post updates to #envoy-maintainer-oncall + unassigned_prs = maintainers_and_messages['unassigned'] + if unassigned_prs: + try: + response = client.chat_postMessage( + channel='#envoy-maintainer-oncall', + text=("*'Unassigned' PRs* (PRs with no maintainer assigned)\n%s" % unassigned_prs)) + response = client.chat_postMessage( + channel='#envoy-maintainer-oncall', text=("*Stalled PRs*\n\n%s" % out_slo_prs)) + except SlackApiError as e: + print("Unexpected error %s", e.response["error"]) + + +if __name__ == '__main__': + maintainers_and_messages, shephards_and_messages, stalled_prs = track_prs() + + SLACK_BOT_TOKEN = os.getenv('SLACK_BOT_TOKEN') + if not SLACK_BOT_TOKEN: + print( + 'Missing SLACK_BOT_TOKEN: please export token from https://api.slack.com/apps/A023NPQQ33K/oauth?' + ) + sys.exit(1) + + client = WebClient(token=SLACK_BOT_TOKEN) + post_to_oncall(client, maintainers_and_messages['unassigned'], stalled_prs) + post_to_assignee(client, shephards_and_messages, API_REVIEWERS) + post_to_assignee(client, maintainers_and_messages, MAINTAINERS) diff --git a/.github/actions/pr_notifier/requirements.txt b/.github/actions/pr_notifier/requirements.txt new file mode 100644 index 000000000000..253c687e5fe7 --- /dev/null +++ b/.github/actions/pr_notifier/requirements.txt @@ -0,0 +1,124 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --generate-hashes .github/actions/pr_notifier/requirements.txt +# +certifi==2021.5.30 \ + --hash=sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee \ + --hash=sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8 + # via requests +cffi==1.14.5 \ + --hash=sha256:005a36f41773e148deac64b08f233873a4d0c18b053d37da83f6af4d9087b813 \ + --hash=sha256:04c468b622ed31d408fea2346bec5bbffba2cc44226302a0de1ade9f5ea3d373 \ + --hash=sha256:06d7cd1abac2ffd92e65c0609661866709b4b2d82dd15f611e602b9b188b0b69 \ + --hash=sha256:06db6321b7a68b2bd6df96d08a5adadc1fa0e8f419226e25b2a5fbf6ccc7350f \ + --hash=sha256:0857f0ae312d855239a55c81ef453ee8fd24136eaba8e87a2eceba644c0d4c06 \ + --hash=sha256:0f861a89e0043afec2a51fd177a567005847973be86f709bbb044d7f42fc4e05 \ + --hash=sha256:1071534bbbf8cbb31b498d5d9db0f274f2f7a865adca4ae429e147ba40f73dea \ + --hash=sha256:158d0d15119b4b7ff6b926536763dc0714313aa59e320ddf787502c70c4d4bee \ + --hash=sha256:1bf1ac1984eaa7675ca8d5745a8cb87ef7abecb5592178406e55858d411eadc0 \ + --hash=sha256:1f436816fc868b098b0d63b8920de7d208c90a67212546d02f84fe78a9c26396 \ + --hash=sha256:24a570cd11895b60829e941f2613a4f79df1a27344cbbb82164ef2e0116f09c7 \ + --hash=sha256:24ec4ff2c5c0c8f9c6b87d5bb53555bf267e1e6f70e52e5a9740d32861d36b6f \ + --hash=sha256:2894f2df484ff56d717bead0a5c2abb6b9d2bf26d6960c4604d5c48bbc30ee73 \ + --hash=sha256:29314480e958fd8aab22e4a58b355b629c59bf5f2ac2492b61e3dc06d8c7a315 \ + --hash=sha256:293e7ea41280cb28c6fcaaa0b1aa1f533b8ce060b9e701d78511e1e6c4a1de76 \ + --hash=sha256:34eff4b97f3d982fb93e2831e6750127d1355a923ebaeeb565407b3d2f8d41a1 \ + --hash=sha256:35f27e6eb43380fa080dccf676dece30bef72e4a67617ffda586641cd4508d49 \ + --hash=sha256:3c3f39fa737542161d8b0d680df2ec249334cd70a8f420f71c9304bd83c3cbed \ + --hash=sha256:3d3dd4c9e559eb172ecf00a2a7517e97d1e96de2a5e610bd9b68cea3925b4892 \ + --hash=sha256:43e0b9d9e2c9e5d152946b9c5fe062c151614b262fda2e7b201204de0b99e482 \ + --hash=sha256:48e1c69bbacfc3d932221851b39d49e81567a4d4aac3b21258d9c24578280058 \ + --hash=sha256:51182f8927c5af975fece87b1b369f722c570fe169f9880764b1ee3bca8347b5 \ + --hash=sha256:58e3f59d583d413809d60779492342801d6e82fefb89c86a38e040c16883be53 \ + --hash=sha256:5de7970188bb46b7bf9858eb6890aad302577a5f6f75091fd7cdd3ef13ef3045 \ + --hash=sha256:65fa59693c62cf06e45ddbb822165394a288edce9e276647f0046e1ec26920f3 \ + --hash=sha256:681d07b0d1e3c462dd15585ef5e33cb021321588bebd910124ef4f4fb71aef55 \ + --hash=sha256:69e395c24fc60aad6bb4fa7e583698ea6cc684648e1ffb7fe85e3c1ca131a7d5 \ + --hash=sha256:6c97d7350133666fbb5cf4abdc1178c812cb205dc6f41d174a7b0f18fb93337e \ + --hash=sha256:6e4714cc64f474e4d6e37cfff31a814b509a35cb17de4fb1999907575684479c \ + --hash=sha256:72d8d3ef52c208ee1c7b2e341f7d71c6fd3157138abf1a95166e6165dd5d4369 \ + --hash=sha256:8ae6299f6c68de06f136f1f9e69458eae58f1dacf10af5c17353eae03aa0d827 \ + --hash=sha256:8b198cec6c72df5289c05b05b8b0969819783f9418e0409865dac47288d2a053 \ + --hash=sha256:99cd03ae7988a93dd00bcd9d0b75e1f6c426063d6f03d2f90b89e29b25b82dfa \ + --hash=sha256:9cf8022fb8d07a97c178b02327b284521c7708d7c71a9c9c355c178ac4bbd3d4 \ + --hash=sha256:9de2e279153a443c656f2defd67769e6d1e4163952b3c622dcea5b08a6405322 \ + --hash=sha256:9e93e79c2551ff263400e1e4be085a1210e12073a31c2011dbbda14bda0c6132 \ + --hash=sha256:9ff227395193126d82e60319a673a037d5de84633f11279e336f9c0f189ecc62 \ + --hash=sha256:a465da611f6fa124963b91bf432d960a555563efe4ed1cc403ba5077b15370aa \ + --hash=sha256:ad17025d226ee5beec591b52800c11680fca3df50b8b29fe51d882576e039ee0 \ + --hash=sha256:afb29c1ba2e5a3736f1c301d9d0abe3ec8b86957d04ddfa9d7a6a42b9367e396 \ + --hash=sha256:b85eb46a81787c50650f2392b9b4ef23e1f126313b9e0e9013b35c15e4288e2e \ + --hash=sha256:bb89f306e5da99f4d922728ddcd6f7fcebb3241fc40edebcb7284d7514741991 \ + --hash=sha256:cbde590d4faaa07c72bf979734738f328d239913ba3e043b1e98fe9a39f8b2b6 \ + --hash=sha256:cc5a8e069b9ebfa22e26d0e6b97d6f9781302fe7f4f2b8776c3e1daea35f1adc \ + --hash=sha256:cd2868886d547469123fadc46eac7ea5253ea7fcb139f12e1dfc2bbd406427d1 \ + --hash=sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406 \ + --hash=sha256:df5052c5d867c1ea0b311fb7c3cd28b19df469c056f7fdcfe88c7473aa63e333 \ + --hash=sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d \ + --hash=sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c + # via pynacl +chardet==4.0.0 \ + --hash=sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa \ + --hash=sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5 + # via requests +deprecated==1.2.12 \ + --hash=sha256:08452d69b6b5bc66e8330adde0a4f8642e969b9e1702904d137eeb29c8ffc771 \ + --hash=sha256:6d2de2de7931a968874481ef30208fd4e08da39177d61d3d4ebdf4366e7dbca1 + # via pygithub +idna==2.10 \ + --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ + --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 + # via requests +pycparser==2.20 \ + --hash=sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0 \ + --hash=sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705 + # via cffi +pygithub==1.55 \ + --hash=sha256:1bbfff9372047ff3f21d5cd8e07720f3dbfdaf6462fcaed9d815f528f1ba7283 \ + --hash=sha256:2caf0054ea079b71e539741ae56c5a95e073b81fa472ce222e81667381b9601b + # via -r .github/actions/pr_notifier/requirements.txt +pyjwt==2.1.0 \ + --hash=sha256:934d73fbba91b0483d3857d1aff50e96b2a892384ee2c17417ed3203f173fca1 \ + --hash=sha256:fba44e7898bbca160a2b2b501f492824fc8382485d3a6f11ba5d0c1937ce6130 + # via pygithub +pynacl==1.4.0 \ + --hash=sha256:06cbb4d9b2c4bd3c8dc0d267416aaed79906e7b33f114ddbf0911969794b1cc4 \ + --hash=sha256:11335f09060af52c97137d4ac54285bcb7df0cef29014a1a4efe64ac065434c4 \ + --hash=sha256:2fe0fc5a2480361dcaf4e6e7cea00e078fcda07ba45f811b167e3f99e8cff574 \ + --hash=sha256:30f9b96db44e09b3304f9ea95079b1b7316b2b4f3744fe3aaecccd95d547063d \ + --hash=sha256:4e10569f8cbed81cb7526ae137049759d2a8d57726d52c1a000a3ce366779634 \ + --hash=sha256:511d269ee845037b95c9781aa702f90ccc36036f95d0f31373a6a79bd8242e25 \ + --hash=sha256:537a7ccbea22905a0ab36ea58577b39d1fa9b1884869d173b5cf111f006f689f \ + --hash=sha256:54e9a2c849c742006516ad56a88f5c74bf2ce92c9f67435187c3c5953b346505 \ + --hash=sha256:757250ddb3bff1eecd7e41e65f7f833a8405fede0194319f87899690624f2122 \ + --hash=sha256:7757ae33dae81c300487591c68790dfb5145c7d03324000433d9a2c141f82af7 \ + --hash=sha256:7c6092102219f59ff29788860ccb021e80fffd953920c4a8653889c029b2d420 \ + --hash=sha256:8122ba5f2a2169ca5da936b2e5a511740ffb73979381b4229d9188f6dcb22f1f \ + --hash=sha256:9c4a7ea4fb81536c1b1f5cc44d54a296f96ae78c1ebd2311bd0b60be45a48d96 \ + --hash=sha256:c914f78da4953b33d4685e3cdc7ce63401247a21425c16a39760e282075ac4a6 \ + --hash=sha256:cd401ccbc2a249a47a3a1724c2918fcd04be1f7b54eb2a5a71ff915db0ac51c6 \ + --hash=sha256:d452a6746f0a7e11121e64625109bc4468fc3100452817001dbe018bb8b08514 \ + --hash=sha256:ea6841bc3a76fa4942ce00f3bda7d436fda21e2d91602b9e21b7ca9ecab8f3ff \ + --hash=sha256:f8851ab9041756003119368c1e6cd0b9c631f46d686b3904b18c0139f4419f80 + # via pygithub +requests==2.25.1 \ + --hash=sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804 \ + --hash=sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e + # via pygithub +six==1.16.0 \ + --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \ + --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 + # via pynacl +slack-sdk==3.6.0 \ + --hash=sha256:195f044e02a2844579a7a26818ce323e85dde8de224730c859644918d793399e \ + --hash=sha256:e1b257923a1ef88b8620dd3abff94dc5b3eee16ef37975d101ba9e60123ac3af + # via -r .github/actions/pr_notifier/requirements.txt +urllib3==1.26.5 \ + --hash=sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c \ + --hash=sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 + # via requests +wrapt==1.12.1 \ + --hash=sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7 + # via deprecated diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6d5ddefaf215..ee4c89391fac 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,77 +1,97 @@ version: 2 updates: - - package-ecosystem: "pip" - directory: "/test/extensions/filters/network/thrift_proxy" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/source/extensions/filters/network/kafka" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/examples/grpc-bridge/client" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/docs" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/github" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/config_validation" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/dependency" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/deprecate_version" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/protodoc" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/deprecate_features" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/code_format" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/envoy_headersplit" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/ci/flaky_test" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/configs" - schedule: - interval: "daily" - - - package-ecosystem: "pip" - directory: "/tools/testing" - schedule: - interval: "daily" +- package-ecosystem: "pip" + directory: "/.github/actions/pr_notifier" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/test/extensions/filters/network/thrift_proxy" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/source/extensions/filters/network/kafka" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/examples/grpc-bridge/client" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/docs" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/github" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/config_validation" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/dependency" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/deprecate_version" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/extensions" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/protodoc" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/deprecate_features" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/code_format" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/ci/flaky_test" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/configs" + schedule: + interval: "daily" + +- package-ecosystem: "pip" + directory: "/tools/testing" + schedule: + interval: "daily" + +- package-ecosystem: "docker" + directory: "/ci" + schedule: + interval: daily + +- package-ecosystem: "docker" + directory: "/.devcontainer" + schedule: + interval: daily + +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: daily diff --git a/.github/workflows/codeql-daily.yml b/.github/workflows/codeql-daily.yml index 00707a85782a..ad64f8c1f347 100644 --- a/.github/workflows/codeql-daily.yml +++ b/.github/workflows/codeql-daily.yml @@ -1,6 +1,6 @@ on: schedule: - - cron: '0 12 * * 4' + - cron: '0 12 * * 4' jobs: CodeQL-Build: @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -26,10 +26,10 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@a66b44a48a44d63acf71688c56aa168ac171d4cf # v1 # Override language selection by uncommenting this and choosing your languages with: - languages: cpp + languages: cpp - name: Install deps shell: bash @@ -52,4 +52,4 @@ jobs: git clean -xdf - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@a66b44a48a44d63acf71688c56aa168ac171d4cf # v1 diff --git a/.github/workflows/codeql-push.yml b/.github/workflows/codeql-push.yml index 56254401e418..c4569102c82c 100644 --- a/.github/workflows/codeql-push.yml +++ b/.github/workflows/codeql-push.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -34,10 +34,10 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@a66b44a48a44d63acf71688c56aa168ac171d4cf # v1 # Override language selection by uncommenting this and choosing your languages with: - languages: cpp + languages: cpp - name: Install deps shell: bash @@ -63,4 +63,4 @@ jobs: - name: Perform CodeQL Analysis if: env.BUILD_TARGETS != '' - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@a66b44a48a44d63acf71688c56aa168ac171d4cf # v1 diff --git a/.github/workflows/pr_notifier.yml b/.github/workflows/pr_notifier.yml new file mode 100644 index 000000000000..1ccc9695e3dd --- /dev/null +++ b/.github/workflows/pr_notifier.yml @@ -0,0 +1,25 @@ +on: + workflow_dispatch: + schedule: + - cron: '0 5 * * 1,2,3,4,5' + +jobs: + pr_notifier: + name: PR Notifier + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: Set up Python 3.8 + uses: actions/setup-python@v2 + with: + python-version: '3.8' + architecture: 'x64' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r ./.github/actions/pr_notifier/requirements.txt + - name: Notify about PRs + run: python ./.github/actions/pr_notifier/pr_notifier.py + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index f3ce371f510e..017518fe4f05 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,7 +1,7 @@ on: workflow_dispatch: schedule: - - cron: '0 */4 * * *' + - cron: '0 */4 * * *' jobs: prune_stale: @@ -10,7 +10,7 @@ jobs: steps: - name: Prune Stale - uses: actions/stale@v3.0.14 + uses: actions/stale@v3.0.19 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Different amounts of days for issues/PRs are not currently supported but there is a PR diff --git a/.zuul/playbooks/envoy-build/run.yaml b/.zuul/playbooks/envoy-build/run.yaml index 0087029e4a4f..e4fc75422d3e 100644 --- a/.zuul/playbooks/envoy-build/run.yaml +++ b/.zuul/playbooks/envoy-build/run.yaml @@ -1,17 +1,17 @@ - hosts: all become: yes roles: - - role: config-gcc - gcc_version: 7 - - role: config-bazel - bazel_version: 0.28.1 + - role: config-gcc + gcc_version: 7 + - role: config-bazel + bazel_version: 0.28.1 tasks: - - name: Build envoy - shell: - cmd: | - apt update - apt-get update - apt-get install -y \ + - name: Build envoy + shell: + cmd: | + apt update + apt-get update + apt-get install -y \ libtool \ cmake \ automake \ @@ -22,9 +22,9 @@ unzip \ virtualenv - bazel build //source/exe:envoy-static | tee $LOGS_PATH//bazel.txt + bazel build //source/exe:envoy-static | tee $LOGS_PATH//bazel.txt - cp -r ./bazel-bin $RESULTS_PATH - chdir: '{{ zuul.project.src_dir }}' - executable: /bin/bash - environment: '{{ global_env }}' + cp -r ./bazel-bin $RESULTS_PATH + chdir: '{{ zuul.project.src_dir }}' + executable: /bin/bash + environment: '{{ global_env }}' diff --git a/CODEOWNERS b/CODEOWNERS index 90b5d3a35482..3209be230733 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -11,6 +11,8 @@ # compression extensions /*/extensions/compression/common/compressor @rojkov @junr03 /*/extensions/compression/gzip/compressor @rojkov @junr03 +# alternate protocols cache extensions +/*/extensions/filters/http/alternate_protocols_cache @RyanTheOptimist @alyssawilk # csrf extension /*/extensions/filters/http/csrf @dschaller @mattklein123 # original_src http filter extension @@ -65,7 +67,7 @@ extensions/filters/common/original_src @snowp @klarose # postgres_proxy extension /*/extensions/filters/network/postgres_proxy @fabriziomello @cpakulski @dio # quic extension -/*/extensions/quic_listeners/ @alyssawilk @danzh2010 @mattklein123 @mpwarres @wu-bin @ggreenway +/*/extensions/quic/ @alyssawilk @danzh2010 @mattklein123 @mpwarres @wu-bin @ggreenway # zookeeper_proxy extension /*/extensions/filters/network/zookeeper_proxy @rgs1 @snowp # redis cluster extension @@ -79,7 +81,7 @@ extensions/filters/common/original_src @snowp @klarose # omit_canary_hosts retry predicate /*/extensions/retry/host/omit_canary_hosts @sriduth @snowp # HTTP caching extension -/*/extensions/filters/http/cache @toddmgreer @jmarantz +/*/extensions/filters/http/cache @toddmgreer @jmarantz @penguingao @mpwarres @capoferro # aws_iam grpc credentials /*/extensions/grpc_credentials/aws_iam @lavignes @mattklein123 @tonya11en /*/extensions/common/aws @lavignes @mattklein123 @tonya11en @@ -124,6 +126,7 @@ extensions/filters/common/original_src @snowp @klarose /*/extensions/grpc_credentials/file_based_metadata @wozz @htuch /*/extensions/internal_redirect @alyssawilk @penguingao /*/extensions/stat_sinks/dog_statsd @taiki45 @jmarantz +/*/extensions/stat_sinks/graphite_statsd @vaccarium @mattklein123 /*/extensions/stat_sinks/hystrix @trabetti @jmarantz /*/extensions/stat_sinks/metrics_service @ramaraochavali @jmarantz # webassembly stat-sink extensions @@ -143,6 +146,7 @@ extensions/filters/common/original_src @snowp @klarose /*/extensions/clusters/aggregate @yxue @snowp # support for on-demand VHDS requests /*/extensions/filters/http/on_demand @dmitri-d @htuch @lambdai +/*/extensions/filters/network/connection_limit @mattklein123 @alyssawilk @rojkov @delong-coder /*/extensions/filters/network/local_ratelimit @mattklein123 @junr03 /*/extensions/filters/http/aws_request_signing @rgs1 @derekargueta @mattklein123 @marcomagdy @tonya11en /*/extensions/filters/http/aws_lambda @mattklein123 @marcomagdy @lavignes @tonya11en @@ -183,6 +187,12 @@ extensions/filters/http/oauth2 @rgs1 @derekargueta @snowp /*/extensions/filters/common/ext_authz @esmet @gsagula @dio /*/extensions/filters/http/ext_authz @esmet @gsagula @dio /*/extensions/filters/network/ext_authz @esmet @gsagula @dio +# HTTP Bandwidth Limit +/*/extensions/filters/http/bandwidth_limit @nitgoy @mattklein123 @yanavlasov @tonya11en # Original IP detection /*/extensions/http/original_ip_detection/custom_header @rgs1 @alyssawilk @antoniovicente /*/extensions/http/original_ip_detection/xff @rgs1 @alyssawilk @antoniovicente +# set_metadata extension +/*/extensions/filters/http/set_metadata @aguinet @snowp +# Formatters +/*/extensions/formatter/req_without_query @dio @tsaarni diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0190c14a4eb3..4f73d3353d7a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -259,6 +259,7 @@ API can be found [here](api/STYLE.md#adding-an-extension-configuration-to-the-ap Other changes will likely include * Editing [source/extensions/extensions_build_config.bzl](source/extensions/extensions_build_config.bzl) to include the new extensions + * Editing [source/extensions/extensions_metadata.yaml](source/extensions/extensions_metadata.yaml) to include metadata for the new extensions * Editing [docs/root/api-v3/config/config.rst](docs/root/api-v3/config/config.rst) to add area/area * Adding `docs/root/api-v3/config/area/area.rst` to add a table of contents for the API docs * Adding `source/extensions/area/well_known_names.h` for registered plugins diff --git a/DEVELOPER.md b/DEVELOPER.md index 7a4ec69f54c6..5fd3e8ecd65b 100644 --- a/DEVELOPER.md +++ b/DEVELOPER.md @@ -19,7 +19,9 @@ Below is a list of additional documentation to aid the development process: - [Guide to Envoy Bazel rules (managing `BUILD` files)](https://github.com/envoyproxy/envoy/blob/main/bazel/DEVELOPER.md) -- [Using Docker for building and testing](https://github.com/envoyproxy/envoy/tree/main/ci) +- [Guide to setup development environment with Visual Studio Code](https://github.com/envoyproxy/envoy/blob/main/tools/vscode/README.md) + +- [Using Docker for building and testing](https://github.com/envoyproxy/envoy/tree/main/ci#readme) - [Guide to contributing to Envoy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md) @@ -27,7 +29,7 @@ Below is a list of additional documentation to aid the development process: - [Overview of how to write integration tests for new code](https://github.com/envoyproxy/envoy/blob/main/test/integration/README.md) -- [Envoy filter example project (how to consume and extend Envoy as a submodule)](https://github.com/envoyproxy/envoy-filter-example) +- [Envoy filter example project (how to consume and extend Envoy as a submodule)](https://github.com/envoyproxy/envoy-filter-example#readme) - [Performance testing Envoy with `tcmalloc`/`pprof`](https://github.com/envoyproxy/envoy/blob/main/bazel/PPROF.md) diff --git a/OWNERS.md b/OWNERS.md index c897e2541439..f88de100dbc7 100644 --- a/OWNERS.md +++ b/OWNERS.md @@ -40,7 +40,7 @@ routing PRs, questions, etc. to the right place. * Ryan Northey ([phlax](https://github.com/phlax)) (ryan@synca.io) * Docs, tooling, CI, containers and sandbox examples * William A Rowe Jr ([wrowe](https://github.com/wrowe)) (wrowe@vmware.com) - * Windows port and CI build, `bazel/foreign_cc` build and dependencies liason. + * Windows port and CI build, `bazel/foreign_cc` build and dependencies liaison. * Antonio Vicente ([antoniovicente](https://github.com/antoniovicente)) (avd@google.com) * Event management, security, performance, data plane. diff --git a/SECURITY.md b/SECURITY.md index 0ba3e9ddaa64..62a1424a1a98 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -449,21 +449,24 @@ and security team to ensure they still qualify for inclusion on the list. ### Members -| E-mail | Organization | End User | Last Review | -|-------------------------------------------------------|:-------------:|:--------:|:-----------:| -| envoy-security-team@aspenmesh.io | Aspen Mesh | No | 12/19 | -| aws-app-mesh-security@amazon.com | AWS | No | 12/19 | -| security@cilium.io | Cilium | No | 12/19 | -| vulnerabilityreports@cloudfoundry.org | Cloud Foundry | No | 12/19 | -| secalert@datawire.io | Datawire | No | 12/19 | -| google-internal-envoy-security@google.com | Google | No | 12/19 | -| argoprod@us.ibm.com | IBM | No | 12/19 | -| istio-security-vulnerability-reports@googlegroups.com | Istio | No | 12/19 | -| envoy-security@microsoft.com | Microsoft | No | 2/21 | -| secalert@redhat.com | Red Hat | No | 12/19 | -| envoy-security@solo.io | solo.io | No | 12/19 | -| envoy-security@tetrate.io | Tetrate | No | 12/19 | -| security@vmware.com | VMware | No | 12/19 | -| envoy-security@pinterest.com | Pinterest | Yes | 12/19 | -| envoy-security@dropbox.com | Dropbox | Yes | 01/20 | -| envoy-security-predisclosure@stripe.com | Stripe | Yes | 01/20 | +| Organization | End User | Last Review | +|:-------------:|:--------:|:-----------:| +| Aspen Mesh | No | 06/21 | +| AWS | No | 06/21 | +| Cilium | No | 06/21 | +| Cloud Foundry | No | 06/21 | +| Datawire | No | 06/21 | +| Google | No | 06/21 | +| IBM | No | 06/21 | +| Istio | No | 06/21 | +| Microsoft | No | 2/21 | +| Red Hat | No | 06/21 | +| solo.io | No | 06/21 | +| Tetrate | No | 06/21 | +| VMware | No | 06/21 | +| Pinterest | Yes | 06/21 | +| Dropbox | Yes | 01/20 | +| Stripe | Yes | 01/20 | +| Square | Yes | 05/21 | +| Apple | Yes | 05/21 | +| Spotify | Yes | 06/21 | diff --git a/api/API_VERSIONING.md b/api/API_VERSIONING.md index d2a47c116b9d..3f5d41e710a9 100644 --- a/api/API_VERSIONING.md +++ b/api/API_VERSIONING.md @@ -21,12 +21,12 @@ https://github.com/envoyproxy/envoy/issues/8416. In everyday discussion and GitHub labels, we refer to the `v2`, `v3`, `vN`, `...` APIs. This has a specific technical meaning. Any given message in the Envoy API, e.g. the `Bootstrap` at -`envoy.config.bootstrap.v3.Boostrap`, will transitively reference a number of packages in the Envoy +`envoy.config.bootstrap.v3.Bootstrap`, will transitively reference a number of packages in the Envoy API. These may be at `vN`, `v(N-1)`, etc. The Envoy API is technically a DAG of versioned package namespaces. When we talk about the `vN xDS API`, we really refer to the `N` of the root configuration resources (e.g. bootstrap, xDS resources such as `Cluster`). The -v3 API bootstrap configuration is `envoy.config.bootstrap.v3.Boostrap`, even -though it might might transitively reference `envoy.service.trace.v2`. +v3 API bootstrap configuration is `envoy.config.bootstrap.v3.Bootstrap`, even +though it might transitively reference `envoy.service.trace.v2`. # Backwards compatibility diff --git a/api/BUILD b/api/BUILD index 04b94ff211fd..cb40c29c8e40 100644 --- a/api/BUILD +++ b/api/BUILD @@ -17,104 +17,42 @@ proto_library( "//envoy/api/v2/listener:pkg", "//envoy/api/v2/ratelimit:pkg", "//envoy/api/v2/route:pkg", - "//envoy/config/accesslog/v2:pkg", "//envoy/config/bootstrap/v2:pkg", - "//envoy/config/cluster/aggregate/v2alpha:pkg", "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/cluster/redis:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/filter/accesslog/v2:pkg", - "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "//envoy/config/filter/fault/v2:pkg", - "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", - "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", - "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", - "//envoy/config/filter/http/buffer/v2:pkg", - "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/filter/http/compressor/v2:pkg", - "//envoy/config/filter/http/cors/v2:pkg", - "//envoy/config/filter/http/csrf/v2:pkg", - "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/filter/http/dynamo/v2:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", - "//envoy/config/filter/http/fault/v2:pkg", - "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", - "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", - "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", - "//envoy/config/filter/http/grpc_web/v2:pkg", "//envoy/config/filter/http/gzip/v2:pkg", - "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", - "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", - "//envoy/config/filter/http/lua/v2:pkg", - "//envoy/config/filter/http/on_demand/v2:pkg", - "//envoy/config/filter/http/original_src/v2alpha1:pkg", - "//envoy/config/filter/http/rate_limit/v2:pkg", - "//envoy/config/filter/http/rbac/v2:pkg", - "//envoy/config/filter/http/router/v2:pkg", - "//envoy/config/filter/http/squash/v2:pkg", - "//envoy/config/filter/http/tap/v2alpha:pkg", - "//envoy/config/filter/http/transcoder/v2:pkg", - "//envoy/config/filter/listener/http_inspector/v2:pkg", - "//envoy/config/filter/listener/original_dst/v2:pkg", - "//envoy/config/filter/listener/original_src/v2alpha1:pkg", - "//envoy/config/filter/listener/proxy_protocol/v2:pkg", - "//envoy/config/filter/listener/tls_inspector/v2:pkg", - "//envoy/config/filter/network/client_ssl_auth/v2:pkg", - "//envoy/config/filter/network/direct_response/v2:pkg", - "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", - "//envoy/config/filter/network/echo/v2:pkg", - "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", - "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", - "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", - "//envoy/config/filter/network/mongo_proxy/v2:pkg", - "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", - "//envoy/config/filter/network/rate_limit/v2:pkg", - "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", - "//envoy/config/filter/network/sni_cluster/v2:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", - "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", - "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", - "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", - "//envoy/config/grpc_credential/v2alpha:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", - "//envoy/config/ratelimit/v2:pkg", - "//envoy/config/rbac/v2:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", - "//envoy/config/retry/omit_host_metadata/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", - "//envoy/config/retry/previous_priorities:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "//envoy/config/transport_socket/alts/v2alpha:pkg", - "//envoy/config/transport_socket/raw_buffer/v2:pkg", - "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", - "//envoy/data/cluster/v2alpha:pkg", - "//envoy/data/core/v2alpha:pkg", - "//envoy/data/dns/v2alpha:pkg", "//envoy/data/tap/v2alpha:pkg", "//envoy/service/accesslog/v2:pkg", "//envoy/service/auth/v2:pkg", "//envoy/service/discovery/v2:pkg", - "//envoy/service/event_reporting/v2alpha:pkg", "//envoy/service/load_stats/v2:pkg", "//envoy/service/metrics/v2:pkg", "//envoy/service/ratelimit/v2:pkg", "//envoy/service/status/v2:pkg", "//envoy/service/tap/v2alpha:pkg", - "//envoy/service/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/metadata/v2:pkg", @@ -175,8 +113,10 @@ proto_library( "//envoy/extensions/filters/common/matcher/action/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", + "//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg", "//envoy/extensions/filters/http/aws_lambda/v3:pkg", "//envoy/extensions/filters/http/aws_request_signing/v3:pkg", + "//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg", @@ -209,6 +149,7 @@ proto_library( "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", + "//envoy/extensions/filters/http/set_metadata/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", @@ -218,6 +159,7 @@ proto_library( "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", + "//envoy/extensions/filters/network/connection_limit/v3:pkg", "//envoy/extensions/filters/network/direct_response/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", @@ -243,6 +185,7 @@ proto_library( "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "//envoy/extensions/filters/udp/udp_proxy/v3:pkg", + "//envoy/extensions/formatter/req_without_query/v3:pkg", "//envoy/extensions/health_checkers/redis/v3:pkg", "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg", "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg", @@ -253,6 +196,8 @@ proto_library( "//envoy/extensions/matching/common_inputs/environment_variable/v3:pkg", "//envoy/extensions/matching/input_matchers/consistent_hashing/v3:pkg", "//envoy/extensions/network/socket_interface/v3:pkg", + "//envoy/extensions/quic/crypto_stream/v3:pkg", + "//envoy/extensions/quic/proof_source/v3:pkg", "//envoy/extensions/rate_limit_descriptors/expr/v3:pkg", "//envoy/extensions/request_id/uuid/v3:pkg", "//envoy/extensions/resource_monitors/fixed_heap/v3:pkg", @@ -261,6 +206,7 @@ proto_library( "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/host/previous_hosts/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", + "//envoy/extensions/stat_sinks/graphite_statsd/v3:pkg", "//envoy/extensions/stat_sinks/wasm/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg", diff --git a/api/STYLE.md b/api/STYLE.md index 6368609580f0..d73e17b773b2 100644 --- a/api/STYLE.md +++ b/api/STYLE.md @@ -113,11 +113,11 @@ organization](#package-organization) above. To add an extension config to the API, the steps below should be followed: 1. If this is still WiP and subject to breaking changes, use `vNalpha` instead of `vN` in steps - below. Refer to the [Cache filter config](envoy/extensions/filter/http/cache/v3alpha/cache.proto) + below. Refer to the [Cache filter config](envoy/extensions/filters/http/cache/v3alpha/cache.proto) as an example of `v3alpha`, and the - [Buffer filter config](envoy/extensions/filter/http/buffer/v3/buffer.proto) as an example of `v3`. + [Buffer filter config](envoy/extensions/filters/http/buffer/v3/buffer.proto) as an example of `v3`. 1. Place the v3 extension configuration `.proto` in `api/envoy/extensions`, e.g. - `api/envoy/extensions/filter/http/foobar/v3/foobar.proto` together with an initial BUILD file: + `api/envoy/extensions/filters/http/foobar/v3/foobar.proto` together with an initial BUILD file: ```bazel load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") @@ -230,7 +230,7 @@ xDS APIs: breaking changes where there is no substantial gain in functionality, performance, security or implementation simplification. We will tolerate technical debt in the API itself, e.g. in the form of vestigial deprecated - fields or reduced ergnomics (such as not using `oneof` when we would prefer + fields or reduced ergonomics (such as not using `oneof` when we would prefer to), in order to meet this principle. * Namespaces for extensions, metadata, etc. use a reverse DNS naming scheme, diff --git a/api/bazel/repository_locations.bzl b/api/bazel/repository_locations.bzl index 9d8159c5fd01..f2685aaeb014 100644 --- a/api/bazel/repository_locations.bzl +++ b/api/bazel/repository_locations.bzl @@ -6,19 +6,19 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/bazelbuild/bazel-skylib", version = "1.0.3", sha256 = "1c531376ac7e5a180e0237938a2536de0c54d93f5c278634818e0efc952dd56c", - urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], release_date = "2020-08-27", + urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], use_category = ["api"], ), com_envoyproxy_protoc_gen_validate = dict( project_name = "protoc-gen-validate (PGV)", project_desc = "protoc plugin to generate polyglot message validators", project_url = "https://github.com/envoyproxy/protoc-gen-validate", - version = "9db8e779b46119eef7d67e3d1120c118d593611c", - sha256 = "a3bfcf965499bfb17299a6931325eab653f99306dac413a5205e4b65e6ab027d", + version = "0.6.1", + sha256 = "c695fc5a2e5a1b52904cd8a58ce7a1c3a80f7f50719496fd606e551685c01101", + release_date = "2021-04-26", strip_prefix = "protoc-gen-validate-{version}", - urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/{version}.tar.gz"], - release_date = "2021-03-16", + urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/v{version}.tar.gz"], use_category = ["api"], implied_untracked_deps = [ "com_github_iancoleman_strcase", @@ -32,11 +32,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Bazel build tools", project_desc = "Developer tools for working with Google's bazel buildtool.", project_url = "https://github.com/bazelbuild/buildtools", - version = "4.0.0", - sha256 = "0d3ca4ed434958dda241fb129f77bd5ef0ce246250feed2d5a5470c6f29a77fa", - strip_prefix = "buildtools-4.0.0", - urls = ["https://github.com/bazelbuild/buildtools/archive/4.0.0.tar.gz"], - release_date = "2021-02-03", + version = "4.0.1", + sha256 = "c28eef4d30ba1a195c6837acf6c75a4034981f5b4002dda3c5aa6e48ce023cf1", + release_date = "2021-03-01", + strip_prefix = "buildtools-{version}", + urls = ["https://github.com/bazelbuild/buildtools/archive/{version}.tar.gz"], use_category = ["api"], ), com_github_cncf_udpa = dict( @@ -46,20 +46,20 @@ REPOSITORY_LOCATIONS_SPEC = dict( # During the UDPA -> xDS migration, we aren't working with releases. version = "b88cc788a63e5b38ee334a2e702c67901355ae2c", sha256 = "3220df8564f217665b6e17776569c5f748178c2b9cbf83bb55a13ddc0a3738f0", + release_date = "2021-03-23", strip_prefix = "xds-{version}", urls = ["https://github.com/cncf/xds/archive/{version}.tar.gz"], - release_date = "2021-03-23", use_category = ["api"], ), com_github_openzipkin_zipkinapi = dict( project_name = "Zipkin API", project_desc = "Zipkin's language independent model and HTTP Api Definitions", project_url = "https://github.com/openzipkin/zipkin-api", - version = "0.2.2", - sha256 = "688c4fe170821dd589f36ec45aaadc03a618a40283bc1f97da8fa11686fc816b", + version = "1.0.0", + sha256 = "6c8ee2014cf0746ba452e5f2c01f038df60e85eb2d910b226f9aa27ddc0e44cf", + release_date = "2020-11-22", strip_prefix = "zipkin-api-{version}", urls = ["https://github.com/openzipkin/zipkin-api/archive/{version}.tar.gz"], - release_date = "2019-08-23", use_category = ["api"], ), com_google_googleapis = dict( @@ -69,9 +69,9 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/googleapis/googleapis", version = "82944da21578a53b74e547774cf62ed31a05b841", sha256 = "a45019af4d3290f02eaeb1ce10990166978c807cb33a9692141a076ba46d1405", + release_date = "2019-12-02", strip_prefix = "googleapis-{version}", urls = ["https://github.com/googleapis/googleapis/archive/{version}.tar.gz"], - release_date = "2019-12-02", use_category = ["api"], ), opencensus_proto = dict( @@ -80,42 +80,42 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/census-instrumentation/opencensus-proto", version = "0.3.0", sha256 = "b7e13f0b4259e80c3070b583c2f39e53153085a6918718b1c710caf7037572b0", + release_date = "2020-07-21", strip_prefix = "opencensus-proto-{version}/src", urls = ["https://github.com/census-instrumentation/opencensus-proto/archive/v{version}.tar.gz"], - release_date = "2020-07-21", use_category = ["api"], ), prometheus_metrics_model = dict( project_name = "Prometheus client model", project_desc = "Data model artifacts for Prometheus", project_url = "https://github.com/prometheus/client_model", - version = "60555c9708c786597e6b07bf846d0dc5c2a46f54", - sha256 = "6748b42f6879ad4d045c71019d2512c94be3dd86f60965e9e31e44a3f464323e", + version = "0255a22d35ad5661ef7aa89c95fdf5dfd685283f", + sha256 = "a83fd26a80c5f9b82d1231448141a148c1d7a0c8f581ddf49fdbd8c1545e5661", + release_date = "2021-01-16", strip_prefix = "client_model-{version}", urls = ["https://github.com/prometheus/client_model/archive/{version}.tar.gz"], - release_date = "2020-06-23", use_category = ["api"], ), rules_proto = dict( project_name = "Protobuf Rules for Bazel", project_desc = "Protocol buffer rules for Bazel", project_url = "https://github.com/bazelbuild/rules_proto", - version = "40298556293ae502c66579620a7ce867d5f57311", - sha256 = "aa1ee19226f707d44bee44c720915199c20c84a23318bb0597ed4e5c873ccbd5", + version = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf", + sha256 = "9fc210a34f0f9e7cc31598d109b5d069ef44911a82f507d5a88716db171615a8", + release_date = "2021-02-09", strip_prefix = "rules_proto-{version}", urls = ["https://github.com/bazelbuild/rules_proto/archive/{version}.tar.gz"], - release_date = "2020-08-17", use_category = ["api"], ), opentelemetry_proto = dict( project_name = "OpenTelemetry Proto", project_desc = "Language Independent Interface Types For OpenTelemetry", project_url = "https://github.com/open-telemetry/opentelemetry-proto", - version = "0.7.0", - sha256 = "39cc1fb45039c7687354ca497aff8a55c71d0f1e484f6b81124ba9d821c36441", + version = "0.9.0", + sha256 = "9ec38ab51eedbd7601979b0eda962cf37bc8a4dc35fcef604801e463f01dcc00", + release_date = "2021-05-12", strip_prefix = "opentelemetry-proto-{version}", urls = ["https://github.com/open-telemetry/opentelemetry-proto/archive/v{version}.tar.gz"], - release_date = "2020-12-09", use_category = ["api"], ), ) diff --git a/api/envoy/config/accesslog/v2/als.proto b/api/envoy/config/accesslog/v2/als.proto deleted file mode 100644 index 5b4106af106e..000000000000 --- a/api/envoy/config/accesslog/v2/als.proto +++ /dev/null @@ -1,75 +0,0 @@ -syntax = "proto3"; - -package envoy.config.accesslog.v2; - -import "envoy/api/v2/core/grpc_service.proto"; - -import "google/protobuf/duration.proto"; -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; -option java_outer_classname = "AlsProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.grpc.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC Access Log Service (ALS)] - -// Configuration for the built-in *envoy.access_loggers.http_grpc* -// :ref:`AccessLog `. This configuration will -// populate :ref:`StreamAccessLogsMessage.http_logs -// `. -// [#extension: envoy.access_loggers.http_grpc] -message HttpGrpcAccessLogConfig { - CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; - - // Additional request headers to log in :ref:`HTTPRequestProperties.request_headers - // `. - repeated string additional_request_headers_to_log = 2; - - // Additional response headers to log in :ref:`HTTPResponseProperties.response_headers - // `. - repeated string additional_response_headers_to_log = 3; - - // Additional response trailers to log in :ref:`HTTPResponseProperties.response_trailers - // `. - repeated string additional_response_trailers_to_log = 4; -} - -// Configuration for the built-in *envoy.access_loggers.tcp_grpc* type. This configuration will -// populate *StreamAccessLogsMessage.tcp_logs*. -// [#extension: envoy.access_loggers.tcp_grpc] -message TcpGrpcAccessLogConfig { - CommonGrpcAccessLogConfig common_config = 1 [(validate.rules).message = {required: true}]; -} - -// Common configuration for gRPC access logs. -// [#next-free-field: 6] -message CommonGrpcAccessLogConfig { - // The friendly name of the access log to be returned in :ref:`StreamAccessLogsMessage.Identifier - // `. This allows the - // access log server to differentiate between different access logs coming from the same Envoy. - string log_name = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The gRPC service for the access log service. - api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; - - // Interval for flushing access logs to the gRPC stream. Logger will flush requests every time - // this interval is elapsed, or when batch size limit is hit, whichever comes first. Defaults to - // 1 second. - google.protobuf.Duration buffer_flush_interval = 3 [(validate.rules).duration = {gt {}}]; - - // Soft size limit in bytes for access log entries buffer. Logger will buffer requests until - // this limit it hit, or every time flush interval is elapsed, whichever comes first. Setting it - // to zero effectively disables the batching. Defaults to 16384. - google.protobuf.UInt32Value buffer_size_bytes = 4; - - // Additional filter state objects to log in :ref:`filter_state_objects - // `. - // Logger will call `FilterState::Object::serializeAsProto` to serialize the filter state object. - repeated string filter_state_objects_to_log = 5; -} diff --git a/api/envoy/config/accesslog/v2/file.proto b/api/envoy/config/accesslog/v2/file.proto deleted file mode 100644 index 9b8671c81358..000000000000 --- a/api/envoy/config/accesslog/v2/file.proto +++ /dev/null @@ -1,43 +0,0 @@ -syntax = "proto3"; - -package envoy.config.accesslog.v2; - -import "google/protobuf/struct.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.accesslog.v2"; -option java_outer_classname = "FileProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.access_loggers.file.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: File access log] -// [#extension: envoy.access_loggers.file] - -// Custom configuration for an :ref:`AccessLog ` -// that writes log entries directly to a file. Configures the built-in *envoy.access_loggers.file* -// AccessLog. -message FileAccessLog { - // A path to a local file to which to write the access log entries. - string path = 1 [(validate.rules).string = {min_bytes: 1}]; - - oneof access_log_format { - // Access log :ref:`format string`. - // Envoy supports :ref:`custom access log formats ` as well as a - // :ref:`default format `. - string format = 2; - - // Access log :ref:`format dictionary`. All values - // are rendered as strings. - google.protobuf.Struct json_format = 3; - - // Access log :ref:`format dictionary`. Values are - // rendered as strings, numbers, or boolean values as appropriate. Nested JSON objects may - // be produced by some command operators (e.g.FILTER_STATE or DYNAMIC_METADATA). See the - // documentation for a specific command operator for details. - google.protobuf.Struct typed_json_format = 4; - } -} diff --git a/api/envoy/config/accesslog/v3/accesslog.proto b/api/envoy/config/accesslog/v3/accesslog.proto index ad129a3ed64b..bb53286380c9 100644 --- a/api/envoy/config/accesslog/v3/accesslog.proto +++ b/api/envoy/config/accesslog/v3/accesslog.proto @@ -246,6 +246,7 @@ message ResponseFlagFilter { in: "DT" in: "UPE" in: "NC" + in: "OM" } } }]; diff --git a/api/envoy/config/accesslog/v4alpha/accesslog.proto b/api/envoy/config/accesslog/v4alpha/accesslog.proto index 7559a3b82c79..3e0c7f53598c 100644 --- a/api/envoy/config/accesslog/v4alpha/accesslog.proto +++ b/api/envoy/config/accesslog/v4alpha/accesslog.proto @@ -245,6 +245,7 @@ message ResponseFlagFilter { in: "DT" in: "UPE" in: "NC" + in: "OM" } } }]; diff --git a/api/envoy/config/bootstrap/v3/bootstrap.proto b/api/envoy/config/bootstrap/v3/bootstrap.proto index b179d3f4f664..431b45b66171 100644 --- a/api/envoy/config/bootstrap/v3/bootstrap.proto +++ b/api/envoy/config/bootstrap/v3/bootstrap.proto @@ -9,6 +9,7 @@ import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/config/core/v3/extension.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/listener.proto"; import "envoy/config/metrics/v3/stats.proto"; @@ -39,7 +40,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // ` for more detail. // Bootstrap :ref:`configuration overview `. -// [#next-free-field: 30] +// [#next-free-field: 31] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap"; @@ -250,7 +251,16 @@ message Bootstrap { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 20; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 20 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + // This may be overridden on a per-cluster basis in cds_config, when + // :ref:`dns_resolution_config ` + // is specified. + core.v3.DnsResolutionConfig dns_resolution_config = 30; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. diff --git a/api/envoy/config/bootstrap/v4alpha/bootstrap.proto b/api/envoy/config/bootstrap/v4alpha/bootstrap.proto index a6ec388d54c5..c8ac9b16d87d 100644 --- a/api/envoy/config/bootstrap/v4alpha/bootstrap.proto +++ b/api/envoy/config/bootstrap/v4alpha/bootstrap.proto @@ -9,6 +9,7 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/config/core/v4alpha/extension.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/listener.proto"; import "envoy/config/metrics/v4alpha/stats.proto"; @@ -36,7 +37,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // ` for more detail. // Bootstrap :ref:`configuration overview `. -// [#next-free-field: 30] +// [#next-free-field: 31] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap"; @@ -96,9 +97,9 @@ message Bootstrap { core.v4alpha.ApiConfigSource ads_config = 3; } - reserved 10, 11, 8, 9; + reserved 10, 11, 8, 9, 20; - reserved "runtime", "watchdog", "tracing"; + reserved "runtime", "watchdog", "tracing", "use_tcp_for_dns_lookups"; // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). @@ -222,15 +223,11 @@ message Bootstrap { // :ref:`stats sinks `. google.protobuf.UInt64Value stats_server_version_override = 19; - // Always use TCP queries instead of UDP queries for DNS lookups. - // This may be overridden on a per-cluster basis in cds_config, - // when :ref:`dns_resolvers ` and - // :ref:`use_tcp_for_dns_lookups ` are - // specified. - // Setting this value causes failure if the - // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during - // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 20; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + // This may be overridden on a per-cluster basis in cds_config, when + // :ref:`dns_resolution_config ` + // is specified. + core.v4alpha.DnsResolutionConfig dns_resolution_config = 30; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. diff --git a/api/envoy/config/cluster/aggregate/v2alpha/cluster.proto b/api/envoy/config/cluster/aggregate/v2alpha/cluster.proto deleted file mode 100644 index a0fdadd75724..000000000000 --- a/api/envoy/config/cluster/aggregate/v2alpha/cluster.proto +++ /dev/null @@ -1,24 +0,0 @@ -syntax = "proto3"; - -package envoy.config.cluster.aggregate.v2alpha; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.cluster.aggregate.v2alpha"; -option java_outer_classname = "ClusterProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.clusters.aggregate.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Aggregate cluster configuration] - -// Configuration for the aggregate cluster. See the :ref:`architecture overview -// ` for more information. -// [#extension: envoy.clusters.aggregate] -message ClusterConfig { - // Load balancing clusters in aggregate cluster. Clusters are prioritized based on the order they - // appear in this list. - repeated string clusters = 1 [(validate.rules).repeated = {min_items: 1}]; -} diff --git a/api/envoy/config/cluster/redis/redis_cluster.proto b/api/envoy/config/cluster/redis/redis_cluster.proto deleted file mode 100644 index abe88f76a6ff..000000000000 --- a/api/envoy/config/cluster/redis/redis_cluster.proto +++ /dev/null @@ -1,81 +0,0 @@ -syntax = "proto3"; - -package envoy.config.cluster.redis; - -import "google/protobuf/duration.proto"; -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.cluster.redis"; -option java_outer_classname = "RedisClusterProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Redis Cluster Configuration] -// This cluster adds support for `Redis Cluster `_, as part -// of :ref:`Envoy's support for Redis Cluster `. -// -// Redis Cluster is an extension of Redis which supports sharding and high availability (where a -// shard that loses its primary fails over to a replica, and designates it as the new primary). -// However, as there is no unified frontend or proxy service in front of Redis Cluster, the client -// (in this case Envoy) must locally maintain the state of the Redis Cluster, specifically the -// topology. A random node in the cluster is queried for the topology using the `CLUSTER SLOTS -// command `_. This result is then stored locally, and -// updated at user-configured intervals. -// -// Additionally, if -// :ref:`enable_redirection` -// is true, then moved and ask redirection errors from upstream servers will trigger a topology -// refresh when they exceed a user-configured error threshold. -// -// Example: -// -// .. code-block:: yaml -// -// name: name -// connect_timeout: 0.25s -// dns_lookup_family: V4_ONLY -// hosts: -// - socket_address: -// address: foo.bar.com -// port_value: 22120 -// cluster_type: -// name: envoy.clusters.redis -// typed_config: -// "@type": type.googleapis.com/google.protobuf.Struct -// value: -// cluster_refresh_rate: 30s -// cluster_refresh_timeout: 0.5s -// redirect_refresh_interval: 10s -// redirect_refresh_threshold: 10 -// [#extension: envoy.clusters.redis] - -// [#next-free-field: 7] -message RedisClusterConfig { - // Interval between successive topology refresh requests. If not set, this defaults to 5s. - google.protobuf.Duration cluster_refresh_rate = 1 [(validate.rules).duration = {gt {}}]; - - // Timeout for topology refresh request. If not set, this defaults to 3s. - google.protobuf.Duration cluster_refresh_timeout = 2 [(validate.rules).duration = {gt {}}]; - - // The minimum interval that must pass after triggering a topology refresh request before a new - // request can possibly be triggered again. Any errors received during one of these - // time intervals are ignored. If not set, this defaults to 5s. - google.protobuf.Duration redirect_refresh_interval = 3; - - // The number of redirection errors that must be received before - // triggering a topology refresh request. If not set, this defaults to 5. - // If this is set to 0, topology refresh after redirect is disabled. - google.protobuf.UInt32Value redirect_refresh_threshold = 4; - - // The number of failures that must be received before triggering a topology refresh request. - // If not set, this defaults to 0, which disables the topology refresh due to failure. - uint32 failure_refresh_threshold = 5; - - // The number of hosts became degraded or unhealthy before triggering a topology refresh request. - // If not set, this defaults to 0, which disables the topology refresh due to degraded or - // unhealthy host. - uint32 host_degraded_refresh_threshold = 6; -} diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto index 957c2b3341e3..7cce1408267f 100644 --- a/api/envoy/config/cluster/v3/cluster.proto +++ b/api/envoy/config/cluster/v3/cluster.proto @@ -11,6 +11,7 @@ import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/core/v3/protocol.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; @@ -42,7 +43,7 @@ message ClusterCollection { } // Configuration for a single upstream cluster. -// [#next-free-field: 53] +// [#next-free-field: 54] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster"; @@ -412,8 +413,8 @@ message Cluster { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. - // The table size must be prime number. If it is not specified, the default is 65537. - google.protobuf.UInt64Value table_size = 1; + // The table size must be prime number limited to 5000011. If it is not specified, the default is 65537. + google.protobuf.UInt64Value table_size = 1 [(validate.rules).uint64 = {lte: 5000011}]; } // Specific configuration for the @@ -858,14 +859,22 @@ message Cluster { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. - repeated core.v3.Address dns_resolvers = 18; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + repeated core.v3.Address dns_resolvers = 18 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; - // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 45; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 45 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + core.v3.DnsResolutionConfig dns_resolution_config = 53; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via diff --git a/api/envoy/config/cluster/v3/filter.proto b/api/envoy/config/cluster/v3/filter.proto index 74f4a1137dab..7d11b87bcd5d 100644 --- a/api/envoy/config/cluster/v3/filter.proto +++ b/api/envoy/config/cluster/v3/filter.proto @@ -20,7 +20,8 @@ message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.Filter"; // The name of the filter to instantiate. The name must match a - // :ref:`supported filter `. + // supported upstream filter. Note that Envoy's :ref:`downstream network + // filters ` are not valid upstream filters. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being diff --git a/api/envoy/config/cluster/v4alpha/cluster.proto b/api/envoy/config/cluster/v4alpha/cluster.proto index 8adf5ea460e4..30079534ee5d 100644 --- a/api/envoy/config/cluster/v4alpha/cluster.proto +++ b/api/envoy/config/cluster/v4alpha/cluster.proto @@ -10,6 +10,7 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/health_check.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; @@ -42,7 +43,7 @@ message ClusterCollection { } // Configuration for a single upstream cluster. -// [#next-free-field: 53] +// [#next-free-field: 54] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster"; @@ -415,8 +416,8 @@ message Cluster { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. - // The table size must be prime number. If it is not specified, the default is 65537. - google.protobuf.UInt64Value table_size = 1; + // The table size must be prime number limited to 5000011. If it is not specified, the default is 65537. + google.protobuf.UInt64Value table_size = 1 [(validate.rules).uint64 = {lte: 5000011}]; } // Specific configuration for the @@ -630,11 +631,11 @@ message Cluster { [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } - reserved 12, 15, 7, 11, 35, 46, 29, 13, 14, 26, 47; + reserved 12, 15, 7, 11, 35, 46, 29, 13, 14, 18, 45, 26, 47; reserved "hosts", "tls_context", "extension_protocol_options", "upstream_http_protocol_options", "common_http_protocol_options", "http_protocol_options", "http2_protocol_options", - "protocol_selection", "track_timeout_budgets"; + "dns_resolvers", "use_tcp_for_dns_lookups", "protocol_selection", "track_timeout_budgets"; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the @@ -798,27 +799,8 @@ message Cluster { // :ref:`AUTO`. DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}]; - // If DNS resolvers are specified and the cluster type is either - // :ref:`STRICT_DNS`, - // or :ref:`LOGICAL_DNS`, - // this value is used to specify the cluster’s dns resolvers. - // If this setting is not specified, the value defaults to the default - // resolver, which uses /etc/resolv.conf for configuration. For cluster types - // other than - // :ref:`STRICT_DNS` - // and :ref:`LOGICAL_DNS` - // this setting is ignored. - // Setting this value causes failure if the - // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during - // server startup. Apple's API only allows overriding DNS resolvers via system settings. - repeated core.v4alpha.Address dns_resolvers = 18; - - // [#next-major-version: Reconcile DNS options in a single message.] - // Always use TCP queries instead of UDP queries for DNS lookups. - // Setting this value causes failure if the - // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during - // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 45; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + core.v4alpha.DnsResolutionConfig dns_resolution_config = 53; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via diff --git a/api/envoy/config/cluster/v4alpha/filter.proto b/api/envoy/config/cluster/v4alpha/filter.proto index 5a4a4facbd81..d478fd34f1c7 100644 --- a/api/envoy/config/cluster/v4alpha/filter.proto +++ b/api/envoy/config/cluster/v4alpha/filter.proto @@ -20,7 +20,8 @@ message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Filter"; // The name of the filter to instantiate. The name must match a - // :ref:`supported filter `. + // supported upstream filter. Note that Envoy's :ref:`downstream network + // filters ` are not valid upstream filters. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being diff --git a/api/envoy/config/common/tap/v2alpha/common.proto b/api/envoy/config/common/tap/v2alpha/common.proto deleted file mode 100644 index 6db1ecceddc4..000000000000 --- a/api/envoy/config/common/tap/v2alpha/common.proto +++ /dev/null @@ -1,39 +0,0 @@ -syntax = "proto3"; - -package envoy.config.common.tap.v2alpha; - -import "envoy/service/tap/v2alpha/common.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.common.tap.v2alpha"; -option java_outer_classname = "CommonProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.common.tap.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Common tap extension configuration] - -// Common configuration for all tap extensions. -message CommonExtensionConfig { - oneof config_type { - option (validate.required) = true; - - // If specified, the tap filter will be configured via an admin handler. - AdminConfig admin_config = 1; - - // If specified, the tap filter will be configured via a static configuration that cannot be - // changed. - service.tap.v2alpha.TapConfig static_config = 2; - } -} - -// Configuration for the admin handler. See :ref:`here ` for -// more information. -message AdminConfig { - // Opaque configuration ID. When requests are made to the admin handler, the passed opaque ID is - // matched to the configured filter opaque ID to determine which filter to configure. - string config_id = 1 [(validate.rules).string = {min_bytes: 1}]; -} diff --git a/api/envoy/config/core/v3/protocol.proto b/api/envoy/config/core/v3/protocol.proto index bb1998828464..cf98e537261a 100644 --- a/api/envoy/config/core/v3/protocol.proto +++ b/api/envoy/config/core/v3/protocol.proto @@ -244,10 +244,8 @@ message Http1ProtocolOptions { message KeepaliveSettings { // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. - google.protobuf.Duration interval = 1 [(validate.rules).duration = { - required: true - gte {nanos: 1000000} - }]; + // If this is zero, interval PINGs will not be sent. + google.protobuf.Duration interval = 1 [(validate.rules).duration = {gte {nanos: 1000000}}]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. @@ -260,6 +258,14 @@ message KeepaliveSettings { // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; + + // If the connection has been idle for this duration, send a HTTP/2 ping ahead + // of new stream creation, to quickly detect dead connections. + // If this is zero, this type of PING will not be sent. + // If an interval ping is outstanding, a second ping will not be sent as the + // interval ping will determine if the connection is dead. + google.protobuf.Duration connection_idle_interval = 4 + [(validate.rules).duration = {gte {nanos: 1000000}}]; } // [#next-free-field: 16] diff --git a/api/envoy/config/core/v3/resolver.proto b/api/envoy/config/core/v3/resolver.proto new file mode 100644 index 000000000000..21d40425f7a6 --- /dev/null +++ b/api/envoy/config/core/v3/resolver.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "envoy/config/core/v3/address.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "ResolverProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Resolver] + +// Configuration of DNS resolver option flags which control the behavior of the DNS resolver. +message DnsResolverOptions { + // Use TCP for all DNS queries instead of the default protocol UDP. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only uses UDP for DNS resolution. + bool use_tcp_for_dns_lookups = 1; + + // Do not use the default search domains; only query hostnames as-is or as aliases. + bool no_default_search_domain = 2; +} + +// DNS resolution configuration which includes the underlying dns resolver addresses and options. +message DnsResolutionConfig { + // A list of dns resolver addresses. If specified, the DNS client library will perform resolution + // via the underlying DNS resolvers. Otherwise, the default system resolvers + // (e.g., /etc/resolv.conf) will be used. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only allows overriding DNS resolvers via system settings. + repeated Address resolvers = 1 [(validate.rules).repeated = {min_items: 1}]; + + // Configuration of DNS resolver option flags which control the behavior of the DNS resolver. + DnsResolverOptions dns_resolver_options = 2; +} diff --git a/api/envoy/config/core/v3/substitution_format_string.proto b/api/envoy/config/core/v3/substitution_format_string.proto index 85eeabe66219..b2a1c5e13ee4 100644 --- a/api/envoy/config/core/v3/substitution_format_string.proto +++ b/api/envoy/config/core/v3/substitution_format_string.proto @@ -109,5 +109,6 @@ message SubstitutionFormatString { // Specifies a collection of Formatter plugins that can be called from the access log configuration. // See the formatters extensions documentation for details. + // [#extension-category: envoy.formatter] repeated TypedExtensionConfig formatters = 6; } diff --git a/api/envoy/config/core/v4alpha/protocol.proto b/api/envoy/config/core/v4alpha/protocol.proto index 2c55569e0c0a..abfd14447c7b 100644 --- a/api/envoy/config/core/v4alpha/protocol.proto +++ b/api/envoy/config/core/v4alpha/protocol.proto @@ -252,10 +252,8 @@ message KeepaliveSettings { "envoy.config.core.v3.KeepaliveSettings"; // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. - google.protobuf.Duration interval = 1 [(validate.rules).duration = { - required: true - gte {nanos: 1000000} - }]; + // If this is zero, interval PINGs will not be sent. + google.protobuf.Duration interval = 1 [(validate.rules).duration = {gte {nanos: 1000000}}]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. @@ -268,6 +266,14 @@ message KeepaliveSettings { // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; + + // If the connection has been idle for this duration, send a HTTP/2 ping ahead + // of new stream creation, to quickly detect dead connections. + // If this is zero, this type of PING will not be sent. + // If an interval ping is outstanding, a second ping will not be sent as the + // interval ping will determine if the connection is dead. + google.protobuf.Duration connection_idle_interval = 4 + [(validate.rules).duration = {gte {nanos: 1000000}}]; } // [#next-free-field: 16] diff --git a/api/envoy/config/core/v4alpha/resolver.proto b/api/envoy/config/core/v4alpha/resolver.proto new file mode 100644 index 000000000000..4849a54161ce --- /dev/null +++ b/api/envoy/config/core/v4alpha/resolver.proto @@ -0,0 +1,48 @@ +syntax = "proto3"; + +package envoy.config.core.v4alpha; + +import "envoy/config/core/v4alpha/address.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; +option java_outer_classname = "ResolverProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Resolver] + +// Configuration of DNS resolver option flags which control the behavior of the DNS resolver. +message DnsResolverOptions { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.core.v3.DnsResolverOptions"; + + // Use TCP for all DNS queries instead of the default protocol UDP. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only uses UDP for DNS resolution. + bool use_tcp_for_dns_lookups = 1; + + // Do not use the default search domains; only query hostnames as-is or as aliases. + bool no_default_search_domain = 2; +} + +// DNS resolution configuration which includes the underlying dns resolver addresses and options. +message DnsResolutionConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.core.v3.DnsResolutionConfig"; + + // A list of dns resolver addresses. If specified, the DNS client library will perform resolution + // via the underlying DNS resolvers. Otherwise, the default system resolvers + // (e.g., /etc/resolv.conf) will be used. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only allows overriding DNS resolvers via system settings. + repeated Address resolvers = 1 [(validate.rules).repeated = {min_items: 1}]; + + // Configuration of DNS resolver option flags which control the behavior of the DNS resolver. + DnsResolverOptions dns_resolver_options = 2; +} diff --git a/api/envoy/config/core/v4alpha/substitution_format_string.proto b/api/envoy/config/core/v4alpha/substitution_format_string.proto index 36b25da75b8e..6f5037f5f177 100644 --- a/api/envoy/config/core/v4alpha/substitution_format_string.proto +++ b/api/envoy/config/core/v4alpha/substitution_format_string.proto @@ -96,5 +96,6 @@ message SubstitutionFormatString { // Specifies a collection of Formatter plugins that can be called from the access log configuration. // See the formatters extensions documentation for details. + // [#extension-category: envoy.formatter] repeated TypedExtensionConfig formatters = 6; } diff --git a/api/envoy/config/filter/dubbo/router/v2alpha1/router.proto b/api/envoy/config/filter/dubbo/router/v2alpha1/router.proto deleted file mode 100644 index 2e35bb7f7c5b..000000000000 --- a/api/envoy/config/filter/dubbo/router/v2alpha1/router.proto +++ /dev/null @@ -1,19 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.dubbo.router.v2alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.dubbo.router.v2alpha1"; -option java_outer_classname = "RouterProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.dubbo_proxy.router.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Router] -// Dubbo router :ref:`configuration overview `. - -message Router { -} diff --git a/api/envoy/config/filter/http/adaptive_concurrency/v2alpha/adaptive_concurrency.proto b/api/envoy/config/filter/http/adaptive_concurrency/v2alpha/adaptive_concurrency.proto deleted file mode 100644 index 6860b6d6ef2b..000000000000 --- a/api/envoy/config/filter/http/adaptive_concurrency/v2alpha/adaptive_concurrency.proto +++ /dev/null @@ -1,94 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.adaptive_concurrency.v2alpha; - -import "envoy/api/v2/core/base.proto"; -import "envoy/type/percent.proto"; - -import "google/protobuf/duration.proto"; -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.adaptive_concurrency.v2alpha"; -option java_outer_classname = "AdaptiveConcurrencyProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.adaptive_concurrency.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Adaptive Concurrency] -// Adaptive Concurrency Control :ref:`configuration overview -// `. -// [#extension: envoy.filters.http.adaptive_concurrency] - -// Configuration parameters for the gradient controller. -message GradientControllerConfig { - // Parameters controlling the periodic recalculation of the concurrency limit from sampled request - // latencies. - message ConcurrencyLimitCalculationParams { - // The allowed upper-bound on the calculated concurrency limit. Defaults to 1000. - google.protobuf.UInt32Value max_concurrency_limit = 2 [(validate.rules).uint32 = {gt: 0}]; - - // The period of time samples are taken to recalculate the concurrency limit. - google.protobuf.Duration concurrency_update_interval = 3 [(validate.rules).duration = { - required: true - gt {} - }]; - } - - // Parameters controlling the periodic minRTT recalculation. - // [#next-free-field: 6] - message MinimumRTTCalculationParams { - // The time interval between recalculating the minimum request round-trip time. - google.protobuf.Duration interval = 1 [(validate.rules).duration = { - required: true - gt {} - }]; - - // The number of requests to aggregate/sample during the minRTT recalculation window before - // updating. Defaults to 50. - google.protobuf.UInt32Value request_count = 2 [(validate.rules).uint32 = {gt: 0}]; - - // Randomized time delta that will be introduced to the start of the minRTT calculation window. - // This is represented as a percentage of the interval duration. Defaults to 15%. - // - // Example: If the interval is 10s and the jitter is 15%, the next window will begin - // somewhere in the range (10s - 11.5s). - type.Percent jitter = 3; - - // The concurrency limit set while measuring the minRTT. Defaults to 3. - google.protobuf.UInt32Value min_concurrency = 4 [(validate.rules).uint32 = {gt: 0}]; - - // Amount added to the measured minRTT to add stability to the concurrency limit during natural - // variability in latency. This is expressed as a percentage of the measured value and can be - // adjusted to allow more or less tolerance to the sampled latency values. - // - // Defaults to 25%. - type.Percent buffer = 5; - } - - // The percentile to use when summarizing aggregated samples. Defaults to p50. - type.Percent sample_aggregate_percentile = 1; - - ConcurrencyLimitCalculationParams concurrency_limit_params = 2 - [(validate.rules).message = {required: true}]; - - MinimumRTTCalculationParams min_rtt_calc_params = 3 [(validate.rules).message = {required: true}]; -} - -message AdaptiveConcurrency { - oneof concurrency_controller_config { - option (validate.required) = true; - - // Gradient concurrency control will be used. - GradientControllerConfig gradient_controller_config = 1 - [(validate.rules).message = {required: true}]; - } - - // If set to false, the adaptive concurrency filter will operate as a pass-through filter. If the - // message is unspecified, the filter will be enabled. - api.v2.core.RuntimeFeatureFlag enabled = 2; -} diff --git a/api/envoy/config/filter/http/aws_lambda/v2alpha/aws_lambda.proto b/api/envoy/config/filter/http/aws_lambda/v2alpha/aws_lambda.proto deleted file mode 100644 index 43823286286a..000000000000 --- a/api/envoy/config/filter/http/aws_lambda/v2alpha/aws_lambda.proto +++ /dev/null @@ -1,50 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.aws_lambda.v2alpha; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.aws_lambda.v2alpha"; -option java_outer_classname = "AwsLambdaProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.aws_lambda.v3"; -option (udpa.annotations.file_status).work_in_progress = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: AWS Lambda] -// AWS Lambda :ref:`configuration overview `. -// [#extension: envoy.filters.http.aws_lambda] - -// AWS Lambda filter config -message Config { - enum InvocationMode { - // This is the more common mode of invocation, in which Lambda responds after it has completed the function. In - // this mode the output of the Lambda function becomes the response of the HTTP request. - SYNCHRONOUS = 0; - - // In this mode Lambda responds immediately but continues to process the function asynchronously. This mode can be - // used to signal events for example. In this mode, Lambda responds with an acknowledgment that it received the - // call which is translated to an HTTP 200 OK by the filter. - ASYNCHRONOUS = 1; - } - - // The ARN of the AWS Lambda to invoke when the filter is engaged - // Must be in the following format: - // arn::lambda:::function: - string arn = 1 [(validate.rules).string = {min_len: 1}]; - - // Whether to transform the request (headers and body) to a JSON payload or pass it as is. - bool payload_passthrough = 2; - - // Determines the way to invoke the Lambda function. - InvocationMode invocation_mode = 3 [(validate.rules).enum = {defined_only: true}]; -} - -// Per-route configuration for AWS Lambda. This can be useful when invoking a different Lambda function or a different -// version of the same Lambda depending on the route. -message PerRouteConfig { - Config invoke_config = 1; -} diff --git a/api/envoy/config/filter/http/aws_request_signing/v2alpha/aws_request_signing.proto b/api/envoy/config/filter/http/aws_request_signing/v2alpha/aws_request_signing.proto deleted file mode 100644 index 5ebb92c01dfa..000000000000 --- a/api/envoy/config/filter/http/aws_request_signing/v2alpha/aws_request_signing.proto +++ /dev/null @@ -1,45 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.aws_request_signing.v2alpha; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.aws_request_signing.v2alpha"; -option java_outer_classname = "AwsRequestSigningProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.aws_request_signing.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: AwsRequestSigning] -// AwsRequestSigning :ref:`configuration overview `. -// [#extension: envoy.filters.http.aws_request_signing] - -// Top level configuration for the AWS request signing filter. -message AwsRequestSigning { - // The `service namespace - // `_ - // of the HTTP endpoint. - // - // Example: s3 - string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The `region `_ hosting the HTTP - // endpoint. - // - // Example: us-west-2 - string region = 2 [(validate.rules).string = {min_bytes: 1}]; - - // Indicates that before signing headers, the host header will be swapped with - // this value. If not set or empty, the original host header value - // will be used and no rewrite will happen. - // - // Note: this rewrite affects both signing and host header forwarding. However, this - // option shouldn't be used with - // :ref:`HCM host rewrite ` given that the - // value set here would be used for signing whereas the value set in the HCM would be used - // for host header forwarding which is not the desired outcome. - string host_rewrite = 3; -} diff --git a/api/envoy/config/filter/http/buffer/v2/buffer.proto b/api/envoy/config/filter/http/buffer/v2/buffer.proto deleted file mode 100644 index 56961d22fe09..000000000000 --- a/api/envoy/config/filter/http/buffer/v2/buffer.proto +++ /dev/null @@ -1,40 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.buffer.v2; - -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.buffer.v2"; -option java_outer_classname = "BufferProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.buffer.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Buffer] -// Buffer :ref:`configuration overview `. -// [#extension: envoy.filters.http.buffer] - -message Buffer { - reserved 2; - - // The maximum request size that the filter will buffer before the connection - // manager will stop buffering and return a 413 response. - google.protobuf.UInt32Value max_request_bytes = 1 - [(validate.rules).uint32 = {gt: 0}, (validate.rules).message = {required: true}]; -} - -message BufferPerRoute { - oneof override { - option (validate.required) = true; - - // Disable the buffer filter for this particular vhost or route. - bool disabled = 1 [(validate.rules).bool = {const: true}]; - - // Override the global configuration of the filter with this new config. - Buffer buffer = 2 [(validate.rules).message = {required: true}]; - } -} diff --git a/api/envoy/config/filter/http/cache/v2alpha/cache.proto b/api/envoy/config/filter/http/cache/v2alpha/cache.proto deleted file mode 100644 index 98035c05d45a..000000000000 --- a/api/envoy/config/filter/http/cache/v2alpha/cache.proto +++ /dev/null @@ -1,77 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.cache.v2alpha; - -import "envoy/api/v2/route/route_components.proto"; -import "envoy/type/matcher/string.proto"; - -import "google/protobuf/any.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.cache.v2alpha"; -option java_outer_classname = "CacheProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.cache.v3alpha"; -option (udpa.annotations.file_status).work_in_progress = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: HTTP Cache Filter] -// [#extension: envoy.filters.http.cache] - -message CacheConfig { - // [#not-implemented-hide:] - // Modifies cache key creation by restricting which parts of the URL are included. - message KeyCreatorParams { - // If true, exclude the URL scheme from the cache key. Set to true if your origins always - // produce the same response for http and https requests. - bool exclude_scheme = 1; - - // If true, exclude the host from the cache key. Set to true if your origins' responses don't - // ever depend on host. - bool exclude_host = 2; - - // If *query_parameters_included* is nonempty, only query parameters matched - // by one or more of its matchers are included in the cache key. Any other - // query params will not affect cache lookup. - repeated api.v2.route.QueryParameterMatcher query_parameters_included = 3; - - // If *query_parameters_excluded* is nonempty, query parameters matched by one - // or more of its matchers are excluded from the cache key (even if also - // matched by *query_parameters_included*), and will not affect cache lookup. - repeated api.v2.route.QueryParameterMatcher query_parameters_excluded = 4; - } - - // Config specific to the cache storage implementation. - google.protobuf.Any typed_config = 1 [(validate.rules).any = {required: true}]; - - // List of matching rules that defines allowed *Vary* headers. - // - // The *vary* response header holds a list of header names that affect the - // contents of a response, as described by - // https://httpwg.org/specs/rfc7234.html#caching.negotiated.responses. - // - // During insertion, *allowed_vary_headers* acts as a allowlist: if a - // response's *vary* header mentions any header names that aren't matched by any rules in - // *allowed_vary_headers*, that response will not be cached. - // - // During lookup, *allowed_vary_headers* controls what request headers will be - // sent to the cache storage implementation. - repeated type.matcher.StringMatcher allowed_vary_headers = 2; - - // [#not-implemented-hide:] - // - // - // Modifies cache key creation by restricting which parts of the URL are included. - KeyCreatorParams key_creator_params = 3; - - // [#not-implemented-hide:] - // - // - // Max body size the cache filter will insert into a cache. 0 means unlimited (though the cache - // storage implementation may have its own limit beyond which it will reject insertions). - uint32 max_body_bytes = 4; -} diff --git a/api/envoy/config/filter/http/cors/v2/cors.proto b/api/envoy/config/filter/http/cors/v2/cors.proto deleted file mode 100644 index 9060a9c38fda..000000000000 --- a/api/envoy/config/filter/http/cors/v2/cors.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.cors.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.cors.v2"; -option java_outer_classname = "CorsProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.cors.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Cors] -// CORS Filter :ref:`configuration overview `. -// [#extension: envoy.filters.http.cors] - -// Cors filter config. -message Cors { -} diff --git a/api/envoy/config/filter/http/csrf/v2/BUILD b/api/envoy/config/filter/http/csrf/v2/BUILD deleted file mode 100644 index aaab1df15547..000000000000 --- a/api/envoy/config/filter/http/csrf/v2/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "//envoy/type/matcher:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/http/csrf/v2/csrf.proto b/api/envoy/config/filter/http/csrf/v2/csrf.proto deleted file mode 100644 index 3c2c9110e9fe..000000000000 --- a/api/envoy/config/filter/http/csrf/v2/csrf.proto +++ /dev/null @@ -1,52 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.csrf.v2; - -import "envoy/api/v2/core/base.proto"; -import "envoy/type/matcher/string.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.csrf.v2"; -option java_outer_classname = "CsrfProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.csrf.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: CSRF] -// Cross-Site Request Forgery :ref:`configuration overview `. -// [#extension: envoy.filters.http.csrf] - -// CSRF filter config. -message CsrfPolicy { - // Specifies the % of requests for which the CSRF filter is enabled. - // - // If :ref:`runtime_key ` is specified, - // Envoy will lookup the runtime key to get the percentage of requests to filter. - // - // .. note:: - // - // This field defaults to 100/:ref:`HUNDRED - // `. - api.v2.core.RuntimeFractionalPercent filter_enabled = 1 - [(validate.rules).message = {required: true}]; - - // Specifies that CSRF policies will be evaluated and tracked, but not enforced. - // - // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. - // - // If :ref:`runtime_key ` is specified, - // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate - // and track the request's *Origin* and *Destination* to determine if it's valid, but will not - // enforce any policies. - api.v2.core.RuntimeFractionalPercent shadow_enabled = 2; - - // Specifies additional source origins that will be allowed in addition to - // the destination origin. - // - // More information on how this can be configured via runtime can be found - // :ref:`here `. - repeated type.matcher.StringMatcher additional_origins = 3; -} diff --git a/api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/BUILD b/api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/BUILD deleted file mode 100644 index 25c228fd5609..000000000000 --- a/api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/http/dynamo/v2/dynamo.proto b/api/envoy/config/filter/http/dynamo/v2/dynamo.proto deleted file mode 100644 index 011d22f768c8..000000000000 --- a/api/envoy/config/filter/http/dynamo/v2/dynamo.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.dynamo.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.dynamo.v2"; -option java_outer_classname = "DynamoProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.dynamo.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Dynamo] -// Dynamo :ref:`configuration overview `. -// [#extension: envoy.filters.http.dynamo] - -// Dynamo filter config. -message Dynamo { -} diff --git a/api/envoy/config/filter/http/fault/v2/BUILD b/api/envoy/config/filter/http/fault/v2/BUILD deleted file mode 100644 index df4feab714ff..000000000000 --- a/api/envoy/config/filter/http/fault/v2/BUILD +++ /dev/null @@ -1,14 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/route:pkg", - "//envoy/config/filter/fault/v2:pkg", - "//envoy/type:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/http/fault/v2/fault.proto b/api/envoy/config/filter/http/fault/v2/fault.proto deleted file mode 100644 index cb99b0d71bbd..000000000000 --- a/api/envoy/config/filter/http/fault/v2/fault.proto +++ /dev/null @@ -1,129 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.fault.v2; - -import "envoy/api/v2/route/route_components.proto"; -import "envoy/config/filter/fault/v2/fault.proto"; -import "envoy/type/percent.proto"; - -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.fault.v2"; -option java_outer_classname = "FaultProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.fault.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Fault Injection] -// Fault Injection :ref:`configuration overview `. -// [#extension: envoy.filters.http.fault] - -message FaultAbort { - // Fault aborts are controlled via an HTTP header (if applicable). See the - // :ref:`HTTP fault filter ` documentation for - // more information. - message HeaderAbort { - } - - reserved 1; - - oneof error_type { - option (validate.required) = true; - - // HTTP status code to use to abort the HTTP request. - uint32 http_status = 2 [(validate.rules).uint32 = {lt: 600 gte: 200}]; - - // Fault aborts are controlled via an HTTP header (if applicable). - HeaderAbort header_abort = 4; - } - - // The percentage of requests/operations/connections that will be aborted with the error code - // provided. - type.FractionalPercent percentage = 3; -} - -// [#next-free-field: 14] -message HTTPFault { - // If specified, the filter will inject delays based on the values in the - // object. - filter.fault.v2.FaultDelay delay = 1; - - // If specified, the filter will abort requests based on the values in - // the object. At least *abort* or *delay* must be specified. - FaultAbort abort = 2; - - // Specifies the name of the (destination) upstream cluster that the - // filter should match on. Fault injection will be restricted to requests - // bound to the specific upstream cluster. - string upstream_cluster = 3; - - // Specifies a set of headers that the filter should match on. The fault - // injection filter can be applied selectively to requests that match a set of - // headers specified in the fault filter config. The chances of actual fault - // injection further depend on the value of the :ref:`percentage - // ` field. - // The filter will check the request's headers against all the specified - // headers in the filter config. A match will happen if all the headers in the - // config are present in the request with the same values (or based on - // presence if the *value* field is not in the config). - repeated api.v2.route.HeaderMatcher headers = 4; - - // Faults are injected for the specified list of downstream hosts. If this - // setting is not set, faults are injected for all downstream nodes. - // Downstream node name is taken from :ref:`the HTTP - // x-envoy-downstream-service-node - // ` header and compared - // against downstream_nodes list. - repeated string downstream_nodes = 5; - - // The maximum number of faults that can be active at a single time via the configured fault - // filter. Note that because this setting can be overridden at the route level, it's possible - // for the number of active faults to be greater than this value (if injected via a different - // route). If not specified, defaults to unlimited. This setting can be overridden via - // `runtime ` and any faults that are not injected - // due to overflow will be indicated via the `faults_overflow - // ` stat. - // - // .. attention:: - // Like other :ref:`circuit breakers ` in Envoy, this is a fuzzy - // limit. It's possible for the number of active faults to rise slightly above the configured - // amount due to the implementation details. - google.protobuf.UInt32Value max_active_faults = 6; - - // The response rate limit to be applied to the response body of the stream. When configured, - // the percentage can be overridden by the :ref:`fault.http.rate_limit.response_percent - // ` runtime key. - // - // .. attention:: - // This is a per-stream limit versus a connection level limit. This means that concurrent streams - // will each get an independent limit. - filter.fault.v2.FaultRateLimit response_rate_limit = 7; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.delay.fixed_delay_percent - string delay_percent_runtime = 8; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.abort.abort_percent - string abort_percent_runtime = 9; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.delay.fixed_duration_ms - string delay_duration_runtime = 10; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.abort.http_status - string abort_http_status_runtime = 11; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.max_active_faults - string max_active_faults_runtime = 12; - - // The runtime key to override the :ref:`default ` - // runtime. The default is: fault.http.rate_limit.response_percent - string response_rate_limit_percent_runtime = 13; -} diff --git a/api/envoy/config/filter/http/grpc_http1_bridge/v2/BUILD b/api/envoy/config/filter/http/grpc_http1_bridge/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/grpc_http1_bridge/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/grpc_http1_bridge/v2/config.proto b/api/envoy/config/filter/http/grpc_http1_bridge/v2/config.proto deleted file mode 100644 index b4331dad5031..000000000000 --- a/api/envoy/config/filter/http/grpc_http1_bridge/v2/config.proto +++ /dev/null @@ -1,21 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.grpc_http1_bridge.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_bridge.v2"; -option java_outer_classname = "ConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.grpc_http1_bridge.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC HTTP/1.1 Bridge] -// gRPC HTTP/1.1 Bridge Filter :ref:`configuration overview `. -// [#extension: envoy.filters.http.grpc_http1_bridge] - -// gRPC HTTP/1.1 Bridge filter config. -message Config { -} diff --git a/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/BUILD b/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/config.proto b/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/config.proto deleted file mode 100644 index 8b916d327e19..000000000000 --- a/api/envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1/config.proto +++ /dev/null @@ -1,39 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_http1_reverse_bridge.v2alpha1"; -option java_outer_classname = "ConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC HTTP/1.1 Reverse Bridge] -// gRPC HTTP/1.1 Reverse Bridge :ref:`configuration overview -// `. -// [#extension: envoy.filters.http.grpc_http1_reverse_bridge] - -// gRPC reverse bridge filter configuration -message FilterConfig { - // The content-type to pass to the upstream when the gRPC bridge filter is applied. - // The filter will also validate that the upstream responds with the same content type. - string content_type = 1 [(validate.rules).string = {min_bytes: 1}]; - - // If true, Envoy will assume that the upstream doesn't understand gRPC frames and - // strip the gRPC frame from the request, and add it back in to the response. This will - // hide the gRPC semantics from the upstream, allowing it to receive and respond with a - // simple binary encoded protobuf. - bool withhold_grpc_frames = 2; -} - -// gRPC reverse bridge filter configuration per virtualhost/route/weighted-cluster level. -message FilterConfigPerRoute { - // If true, disables gRPC reverse bridge filter for this particular vhost or route. - // If disabled is specified in multiple per-filter-configs, the most specific one will be used. - bool disabled = 1; -} diff --git a/api/envoy/config/filter/http/grpc_stats/v2alpha/config.proto b/api/envoy/config/filter/http/grpc_stats/v2alpha/config.proto deleted file mode 100644 index fea48e6bb64f..000000000000 --- a/api/envoy/config/filter/http/grpc_stats/v2alpha/config.proto +++ /dev/null @@ -1,62 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.grpc_stats.v2alpha; - -import "envoy/api/v2/core/grpc_method_list.proto"; - -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_stats.v2alpha"; -option java_outer_classname = "ConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.grpc_stats.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC statistics] gRPC statistics filter -// :ref:`configuration overview `. -// [#extension: envoy.filters.http.grpc_stats] - -// gRPC statistics filter configuration -message FilterConfig { - // If true, the filter maintains a filter state object with the request and response message - // counts. - bool emit_filter_state = 1; - - oneof per_method_stat_specifier { - // If set, specifies an allowlist of service/methods that will have individual stats - // emitted for them. Any call that does not match the allowlist will be counted - // in a stat with no method specifier: `cluster..grpc.*`. - api.v2.core.GrpcMethodList individual_method_stats_allowlist = 2; - - // If set to true, emit stats for all service/method names. - // - // If set to false, emit stats for all service/message types to the same stats without including - // the service/method in the name, with prefix `cluster..grpc`. This can be useful if - // service/method granularity is not needed, or if each cluster only receives a single method. - // - // .. attention:: - // This option is only safe if all clients are trusted. If this option is enabled - // with untrusted clients, the clients could cause unbounded growth in the number of stats in - // Envoy, using unbounded memory and potentially slowing down stats pipelines. - // - // .. attention:: - // If neither `individual_method_stats_allowlist` nor `stats_for_all_methods` is set, the - // behavior will default to `stats_for_all_methods=false`. This default value is changed due - // to the previous value being deprecated. This behavior can be changed with runtime override - // `envoy.deprecated_features.grpc_stats_filter_enable_stats_for_all_methods_by_default`. - google.protobuf.BoolValue stats_for_all_methods = 3; - } -} - -// gRPC statistics filter state object in protobuf form. -message FilterObject { - // Count of request messages in the request stream. - uint64 request_message_count = 1; - - // Count of response messages in the response stream. - uint64 response_message_count = 2; -} diff --git a/api/envoy/config/filter/http/grpc_web/v2/BUILD b/api/envoy/config/filter/http/grpc_web/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/grpc_web/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/grpc_web/v2/grpc_web.proto b/api/envoy/config/filter/http/grpc_web/v2/grpc_web.proto deleted file mode 100644 index be23b4d87b58..000000000000 --- a/api/envoy/config/filter/http/grpc_web/v2/grpc_web.proto +++ /dev/null @@ -1,21 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.grpc_web.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.grpc_web.v2"; -option java_outer_classname = "GrpcWebProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.grpc_web.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC Web] -// gRPC Web :ref:`configuration overview `. -// [#extension: envoy.filters.http.grpc_web] - -// gRPC Web filter config. -message GrpcWeb { -} diff --git a/api/envoy/config/filter/http/gzip/v2/gzip.proto b/api/envoy/config/filter/http/gzip/v2/gzip.proto index f3601b612b02..0c134c6208b1 100644 --- a/api/envoy/config/filter/http/gzip/v2/gzip.proto +++ b/api/envoy/config/filter/http/gzip/v2/gzip.proto @@ -17,8 +17,6 @@ option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filte option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 11] message Gzip { diff --git a/api/envoy/config/filter/http/header_to_metadata/v2/BUILD b/api/envoy/config/filter/http/header_to_metadata/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/header_to_metadata/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto b/api/envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto deleted file mode 100644 index 30de69d98b1c..000000000000 --- a/api/envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto +++ /dev/null @@ -1,100 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.header_to_metadata.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.header_to_metadata.v2"; -option java_outer_classname = "HeaderToMetadataProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.header_to_metadata.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Header-To-Metadata Filter] -// -// The configuration for transforming headers into metadata. This is useful -// for matching load balancer subsets, logging, etc. -// -// Header to Metadata :ref:`configuration overview `. -// [#extension: envoy.filters.http.header_to_metadata] - -message Config { - enum ValueType { - STRING = 0; - - NUMBER = 1; - - // The value is a serialized `protobuf.Value - // `_. - PROTOBUF_VALUE = 2; - } - - // ValueEncode defines the encoding algorithm. - enum ValueEncode { - // The value is not encoded. - NONE = 0; - - // The value is encoded in `Base64 `_. - // Note: this is mostly used for STRING and PROTOBUF_VALUE to escape the - // non-ASCII characters in the header. - BASE64 = 1; - } - - // [#next-free-field: 6] - message KeyValuePair { - // The namespace — if this is empty, the filter's namespace will be used. - string metadata_namespace = 1; - - // The key to use within the namespace. - string key = 2 [(validate.rules).string = {min_bytes: 1}]; - - // The value to pair with the given key. - // - // When used for a `on_header_present` case, if value is non-empty it'll be used - // instead of the header value. If both are empty, no metadata is added. - // - // When used for a `on_header_missing` case, a non-empty value must be provided - // otherwise no metadata is added. - string value = 3; - - // The value's type — defaults to string. - ValueType type = 4; - - // How is the value encoded, default is NONE (not encoded). - // The value will be decoded accordingly before storing to metadata. - ValueEncode encode = 5; - } - - // A Rule defines what metadata to apply when a header is present or missing. - message Rule { - // The header that triggers this rule — required. - string header = 1 - [(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}]; - - // If the header is present, apply this metadata KeyValuePair. - // - // If the value in the KeyValuePair is non-empty, it'll be used instead - // of the header value. - KeyValuePair on_header_present = 2; - - // If the header is not present, apply this metadata KeyValuePair. - // - // The value in the KeyValuePair must be set, since it'll be used in lieu - // of the missing header value. - KeyValuePair on_header_missing = 3; - - // Whether or not to remove the header after a rule is applied. - // - // This prevents headers from leaking. - bool remove = 4; - } - - // The list of rules to apply to requests. - repeated Rule request_rules = 1; - - // The list of rules to apply to responses. - repeated Rule response_rules = 2; -} diff --git a/api/envoy/config/filter/http/jwt_authn/v2alpha/BUILD b/api/envoy/config/filter/http/jwt_authn/v2alpha/BUILD deleted file mode 100644 index 1e485f4e158a..000000000000 --- a/api/envoy/config/filter/http/jwt_authn/v2alpha/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "//envoy/api/v2/route:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/http/jwt_authn/v2alpha/config.proto b/api/envoy/config/filter/http/jwt_authn/v2alpha/config.proto deleted file mode 100644 index 07044f92201e..000000000000 --- a/api/envoy/config/filter/http/jwt_authn/v2alpha/config.proto +++ /dev/null @@ -1,500 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.jwt_authn.v2alpha; - -import "envoy/api/v2/core/base.proto"; -import "envoy/api/v2/core/http_uri.proto"; -import "envoy/api/v2/route/route_components.proto"; - -import "google/protobuf/duration.proto"; -import "google/protobuf/empty.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.jwt_authn.v2alpha"; -option java_outer_classname = "ConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.jwt_authn.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: JWT Authentication] -// JWT Authentication :ref:`configuration overview `. -// [#extension: envoy.filters.http.jwt_authn] - -// Please see following for JWT authentication flow: -// -// * `JSON Web Token (JWT) `_ -// * `The OAuth 2.0 Authorization Framework `_ -// * `OpenID Connect `_ -// -// A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: -// -// * issuer: the principal that issues the JWT. It has to match the one from the token. -// * allowed audiences: the ones in the token have to be listed here. -// * how to fetch public key JWKS to verify the token signature. -// * how to extract JWT token in the request. -// * how to pass successfully verified token payload. -// -// Example: -// -// .. code-block:: yaml -// -// issuer: https://example.com -// audiences: -// - bookstore_android.apps.googleusercontent.com -// - bookstore_web.apps.googleusercontent.com -// remote_jwks: -// http_uri: -// uri: https://example.com/.well-known/jwks.json -// cluster: example_jwks_cluster -// cache_duration: -// seconds: 300 -// -// [#next-free-field: 10] -message JwtProvider { - // Specify the `principal `_ that issued - // the JWT, usually a URL or an email address. - // - // Example: https://securetoken.google.com - // Example: 1234567-compute@developer.gserviceaccount.com - // - string issuer = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The list of JWT `audiences `_ are - // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, - // will not check audiences in the token. - // - // Example: - // - // .. code-block:: yaml - // - // audiences: - // - bookstore_android.apps.googleusercontent.com - // - bookstore_web.apps.googleusercontent.com - // - repeated string audiences = 2; - - // `JSON Web Key Set (JWKS) `_ is needed to - // validate signature of a JWT. This field specifies where to fetch JWKS. - oneof jwks_source_specifier { - option (validate.required) = true; - - // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP - // URI and how the fetched JWKS should be cached. - // - // Example: - // - // .. code-block:: yaml - // - // remote_jwks: - // http_uri: - // uri: https://www.googleapis.com/oauth2/v1/certs - // cluster: jwt.www.googleapis.com|443 - // cache_duration: - // seconds: 300 - // - RemoteJwks remote_jwks = 3; - - // JWKS is in local data source. It could be either in a local file or embedded in the - // inline_string. - // - // Example: local file - // - // .. code-block:: yaml - // - // local_jwks: - // filename: /etc/envoy/jwks/jwks1.txt - // - // Example: inline_string - // - // .. code-block:: yaml - // - // local_jwks: - // inline_string: ACADADADADA - // - api.v2.core.DataSource local_jwks = 4; - } - - // If false, the JWT is removed in the request after a success verification. If true, the JWT is - // not removed in the request. Default value is false. - bool forward = 5; - - // Two fields below define where to extract the JWT from an HTTP request. - // - // If no explicit location is specified, the following default locations are tried in order: - // - // 1. The Authorization header using the `Bearer schema - // `_. Example:: - // - // Authorization: Bearer . - // - // 2. `access_token `_ query parameter. - // - // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations - // its provider specified or from the default locations. - // - // Specify the HTTP headers to extract JWT token. For examples, following config: - // - // .. code-block:: yaml - // - // from_headers: - // - name: x-goog-iap-jwt-assertion - // - // can be used to extract token from header:: - // - // ``x-goog-iap-jwt-assertion: ``. - // - repeated JwtHeader from_headers = 6; - - // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. - // - // For example, if config is: - // - // .. code-block:: yaml - // - // from_params: - // - jwt_token - // - // The JWT format in query parameter is:: - // - // /path?jwt_token= - // - repeated string from_params = 7; - - // This field specifies the header name to forward a successfully verified JWT payload to the - // backend. The forwarded data is:: - // - // base64url_encoded(jwt_payload_in_JSON) - // - // If it is not specified, the payload will not be forwarded. - string forward_payload_header = 8; - - // If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata - // in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** - // The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* - // and the value is the *protobuf::Struct* converted from JWT JSON payload. - // - // For example, if payload_in_metadata is *my_payload*: - // - // .. code-block:: yaml - // - // envoy.filters.http.jwt_authn: - // my_payload: - // iss: https://example.com - // sub: test@example.com - // aud: https://example.com - // exp: 1501281058 - // - string payload_in_metadata = 9; -} - -// This message specifies how to fetch JWKS from remote and how to cache it. -message RemoteJwks { - // The HTTP URI to fetch the JWKS. For example: - // - // .. code-block:: yaml - // - // http_uri: - // uri: https://www.googleapis.com/oauth2/v1/certs - // cluster: jwt.www.googleapis.com|443 - // - api.v2.core.HttpUri http_uri = 1; - - // Duration after which the cached JWKS should be expired. If not specified, default cache - // duration is 5 minutes. - google.protobuf.Duration cache_duration = 2; -} - -// This message specifies a header location to extract JWT token. -message JwtHeader { - // The HTTP header name. - string name = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The value prefix. The value format is "value_prefix" - // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the - // end. - string value_prefix = 2; -} - -// Specify a required provider with audiences. -message ProviderWithAudiences { - // Specify a required provider name. - string provider_name = 1; - - // This field overrides the one specified in the JwtProvider. - repeated string audiences = 2; -} - -// This message specifies a Jwt requirement. An empty message means JWT verification is not -// required. Here are some config examples: -// -// .. code-block:: yaml -// -// # Example 1: not required with an empty message -// -// # Example 2: require A -// provider_name: provider-A -// -// # Example 3: require A or B -// requires_any: -// requirements: -// - provider_name: provider-A -// - provider_name: provider-B -// -// # Example 4: require A and B -// requires_all: -// requirements: -// - provider_name: provider-A -// - provider_name: provider-B -// -// # Example 5: require A and (B or C) -// requires_all: -// requirements: -// - provider_name: provider-A -// - requires_any: -// requirements: -// - provider_name: provider-B -// - provider_name: provider-C -// -// # Example 6: require A or (B and C) -// requires_any: -// requirements: -// - provider_name: provider-A -// - requires_all: -// requirements: -// - provider_name: provider-B -// - provider_name: provider-C -// -// # Example 7: A is optional (if token from A is provided, it must be valid, but also allows -// missing token.) -// requires_any: -// requirements: -// - provider_name: provider-A -// - allow_missing: {} -// -// # Example 8: A is optional and B is required. -// requires_all: -// requirements: -// - requires_any: -// requirements: -// - provider_name: provider-A -// - allow_missing: {} -// - provider_name: provider-B -// -// [#next-free-field: 7] -message JwtRequirement { - oneof requires_type { - // Specify a required provider name. - string provider_name = 1; - - // Specify a required provider with audiences. - ProviderWithAudiences provider_and_audiences = 2; - - // Specify list of JwtRequirement. Their results are OR-ed. - // If any one of them passes, the result is passed. - JwtRequirementOrList requires_any = 3; - - // Specify list of JwtRequirement. Their results are AND-ed. - // All of them must pass, if one of them fails or missing, it fails. - JwtRequirementAndList requires_all = 4; - - // The requirement is always satisfied even if JWT is missing or the JWT - // verification fails. A typical usage is: this filter is used to only verify - // JWTs and pass the verified JWT payloads to another filter, the other filter - // will make decision. In this mode, all JWT tokens will be verified. - google.protobuf.Empty allow_missing_or_failed = 5; - - // The requirement is satisfied if JWT is missing, but failed if JWT is - // presented but invalid. Similar to allow_missing_or_failed, this is used - // to only verify JWTs and pass the verified payload to another filter. The - // different is this mode will reject requests with invalid tokens. - google.protobuf.Empty allow_missing = 6; - } -} - -// This message specifies a list of RequiredProvider. -// Their results are OR-ed; if any one of them passes, the result is passed -message JwtRequirementOrList { - // Specify a list of JwtRequirement. - repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; -} - -// This message specifies a list of RequiredProvider. -// Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. -message JwtRequirementAndList { - // Specify a list of JwtRequirement. - repeated JwtRequirement requirements = 1 [(validate.rules).repeated = {min_items: 2}]; -} - -// This message specifies a Jwt requirement for a specific Route condition. -// Example 1: -// -// .. code-block:: yaml -// -// - match: -// prefix: /healthz -// -// In above example, "requires" field is empty for /healthz prefix match, -// it means that requests matching the path prefix don't require JWT authentication. -// -// Example 2: -// -// .. code-block:: yaml -// -// - match: -// prefix: / -// requires: { provider_name: provider-A } -// -// In above example, all requests matched the path prefix require jwt authentication -// from "provider-A". -message RequirementRule { - // The route matching parameter. Only when the match is satisfied, the "requires" field will - // apply. - // - // For example: following match will match all requests. - // - // .. code-block:: yaml - // - // match: - // prefix: / - // - api.v2.route.RouteMatch match = 1 [(validate.rules).message = {required: true}]; - - // Specify a Jwt Requirement. Please detail comment in message JwtRequirement. - JwtRequirement requires = 2; -} - -// This message specifies Jwt requirements based on stream_info.filterState. -// This FilterState should use `Router::StringAccessor` object to set a string value. -// Other HTTP filters can use it to specify Jwt requirements dynamically. -// -// Example: -// -// .. code-block:: yaml -// -// name: jwt_selector -// requires: -// issuer_1: -// provider_name: issuer1 -// issuer_2: -// provider_name: issuer2 -// -// If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, -// jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. -message FilterStateRule { - // The filter state name to retrieve the `Router::StringAccessor` object. - string name = 1 [(validate.rules).string = {min_bytes: 1}]; - - // A map of string keys to requirements. The string key is the string value - // in the FilterState with the name specified in the *name* field above. - map requires = 3; -} - -// This is the Envoy HTTP filter config for JWT authentication. -// -// For example: -// -// .. code-block:: yaml -// -// providers: -// provider1: -// issuer: issuer1 -// audiences: -// - audience1 -// - audience2 -// remote_jwks: -// http_uri: -// uri: https://example.com/.well-known/jwks.json -// cluster: example_jwks_cluster -// provider2: -// issuer: issuer2 -// local_jwks: -// inline_string: jwks_string -// -// rules: -// # Not jwt verification is required for /health path -// - match: -// prefix: /health -// -// # Jwt verification for provider1 is required for path prefixed with "prefix" -// - match: -// prefix: /prefix -// requires: -// provider_name: provider1 -// -// # Jwt verification for either provider1 or provider2 is required for all other requests. -// - match: -// prefix: / -// requires: -// requires_any: -// requirements: -// - provider_name: provider1 -// - provider_name: provider2 -// -message JwtAuthentication { - // Map of provider names to JwtProviders. - // - // .. code-block:: yaml - // - // providers: - // provider1: - // issuer: issuer1 - // audiences: - // - audience1 - // - audience2 - // remote_jwks: - // http_uri: - // uri: https://example.com/.well-known/jwks.json - // cluster: example_jwks_cluster - // provider2: - // issuer: provider2 - // local_jwks: - // inline_string: jwks_string - // - map providers = 1; - - // Specifies requirements based on the route matches. The first matched requirement will be - // applied. If there are overlapped match conditions, please put the most specific match first. - // - // Examples - // - // .. code-block:: yaml - // - // rules: - // - match: - // prefix: /healthz - // - match: - // prefix: /baz - // requires: - // provider_name: provider1 - // - match: - // prefix: /foo - // requires: - // requires_any: - // requirements: - // - provider_name: provider1 - // - provider_name: provider2 - // - match: - // prefix: /bar - // requires: - // requires_all: - // requirements: - // - provider_name: provider1 - // - provider_name: provider2 - // - repeated RequirementRule rules = 2; - - // This message specifies Jwt requirements based on stream_info.filterState. - // Other HTTP filters can use it to specify Jwt requirements dynamically. - // The *rules* field above is checked first, if it could not find any matches, - // check this one. - FilterStateRule filter_state_rules = 3; - - // When set to true, bypass the `CORS preflight request - // `_ regardless of JWT - // requirements specified in the rules. - bool bypass_cors_preflight = 4; -} diff --git a/api/envoy/config/filter/http/lua/v2/BUILD b/api/envoy/config/filter/http/lua/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/lua/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/lua/v2/lua.proto b/api/envoy/config/filter/http/lua/v2/lua.proto deleted file mode 100644 index 068b5e255df5..000000000000 --- a/api/envoy/config/filter/http/lua/v2/lua.proto +++ /dev/null @@ -1,25 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.lua.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.lua.v2"; -option java_outer_classname = "LuaProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.lua.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Lua] -// Lua :ref:`configuration overview `. -// [#extension: envoy.filters.http.lua] - -message Lua { - // The Lua code that Envoy will execute. This can be a very small script that - // further loads code from disk if desired. Note that if JSON configuration is used, the code must - // be properly escaped. YAML configuration may be easier to read since YAML supports multi-line - // strings so complex scripts can be easily expressed inline in the configuration. - string inline_code = 1 [(validate.rules).string = {min_bytes: 1}]; -} diff --git a/api/envoy/config/filter/http/on_demand/v2/BUILD b/api/envoy/config/filter/http/on_demand/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/on_demand/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/on_demand/v2/on_demand.proto b/api/envoy/config/filter/http/on_demand/v2/on_demand.proto deleted file mode 100644 index 4c5aadf442cf..000000000000 --- a/api/envoy/config/filter/http/on_demand/v2/on_demand.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.on_demand.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.on_demand.v2"; -option java_outer_classname = "OnDemandProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.on_demand.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: OnDemand] -// IP tagging :ref:`configuration overview `. -// [#extension: envoy.filters.http.on_demand] - -message OnDemand { -} diff --git a/api/envoy/config/filter/http/original_src/v2alpha1/BUILD b/api/envoy/config/filter/http/original_src/v2alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/original_src/v2alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/original_src/v2alpha1/original_src.proto b/api/envoy/config/filter/http/original_src/v2alpha1/original_src.proto deleted file mode 100644 index 8dfb4354d238..000000000000 --- a/api/envoy/config/filter/http/original_src/v2alpha1/original_src.proto +++ /dev/null @@ -1,27 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.original_src.v2alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.original_src.v2alpha1"; -option java_outer_classname = "OriginalSrcProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.original_src.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Original Src Filter] -// Use the Original source address on upstream connections. - -// The Original Src filter binds upstream connections to the original source address determined -// for the request. This address could come from something like the Proxy Protocol filter, or it -// could come from trusted http headers. -// [#extension: envoy.filters.http.original_src] -message OriginalSrc { - // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to - // ensure that non-local addresses may be routed back through envoy when binding to the original - // source address. The option will not be applied if the mark is 0. - uint32 mark = 1; -} diff --git a/api/envoy/config/filter/http/router/v2/BUILD b/api/envoy/config/filter/http/router/v2/BUILD deleted file mode 100644 index 4b7ccc42a6ca..000000000000 --- a/api/envoy/config/filter/http/router/v2/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/config/filter/accesslog/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/http/router/v2/router.proto b/api/envoy/config/filter/http/router/v2/router.proto deleted file mode 100644 index c95500cf8168..000000000000 --- a/api/envoy/config/filter/http/router/v2/router.proto +++ /dev/null @@ -1,79 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.router.v2; - -import "envoy/config/filter/accesslog/v2/accesslog.proto"; - -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.router.v2"; -option java_outer_classname = "RouterProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.router.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Router] -// Router :ref:`configuration overview `. -// [#extension: envoy.filters.http.router] - -// [#next-free-field: 7] -message Router { - // Whether the router generates dynamic cluster statistics. Defaults to - // true. Can be disabled in high performance scenarios. - google.protobuf.BoolValue dynamic_stats = 1; - - // Whether to start a child span for egress routed calls. This can be - // useful in scenarios where other filters (auth, ratelimit, etc.) make - // outbound calls and have child spans rooted at the same ingress - // parent. Defaults to false. - bool start_child_span = 2; - - // Configuration for HTTP upstream logs emitted by the router. Upstream logs - // are configured in the same way as access logs, but each log entry represents - // an upstream request. Presuming retries are configured, multiple upstream - // requests may be made for each downstream (inbound) request. - repeated accesslog.v2.AccessLog upstream_log = 3; - - // Do not add any additional *x-envoy-* headers to requests or responses. This - // only affects the :ref:`router filter generated *x-envoy-* headers - // `, other Envoy filters and the HTTP - // connection manager may continue to set *x-envoy-* headers. - bool suppress_envoy_headers = 4; - - // Specifies a list of HTTP headers to strictly validate. Envoy will reject a - // request and respond with HTTP status 400 if the request contains an invalid - // value for any of the headers listed in this field. Strict header checking - // is only supported for the following headers: - // - // Value must be a ','-delimited list (i.e. no spaces) of supported retry - // policy values: - // - // * :ref:`config_http_filters_router_x-envoy-retry-grpc-on` - // * :ref:`config_http_filters_router_x-envoy-retry-on` - // - // Value must be an integer: - // - // * :ref:`config_http_filters_router_x-envoy-max-retries` - // * :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms` - // * :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` - repeated string strict_check_headers = 5 [(validate.rules).repeated = { - items { - string { - in: "x-envoy-upstream-rq-timeout-ms" - in: "x-envoy-upstream-rq-per-try-timeout-ms" - in: "x-envoy-max-retries" - in: "x-envoy-retry-grpc-on" - in: "x-envoy-retry-on" - } - } - }]; - - // If not set, ingress Envoy will ignore - // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress - // Envoy, when deriving timeout for upstream cluster. - bool respect_expected_rq_timeout = 6; -} diff --git a/api/envoy/config/filter/http/squash/v2/BUILD b/api/envoy/config/filter/http/squash/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/squash/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/squash/v2/squash.proto b/api/envoy/config/filter/http/squash/v2/squash.proto deleted file mode 100644 index a7ae625d2ee3..000000000000 --- a/api/envoy/config/filter/http/squash/v2/squash.proto +++ /dev/null @@ -1,58 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.squash.v2; - -import "google/protobuf/duration.proto"; -import "google/protobuf/struct.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.squash.v2"; -option java_outer_classname = "SquashProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.http.squash.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Squash] -// Squash :ref:`configuration overview `. -// [#extension: envoy.filters.http.squash] - -// [#next-free-field: 6] -message Squash { - // The name of the cluster that hosts the Squash server. - string cluster = 1 [(validate.rules).string = {min_bytes: 1}]; - - // When the filter requests the Squash server to create a DebugAttachment, it will use this - // structure as template for the body of the request. It can contain reference to environment - // variables in the form of '{{ ENV_VAR_NAME }}'. These can be used to provide the Squash server - // with more information to find the process to attach the debugger to. For example, in a - // Istio/k8s environment, this will contain information on the pod: - // - // .. code-block:: json - // - // { - // "spec": { - // "attachment": { - // "pod": "{{ POD_NAME }}", - // "namespace": "{{ POD_NAMESPACE }}" - // }, - // "match_request": true - // } - // } - // - // (where POD_NAME, POD_NAMESPACE are configured in the pod via the Downward API) - google.protobuf.Struct attachment_template = 2; - - // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. - google.protobuf.Duration request_timeout = 3; - - // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 - // seconds. - google.protobuf.Duration attachment_timeout = 4; - - // Amount of time to poll for the status of the attachment object in the Squash server - // (to check if has been attached). Defaults to 1 second. - google.protobuf.Duration attachment_poll_period = 5; -} diff --git a/api/envoy/config/filter/http/transcoder/v2/BUILD b/api/envoy/config/filter/http/transcoder/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/http/transcoder/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/http/transcoder/v2/transcoder.proto b/api/envoy/config/filter/http/transcoder/v2/transcoder.proto deleted file mode 100644 index ac6d7eefa78a..000000000000 --- a/api/envoy/config/filter/http/transcoder/v2/transcoder.proto +++ /dev/null @@ -1,159 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.http.transcoder.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.http.transcoder.v2"; -option java_outer_classname = "TranscoderProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.grpc_json_transcoder.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC-JSON transcoder] -// gRPC-JSON transcoder :ref:`configuration overview `. -// [#extension: envoy.filters.http.grpc_json_transcoder] - -// [#next-free-field: 10] -message GrpcJsonTranscoder { - message PrintOptions { - // Whether to add spaces, line breaks and indentation to make the JSON - // output easy to read. Defaults to false. - bool add_whitespace = 1; - - // Whether to always print primitive fields. By default primitive - // fields with default values will be omitted in JSON output. For - // example, an int32 field set to 0 will be omitted. Setting this flag to - // true will override the default behavior and print primitive fields - // regardless of their values. Defaults to false. - bool always_print_primitive_fields = 2; - - // Whether to always print enums as ints. By default they are rendered - // as strings. Defaults to false. - bool always_print_enums_as_ints = 3; - - // Whether to preserve proto field names. By default protobuf will - // generate JSON field names using the ``json_name`` option, or lower camel case, - // in that order. Setting this flag will preserve the original field names. Defaults to false. - bool preserve_proto_field_names = 4; - } - - oneof descriptor_set { - option (validate.required) = true; - - // Supplies the filename of - // :ref:`the proto descriptor set ` for the gRPC - // services. - string proto_descriptor = 1; - - // Supplies the binary content of - // :ref:`the proto descriptor set ` for the gRPC - // services. - bytes proto_descriptor_bin = 4; - } - - // A list of strings that - // supplies the fully qualified service names (i.e. "package_name.service_name") that - // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, - // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than - // the service names specified here, but they won't be translated. - repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; - - // Control options for response JSON. These options are passed directly to - // `JsonPrintOptions `_. - PrintOptions print_options = 3; - - // Whether to keep the incoming request route after the outgoing headers have been transformed to - // the match the upstream gRPC service. Note: This means that routes for gRPC services that are - // not transcoded cannot be used in combination with *match_incoming_request_route*. - bool match_incoming_request_route = 5; - - // A list of query parameters to be ignored for transcoding method mapping. - // By default, the transcoder filter will not transcode a request if there are any - // unknown/invalid query parameters. - // - // Example : - // - // .. code-block:: proto - // - // service Bookstore { - // rpc GetShelf(GetShelfRequest) returns (Shelf) { - // option (google.api.http) = { - // get: "/shelves/{shelf}" - // }; - // } - // } - // - // message GetShelfRequest { - // int64 shelf = 1; - // } - // - // message Shelf {} - // - // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable - // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow - // the same request to be mapped to ``GetShelf``. - repeated string ignored_query_parameters = 6; - - // Whether to route methods without the ``google.api.http`` option. - // - // Example : - // - // .. code-block:: proto - // - // package bookstore; - // - // service Bookstore { - // rpc GetShelf(GetShelfRequest) returns (Shelf) {} - // } - // - // message GetShelfRequest { - // int64 shelf = 1; - // } - // - // message Shelf {} - // - // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of - // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. - bool auto_mapping = 7; - - // Whether to ignore query parameters that cannot be mapped to a corresponding - // protobuf field. Use this if you cannot control the query parameters and do - // not know them beforehand. Otherwise use ``ignored_query_parameters``. - // Defaults to false. - bool ignore_unknown_query_parameters = 8; - - // Whether to convert gRPC status headers to JSON. - // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` - // from the ``grpc-status-details-bin`` header and use it as JSON body. - // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and - // ``grpc-message`` headers. - // The error details types must be present in the ``proto_descriptor``. - // - // For example, if an upstream server replies with headers: - // - // .. code-block:: none - // - // grpc-status: 5 - // grpc-status-details-bin: - // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ - // - // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message - // ``google.rpc.Status``. It will be transcoded into: - // - // .. code-block:: none - // - // HTTP/1.1 404 Not Found - // content-type: application/json - // - // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} - // - // In order to transcode the message, the ``google.rpc.RequestInfo`` type from - // the ``google/rpc/error_details.proto`` should be included in the configured - // :ref:`proto descriptor set `. - bool convert_grpc_status = 9; -} diff --git a/api/envoy/config/filter/listener/http_inspector/v2/BUILD b/api/envoy/config/filter/listener/http_inspector/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/listener/http_inspector/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/listener/http_inspector/v2/http_inspector.proto b/api/envoy/config/filter/listener/http_inspector/v2/http_inspector.proto deleted file mode 100644 index 0496207e09bc..000000000000 --- a/api/envoy/config/filter/listener/http_inspector/v2/http_inspector.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.listener.http_inspector.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.listener.http_inspector.v2"; -option java_outer_classname = "HttpInspectorProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.listener.http_inspector.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: HTTP Inspector Filter] -// Detect whether the application protocol is HTTP. -// [#extension: envoy.filters.listener.http_inspector] - -message HttpInspector { -} diff --git a/api/envoy/config/filter/listener/original_dst/v2/BUILD b/api/envoy/config/filter/listener/original_dst/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/listener/original_dst/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/listener/original_dst/v2/original_dst.proto b/api/envoy/config/filter/listener/original_dst/v2/original_dst.proto deleted file mode 100644 index fa4acee45fc1..000000000000 --- a/api/envoy/config/filter/listener/original_dst/v2/original_dst.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.listener.original_dst.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.listener.original_dst.v2"; -option java_outer_classname = "OriginalDstProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.listener.original_dst.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Original Dst Filter] -// Use the Original destination address on downstream connections. -// [#extension: envoy.filters.listener.original_dst] - -message OriginalDst { -} diff --git a/api/envoy/config/filter/listener/original_src/v2alpha1/BUILD b/api/envoy/config/filter/listener/original_src/v2alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/listener/original_src/v2alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/listener/original_src/v2alpha1/original_src.proto b/api/envoy/config/filter/listener/original_src/v2alpha1/original_src.proto deleted file mode 100644 index f9ddb98e745c..000000000000 --- a/api/envoy/config/filter/listener/original_src/v2alpha1/original_src.proto +++ /dev/null @@ -1,31 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.listener.original_src.v2alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.listener.original_src.v2alpha1"; -option java_outer_classname = "OriginalSrcProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.listener.original_src.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Original Src Filter] -// Use the Original source address on upstream connections. -// [#extension: envoy.filters.listener.original_src] - -// The Original Src filter binds upstream connections to the original source address determined -// for the connection. This address could come from something like the Proxy Protocol filter, or it -// could come from trusted http headers. -message OriginalSrc { - // Whether to bind the port to the one used in the original downstream connection. - // [#not-implemented-hide:] - bool bind_port = 1; - - // Sets the SO_MARK option on the upstream connection's socket to the provided value. Used to - // ensure that non-local addresses may be routed back through envoy when binding to the original - // source address. The option will not be applied if the mark is 0. - uint32 mark = 2; -} diff --git a/api/envoy/config/filter/listener/proxy_protocol/v2/BUILD b/api/envoy/config/filter/listener/proxy_protocol/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/listener/proxy_protocol/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/listener/proxy_protocol/v2/proxy_protocol.proto b/api/envoy/config/filter/listener/proxy_protocol/v2/proxy_protocol.proto deleted file mode 100644 index cabffb9fc0c0..000000000000 --- a/api/envoy/config/filter/listener/proxy_protocol/v2/proxy_protocol.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.listener.proxy_protocol.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.listener.proxy_protocol.v2"; -option java_outer_classname = "ProxyProtocolProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.listener.proxy_protocol.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Proxy Protocol Filter] -// PROXY protocol listener filter. -// [#extension: envoy.filters.listener.proxy_protocol] - -message ProxyProtocol { -} diff --git a/api/envoy/config/filter/listener/tls_inspector/v2/BUILD b/api/envoy/config/filter/listener/tls_inspector/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/listener/tls_inspector/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/listener/tls_inspector/v2/tls_inspector.proto b/api/envoy/config/filter/listener/tls_inspector/v2/tls_inspector.proto deleted file mode 100644 index 7ab679c47dc5..000000000000 --- a/api/envoy/config/filter/listener/tls_inspector/v2/tls_inspector.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.listener.tls_inspector.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.listener.tls_inspector.v2"; -option java_outer_classname = "TlsInspectorProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.listener.tls_inspector.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: TLS Inspector Filter] -// Allows detecting whether the transport appears to be TLS or plaintext. -// [#extension: envoy.filters.listener.tls_inspector] - -message TlsInspector { -} diff --git a/api/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto b/api/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto deleted file mode 100644 index 4da6d97ca299..000000000000 --- a/api/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto +++ /dev/null @@ -1,46 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.client_ssl_auth.v2; - -import "envoy/api/v2/core/address.proto"; - -import "google/protobuf/duration.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.client_ssl_auth.v2"; -option java_outer_classname = "ClientSslAuthProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.client_ssl_auth.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Client TLS authentication] -// Client TLS authentication -// :ref:`configuration overview `. -// [#extension: envoy.filters.network.client_ssl_auth] - -message ClientSSLAuth { - // The :ref:`cluster manager ` cluster that runs - // the authentication service. The filter will connect to the service every 60s to fetch the list - // of principals. The service must support the expected :ref:`REST API - // `. - string auth_api_cluster = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The prefix to use when emitting :ref:`statistics - // `. - string stat_prefix = 2 [(validate.rules).string = {min_bytes: 1}]; - - // Time in milliseconds between principal refreshes from the - // authentication service. Default is 60000 (60s). The actual fetch time - // will be this value plus a random jittered value between - // 0-refresh_delay_ms milliseconds. - google.protobuf.Duration refresh_delay = 3; - - // An optional list of IP address and subnet masks that should be white - // listed for access by the filter. If no list is provided, there is no - // IP allowlist. - repeated api.v2.core.CidrRange ip_white_list = 4; -} diff --git a/api/envoy/config/filter/network/direct_response/v2/config.proto b/api/envoy/config/filter/network/direct_response/v2/config.proto deleted file mode 100644 index 15de7e3b5537..000000000000 --- a/api/envoy/config/filter/network/direct_response/v2/config.proto +++ /dev/null @@ -1,24 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.direct_response.v2; - -import "envoy/api/v2/core/base.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.direct_response.v2"; -option java_outer_classname = "ConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.direct_response.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Direct response] -// Direct response :ref:`configuration overview `. -// [#extension: envoy.filters.network.direct_response] - -message Config { - // Response data as a data source. - api.v2.core.DataSource response = 1; -} diff --git a/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/BUILD b/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/BUILD deleted file mode 100644 index 5fe475a5dcf8..000000000000 --- a/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/BUILD +++ /dev/null @@ -1,14 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/route:pkg", - "//envoy/type:pkg", - "//envoy/type/matcher:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto b/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto deleted file mode 100644 index 9af461e3577c..000000000000 --- a/api/envoy/config/filter/network/dubbo_proxy/v2alpha1/route.proto +++ /dev/null @@ -1,105 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.dubbo_proxy.v2alpha1; - -import "envoy/api/v2/route/route_components.proto"; -import "envoy/type/matcher/string.proto"; -import "envoy/type/range.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.dubbo_proxy.v2alpha1"; -option java_outer_classname = "RouteProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.dubbo_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Dubbo Proxy Route Configuration] -// Dubbo Proxy :ref:`configuration overview `. - -// [#next-free-field: 6] -message RouteConfiguration { - // The name of the route configuration. Reserved for future use in asynchronous route discovery. - string name = 1; - - // The interface name of the service. - string interface = 2; - - // Which group does the interface belong to. - string group = 3; - - // The version number of the interface. - string version = 4; - - // The list of routes that will be matched, in order, against incoming requests. The first route - // that matches will be used. - repeated Route routes = 5; -} - -message Route { - // Route matching parameters. - RouteMatch match = 1 [(validate.rules).message = {required: true}]; - - // Route request to some upstream cluster. - RouteAction route = 2 [(validate.rules).message = {required: true}]; -} - -message RouteMatch { - // Method level routing matching. - MethodMatch method = 1; - - // Specifies a set of headers that the route should match on. The router will check the request’s - // headers against all the specified headers in the route config. A match will happen if all the - // headers in the route are present in the request with the same values (or based on presence if - // the value field is not in the config). - repeated api.v2.route.HeaderMatcher headers = 2; -} - -message RouteAction { - oneof cluster_specifier { - option (validate.required) = true; - - // Indicates the upstream cluster to which the request should be routed. - string cluster = 1; - - // Multiple upstream clusters can be specified for a given route. The - // request is routed to one of the upstream clusters based on weights - // assigned to each cluster. - // Currently ClusterWeight only supports the name and weight fields. - api.v2.route.WeightedCluster weighted_clusters = 2; - } -} - -message MethodMatch { - // The parameter matching type. - message ParameterMatchSpecifier { - oneof parameter_match_specifier { - // If specified, header match will be performed based on the value of the header. - string exact_match = 3; - - // If specified, header match will be performed based on range. - // The rule will match if the request header value is within this range. - // The entire request header value must represent an integer in base 10 notation: consisting - // of an optional plus or minus sign followed by a sequence of digits. The rule will not match - // if the header value does not represent an integer. Match will fail for empty values, - // floating point numbers or if only a subsequence of the header value is an integer. - // - // Examples: - // - // * For range [-10,0), route will match for header value -1, but not for 0, - // "somestring", 10.9, "-1somestring" - type.Int64Range range_match = 4; - } - } - - // The name of the method. - type.matcher.StringMatcher name = 1; - - // Method parameter definition. - // The key is the parameter index, starting from 0. - // The value is the parameter matching type. - map params_match = 2; -} diff --git a/api/envoy/config/filter/network/echo/v2/BUILD b/api/envoy/config/filter/network/echo/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/network/echo/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/network/echo/v2/echo.proto b/api/envoy/config/filter/network/echo/v2/echo.proto deleted file mode 100644 index 2b51ce4e18c3..000000000000 --- a/api/envoy/config/filter/network/echo/v2/echo.proto +++ /dev/null @@ -1,19 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.echo.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.echo.v2"; -option java_outer_classname = "EchoProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filters.network.echo.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Echo] -// Echo :ref:`configuration overview `. -// [#extension: envoy.filters.network.echo] - -message Echo { -} diff --git a/api/envoy/config/filter/network/ext_authz/v2/BUILD b/api/envoy/config/filter/network/ext_authz/v2/BUILD deleted file mode 100644 index 83bc0ab960e7..000000000000 --- a/api/envoy/config/filter/network/ext_authz/v2/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/network/ext_authz/v2/ext_authz.proto b/api/envoy/config/filter/network/ext_authz/v2/ext_authz.proto deleted file mode 100644 index 40cea7061868..000000000000 --- a/api/envoy/config/filter/network/ext_authz/v2/ext_authz.proto +++ /dev/null @@ -1,46 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.ext_authz.v2; - -import "envoy/api/v2/core/grpc_service.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.ext_authz.v2"; -option java_outer_classname = "ExtAuthzProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.ext_authz.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Network External Authorization ] -// The network layer external authorization service configuration -// :ref:`configuration overview `. -// [#extension: envoy.filters.network.ext_authz] - -// External Authorization filter calls out to an external service over the -// gRPC Authorization API defined by -// :ref:`CheckRequest `. -// A failed check will cause this filter to close the TCP connection. -message ExtAuthz { - // The prefix to use when emitting statistics. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The external authorization gRPC service configuration. - // The default timeout is set to 200ms by this filter. - api.v2.core.GrpcService grpc_service = 2; - - // The filter's behaviour in case the external authorization service does - // not respond back. When it is set to true, Envoy will also allow traffic in case of - // communication failure between authorization service and the proxy. - // Defaults to false. - bool failure_mode_allow = 3; - - // Specifies if the peer certificate is sent to the external service. - // - // When this field is true, Envoy will include the peer X.509 certificate, if available, in the - // :ref:`certificate`. - bool include_peer_certificate = 4; -} diff --git a/api/envoy/config/filter/network/kafka_broker/v2alpha1/BUILD b/api/envoy/config/filter/network/kafka_broker/v2alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/network/kafka_broker/v2alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/network/kafka_broker/v2alpha1/kafka_broker.proto b/api/envoy/config/filter/network/kafka_broker/v2alpha1/kafka_broker.proto deleted file mode 100644 index ea2f60e71eed..000000000000 --- a/api/envoy/config/filter/network/kafka_broker/v2alpha1/kafka_broker.proto +++ /dev/null @@ -1,23 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.kafka_broker.v2alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.kafka_broker.v2alpha1"; -option java_outer_classname = "KafkaBrokerProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.kafka_broker.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Kafka Broker] -// Kafka Broker :ref:`configuration overview `. -// [#extension: envoy.filters.network.kafka_broker] - -message KafkaBroker { - // The prefix to use when emitting :ref:`statistics `. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; -} diff --git a/api/envoy/config/filter/network/local_rate_limit/v2alpha/BUILD b/api/envoy/config/filter/network/local_rate_limit/v2alpha/BUILD deleted file mode 100644 index 2ffbc958786b..000000000000 --- a/api/envoy/config/filter/network/local_rate_limit/v2alpha/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "//envoy/type:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/network/local_rate_limit/v2alpha/local_rate_limit.proto b/api/envoy/config/filter/network/local_rate_limit/v2alpha/local_rate_limit.proto deleted file mode 100644 index 791b767f3e6a..000000000000 --- a/api/envoy/config/filter/network/local_rate_limit/v2alpha/local_rate_limit.proto +++ /dev/null @@ -1,45 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.local_rate_limit.v2alpha; - -import "envoy/api/v2/core/base.proto"; -import "envoy/type/token_bucket.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.local_rate_limit.v2alpha"; -option java_outer_classname = "LocalRateLimitProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.local_ratelimit.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Local rate limit] -// Local rate limit :ref:`configuration overview `. -// [#extension: envoy.filters.network.local_ratelimit] - -message LocalRateLimit { - // The prefix to use when emitting :ref:`statistics - // `. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The token bucket configuration to use for rate limiting connections that are processed by the - // filter's filter chain. Each incoming connection processed by the filter consumes a single - // token. If the token is available, the connection will be allowed. If no tokens are available, - // the connection will be immediately closed. - // - // .. note:: - // In the current implementation each filter and filter chain has an independent rate limit. - // - // .. note:: - // In the current implementation the token bucket's :ref:`fill_interval - // ` must be >= 50ms to avoid too aggressive - // refills. - type.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; - - // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults - // to enabled. - api.v2.core.RuntimeFeatureFlag runtime_enabled = 3; -} diff --git a/api/envoy/config/filter/network/mongo_proxy/v2/BUILD b/api/envoy/config/filter/network/mongo_proxy/v2/BUILD deleted file mode 100644 index b4f275ad5f87..000000000000 --- a/api/envoy/config/filter/network/mongo_proxy/v2/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/config/filter/fault/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto b/api/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto deleted file mode 100644 index b261897858e2..000000000000 --- a/api/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto +++ /dev/null @@ -1,41 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.mongo_proxy.v2; - -import "envoy/config/filter/fault/v2/fault.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.mongo_proxy.v2"; -option java_outer_classname = "MongoProxyProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.mongo_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Mongo proxy] -// MongoDB :ref:`configuration overview `. -// [#extension: envoy.filters.network.mongo_proxy] - -message MongoProxy { - // The human readable prefix to use when emitting :ref:`statistics - // `. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The optional path to use for writing Mongo access logs. If not access log - // path is specified no access logs will be written. Note that access log is - // also gated :ref:`runtime `. - string access_log = 2; - - // Inject a fixed delay before proxying a Mongo operation. Delays are - // applied to the following MongoDB operations: Query, Insert, GetMore, - // and KillCursors. Once an active delay is in progress, all incoming - // data up until the timer event fires will be a part of the delay. - fault.v2.FaultDelay delay = 3; - - // Flag to specify whether :ref:`dynamic metadata - // ` should be emitted. Defaults to false. - bool emit_dynamic_metadata = 4; -} diff --git a/api/envoy/config/filter/network/mysql_proxy/v1alpha1/BUILD b/api/envoy/config/filter/network/mysql_proxy/v1alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/network/mysql_proxy/v1alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/network/mysql_proxy/v1alpha1/mysql_proxy.proto b/api/envoy/config/filter/network/mysql_proxy/v1alpha1/mysql_proxy.proto deleted file mode 100644 index 78c6b7e971df..000000000000 --- a/api/envoy/config/filter/network/mysql_proxy/v1alpha1/mysql_proxy.proto +++ /dev/null @@ -1,28 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.mysql_proxy.v1alpha1; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.mysql_proxy.v1alpha1"; -option java_outer_classname = "MysqlProxyProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.mysql_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: MySQL proxy] -// MySQL Proxy :ref:`configuration overview `. -// [#extension: envoy.filters.network.mysql_proxy] - -message MySQLProxy { - // The human readable prefix to use when emitting :ref:`statistics - // `. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - // [#not-implemented-hide:] The optional path to use for writing MySQL access logs. - // If the access log field is empty, access logs will not be written. - string access_log = 2; -} diff --git a/api/envoy/config/filter/network/sni_cluster/v2/BUILD b/api/envoy/config/filter/network/sni_cluster/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/network/sni_cluster/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/network/sni_cluster/v2/sni_cluster.proto b/api/envoy/config/filter/network/sni_cluster/v2/sni_cluster.proto deleted file mode 100644 index 71c161fc48f6..000000000000 --- a/api/envoy/config/filter/network/sni_cluster/v2/sni_cluster.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.sni_cluster.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.sni_cluster.v2"; -option java_outer_classname = "SniClusterProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.sni_cluster.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: SNI Cluster Filter] -// Set the upstream cluster name from the SNI field in the TLS connection. -// [#extension: envoy.filters.network.sni_cluster] - -message SniCluster { -} diff --git a/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/BUILD b/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/zookeeper_proxy.proto b/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/zookeeper_proxy.proto deleted file mode 100644 index cae622cecc34..000000000000 --- a/api/envoy/config/filter/network/zookeeper_proxy/v1alpha1/zookeeper_proxy.proto +++ /dev/null @@ -1,40 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.network.zookeeper_proxy.v1alpha1; - -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.network.zookeeper_proxy.v1alpha1"; -option java_outer_classname = "ZookeeperProxyProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.network.zookeeper_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: ZooKeeper proxy] -// ZooKeeper Proxy :ref:`configuration overview `. -// [#extension: envoy.filters.network.zookeeper_proxy] - -message ZooKeeperProxy { - // The human readable prefix to use when emitting :ref:`statistics - // `. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - // [#not-implemented-hide:] The optional path to use for writing ZooKeeper access logs. - // If the access log field is empty, access logs will not be written. - string access_log = 2; - - // Messages — requests, responses and events — that are bigger than this value will - // be ignored. If it is not set, the default value is 1Mb. - // - // The value here should match the jute.maxbuffer property in your cluster configuration: - // - // https://zookeeper.apache.org/doc/r3.4.10/zookeeperAdmin.html#Unsafe+Options - // - // if that is set. If it isn't, ZooKeeper's default is also 1Mb. - google.protobuf.UInt32Value max_packet_bytes = 3; -} diff --git a/api/envoy/config/filter/udp/udp_proxy/v2alpha/BUILD b/api/envoy/config/filter/udp/udp_proxy/v2alpha/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/filter/udp/udp_proxy/v2alpha/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/filter/udp/udp_proxy/v2alpha/udp_proxy.proto b/api/envoy/config/filter/udp/udp_proxy/v2alpha/udp_proxy.proto deleted file mode 100644 index 06dc150d5c70..000000000000 --- a/api/envoy/config/filter/udp/udp_proxy/v2alpha/udp_proxy.proto +++ /dev/null @@ -1,37 +0,0 @@ -syntax = "proto3"; - -package envoy.config.filter.udp.udp_proxy.v2alpha; - -import "google/protobuf/duration.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.filter.udp.udp_proxy.v2alpha"; -option java_outer_classname = "UdpProxyProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.udp.udp_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: UDP proxy] -// UDP proxy :ref:`configuration overview `. -// [#extension: envoy.filters.udp_listener.udp_proxy] - -// Configuration for the UDP proxy filter. -message UdpProxyConfig { - // The stat prefix used when emitting UDP proxy filter stats. - string stat_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; - - oneof route_specifier { - option (validate.required) = true; - - // The upstream cluster to connect to. - string cluster = 2 [(validate.rules).string = {min_bytes: 1}]; - } - - // The idle timeout for sessions. Idle is defined as no datagrams between received or sent by - // the session. The default if not specified is 1 minute. - google.protobuf.Duration idle_timeout = 3; -} diff --git a/api/envoy/config/grpc_credential/v2alpha/BUILD b/api/envoy/config/grpc_credential/v2alpha/BUILD deleted file mode 100644 index 83bc0ab960e7..000000000000 --- a/api/envoy/config/grpc_credential/v2alpha/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/grpc_credential/v2alpha/aws_iam.proto b/api/envoy/config/grpc_credential/v2alpha/aws_iam.proto deleted file mode 100644 index b63d35af4018..000000000000 --- a/api/envoy/config/grpc_credential/v2alpha/aws_iam.proto +++ /dev/null @@ -1,31 +0,0 @@ -syntax = "proto3"; - -package envoy.config.grpc_credential.v2alpha; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; -option java_outer_classname = "AwsIamProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Grpc Credentials AWS IAM] -// Configuration for AWS IAM Grpc Credentials Plugin -// [#extension: envoy.grpc_credentials.aws_iam] - -message AwsIamConfig { - // The `service namespace - // `_ - // of the Grpc endpoint. - // - // Example: appmesh - string service_name = 1 [(validate.rules).string = {min_bytes: 1}]; - - // The `region `_ hosting the Grpc - // endpoint. If unspecified, the extension will use the value in the ``AWS_REGION`` environment - // variable. - // - // Example: us-west-2 - string region = 2; -} diff --git a/api/envoy/config/grpc_credential/v2alpha/file_based_metadata.proto b/api/envoy/config/grpc_credential/v2alpha/file_based_metadata.proto deleted file mode 100644 index 41e67f0bf24b..000000000000 --- a/api/envoy/config/grpc_credential/v2alpha/file_based_metadata.proto +++ /dev/null @@ -1,31 +0,0 @@ -syntax = "proto3"; - -package envoy.config.grpc_credential.v2alpha; - -import "envoy/api/v2/core/base.proto"; - -import "udpa/annotations/sensitive.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.grpc_credential.v2alpha"; -option java_outer_classname = "FileBasedMetadataProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Grpc Credentials File Based Metadata] -// Configuration for File Based Metadata Grpc Credentials Plugin -// [#extension: envoy.grpc_credentials.file_based_metadata] - -message FileBasedMetadataConfig { - // Location or inline data of secret to use for authentication of the Google gRPC connection - // this secret will be attached to a header of the gRPC connection - api.v2.core.DataSource secret_data = 1 [(udpa.annotations.sensitive) = true]; - - // Metadata header key to use for sending the secret data - // if no header key is set, "authorization" header will be used - string header_key = 2; - - // Prefix to prepend to the secret in the metadata header - // if no prefix is set, the default is to use no prefix - string header_prefix = 3; -} diff --git a/api/envoy/config/grpc_credential/v3/BUILD b/api/envoy/config/grpc_credential/v3/BUILD index 9511b184cb43..1c1a6f6b4423 100644 --- a/api/envoy/config/grpc_credential/v3/BUILD +++ b/api/envoy/config/grpc_credential/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/grpc_credential/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/listener/v3/quic_config.proto b/api/envoy/config/listener/v3/quic_config.proto index 69df722c6fbb..1432e1911b5d 100644 --- a/api/envoy/config/listener/v3/quic_config.proto +++ b/api/envoy/config/listener/v3/quic_config.proto @@ -3,12 +3,15 @@ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/protocol.proto"; import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "QuicConfigProto"; @@ -18,6 +21,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: QUIC listener config] // Configuration specific to the UDP QUIC listener. +// [#next-free-field: 8] message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.QuicProtocolOptions"; @@ -35,4 +39,24 @@ message QuicProtocolOptions { // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v3.RuntimeFeatureFlag enabled = 4; + + // A multiplier to number of connections which is used to determine how many packets to read per + // event loop. A reasonable number should allow the listener to process enough payload but not + // starve TCP and other UDP sockets and also prevent long event loop duration. + // The default value is 32. This means if there are N QUIC connections, the total number of + // packets to read in each read event will be 32 * N. + // The actual number of packets to read in total by the UDP listener is also + // bound by 6000, regardless of this field or how many connections there are. + google.protobuf.UInt32Value packets_to_read_to_connection_count_ratio = 5 + [(validate.rules).uint32 = {gte: 1}]; + + // Configure which implementation of `quic::QuicCryptoClientStreamBase` to be used for this listener. + // If not specified the :ref:`QUICHE default one configured by ` will be used. + // [#extension-category: envoy.quic.server.crypto_stream] + core.v3.TypedExtensionConfig crypto_stream_config = 6; + + // Configure which implementation of `quic::ProofSource` to be used for this listener. + // If not specified the :ref:`default one configured by ` will be used. + // [#extension-category: envoy.quic.proof_source] + core.v3.TypedExtensionConfig proof_source_config = 7; } diff --git a/api/envoy/config/listener/v4alpha/quic_config.proto b/api/envoy/config/listener/v4alpha/quic_config.proto index c9e218137ae2..0b6d6bd7584c 100644 --- a/api/envoy/config/listener/v4alpha/quic_config.proto +++ b/api/envoy/config/listener/v4alpha/quic_config.proto @@ -3,12 +3,15 @@ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/base.proto"; +import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "QuicConfigProto"; @@ -18,6 +21,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // [#protodoc-title: QUIC listener config] // Configuration specific to the UDP QUIC listener. +// [#next-free-field: 8] message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.QuicProtocolOptions"; @@ -35,4 +39,24 @@ message QuicProtocolOptions { // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v4alpha.RuntimeFeatureFlag enabled = 4; + + // A multiplier to number of connections which is used to determine how many packets to read per + // event loop. A reasonable number should allow the listener to process enough payload but not + // starve TCP and other UDP sockets and also prevent long event loop duration. + // The default value is 32. This means if there are N QUIC connections, the total number of + // packets to read in each read event will be 32 * N. + // The actual number of packets to read in total by the UDP listener is also + // bound by 6000, regardless of this field or how many connections there are. + google.protobuf.UInt32Value packets_to_read_to_connection_count_ratio = 5 + [(validate.rules).uint32 = {gte: 1}]; + + // Configure which implementation of `quic::QuicCryptoClientStreamBase` to be used for this listener. + // If not specified the :ref:`QUICHE default one configured by ` will be used. + // [#extension-category: envoy.quic.server.crypto_stream] + core.v4alpha.TypedExtensionConfig crypto_stream_config = 6; + + // Configure which implementation of `quic::ProofSource` to be used for this listener. + // If not specified the :ref:`default one configured by ` will be used. + // [#extension-category: envoy.quic.proof_source] + core.v4alpha.TypedExtensionConfig proof_source_config = 7; } diff --git a/api/envoy/config/ratelimit/v2/BUILD b/api/envoy/config/ratelimit/v2/BUILD deleted file mode 100644 index 83bc0ab960e7..000000000000 --- a/api/envoy/config/ratelimit/v2/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/ratelimit/v2/rls.proto b/api/envoy/config/ratelimit/v2/rls.proto deleted file mode 100644 index 92801ea7b968..000000000000 --- a/api/envoy/config/ratelimit/v2/rls.proto +++ /dev/null @@ -1,25 +0,0 @@ -syntax = "proto3"; - -package envoy.config.ratelimit.v2; - -import "envoy/api/v2/core/grpc_service.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.ratelimit.v2"; -option java_outer_classname = "RlsProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Rate limit service] - -// Rate limit :ref:`configuration overview `. -message RateLimitServiceConfig { - reserved 1, 3; - - // Specifies the gRPC service that hosts the rate limit service. The client - // will connect to this cluster when it needs to make rate limit service - // requests. - api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message = {required: true}]; -} diff --git a/api/envoy/config/ratelimit/v3/BUILD b/api/envoy/config/ratelimit/v3/BUILD index c7e05372b857..1c1a6f6b4423 100644 --- a/api/envoy/config/ratelimit/v3/BUILD +++ b/api/envoy/config/ratelimit/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/rbac/v2/BUILD b/api/envoy/config/rbac/v2/BUILD deleted file mode 100644 index 4bce7466dddf..000000000000 --- a/api/envoy/config/rbac/v2/BUILD +++ /dev/null @@ -1,15 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "//envoy/api/v2/route:pkg", - "//envoy/type/matcher:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - "@com_google_googleapis//google/api/expr/v1alpha1:syntax_proto", - ], -) diff --git a/api/envoy/config/rbac/v2/rbac.proto b/api/envoy/config/rbac/v2/rbac.proto deleted file mode 100644 index 943ac33e0859..000000000000 --- a/api/envoy/config/rbac/v2/rbac.proto +++ /dev/null @@ -1,240 +0,0 @@ -syntax = "proto3"; - -package envoy.config.rbac.v2; - -import "envoy/api/v2/core/address.proto"; -import "envoy/api/v2/route/route_components.proto"; -import "envoy/type/matcher/metadata.proto"; -import "envoy/type/matcher/path.proto"; -import "envoy/type/matcher/string.proto"; - -import "google/api/expr/v1alpha1/syntax.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.rbac.v2"; -option java_outer_classname = "RbacProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Role Based Access Control (RBAC)] - -// Role Based Access Control (RBAC) provides service-level and method-level access control for a -// service. RBAC policies are additive. The policies are examined in order. A request is allowed -// once a matching policy is found (suppose the `action` is ALLOW). -// -// Here is an example of RBAC configuration. It has two policies: -// -// * Service account "cluster.local/ns/default/sa/admin" has full access to the service, and so -// does "cluster.local/ns/default/sa/superuser". -// -// * Any user can read ("GET") the service at paths with prefix "/products", so long as the -// destination port is either 80 or 443. -// -// .. code-block:: yaml -// -// action: ALLOW -// policies: -// "service-admin": -// permissions: -// - any: true -// principals: -// - authenticated: -// principal_name: -// exact: "cluster.local/ns/default/sa/admin" -// - authenticated: -// principal_name: -// exact: "cluster.local/ns/default/sa/superuser" -// "product-viewer": -// permissions: -// - and_rules: -// rules: -// - header: { name: ":method", exact_match: "GET" } -// - url_path: -// path: { prefix: "/products" } -// - or_rules: -// rules: -// - destination_port: 80 -// - destination_port: 443 -// principals: -// - any: true -// -message RBAC { - // Should we do safe-list or block-list style access control? - enum Action { - // The policies grant access to principals. The rest is denied. This is safe-list style - // access control. This is the default type. - ALLOW = 0; - - // The policies deny access to principals. The rest is allowed. This is block-list style - // access control. - DENY = 1; - } - - // The action to take if a policy matches. The request is allowed if and only if: - // - // * `action` is "ALLOWED" and at least one policy matches - // * `action` is "DENY" and none of the policies match - Action action = 1; - - // Maps from policy name to policy. A match occurs when at least one policy matches the request. - map policies = 2; -} - -// Policy specifies a role and the principals that are assigned/denied the role. A policy matches if -// and only if at least one of its permissions match the action taking place AND at least one of its -// principals match the downstream AND the condition is true if specified. -message Policy { - // Required. The set of permissions that define a role. Each permission is matched with OR - // semantics. To match all actions for this policy, a single Permission with the `any` field set - // to true should be used. - repeated Permission permissions = 1 [(validate.rules).repeated = {min_items: 1}]; - - // Required. The set of principals that are assigned/denied the role based on “actionâ€. Each - // principal is matched with OR semantics. To match all downstreams for this policy, a single - // Principal with the `any` field set to true should be used. - repeated Principal principals = 2 [(validate.rules).repeated = {min_items: 1}]; - - // An optional symbolic expression specifying an access control - // :ref:`condition `. The condition is combined - // with the permissions and the principals as a clause with AND semantics. - google.api.expr.v1alpha1.Expr condition = 3; -} - -// Permission defines an action (or actions) that a principal can take. -// [#next-free-field: 11] -message Permission { - // Used in the `and_rules` and `or_rules` fields in the `rule` oneof. Depending on the context, - // each are applied with the associated behavior. - message Set { - repeated Permission rules = 1 [(validate.rules).repeated = {min_items: 1}]; - } - - oneof rule { - option (validate.required) = true; - - // A set of rules that all must match in order to define the action. - Set and_rules = 1; - - // A set of rules where at least one must match in order to define the action. - Set or_rules = 2; - - // When any is set, it matches any action. - bool any = 3 [(validate.rules).bool = {const: true}]; - - // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only - // available for HTTP request. - // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` - // field if you want to match the URL path without the query and fragment string. - api.v2.route.HeaderMatcher header = 4; - - // A URL path on the incoming HTTP request. Only available for HTTP. - type.matcher.PathMatcher url_path = 10; - - // A CIDR block that describes the destination IP. - api.v2.core.CidrRange destination_ip = 5; - - // A port number that describes the destination port connecting to. - uint32 destination_port = 6 [(validate.rules).uint32 = {lte: 65535}]; - - // Metadata that describes additional information about the action. - type.matcher.MetadataMatcher metadata = 7; - - // Negates matching the provided permission. For instance, if the value of `not_rule` would - // match, this permission would not match. Conversely, if the value of `not_rule` would not - // match, this permission would match. - Permission not_rule = 8; - - // The request server from the client's connection request. This is - // typically TLS SNI. - // - // .. attention:: - // - // The behavior of this field may be affected by how Envoy is configured - // as explained below. - // - // * If the :ref:`TLS Inspector ` - // filter is not added, and if a `FilterChainMatch` is not defined for - // the :ref:`server name `, - // a TLS connection's requested SNI server name will be treated as if it - // wasn't present. - // - // * A :ref:`listener filter ` may - // overwrite a connection's requested server name within Envoy. - // - // Please refer to :ref:`this FAQ entry ` to learn to - // setup SNI. - type.matcher.StringMatcher requested_server_name = 9; - } -} - -// Principal defines an identity or a group of identities for a downstream subject. -// [#next-free-field: 12] -message Principal { - // Used in the `and_ids` and `or_ids` fields in the `identifier` oneof. Depending on the context, - // each are applied with the associated behavior. - message Set { - repeated Principal ids = 1 [(validate.rules).repeated = {min_items: 1}]; - } - - // Authentication attributes for a downstream. - message Authenticated { - reserved 1; - - // The name of the principal. If set, The URI SAN or DNS SAN in that order is used from the - // certificate, otherwise the subject field is used. If unset, it applies to any user that is - // authenticated. - type.matcher.StringMatcher principal_name = 2; - } - - oneof identifier { - option (validate.required) = true; - - // A set of identifiers that all must match in order to define the downstream. - Set and_ids = 1; - - // A set of identifiers at least one must match in order to define the downstream. - Set or_ids = 2; - - // When any is set, it matches any downstream. - bool any = 3 [(validate.rules).bool = {const: true}]; - - // Authenticated attributes that identify the downstream. - Authenticated authenticated = 4; - - // A CIDR block that describes the downstream IP. - // This address will honor proxy protocol, but will not honor XFF. - api.v2.core.CidrRange source_ip = 5 [deprecated = true]; - - // A CIDR block that describes the downstream remote/origin address. - // Note: This is always the physical peer even if the - // :ref:`remote_ip ` is inferred - // from for example the x-forwarder-for header, proxy protocol, etc. - api.v2.core.CidrRange direct_remote_ip = 10; - - // A CIDR block that describes the downstream remote/origin address. - // Note: This may not be the physical peer and could be different from the - // :ref:`direct_remote_ip `. - // E.g, if the remote ip is inferred from for example the x-forwarder-for header, - // proxy protocol, etc. - api.v2.core.CidrRange remote_ip = 11; - - // A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only - // available for HTTP request. - // Note: the pseudo-header :path includes the query and fragment string. Use the `url_path` - // field if you want to match the URL path without the query and fragment string. - api.v2.route.HeaderMatcher header = 6; - - // A URL path on the incoming HTTP request. Only available for HTTP. - type.matcher.PathMatcher url_path = 9; - - // Metadata that describes additional information about the principal. - type.matcher.MetadataMatcher metadata = 7; - - // Negates matching the provided principal. For instance, if the value of `not_id` would match, - // this principal would not match. Conversely, if the value of `not_id` would not match, this - // principal would match. - Principal not_id = 8; - } -} diff --git a/api/envoy/config/rbac/v3/BUILD b/api/envoy/config/rbac/v3/BUILD index bf5d6038a261..c5246439c7b5 100644 --- a/api/envoy/config/rbac/v3/BUILD +++ b/api/envoy/config/rbac/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", - "//envoy/config/rbac/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/api/envoy/config/rbac/v3/rbac.proto b/api/envoy/config/rbac/v3/rbac.proto index 3d9c9c2627ed..3b7f79d605df 100644 --- a/api/envoy/config/rbac/v3/rbac.proto +++ b/api/envoy/config/rbac/v3/rbac.proto @@ -25,9 +25,9 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a -// service. RBAC policies are additive. The policies are examined in order. Requests are allowed -// or denied based on the `action` and whether a matching policy is found. For instance, if the -// action is ALLOW and a matching policy is found the request should be allowed. +// service. Requests are allowed or denied based on the `action` and whether a matching policy is +// found. For instance, if the action is ALLOW and a matching policy is found the request should be +// allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the @@ -105,6 +105,7 @@ message RBAC { Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. + // The policies are evaluated in lexicographic order of the policy name. map policies = 2; } diff --git a/api/envoy/config/rbac/v4alpha/rbac.proto b/api/envoy/config/rbac/v4alpha/rbac.proto index e68aef977605..59c4ba111d1d 100644 --- a/api/envoy/config/rbac/v4alpha/rbac.proto +++ b/api/envoy/config/rbac/v4alpha/rbac.proto @@ -23,9 +23,9 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a -// service. RBAC policies are additive. The policies are examined in order. Requests are allowed -// or denied based on the `action` and whether a matching policy is found. For instance, if the -// action is ALLOW and a matching policy is found the request should be allowed. +// service. Requests are allowed or denied based on the `action` and whether a matching policy is +// found. For instance, if the action is ALLOW and a matching policy is found the request should be +// allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the @@ -103,6 +103,7 @@ message RBAC { Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. + // The policies are evaluated in lexicographic order of the policy name. map policies = 2; } diff --git a/api/envoy/config/retry/omit_host_metadata/v2/BUILD b/api/envoy/config/retry/omit_host_metadata/v2/BUILD deleted file mode 100644 index 83bc0ab960e7..000000000000 --- a/api/envoy/config/retry/omit_host_metadata/v2/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/config/retry/omit_host_metadata/v2/omit_host_metadata_config.proto b/api/envoy/config/retry/omit_host_metadata/v2/omit_host_metadata_config.proto deleted file mode 100644 index d229cffef8ca..000000000000 --- a/api/envoy/config/retry/omit_host_metadata/v2/omit_host_metadata_config.proto +++ /dev/null @@ -1,28 +0,0 @@ -syntax = "proto3"; - -package envoy.config.retry.omit_host_metadata.v2; - -import "envoy/api/v2/core/base.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.retry.omit_host_metadata.v2"; -option java_outer_classname = "OmitHostMetadataConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.retry.host.omit_host_metadata.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Omit host metadata retry predicate] - -// A retry host predicate that can be used to reject a host based on -// predefined metadata match criteria. -// [#extension: envoy.retry_host_predicates.omit_host_metadata] -message OmitHostMetadataConfig { - // Retry host predicate metadata match criteria. The hosts in - // the upstream cluster with matching metadata will be omitted while - // attempting a retry of a failed request. The metadata should be specified - // under the *envoy.lb* key. - api.v2.core.Metadata metadata_match = 1; -} diff --git a/api/envoy/config/retry/previous_priorities/BUILD b/api/envoy/config/retry/previous_priorities/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/retry/previous_priorities/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/retry/previous_priorities/previous_priorities_config.proto b/api/envoy/config/retry/previous_priorities/previous_priorities_config.proto deleted file mode 100644 index 3fc400c053a7..000000000000 --- a/api/envoy/config/retry/previous_priorities/previous_priorities_config.proto +++ /dev/null @@ -1,56 +0,0 @@ -syntax = "proto3"; - -package envoy.config.retry.previous_priorities; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.config.retry.previous_priorities"; -option java_outer_classname = "PreviousPrioritiesConfigProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.retry.priority.previous_priorities.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Previous priorities retry selector] - -// A retry host selector that attempts to spread retries between priorities, even if certain -// priorities would not normally be attempted due to higher priorities being available. -// -// As priorities get excluded, load will be distributed amongst the remaining healthy priorities -// based on the relative health of the priorities, matching how load is distributed during regular -// host selection. For example, given priority healths of {100, 50, 50}, the original load will be -// {100, 0, 0} (since P0 has capacity to handle 100% of the traffic). If P0 is excluded, the load -// changes to {0, 50, 50}, because P1 is only able to handle 50% of the traffic, causing the -// remaining to spill over to P2. -// -// Each priority attempted will be excluded until there are no healthy priorities left, at which -// point the list of attempted priorities will be reset, essentially starting from the beginning. -// For example, given three priorities P0, P1, P2 with healthy % of 100, 0 and 50 respectively, the -// following sequence of priorities would be selected (assuming update_frequency = 1): -// Attempt 1: P0 (P0 is 100% healthy) -// Attempt 2: P2 (P0 already attempted, P2 only healthy priority) -// Attempt 3: P0 (no healthy priorities, reset) -// Attempt 4: P2 -// -// In the case of all upstream hosts being unhealthy, no adjustments will be made to the original -// priority load, so behavior should be identical to not using this plugin. -// -// Using this PriorityFilter requires rebuilding the priority load, which runs in O(# of -// priorities), which might incur significant overhead for clusters with many priorities. -// [#extension: envoy.retry_priorities.previous_priorities] -message PreviousPrioritiesConfig { - // How often the priority load should be updated based on previously attempted priorities. Useful - // to allow each priorities to receive more than one request before being excluded or to reduce - // the number of times that the priority load has to be recomputed. - // - // For example, by setting this to 2, then the first two attempts (initial attempt and first - // retry) will use the unmodified priority load. The third and fourth attempt will use priority - // load which excludes the priorities routed to with the first two attempts, and the fifth and - // sixth attempt will use the priority load excluding the priorities used for the first four - // attempts. - // - // Must be greater than 0. - int32 update_frequency = 1 [(validate.rules).int32 = {gt: 0}]; -} diff --git a/api/envoy/config/route/v3/route_components.proto b/api/envoy/config/route/v3/route_components.proto index 58ac31d41515..ee82e8f73226 100644 --- a/api/envoy/config/route/v3/route_components.proto +++ b/api/envoy/config/route/v3/route_components.proto @@ -1885,8 +1885,8 @@ message HeaderMatcher { // "-1somestring" type.v3.Int64Range range_match = 6; - // If specified, header match will be performed based on whether the header is in the - // request. + // If specified as true, header match will be performed based on whether the header is in the + // request. If specified as false, header match will be performed based on whether the header is absent. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. diff --git a/api/envoy/config/route/v4alpha/route_components.proto b/api/envoy/config/route/v4alpha/route_components.proto index ce3b1c479969..256a3c742ff3 100644 --- a/api/envoy/config/route/v4alpha/route_components.proto +++ b/api/envoy/config/route/v4alpha/route_components.proto @@ -1837,8 +1837,8 @@ message HeaderMatcher { // "-1somestring" type.v3.Int64Range range_match = 6; - // If specified, header match will be performed based on whether the header is in the - // request. + // If specified as true, header match will be performed based on whether the header is in the + // request. If specified as false, header match will be performed based on whether the header is absent. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. diff --git a/api/envoy/config/transport_socket/raw_buffer/v2/BUILD b/api/envoy/config/transport_socket/raw_buffer/v2/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/config/transport_socket/raw_buffer/v2/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/config/transport_socket/raw_buffer/v2/raw_buffer.proto b/api/envoy/config/transport_socket/raw_buffer/v2/raw_buffer.proto deleted file mode 100644 index 1b3fd395d572..000000000000 --- a/api/envoy/config/transport_socket/raw_buffer/v2/raw_buffer.proto +++ /dev/null @@ -1,20 +0,0 @@ -syntax = "proto3"; - -package envoy.config.transport_socket.raw_buffer.v2; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; - -option java_package = "io.envoyproxy.envoy.config.transport_socket.raw_buffer.v2"; -option java_outer_classname = "RawBufferProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.transport_sockets.raw_buffer.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Raw Buffer] -// [#extension: envoy.transport_sockets.raw_buffer] - -// Configuration for raw buffer transport socket. -message RawBuffer { -} diff --git a/api/envoy/data/accesslog/v3/accesslog.proto b/api/envoy/data/accesslog/v3/accesslog.proto index 98bdd1d6e832..c53ae0d6ab85 100644 --- a/api/envoy/data/accesslog/v3/accesslog.proto +++ b/api/envoy/data/accesslog/v3/accesslog.proto @@ -186,7 +186,7 @@ message AccessLogCommon { } // Flags indicating occurrences during request/response processing. -// [#next-free-field: 26] +// [#next-free-field: 27] message ResponseFlags { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags"; @@ -281,6 +281,9 @@ message ResponseFlags { // Indicates no cluster was found for the request. bool no_cluster_found = 25; + + // Indicates overload manager terminated the request. + bool overload_manager = 26; } // Properties of a negotiated TLS connection. diff --git a/api/envoy/data/cluster/v2alpha/BUILD b/api/envoy/data/cluster/v2alpha/BUILD deleted file mode 100644 index ee92fb652582..000000000000 --- a/api/envoy/data/cluster/v2alpha/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], -) diff --git a/api/envoy/data/cluster/v2alpha/outlier_detection_event.proto b/api/envoy/data/cluster/v2alpha/outlier_detection_event.proto deleted file mode 100644 index 3ea8bc2597fd..000000000000 --- a/api/envoy/data/cluster/v2alpha/outlier_detection_event.proto +++ /dev/null @@ -1,135 +0,0 @@ -syntax = "proto3"; - -package envoy.data.cluster.v2alpha; - -import "google/protobuf/timestamp.proto"; -import "google/protobuf/wrappers.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.data.cluster.v2alpha"; -option java_outer_classname = "OutlierDetectionEventProto"; -option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.data.cluster.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Outlier detection logging events] -// :ref:`Outlier detection logging `. - -// Type of ejection that took place -enum OutlierEjectionType { - // In case upstream host returns certain number of consecutive 5xx. - // If - // :ref:`outlier_detection.split_external_local_origin_errors` - // is *false*, all type of errors are treated as HTTP 5xx errors. - // See :ref:`Cluster outlier detection ` documentation for - // details. - CONSECUTIVE_5XX = 0; - - // In case upstream host returns certain number of consecutive gateway errors - CONSECUTIVE_GATEWAY_FAILURE = 1; - - // Runs over aggregated success rate statistics from every host in cluster - // and selects hosts for which ratio of successful replies deviates from other hosts - // in the cluster. - // If - // :ref:`outlier_detection.split_external_local_origin_errors` - // is *false*, all errors (externally and locally generated) are used to calculate success rate - // statistics. See :ref:`Cluster outlier detection ` - // documentation for details. - SUCCESS_RATE = 2; - - // Consecutive local origin failures: Connection failures, resets, timeouts, etc - // This type of ejection happens only when - // :ref:`outlier_detection.split_external_local_origin_errors` - // is set to *true*. - // See :ref:`Cluster outlier detection ` documentation for - CONSECUTIVE_LOCAL_ORIGIN_FAILURE = 3; - - // Runs over aggregated success rate statistics for local origin failures - // for all hosts in the cluster and selects hosts for which success rate deviates from other - // hosts in the cluster. This type of ejection happens only when - // :ref:`outlier_detection.split_external_local_origin_errors` - // is set to *true*. - // See :ref:`Cluster outlier detection ` documentation for - SUCCESS_RATE_LOCAL_ORIGIN = 4; - - // Runs over aggregated success rate statistics from every host in cluster and selects hosts for - // which ratio of failed replies is above configured value. - FAILURE_PERCENTAGE = 5; - - // Runs over aggregated success rate statistics for local origin failures from every host in - // cluster and selects hosts for which ratio of failed replies is above configured value. - FAILURE_PERCENTAGE_LOCAL_ORIGIN = 6; -} - -// Represents possible action applied to upstream host -enum Action { - // In case host was excluded from service - EJECT = 0; - - // In case host was brought back into service - UNEJECT = 1; -} - -// [#next-free-field: 12] -message OutlierDetectionEvent { - // In case of eject represents type of ejection that took place. - OutlierEjectionType type = 1 [(validate.rules).enum = {defined_only: true}]; - - // Timestamp for event. - google.protobuf.Timestamp timestamp = 2; - - // The time in seconds since the last action (either an ejection or unejection) took place. - google.protobuf.UInt64Value secs_since_last_action = 3; - - // The :ref:`cluster ` that owns the ejected host. - string cluster_name = 4 [(validate.rules).string = {min_bytes: 1}]; - - // The URL of the ejected host. E.g., ``tcp://1.2.3.4:80``. - string upstream_url = 5 [(validate.rules).string = {min_bytes: 1}]; - - // The action that took place. - Action action = 6 [(validate.rules).enum = {defined_only: true}]; - - // If ``action`` is ``eject``, specifies the number of times the host has been ejected (local to - // that Envoy and gets reset if the host gets removed from the upstream cluster for any reason and - // then re-added). - uint32 num_ejections = 7; - - // If ``action`` is ``eject``, specifies if the ejection was enforced. ``true`` means the host was - // ejected. ``false`` means the event was logged but the host was not actually ejected. - bool enforced = 8; - - oneof event { - option (validate.required) = true; - - OutlierEjectSuccessRate eject_success_rate_event = 9; - - OutlierEjectConsecutive eject_consecutive_event = 10; - - OutlierEjectFailurePercentage eject_failure_percentage_event = 11; - } -} - -message OutlierEjectSuccessRate { - // Host’s success rate at the time of the ejection event on a 0-100 range. - uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; - - // Average success rate of the hosts in the cluster at the time of the ejection event on a 0-100 - // range. - uint32 cluster_average_success_rate = 2 [(validate.rules).uint32 = {lte: 100}]; - - // Success rate ejection threshold at the time of the ejection event. - uint32 cluster_success_rate_ejection_threshold = 3 [(validate.rules).uint32 = {lte: 100}]; -} - -message OutlierEjectConsecutive { -} - -message OutlierEjectFailurePercentage { - // Host's success rate at the time of the ejection event on a 0-100 range. - uint32 host_success_rate = 1 [(validate.rules).uint32 = {lte: 100}]; -} diff --git a/api/envoy/data/cluster/v3/BUILD b/api/envoy/data/cluster/v3/BUILD index 147f990bfe91..ee92fb652582 100644 --- a/api/envoy/data/cluster/v3/BUILD +++ b/api/envoy/data/cluster/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/data/cluster/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/data/core/v2alpha/BUILD b/api/envoy/data/core/v2alpha/BUILD deleted file mode 100644 index 83bc0ab960e7..000000000000 --- a/api/envoy/data/core/v2alpha/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/data/core/v2alpha/health_check_event.proto b/api/envoy/data/core/v2alpha/health_check_event.proto deleted file mode 100644 index 00fd69fd42d3..000000000000 --- a/api/envoy/data/core/v2alpha/health_check_event.proto +++ /dev/null @@ -1,88 +0,0 @@ -syntax = "proto3"; - -package envoy.data.core.v2alpha; - -import "envoy/api/v2/core/address.proto"; - -import "google/protobuf/timestamp.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.data.core.v2alpha"; -option java_outer_classname = "HealthCheckEventProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Health check logging events] -// :ref:`Health check logging `. - -enum HealthCheckFailureType { - ACTIVE = 0; - PASSIVE = 1; - NETWORK = 2; -} - -enum HealthCheckerType { - HTTP = 0; - TCP = 1; - GRPC = 2; - REDIS = 3; -} - -// [#next-free-field: 10] -message HealthCheckEvent { - HealthCheckerType health_checker_type = 1 [(validate.rules).enum = {defined_only: true}]; - - api.v2.core.Address host = 2; - - string cluster_name = 3 [(validate.rules).string = {min_bytes: 1}]; - - oneof event { - option (validate.required) = true; - - // Host ejection. - HealthCheckEjectUnhealthy eject_unhealthy_event = 4; - - // Host addition. - HealthCheckAddHealthy add_healthy_event = 5; - - // Host failure. - HealthCheckFailure health_check_failure_event = 7; - - // Healthy host became degraded. - DegradedHealthyHost degraded_healthy_host = 8; - - // A degraded host returned to being healthy. - NoLongerDegradedHost no_longer_degraded_host = 9; - } - - // Timestamp for event. - google.protobuf.Timestamp timestamp = 6; -} - -message HealthCheckEjectUnhealthy { - // The type of failure that caused this ejection. - HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; -} - -message HealthCheckAddHealthy { - // Whether this addition is the result of the first ever health check on a host, in which case - // the configured :ref:`healthy threshold ` - // is bypassed and the host is immediately added. - bool first_check = 1; -} - -message HealthCheckFailure { - // The type of failure that caused this event. - HealthCheckFailureType failure_type = 1 [(validate.rules).enum = {defined_only: true}]; - - // Whether this event is the result of the first ever health check on a host. - bool first_check = 2; -} - -message DegradedHealthyHost { -} - -message NoLongerDegradedHost { -} diff --git a/api/envoy/data/core/v3/BUILD b/api/envoy/data/core/v3/BUILD index e056514db97d..1c1a6f6b4423 100644 --- a/api/envoy/data/core/v3/BUILD +++ b/api/envoy/data/core/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/data/core/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/data/dns/v2alpha/BUILD b/api/envoy/data/dns/v2alpha/BUILD deleted file mode 100644 index e305003238a5..000000000000 --- a/api/envoy/data/dns/v2alpha/BUILD +++ /dev/null @@ -1,12 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - deps = [ - "//envoy/type/matcher:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/data/dns/v2alpha/dns_table.proto b/api/envoy/data/dns/v2alpha/dns_table.proto deleted file mode 100644 index 7a9e535c4f3a..000000000000 --- a/api/envoy/data/dns/v2alpha/dns_table.proto +++ /dev/null @@ -1,74 +0,0 @@ -syntax = "proto3"; - -package envoy.data.dns.v2alpha; - -import "envoy/type/matcher/string.proto"; - -import "google/protobuf/duration.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.data.dns.v2alpha"; -option java_outer_classname = "DnsTableProto"; -option java_multiple_files = true; -option (udpa.annotations.file_status).work_in_progress = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: DNS Filter Table Data] -// :ref:`DNS Filter config overview `. - -// This message contains the configuration for the DNS Filter if populated -// from the control plane -message DnsTable { - // This message contains a list of IP addresses returned for a query for a known name - message AddressList { - // This field contains a well formed IP address that is returned - // in the answer for a name query. The address field can be an - // IPv4 or IPv6 address. Address family detection is done automatically - // when Envoy parses the string. Since this field is repeated, - // Envoy will return one randomly chosen entry from this list in the - // DNS response. The random index will vary per query so that we prevent - // clients pinning on a single address for a configured domain - repeated string address = 1 [(validate.rules).repeated = { - min_items: 1 - items {string {min_len: 3}} - }]; - } - - // This message type is extensible and can contain a list of addresses - // or dictate some other method for resolving the addresses for an - // endpoint - message DnsEndpoint { - oneof endpoint_config { - option (validate.required) = true; - - AddressList address_list = 1; - } - } - - message DnsVirtualDomain { - // The domain name for which Envoy will respond to query requests - string name = 1 [(validate.rules).string = {min_len: 2 well_known_regex: HTTP_HEADER_NAME}]; - - // The configuration containing the method to determine the address - // of this endpoint - DnsEndpoint endpoint = 2; - - // Sets the TTL in dns answers from Envoy returned to the client - google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gt {}}]; - } - - // Control how many times envoy makes an attempt to forward a query to - // an external server - uint32 external_retry_count = 1; - - // Fully qualified domain names for which Envoy will respond to queries - repeated DnsVirtualDomain virtual_domains = 2 [(validate.rules).repeated = {min_items: 1}]; - - // This field serves to help Envoy determine whether it can authoritatively - // answer a query for a name matching a suffix in this list. If the query - // name does not match a suffix in this list, Envoy will forward - // the query to an upstream DNS server - repeated type.matcher.StringMatcher known_suffixes = 3; -} diff --git a/api/envoy/data/dns/v3/BUILD b/api/envoy/data/dns/v3/BUILD index 24703c78c914..516369f09675 100644 --- a/api/envoy/data/dns/v3/BUILD +++ b/api/envoy/data/dns/v3/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/data/dns/v2alpha:pkg", + "//envoy/annotations:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/data/dns/v3/dns_table.proto b/api/envoy/data/dns/v3/dns_table.proto index 4398403b7ed0..5cc04440f700 100644 --- a/api/envoy/data/dns/v3/dns_table.proto +++ b/api/envoy/data/dns/v3/dns_table.proto @@ -6,6 +6,7 @@ import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/duration.proto"; +import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; @@ -143,8 +144,13 @@ message DnsTable { // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; + // This field is deprecated and no longer used in Envoy. The filter's behavior has changed + // internally to use a different data structure allowing the filter to determine whether a + // query is for known domain without the use of this field. + // // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server - repeated type.matcher.v3.StringMatcher known_suffixes = 3; + repeated type.matcher.v3.StringMatcher known_suffixes = 3 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; } diff --git a/api/envoy/data/dns/v4alpha/BUILD b/api/envoy/data/dns/v4alpha/BUILD index 4c5278c0884d..e32ed76cbd6f 100644 --- a/api/envoy/data/dns/v4alpha/BUILD +++ b/api/envoy/data/dns/v4alpha/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/data/dns/v3:pkg", - "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/data/dns/v4alpha/dns_table.proto b/api/envoy/data/dns/v4alpha/dns_table.proto index f142cfa7bf8c..4f8626edece9 100644 --- a/api/envoy/data/dns/v4alpha/dns_table.proto +++ b/api/envoy/data/dns/v4alpha/dns_table.proto @@ -2,8 +2,6 @@ syntax = "proto3"; package envoy.data.dns.v4alpha; -import "envoy/type/matcher/v4alpha/string.proto"; - import "google/protobuf/duration.proto"; import "udpa/annotations/status.proto"; @@ -148,15 +146,14 @@ message DnsTable { google.protobuf.Duration answer_ttl = 3 [(validate.rules).duration = {gte {seconds: 30}}]; } + reserved 3; + + reserved "known_suffixes"; + // Control how many times Envoy makes an attempt to forward a query to an external DNS server uint32 external_retry_count = 1 [(validate.rules).uint32 = {lte: 3}]; // Fully qualified domain names for which Envoy will respond to DNS queries. By leaving this // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; - - // This field serves to help Envoy determine whether it can authoritatively answer a query - // for a name matching a suffix in this list. If the query name does not match a suffix in - // this list, Envoy will forward the query to an upstream DNS server - repeated type.matcher.v4alpha.StringMatcher known_suffixes = 3; } diff --git a/api/envoy/extensions/access_loggers/file/v3/BUILD b/api/envoy/extensions/access_loggers/file/v3/BUILD index 20cbee8b9463..a1775bbe6f51 100644 --- a/api/envoy/extensions/access_loggers/file/v3/BUILD +++ b/api/envoy/extensions/access_loggers/file/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", - "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/access_loggers/grpc/v3/BUILD b/api/envoy/extensions/access_loggers/grpc/v3/BUILD index 627b855a467e..1c1a6f6b4423 100644 --- a/api/envoy/extensions/access_loggers/grpc/v3/BUILD +++ b/api/envoy/extensions/access_loggers/grpc/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/clusters/aggregate/v3/BUILD b/api/envoy/extensions/clusters/aggregate/v3/BUILD index 7ff7bd523b75..ee92fb652582 100644 --- a/api/envoy/extensions/clusters/aggregate/v3/BUILD +++ b/api/envoy/extensions/clusters/aggregate/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/cluster/aggregate/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/config/common/tap/v2alpha/BUILD b/api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD similarity index 66% rename from api/envoy/config/common/tap/v2alpha/BUILD rename to api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD index 3aed5a34a400..ca83092e39b1 100644 --- a/api/envoy/config/common/tap/v2alpha/BUILD +++ b/api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD @@ -6,7 +6,8 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/service/tap/v2alpha:pkg", + "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg", + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto b/api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto new file mode 100644 index 000000000000..1b989e0bb725 --- /dev/null +++ b/api/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto @@ -0,0 +1,35 @@ +syntax = "proto3"; + +package envoy.extensions.clusters.dynamic_forward_proxy.v4alpha; + +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.clusters.dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "ClusterProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Dynamic forward proxy cluster configuration] + +// Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview +// ` for more information. +// [#extension: envoy.clusters.dynamic_forward_proxy] +message ClusterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig"; + + // The DNS cache configuration that the cluster will attach to. Note this configuration must + // match that of associated :ref:`dynamic forward proxy HTTP filter configuration + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 + [(validate.rules).message = {required: true}]; + + // If true allow the cluster configuration to disable the auto_sni and auto_san_validation options + // in the :ref:`cluster's upstream_http_protocol_options + // ` + bool allow_insecure_cluster_options = 2; +} diff --git a/api/envoy/extensions/clusters/redis/v3/BUILD b/api/envoy/extensions/clusters/redis/v3/BUILD index 9ff96b6becfb..ee92fb652582 100644 --- a/api/envoy/extensions/clusters/redis/v3/BUILD +++ b/api/envoy/extensions/clusters/redis/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/cluster/redis:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD index b7a0695c214b..fb5436a6bf93 100644 --- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD +++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD @@ -6,8 +6,10 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ + "//envoy/annotations:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto index 4b182a29711b..5c35e80d591f 100644 --- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto +++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto @@ -3,10 +3,13 @@ syntax = "proto3"; package envoy.extensions.common.dynamic_forward_proxy.v3; import "envoy/config/cluster/v3/cluster.proto"; +import "envoy/config/core/v3/address.proto"; +import "envoy/config/core/v3/resolver.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; +import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; @@ -27,7 +30,7 @@ message DnsCacheCircuitBreakers { // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. -// [#next-free-field: 9] +// [#next-free-field: 11] message DnsCacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.dynamic_forward_proxy.v2alpha.DnsCacheConfig"; @@ -95,10 +98,20 @@ message DnsCacheConfig { // Envoy will use dns cache circuit breakers with default settings even if this value is not set. DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; - // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 8; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 8 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v3.DnsResolutionConfig dns_resolution_config = 9; + + // Hostnames that should be preresolved into the cache upon creation. This might provide a + // performance improvement, in the form of cache hits, for hostnames that are going to be + // resolved during steady state and are known at config load time. + repeated config.core.v3.SocketAddress preresolve_hostnames = 10; } diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD b/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD new file mode 100644 index 000000000000..a70cf4f2bbbd --- /dev/null +++ b/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD @@ -0,0 +1,14 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/cluster/v4alpha:pkg", + "//envoy/config/core/v4alpha:pkg", + "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto b/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto new file mode 100644 index 000000000000..08b78d3fa45c --- /dev/null +++ b/api/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto @@ -0,0 +1,114 @@ +syntax = "proto3"; + +package envoy.extensions.common.dynamic_forward_proxy.v4alpha; + +import "envoy/config/cluster/v4alpha/cluster.proto"; +import "envoy/config/core/v4alpha/address.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.common.dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "DnsCacheProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Dynamic forward proxy common configuration] + +// Configuration of circuit breakers for resolver. +message DnsCacheCircuitBreakers { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.common.dynamic_forward_proxy.v3.DnsCacheCircuitBreakers"; + + // The maximum number of pending requests that Envoy will allow to the + // resolver. If not specified, the default is 1024. + google.protobuf.UInt32Value max_pending_requests = 1; +} + +// Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview +// ` for more information. +// [#next-free-field: 11] +message DnsCacheConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig"; + + reserved 8; + + reserved "use_tcp_for_dns_lookups"; + + // The name of the cache. Multiple named caches allow independent dynamic forward proxy + // configurations to operate within a single Envoy process using different configurations. All + // configurations with the same name *must* otherwise have the same settings when referenced + // from different configuration components. Configuration will fail to load if this is not + // the case. + string name = 1 [(validate.rules).string = {min_len: 1}]; + + // The DNS lookup family to use during resolution. + // + // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The + // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and + // then configures a host to have a primary and fall back address. With this, we could very + // likely build a "happy eyeballs" connection pool which would race the primary / fall back + // address and return the one that wins. This same method could potentially also be used for + // QUIC to TCP fall back.] + config.cluster.v4alpha.Cluster.DnsLookupFamily dns_lookup_family = 2 + [(validate.rules).enum = {defined_only: true}]; + + // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. + // + // .. note: + // + // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be + // added in a future change. + // + // .. note: + // + // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. + google.protobuf.Duration dns_refresh_rate = 3 + [(validate.rules).duration = {gte {nanos: 1000000}}]; + + // The TTL for hosts that are unused. Hosts that have not been used in the configured time + // interval will be purged. If not specified defaults to 5m. + // + // .. note: + // + // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This + // means that if the configured TTL is shorter than the refresh rate the host may not be removed + // immediately. + // + // .. note: + // + // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. + google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; + + // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. + // + // .. note: + // + // The implementation is approximate and enforced independently on each worker thread, thus + // it is possible for the maximum hosts in the cache to go slightly above the configured + // value depending on timing. This is similar to how other circuit breakers work. + google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; + + // If the DNS failure refresh rate is specified, + // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is + // not specified, the failure refresh rate defaults to the dns_refresh_rate. + config.cluster.v4alpha.Cluster.RefreshRate dns_failure_refresh_rate = 6; + + // The config of circuit breakers for resolver. It provides a configurable threshold. + // Envoy will use dns cache circuit breakers with default settings even if this value is not set. + DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v4alpha.DnsResolutionConfig dns_resolution_config = 9; + + // Hostnames that should be preresolved into the cache upon creation. This might provide a + // performance improvement, in the form of cache hits, for hostnames that are going to be + // resolved during steady state and are known at config load time. + repeated config.core.v4alpha.SocketAddress preresolve_hostnames = 10; +} diff --git a/api/envoy/extensions/common/tap/v3/BUILD b/api/envoy/extensions/common/tap/v3/BUILD index c7fd66efbdbd..a99fa811f859 100644 --- a/api/envoy/extensions/common/tap/v3/BUILD +++ b/api/envoy/extensions/common/tap/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD b/api/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD index d40a72b07b84..ad2fc9a9a84f 100644 --- a/api/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD +++ b/api/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto b/api/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto index 33d415ab4391..9bb3603f9ebd 100644 --- a/api/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto +++ b/api/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Admission Control] // [#extension: envoy.filters.http.admission_control] -// [#next-free-field: 6] +// [#next-free-field: 8] message AdmissionControl { // Default method of specifying what constitutes a successful request. All status codes that // indicate a successful request must be explicitly specified if not relying on the default @@ -91,4 +91,13 @@ message AdmissionControl { // below this threshold, rejection probability will increase. Any success rate above the threshold // results in a rejection probability of 0. Defaults to 95%. config.core.v3.RuntimePercent sr_threshold = 5; + + // If the average RPS of the sampling window is below this threshold, the request + // will not be rejected, even if the success rate is lower than sr_threshold. + // Defaults to 0. + config.core.v3.RuntimeUInt32 rps_threshold = 6; + + // The probability of rejection will never exceed this value, even if the failure rate is rising. + // Defaults to 80%. + config.core.v3.RuntimePercent max_rejection_probability = 7; } diff --git a/api/envoy/config/accesslog/v2/BUILD b/api/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD similarity index 87% rename from api/envoy/config/accesslog/v2/BUILD rename to api/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD index 83bc0ab960e7..1c1a6f6b4423 100644 --- a/api/envoy/config/accesslog/v2/BUILD +++ b/api/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/core:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto b/api/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto new file mode 100644 index 000000000000..e628a6ca73fb --- /dev/null +++ b/api/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto @@ -0,0 +1,27 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.alternate_protocols_cache.v3; + +import "envoy/config/core/v3/protocol.proto"; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.alternate_protocols_cache.v3"; +option java_outer_classname = "AlternateProtocolsCacheProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Alternate Protocols Cache] + +// Configuration for the alternate protocols cache HTTP filter. +// [#extension: envoy.filters.http.alternate_protocols_cache] +// TODO(RyanTheOptimist): Move content from source/docs/http3_upstream.md to +// docs/root/intro/arch_overview/upstream/connection_pooling.rst when unhiding the proto. +message FilterConfig { + // [#not-implemented-hide:] + // If set, causes the use of the alternate protocols cache, which is responsible for + // parsing and caching HTTP Alt-Svc headers. This enables the use of HTTP/3 for upstream + // servers that advertise supporting it. + // TODO(RyanTheOptimist): Make this field required when HTTP/3 is enabled via auto_http. + config.core.v3.AlternateProtocolsCacheOptions alternate_protocols_cache_options = 1; +} diff --git a/api/envoy/extensions/filters/http/aws_lambda/v3/BUILD b/api/envoy/extensions/filters/http/aws_lambda/v3/BUILD index 8bc4fef8da4d..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/aws_lambda/v3/BUILD +++ b/api/envoy/extensions/filters/http/aws_lambda/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/aws_request_signing/v3/BUILD b/api/envoy/extensions/filters/http/aws_request_signing/v3/BUILD index fa7012277c34..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/aws_request_signing/v3/BUILD +++ b/api/envoy/extensions/filters/http/aws_request_signing/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/config/filter/network/direct_response/v2/BUILD b/api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD similarity index 87% rename from api/envoy/config/filter/network/direct_response/v2/BUILD rename to api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD index 83bc0ab960e7..1c1a6f6b4423 100644 --- a/api/envoy/config/filter/network/direct_response/v2/BUILD +++ b/api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/core:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto b/api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto new file mode 100644 index 000000000000..4cd5f8268b70 --- /dev/null +++ b/api/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto @@ -0,0 +1,70 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.bandwidth_limit.v3alpha; + +import "envoy/config/core/v3/base.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.bandwidth_limit.v3alpha"; +option java_outer_classname = "BandwidthLimitProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).work_in_progress = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Bandwidth limit] +// Bandwidth limit :ref:`configuration overview `. +// [#extension: envoy.filters.http.bandwidth_limit] + +// [#next-free-field: 6] +message BandwidthLimit { + // Defines the mode for the bandwidth limit filter. + // Values represent bitmask. + enum EnableMode { + // Filter is disabled. + DISABLED = 0; + + // Filter enabled only for incoming traffic. + REQUEST = 1; + + // Filter enabled only for outgoing traffic. + RESPONSE = 2; + + // Filter enabled for both incoming and outgoing traffic. + REQUEST_AND_RESPONSE = 3; + } + + // The human readable prefix to use when emitting stats. + string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; + + // The enable mode for the bandwidth limit filter. + // Default is Disabled. + EnableMode enable_mode = 2 [(validate.rules).enum = {defined_only: true}]; + + // The limit supplied in KiB/s. + // + // .. note:: + // It's fine for the limit to be unset for the global configuration since the bandwidth limit + // can be applied at a the virtual host or route level. Thus, the limit must be set for the + // per route configuration otherwise the config will be rejected. + // + // .. note:: + // When using per route configuration, the limit becomes unique to that route. + // + google.protobuf.UInt64Value limit_kbps = 3 [(validate.rules).uint64 = {gte: 1}]; + + // Optional Fill interval in milliseconds for the token refills. Defaults to 50ms. + // It must be at least 20ms to avoid too aggressive refills. + google.protobuf.Duration fill_interval = 4 [(validate.rules).duration = { + lte {seconds: 1} + gte {nanos: 20000000} + }]; + + // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults + // to enabled. + config.core.v3.RuntimeFeatureFlag runtime_enabled = 5; +} diff --git a/api/envoy/extensions/filters/http/buffer/v3/BUILD b/api/envoy/extensions/filters/http/buffer/v3/BUILD index c30559bc389d..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/buffer/v3/BUILD +++ b/api/envoy/extensions/filters/http/buffer/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/buffer/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/cache/v3alpha/BUILD b/api/envoy/extensions/filters/http/cache/v3alpha/BUILD index 20ae32258b44..c0ffdf28daaf 100644 --- a/api/envoy/extensions/filters/http/cache/v3alpha/BUILD +++ b/api/envoy/extensions/filters/http/cache/v3alpha/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/api/envoy/extensions/filters/http/compressor/v3/compressor.proto b/api/envoy/extensions/filters/http/compressor/v3/compressor.proto index ab1d426be454..72b435c93dda 100644 --- a/api/envoy/extensions/filters/http/compressor/v3/compressor.proto +++ b/api/envoy/extensions/filters/http/compressor/v3/compressor.proto @@ -10,6 +10,7 @@ import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v3"; option java_outer_classname = "CompressorProto"; @@ -101,9 +102,9 @@ message Compressor { // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. - // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. // [#extension-category: envoy.compression.compressor] - config.core.v3.TypedExtensionConfig compressor_library = 6; + config.core.v3.TypedExtensionConfig compressor_library = 6 + [(validate.rules).message = {required: true}]; // Configuration for request compression. Compression is disabled by default if left empty. RequestDirectionConfig request_direction_config = 7; diff --git a/api/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto b/api/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto index adae49fcb443..11d7757d0980 100644 --- a/api/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto +++ b/api/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto @@ -9,6 +9,7 @@ import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v4alpha"; option java_outer_classname = "CompressorProto"; @@ -82,9 +83,9 @@ message Compressor { // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. - // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. // [#extension-category: envoy.compression.compressor] - config.core.v4alpha.TypedExtensionConfig compressor_library = 6; + config.core.v4alpha.TypedExtensionConfig compressor_library = 6 + [(validate.rules).message = {required: true}]; // Configuration for request compression. Compression is disabled by default if left empty. RequestDirectionConfig request_direction_config = 7; diff --git a/api/envoy/extensions/filters/http/cors/v3/BUILD b/api/envoy/extensions/filters/http/cors/v3/BUILD index 4e161178b785..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/cors/v3/BUILD +++ b/api/envoy/extensions/filters/http/cors/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/cors/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/csrf/v3/BUILD b/api/envoy/extensions/filters/http/csrf/v3/BUILD index c79e8aec9af8..3f3a5395d2aa 100644 --- a/api/envoy/extensions/filters/http/csrf/v3/BUILD +++ b/api/envoy/extensions/filters/http/csrf/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD index 01f8b59e2438..05f25a2fe5d9 100644 --- a/api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/config/filter/http/adaptive_concurrency/v2alpha/BUILD b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD similarity index 65% rename from api/envoy/config/filter/http/adaptive_concurrency/v2alpha/BUILD rename to api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD index 2ffbc958786b..8486b45d71d9 100644 --- a/api/envoy/config/filter/http/adaptive_concurrency/v2alpha/BUILD +++ b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD @@ -6,8 +6,8 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/core:pkg", - "//envoy/type:pkg", + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", + "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/dynamic_forward_proxy.proto b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto similarity index 63% rename from api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/dynamic_forward_proxy.proto rename to api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto index 436bb6bf4616..0dba06106b07 100644 --- a/api/envoy/config/filter/http/dynamic_forward_proxy/v2alpha/dynamic_forward_proxy.proto +++ b/api/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto @@ -1,19 +1,17 @@ syntax = "proto3"; -package envoy.config.filter.http.dynamic_forward_proxy.v2alpha; +package envoy.extensions.filters.http.dynamic_forward_proxy.v4alpha; -import "envoy/config/common/dynamic_forward_proxy/v2alpha/dns_cache.proto"; +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; -import "udpa/annotations/migrate.proto"; import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; -option java_package = "io.envoyproxy.envoy.config.filter.http.dynamic_forward_proxy.v2alpha"; +option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamic_forward_proxy.v4alpha"; option java_outer_classname = "DynamicForwardProxyProto"; option java_multiple_files = true; -option (udpa.annotations.file_migrate).move_to_package = - "envoy.extensions.filters.http.dynamic_forward_proxy.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Dynamic forward proxy] @@ -21,15 +19,21 @@ option (udpa.annotations.file_status).package_version_status = FROZEN; // ` for more information. // [#extension: envoy.filters.http.dynamic_forward_proxy] message FilterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig"; + // The DNS cache configuration that the filter will attach to. Note this configuration must // match that of associated :ref:`dynamic forward proxy cluster configuration - // `. - common.dynamic_forward_proxy.v2alpha.DnsCacheConfig dns_cache_config = 1 + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 [(validate.rules).message = {required: true}]; } // Per route Configuration for the dynamic forward proxy HTTP filter. message PerRouteConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.dynamic_forward_proxy.v3.PerRouteConfig"; + oneof host_rewrite_specifier { // Indicates that before DNS lookup, the host header will be swapped with // this value. If not set or empty, the original host header value @@ -37,10 +41,10 @@ message PerRouteConfig { // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with - // :ref:`HCM host rewrite ` given that the + // :ref:`HCM host rewrite ` given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. - string host_rewrite = 1 [(udpa.annotations.field_migrate).rename = "host_rewrite_literal"]; + string host_rewrite_literal = 1; // Indicates that before DNS lookup, the host header will be swapped with // the value of this header. If not set or empty, the original host header @@ -48,14 +52,13 @@ message PerRouteConfig { // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with - // :ref:`HCM host rewrite header ` + // :ref:`HCM host rewrite header ` // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. // // .. note:: // // If the header appears multiple times only the first value is used. - string auto_host_rewrite_header = 2 - [(udpa.annotations.field_migrate).rename = "host_rewrite_header"]; + string host_rewrite_header = 2; } } diff --git a/api/envoy/extensions/filters/http/dynamo/v3/BUILD b/api/envoy/extensions/filters/http/dynamo/v3/BUILD index a452c74febd4..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/dynamo/v3/BUILD +++ b/api/envoy/extensions/filters/http/dynamo/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/dynamo/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/fault/v3/BUILD b/api/envoy/extensions/filters/http/fault/v3/BUILD index 8c18028f5a46..53db91cad82c 100644 --- a/api/envoy/extensions/filters/http/fault/v3/BUILD +++ b/api/envoy/extensions/filters/http/fault/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/type/v3:pkg", diff --git a/api/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD b/api/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD index 7e2b76a377e8..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD +++ b/api/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD b/api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD index afe08f939142..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD +++ b/api/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD b/api/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD index 736e75a6dba5..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD +++ b/api/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/transcoder/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/grpc_stats/v3/BUILD b/api/envoy/extensions/filters/http/grpc_stats/v3/BUILD index 37ba5da68858..1c1a6f6b4423 100644 --- a/api/envoy/extensions/filters/http/grpc_stats/v3/BUILD +++ b/api/envoy/extensions/filters/http/grpc_stats/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/http/grpc_web/v3/BUILD b/api/envoy/extensions/filters/http/grpc_web/v3/BUILD index 5f5430c9bb4d..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/grpc_web/v3/BUILD +++ b/api/envoy/extensions/filters/http/grpc_web/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_web/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/gzip/v3/gzip.proto b/api/envoy/extensions/filters/http/gzip/v3/gzip.proto index e6d9bdc06257..a931ab78689f 100644 --- a/api/envoy/extensions/filters/http/gzip/v3/gzip.proto +++ b/api/envoy/extensions/filters/http/gzip/v3/gzip.proto @@ -16,8 +16,6 @@ option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { diff --git a/api/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto b/api/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto index 860b185ec20a..8689148b4625 100644 --- a/api/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto +++ b/api/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto @@ -16,8 +16,6 @@ option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { diff --git a/api/envoy/extensions/filters/http/header_to_metadata/v3/BUILD b/api/envoy/extensions/filters/http/header_to_metadata/v3/BUILD index d0d7ca6fb9b3..693f0b92ff34 100644 --- a/api/envoy/extensions/filters/http/header_to_metadata/v3/BUILD +++ b/api/envoy/extensions/filters/http/header_to_metadata/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/jwt_authn/v3/BUILD b/api/envoy/extensions/filters/http/jwt_authn/v3/BUILD index 32e463407361..6eb33fe8151a 100644 --- a/api/envoy/extensions/filters/http/jwt_authn/v3/BUILD +++ b/api/envoy/extensions/filters/http/jwt_authn/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/jwt_authn/v3/config.proto b/api/envoy/extensions/filters/http/jwt_authn/v3/config.proto index 08ef7a09feb2..afc761c07c7e 100644 --- a/api/envoy/extensions/filters/http/jwt_authn/v3/config.proto +++ b/api/envoy/extensions/filters/http/jwt_authn/v3/config.proto @@ -232,6 +232,35 @@ message RemoteJwks { // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; + + // Fetch Jwks asynchronously in the main thread before the listener is activated. + // Fetched Jwks can be used by all worker threads. + // + // If this feature is not enabled: + // + // * The Jwks is fetched on-demand when the requests come. During the fetching, first + // few requests are paused until the Jwks is fetched. + // * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. + // + // If this feature is enabled: + // + // * Fetched Jwks is done in the main thread before the listener is activated. Its fetched + // Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. + // * Jwks is ready when the requests come, not need to wait for the Jwks fetching. + // + JwksAsyncFetch async_fetch = 3; +} + +// Fetch Jwks asynchronously in the main thread when the filter config is parsed. +// The listener is activated only after the Jwks is fetched. +// When the Jwks is expired in the cache, it is fetched again in the main thread. +// The fetched Jwks from the main thread can be used by all worker threads. +message JwksAsyncFetch { + // If false, the listener is activated after the initial fetch is completed. + // The initial fetch result can be either successful or failed. + // If true, it is activated without waiting for the initial fetch to complete. + // Default is false. + bool fast_listener = 1; } // This message specifies a header location to extract JWT token. diff --git a/api/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto b/api/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto index 7656f09912e9..442ba7df061e 100644 --- a/api/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto +++ b/api/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto @@ -232,6 +232,38 @@ message RemoteJwks { // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; + + // Fetch Jwks asynchronously in the main thread before the listener is activated. + // Fetched Jwks can be used by all worker threads. + // + // If this feature is not enabled: + // + // * The Jwks is fetched on-demand when the requests come. During the fetching, first + // few requests are paused until the Jwks is fetched. + // * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. + // + // If this feature is enabled: + // + // * Fetched Jwks is done in the main thread before the listener is activated. Its fetched + // Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. + // * Jwks is ready when the requests come, not need to wait for the Jwks fetching. + // + JwksAsyncFetch async_fetch = 3; +} + +// Fetch Jwks asynchronously in the main thread when the filter config is parsed. +// The listener is activated only after the Jwks is fetched. +// When the Jwks is expired in the cache, it is fetched again in the main thread. +// The fetched Jwks from the main thread can be used by all worker threads. +message JwksAsyncFetch { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch"; + + // If false, the listener is activated after the initial fetch is completed. + // The initial fetch result can be either successful or failed. + // If true, it is activated without waiting for the initial fetch to complete. + // Default is false. + bool fast_listener = 1; } // This message specifies a header location to extract JWT token. diff --git a/api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto b/api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto index 7766ee2573d0..1cf6c5f2fa52 100644 --- a/api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto +++ b/api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // Local Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.local_ratelimit] -// [#next-free-field: 11] +// [#next-free-field: 12] message LocalRateLimit { // The human readable prefix to use when emitting stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; @@ -97,4 +97,13 @@ message LocalRateLimit { // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 9 [(validate.rules).uint32 = {lte: 10}]; + + // Specifies the scope of the rate limiter's token bucket. + // If set to false, the token bucket is shared across all worker threads, + // thus the rate limits are applied per Envoy process. + // If set to true, a token bucket is allocated for each connection. + // Thus the rate limits are applied per connection thereby allowing + // one to rate limit requests on a per connection basis. + // If unspecified, the default value is false. + bool local_rate_limit_per_downstream_connection = 11; } diff --git a/api/envoy/extensions/filters/http/lua/v3/BUILD b/api/envoy/extensions/filters/http/lua/v3/BUILD index c0eea4243ea8..1c1a6f6b4423 100644 --- a/api/envoy/extensions/filters/http/lua/v3/BUILD +++ b/api/envoy/extensions/filters/http/lua/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/lua/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/http/on_demand/v3/BUILD b/api/envoy/extensions/filters/http/on_demand/v3/BUILD index 7d1afef788cc..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/on_demand/v3/BUILD +++ b/api/envoy/extensions/filters/http/on_demand/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/on_demand/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/original_src/v3/BUILD b/api/envoy/extensions/filters/http/original_src/v3/BUILD index e24dc0dea402..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/original_src/v3/BUILD +++ b/api/envoy/extensions/filters/http/original_src/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/original_src/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/ratelimit/v3/BUILD b/api/envoy/extensions/filters/http/ratelimit/v3/BUILD index 7e242aade472..0bad14913d21 100644 --- a/api/envoy/extensions/filters/http/ratelimit/v3/BUILD +++ b/api/envoy/extensions/filters/http/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/rbac/v3/BUILD b/api/envoy/extensions/filters/http/rbac/v3/BUILD index 81854bd675f5..fd183569e5a1 100644 --- a/api/envoy/extensions/filters/http/rbac/v3/BUILD +++ b/api/envoy/extensions/filters/http/rbac/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/http/rbac/v3/rbac.proto b/api/envoy/extensions/filters/http/rbac/v3/rbac.proto index 67cb338ef1fc..7ad7ac5e6aa2 100644 --- a/api/envoy/extensions/filters/http/rbac/v3/rbac.proto +++ b/api/envoy/extensions/filters/http/rbac/v3/rbac.proto @@ -23,6 +23,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) diff --git a/api/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto b/api/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto index 6f1a61e54b89..41040592cace 100644 --- a/api/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto +++ b/api/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto @@ -23,6 +23,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) diff --git a/api/envoy/extensions/filters/http/router/v3/BUILD b/api/envoy/extensions/filters/http/router/v3/BUILD index 440666471e16..0b02b988e42f 100644 --- a/api/envoy/extensions/filters/http/router/v3/BUILD +++ b/api/envoy/extensions/filters/http/router/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", - "//envoy/config/filter/http/router/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/http/router/v3/router.proto b/api/envoy/extensions/filters/http/router/v3/router.proto index 6ab64f92f2b0..ce595c057c01 100644 --- a/api/envoy/extensions/filters/http/router/v3/router.proto +++ b/api/envoy/extensions/filters/http/router/v3/router.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] -// [#next-free-field: 7] +// [#next-free-field: 8] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.router.v2.Router"; @@ -78,4 +78,14 @@ message Router { // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; + + // If set, Envoy will avoid incrementing HTTP failure code stats + // on gRPC requests. This includes the individual status code value + // (e.g. upstream_rq_504) and group stats (e.g. upstream_rq_5xx). + // This field is useful if interested in relying only on the gRPC + // stats filter to define success and failure metrics for gRPC requests + // as not all failed gRPC requests charge HTTP status code metrics. See + // :ref:`gRPC stats filter` documentation + // for more details. + bool suppress_grpc_request_failure_code_stats = 7; } diff --git a/api/envoy/extensions/filters/http/router/v4alpha/router.proto b/api/envoy/extensions/filters/http/router/v4alpha/router.proto index d0baaab84a39..2d72bd1470c0 100644 --- a/api/envoy/extensions/filters/http/router/v4alpha/router.proto +++ b/api/envoy/extensions/filters/http/router/v4alpha/router.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] -// [#next-free-field: 7] +// [#next-free-field: 8] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.router.v3.Router"; @@ -78,4 +78,14 @@ message Router { // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; + + // If set, Envoy will avoid incrementing HTTP failure code stats + // on gRPC requests. This includes the individual status code value + // (e.g. upstream_rq_504) and group stats (e.g. upstream_rq_5xx). + // This field is useful if interested in relying only on the gRPC + // stats filter to define success and failure metrics for gRPC requests + // as not all failed gRPC requests charge HTTP status code metrics. See + // :ref:`gRPC stats filter` documentation + // for more details. + bool suppress_grpc_request_failure_code_stats = 7; } diff --git a/api/envoy/config/cluster/aggregate/v2alpha/BUILD b/api/envoy/extensions/filters/http/set_metadata/v3/BUILD similarity index 100% rename from api/envoy/config/cluster/aggregate/v2alpha/BUILD rename to api/envoy/extensions/filters/http/set_metadata/v3/BUILD diff --git a/api/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto b/api/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto new file mode 100644 index 000000000000..f7ff348e2025 --- /dev/null +++ b/api/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto @@ -0,0 +1,30 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.set_metadata.v3; + +import "google/protobuf/struct.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.set_metadata.v3"; +option java_outer_classname = "SetMetadataProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Set-Metadata Filter] +// +// This filters adds or updates dynamic metadata with static data. +// +// [#extension: envoy.filters.http.set_metadata] + +message Config { + // The metadata namespace. + string metadata_namespace = 1 [(validate.rules).string = {min_len: 1}]; + + // The value to update the namespace with. See + // :ref:`the filter documentation ` for + // more information on how this value is merged with potentially existing + // ones. + google.protobuf.Struct value = 2; +} diff --git a/api/envoy/extensions/filters/http/squash/v3/BUILD b/api/envoy/extensions/filters/http/squash/v3/BUILD index bc73113edc2d..ee92fb652582 100644 --- a/api/envoy/extensions/filters/http/squash/v3/BUILD +++ b/api/envoy/extensions/filters/http/squash/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/squash/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/http/tap/v3/BUILD b/api/envoy/extensions/filters/http/tap/v3/BUILD index 7a7da171e779..6b2b1215048c 100644 --- a/api/envoy/extensions/filters/http/tap/v3/BUILD +++ b/api/envoy/extensions/filters/http/tap/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/listener/http_inspector/v3/BUILD b/api/envoy/extensions/filters/listener/http_inspector/v3/BUILD index af97cda2241e..ee92fb652582 100644 --- a/api/envoy/extensions/filters/listener/http_inspector/v3/BUILD +++ b/api/envoy/extensions/filters/listener/http_inspector/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/http_inspector/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/listener/original_dst/v3/BUILD b/api/envoy/extensions/filters/listener/original_dst/v3/BUILD index 4a1bdfeb0ee4..ee92fb652582 100644 --- a/api/envoy/extensions/filters/listener/original_dst/v3/BUILD +++ b/api/envoy/extensions/filters/listener/original_dst/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/original_dst/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/listener/original_src/v3/BUILD b/api/envoy/extensions/filters/listener/original_src/v3/BUILD index 02d98123a186..ee92fb652582 100644 --- a/api/envoy/extensions/filters/listener/original_src/v3/BUILD +++ b/api/envoy/extensions/filters/listener/original_src/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/original_src/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD b/api/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD index 279bc63a3905..ee92fb652582 100644 --- a/api/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD +++ b/api/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/proxy_protocol/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/listener/tls_inspector/v3/BUILD b/api/envoy/extensions/filters/listener/tls_inspector/v3/BUILD index d6f76cc795c1..ee92fb652582 100644 --- a/api/envoy/extensions/filters/listener/tls_inspector/v3/BUILD +++ b/api/envoy/extensions/filters/listener/tls_inspector/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/tls_inspector/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD b/api/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD index 63ddc6cce31c..1c1a6f6b4423 100644 --- a/api/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD +++ b/api/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/filter/network/client_ssl_auth/v2/BUILD b/api/envoy/extensions/filters/network/connection_limit/v3/BUILD similarity index 87% rename from api/envoy/config/filter/network/client_ssl_auth/v2/BUILD rename to api/envoy/extensions/filters/network/connection_limit/v3/BUILD index 83bc0ab960e7..1c1a6f6b4423 100644 --- a/api/envoy/config/filter/network/client_ssl_auth/v2/BUILD +++ b/api/envoy/extensions/filters/network/connection_limit/v3/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/core:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto b/api/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto new file mode 100644 index 000000000000..ccd30aaba692 --- /dev/null +++ b/api/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; + +package envoy.extensions.filters.network.connection_limit.v3; + +import "envoy/config/core/v3/base.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.network.connection_limit.v3"; +option java_outer_classname = "ConnectionLimitProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Connection limit] +// Connection limit :ref:`configuration overview `. +// [#extension: envoy.filters.network.connection_limit] + +message ConnectionLimit { + // The prefix to use when emitting :ref:`statistics + // `. + string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; + + // The max connections configuration to use for new incoming connections that are processed + // by the filter's filter chain. When max_connection is reached, the incoming connection + // will be closed after delay duration. + google.protobuf.UInt64Value max_connections = 2 [(validate.rules).uint64 = {gte: 1}]; + + // The delay configuration to use for rejecting the connection after some specified time duration + // instead of immediately rejecting the connection. That way, a malicious user is not able to + // retry as fast as possible which provides a better DoS protection for Envoy. If this is not present, + // the connection will be closed immediately. + google.protobuf.Duration delay = 3; + + // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults + // to enabled. + config.core.v3.RuntimeFeatureFlag runtime_enabled = 4; +} diff --git a/api/envoy/extensions/filters/network/direct_response/v3/BUILD b/api/envoy/extensions/filters/network/direct_response/v3/BUILD index 3811eea543d0..1c1a6f6b4423 100644 --- a/api/envoy/extensions/filters/network/direct_response/v3/BUILD +++ b/api/envoy/extensions/filters/network/direct_response/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/direct_response/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD b/api/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD index ee019776bb57..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD +++ b/api/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/dubbo/router/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD b/api/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD index 07ee4e43c93d..b6e6273d28f5 100644 --- a/api/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", diff --git a/api/envoy/extensions/filters/network/echo/v3/BUILD b/api/envoy/extensions/filters/network/echo/v3/BUILD index 64f6e338d260..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/echo/v3/BUILD +++ b/api/envoy/extensions/filters/network/echo/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/echo/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/ext_authz/v3/BUILD b/api/envoy/extensions/filters/network/ext_authz/v3/BUILD index a5c5b57b7227..3f3a5395d2aa 100644 --- a/api/envoy/extensions/filters/network/ext_authz/v3/BUILD +++ b/api/envoy/extensions/filters/network/ext_authz/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto b/api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto index df141cb13087..856249c2a25a 100644 --- a/api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto +++ b/api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto @@ -35,7 +35,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] -// [#next-free-field: 47] +// [#next-free-field: 48] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager"; @@ -702,6 +702,16 @@ message HttpConnectionManager { // ` // for details. PathNormalizationOptions path_normalization_options = 43; + + // Determines if trailing dot of the host should be removed from host/authority header before any + // processing of request by HTTP filters or routing. + // This affects the upstream host header. + // Without setting this option, incoming requests with host `example.com.` will not match against + // route with :ref:`domains` match set to `example.com`. Defaults to `false`. + // When the incoming request contains a host/authority header that includes a port number, + // setting this option will strip a trailing dot, if present, from the host section, + // leaving the port as is (e.g. host value `example.com.:443` will be updated to `example.com:443`). + bool strip_trailing_host_dot = 47; } // The configuration to customize local reply returned by Envoy. diff --git a/api/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto b/api/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto index 37f15c7d4963..c9f4333f3c7c 100644 --- a/api/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto +++ b/api/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto @@ -33,7 +33,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] -// [#next-free-field: 47] +// [#next-free-field: 48] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"; @@ -680,6 +680,16 @@ message HttpConnectionManager { // ` // for details. PathNormalizationOptions path_normalization_options = 43; + + // Determines if trailing dot of the host should be removed from host/authority header before any + // processing of request by HTTP filters or routing. + // This affects the upstream host header. + // Without setting this option, incoming requests with host `example.com.` will not match against + // route with :ref:`domains` match set to `example.com`. Defaults to `false`. + // When the incoming request contains a host/authority header that includes a port number, + // setting this option will strip a trailing dot, if present, from the host section, + // leaving the port as is (e.g. host value `example.com.:443` will be updated to `example.com:443`). + bool strip_trailing_host_dot = 47; } // The configuration to customize local reply returned by Envoy. diff --git a/api/envoy/extensions/filters/network/kafka_broker/v3/BUILD b/api/envoy/extensions/filters/network/kafka_broker/v3/BUILD index 841625db358e..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/kafka_broker/v3/BUILD +++ b/api/envoy/extensions/filters/network/kafka_broker/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/local_ratelimit/v3/BUILD b/api/envoy/extensions/filters/network/local_ratelimit/v3/BUILD index 6063fac9a03e..ad2fc9a9a84f 100644 --- a/api/envoy/extensions/filters/network/local_ratelimit/v3/BUILD +++ b/api/envoy/extensions/filters/network/local_ratelimit/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/network/mongo_proxy/v3/BUILD b/api/envoy/extensions/filters/network/mongo_proxy/v3/BUILD index 89c91e756797..d399b876a7f4 100644 --- a/api/envoy/extensions/filters/network/mongo_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/network/mongo_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/network/mysql_proxy/v3/BUILD b/api/envoy/extensions/filters/network/mysql_proxy/v3/BUILD index ea52e79aaad3..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/mysql_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/network/mysql_proxy/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/ratelimit/v3/BUILD b/api/envoy/extensions/filters/network/ratelimit/v3/BUILD index d70a49190005..9276f5ab3d2d 100644 --- a/api/envoy/extensions/filters/network/ratelimit/v3/BUILD +++ b/api/envoy/extensions/filters/network/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/api/envoy/extensions/filters/network/rbac/v3/BUILD b/api/envoy/extensions/filters/network/rbac/v3/BUILD index 565d52c46bb3..fd183569e5a1 100644 --- a/api/envoy/extensions/filters/network/rbac/v3/BUILD +++ b/api/envoy/extensions/filters/network/rbac/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/network/rbac/v3/rbac.proto b/api/envoy/extensions/filters/network/rbac/v3/rbac.proto index e38b0cf448ba..4d1ff296fa4a 100644 --- a/api/envoy/extensions/filters/network/rbac/v3/rbac.proto +++ b/api/envoy/extensions/filters/network/rbac/v3/rbac.proto @@ -39,6 +39,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs diff --git a/api/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto b/api/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto index 9e15a86e60c3..3512bae2d2ab 100644 --- a/api/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto +++ b/api/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto @@ -39,6 +39,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs diff --git a/api/envoy/extensions/filters/network/sni_cluster/v3/BUILD b/api/envoy/extensions/filters/network/sni_cluster/v3/BUILD index 380c8623d523..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/sni_cluster/v3/BUILD +++ b/api/envoy/extensions/filters/network/sni_cluster/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/sni_cluster/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD b/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD new file mode 100644 index 000000000000..465ea4ff2844 --- /dev/null +++ b/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", + "//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto b/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto new file mode 100644 index 000000000000..de2947fcba9e --- /dev/null +++ b/api/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto @@ -0,0 +1,40 @@ +syntax = "proto3"; + +package envoy.extensions.filters.network.sni_dynamic_forward_proxy.v4alpha; + +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "SniDynamicForwardProxyProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).work_in_progress = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: SNI dynamic forward proxy] + +// Configuration for the SNI-based dynamic forward proxy filter. See the +// :ref:`architecture overview ` for +// more information. Note this filter must be configured along with +// :ref:`TLS inspector listener filter ` +// to work. +// [#extension: envoy.filters.network.sni_dynamic_forward_proxy] +message FilterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha.FilterConfig"; + + // The DNS cache configuration that the filter will attach to. Note this + // configuration must match that of associated :ref:`dynamic forward proxy + // cluster configuration + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 + [(validate.rules).message = {required: true}]; + + oneof port_specifier { + // The port number to connect to the upstream. + uint32 port_value = 2 [(validate.rules).uint32 = {lte: 65535 gt: 0}]; + } +} diff --git a/api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD b/api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD index 8f23a610a964..0bad14913d21 100644 --- a/api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD +++ b/api/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD b/api/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD index 20fd72e09cd2..ee92fb652582 100644 --- a/api/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto b/api/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto index 32103540c1d2..8221c11efbe7 100644 --- a/api/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto +++ b/api/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v3alpha; -import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/data/dns/v3/dns_table.proto"; import "google/protobuf/duration.proto"; @@ -51,10 +51,8 @@ message DnsFilterConfig { // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; - // A list of DNS servers to which we can forward queries. If not - // specified, Envoy will use the ambient DNS resolvers in the - // system. - repeated config.core.v3.Address upstream_resolvers = 2; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v3.DnsResolutionConfig dns_resolution_config = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external diff --git a/api/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto b/api/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto index 54615b8b93ed..6957e58dbb06 100644 --- a/api/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto +++ b/api/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v4alpha; -import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/data/dns/v4alpha/dns_table.proto"; import "google/protobuf/duration.proto"; @@ -61,10 +61,8 @@ message DnsFilterConfig { // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; - // A list of DNS servers to which we can forward queries. If not - // specified, Envoy will use the ambient DNS resolvers in the - // system. - repeated config.core.v4alpha.Address upstream_resolvers = 2; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v4alpha.DnsResolutionConfig dns_resolution_config = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external diff --git a/api/envoy/extensions/filters/udp/udp_proxy/v3/BUILD b/api/envoy/extensions/filters/udp/udp_proxy/v3/BUILD index 97a07915b41d..1c1a6f6b4423 100644 --- a/api/envoy/extensions/filters/udp/udp_proxy/v3/BUILD +++ b/api/envoy/extensions/filters/udp/udp_proxy/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/cluster/redis/BUILD b/api/envoy/extensions/formatter/req_without_query/v3/BUILD similarity index 100% rename from api/envoy/config/cluster/redis/BUILD rename to api/envoy/extensions/formatter/req_without_query/v3/BUILD diff --git a/api/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto b/api/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto new file mode 100644 index 000000000000..e1b6c32a97e6 --- /dev/null +++ b/api/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto @@ -0,0 +1,29 @@ +syntax = "proto3"; + +package envoy.extensions.formatter.req_without_query.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.formatter.req_without_query.v3"; +option java_outer_classname = "ReqWithoutQueryProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Formatter extension for printing request without query string] +// [#extension: envoy.formatter.req_without_query] + +// ReqWithoutQuery formatter extension implements REQ_WITHOUT_QUERY command operator that +// works the same way as :ref:`REQ ` except that it will +// remove the query string. It is used to avoid logging any sensitive information into +// the access log. +// See :ref:`here ` for more information on access log configuration. + +// %REQ_WITHOUT_QUERY(X?Y):Z% +// An HTTP request header where X is the main HTTP header, Y is the alternative one, and Z is an +// optional parameter denoting string truncation up to Z characters long. The value is taken from +// the HTTP request header named X first and if it's not set, then request header Y is used. If +// none of the headers are present '-' symbol will be in the log. + +// Configuration for the request without query formatter. +message ReqWithoutQuery { +} diff --git a/api/envoy/config/filter/dubbo/router/v2alpha1/BUILD b/api/envoy/extensions/quic/crypto_stream/v3/BUILD similarity index 100% rename from api/envoy/config/filter/dubbo/router/v2alpha1/BUILD rename to api/envoy/extensions/quic/crypto_stream/v3/BUILD diff --git a/api/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto b/api/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto new file mode 100644 index 000000000000..6313f79861e8 --- /dev/null +++ b/api/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package envoy.extensions.quic.crypto_stream.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.quic.crypto_stream.v3"; +option java_outer_classname = "CryptoStreamProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: QUIC server crypto stream config] +// [#extension: envoy.quic.crypto_stream.server.quiche] + +// Configuration for the default QUIC server crypto stream provided by QUICHE. +message CryptoServerStreamConfig { +} diff --git a/api/envoy/config/filter/http/aws_lambda/v2alpha/BUILD b/api/envoy/extensions/quic/proof_source/v3/BUILD similarity index 100% rename from api/envoy/config/filter/http/aws_lambda/v2alpha/BUILD rename to api/envoy/extensions/quic/proof_source/v3/BUILD diff --git a/api/envoy/extensions/quic/proof_source/v3/proof_source.proto b/api/envoy/extensions/quic/proof_source/v3/proof_source.proto new file mode 100644 index 000000000000..1459142d4091 --- /dev/null +++ b/api/envoy/extensions/quic/proof_source/v3/proof_source.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package envoy.extensions.quic.proof_source.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.quic.proof_source.v3"; +option java_outer_classname = "ProofSourceProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: QUIC proof source config] +// [#extension: envoy.quic.proof_source.filter_chain] + +// Configuration for the default QUIC proof source. +message ProofSourceConfig { +} diff --git a/api/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD b/api/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD index 8ab45257bb7a..1c1a6f6b4423 100644 --- a/api/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD +++ b/api/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/retry/omit_host_metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/retry/priority/previous_priorities/v3/BUILD b/api/envoy/extensions/retry/priority/previous_priorities/v3/BUILD index a7574a4e6e87..ee92fb652582 100644 --- a/api/envoy/extensions/retry/priority/previous_priorities/v3/BUILD +++ b/api/envoy/extensions/retry/priority/previous_priorities/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/retry/previous_priorities:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/config/filter/http/grpc_stats/v2alpha/BUILD b/api/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD similarity index 87% rename from api/envoy/config/filter/http/grpc_stats/v2alpha/BUILD rename to api/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD index 83bc0ab960e7..1c1a6f6b4423 100644 --- a/api/envoy/config/filter/http/grpc_stats/v2alpha/BUILD +++ b/api/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/core:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto b/api/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto new file mode 100644 index 000000000000..72306389bfec --- /dev/null +++ b/api/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto @@ -0,0 +1,44 @@ +syntax = "proto3"; + +package envoy.extensions.stat_sinks.graphite_statsd.v3; + +import "envoy/config/core/v3/address.proto"; + +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.stat_sinks.graphite_statsd.v3"; +option java_outer_classname = "GraphiteStatsdProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Graphite+Statsd] +// Stats configuration proto schema for ``envoy.stat_sinks.graphite_statsd`` sink. +// The sink emits stats with `Graphite `_ +// compatible tags. Tags are configurable via :ref:`StatsConfig +// `. +// [#extension: envoy.stat_sinks.graphite_statsd] + +message GraphiteStatsdSink { + oneof statsd_specifier { + option (validate.required) = true; + + // The UDP address of a running Graphite-compliant listener. If specified, + // statistics will be flushed to this address. + config.core.v3.Address address = 1; + } + + // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field + // ` for more details. + string prefix = 3; + + // Optional max datagram size to use when sending UDP messages. By default Envoy + // will emit one metric per datagram. By specifying a max-size larger than a single + // metric, Envoy will emit multiple, new-line separated metrics. The max datagram + // size should not exceed your network's MTU. + // + // Note that this value may not be respected if smaller than a single metric. + google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; +} diff --git a/api/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD b/api/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD index 77acc959be8f..ee92fb652582 100644 --- a/api/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD +++ b/api/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/transport_socket/raw_buffer/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/extensions/transport_sockets/tap/v3/BUILD b/api/envoy/extensions/transport_sockets/tap/v3/BUILD index 8104239e63ea..b97db3d63736 100644 --- a/api/envoy/extensions/transport_sockets/tap/v3/BUILD +++ b/api/envoy/extensions/transport_sockets/tap/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/api/envoy/extensions/transport_sockets/tls/v3/common.proto b/api/envoy/extensions/transport_sockets/tls/v3/common.proto index 182dc4b81a5f..aa05a31f23d9 100644 --- a/api/envoy/extensions/transport_sockets/tls/v3/common.proto +++ b/api/envoy/extensions/transport_sockets/tls/v3/common.proto @@ -51,10 +51,12 @@ message TlsParameters { // If specified, the TLS listener will only support the specified `cipher list // `_ - // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not - // specified, the default list will be used. + // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). // - // In non-FIPS builds, the default cipher list is: + // If not specified, a default list will be used. Defaults are different for server (downstream) and + // client (upstream) TLS configurations. + // + // In non-FIPS builds, the default server cipher list is: // // .. code-block:: none // @@ -71,7 +73,7 @@ message TlsParameters { // AES256-GCM-SHA384 // AES256-SHA // - // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: + // In builds using :ref:`BoringSSL FIPS `, the default server cipher list is: // // .. code-block:: none // @@ -87,6 +89,24 @@ message TlsParameters { // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA + // + // In non-FIPS builds, the default client cipher list is: + // + // .. code-block:: none + // + // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] + // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 + // + // In builds using :ref:`BoringSSL FIPS `, the default client cipher list is: + // + // .. code-block:: none + // + // ECDHE-ECDSA-AES128-GCM-SHA256 + // ECDHE-RSA-AES128-GCM-SHA256 + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH diff --git a/api/envoy/extensions/transport_sockets/tls/v3/tls.proto b/api/envoy/extensions/transport_sockets/tls/v3/tls.proto index 44325bdbee6a..02287de5875f 100644 --- a/api/envoy/extensions/transport_sockets/tls/v3/tls.proto +++ b/api/envoy/extensions/transport_sockets/tls/v3/tls.proto @@ -216,8 +216,14 @@ message CommonTlsContext { // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. + // + // The same number and types of certificates as :ref:`tls_certificates ` + // are valid in the the certificates fetched through this setting. + // + // If :ref:`tls_certificates ` + // is non-empty, this field is ignored. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 - [(validate.rules).repeated = {max_items: 1}]; + [(validate.rules).repeated = {max_items: 2}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] diff --git a/api/envoy/extensions/transport_sockets/tls/v4alpha/common.proto b/api/envoy/extensions/transport_sockets/tls/v4alpha/common.proto index 0bc4bf9e963f..e696fffc5e57 100644 --- a/api/envoy/extensions/transport_sockets/tls/v4alpha/common.proto +++ b/api/envoy/extensions/transport_sockets/tls/v4alpha/common.proto @@ -52,10 +52,12 @@ message TlsParameters { // If specified, the TLS listener will only support the specified `cipher list // `_ - // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not - // specified, the default list will be used. + // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). // - // In non-FIPS builds, the default cipher list is: + // If not specified, a default list will be used. Defaults are different for server (downstream) and + // client (upstream) TLS configurations. + // + // In non-FIPS builds, the default server cipher list is: // // .. code-block:: none // @@ -72,7 +74,7 @@ message TlsParameters { // AES256-GCM-SHA384 // AES256-SHA // - // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: + // In builds using :ref:`BoringSSL FIPS `, the default server cipher list is: // // .. code-block:: none // @@ -88,6 +90,24 @@ message TlsParameters { // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA + // + // In non-FIPS builds, the default client cipher list is: + // + // .. code-block:: none + // + // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] + // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 + // + // In builds using :ref:`BoringSSL FIPS `, the default client cipher list is: + // + // .. code-block:: none + // + // ECDHE-ECDSA-AES128-GCM-SHA256 + // ECDHE-RSA-AES128-GCM-SHA256 + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH diff --git a/api/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto b/api/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto index 7ddf55dfa6fa..b92cae619dd9 100644 --- a/api/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto +++ b/api/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto @@ -221,8 +221,14 @@ message CommonTlsContext { // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. + // + // The same number and types of certificates as :ref:`tls_certificates ` + // are valid in the the certificates fetched through this setting. + // + // If :ref:`tls_certificates ` + // is non-empty, this field is ignored. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 - [(validate.rules).repeated = {max_items: 1}]; + [(validate.rules).repeated = {max_items: 2}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] diff --git a/api/envoy/extensions/wasm/v3/wasm.proto b/api/envoy/extensions/wasm/v3/wasm.proto index 58b5c2130f6d..b4566c826ed0 100644 --- a/api/envoy/extensions/wasm/v3/wasm.proto +++ b/api/envoy/extensions/wasm/v3/wasm.proto @@ -62,6 +62,11 @@ message VmConfig { // // **envoy.wasm.runtime.v8**: `V8 `_-based WebAssembly runtime. // + // .. _extension_envoy.wasm.runtime.wamr: + // + // **envoy.wasm.runtime.wamr**: `WAMR `_-based WebAssembly runtime. + // This runtime is not enabled in the official build. + // // .. _extension_envoy.wasm.runtime.wavm: // // **envoy.wasm.runtime.wavm**: `WAVM `_-based WebAssembly runtime. @@ -72,6 +77,7 @@ message VmConfig { // **envoy.wasm.runtime.wasmtime**: `Wasmtime `_-based WebAssembly runtime. // This runtime is not enabled in the official build. // + // [#extension-category: envoy.wasm.runtime] string runtime = 2 [(validate.rules).string = {min_len: 1}]; // The Wasm code that Envoy will execute. @@ -81,7 +87,6 @@ message VmConfig { // (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. - // [#extension-category: envoy.wasm.runtime] google.protobuf.Any configuration = 4; // Allow the wasm file to include pre-compiled code on VMs which support it. diff --git a/api/envoy/service/event_reporting/v2alpha/BUILD b/api/envoy/service/event_reporting/v2alpha/BUILD deleted file mode 100644 index 4f58bd462f66..000000000000 --- a/api/envoy/service/event_reporting/v2alpha/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - has_services = True, - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], -) diff --git a/api/envoy/service/event_reporting/v2alpha/event_reporting_service.proto b/api/envoy/service/event_reporting/v2alpha/event_reporting_service.proto deleted file mode 100644 index 8d07f04640ca..000000000000 --- a/api/envoy/service/event_reporting/v2alpha/event_reporting_service.proto +++ /dev/null @@ -1,62 +0,0 @@ -syntax = "proto3"; - -package envoy.service.event_reporting.v2alpha; - -import "envoy/api/v2/core/base.proto"; - -import "google/protobuf/any.proto"; - -import "udpa/annotations/migrate.proto"; -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.service.event_reporting.v2alpha"; -option java_outer_classname = "EventReportingServiceProto"; -option java_multiple_files = true; -option java_generic_services = true; -option (udpa.annotations.file_migrate).move_to_package = "envoy.service.event_reporting.v3"; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: gRPC Event Reporting Service] - -// [#not-implemented-hide:] -// Service for streaming different types of events from Envoy to a server. The examples of -// such events may be health check or outlier detection events. -service EventReportingService { - // Envoy will connect and send StreamEventsRequest messages forever. - // The management server may send StreamEventsResponse to configure event stream. See below. - // This API is designed for high throughput with the expectation that it might be lossy. - rpc StreamEvents(stream StreamEventsRequest) returns (stream StreamEventsResponse) { - } -} - -// [#not-implemented-hide:] -// An events envoy sends to the management server. -message StreamEventsRequest { - message Identifier { - // The node sending the event messages over the stream. - api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; - } - - // Identifier data that will only be sent in the first message on the stream. This is effectively - // structured metadata and is a performance optimization. - Identifier identifier = 1; - - // Batch of events. When the stream is already active, it will be the events occurred - // since the last message had been sent. If the server receives unknown event type, it should - // silently ignore it. - // - // The following events are supported: - // - // * :ref:`HealthCheckEvent ` - // * :ref:`OutlierDetectionEvent ` - repeated google.protobuf.Any events = 2 [(validate.rules).repeated = {min_items: 1}]; -} - -// [#not-implemented-hide:] -// The management server may send envoy a StreamEventsResponse to tell which events the server -// is interested in. In future, with aggregated event reporting service, this message will -// contain, for example, clusters the envoy should send events for, or event types the server -// wants to process. -message StreamEventsResponse { -} diff --git a/api/envoy/service/event_reporting/v3/BUILD b/api/envoy/service/event_reporting/v3/BUILD index 631c92b0bd6b..7753cfeb3d6e 100644 --- a/api/envoy/service/event_reporting/v3/BUILD +++ b/api/envoy/service/event_reporting/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", - "//envoy/service/event_reporting/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/service/ratelimit/v3/rls.proto b/api/envoy/service/ratelimit/v3/rls.proto index 74ddd3305d62..ab8e0ffc0eba 100644 --- a/api/envoy/service/ratelimit/v3/rls.proto +++ b/api/envoy/service/ratelimit/v3/rls.proto @@ -7,9 +7,11 @@ import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v3"; option java_outer_classname = "RlsProto"; @@ -101,6 +103,20 @@ message RateLimitResponse { Unit unit = 2; } + // Cacheable quota for responses, see documentation for the :ref:`quota + // ` field. + // [#not-implemented-hide:] + message Quota { + // Number of matching requests granted in quota. Must be 1 or more. + uint32 requests = 1 [(validate.rules).uint32 = {gt: 0}]; + + oneof expiration_specifier { + // Point in time at which the quota expires. + google.protobuf.Timestamp valid_until = 2; + } + } + + // [#next-free-field: 6] message DescriptorStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.DescriptorStatus"; @@ -116,6 +132,39 @@ message RateLimitResponse { // Duration until reset of the current limit window. google.protobuf.Duration duration_until_reset = 4; + + // Quota granted for the descriptor. This is a certain number of requests over a period of time. + // The client may cache this result and apply the effective RateLimitResponse to future matching + // requests containing a matching descriptor without querying rate limit service. + // + // Quota is available for a request if its descriptor set has cached quota available for all + // descriptors. + // + // If quota is available, a RLS request will not be made and the quota will be reduced by 1 for + // all matching descriptors. + // + // If there is not sufficient quota, there are three cases: + // 1. A cached entry exists for a RLS descriptor that is out-of-quota, but not expired. + // In this case, the request will be treated as OVER_LIMIT. + // 2. Some RLS descriptors have a cached entry that has valid quota but some RLS descriptors + // have no cached entry. This will trigger a new RLS request. + // When the result is returned, a single unit will be consumed from the quota for all + // matching descriptors. + // If the server did not provide a quota, such as the quota message is empty for some of + // the descriptors, then the request admission is determined by the + // :ref:`overall_code `. + // 3. All RLS descriptors lack a cached entry, this will trigger a new RLS request, + // When the result is returned, a single unit will be consumed from the quota for all + // matching descriptors. + // If the server did not provide a quota, such as the quota message is empty for some of + // the descriptors, then the request admission is determined by the + // :ref:`overall_code `. + // + // When quota expires due to timeout, a new RLS request will also be made. + // The implementation may choose to preemptively query the rate limit server for more quota on or + // before expiration or before the available quota runs out. + // [#not-implemented-hide:] + Quota quota = 5; } // The overall response code which takes into account all of the descriptors that were passed diff --git a/api/envoy/service/status/v3/csds.proto b/api/envoy/service/status/v3/csds.proto index 3a1c748fc81b..1d940d6a2dfe 100644 --- a/api/envoy/service/status/v3/csds.proto +++ b/api/envoy/service/status/v3/csds.proto @@ -7,6 +7,8 @@ import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/node.proto"; import "google/api/annotations.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; @@ -124,10 +126,60 @@ message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientConfig"; + // GenericXdsConfig is used to specify the config status and the dump + // of any xDS resource identified by their type URL. It is the generalized + // version of the now deprecated ListenersConfigDump, ClustersConfigDump etc + // [#next-free-field: 10] + message GenericXdsConfig { + // Type_url represents the fully qualified name of xDS resource type + // like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. + string type_url = 1; + + // Name of the xDS resource + string name = 2; + + // This is the :ref:`version_info ` + // in the last processed xDS discovery response. If there are only + // static bootstrap listeners, this field will be "" + string version_info = 3; + + // The xDS resource config. Actual content depends on the type + google.protobuf.Any xds_config = 4; + + // Timestamp when the xDS resource was last updated + google.protobuf.Timestamp last_updated = 5; + + // Per xDS resource config status. It is generated by management servers. + // It will not be present if the CSDS server is an xDS client. + ConfigStatus config_status = 6; + + // Per xDS resource status from the view of a xDS client + admin.v3.ClientResourceStatus client_status = 7; + + // Set if the last update failed, cleared after the next successful + // update. The *error_state* field contains the rejected version of + // this particular resource along with the reason and timestamp. For + // successfully updated or acknowledged resource, this field should + // be empty. + // [#not-implemented-hide:] + admin.v3.UpdateFailureState error_state = 8; + + // Is static resource is true if it is specified in the config supplied + // through the file at the startup. + bool is_static_resource = 9; + } + // Node for a particular client. config.core.v3.Node node = 1; - repeated PerXdsConfig xds_config = 2; + // This field is deprecated in favor of generic_xds_configs which is + // much simpler and uniform in structure. + repeated PerXdsConfig xds_config = 2 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // Represents generic xDS config and the exact config structure depends on + // the type URL (like Cluster if it is CDS) + repeated GenericXdsConfig generic_xds_configs = 3; } message ClientStatusResponse { diff --git a/api/envoy/service/status/v4alpha/csds.proto b/api/envoy/service/status/v4alpha/csds.proto index b8720330e9b7..9680c6feacf7 100644 --- a/api/envoy/service/status/v4alpha/csds.proto +++ b/api/envoy/service/status/v4alpha/csds.proto @@ -7,6 +7,8 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/node.proto"; import "google/api/annotations.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; @@ -116,10 +118,62 @@ message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientConfig"; + // GenericXdsConfig is used to specify the config status and the dump + // of any xDS resource identified by their type URL. It is the generalized + // version of the now deprecated ListenersConfigDump, ClustersConfigDump etc + // [#next-free-field: 10] + message GenericXdsConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.status.v3.ClientConfig.GenericXdsConfig"; + + // Type_url represents the fully qualified name of xDS resource type + // like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. + string type_url = 1; + + // Name of the xDS resource + string name = 2; + + // This is the :ref:`version_info ` + // in the last processed xDS discovery response. If there are only + // static bootstrap listeners, this field will be "" + string version_info = 3; + + // The xDS resource config. Actual content depends on the type + google.protobuf.Any xds_config = 4; + + // Timestamp when the xDS resource was last updated + google.protobuf.Timestamp last_updated = 5; + + // Per xDS resource config status. It is generated by management servers. + // It will not be present if the CSDS server is an xDS client. + ConfigStatus config_status = 6; + + // Per xDS resource status from the view of a xDS client + admin.v4alpha.ClientResourceStatus client_status = 7; + + // Set if the last update failed, cleared after the next successful + // update. The *error_state* field contains the rejected version of + // this particular resource along with the reason and timestamp. For + // successfully updated or acknowledged resource, this field should + // be empty. + // [#not-implemented-hide:] + admin.v4alpha.UpdateFailureState error_state = 8; + + // Is static resource is true if it is specified in the config supplied + // through the file at the startup. + bool is_static_resource = 9; + } + + reserved 2; + + reserved "xds_config"; + // Node for a particular client. config.core.v4alpha.Node node = 1; - repeated PerXdsConfig xds_config = 2; + // Represents generic xDS config and the exact config structure depends on + // the type URL (like Cluster if it is CDS) + repeated GenericXdsConfig generic_xds_configs = 3; } message ClientStatusResponse { diff --git a/api/envoy/service/trace/v2/BUILD b/api/envoy/service/trace/v2/BUILD deleted file mode 100644 index 7e6d2b11bf16..000000000000 --- a/api/envoy/service/trace/v2/BUILD +++ /dev/null @@ -1,14 +0,0 @@ -# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. - -load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") - -licenses(["notice"]) # Apache 2 - -api_proto_package( - has_services = True, - deps = [ - "//envoy/api/v2/core:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", - ], -) diff --git a/api/envoy/service/trace/v2/trace_service.proto b/api/envoy/service/trace/v2/trace_service.proto deleted file mode 100644 index 4e07f9e1f609..000000000000 --- a/api/envoy/service/trace/v2/trace_service.proto +++ /dev/null @@ -1,46 +0,0 @@ -syntax = "proto3"; - -package envoy.service.trace.v2; - -import "envoy/api/v2/core/base.proto"; - -import "opencensus/proto/trace/v1/trace.proto"; - -import "udpa/annotations/status.proto"; -import "validate/validate.proto"; - -option java_package = "io.envoyproxy.envoy.service.trace.v2"; -option java_outer_classname = "TraceServiceProto"; -option java_multiple_files = true; -option java_generic_services = true; -option (udpa.annotations.file_status).package_version_status = FROZEN; - -// [#protodoc-title: Trace service] - -// Service for streaming traces to server that consumes the trace data. It -// uses OpenCensus data model as a standard to represent trace information. -service TraceService { - // Envoy will connect and send StreamTracesMessage messages forever. It does - // not expect any response to be sent as nothing would be done in the case - // of failure. - rpc StreamTraces(stream StreamTracesMessage) returns (StreamTracesResponse) { - } -} - -message StreamTracesResponse { -} - -message StreamTracesMessage { - message Identifier { - // The node sending the access log messages over the stream. - api.v2.core.Node node = 1 [(validate.rules).message = {required: true}]; - } - - // Identifier data effectively is a structured metadata. - // As a performance optimization this will only be sent in the first message - // on the stream. - Identifier identifier = 1; - - // A list of Span entries - repeated opencensus.proto.trace.v1.Span spans = 2; -} diff --git a/api/envoy/service/trace/v3/BUILD b/api/envoy/service/trace/v3/BUILD index 42e86afd09c7..a00d454ff974 100644 --- a/api/envoy/service/trace/v3/BUILD +++ b/api/envoy/service/trace/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", - "//envoy/service/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], diff --git a/api/versioning/BUILD b/api/versioning/BUILD index eac32a5cdfd3..eb4267263f3f 100644 --- a/api/versioning/BUILD +++ b/api/versioning/BUILD @@ -58,8 +58,10 @@ proto_library( "//envoy/extensions/filters/common/matcher/action/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", + "//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg", "//envoy/extensions/filters/http/aws_lambda/v3:pkg", "//envoy/extensions/filters/http/aws_request_signing/v3:pkg", + "//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg", @@ -92,6 +94,7 @@ proto_library( "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", + "//envoy/extensions/filters/http/set_metadata/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", @@ -101,6 +104,7 @@ proto_library( "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", + "//envoy/extensions/filters/network/connection_limit/v3:pkg", "//envoy/extensions/filters/network/direct_response/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", @@ -126,6 +130,7 @@ proto_library( "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "//envoy/extensions/filters/udp/udp_proxy/v3:pkg", + "//envoy/extensions/formatter/req_without_query/v3:pkg", "//envoy/extensions/health_checkers/redis/v3:pkg", "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg", "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg", @@ -136,6 +141,8 @@ proto_library( "//envoy/extensions/matching/common_inputs/environment_variable/v3:pkg", "//envoy/extensions/matching/input_matchers/consistent_hashing/v3:pkg", "//envoy/extensions/network/socket_interface/v3:pkg", + "//envoy/extensions/quic/crypto_stream/v3:pkg", + "//envoy/extensions/quic/proof_source/v3:pkg", "//envoy/extensions/rate_limit_descriptors/expr/v3:pkg", "//envoy/extensions/request_id/uuid/v3:pkg", "//envoy/extensions/resource_monitors/fixed_heap/v3:pkg", @@ -144,6 +151,7 @@ proto_library( "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/host/previous_hosts/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", + "//envoy/extensions/stat_sinks/graphite_statsd/v3:pkg", "//envoy/extensions/stat_sinks/wasm/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg", diff --git a/bazel/BUILD b/bazel/BUILD index 98be980f810d..3d65037c2792 100644 --- a/bazel/BUILD +++ b/bazel/BUILD @@ -169,6 +169,11 @@ config_setting( }, ) +config_setting( + name = "clang_pch_build", + values = {"define": "ENVOY_CLANG_PCH=1"}, +) + config_setting( name = "gcc_build_gcc", flag_values = { @@ -401,6 +406,11 @@ config_setting( values = {"define": "wasm=v8"}, ) +config_setting( + name = "wasm_wamr", + values = {"define": "wasm=wamr"}, +) + config_setting( name = "wasm_wasmtime", values = {"define": "wasm=wasmtime"}, diff --git a/bazel/DEVELOPER.md b/bazel/DEVELOPER.md index 41a3d5046e04..6830f220a924 100644 --- a/bazel/DEVELOPER.md +++ b/bazel/DEVELOPER.md @@ -22,12 +22,12 @@ be sorted alphabetically by their `name` attribute. All modules that make up the Envoy binary are statically linked at compile time. Many of the modules within Envoy have a pure virtual interface living in -[`include/envoy`](../include/envoy), implementation sources in +[`envoy`](../envoy), implementation sources in [`source`](../source), mocks in [`test/mocks`](../test/mocks) and unit/integration tests in [`test`](../test). The relevant `BUILD` files will require updating or to be added in these locations as you extend Envoy. -As an example, consider adding the following interface in `include/envoy/foo/bar.h`: +As an example, consider adding the following interface in `envoy/foo/bar.h`: ```c++ #pragma once @@ -43,7 +43,7 @@ public: ... ``` -This would require the addition to `include/envoy/foo/BUILD` of the following target: +This would require the addition to `envoy/foo/BUILD` of the following target: ```python envoy_cc_library( @@ -51,7 +51,7 @@ envoy_cc_library( hdrs = ["bar.h"], deps = [ ":baz_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) ``` @@ -59,7 +59,7 @@ envoy_cc_library( This declares a new target `bar_interface`, where the convention is that pure virtual interfaces have their targets suffixed with `_interface`. The header `bar.h` is exported to other targets that depend on -`//include/envoy/foo:bar_interface`. The interface target itself depends on +`//envoy/foo:bar_interface`. The interface target itself depends on `baz_interface` (in the same directory, hence the relative Bazel label) and `buffer_interface`. @@ -82,11 +82,11 @@ class BarImpl : public Bar { and `source/common/foo/bar_impl.cc`: ```c++ -#include "common/foo/bar_impl.h" +#include "source/common/foo/bar_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/foo/bar_internal.h" -#include "common/foo/baz_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/foo/bar_internal.h" +#include "source/common/foo/baz_impl.h" ... ``` @@ -102,7 +102,7 @@ envoy_cc_library( hdrs = ["bar_impl.h"], deps = [ ":baz_lib", - "//include/envoy/foo:bar_interface", + "//envoy/foo:bar_interface", "//source/common/buffer:buffer_lib", ], ) @@ -120,7 +120,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/foo:bar_interface", + "//envoy/foo:bar_interface", ... ], ) diff --git a/bazel/PPROF.md b/bazel/PPROF.md index ec29881557eb..c3ad65aca5d8 100644 --- a/bazel/PPROF.md +++ b/bazel/PPROF.md @@ -95,7 +95,7 @@ Example: ```c++ // includes - #include "common/profiler/profiler.h" + #include "source/common/profiler/profiler.h" ... Function(...) { if (!Profiler::Cpu::startProfiler(profile_path)) { diff --git a/bazel/README.md b/bazel/README.md index 87060090a61c..5276c629951b 100644 --- a/bazel/README.md +++ b/bazel/README.md @@ -23,9 +23,6 @@ powershell Invoke-WebRequest https://github.com/bazelbuild/bazelisk/releases/lat set PATH=%PATH%;%USERPROFILE%\bazel ``` -If you're building from an revision of Envoy prior to August 2019, which doesn't contains a `.bazelversion` file, run `ci/run_envoy_docker.sh "bazel version"` -to find the right version of Bazel and set the version to `USE_BAZEL_VERSION` environment variable to build. - ## Production environments To build Envoy with Bazel in a production environment, where the [Envoy @@ -167,9 +164,9 @@ for how to update or override dependencies. and Bazel rules which follow POSIX python conventions. Add `pip.exe` to the PATH and install the `wheel` package. ```cmd - mklink %USERPROFILE%\Python38\python3.exe %USERPROFILE%\Python38\python.exe - set PATH=%PATH%;%USERPROFILE%\Python38 - set PATH=%PATH%;%USERPROFILE%\Python38\Scripts + mklink %USERPROFILE%\Python39\python3.exe %USERPROFILE%\Python39\python.exe + set PATH=%PATH%;%USERPROFILE%\Python39 + set PATH=%PATH%;%USERPROFILE%\Python39\Scripts pip install wheel ``` @@ -890,9 +887,9 @@ Once this is set up, you can run clang-format without docker: ```shell ./tools/code_format/check_format.py check -./tools/spelling/check_spelling.sh check +./tools/spelling/check_spelling_pedantic.py check ./tools/code_format/check_format.py fix -./tools/spelling/check_spelling.sh fix +./tools/spelling/check_spelling_pedantic.py fix ``` # Advanced caching setup diff --git a/bazel/abseil.patch b/bazel/abseil.patch new file mode 100644 index 000000000000..d52556466e6f --- /dev/null +++ b/bazel/abseil.patch @@ -0,0 +1,42 @@ +# Force internal versions of std classes per +# https://abseil.io/docs/cpp/guides/options +diff --git a/absl/base/options.h b/absl/base/options.h +index 230bf1e..6e1b9e5 100644 +--- a/absl/base/options.h ++++ b/absl/base/options.h +@@ -100,7 +100,7 @@ + // User code should not inspect this macro. To check in the preprocessor if + // absl::any is a typedef of std::any, use the feature macro ABSL_USES_STD_ANY. + +-#define ABSL_OPTION_USE_STD_ANY 2 ++#define ABSL_OPTION_USE_STD_ANY 0 + + + // ABSL_OPTION_USE_STD_OPTIONAL +@@ -127,7 +127,7 @@ + // absl::optional is a typedef of std::optional, use the feature macro + // ABSL_USES_STD_OPTIONAL. + +-#define ABSL_OPTION_USE_STD_OPTIONAL 2 ++#define ABSL_OPTION_USE_STD_OPTIONAL 0 + + + // ABSL_OPTION_USE_STD_STRING_VIEW +@@ -154,7 +154,7 @@ + // absl::string_view is a typedef of std::string_view, use the feature macro + // ABSL_USES_STD_STRING_VIEW. + +-#define ABSL_OPTION_USE_STD_STRING_VIEW 2 ++#define ABSL_OPTION_USE_STD_STRING_VIEW 0 + + // ABSL_OPTION_USE_STD_VARIANT + // +@@ -180,7 +180,7 @@ + // absl::variant is a typedef of std::variant, use the feature macro + // ABSL_USES_STD_VARIANT. + +-#define ABSL_OPTION_USE_STD_VARIANT 2 ++#define ABSL_OPTION_USE_STD_VARIANT 0 + + + // ABSL_OPTION_USE_INLINE_NAMESPACE diff --git a/bazel/dependency_imports.bzl b/bazel/dependency_imports.bzl index 872cfdcc41e3..7c806b08c98a 100644 --- a/bazel/dependency_imports.bzl +++ b/bazel/dependency_imports.bzl @@ -41,36 +41,60 @@ def envoy_dependency_imports(go_version = GO_VERSION): name = "org_golang_google_grpc", build_file_proto_mode = "disable", importpath = "google.golang.org/grpc", - sum = "h1:EC2SB8S04d2r73uptxphDSUG+kTKVgjRPF+N3xpxRB4=", - version = "v1.29.1", + sum = "h1:raiipEjMOIC/TO2AvyTxP25XFdLxNIBwzDh3FM3XztI=", + version = "v1.34.0", + # project_url = "https://pkg.go.dev/google.golang.org/grpc", + # last_update = "2020-12-02" + # use_category = ["api"], + # cpe = "cpe:2.3:a:grpc:grpc:*", ) go_repository( name = "org_golang_x_net", importpath = "golang.org/x/net", - sum = "h1:fHDIZ2oxGnUZRN6WgWFCbYBjH9uqVPRCUVUDhs0wnbA=", - version = "v0.0.0-20190813141303-74dc4d7220e7", + sum = "h1:0mm1VjtFUOIlE1SbDlwjYaDxZVDP2S5ou6y0gSgXHu8=", + version = "v0.0.0-20200226121028-0de0cce0169b", + # project_url = "https://pkg.go.dev/golang.org/x/net", + # last_update = "2020-02-26" + # use_category = ["api"], + # source = "https://github.com/envoyproxy/protoc-gen-validate/blob/v0.6.1/dependencies.bzl#L129-L134" ) go_repository( name = "org_golang_x_text", importpath = "golang.org/x/text", - sum = "h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=", - version = "v0.3.0", + sum = "h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=", + version = "v0.3.3", + # project_url = "https://pkg.go.dev/golang.org/x/text", + # last_update = "2021-06-16" + # use_category = ["api"], + # source = "https://github.com/envoyproxy/protoc-gen-validate/blob/v0.6.1/dependencies.bzl#L148-L153" ) go_repository( name = "com_github_spf13_afero", importpath = "github.com/spf13/afero", sum = "h1:8q6vk3hthlpb2SouZcnBVKboxWQWMDNF38bwholZrJc=", version = "v1.3.4", + # project_url = "https://pkg.go.dev/github.com/spf13/afero", + # last_update = "2021-03-20" + # use_category = ["api"], + # source = "https://github.com/envoyproxy/protoc-gen-validate/blob/v0.6.1/dependencies.bzl#L60-L65" ) go_repository( name = "com_github_lyft_protoc_gen_star", importpath = "github.com/lyft/protoc-gen-star", sum = "h1:sImehRT+p7lW9n6R7MQc5hVgzWGEkDVZU4AsBQ4Isu8=", version = "v0.5.1", + # project_url = "https://pkg.go.dev/github.com/lyft/protoc-gen-star", + # last_update = "2020-08-06" + # use_category = ["api"], + # source = "https://github.com/envoyproxy/protoc-gen-validate/blob/v0.6.1/dependencies.bzl#L35-L40" ) go_repository( name = "com_github_iancoleman_strcase", importpath = "github.com/iancoleman/strcase", sum = "h1:ux/56T2xqZO/3cP1I2F86qpeoYPCOzk+KF/UH/Ar+lk=", version = "v0.0.0-20180726023541-3605ed457bf7", + # project_url = "https://pkg.go.dev/github.com/iancoleman/strcase", + # last_update = "2020-11-22" + # use_category = ["api"], + # source = "https://github.com/envoyproxy/protoc-gen-validate/blob/v0.6.1/dependencies.bzl#L23-L28" ) diff --git a/bazel/envoy_build_system.bzl b/bazel/envoy_build_system.bzl index 921e51af6819..a0463ab770d0 100644 --- a/bazel/envoy_build_system.bzl +++ b/bazel/envoy_build_system.bzl @@ -12,9 +12,9 @@ load( _envoy_cc_posix_library = "envoy_cc_posix_library", _envoy_cc_posix_without_linux_library = "envoy_cc_posix_without_linux_library", _envoy_cc_win32_library = "envoy_cc_win32_library", - _envoy_include_prefix = "envoy_include_prefix", _envoy_proto_library = "envoy_proto_library", ) +load(":envoy_pch.bzl", _envoy_pch_library = "envoy_pch_library") load( ":envoy_select.bzl", _envoy_select_boringssl = "envoy_select_boringssl", @@ -24,6 +24,7 @@ load( _envoy_select_wasm_cpp_tests = "envoy_select_wasm_cpp_tests", _envoy_select_wasm_rust_tests = "envoy_select_wasm_rust_tests", _envoy_select_wasm_v8 = "envoy_select_wasm_v8", + _envoy_select_wasm_wamr = "envoy_select_wasm_wamr", _envoy_select_wasm_wasmtime = "envoy_select_wasm_wasmtime", _envoy_select_wasm_wavm = "envoy_select_wasm_wavm", ) @@ -208,9 +209,10 @@ envoy_select_enable_http3 = _envoy_select_enable_http3 envoy_select_hot_restart = _envoy_select_hot_restart envoy_select_wasm_cpp_tests = _envoy_select_wasm_cpp_tests envoy_select_wasm_rust_tests = _envoy_select_wasm_rust_tests +envoy_select_wasm_v8 = _envoy_select_wasm_v8 +envoy_select_wasm_wamr = _envoy_select_wasm_wamr envoy_select_wasm_wavm = _envoy_select_wasm_wavm envoy_select_wasm_wasmtime = _envoy_select_wasm_wasmtime -envoy_select_wasm_v8 = _envoy_select_wasm_v8 # Binary wrappers (from envoy_binary.bzl) envoy_cc_binary = _envoy_cc_binary @@ -223,8 +225,8 @@ envoy_cc_linux_library = _envoy_cc_linux_library envoy_cc_posix_library = _envoy_cc_posix_library envoy_cc_posix_without_linux_library = _envoy_cc_posix_without_linux_library envoy_cc_win32_library = _envoy_cc_win32_library -envoy_include_prefix = _envoy_include_prefix envoy_proto_library = _envoy_proto_library +envoy_pch_library = _envoy_pch_library # Test wrappers (from envoy_test.bzl) envoy_cc_fuzz_test = _envoy_cc_fuzz_test diff --git a/bazel/envoy_library.bzl b/bazel/envoy_library.bzl index 0c4ae3a53a36..c29f35b160c0 100644 --- a/bazel/envoy_library.bzl +++ b/bazel/envoy_library.bzl @@ -8,6 +8,7 @@ load( "envoy_external_dep_path", "envoy_linkstatic", ) +load(":envoy_pch.bzl", "envoy_pch_copts") load("@envoy_api//bazel:api_build_system.bzl", "api_cc_py_proto_library") load( "@envoy_build_config//:extensions_build_config.bzl", @@ -44,99 +45,12 @@ def envoy_basic_cc_library(name, deps = [], external_deps = [], **kargs): **kargs ) -# All Envoy extensions must be tagged with their security hardening stance with -# respect to downstream and upstream data plane threats. These are verbose -# labels intended to make clear the trust that operators may place in -# extensions. -EXTENSION_SECURITY_POSTURES = [ - # This extension is hardened against untrusted downstream traffic. It - # assumes that the upstream is trusted. - "robust_to_untrusted_downstream", - # This extension is hardened against both untrusted downstream and upstream - # traffic. - "robust_to_untrusted_downstream_and_upstream", - # This extension is not hardened and should only be used in deployments - # where both the downstream and upstream are trusted. - "requires_trusted_downstream_and_upstream", - # This is functionally equivalent to - # requires_trusted_downstream_and_upstream, but acts as a placeholder to - # allow us to identify extensions that need classifying. - "unknown", - # Not relevant to data plane threats, e.g. stats sinks. - "data_plane_agnostic", -] - -# Extension categories as defined by factories -EXTENSION_CATEGORIES = [ - "envoy.access_loggers", - "envoy.bootstrap", - "envoy.clusters", - "envoy.compression.compressor", - "envoy.compression.decompressor", - "envoy.filters.http", - "envoy.filters.http.cache", - "envoy.filters.listener", - "envoy.filters.network", - "envoy.filters.udp_listener", - "envoy.grpc_credentials", - "envoy.guarddog_actions", - "envoy.health_checkers", - "envoy.http.stateful_header_formatters", - "envoy.internal_redirect_predicates", - "envoy.io_socket", - "envoy.http.original_ip_detection", - "envoy.matching.common_inputs", - "envoy.matching.input_matchers", - "envoy.rate_limit_descriptors", - "envoy.request_id", - "envoy.resource_monitors", - "envoy.retry_host_predicates", - "envoy.retry_priorities", - "envoy.stats_sinks", - "envoy.thrift_proxy.filters", - "envoy.tracers", - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - "envoy.tls.cert_validator", - "envoy.upstreams", - "envoy.wasm.runtime", - "DELIBERATELY_OMITTED", -] - -EXTENSION_STATUS_VALUES = [ - # This extension is stable and is expected to be production usable. - "stable", - # This extension is functional but has not had substantial production burn - # time, use only with this caveat. - "alpha", - # This extension is work-in-progress. Functionality is incomplete and it is - # not intended for production use. - "wip", -] - def envoy_cc_extension( name, - security_posture, - category = None, - # Only set this for internal, undocumented extensions. - undocumented = False, - status = "stable", tags = [], extra_visibility = [], visibility = EXTENSION_CONFIG_VISIBILITY, **kwargs): - if not category: - fail("Category not set for %s" % name) - if type(category) == "string": - category = (category,) - for cat in category: - if cat not in EXTENSION_CATEGORIES: - fail("Unknown extension category for %s: %s" % - (name, cat)) - if security_posture not in EXTENSION_SECURITY_POSTURES: - fail("Unknown extension security posture: " + security_posture) - if status not in EXTENSION_STATUS_VALUES: - fail("Unknown extension status: " + status) if "//visibility:public" not in visibility: visibility = visibility + extra_visibility @@ -149,6 +63,7 @@ def envoy_cc_extension( ) cc_library( name = ext_name, + tags = tags, deps = select({ ":is_enabled": [":" + name], "//conditions:default": [], @@ -169,6 +84,7 @@ def envoy_cc_library( tags = [], deps = [], strip_include_prefix = None, + include_prefix = None, textual_hdrs = None, defines = []): if tcmalloc_dep: @@ -178,23 +94,23 @@ def envoy_cc_library( name = name, srcs = srcs, hdrs = hdrs, - copts = envoy_copts(repository) + copts, + copts = envoy_copts(repository) + envoy_pch_copts(repository, "//source/common/common:common_pch") + copts, visibility = visibility, tags = tags, textual_hdrs = textual_hdrs, deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + [ - repository + "//include/envoy/common:base_includes", + repository + "//envoy/common:base_includes", repository + "//source/common/common:fmt_lib", + repository + "//source/common/common:common_pch", envoy_external_dep_path("abseil_flat_hash_map"), envoy_external_dep_path("abseil_flat_hash_set"), envoy_external_dep_path("abseil_strings"), - envoy_external_dep_path("spdlog"), envoy_external_dep_path("fmtlib"), ], - include_prefix = envoy_include_prefix(native.package_name()), alwayslink = 1, linkstatic = envoy_linkstatic(), strip_include_prefix = strip_include_prefix, + include_prefix = include_prefix, defines = defines, ) @@ -208,6 +124,7 @@ def envoy_cc_library( tags = ["nocompdb"] + tags, deps = [":" + name], strip_include_prefix = strip_include_prefix, + include_prefix = include_prefix, ) # Used to specify a library that only builds on POSIX @@ -272,14 +189,6 @@ def envoy_cc_win32_library(name, srcs = [], hdrs = [], **kargs): **kargs ) -# Transform the package path (e.g. include/envoy/common) into a path for -# exporting the package headers at (e.g. envoy/common). Source files can then -# include using this path scheme (e.g. #include "envoy/common/time.h"). -def envoy_include_prefix(path): - if path.startswith("source/") or path.startswith("include/"): - return "/".join(path.split("/")[1:]) - return None - # Envoy proto targets should be specified with this function. def envoy_proto_library(name, external_deps = [], **kwargs): api_cc_py_proto_library( diff --git a/bazel/envoy_pch.bzl b/bazel/envoy_pch.bzl new file mode 100644 index 000000000000..8d1418596dd2 --- /dev/null +++ b/bazel/envoy_pch.bzl @@ -0,0 +1,51 @@ +load("@rules_cc//cc:defs.bzl", "cc_library") + +# DO NOT LOAD THIS FILE. Load envoy_build_system.bzl instead. +# Envoy library targets +load( + ":envoy_internal.bzl", + "envoy_copts", + "envoy_external_dep_path", + "envoy_linkstatic", +) +load(":pch.bzl", "pch") + +def envoy_pch_copts(repository, target): + return select({ + repository + "//bazel:clang_pch_build": [ + "-include-pch", + "$(location {}{})".format(repository, target), + ], + "//conditions:default": [], + }) + +def envoy_pch_library( + name, + includes, + deps, + external_deps, + visibility, + testonly = False, + repository = ""): + cc_library( + name = name + "_libs", + visibility = ["//visibility:private"], + copts = envoy_copts(repository), + deps = deps + [envoy_external_dep_path(dep) for dep in external_deps], + alwayslink = 1, + testonly = testonly, + linkstatic = envoy_linkstatic(), + ) + + pch( + name = name, + deps = [name + "_libs"], + includes = includes, + visibility = visibility, + testonly = testonly, + tags = ["no-remote"], + enabled = select({ + repository + "//bazel:clang_pch_build": True, + "//conditions:default": False, + }), + ) diff --git a/bazel/envoy_select.bzl b/bazel/envoy_select.bzl index a34659b545c6..c1a16005bba5 100644 --- a/bazel/envoy_select.bzl +++ b/bazel/envoy_select.bzl @@ -60,12 +60,20 @@ def envoy_select_wasm_rust_tests(xs): # Selects the given values depending on the Wasm runtimes enabled in the current build. def envoy_select_wasm_v8(xs): return select({ + "@envoy//bazel:wasm_wamr": [], "@envoy//bazel:wasm_wasmtime": [], "@envoy//bazel:wasm_wavm": [], "@envoy//bazel:wasm_none": [], "//conditions:default": xs, }) +# Selects the given values depending on the Wasm runtimes enabled in the current build. +def envoy_select_wasm_wamr(xs): + return select({ + "@envoy//bazel:wasm_wamr": xs, + "//conditions:default": [], + }) + # Selects the given values depending on the Wasm runtimes enabled in the current build. def envoy_select_wasm_wavm(xs): return select({ diff --git a/bazel/envoy_test.bzl b/bazel/envoy_test.bzl index 48f11942cf5a..f74eda3e8393 100644 --- a/bazel/envoy_test.bzl +++ b/bazel/envoy_test.bzl @@ -5,6 +5,7 @@ load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test") load("@rules_fuzzing//fuzzing:cc_defs.bzl", "fuzzing_decoration") load(":envoy_binary.bzl", "envoy_cc_binary") load(":envoy_library.bzl", "tcmalloc_external_deps") +load(":envoy_pch.bzl", "envoy_pch_copts") load( ":envoy_internal.bzl", "envoy_copts", @@ -29,19 +30,26 @@ def _envoy_cc_test_infrastructure_library( include_prefix = None, copts = [], alwayslink = 1, + disable_pch = False, **kargs): # Add implicit tcmalloc external dependency(if available) in order to enable CPU and heap profiling in tests. deps += tcmalloc_external_deps(repository) + extra_deps = [] + pch_copts = [] + if disable_pch: + extra_deps = [envoy_external_dep_path("googletest")] + else: + extra_deps = [repository + "//test:test_pch"] + pch_copts = envoy_pch_copts(repository, "//test:test_pch") + cc_library( name = name, srcs = srcs, hdrs = hdrs, data = data, - copts = envoy_copts(repository, test = True) + copts, + copts = envoy_copts(repository, test = True) + copts + pch_copts, testonly = 1, - deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + [ - envoy_external_dep_path("googletest"), - ], + deps = deps + [envoy_external_dep_path(dep) for dep in external_deps] + extra_deps, tags = tags, include_prefix = include_prefix, alwayslink = alwayslink, @@ -159,11 +167,12 @@ def envoy_cc_test( name = name, srcs = srcs, data = data, - copts = envoy_copts(repository, test = True) + copts, + copts = envoy_copts(repository, test = True) + copts + envoy_pch_copts(repository, "//test:test_pch"), linkopts = _envoy_test_linkopts(), linkstatic = envoy_linkstatic(), malloc = tcmalloc_external_dep(repository), deps = envoy_stdlib_deps() + deps + [envoy_external_dep_path(dep) for dep in external_deps + ["googletest"]] + [ + repository + "//test:test_pch", repository + "//test:main", repository + "//test/test_common:test_version_linkstamp", ], @@ -192,6 +201,7 @@ def envoy_cc_test_library( copts = [], alwayslink = 1, **kargs): + disable_pch = kargs.pop("disable_pch", True) _envoy_cc_test_infrastructure_library( name, srcs, @@ -205,6 +215,7 @@ def envoy_cc_test_library( copts, visibility = ["//visibility:public"], alwayslink = alwayslink, + disable_pch = disable_pch, **kargs ) @@ -283,7 +294,7 @@ def envoy_py_test( # Envoy C++ mock targets should be specified with this function. def envoy_cc_mock(name, **kargs): - envoy_cc_test_library(name = name, **kargs) + envoy_cc_test_library(name = name, disable_pch = True, **kargs) # Envoy shell tests that need to be included in coverage run should be specified with this function. def envoy_sh_test( diff --git a/bazel/external/proxy_wasm_cpp_host.BUILD b/bazel/external/proxy_wasm_cpp_host.BUILD deleted file mode 100644 index 148635bc099d..000000000000 --- a/bazel/external/proxy_wasm_cpp_host.BUILD +++ /dev/null @@ -1,85 +0,0 @@ -load("@rules_cc//cc:defs.bzl", "cc_library") - -licenses(["notice"]) # Apache 2 - -package(default_visibility = ["//visibility:public"]) - -cc_library( - name = "include", - hdrs = glob(["include/proxy-wasm/**/*.h"]), - deps = [ - "@proxy_wasm_cpp_sdk//:common_lib", - ], -) - -cc_library( - name = "common_lib", - srcs = glob([ - "src/*.h", - "src/*.cc", - "src/common/*.h", - "src/common/*.cc", - "src/third_party/*.h", - "src/third_party/*.cc", - ]), - deps = [ - ":include", - "//external:abseil_flat_hash_map", - "//external:abseil_optional", - "//external:abseil_strings", - "//external:protobuf", - "//external:ssl", - "//external:zlib", - "@proxy_wasm_cpp_sdk//:api_lib", - "@proxy_wasm_cpp_sdk//:common_lib", - ], -) - -cc_library( - name = "null_lib", - srcs = glob([ - "src/null/*.cc", - ]), - deps = [ - ":common_lib", - ], -) - -cc_library( - name = "v8_lib", - srcs = glob([ - "src/v8/*.cc", - ]), - deps = [ - ":common_lib", - "//external:wee8", - ], -) - -cc_library( - name = "wavm_lib", - srcs = glob([ - "src/wavm/*.cc", - ]), - copts = [ - '-DWAVM_API=""', - "-Wno-non-virtual-dtor", - "-Wno-old-style-cast", - ], - deps = [ - ":common_lib", - "@envoy//bazel/foreign_cc:wavm", - ], -) - -cc_library( - name = "wasmtime_lib", - srcs = glob([ - "src/wasmtime/*.h", - "src/wasmtime/*.cc", - ]), - deps = [ - ":common_lib", - "@com_github_wasm_c_api//:wasmtime_lib", - ], -) diff --git a/bazel/external/quiche.BUILD b/bazel/external/quiche.BUILD index 54e123b0def2..e8c84f7a145c 100644 --- a/bazel/external/quiche.BUILD +++ b/bazel/external/quiche.BUILD @@ -73,7 +73,6 @@ test_suite( "http2_platform_api_test", "quic_platform_api_test", "quiche_common_test", - "spdy_platform_api_test", ], ) @@ -591,7 +590,7 @@ envoy_cc_library( ":http2_hpack_hpack_constants_lib", ":http2_hpack_hpack_static_table_entries_lib", ":http2_platform", - ":quic_core_circular_deque_lib", + ":quiche_common_circular_deque_lib", ], ) @@ -1042,7 +1041,6 @@ envoy_cc_library( "quiche/quic/platform/api/quic_logging.h", "quiche/quic/platform/api/quic_map_util.h", "quiche/quic/platform/api/quic_mem_slice.h", - "quiche/quic/platform/api/quic_prefetch.h", "quiche/quic/platform/api/quic_reference_counted.h", "quiche/quic/platform/api/quic_server_stats.h", "quiche/quic/platform/api/quic_stack_trace.h", @@ -1153,7 +1151,7 @@ envoy_cc_test_library( hdrs = ["quiche/quic/platform/api/quic_sleep.h"], repository = "@envoy", tags = ["nofips"], - deps = ["@envoy//test/common/quic/platform:quic_platform_sleep_impl_lib"], + deps = [":quiche_common_platform_default_quiche_platform_impl_lib"], ) envoy_cc_library( @@ -1202,77 +1200,6 @@ envoy_cc_test_library( deps = ["@envoy//test/common/quic/platform:quic_platform_thread_impl_lib"], ) -envoy_cc_library( - name = "quiche_common_endian_lib", - hdrs = ["quiche/common/quiche_endian.h"], - repository = "@envoy", - tags = ["nofips"], - visibility = ["//visibility:public"], - deps = - [ - ":quiche_common_platform_export", - ], -) - -envoy_cc_library( - name = "quiche_common_platform_default_quiche_platform_impl_lib", - srcs = [ - "quiche/common/platform/default/quiche_platform_impl/quic_mutex_impl.cc", - "quiche/common/platform/default/quiche_platform_impl/quiche_time_utils_impl.cc", - ], - hdrs = [ - "quiche/common/platform/default/quiche_platform_impl/quic_mutex_impl.h", - "quiche/common/platform/default/quiche_platform_impl/quic_testvalue_impl.h", - "quiche/common/platform/default/quiche_platform_impl/quiche_containers_impl.h", - "quiche/common/platform/default/quiche_platform_impl/quiche_estimate_memory_usage_impl.h", - "quiche/common/platform/default/quiche_platform_impl/quiche_time_utils_impl.h", - ], - repository = "@envoy", - tags = ["nofips"], - deps = [ - ":quic_platform_export", - ":quiche_common_platform_export", - ], -) - -envoy_cc_library( - name = "quiche_common_platform_default_quiche_platform_impl_export_lib", - hdrs = [ - "quiche/common/platform/default/quiche_platform_impl/quiche_export_impl.h", - ], - repository = "@envoy", - tags = ["nofips"], -) - -envoy_cc_library( - name = "quiche_common_platform_export", - hdrs = [ - "quiche/common/platform/api/quiche_export.h", - ], - repository = "@envoy", - tags = ["nofips"], - visibility = ["//visibility:public"], - deps = [ - ":quiche_common_platform_default_quiche_platform_impl_export_lib", - ], -) - -envoy_cc_test_library( - name = "quiche_common_test_tools_test_utils_lib", - srcs = ["quiche/common/test_tools/quiche_test_utils.cc"], - hdrs = [ - "quiche/common/platform/api/quiche_test.h", - "quiche/common/platform/api/quiche_test_helpers.h", - "quiche/common/test_tools/quiche_test_utils.h", - ], - repository = "@envoy", - tags = ["nofips"], - deps = [ - ":quiche_common_platform", - "@envoy//test/common/quic/platform:quiche_common_platform_test_impl_lib", - ], -) - #TODO(danzh) Figure out why using envoy_proto_library() fails. proto_library( name = "quic_core_proto_cached_network_parameters_proto", @@ -1404,10 +1331,10 @@ envoy_cc_library( tags = ["nofips"], visibility = ["//visibility:public"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_linux_socket_utils_lib", ":quic_core_packet_writer_lib", ":quic_platform", + ":quiche_common_circular_deque_lib", ], ) @@ -1537,6 +1464,28 @@ envoy_cc_library( deps = [":quic_platform_export"], ) +envoy_cc_library( + name = "quic_core_chaos_protector_lib", + srcs = [ + "quiche/quic/core/quic_chaos_protector.cc", + ], + hdrs = [ + "quiche/quic/core/quic_chaos_protector.h", + ], + repository = "@envoy", + tags = ["nofips"], + deps = [ + ":quic_core_crypto_random_lib", + ":quic_core_data_lib", + ":quic_core_framer_lib", + ":quic_core_frames_frames_lib", + ":quic_core_packets_lib", + ":quic_core_stream_frame_data_producer_lib", + ":quic_core_types_lib", + ":quic_platform", + ], +) + envoy_cc_library( name = "quic_core_clock_lib", srcs = ["quiche/quic/core/quic_clock.cc"], @@ -1880,6 +1829,7 @@ envoy_cc_library( ":quic_core_uber_received_packet_manager_lib", ":quic_core_utils_lib", ":quic_platform_base", + ":quiche_common_text_utils_lib", ], ) @@ -2024,6 +1974,7 @@ envoy_cc_library( ":quic_platform", ":quic_platform_ip_address", ":quiche_common_platform", + ":quiche_common_text_utils_lib", ], ) @@ -2080,6 +2031,7 @@ envoy_cc_library( external_deps = ["ssl"], repository = "@envoy", tags = ["nofips"], + visibility = ["//visibility:public"], deps = [ ":quic_core_crypto_hkdf_lib", ":quic_core_data_lib", @@ -2161,14 +2113,14 @@ envoy_cc_library( ) envoy_cc_library( - name = "quic_core_circular_deque_lib", - hdrs = ["quiche/quic/core/quic_circular_deque.h"], + name = "quiche_common_circular_deque_lib", + hdrs = ["quiche/common/quiche_circular_deque.h"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], deps = [ - ":quic_platform_base", - ":quic_platform_export", + ":quiche_common_platform", + ":quiche_common_platform_export", ], ) @@ -2239,6 +2191,7 @@ envoy_cc_library( ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform_base", + ":quiche_common_text_utils_lib", ], ) @@ -2375,10 +2328,10 @@ envoy_cc_library( tags = ["nofips"], visibility = ["//visibility:public"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_packets_lib", ":quic_core_qpack_qpack_header_table_lib", ":quic_platform_base", + ":quiche_common_circular_deque_lib", ":spdy_core_header_block_lib", ":spdy_core_headers_handler_interface_lib", ":spdy_core_protocol_lib", @@ -2579,10 +2532,10 @@ envoy_cc_library( repository = "@envoy", tags = ["nofips"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_interval_lib", ":quic_core_types_lib", ":quic_platform", + ":quiche_common_circular_deque_lib", ], ) @@ -2718,7 +2671,7 @@ envoy_cc_library( repository = "@envoy", tags = ["nofips"], deps = [ - ":quic_core_circular_deque_lib", + ":quic_core_chaos_protector_lib", ":quic_core_coalesced_packet_lib", ":quic_core_constants_lib", ":quic_core_crypto_encryption_lib", @@ -2729,6 +2682,7 @@ envoy_cc_library( ":quic_core_utils_lib", ":quic_core_versions_lib", ":quic_platform_base", + ":quiche_common_circular_deque_lib", ], ) @@ -2738,10 +2692,10 @@ envoy_cc_library( repository = "@envoy", tags = ["nofips"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_constants_lib", ":quic_core_types_lib", ":quic_platform_base", + ":quiche_common_circular_deque_lib", ], ) @@ -2895,6 +2849,7 @@ envoy_cc_library( deps = [ ":quic_core_qpack_qpack_static_table_lib", ":quic_platform_base", + ":quiche_common_circular_deque_lib", ":spdy_core_hpack_hpack_lib", ], ) @@ -3245,6 +3200,7 @@ envoy_cc_library( ":quic_core_utils_lib", ":quic_core_version_manager_lib", ":quic_platform", + ":quiche_common_text_utils_lib", ], ) @@ -3320,6 +3276,7 @@ envoy_cc_library( ":quic_core_versions_lib", ":quic_platform", ":quic_platform_mem_slice_span", + ":quiche_common_text_utils_lib", ":spdy_core_protocol_lib", ], ) @@ -3364,7 +3321,6 @@ envoy_cc_library( tags = ["nofips"], visibility = ["//visibility:public"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_data_lib", ":quic_core_frames_frames_lib", ":quic_core_interval_deque_lib", @@ -3374,6 +3330,7 @@ envoy_cc_library( ":quic_core_utils_lib", ":quic_platform_base", ":quic_platform_mem_slice_span", + ":quiche_common_circular_deque_lib", ], ) @@ -3417,7 +3374,10 @@ envoy_cc_library( repository = "@envoy", tags = ["nofips"], visibility = ["//visibility:public"], - deps = [":quic_platform_base"], + deps = [ + ":quic_platform_base", + ":quiche_common_text_utils_lib", + ], ) envoy_cc_library( @@ -3456,6 +3416,7 @@ envoy_cc_library( ":quic_core_types_lib", ":quic_core_utils_lib", ":quic_platform", + ":quiche_common_text_utils_lib", ], ) @@ -3548,13 +3509,13 @@ envoy_cc_library( repository = "@envoy", tags = ["nofips"], deps = [ - ":quic_core_circular_deque_lib", ":quic_core_connection_stats_lib", ":quic_core_packets_lib", ":quic_core_session_notifier_interface_lib", ":quic_core_transmission_info_lib", ":quic_core_utils_lib", ":quic_platform_base", + ":quiche_common_circular_deque_lib", ], ) @@ -3605,6 +3566,7 @@ envoy_cc_library( ":quic_core_tag_lib", ":quic_core_types_lib", ":quic_platform_base", + ":quiche_common_text_utils_lib", ], ) @@ -4005,6 +3967,18 @@ envoy_cc_test_library( deps = [":epoll_server_platform"], ) +envoy_cc_library( + name = "quiche_common_endian_lib", + hdrs = ["quiche/common/quiche_endian.h"], + repository = "@envoy", + tags = ["nofips"], + visibility = ["//visibility:public"], + deps = + [ + ":quiche_common_platform_export", + ], +) + envoy_cc_library( name = "quiche_common_platform", hdrs = [ @@ -4012,7 +3986,7 @@ envoy_cc_library( "quiche/common/platform/api/quiche_flag_utils.h", "quiche/common/platform/api/quiche_flags.h", "quiche/common/platform/api/quiche_logging.h", - "quiche/common/platform/api/quiche_text_utils.h", + "quiche/common/platform/api/quiche_prefetch.h", "quiche/common/platform/api/quiche_time_utils.h", ], repository = "@envoy", @@ -4025,10 +3999,54 @@ envoy_cc_library( ], ) +envoy_cc_library( + name = "quiche_common_platform_default_quiche_platform_impl_export_lib", + hdrs = [ + "quiche/common/platform/default/quiche_platform_impl/quiche_export_impl.h", + ], + repository = "@envoy", + tags = ["nofips"], +) + +envoy_cc_library( + name = "quiche_common_platform_default_quiche_platform_impl_lib", + srcs = [ + "quiche/common/platform/default/quiche_platform_impl/quic_mutex_impl.cc", + "quiche/common/platform/default/quiche_platform_impl/quiche_time_utils_impl.cc", + ], + hdrs = [ + "quiche/common/platform/default/quiche_platform_impl/quic_mutex_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quic_testvalue_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quiche_containers_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quiche_estimate_memory_usage_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quiche_prefetch_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quiche_sleep_impl.h", + "quiche/common/platform/default/quiche_platform_impl/quiche_time_utils_impl.h", + ], + repository = "@envoy", + tags = ["nofips"], + deps = [ + ":quic_platform_export", + ":quiche_common_platform_export", + ], +) + +envoy_cc_library( + name = "quiche_common_platform_export", + hdrs = [ + "quiche/common/platform/api/quiche_export.h", + ], + repository = "@envoy", + tags = ["nofips"], + visibility = ["//visibility:public"], + deps = [ + ":quiche_common_platform_default_quiche_platform_impl_export_lib", + ], +) + envoy_cc_test_library( name = "quiche_common_platform_test", srcs = [ - "quiche/common/platform/api/quiche_text_utils_test.cc", "quiche/common/platform/api/quiche_time_utils_test.cc", ], hdrs = ["quiche/common/platform/api/quiche_test.h"], @@ -4040,6 +4058,34 @@ envoy_cc_test_library( ], ) +envoy_cc_test_library( + name = "quiche_common_test_tools_test_utils_lib", + srcs = ["quiche/common/test_tools/quiche_test_utils.cc"], + hdrs = [ + "quiche/common/platform/api/quiche_test.h", + "quiche/common/platform/api/quiche_test_helpers.h", + "quiche/common/test_tools/quiche_test_utils.h", + ], + repository = "@envoy", + tags = ["nofips"], + deps = [ + ":quiche_common_platform", + "@envoy//test/common/quic/platform:quiche_common_platform_test_impl_lib", + ], +) + +envoy_cc_library( + name = "quiche_common_text_utils_lib", + srcs = ["quiche/common/quiche_text_utils.cc"], + hdrs = ["quiche/common/quiche_text_utils.h"], + external_deps = [ + "abseil_str_format", + ], + repository = "@envoy", + tags = ["nofips"], + deps = [":quiche_common_platform_export"], +) + envoy_cc_library( name = "quiche_common_lib", srcs = [ @@ -4049,7 +4095,7 @@ envoy_cc_library( hdrs = [ "quiche/common/quiche_data_reader.h", "quiche/common/quiche_data_writer.h", - "quiche/common/simple_linked_hash_map.h", + "quiche/common/quiche_linked_hash_map.h", ], repository = "@envoy", tags = ["nofips"], @@ -4074,7 +4120,7 @@ envoy_cc_test( envoy_cc_test( name = "quiche_common_test", - srcs = ["quiche/common/simple_linked_hash_map_test.cc"], + srcs = ["quiche/common/quiche_linked_hash_map_test.cc"], copts = quiche_copts, repository = "@envoy", tags = ["nofips"], @@ -4098,17 +4144,6 @@ envoy_cc_test( ], ) -envoy_cc_test( - name = "spdy_platform_api_test", - srcs = ["quiche/spdy/platform/api/spdy_string_utils_test.cc"], - repository = "@envoy", - tags = ["nofips"], - deps = [ - ":quiche_common_test_tools_test_utils_lib", - ":spdy_platform", - ], -) - envoy_cc_library( name = "quic_platform_mem_slice_span", hdrs = [ diff --git a/bazel/external/quiche.genrule_cmd b/bazel/external/quiche.genrule_cmd index b67f4dc74bda..43f17a517e40 100644 --- a/bazel/external/quiche.genrule_cmd +++ b/bazel/external/quiche.genrule_cmd @@ -47,10 +47,10 @@ cat <sed_commands /^#include/ s!"epoll_server/!"quiche/epoll_server/! # The above global substitutions will prepend "quiche" to the platform code which we want to undo. -/^#include/ s!"quiche/common/quic/platform/!"common/quic/platform/! +/^#include/ s!"quiche/common/quic/platform/!"source/common/quic/platform/! # Use envoy specific implementations for below platform APIs. -/^#include/ s!"quiche_platform_impl/quiche_logging_impl.h!"common/quic/platform/quiche_logging_impl.h! +/^#include/ s!"quiche_platform_impl/quiche_logging_impl.h!"source/common/quic/platform/quiche_logging_impl.h! # The reset platform APIs use the QUICHE default implementations. /^#include/ s!"quiche_platform_impl/!"quiche/common/platform/default/quiche_platform_impl/! diff --git a/bazel/external/wasm-c-api.BUILD b/bazel/external/wasm-c-api.BUILD index abff294cf9c3..8296cdb23e00 100644 --- a/bazel/external/wasm-c-api.BUILD +++ b/bazel/external/wasm-c-api.BUILD @@ -9,9 +9,6 @@ cc_library( hdrs = [ "include/wasm.h", ], - defines = [ - "ENVOY_WASM_WASMTIME", - ], include_prefix = "wasmtime", deps = [ "@com_github_wasmtime//:rust_c_api", diff --git a/bazel/external/wee8.BUILD b/bazel/external/wee8.BUILD index 625e80ce500b..5bba6a5d3f78 100644 --- a/bazel/external/wee8.BUILD +++ b/bazel/external/wee8.BUILD @@ -19,7 +19,6 @@ cc_library( "-Wno-range-loop-analysis", ], defines = [ - "ENVOY_WASM_V8", "V8_ENABLE_WEBASSEMBLY", ], includes = [ diff --git a/bazel/external/wee8.genrule_cmd b/bazel/external/wee8.genrule_cmd index c5ff69049a57..57e79ce83cdb 100644 --- a/bazel/external/wee8.genrule_cmd +++ b/bazel/external/wee8.genrule_cmd @@ -33,7 +33,7 @@ if [[ ( $${SYSTEM} == "Darwin" && $${CXX-} == "" ) || $${CXX-} == *clang* ]]; th export IS_CLANG=true export CC=$${CC:-clang} export CXX=$${CXX:-clang++} - export CXXFLAGS="$${CXXFLAGS} -Wno-implicit-int-float-conversion -Wno-builtin-assume-aligned-alignment -Wno-final-dtor-non-final-class" + export CXXFLAGS="$${CXXFLAGS} -Wno-implicit-int-float-conversion -Wno-builtin-assume-aligned-alignment -Wno-final-dtor-non-final-class -Wno-invalid-constexpr" else export IS_CLANG=false export CC=$${CC:-gcc} diff --git a/bazel/external/wee8.patch b/bazel/external/wee8.patch index 6a25320fa147..5dfce7b799e1 100644 --- a/bazel/external/wee8.patch +++ b/bazel/external/wee8.patch @@ -1,9 +1,9 @@ # 1. Fix linking with unbundled toolchain on macOS. # 2. Increase VSZ limit to 64 TiB (allows us to start up to 6,553 VMs). -# 3. Fix building and linking with MSAN. +# 3. Fix linking with MSAN. --- wee8/build/toolchain/gcc_toolchain.gni +++ wee8/build/toolchain/gcc_toolchain.gni -@@ -348,6 +348,8 @@ template("gcc_toolchain") { +@@ -376,6 +376,8 @@ template("gcc_toolchain") { # AIX does not support either -D (deterministic output) or response # files. command = "$ar -X64 {{arflags}} -r -c -s {{output}} {{inputs}}" @@ -12,7 +12,7 @@ } else { rspfile = "{{output}}.rsp" rspfile_content = "{{inputs}}" -@@ -543,7 +545,7 @@ template("gcc_toolchain") { +@@ -565,7 +567,7 @@ template("gcc_toolchain") { start_group_flag = "" end_group_flag = "" @@ -23,9 +23,9 @@ end_group_flag = "-Wl,--end-group " --- wee8/src/objects/backing-store.cc +++ wee8/src/objects/backing-store.cc -@@ -34,7 +34,7 @@ constexpr bool kUseGuardRegions = false; - // address space limits needs to be smaller. - constexpr size_t kAddressSpaceLimit = 0x8000000000L; // 512 GiB +@@ -53,7 +53,7 @@ constexpr size_t kAddressSpaceLimit = 0x8000000000L; // 512 GiB + // RISC-V64 has a user space of 256GB on the Sv39 scheme. + constexpr size_t kAddressSpaceLimit = 0x4000000000L; // 256 GiB #elif V8_TARGET_ARCH_64_BIT -constexpr size_t kAddressSpaceLimit = 0x10100000000L; // 1 TiB + 4 GiB +constexpr size_t kAddressSpaceLimit = 0x400100000000L; // 64 TiB + 4 GiB @@ -34,7 +34,7 @@ #endif --- wee8/build/config/sanitizers/sanitizers.gni +++ wee8/build/config/sanitizers/sanitizers.gni -@@ -150,7 +150,7 @@ if (!is_a_target_toolchain) { +@@ -153,7 +153,7 @@ if (!is_a_target_toolchain) { # standard system libraries. We have instrumented system libraries for msan, # which requires them to prevent false positives. # TODO(thakis): Maybe remove this variable. @@ -43,7 +43,7 @@ # Whether we are doing a fuzzer build. Normally this should be checked instead # of checking "use_libfuzzer || use_afl" because often developers forget to -@@ -198,8 +198,7 @@ assert(!using_sanitizer || is_clang, +@@ -202,8 +202,7 @@ assert(!using_sanitizer || is_clang, assert(!is_cfi || is_clang, "is_cfi requires setting is_clang = true in 'gn args'") @@ -53,17 +53,3 @@ if (use_libfuzzer && (is_linux || is_chromeos)) { if (is_asan) { ---- wee8/build/config/compiler/BUILD.gn -+++ wee8/build/config/compiler/BUILD.gn -@@ -736,11 +736,6 @@ config("compiler") { - cflags += [ "-fcomplete-member-pointers" ] - } - -- # TODO(crbug/1185183): Remove after next clang roll -- if (is_clang && !is_nacl && is_linux && is_msan) { -- cflags += [ "-flegacy-pass-manager" ] -- } -- - # Pass the same C/C++ flags to the objective C/C++ compiler. - cflags_objc += cflags_c - cflags_objcc += cflags_cc diff --git a/bazel/foreign_cc/BUILD b/bazel/foreign_cc/BUILD index 6d363e72288f..7566d7126153 100644 --- a/bazel/foreign_cc/BUILD +++ b/bazel/foreign_cc/BUILD @@ -197,6 +197,8 @@ envoy_cmake_external( cache_entries = { # Disable both: BUILD and INCLUDE, since some of the INCLUDE # targets build code instead of only generating build files. + "LLVM_BUILD_BENCHMARKS": "off", + "LLVM_INCLUDE_BENCHMARKS": "off", "LLVM_BUILD_DOCS": "off", "LLVM_INCLUDE_DOCS": "off", "LLVM_BUILD_EXAMPLES": "off", @@ -210,6 +212,7 @@ envoy_cmake_external( "LLVM_INCLUDE_TOOLS": "off", "LLVM_BUILD_UTILS": "off", "LLVM_INCLUDE_UTILS": "off", + "LLVM_ENABLE_IDE": "off", "LLVM_ENABLE_LIBEDIT": "off", "LLVM_ENABLE_LIBXML2": "off", "LLVM_ENABLE_TERMINFO": "off", @@ -230,70 +233,63 @@ envoy_cmake_external( lib_source = "@org_llvm_llvm//:all", static_libraries = select({ "//conditions:default": [ - # Order from llvm-config --libnames. + # Order from llvm-config --libnames asmparser core debuginfodwarf + # engine lto mcparser mirparser orcjit passes runtimedyld + # support x86asmparser x86desc + "libLLVMOrcJIT.a", + "libLLVMOrcError.a", + "libLLVMJITLink.a", + "libLLVMMIRParser.a", "libLLVMLTO.a", "libLLVMPasses.a", "libLLVMObjCARCOpts.a", - "libLLVMSymbolize.a", - "libLLVMDebugInfoPDB.a", - "libLLVMDebugInfoDWARF.a", - "libLLVMFuzzMutate.a", - "libLLVMTableGen.a", - "libLLVMDlltoolDriver.a", - "libLLVMLineEditor.a", - "libLLVMOrcJIT.a", - "libLLVMCoverage.a", - "libLLVMMIRParser.a", - "libLLVMObjectYAML.a", - "libLLVMLibDriver.a", - "libLLVMOption.a", - "libLLVMWindowsManifest.a", + "libLLVMipo.a", + "libLLVMInstrumentation.a", + "libLLVMVectorize.a", + "libLLVMLinker.a", + "libLLVMIRReader.a", "libLLVMX86Disassembler.a", "libLLVMX86AsmParser.a", "libLLVMX86CodeGen.a", + "libLLVMCFGuard.a", "libLLVMGlobalISel.a", "libLLVMSelectionDAG.a", "libLLVMAsmPrinter.a", - "libLLVMDebugInfoCodeView.a", - "libLLVMDebugInfoMSF.a", + "libLLVMCodeGen.a", + "libLLVMScalarOpts.a", + "libLLVMInstCombine.a", + "libLLVMAggressiveInstCombine.a", + "libLLVMTransformUtils.a", + "libLLVMBitWriter.a", "libLLVMX86Desc.a", "libLLVMMCDisassembler.a", - "libLLVMX86Info.a", "libLLVMX86Utils.a", + "libLLVMX86Info.a", "libLLVMMCJIT.a", - "libLLVMInterpreter.a", "libLLVMExecutionEngine.a", - "libLLVMRuntimeDyld.a", - "libLLVMCodeGen.a", "libLLVMTarget.a", - "libLLVMCoroutines.a", - "libLLVMipo.a", - "libLLVMInstrumentation.a", - "libLLVMVectorize.a", - "libLLVMScalarOpts.a", - "libLLVMLinker.a", - "libLLVMIRReader.a", - "libLLVMAsmParser.a", - "libLLVMInstCombine.a", - "libLLVMTransformUtils.a", - "libLLVMBitWriter.a", "libLLVMAnalysis.a", "libLLVMProfileData.a", + "libLLVMRuntimeDyld.a", + "libLLVMDebugInfoDWARF.a", "libLLVMObject.a", + "libLLVMTextAPI.a", "libLLVMMCParser.a", "libLLVMMC.a", + "libLLVMDebugInfoCodeView.a", + "libLLVMDebugInfoMSF.a", "libLLVMBitReader.a", - "libLLVMBitstreamReader.a", + "libLLVMAsmParser.a", "libLLVMCore.a", + "libLLVMRemarks.a", + "libLLVMBitstreamReader.a", "libLLVMBinaryFormat.a", "libLLVMSupport.a", "libLLVMDemangle.a", - "libLLVMRemarks.a", - "libLLVMCFGuard.a", - "libLLVMTextAPI.a", ], }), tags = ["skip_on_windows"], + alwayslink = True, ) envoy_cmake_external( @@ -315,6 +311,24 @@ envoy_cmake_external( }), ) +envoy_cmake_external( + name = "wamr", + cache_entries = { + "LLVM_DIR": "$EXT_BUILD_DEPS/copy_llvm/llvm/lib/cmake/llvm", + "WAMR_BUILD_INTERP": "1", + "WAMR_BUILD_JIT": "0", + "WAMR_BUILD_AOT": "0", + "WAMR_BUILD_SIMD": "0", + "WAMR_BUILD_MULTI_MODULE": "1", + "WAMR_BUILD_LIBC_WASI": "0", + "WAMR_BUILD_TAIL_CALL": "1", + }, + lib_source = "@com_github_wamr//:all", + static_libraries = ["libvmlib.a"], + tags = ["skip_on_windows"], + deps = [":llvm"], +) + envoy_cmake_external( name = "wavm", binaries = ["wavm"], @@ -327,7 +341,6 @@ envoy_cmake_external( # using -l:libstdc++.a. "CMAKE_CXX_FLAGS": "-lstdc++ -Wno-unused-command-line-argument", }, - defines = ["ENVOY_WASM_WAVM"], env_vars = { # Workaround for the -DDEBUG flag added in fastbuild on macOS, # which conflicts with DEBUG macro used in LLVM. diff --git a/bazel/pch.bzl b/bazel/pch.bzl new file mode 100644 index 000000000000..f65229b2cf87 --- /dev/null +++ b/bazel/pch.bzl @@ -0,0 +1,113 @@ +load( + "@bazel_tools//tools/build_defs/cc:action_names.bzl", + "CPP_COMPILE_ACTION_NAME", +) + +def _pch(ctx): + deps_cc_info = cc_common.merge_cc_infos( + cc_infos = [dep[CcInfo] for dep in ctx.attr.deps], + ) + + if not ctx.attr.enabled: + return [deps_cc_info] + + cc_toolchain = ctx.attr._cc_toolchain[cc_common.CcToolchainInfo] + feature_configuration = cc_common.configure_features( + ctx = ctx, + cc_toolchain = cc_toolchain, + requested_features = ctx.features, + unsupported_features = ctx.disabled_features, + ) + + cc_compiler_path = cc_common.get_tool_for_action( + feature_configuration = feature_configuration, + action_name = CPP_COMPILE_ACTION_NAME, + ) + + if "clang" not in cc_compiler_path: + fail("error: attempting to use clang PCH without clang: {}".format(cc_compiler_path)) + + generated_header_file = ctx.actions.declare_file(ctx.label.name + ".h") + ctx.actions.write( + generated_header_file, + "\n".join(["#include \"{}\"".format(include) for include in ctx.attr.includes]) + "\n", + ) + + pch_flags = ["-x", "c++-header", "-Xclang", "-fno-pch-timestamp"] + pch_file = ctx.actions.declare_file(ctx.label.name + ".pch") + + deps_ctx = deps_cc_info.compilation_context + cc_compile_variables = cc_common.create_compile_variables( + feature_configuration = feature_configuration, + cc_toolchain = cc_toolchain, + user_compile_flags = ctx.fragments.cpp.copts + ctx.fragments.cpp.cxxopts + pch_flags, + source_file = generated_header_file.path, + output_file = pch_file.path, + preprocessor_defines = depset(deps_ctx.defines.to_list() + deps_ctx.local_defines.to_list()), + include_directories = deps_ctx.includes, + quote_include_directories = deps_ctx.quote_includes, + system_include_directories = deps_ctx.system_includes, + framework_include_directories = deps_ctx.framework_includes, + ) + + env = cc_common.get_environment_variables( + feature_configuration = feature_configuration, + action_name = CPP_COMPILE_ACTION_NAME, + variables = cc_compile_variables, + ) + + command_line = cc_common.get_memory_inefficient_command_line( + feature_configuration = feature_configuration, + action_name = CPP_COMPILE_ACTION_NAME, + variables = cc_compile_variables, + ) + + transitive_headers = [] + for dep in ctx.attr.deps: + transitive_headers.append(dep[CcInfo].compilation_context.headers) + ctx.actions.run( + executable = cc_compiler_path, + arguments = command_line, + env = env, + inputs = depset( + items = [generated_header_file], + transitive = [cc_toolchain.all_files] + transitive_headers, + ), + outputs = [pch_file], + ) + + return [ + DefaultInfo(files = depset(items = [pch_file])), + cc_common.merge_cc_infos( + direct_cc_infos = [ + CcInfo( + compilation_context = cc_common.create_compilation_context( + headers = depset([pch_file, generated_header_file]), + ), + ), + ], + cc_infos = [deps_cc_info], + ), + ] + +pch = rule( + attrs = dict( + includes = attr.string_list( + mandatory = True, + allow_empty = False, + ), + deps = attr.label_list( + mandatory = True, + allow_empty = False, + providers = [CcInfo], + ), + enabled = attr.bool( + mandatory = True, + ), + _cc_toolchain = attr.label(default = Label("@bazel_tools//tools/cpp:current_cc_toolchain")), + ), + fragments = ["cpp"], + provides = [CcInfo], + toolchains = ["@bazel_tools//tools/cpp:toolchain_type"], + implementation = _pch, +) diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl index 6a4730ac44a9..7d6734c90df8 100644 --- a/bazel/repositories.bzl +++ b/bazel/repositories.bzl @@ -186,6 +186,7 @@ def envoy_dependencies(skip_targets = []): _kafka_deps() _org_llvm_llvm() + _com_github_wamr() _com_github_wavm_wavm() _com_github_wasmtime() _com_github_wasm_c_api() @@ -515,7 +516,11 @@ def _com_google_googletest(): # pull in more bits of abseil as needed, and is now the preferred # method for pure Bazel deps. def _com_google_absl(): - external_http_archive("com_google_absl") + external_http_archive( + name = "com_google_absl", + patches = ["@envoy//bazel:abseil.patch"], + patch_args = ["-p1"], + ) native.bind( name = "abseil_any", actual = "@com_google_absl//absl/types:any", @@ -825,11 +830,21 @@ def _com_github_grpc_grpc(): actual = "@upb//:descriptor_upb_proto", ) + native.bind( + name = "upb_lib_descriptor_reflection", + actual = "@upb//:descriptor_upb_proto_reflection", + ) + native.bind( name = "upb_textformat_lib", actual = "@upb//:textformat", ) + native.bind( + name = "upb_json_lib", + actual = "@upb//:json", + ) + def _upb(): external_http_archive(name = "upb") @@ -842,10 +857,7 @@ def _proxy_wasm_cpp_sdk(): external_http_archive(name = "proxy_wasm_cpp_sdk") def _proxy_wasm_cpp_host(): - external_http_archive( - name = "proxy_wasm_cpp_host", - build_file = "@envoy//bazel/external:proxy_wasm_cpp_host.BUILD", - ) + external_http_archive(name = "proxy_wasm_cpp_host") def _emscripten_toolchain(): external_http_archive( @@ -927,6 +939,16 @@ def _org_llvm_llvm(): actual = "@envoy//bazel/foreign_cc:llvm", ) +def _com_github_wamr(): + external_http_archive( + name = "com_github_wamr", + build_file_content = BUILD_ALL_CONTENT, + ) + native.bind( + name = "wamr", + actual = "@envoy//bazel/foreign_cc:wamr", + ) + def _com_github_wavm_wavm(): external_http_archive( name = "com_github_wavm_wavm", @@ -948,6 +970,10 @@ def _com_github_wasm_c_api(): name = "com_github_wasm_c_api", build_file = "@envoy//bazel/external:wasm-c-api.BUILD", ) + native.bind( + name = "wasmtime", + actual = "@com_github_wasm_c_api//:wasmtime_lib", + ) def _rules_fuzzing(): external_http_archive( diff --git a/bazel/repositories_extra.bzl b/bazel/repositories_extra.bzl index bda3919952dd..c86461e1a189 100644 --- a/bazel/repositories_extra.bzl +++ b/bazel/repositories_extra.bzl @@ -36,11 +36,21 @@ def _python_deps(): # release_date = "2019-02-23" # use_category = ["test"], ) + pip_install( + name = "docs_pip3", + requirements = "@envoy//tools/docs:requirements.txt", + extra_pip_args = ["--require-hashes"], + ) pip_install( name = "deps_pip3", requirements = "@envoy//tools/dependency:requirements.txt", extra_pip_args = ["--require-hashes"], ) + pip_install( + name = "extensions_pip3", + requirements = "@envoy//tools/extensions:requirements.txt", + extra_pip_args = ["--require-hashes"], + ) pip_install( name = "kafka_pip3", requirements = "@envoy//source/extensions/filters/network/kafka:requirements.txt", @@ -59,18 +69,6 @@ def _python_deps(): # release_date = "2019-02-23" # use_category = ["test"], ) - pip_install( - name = "headersplit_pip3", - requirements = "@envoy//tools/envoy_headersplit:requirements.txt", - extra_pip_args = ["--require-hashes"], - - # project_name = "Clang", - # project_url = "https://clang.llvm.org/", - # version = "10.0.1", - # release_date = "2020-07-21" - # use_category = ["devtools"], - # cpe = "cpe:2.3:a:llvm:clang:*", - ) pip_install( name = "protodoc_pip3", requirements = "@envoy//tools/protodoc:requirements.txt", diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl index bd88f5b04890..e72749634dcf 100644 --- a/bazel/repository_locations.bzl +++ b/bazel/repository_locations.bzl @@ -25,14 +25,14 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "bazel-toolchains", project_desc = "Bazel toolchain configs for RBE", project_url = "https://github.com/bazelbuild/bazel-toolchains", - version = "3.7.2", - sha256 = "1caf8584434d3e31be674067996be787cfa511fda2a0f05811131b588886477f", + version = "4.1.0", + sha256 = "179ec02f809e86abf56356d8898c8bd74069f1bd7c56044050c2cd3d79d0e024", strip_prefix = "bazel-toolchains-{version}", urls = [ "https://github.com/bazelbuild/bazel-toolchains/releases/download/{version}/bazel-toolchains-{version}.tar.gz", "https://mirror.bazel.build/github.com/bazelbuild/bazel-toolchains/archive/{version}.tar.gz", ], - release_date = "2021-01-07", + release_date = "2021-05-21", use_category = ["build"], ), build_bazel_rules_apple = dict( @@ -42,7 +42,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( version = "0.31.2", sha256 = "c84962b64d9ae4472adfb01ec2cf1aa73cb2ee8308242add55fa7cc38602d882", urls = ["https://github.com/bazelbuild/rules_apple/releases/download/{version}/rules_apple.{version}.tar.gz"], - release_date = "2021-05-04", + release_date = "2021-05-07", use_category = ["build"], ), rules_fuzzing = dict( @@ -65,11 +65,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "envoy-build-tools", project_desc = "Common build tools shared by the Envoy/UDPA ecosystem", project_url = "https://github.com/envoyproxy/envoy-build-tools", - version = "2d4bdba38113cd9bf758c2609f40ce90014e52af", - sha256 = "8e872990609d67f9b635790020672d1972b906bed30e4d08d97f964be1ced483", + version = "a955a00bed5f35777a83899ee680f8530eee4718", + sha256 = "b0830dc6fc1e3a095c5d817ca768c89c407bdd71894e1641daf500d28cb269da", strip_prefix = "envoy-build-tools-{version}", urls = ["https://github.com/envoyproxy/envoy-build-tools/archive/{version}.tar.gz"], - release_date = "2021-05-06", + release_date = "2021-05-25", use_category = ["build"], ), boringssl = dict( @@ -81,13 +81,13 @@ REPOSITORY_LOCATIONS_SPEC = dict( # 2. Open https://chromium.googlesource.com/chromium/src/+/refs/tags//DEPS and note . # 3. Find a commit in BoringSSL's "master-with-bazel" branch that merges . # - # chromium-92.0.4491.6 (linux/dev) - version = "c5ad6dcb65e532589e8acb9e9adbde62463af13d", - sha256 = "6b4674999af85c4a19f2b51132db3507520070923cd967bb1cd157d43b3f68d9", + # chromium-92.0.4511.0 (linux/dev) + version = "75edea1922aefe415e0e60ac576116634b0a94f8", + sha256 = "70e9d8737e35d67f94b9e742ca59c02c36f30f1d822d5a3706511a23798d8049", strip_prefix = "boringssl-{version}", urls = ["https://github.com/google/boringssl/archive/{version}.tar.gz"], use_category = ["controlplane", "dataplane_core"], - release_date = "2021-04-22", + release_date = "2021-05-13", cpe = "cpe:2.3:a:google:boringssl:*", ), boringssl_fips = dict( @@ -105,12 +105,12 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Abseil", project_desc = "Open source collection of C++ libraries drawn from the most fundamental pieces of Google’s internal codebase", project_url = "https://abseil.io/", - version = "5d8fc9192245f0ea67094af57399d7931d6bd53f", - sha256 = "e3812f256dd7347a33bf9d93a950cf356c61c0596842ff07d8154cd415145d83", + version = "17c954d90d5661e27db8fc5f086085690a8372d9", + sha256 = "2e4ace2ed32a4ccfd29e856ad72b4fd1eae2ec060d3ba8646857fa170d6e8269", strip_prefix = "abseil-cpp-{version}", urls = ["https://github.com/abseil/abseil-cpp/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], - release_date = "2020-11-24", + release_date = "2021-06-03", cpe = "N/A", ), com_github_c_ares_c_ares = dict( @@ -185,7 +185,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( strip_prefix = "fmt-{version}", urls = ["https://github.com/fmtlib/fmt/releases/download/{version}/fmt-{version}.zip"], use_category = ["dataplane_core", "controlplane"], - release_date = "2020-08-06", + release_date = "2020-08-07", cpe = "cpe:2.3:a:fmt:fmt:*", ), com_github_gabime_spdlog = dict( @@ -208,7 +208,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( sha256 = "792f250fb546bde8590e72d64311ea00a70c175fd77df6bb5e02328fa15fe28e", strip_prefix = "libprotobuf-mutator-{version}", urls = ["https://github.com/google/libprotobuf-mutator/archive/v{version}.tar.gz"], - release_date = "2020-11-06", + release_date = "2020-11-13", use_category = ["test_only"], ), com_github_google_tcmalloc = dict( @@ -239,12 +239,12 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "gRPC", project_desc = "gRPC C core library", project_url = "https://grpc.io", - version = "1.34.0", - sha256 = "7372a881122cd85a7224435a1d58bc5e11c88d4fb98a64b83f36f3d1c2f16d39", + version = "a3ae8e00a2c5553c806e83fae83e33f0198913f0", + sha256 = "1ccc2056b68b81ada8df61310e03dfa0541c34821fd711654d0590a7321db9c8", strip_prefix = "grpc-{version}", - urls = ["https://github.com/grpc/grpc/archive/v{version}.tar.gz"], + urls = ["https://github.com/grpc/grpc/archive/{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], - release_date = "2020-12-01", + release_date = "2021-06-07", cpe = "cpe:2.3:a:grpc:grpc:*", ), com_github_luajit_luajit = dict( @@ -322,26 +322,26 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_desc = "Data Collect Protocols of Apache SkyWalking", project_url = "https://github.com/apache/skywalking-data-collect-protocol", name = "skywalking_data_collect_protocol", - sha256 = "edfa970394511213eacc8055b4c13e4e9773e9196122a49e0db68f6162f67dff", + sha256 = "d967c1b6e78db017e0c28291211baf4a58c02ff4d4437560285165963dd4a9d0", urls = ["https://github.com/apache/skywalking-data-collect-protocol/archive/v{version}.tar.gz"], strip_prefix = "skywalking-data-collect-protocol-{version}", - version = "8.4.0", + version = "8.6.0", use_category = ["observability_ext"], extensions = ["envoy.tracers.skywalking"], - release_date = "2021-01-20", + release_date = "2021-06-07", cpe = "N/A", ), com_github_skyapm_cpp2sky = dict( project_name = "cpp2sky", project_desc = "C++ SDK for Apache SkyWalking", project_url = "https://github.com/SkyAPM/cpp2sky", - sha256 = "76117a63cf29355c28a75bc83bd1d7e5bc004039445e7c854ee752dfe66094e6", - version = "0.2.1", + sha256 = "f65b1054bd6eadadff0618f272f6d645a1ec933fa14af922a8e3c39603e45eaf", + version = "0.3.1", strip_prefix = "cpp2sky-{version}", urls = ["https://github.com/SkyAPM/cpp2sky/archive/v{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.skywalking"], - release_date = "2021-03-17", + release_date = "2021-06-17", cpe = "N/A", ), com_github_datadog_dd_opentracing_cpp = dict( @@ -354,7 +354,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( urls = ["https://github.com/DataDog/dd-opentracing-cpp/archive/v{version}.tar.gz"], use_category = ["observability_ext"], extensions = ["envoy.tracers.datadog"], - release_date = "2021-01-26", + release_date = "2021-01-27", cpe = "N/A", ), com_github_google_benchmark = dict( @@ -603,7 +603,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( strip_prefix = "protobuf-{version}", urls = ["https://github.com/protocolbuffers/protobuf/releases/download/v{version}/protobuf-all-{version}.tar.gz"], use_category = ["dataplane_core", "controlplane"], - release_date = "2021-05-06", + release_date = "2021-05-07", cpe = "cpe:2.3:a:google:protobuf:*", ), grpc_httpjson_transcoding = dict( @@ -671,11 +671,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( six = dict( project_name = "Six", project_desc = "Python 2 and 3 compatibility library", - project_url = "https://pypi.org/project/six", + project_url = "https://github.com/benjaminp/six", version = "1.12.0", - sha256 = "d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73", - urls = ["https://files.pythonhosted.org/packages/dd/bf/4138e7bfb757de47d1f4b6994648ec67a51efe58fa907c1e11e350cddfca/six-{version}.tar.gz"], - release_date = "2018-12-09", + sha256 = "0ce7aef70d066b8dda6425c670d00c25579c3daad8108b3e3d41bef26003c852", + urls = ["https://github.com/benjaminp/six/archive/{version}.tar.gz"], + release_date = "2018-12-10", use_category = ["other"], ), org_llvm_llvm = dict( @@ -686,11 +686,27 @@ REPOSITORY_LOCATIONS_SPEC = dict( sha256 = "df83a44b3a9a71029049ec101fb0077ecbbdf5fe41e395215025779099a98fdf", strip_prefix = "llvm-{version}.src", urls = ["https://github.com/llvm/llvm-project/releases/download/llvmorg-{version}/llvm-{version}.src.tar.xz"], - release_date = "2020-03-23", + release_date = "2020-03-24", use_category = ["dataplane_ext"], - extensions = ["envoy.wasm.runtime.wavm"], + extensions = [ + "envoy.wasm.runtime.wamr", + "envoy.wasm.runtime.wavm", + ], cpe = "cpe:2.3:a:llvm:*:*", ), + com_github_wamr = dict( + project_name = "Webassembly Micro Runtime", + project_desc = "A standalone runtime with a small footprint for WebAssembly", + project_url = "https://github.com/bytecodealliance/wasm-micro-runtime", + version = "a14a4487bb8b493bf6c68d83b03f12028d16f58a", + sha256 = "d68668e129f16a9ddd7a1a0da22b17905a25001ae2de398726d37880b61fee9e", + strip_prefix = "wasm-micro-runtime-{version}", + urls = ["https://github.com/bytecodealliance/wasm-micro-runtime/archive/{version}.tar.gz"], + release_date = "2021-05-14", + use_category = ["dataplane_ext"], + extensions = ["envoy.wasm.runtime.wamr"], + cpe = "N/A", + ), com_github_wavm_wavm = dict( project_name = "WAVM", project_desc = "WebAssembly Virtual Machine", @@ -750,8 +766,8 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "curl", project_desc = "Library for transferring data with URLs", project_url = "https://curl.haxx.se", - version = "7.76.0", - sha256 = "3b4378156ba09e224008e81dcce854b7ce4d182b1f9cfb97fe5ed9e9c18c6bd3", + version = "7.77.0", + sha256 = "b0a3428acb60fa59044c4d0baae4e4fc09ae9af1d8a3aa84b2e3fbcd99841f77", strip_prefix = "curl-{version}", urls = ["https://github.com/curl/curl/releases/download/curl-{underscore_version}/curl-{version}.tar.gz"], use_category = ["dataplane_ext", "observability_ext"], @@ -761,33 +777,33 @@ REPOSITORY_LOCATIONS_SPEC = dict( "envoy.grpc_credentials.aws_iam", "envoy.tracers.opencensus", ], - release_date = "2021-03-30", + release_date = "2021-05-26", cpe = "cpe:2.3:a:haxx:libcurl:*", ), com_googlesource_chromium_v8 = dict( project_name = "V8", project_desc = "Google’s open source high-performance JavaScript and WebAssembly engine, written in C++", project_url = "https://v8.dev", - version = "9.1.269.18", + version = "9.2.230.2", # This archive was created using https://storage.googleapis.com/envoyproxy-wee8/wee8-archive.sh # and contains complete checkout of V8 with all dependencies necessary to build wee8. - sha256 = "3c4f0827f38b49c11a8a3a20cf897ce14dc8a7a7b999f8b0ee913211c6ab3d8b", + sha256 = "237b9816ee56ad9b86e12e082132d88c543be494385f9bf9797af2a415c05f56", urls = ["https://storage.googleapis.com/envoyproxy-wee8/wee8-{version}.tar.gz"], use_category = ["dataplane_ext"], extensions = ["envoy.wasm.runtime.v8"], - release_date = "2021-04-27", + release_date = "2021-05-20", cpe = "cpe:2.3:a:google:v8:*", ), com_googlesource_quiche = dict( project_name = "QUICHE", project_desc = "QUICHE (QUIC, HTTP/2, Etc) is Google‘s implementation of QUIC and related protocols", project_url = "https://quiche.googlesource.com/quiche", - version = "6460972177446abe179ea430bf85b217c5ce240b", - sha256 = "5397ae241fc505e887203dc2c2f439549e42b1287687b155bcecac34536db434", + version = "aee86fb6ffce85e884a6f613ae5f47ce2c6b1e23", + sha256 = "a1b2c0cdd53a3a932db991bee736c6df20912c3d8070be9fbb4152575837cbf9", # Static snapshot of https://quiche.googlesource.com/quiche/+archive/{version}.tar.gz urls = ["https://storage.googleapis.com/quiche-envoy-integration/{version}.tar.gz"], use_category = ["dataplane_core"], - release_date = "2021-04-21", + release_date = "2021-06-02", cpe = "N/A", ), com_googlesource_googleurl = dict( @@ -871,7 +887,7 @@ REPOSITORY_LOCATIONS_SPEC = dict( # Only allow peeking at fuzzer related files for now. strip_prefix = "compiler-rt-{version}.src", urls = ["https://github.com/llvm/llvm-project/releases/download/llvmorg-{version}/compiler-rt-{version}.src.tar.xz"], - release_date = "2020-12-18", + release_date = "2021-01-06", use_category = ["test_only"], ), upb = dict( @@ -918,15 +934,15 @@ REPOSITORY_LOCATIONS_SPEC = dict( sha256 = "05f7c6eecb402f11fcb7e524c903f1ba1c38d3bdc9bf42bc8ec3cf7567b9f979", strip_prefix = "kafka-python-{version}", urls = ["https://github.com/dpkp/kafka-python/archive/{version}.tar.gz"], - release_date = "2020-02-20", + release_date = "2020-09-30", use_category = ["test_only"], ), proxy_wasm_cpp_sdk = dict( project_name = "WebAssembly for Proxies (C++ SDK)", project_desc = "WebAssembly for Proxies (C++ SDK)", project_url = "https://github.com/proxy-wasm/proxy-wasm-cpp-sdk", - version = "258b4c6974dba5255a9c433450971a56b29228ff", - sha256 = "8ff6231a5f0cc07bc865293e56eb37f60f5fd8d5a3889455c4e4ad9dbe54a5f7", + version = "d9baeb21d46ab07d4eb9295a5d53a1803b7b80af", + sha256 = "b517ac487e0ac4b5d4f951ec805f2e54d5aecece34159b053c5fb781fac5e0f5", strip_prefix = "proxy-wasm-cpp-sdk-{version}", urls = ["https://github.com/proxy-wasm/proxy-wasm-cpp-sdk/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], @@ -938,18 +954,19 @@ REPOSITORY_LOCATIONS_SPEC = dict( "envoy.stat_sinks.wasm", "envoy.wasm.runtime.null", "envoy.wasm.runtime.v8", + "envoy.wasm.runtime.wamr", "envoy.wasm.runtime.wavm", "envoy.wasm.runtime.wasmtime", ], - release_date = "2021-03-10", + release_date = "2021-05-15", cpe = "N/A", ), proxy_wasm_cpp_host = dict( project_name = "WebAssembly for Proxies (C++ host implementation)", project_desc = "WebAssembly for Proxies (C++ host implementation)", project_url = "https://github.com/proxy-wasm/proxy-wasm-cpp-host", - version = "31c75e0039f2f5c42dc6e12556cb151a38da6d8b", - sha256 = "779e7a8e0fd8ed8b3133b464a8e5a9974bdedb345792d3a6148cb5a87e26976b", + version = "605ee8a0eb78127e81f53bcc3f0b7ec983fb65c2", + sha256 = "7996d1d34ca0cae4079dc2dbe9b8d51ec6db5cb78ab93533bb8cd31ef970b84a", strip_prefix = "proxy-wasm-cpp-host-{version}", urls = ["https://github.com/proxy-wasm/proxy-wasm-cpp-host/archive/{version}.tar.gz"], use_category = ["dataplane_ext"], @@ -961,10 +978,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( "envoy.stat_sinks.wasm", "envoy.wasm.runtime.null", "envoy.wasm.runtime.v8", + "envoy.wasm.runtime.wamr", "envoy.wasm.runtime.wavm", "envoy.wasm.runtime.wasmtime", ], - release_date = "2021-05-06", + release_date = "2021-06-09", cpe = "N/A", ), proxy_wasm_rust_sdk = dict( diff --git a/ci/Dockerfile-envoy-windows b/ci/Dockerfile-envoy-windows index 015e3d70a723..e2bdfd6819ef 100644 --- a/ci/Dockerfile-envoy-windows +++ b/ci/Dockerfile-envoy-windows @@ -3,6 +3,9 @@ ARG BUILD_TAG=ltsc2019 FROM $BUILD_OS:$BUILD_TAG +RUN net user /add "EnvoyUser" +RUN net localgroup "Network Configuration Operators" "EnvoyUser" /add + RUN mkdir "C:\\Program\ Files\\envoy" RUN setx path "%path%;c:\Program Files\envoy" ADD ["windows/amd64/envoy.exe", "C:/Program Files/envoy/"] diff --git a/ci/README.md b/ci/README.md index 9cde25759f94..0561facedf73 100644 --- a/ci/README.md +++ b/ci/README.md @@ -34,7 +34,7 @@ Currently there are three build images for Linux and one for Windows: * `envoyproxy/envoy-build` — alias to `envoyproxy/envoy-build-ubuntu`. * `envoyproxy/envoy-build-ubuntu` — based on Ubuntu 18.04 (Bionic) with GCC 9 and Clang 10 compiler. * `envoyproxy/envoy-build-centos` — based on CentOS 7 with GCC 9 and Clang 10 compiler, this image is experimental and not well tested. -* `envoyproxy/envoy-build-windows2019` — based on Windows 2019 LTS with VS 2019 Build Tools. +* `envoyproxy/envoy-build-windows2019` — based on Windows ltsc2019 with VS 2019 Build Tools, as well as LLVM. The source for these images is located in the [envoyproxy/envoy-build-tools](https://github.com/envoyproxy/envoy-build-tools) repository. @@ -135,8 +135,6 @@ The `./ci/run_envoy_docker.sh './ci/do_ci.sh '` targets are: * `bazel.clang_tidy ` — build and run clang-tidy specified source files, if no files specified, runs against the diff with the last GitHub commit. * `check_format`— run `clang-format` and `buildifier` on entire source tree. * `fix_format`— run and enforce `clang-format` and `buildifier` on entire source tree. -* `check_spelling`— run `misspell` on entire project. -* `fix_spelling`— run and enforce `misspell` on entire project. * `check_spelling_pedantic`— run `aspell` on C++ and proto comments. * `docs`— build documentation tree in `generated/docs`. @@ -148,15 +146,15 @@ An example basic invocation to build the Envoy static binary and run tests is: ./ci/run_envoy_docker.sh './ci/windows_ci_steps.sh' ``` -You can modify `./ci/windows_ci_steps.sh` to modify `bazel` arguments, tests to run, etc. as well +You can pass additional command line arguments to `./ci/windows_ci_steps.sh` to list specific `bazel` arguments and build/test targets. as set environment variables to adjust your container build environment as described above. -The Envoy binary can be found in `C:\Windows\Temp\envoy-docker-build\envoy\source\exe` on the Docker host. You +The Envoy binary can be found in `${TEMP}\envoy-docker-build\envoy\source\exe` on the Docker host. You can control this by setting `ENVOY_DOCKER_BUILD_DIR` in the environment, e.g. to generate the binary in `C:\Users\foo\build\envoy\source\exe` you can run: ```bash -ENVOY_DOCKER_BUILD_DIR="C:\Users\foo\build" ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.dev' +ENVOY_DOCKER_BUILD_DIR="C:\Users\foo\build" ./ci/run_envoy_docker.sh './ci/windows_ci_steps.sh' ``` Note the quotations around the `ENVOY_DOCKER_BUILD_DIR` value to preserve the backslashes in the @@ -168,24 +166,16 @@ If you would like to run an interactive session to keep the build container runn ./ci/run_envoy_docker.sh 'bash' ``` -From an interactive session, you can invoke `bazel` manually or use the `./ci/windows_ci_steps.sh` script to build and run tests. +From an interactive session, you can invoke `bazel` directly, or use the `./ci/windows_ci_steps.sh` script to build and run tests. +Bazel will look for .bazelrc in the `${HOME}` path, which is mapped to the persistent path `${TEMP}\envoy-docker-build\` on the +Docker host. # Testing changes to the build image as a developer -While all changes to the build image should eventually be upstreamed, it can be useful to -test those changes locally before sending out a pull request. To experiment -with a local clone of the upstream build image you can make changes to files such as -build_container.sh locally and then run: - -```bash -DISTRO=ubuntu -cd ci/build_container -LINUX_DISTRO="${DISTRO}" CIRCLE_SHA1=my_tag ./docker_build.sh # Wait patiently for quite some time -cd ../.. -IMAGE_NAME="envoyproxy/envoy-build-${DISTRO}" IMAGE_ID=my_tag ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.whatever' -``` - -This build the Ubuntu based `envoyproxy/envoy-build-ubuntu` image, and the final call will run against your local copy of the build image. +The base build image used in the CI flows here lives in the [envoy-build-tools](https://github.com/envoyproxy/envoy-build-tools) +repository. If you need to make and/or test changes to the build image, instructions to do so can be found in +the [build_container](https://github.com/envoyproxy/envoy-build-tools/blob/main/build_container/README.md) folder. +See the Dockerfiles and build scripts there for building a new image. # macOS Build Flow diff --git a/ci/build_setup.sh b/ci/build_setup.sh index a44d0c14d4c3..cedbda30a9e8 100755 --- a/ci/build_setup.sh +++ b/ci/build_setup.sh @@ -64,8 +64,9 @@ then fi # Environment setup. -export TEST_TMPDIR=${BUILD_DIR}/tmp -export PATH=/opt/llvm/bin:${PATH} +export TEST_TMPDIR="${TEST_TMPDIR:-$BUILD_DIR/tmp}" +export LLVM_ROOT="${LLVM_ROOT:-/opt/llvm}" +export PATH=${LLVM_ROOT}/bin:${PATH} export CLANG_FORMAT="${CLANG_FORMAT:-clang-format}" if [[ -f "/etc/redhat-release" ]]; then @@ -81,7 +82,6 @@ function cleanup() { cleanup trap cleanup EXIT -export LLVM_ROOT="${LLVM_ROOT:-/opt/llvm}" "$(dirname "$0")"/../bazel/setup_clang.sh "${LLVM_ROOT}" [[ "${BUILD_REASON}" != "PullRequest" ]] && BAZEL_EXTRA_TEST_OPTIONS+=("--nocache_test_results") diff --git a/ci/check_and_fix_format.sh b/ci/check_and_fix_format.sh index 7d5fe0a54d18..04f4db457461 100755 --- a/ci/check_and_fix_format.sh +++ b/ci/check_and_fix_format.sh @@ -13,8 +13,6 @@ export FORCE_PYTHON_FORMAT=yes function fix { set +e ci/do_ci.sh fix_format - ci/do_ci.sh fix_spelling - ci/do_ci.sh fix_spelling_pedantic echo "Format check failed, try apply following patch to fix:" git add api git diff HEAD | tee "${DIFF_OUTPUT}" @@ -26,6 +24,3 @@ function fix { trap fix ERR ci/do_ci.sh check_format -ci/do_ci.sh check_repositories -ci/do_ci.sh check_spelling -ci/do_ci.sh check_spelling_pedantic diff --git a/ci/do_ci.sh b/ci/do_ci.sh index 89e949c18dce..68c2000044ad 100755 --- a/ci/do_ci.sh +++ b/ci/do_ci.sh @@ -6,9 +6,8 @@ set -e build_setup_args="" -if [[ "$1" == "format_pre" || "$1" == "fix_format" || "$1" == "check_format" || "$1" == "check_repositories" || \ - "$1" == "check_spelling" || "$1" == "fix_spelling" || "$1" == "bazel.clang_tidy" || "$1" == "tooling" || \ - "$1" == "check_spelling_pedantic" || "$1" == "fix_spelling_pedantic" ]]; then +if [[ "$1" == "format_pre" || "$1" == "fix_format" || "$1" == "check_format" || \ + "$1" == "bazel.clang_tidy" || "$1" == "tooling" || "$1" == "deps" ]]; then build_setup_args="-nofetch" fi @@ -218,20 +217,11 @@ elif [[ "$CI_TARGET" == "bazel.sizeopt" ]]; then bazel_binary_build sizeopt exit 0 elif [[ "$CI_TARGET" == "bazel.gcc" ]]; then - # Temporariliy exclude some extensions from the envoy binary to address build failures - # due to long command line. Tests will still run. - BAZEL_BUILD_OPTIONS+=( - "--test_env=HEAPCHECK=" - "--//source/extensions/filters/network/rocketmq_proxy:enabled=False" - "--//source/extensions/filters/http/admission_control:enabled=False" - "--//source/extensions/filters/http/dynamo:enabled=False" - "--//source/extensions/filters/http/header_to_metadata:enabled=False" - "--//source/extensions/filters/http/on_demand:enabled=False") + BAZEL_BUILD_OPTIONS+=("--test_env=HEAPCHECK=") setup_gcc_toolchain - # Disable //test/config_test:example_configs_test so it does not fail because of excluded extensions above - echo "Testing ${TEST_TARGETS[*]} -//test/config_test:example_configs_test" - bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild -- "${TEST_TARGETS[@]}" -//test/config_test:example_configs_test + echo "Testing ${TEST_TARGETS[*]}" + bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild -- "${TEST_TARGETS[@]}" echo "bazel release build with gcc..." bazel_binary_build fastbuild @@ -302,11 +292,8 @@ elif [[ "$CI_TARGET" == "bazel.dev" ]]; then echo "Building..." bazel_binary_build fastbuild - echo "Building and testing ${TEST_TARGETS[*]}" - bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild "${TEST_TARGETS[@]}" - # TODO(foreseeable): consolidate this and the API tool tests in a dedicated target. - bazel_with_collection //tools/envoy_headersplit:headersplit_test --spawn_strategy=local - bazel_with_collection //tools/envoy_headersplit:replace_includes_test --spawn_strategy=local + echo "Testing ${TEST_TARGETS[*]}" + bazel test "${BAZEL_BUILD_OPTIONS[@]}" -c fastbuild "${TEST_TARGETS[@]}" exit 0 elif [[ "$CI_TARGET" == "bazel.compile_time_options" ]]; then # Right now, none of the available compile-time options conflict with each other. If this @@ -334,6 +321,9 @@ elif [[ "$CI_TARGET" == "bazel.compile_time_options" ]]; then TEST_TARGETS=("${TEST_TARGETS[@]/#\/\//@envoy\/\/}") # Building all the dependencies from scratch to link them against libc++. + echo "Building and testing with wasm=wamr: ${TEST_TARGETS[*]}" + bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" --define wasm=wamr "${COMPILE_TIME_OPTIONS[@]}" -c dbg "${TEST_TARGETS[@]}" --test_tag_filters=-nofips --build_tests_only + echo "Building and testing with wasm=wasmtime: ${TEST_TARGETS[*]}" bazel_with_collection test "${BAZEL_BUILD_OPTIONS[@]}" --define wasm=wasmtime "${COMPILE_TIME_OPTIONS[@]}" -c dbg "${TEST_TARGETS[@]}" --test_tag_filters=-nofips --build_tests_only @@ -428,32 +418,13 @@ elif [[ "$CI_TARGET" == "check_format" ]]; then "${ENVOY_SRCDIR}"/tools/code_format/check_format.py check BAZEL_BUILD_OPTIONS="${BAZEL_BUILD_OPTIONS[*]}" "${ENVOY_SRCDIR}"/tools/proto_format/proto_format.sh check --test exit 0 -elif [[ "$CI_TARGET" == "check_repositories" ]]; then - echo "check_repositories..." - "${ENVOY_SRCDIR}"/tools/check_repositories.sh - exit 0 -elif [[ "$CI_TARGET" == "check_spelling" ]]; then - echo "check_spelling..." - "${ENVOY_SRCDIR}"/tools/spelling/check_spelling.sh check - exit 0 -elif [[ "$CI_TARGET" == "fix_spelling" ]];then - echo "fix_spell..." - "${ENVOY_SRCDIR}"/tools/spelling/check_spelling.sh fix - exit 0 -elif [[ "$CI_TARGET" == "check_spelling_pedantic" ]]; then - echo "check_spelling_pedantic..." - "${ENVOY_SRCDIR}"/tools/spelling/check_spelling_pedantic.py --mark check - exit 0 -elif [[ "$CI_TARGET" == "fix_spelling_pedantic" ]]; then - echo "fix_spelling_pedantic..." - "${ENVOY_SRCDIR}"/tools/spelling/check_spelling_pedantic.py fix - exit 0 elif [[ "$CI_TARGET" == "docs" ]]; then echo "generating docs..." # Build docs. BAZEL_BUILD_OPTIONS="${BAZEL_BUILD_OPTIONS[*]}" "${ENVOY_SRCDIR}"/docs/build.sh exit 0 elif [[ "$CI_TARGET" == "deps" ]]; then + echo "verifying dependencies..." # Validate dependency relationships between core/extensions and external deps. "${ENVOY_SRCDIR}"/tools/dependency/validate_test.py @@ -464,6 +435,8 @@ elif [[ "$CI_TARGET" == "deps" ]]; then bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/dependency:cve_scan_test # Validate repository metadata. + echo "check repositories..." + "${ENVOY_SRCDIR}"/tools/check_repositories.sh "${ENVOY_SRCDIR}"/ci/check_repository_locations.sh # Run pip requirements tests @@ -480,7 +453,7 @@ elif [[ "$CI_TARGET" == "tooling" ]]; then bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/testing:all_pytests -- --cov-html /source/generated/tooling "${ENVOY_SRCDIR}" exit 0 elif [[ "$CI_TARGET" == "verify_examples" ]]; then - run_ci_verify "*" wasm-cc + run_ci_verify "*" "wasm-cc|win32-front-proxy" exit 0 elif [[ "$CI_TARGET" == "verify_build_examples" ]]; then run_ci_verify wasm-cc diff --git a/ci/filter_example_setup.sh b/ci/filter_example_setup.sh index 0d0cd1f60280..5ef74fa49119 100644 --- a/ci/filter_example_setup.sh +++ b/ci/filter_example_setup.sh @@ -5,7 +5,7 @@ set -e # This is the hash on https://github.com/envoyproxy/envoy-filter-example.git we pin to. -ENVOY_FILTER_EXAMPLE_GITSHA="dfdc226d44d1b7c300e6e691e2e8ada98b045edb" +ENVOY_FILTER_EXAMPLE_GITSHA="ac6a66a4a1c08138ccc03c23aafc9637b2df55a1" ENVOY_FILTER_EXAMPLE_SRCDIR="${BUILD_DIR}/envoy-filter-example" # shellcheck disable=SC2034 diff --git a/ci/format_pre.sh b/ci/format_pre.sh index 92df44517097..bcc92cb07eb8 100755 --- a/ci/format_pre.sh +++ b/ci/format_pre.sh @@ -7,6 +7,8 @@ FAILED=() CURRENT="" +# AZP appears to make lines with this prefix red +BASH_ERR_PREFIX="##[error]: " DIFF_OUTPUT="${DIFF_OUTPUT:-/build/fix_format_pre.diff}" @@ -24,6 +26,13 @@ trap_errors () { FAILED+=(" > ${sub}@ ${file} :${line}") else FAILED+=("${sub}@ ${file} :${line}${command}") + if [[ "$CURRENT" == "glint" ]]; then + FAILED+=( + " Please fix your editor to ensure:" + " - no trailing whitespace" + " - no mixed tabs/spaces" + " - all files end with a newline") + fi fi ((frame++)) done @@ -46,10 +55,16 @@ bazel run "${BAZEL_BUILD_OPTIONS[@]}" //configs:example_configs_validation CURRENT=python bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/code_format:python_check -- --diff-file="$DIFF_OUTPUT" --fix "$(pwd)" +CURRENT=extensions +bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/extensions:extensions_check + +CURRENT=spelling +"${ENVOY_SRCDIR}"/tools/spelling/check_spelling_pedantic.py --mark check + if [[ "${#FAILED[@]}" -ne "0" ]]; then - echo "TESTS FAILED:" >&2 + echo "${BASH_ERR_PREFIX}TESTS FAILED:" >&2 for failed in "${FAILED[@]}"; do - echo " $failed" >&2 + echo "${BASH_ERR_PREFIX} $failed" >&2 done exit 1 fi diff --git a/ci/mac_ci_steps.sh b/ci/mac_ci_steps.sh index 5dfda616406c..06c729e2974a 100755 --- a/ci/mac_ci_steps.sh +++ b/ci/mac_ci_steps.sh @@ -32,6 +32,12 @@ BAZEL_BUILD_OPTIONS=( "${BAZEL_BUILD_EXTRA_OPTIONS[@]}" "${BAZEL_EXTRA_TEST_OPTIONS[@]}") +NCPU=$(sysctl -n hw.ncpu) +if [[ $NCPU -gt 0 ]]; then + echo "limiting build to $NCPU jobs, based on CPU count" + BAZEL_BUILD_OPTIONS+=("--jobs=$NCPU") +fi + # Build envoy and run tests as separate steps so that failure output # is somewhat more deterministic (rather than interleaving the build # and test steps). diff --git a/ci/run_clang_tidy.sh b/ci/run_clang_tidy.sh index f9b54d3a80d8..0aca2629f3c4 100755 --- a/ci/run_clang_tidy.sh +++ b/ci/run_clang_tidy.sh @@ -46,11 +46,6 @@ function exclude_check_format_testdata() { grep -v tools/testdata/check_format/ } -# Do not run clang-tidy on envoy_headersplit testdata files. -function exclude_headersplit_testdata() { - grep -v tools/envoy_headersplit/ -} - # Do not run clang-tidy against Chromium URL import, this needs to largely # reflect the upstream structure. function exclude_chromium_url() { @@ -88,7 +83,7 @@ function exclude_wasm_examples() { } function filter_excludes() { - exclude_check_format_testdata | exclude_headersplit_testdata | exclude_chromium_url | exclude_win32_impl | exclude_macos_impl | exclude_third_party | exclude_wasm_emscripten | exclude_wasm_sdk | exclude_wasm_host | exclude_wasm_test_data | exclude_wasm_examples + exclude_check_format_testdata | exclude_chromium_url | exclude_win32_impl | exclude_macos_impl | exclude_third_party | exclude_wasm_emscripten | exclude_wasm_sdk | exclude_wasm_host | exclude_wasm_test_data | exclude_wasm_examples } function run_clang_tidy() { diff --git a/ci/run_envoy_docker.sh b/ci/run_envoy_docker.sh index 9a06ff233acb..30905c21ac98 100755 --- a/ci/run_envoy_docker.sh +++ b/ci/run_envoy_docker.sh @@ -61,6 +61,8 @@ mkdir -p "${ENVOY_DOCKER_BUILD_DIR}" export ENVOY_BUILD_IMAGE="${IMAGE_NAME}:${IMAGE_ID}" +time docker pull "${ENVOY_BUILD_IMAGE}" + # Since we specify an explicit hash, docker-run will pull from the remote repo if missing. docker run --rm \ "${ENVOY_DOCKER_OPTIONS[@]}" \ diff --git a/ci/verify_examples.sh b/ci/verify_examples.sh index 8f78d54e1a29..8b6d6f719a66 100755 --- a/ci/verify_examples.sh +++ b/ci/verify_examples.sh @@ -29,7 +29,11 @@ trap exit 1 INT run_examples () { local examples example cd "${SRCDIR}/examples" || exit 1 - examples=$(find . -mindepth 1 -maxdepth 1 -type d -name "$TESTFILTER" ! -iname "_*" ! -name "$TESTEXCLUDES" | sort) + + examples=$(find . -mindepth 1 -maxdepth 1 -type d -name "$TESTFILTER" ! -iname "_*" | sort) + if [[ -n "$TESTEXCLUDES" ]]; then + examples=$(echo "$examples" | grep -Ev "$TESTEXCLUDES") + fi for example in $examples; do pushd "$example" > /dev/null || return 1 ./verify.sh diff --git a/ci/windows_ci_steps.sh b/ci/windows_ci_steps.sh index 33f6713a122f..67ff0eb40994 100755 --- a/ci/windows_ci_steps.sh +++ b/ci/windows_ci_steps.sh @@ -67,24 +67,55 @@ if [[ "${BAZEL_BUILD_EXTRA_OPTIONS[*]}" =~ "clang-cl" ]]; then FAIL_GROUP=clang_cl fi -# Pre-Validate updates of all dependency libraries in bazel/foreign_cc and bazel/external -# and complete envoy-static build -bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //bazel/... //source/exe:envoy-static --build_tag_filters=-skip_on_windows - -# Copy binary to delivery directory -cp -f bazel-bin/source/exe/envoy-static.exe "${ENVOY_DELIVERY_DIR}/envoy.exe" +# Optional arguments include //source/exe:envoy-static to build, +# //test/... to test all with flake handling and test tag filters +# (these are the default), either one or the other, or a list of +# explicit tests or patterns which does not perform tag exclusions, +# unless given as additional argument. (If we explicitly ask, we +# are determined to fight a broken test, whether it is tagged +# skip/fail on windows or not.) + +if [[ $1 == "//source/exe:envoy-static" ]]; then + BUILD_ENVOY_STATIC=1 + shift + TEST_TARGETS=$* +elif [[ $# -gt 0 ]]; then + BUILD_ENVOY_STATIC=0 + TEST_TARGETS=$* +else + BUILD_ENVOY_STATIC=1 + TEST_TARGETS='//test/...' +fi -# Copy for azp, creating a tar archive -tar czf "${ENVOY_BUILD_DIR}"/envoy_binary.tar.gz -C "${ENVOY_DELIVERY_DIR}" envoy.exe +# Complete envoy-static build +if [[ $BUILD_ENVOY_STATIC -eq 1 ]]; then + bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //source/exe:envoy-static -# Test invocations of known-working tests on Windows -bazel "${BAZEL_STARTUP_OPTIONS[@]}" test "${BAZEL_BUILD_OPTIONS[@]}" //test/... --test_tag_filters=-skip_on_windows,-fails_on_${FAIL_GROUP} --build_tests_only + # Copy binary to delivery directory + cp -f bazel-bin/source/exe/envoy-static.exe "${ENVOY_DELIVERY_DIR}/envoy.exe" -echo "running flaky test reporting script" -"${ENVOY_SRCDIR}"/ci/flaky_test/run_process_xml.sh "$CI_TARGET" + # Copy for azp, creating a tar archive + tar czf "${ENVOY_BUILD_DIR}"/envoy_binary.tar.gz -C "${ENVOY_DELIVERY_DIR}" envoy.exe +fi -# Build tests that are known flaky or failing to ensure no compilation regressions -bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //test/... --test_tag_filters=-skip_on_windows,fails_on_${FAIL_GROUP} --build_tests_only +# Test invocations of known-working tests on Windows +if [[ $TEST_TARGETS == "//test/..." ]]; then + bazel "${BAZEL_STARTUP_OPTIONS[@]}" test "${BAZEL_BUILD_OPTIONS[@]}" $TEST_TARGETS --test_tag_filters=-skip_on_windows,-fails_on_${FAIL_GROUP} --build_tests_only + + echo "running flaky test reporting script" + "${ENVOY_SRCDIR}"/ci/flaky_test/run_process_xml.sh "$CI_TARGET" + + # Build tests that are known flaky or failing to ensure no compilation regressions + bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //test/... --test_tag_filters=fails_on_${FAIL_GROUP} --build_tests_only + + if [[ $BUILD_ENVOY_STATIC -eq 1 ]]; then + # Validate introduction or updates of any dependency libraries in bazel/foreign_cc and bazel/external + # not triggered by envoy-static or //test/... targets and not deliberately tagged skip_on_windows + bazel "${BAZEL_STARTUP_OPTIONS[@]}" build "${BAZEL_BUILD_OPTIONS[@]}" //bazel/... --build_tag_filters=-skip_on_windows + fi +elif [[ -n "$TEST_TARGETS" ]]; then + bazel "${BAZEL_STARTUP_OPTIONS[@]}" test "${BAZEL_BUILD_OPTIONS[@]}" $TEST_TARGETS --build_tests_only +fi # Summarize known unbuildable or inapplicable tests (example) # bazel "${BAZEL_STARTUP_OPTIONS[@]}" query 'kind(".*test rule", attr("tags", "skip_on_windows", //test/...))' 2>/dev/null | sort diff --git a/configs/BUILD b/configs/BUILD index d813f295ac81..80583f0aa32f 100644 --- a/configs/BUILD +++ b/configs/BUILD @@ -9,6 +9,10 @@ licenses(["notice"]) # Apache 2 envoy_package() +exports_files([ + "google-vrp/envoy-edge.yaml", +]) + py_binary( name = "configgen", srcs = ["configgen.py"], diff --git a/configs/Dockerfile b/configs/Dockerfile deleted file mode 100644 index 8167a41d4dd4..000000000000 --- a/configs/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -# This configuration will build a Docker container containing -# an Envoy proxy that routes to envoyproxy.io. - -FROM envoyproxy/envoy-dev:latest -RUN apt-get update -COPY envoy-demo.yaml /etc/envoy.yaml -CMD /usr/local/bin/envoy -c /etc/envoy.yaml diff --git a/configs/encapsulate_in_http1_connect.yaml b/configs/encapsulate_in_http1_connect.yaml index fcf41cbd7c87..a11a99788032 100644 --- a/configs/encapsulate_in_http1_connect.yaml +++ b/configs/encapsulate_in_http1_connect.yaml @@ -27,20 +27,20 @@ static_resources: tunneling_config: hostname: host.com:443 clusters: - - name: cluster_0 - connect_timeout: 5s - # This ensures HTTP/1.1 CONNECT is used for establishing the tunnel. - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http_protocol_options: {} - load_assignment: - cluster_name: cluster_0 - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 10001 + - name: cluster_0 + connect_timeout: 5s + # This ensures HTTP/1.1 CONNECT is used for establishing the tunnel. + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http_protocol_options: {} + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10001 diff --git a/configs/encapsulate_in_http2_connect.yaml b/configs/encapsulate_in_http2_connect.yaml index a67cf4738b87..abe84ecc86e2 100644 --- a/configs/encapsulate_in_http2_connect.yaml +++ b/configs/encapsulate_in_http2_connect.yaml @@ -27,20 +27,20 @@ static_resources: tunneling_config: hostname: host.com:443 clusters: - - name: cluster_0 - connect_timeout: 5s - # This ensures HTTP/2 CONNECT is used for establishing the tunnel. - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http2_protocol_options: {} - load_assignment: - cluster_name: cluster_0 - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 10001 + - name: cluster_0 + connect_timeout: 5s + # This ensures HTTP/2 CONNECT is used for establishing the tunnel. + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10001 diff --git a/configs/encapsulate_in_http2_post.yaml b/configs/encapsulate_in_http2_post.yaml index 7dd54b43fa16..61353a97a886 100644 --- a/configs/encapsulate_in_http2_post.yaml +++ b/configs/encapsulate_in_http2_post.yaml @@ -28,20 +28,20 @@ static_resources: hostname: host.com:443 use_post: true clusters: - - name: cluster_0 - connect_timeout: 5s - # This ensures HTTP/2 POST is used for establishing the tunnel. - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http2_protocol_options: {} - load_assignment: - cluster_name: cluster_0 - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 10001 + - name: cluster_0 + connect_timeout: 5s + # This ensures HTTP/2 POST is used for establishing the tunnel. + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10001 diff --git a/configs/envoy-demo.yaml b/configs/envoy-demo.yaml index f84b00c5eab4..39bfae994947 100644 --- a/configs/envoy-demo.yaml +++ b/configs/envoy-demo.yaml @@ -37,7 +37,6 @@ static_resources: - name: envoy.filters.http.router clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/configs/envoy-tap-config.yaml b/configs/envoy-tap-config.yaml index f8d4ef083648..655580c77210 100644 --- a/configs/envoy-tap-config.yaml +++ b/configs/envoy-tap-config.yaml @@ -37,7 +37,6 @@ static_resources: - name: envoy.filters.http.router clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/configs/envoy_double_proxy.template.yaml b/configs/envoy_double_proxy.template.yaml index 806ba9d03a41..223a0d5ccf86 100644 --- a/configs/envoy_double_proxy.template.yaml +++ b/configs/envoy_double_proxy.template.yaml @@ -112,7 +112,6 @@ static_resources: clusters: - name: statsd type: STATIC - connect_timeout: 0.25s lb_policy: ROUND_ROBIN load_assignment: cluster_name: statsd @@ -126,7 +125,6 @@ static_resources: protocol: TCP - name: backhaul type: STRICT_DNS - connect_timeout: 1s lb_policy: ROUND_ROBIN load_assignment: cluster_name: backhaul @@ -165,7 +163,6 @@ static_resources: http2_protocol_options: {} - name: lightstep_saas type: LOGICAL_DNS - connect_timeout: 1s lb_policy: ROUND_ROBIN load_assignment: cluster_name: lightstep_saas diff --git a/configs/envoyproxy_io_proxy_http3_downstream.yaml b/configs/envoyproxy_io_proxy_http3_downstream.yaml index 2037b192af08..bb643dda3573 100644 --- a/configs/envoyproxy_io_proxy_http3_downstream.yaml +++ b/configs/envoyproxy_io_proxy_http3_downstream.yaml @@ -1,4 +1,5 @@ # An example config which accepts HTTP/3 and forwarads the requests upstream over TCP. +# This includes a TCP listener which advertises that HTTP/3 is available via the alt-svc header admin: address: socket_address: @@ -7,93 +8,91 @@ admin: port_value: 9901 static_resources: listeners: - - name: listener_tcp - address: - socket_address: - protocol: TCP - address: 0.0.0.0 - port_value: 10000 - filter_chains: - - transport_socket: - name: envoy.transport_sockets.tls - typed_config: - "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext - downstream_tls_context: - common_tls_context: - tls_certificates: - - certificate_chain: - filename: certs/servercert.pem - private_key: - filename: certs/serverkey.pem - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: HTTP2 - stat_prefix: ingress_http - route_config: - name: local_route - virtual_hosts: - - name: local_service - response_headers_to_add: - - header: - key: alt-svc - value: h3=":10000"; ma=86400, h3-29=":10000"; ma=86400 - domains: ["*"] - routes: - - match: - prefix: "/" - route: - host_rewrite_literal: www.envoyproxy.io - cluster: service_envoyproxy_io - http3_protocol_options: - http_filters: - - name: envoy.filters.http.router + - name: listener_tcp + address: + socket_address: + protocol: TCP + address: 0.0.0.0 + port_value: 10000 + filter_chains: + - transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + common_tls_context: + tls_certificates: + - certificate_chain: + filename: certs/servercert.pem + private_key: + filename: certs/serverkey.pem + filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: HTTP2 + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: local_service + response_headers_to_add: + - header: + key: alt-svc + value: h3=":10000"; ma=86400, h3-29=":10000"; ma=86400 + domains: ["*"] + routes: + - match: + prefix: "/" + route: + host_rewrite_literal: www.envoyproxy.io + cluster: service_envoyproxy_io + http3_protocol_options: + http_filters: + - name: envoy.filters.http.router - listeners: - - name: listener_udp - address: - socket_address: - protocol: UDP - address: 0.0.0.0 - port_value: 10000 - reuse_port: true - udp_listener_config: - quic_options: {} - downstream_socket_config: - prefer_gro: true - filter_chains: - - transport_socket: - name: envoy.transport_sockets.quic - typed_config: - '@type': type.googleapis.com/envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport - downstream_tls_context: - common_tls_context: - tls_certificates: - - certificate_chain: - filename: certs/servercert.pem - private_key: - filename: certs/serverkey.pem - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: HTTP3 - stat_prefix: ingress_http - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: - prefix: "/" - route: - host_rewrite_literal: www.envoyproxy.io - cluster: service_envoyproxy_io - http3_protocol_options: - http_filters: - - name: envoy.filters.http.router + - name: listener_udp + address: + socket_address: + protocol: UDP + address: 0.0.0.0 + port_value: 10000 + reuse_port: true + udp_listener_config: + quic_options: {} + downstream_socket_config: + prefer_gro: true + filter_chains: + - transport_socket: + name: envoy.transport_sockets.quic + typed_config: + '@type': type.googleapis.com/envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport + downstream_tls_context: + common_tls_context: + tls_certificates: + - certificate_chain: + filename: certs/servercert.pem + private_key: + filename: certs/serverkey.pem + filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: HTTP3 + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: + prefix: "/" + route: + host_rewrite_literal: www.envoyproxy.io + cluster: service_envoyproxy_io + http3_protocol_options: + http_filters: + - name: envoy.filters.http.router clusters: - name: service_envoyproxy_io connect_timeout: 30s diff --git a/configs/example_configs_validation.py b/configs/example_configs_validation.py index ce8095ee84e2..e05f52b43a44 100644 --- a/configs/example_configs_validation.py +++ b/configs/example_configs_validation.py @@ -1,22 +1,18 @@ import pathlib import sys -import yaml - from google.protobuf.json_format import ParseError sys.path = [p for p in sys.path if not p.endswith('bazel_tools')] -from tools.config_validation.validate_fragment import validate_fragment +from tools.config_validation.validate_fragment import validate_yaml def main(): errors = [] for arg in sys.argv[1:]: try: - validate_fragment( - "envoy.config.bootstrap.v3.Bootstrap", - yaml.safe_load(pathlib.Path(arg).read_text())) + validate_yaml("envoy.config.bootstrap.v3.Bootstrap", pathlib.Path(arg).read_text()) except (ParseError, KeyError) as e: errors.append(arg) print(f"\nERROR (validation failed): {arg}\n{e}\n\n") diff --git a/configs/freebind/freebind.yaml b/configs/freebind/freebind.yaml index 6e3c08a7da84..38bf2b786aed 100644 --- a/configs/freebind/freebind.yaml +++ b/configs/freebind/freebind.yaml @@ -24,8 +24,8 @@ static_resources: - name: local_service domains: ["*"] routes: - - match: { prefix: "/" } - route: { cluster: service_local } + - match: {prefix: "/"} + route: {cluster: service_local} http_filters: - name: envoy.filters.http.router clusters: diff --git a/configs/google-vrp/envoy-edge.yaml b/configs/google-vrp/envoy-edge.yaml index b6d85631b454..1d2e5867756b 100644 --- a/configs/google-vrp/envoy-edge.yaml +++ b/configs/google-vrp/envoy-edge.yaml @@ -5,7 +5,7 @@ overload_manager: typed_config: "@type": type.googleapis.com/envoy.extensions.resource_monitors.fixed_heap.v3.FixedHeapConfig # TODO: Tune for your system. - max_heap_size_bytes: 1073741824 # 1 GiB + max_heap_size_bytes: 1073741824 # 1 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: @@ -26,7 +26,7 @@ static_resources: protocol: TCP address: 0.0.0.0 port_value: 10000 - per_connection_buffer_limit_bytes: 32768 # 32 KiB + per_connection_buffer_limit_bytes: 32768 # 32 KiB # Uncomment if Envoy is behind a load balancer that exposes client IP address using the PROXY protocol. # listener_filters: # - name: envoy.filters.listener.proxy_protocol @@ -39,8 +39,8 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { filename: "certs/servercert.pem" } - private_key: { filename: "certs/serverkey.pem" } + - certificate_chain: {filename: "certs/servercert.pem"} + private_key: {filename: "certs/serverkey.pem"} filters: - name: envoy.filters.network.http_connection_manager typed_config: @@ -48,14 +48,14 @@ static_resources: stat_prefix: ingress_http use_remote_address: true common_http_protocol_options: - idle_timeout: 3600s # 1 hour + idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB - stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests - request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB + stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: name: local_route virtual_hosts: @@ -68,7 +68,7 @@ static_resources: prefix: "/content" route: cluster: service_foo - idle_timeout: 15s # must be disabled for long-lived and streaming requests + idle_timeout: 15s # must be disabled for long-lived and streaming requests - match: prefix: "/" direct_response: @@ -80,7 +80,7 @@ static_resources: clusters: - name: service_foo connect_timeout: 5s - per_connection_buffer_limit_bytes: 32768 # 32 KiB + per_connection_buffer_limit_bytes: 32768 # 32 KiB load_assignment: cluster_name: service_foo endpoints: @@ -95,5 +95,5 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions explicit_http_config: http2_protocol_options: - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB diff --git a/configs/google-vrp/envoy-origin.yaml b/configs/google-vrp/envoy-origin.yaml index a9421fee5ab9..7ca1a5ef3249 100644 --- a/configs/google-vrp/envoy-origin.yaml +++ b/configs/google-vrp/envoy-origin.yaml @@ -4,7 +4,7 @@ overload_manager: - name: "envoy.resource_monitors.fixed_heap" typed_config: "@type": type.googleapis.com/envoy.extensions.resource_monitors.fixed_heap.v3.FixedHeapConfig - max_heap_size_bytes: 1073741824 # 1 GiB + max_heap_size_bytes: 1073741824 # 1 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: @@ -34,14 +34,14 @@ static_resources: stat_prefix: ingress_http use_remote_address: true common_http_protocol_options: - idle_timeout: 3600s # 1 hour + idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB - stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests - request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB + stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: name: local_route virtual_hosts: diff --git a/configs/proxy_connect.yaml b/configs/proxy_connect.yaml index c4cabecb13b4..7e83cd83eb3d 100644 --- a/configs/proxy_connect.yaml +++ b/configs/proxy_connect.yaml @@ -25,36 +25,35 @@ static_resources: virtual_hosts: - name: local_service domains: - - "*" + - "*" routes: - - match: - connect_matcher: - {} - route: - cluster: cluster_0 - upgrade_configs: - - upgrade_type: CONNECT + - match: + connect_matcher: + {} + route: + cluster: cluster_0 + upgrade_configs: + - upgrade_type: CONNECT http_filters: - name: envoy.filters.http.router http2_protocol_options: allow_connect: true upgrade_configs: - - upgrade_type: CONNECT + - upgrade_type: CONNECT clusters: - - name: cluster_0 - connect_timeout: 5s - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http2_protocol_options: {} - load_assignment: - cluster_name: cluster_0 - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 10002 - + - name: cluster_0 + connect_timeout: 5s + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10002 diff --git a/configs/terminate_http1_connect.yaml b/configs/terminate_http1_connect.yaml index 884da227f1cb..ca9e25e72af6 100644 --- a/configs/terminate_http1_connect.yaml +++ b/configs/terminate_http1_connect.yaml @@ -26,22 +26,22 @@ static_resources: virtual_hosts: - name: local_service domains: - - "*" + - "*" routes: - - match: - connect_matcher: + - match: + connect_matcher: + {} + route: + cluster: service_google + upgrade_configs: + - upgrade_type: CONNECT + connect_config: {} - route: - cluster: service_google - upgrade_configs: - - upgrade_type: CONNECT - connect_config: - {} http_filters: - name: envoy.filters.http.router http_protocol_options: {} upgrade_configs: - - upgrade_type: CONNECT + - upgrade_type: CONNECT clusters: - name: service_google connect_timeout: 0.25s diff --git a/configs/terminate_http2_connect.yaml b/configs/terminate_http2_connect.yaml index 4f7ceb0ff1f7..474d76018000 100644 --- a/configs/terminate_http2_connect.yaml +++ b/configs/terminate_http2_connect.yaml @@ -26,23 +26,23 @@ static_resources: virtual_hosts: - name: local_service domains: - - "*" + - "*" routes: - - match: - connect_matcher: + - match: + connect_matcher: + {} + route: + cluster: service_google + upgrade_configs: + - upgrade_type: CONNECT + connect_config: {} - route: - cluster: service_google - upgrade_configs: - - upgrade_type: CONNECT - connect_config: - {} http_filters: - name: envoy.filters.http.router http2_protocol_options: allow_connect: true upgrade_configs: - - upgrade_type: CONNECT + - upgrade_type: CONNECT clusters: - name: service_google connect_timeout: 0.25s diff --git a/configs/terminate_http2_post.yaml b/configs/terminate_http2_post.yaml index 7acd685b2a9c..4c76f72313e2 100644 --- a/configs/terminate_http2_post.yaml +++ b/configs/terminate_http2_post.yaml @@ -26,19 +26,19 @@ static_resources: virtual_hosts: - name: local_service domains: - - "*" + - "*" routes: - - match: - prefix: "/" - headers: - - name: ":method" - exact_match: "POST" - route: - cluster: service_google - upgrade_configs: - - upgrade_type: CONNECT - connect_config: - allow_post: true + - match: + prefix: "/" + headers: + - name: ":method" + exact_match: "POST" + route: + cluster: service_google + upgrade_configs: + - upgrade_type: CONNECT + connect_config: + allow_post: true http_filters: - name: envoy.filters.http.router http2_protocol_options: diff --git a/docs/BUILD b/docs/BUILD index 0c2797f66ff1..d110103fda90 100644 --- a/docs/BUILD +++ b/docs/BUILD @@ -8,6 +8,9 @@ licenses(["notice"]) # Apache 2 exports_files([ "protodoc_manifest.yaml", "v2_mapping.json", + "empty_extensions.json", + "redirects.txt", + "VERSION", ]) envoy_package() @@ -15,9 +18,7 @@ envoy_package() filegroup( name = "configs", srcs = glob( - [ - "root/**/*.yaml", - ], + ["root/**/*.yaml"], exclude = [ "root/**/envoy-dynamic-cds-demo.yaml", "root/**/envoy-dynamic-lds-demo.yaml", @@ -38,9 +39,178 @@ filegroup( filegroup( name = "proto_examples", + srcs = glob(["root/**/*.pb"]), +) + +filegroup( + name = "base_rst_files", srcs = glob( [ - "root/**/*.pb", + "conf.py", + "_ext/*", ], ), ) + +filegroup( + name = "root_rst_files", + srcs = glob(["root/**/*"]), +) + +genrule( + name = "v2_redirects", + outs = ["v2_redirects.txt"], + cmd = """ + jq -r 'with_entries(.key |= sub("^envoy/";"api-v3/")) + | with_entries(.value |= sub("^envoy/";"api-v2/")) + | to_entries[] + | "\\(.value)\t\t\\(.key)"' \\ + $(location :v2_mapping.json) > $@ + """, + tools = [":v2_mapping.json"], +) + +genrule( + name = "redirects", + outs = ["envoy-redirects.txt"], + cmd = """ + cat $(location :redirects.txt) > $@ \\ + && cat $(location :v2_redirects) >> $@ + """, + tools = [ + ":redirects.txt", + ":v2_redirects", + ], +) + +genrule( + name = "google_vrp_config", + outs = ["google_vrp_config.tar"], + cmd = """ + tar cfh $@ --transform='s/configs/configuration\\/best_practices/' \\ + $(location //configs:google-vrp/envoy-edge.yaml) + """, + tools = ["//configs:google-vrp/envoy-edge.yaml"], +) + +genrule( + name = "base_rst", + outs = ["base_rst.tar"], + cmd = """ + tar cfh $@ --transform='s/docs\\///' $(locations base_rst_files) \\ + && tar rhf $@ --transform='s/docs\\/root\\///' $(locations root_rst_files) \\ + && tar rf $@ -C $$(dirname $(location redirects)) $$(basename $(location redirects)) + """, + tools = [ + ":base_rst_files", + ":redirects", + ":root_rst_files", + ], +) + +genrule( + name = "examples_rst", + outs = ["examples_rst.tar"], + cmd = """ + tar cfh $@ --transform='s/examples/start\\/sandboxes\\/_include/' \\ + $(locations //examples:files) + """, + tools = ["//examples:files"], +) + +genrule( + name = "extensions_security_rst", + srcs = ["//source/extensions:extensions_metadata.yaml"], + outs = ["extensions_security_rst.tar"], + cmd = """ + $(location //tools/docs:generate_extensions_security_rst) \\ + $(location //source/extensions:extensions_metadata.yaml) $@ + """, + tools = ["//tools/docs:generate_extensions_security_rst"], +) + +genrule( + name = "external_deps_rst", + srcs = [ + "//bazel:repository_locations.bzl", + "@envoy_api_canonical//bazel:repository_locations.bzl", + "@envoy_api_canonical//bazel:repository_locations_utils.bzl", + ], + outs = ["external_deps_rst.tar"], + cmd = "$(location //tools/docs:generate_external_deps_rst) $@", + tools = ["//tools/docs:generate_external_deps_rst"], +) + +genquery( + name = "v3_proto_srcs", + expression = "labels(srcs, labels(deps, @envoy_api_canonical//:v3_protos))", + scope = ["@envoy_api_canonical//:v3_protos"], +) + +genrule( + name = "empty_protos_rst", + srcs = [":empty_extensions.json"], + outs = ["empty_protos_rst.tar"], + cmd = """ + $(location //tools/protodoc:generate_empty) \\ + $(location empty_extensions.json) $@ + """, + tools = ["//tools/protodoc:generate_empty"], +) + +genrule( + name = "api_rst", + srcs = [ + "//tools/protodoc:api_v3_protodoc", + ":v3_proto_srcs", + ], + outs = ["api_rst.tar"], + cmd = """ + $(location //tools/docs:generate_api_rst) \\ + $(location v3_proto_srcs) $(locations //tools/protodoc:api_v3_protodoc) $@ + """, + tools = ["//tools/docs:generate_api_rst"], +) + +genrule( + name = "rst", + outs = ["rst.tar"], + cmd = """ + cat $(location base_rst) > $@ \\ + && tar -Af $@ $(location api_rst) \\ + && tar -Af $@ $(location examples_rst) \\ + && tar -Af $@ $(location extensions_security_rst) \\ + && tar -Af $@ $(location external_deps_rst) \\ + && tar -Af $@ $(location empty_protos_rst) + """, + tools = [ + ":api_rst", + ":base_rst", + ":empty_protos_rst", + ":examples_rst", + ":extensions_security_rst", + ":external_deps_rst", + ], +) + +genrule( + name = "html", + outs = ["html.tar"], + cmd = """ + $(location //tools/docs:sphinx_runner) \\ + --build_sha="$${BUILD_SHA:-}" \\ + --docs_tag="$${DOCS_TAG:-}" \\ + --version_file=$(location //:VERSION) \\ + --validator_path=$(location //tools/config_validation:validate_fragment) \\ + --descriptor_path=$(location //tools/type_whisperer:all_protos_with_ext_pb_text.pb_text) \\ + $(location rst) \\ + $@ + """, + exec_tools = [ + "//tools/docs:sphinx_runner", + ":rst", + "//tools/config_validation:validate_fragment", + "//tools/type_whisperer:all_protos_with_ext_pb_text.pb_text", + "//:VERSION", + ], +) diff --git a/docs/_ext/validating_code_block.py b/docs/_ext/validating_code_block.py index 401bce26abe7..cab069c4656e 100644 --- a/docs/_ext/validating_code_block.py +++ b/docs/_ext/validating_code_block.py @@ -1,11 +1,14 @@ +import os +import subprocess +from functools import cached_property + +import yaml + from docutils.parsers.rst import directives from sphinx.directives.code import CodeBlock from sphinx.errors import ExtensionError -import os -import subprocess - class ValidatingCodeBlock(CodeBlock): """A directive that provides protobuf yaml formatting and validation. @@ -22,7 +25,39 @@ class ValidatingCodeBlock(CodeBlock): 'type-name': directives.unchanged, } option_spec.update(CodeBlock.option_spec) - skip_validation = (os.getenv('SPHINX_SKIP_CONFIG_VALIDATION') or 'false').lower() == 'true' + + @cached_property + def configs(self) -> dict: + _configs = dict( + descriptor_path="", + skip_validation=False, + validator_path="bazel-bin/tools/config_validation/validate_fragment") + if os.environ.get("ENVOY_DOCS_BUILD_CONFIG"): + with open(os.environ["ENVOY_DOCS_BUILD_CONFIG"]) as f: + _configs.update(yaml.safe_load(f.read())) + return _configs + + @property + def descriptor_path(self) -> str: + return self.configs["descriptor_path"] + + @property + def skip_validation(self) -> bool: + return bool(self.configs["skip_validation"]) + + @property + def validator_args(self) -> tuple: + args = ( + self.options.get('type-name'), + '-s', + '\n'.join(self.content), + ) + return ( + args + ("--descriptor_path", self.descriptor_path) if self.descriptor_path else args) + + @property + def validator_path(self) -> str: + return self.configs["validator_path"] def run(self): source, line = self.state_machine.get_source_and_line(self.lineno) @@ -30,20 +65,18 @@ def run(self): if self.options.get('type-name') == None: raise ExtensionError("Expected type name in: {0} line: {1}".format(source, line)) - if not ValidatingCodeBlock.skip_validation: - args = [ - 'bazel-bin/tools/config_validation/validate_fragment', - self.options.get('type-name'), '-s', '\n'.join(self.content) - ] - completed = subprocess.run( - args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, encoding='utf-8') + if not self.skip_validation: + completed = subprocess.run((self.validator_path,) + self.validator_args, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + encoding='utf-8') if completed.returncode != 0: raise ExtensionError( "Failed config validation for type: '{0}' in: {1} line: {2}:\n {3}".format( self.options.get('type-name'), source, line, completed.stderr)) self.options.pop('type-name', None) - return list(CodeBlock.run(self)) + return list(super().run()) def setup(app): diff --git a/docs/build.sh b/docs/build.sh index 6e0b83731ba2..e9ccb53a0d1c 100755 --- a/docs/build.sh +++ b/docs/build.sh @@ -3,156 +3,41 @@ # set SPHINX_SKIP_CONFIG_VALIDATION environment variable to true to skip # validation of configuration examples -. tools/shell_utils.sh - set -e -RELEASE_TAG_REGEX="^refs/tags/v.*" - -if [[ "${AZP_BRANCH}" =~ ${RELEASE_TAG_REGEX} ]]; then - DOCS_TAG="${AZP_BRANCH/refs\/tags\//}" +if [[ ! $(command -v bazel) ]]; then + # shellcheck disable=SC2016 + echo 'ERROR: bazel must be installed and available in "$PATH" to build docs' >&2 + exit 1 fi - -# We need to set ENVOY_DOCS_VERSION_STRING and ENVOY_DOCS_RELEASE_LEVEL for Sphinx. -# We also validate that the tag and version match at this point if needed. -VERSION_NUMBER=$(cat VERSION) -export DOCKER_IMAGE_TAG_NAME -DOCKER_IMAGE_TAG_NAME=$(echo "$VERSION_NUMBER" | sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+.*/v\1-latest/') -if [[ -n "${DOCS_TAG}" ]]; then - # Check the git tag matches the version number in the VERSION file. - if [[ "v${VERSION_NUMBER}" != "${DOCS_TAG}" ]]; then - echo "Given git tag does not match the VERSION file content:" - echo "${DOCS_TAG} vs $(cat VERSION)" +if [[ ! $(command -v jq) ]]; then + # shellcheck disable=SC2016 + echo 'ERROR: jq must be installed and available in "$PATH" to build docs' >&2 exit 1 - fi - # Check the version_history.rst contains current release version. - grep --fixed-strings "$VERSION_NUMBER" docs/root/version_history/current.rst \ - || (echo "Git tag not found in version_history/current.rst" && exit 1) - - # Now that we know there is a match, we can use the tag. - export ENVOY_DOCS_VERSION_STRING="tag-${DOCS_TAG}" - export ENVOY_DOCS_RELEASE_LEVEL=tagged - export ENVOY_BLOB_SHA="${DOCS_TAG}" -else - BUILD_SHA=$(git rev-parse HEAD) - export ENVOY_DOCS_VERSION_STRING="${VERSION_NUMBER}"-"${BUILD_SHA:0:6}" - export ENVOY_DOCS_RELEASE_LEVEL=pre-release - export ENVOY_BLOB_SHA="$BUILD_SHA" fi -SCRIPT_DIR="$(dirname "$0")" -SRC_DIR="$(dirname "$SCRIPT_DIR")" -ENVOY_SRCDIR="$(realpath "$SRC_DIR")" -CONFIGS_DIR="${SRC_DIR}"/configs -BUILD_DIR=build_docs -[[ -z "${DOCS_OUTPUT_DIR}" ]] && DOCS_OUTPUT_DIR=generated/docs -[[ -z "${GENERATED_RST_DIR}" ]] && GENERATED_RST_DIR=generated/rst - -rm -rf "${DOCS_OUTPUT_DIR}" -mkdir -p "${DOCS_OUTPUT_DIR}" - -rm -rf "${GENERATED_RST_DIR}" -mkdir -p "${GENERATED_RST_DIR}" - -export ENVOY_SRCDIR - -source_venv "$BUILD_DIR" -pip3 install --require-hashes -r "${SCRIPT_DIR}"/requirements.txt - -# Clean up any stale files in the API tree output. Bazel remembers valid cached -# files still. -rm -rf bazel-bin/external/envoy_api_canonical +RELEASE_TAG_REGEX="^refs/tags/v.*" -EXTENSION_DB_PATH="$(realpath "${BUILD_DIR}/extension_db.json")" -rm -rf "${EXTENSION_DB_PATH}" -GENERATED_RST_DIR="$(realpath "${GENERATED_RST_DIR}")" -export EXTENSION_DB_PATH -export GENERATED_RST_DIR +if [[ "${AZP_BRANCH}" =~ ${RELEASE_TAG_REGEX} ]]; then + DOCS_TAG="${AZP_BRANCH/refs\/tags\//}" + export DOCS_TAG +else + BUILD_SHA=$(git rev-parse HEAD) + export BUILD_SHA +fi # This is for local RBE setup, should be no-op for builds without RBE setting in bazelrc files. IFS=" " read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" BAZEL_BUILD_OPTIONS+=( "--remote_download_outputs=all" "--strategy=protodoc=sandboxed,local" - "--action_env=ENVOY_BLOB_SHA" - "--action_env=EXTENSION_DB_PATH") - -# Generate RST for the lists of trusted/untrusted extensions in -# intro/arch_overview/security docs. -bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/extensions:generate_extension_rst - -# Generate RST for external dependency docs in intro/arch_overview/security. -bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/dependency:generate_external_dep_rst - -function generate_api_rst() { - local proto_target - declare -r API_VERSION=$1 - echo "Generating ${API_VERSION} API RST..." - - # Generate the extensions docs - bazel build "${BAZEL_BUILD_OPTIONS[@]}" @envoy_api_canonical//:"${API_VERSION}"_protos --aspects \ - tools/protodoc/protodoc.bzl%protodoc_aspect --output_groups=rst - - # Fill in boiler plate for extensions that have google.protobuf.Empty as their - # config. We only have v2 support here for version history anchors, which don't point at any empty - # configs. - bazel run "${BAZEL_BUILD_OPTIONS[@]}" //tools/protodoc:generate_empty \ - "${PWD}"/docs/empty_extensions.json "${GENERATED_RST_DIR}/api-${API_VERSION}"/config - - # We do ** matching below to deal with Bazel cache blah (source proto artifacts - # are nested inside source package targets). - shopt -s globstar - - # Find all source protos. - proto_target=$(bazel query "labels(srcs, labels(deps, @envoy_api_canonical//:${API_VERSION}_protos))") - declare -r proto_target - - # Only copy in the protos we care about and know how to deal with in protodoc. - for p in ${proto_target} - do - declare PROTO_FILE_WITHOUT_PREFIX="${p#@envoy_api_canonical//}" - declare PROTO_FILE_CANONICAL="${PROTO_FILE_WITHOUT_PREFIX/://}" - # We use ** glob matching here to deal with the fact that we have something - # like - # bazel-bin/external/envoy_api_canonical/envoy/admin/v2alpha/pkg/envoy/admin/v2alpha/certs.proto.proto - # and we don't want to have to do a nested loop and slow bazel query to - # recover the canonical package part of the path. - declare SRCS=(bazel-bin/external/envoy_api_canonical/**/"${PROTO_FILE_CANONICAL}.rst") - # While we may have reformatted the file multiple times due to the transitive - # dependencies in the aspect above, they all look the same. So, just pick an - # arbitrary match and we're done. - declare SRC="${SRCS[0]}" - declare DST="${GENERATED_RST_DIR}/api-${API_VERSION}/${PROTO_FILE_CANONICAL#envoy/}".rst - - mkdir -p "$(dirname "${DST}")" - cp -f "${SRC}" "$(dirname "${DST}")" - done -} + "--action_env=DOCS_TAG" + "--action_env=BUILD_SHA" + "--action_env=SPHINX_SKIP_CONFIG_VALIDATION") -generate_api_rst v3 +bazel build "${BAZEL_BUILD_OPTIONS[@]}" //docs:html -# Edge hardening example YAML. -mkdir -p "${GENERATED_RST_DIR}"/configuration/best_practices -cp -f "${CONFIGS_DIR}"/google-vrp/envoy-edge.yaml "${GENERATED_RST_DIR}"/configuration/best_practices - -copy_example_configs () { - mkdir -p "${GENERATED_RST_DIR}/start/sandboxes/_include" - cp -a "${SRC_DIR}"/examples/* "${GENERATED_RST_DIR}/start/sandboxes/_include" -} - -copy_example_configs - -rsync -av \ - "${SCRIPT_DIR}"/root/ \ - "${SCRIPT_DIR}"/conf.py \ - "${SCRIPT_DIR}"/redirects.txt \ - "${SCRIPT_DIR}"/_ext \ - "${GENERATED_RST_DIR}" - -# Merge generated redirects -jq -r 'with_entries(.key |= sub("^envoy/";"api-v3/")) | with_entries(.value |= sub("^envoy/";"api-v2/")) | to_entries[] | "\(.value)\t\t\(.key)"' docs/v2_mapping.json >> "${GENERATED_RST_DIR}"/redirects.txt - -# To speed up validate_fragment invocations in validating_code_block -bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/config_validation:validate_fragment - -sphinx-build -W --keep-going -b html "${GENERATED_RST_DIR}" "${DOCS_OUTPUT_DIR}" +[[ -z "${DOCS_OUTPUT_DIR}" ]] && DOCS_OUTPUT_DIR=generated/docs +rm -rf "${DOCS_OUTPUT_DIR}" +mkdir -p "${DOCS_OUTPUT_DIR}" +tar -xf bazel-bin/docs/html.tar -C "$DOCS_OUTPUT_DIR" diff --git a/docs/conf.py b/docs/conf.py index 08acd7a903be..b78fe08c335c 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -12,11 +12,18 @@ # All configuration values have a default; values that are commented out # serve to show the default. -from datetime import datetime import os +import sys +from datetime import datetime + +import yaml + from sphinx.directives.code import CodeBlock import sphinx_rtd_theme -import sys + + +class SphinxConfigException(Exception): + pass # https://stackoverflow.com/questions/44761197/how-to-use-substitution-definitions-with-code-blocks @@ -48,11 +55,24 @@ def setup(app): app.add_directive('substitution-code-block', SubstitutionCodeBlock) -if not os.environ.get('ENVOY_DOCS_RELEASE_LEVEL'): - raise Exception("ENVOY_DOCS_RELEASE_LEVEL env var must be defined") +missing_config = ( + not os.environ.get("ENVOY_DOCS_BUILD_CONFIG") + or not os.path.exists(os.environ["ENVOY_DOCS_BUILD_CONFIG"])) + +if missing_config: + raise SphinxConfigException( + "`ENVOY_DOCS_BUILD_CONFIG` env var must be defined, " + "and point to a valid yaml file") + +with open(os.environ["ENVOY_DOCS_BUILD_CONFIG"]) as f: + configs = yaml.safe_load(f.read()) + + +def _config(key): + if not configs.get(key): + raise SphinxConfigException(f"`{key}` config var must be defined") + return configs[key] -release_level = os.environ['ENVOY_DOCS_RELEASE_LEVEL'] -blob_sha = os.environ['ENVOY_BLOB_SHA'] # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the @@ -75,6 +95,10 @@ def setup(app): 'sphinx_tabs.tabs', 'sphinx_copybutton', 'validating_code_block', 'sphinxext.rediraffe', 'powershell_lexer' ] + +release_level = _config('release_level') +blob_sha = _config('blob_sha') + extlinks = { 'repo': ('https://github.com/envoyproxy/envoy/blob/{}/%s'.format(blob_sha), ''), 'api': ('https://github.com/envoyproxy/envoy/blob/{}/api/%s'.format(blob_sha), ''), @@ -118,17 +142,14 @@ def setup(app): # |version| and |release|, also used in various other places throughout the # built documents. -if not os.environ.get('ENVOY_DOCS_VERSION_STRING'): - raise Exception("ENVOY_DOCS_VERSION_STRING env var must be defined") - # The short X.Y version. -version = os.environ['ENVOY_DOCS_VERSION_STRING'] +version = _config('version_string') # The full version, including alpha/beta/rc tags. -release = os.environ['ENVOY_DOCS_VERSION_STRING'] +release = _config('version_string') rst_epilog = """ .. |DOCKER_IMAGE_TAG_NAME| replace:: {} -""".format(os.environ['DOCKER_IMAGE_TAG_NAME']) +""".format(_config('docker_image_tag_name')) # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. @@ -288,7 +309,7 @@ def setup(app): # TODO(phlax): add redirect diff (`rediraffe_branch` setting) # - not sure how diffing will work with main merging in PRs - might need # to be injected dynamically, somehow -rediraffe_redirects = "redirects.txt" +rediraffe_redirects = "envoy-redirects.txt" intersphinx_mapping = { 'v1.5.0': ('https://www.envoyproxy.io/docs/envoy/v1.5.0', None), diff --git a/docs/protodoc_manifest.yaml b/docs/protodoc_manifest.yaml index e12bdea11420..4f32c94d4a51 100644 --- a/docs/protodoc_manifest.yaml +++ b/docs/protodoc_manifest.yaml @@ -20,40 +20,40 @@ fields: threshold: value: 0.95 envoy.config.cluster.v3.Cluster.per_connection_buffer_limit_bytes: - edge_config: { example: 32768 } + edge_config: {example: 32768} envoy.config.cluster.v3.Cluster.http2_protocol_options: edge_config: example: - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB envoy.config.listener.v3.Listener.per_connection_buffer_limit_bytes: - edge_config: { example: 32768 } + edge_config: {example: 32768} envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.common_http_protocol_options: edge_config: example: - idle_timeout: 900s # 15 mins + idle_timeout: 900s # 15 mins headers_with_underscores_action: REJECT_REQUEST envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http2_protocol_options: edge_config: example: max_concurrent_streams: 100 - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.stream_idle_timeout: edge_config: - example: 300s # 5 mins + example: 300s # 5 mins envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_headers_timeout: edge_config: - example: 10s # 10 seconds + example: 10s # 10 seconds envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.request_timeout: edge_config: note: > This timeout is not compatible with streaming requests. - example: 300s # 5 mins + example: 300s # 5 mins envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address: - edge_config: { example: true } + edge_config: {example: true} envoy.config.listener.v3.QuicProtocolOptions.quic_protocol_options: edge_config: example: - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 65536 # 64 KiB + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 65536 # 64 KiB diff --git a/docs/requirements.txt b/docs/requirements.txt deleted file mode 100644 index 0eae9f8c0104..000000000000 --- a/docs/requirements.txt +++ /dev/null @@ -1,227 +0,0 @@ -# -# This file is autogenerated by pip-compile -# To update, run: -# -# pip-compile --generate-hashes docs/requirements.txt -# -alabaster==0.7.12 \ - --hash=sha256:446438bdcca0e05bd45ea2de1668c1d9b032e1a9154c2c259092d77031ddd359 \ - --hash=sha256:a661d72d58e6ea8a57f7a86e37d86716863ee5e92788398526d58b26a4e4dc02 - # via - # -r docs/requirements.txt - # sphinx -babel==2.9.1 \ - --hash=sha256:ab49e12b91d937cd11f0b67cb259a57ab4ad2b59ac7a3b41d6c06c0ac5b0def9 \ - --hash=sha256:bc0c176f9f6a994582230df350aa6e05ba2ebe4b3ac317eab29d9be5d2768da0 - # via - # -r docs/requirements.txt - # sphinx -certifi==2020.12.5 \ - --hash=sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c \ - --hash=sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830 - # via - # -r docs/requirements.txt - # requests -chardet==4.0.0 \ - --hash=sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa \ - --hash=sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5 - # via - # -r docs/requirements.txt - # requests -docutils==0.16 \ - --hash=sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af \ - --hash=sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc - # via - # -r docs/requirements.txt - # sphinx - # sphinx-rtd-theme -gitdb==4.0.7 \ - --hash=sha256:6c4cc71933456991da20917998acbe6cf4fb41eeaab7d6d67fbc05ecd4c865b0 \ - --hash=sha256:96bf5c08b157a666fec41129e6d327235284cca4c81e92109260f353ba138005 - # via - # -r docs/requirements.txt - # gitpython -gitpython==3.1.17 \ - --hash=sha256:29fe82050709760081f588dd50ce83504feddbebdc4da6956d02351552b1c135 \ - --hash=sha256:ee24bdc93dce357630764db659edaf6b8d664d4ff5447ccfeedd2dc5c253f41e - # via -r docs/requirements.txt -idna==2.10 \ - --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ - --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 - # via - # -r docs/requirements.txt - # requests -imagesize==1.2.0 \ - --hash=sha256:6965f19a6a2039c7d48bca7dba2473069ff854c36ae6f19d2cde309d998228a1 \ - --hash=sha256:b1f6b5a4eab1f73479a50fb79fcf729514a900c341d8503d62a62dbc4127a2b1 - # via - # -r docs/requirements.txt - # sphinx -jinja2==2.11.3 \ - --hash=sha256:03e47ad063331dd6a3f04a43eddca8a966a26ba0c5b7207a9a9e4e08f1b29419 \ - --hash=sha256:a6d58433de0ae800347cab1fa3043cebbabe8baa9d29e668f1c768cb87a333c6 - # via - # -r docs/requirements.txt - # sphinx -markupsafe==1.1.1 \ - --hash=sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473 \ - --hash=sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161 \ - --hash=sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235 \ - --hash=sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5 \ - --hash=sha256:13d3144e1e340870b25e7b10b98d779608c02016d5184cfb9927a9f10c689f42 \ - --hash=sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff \ - --hash=sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b \ - --hash=sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1 \ - --hash=sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e \ - --hash=sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183 \ - --hash=sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66 \ - --hash=sha256:596510de112c685489095da617b5bcbbac7dd6384aeebeda4df6025d0256a81b \ - --hash=sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1 \ - --hash=sha256:6788b695d50a51edb699cb55e35487e430fa21f1ed838122d722e0ff0ac5ba15 \ - --hash=sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1 \ - --hash=sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e \ - --hash=sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b \ - --hash=sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905 \ - --hash=sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735 \ - --hash=sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d \ - --hash=sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e \ - --hash=sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d \ - --hash=sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c \ - --hash=sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21 \ - --hash=sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2 \ - --hash=sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5 \ - --hash=sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b \ - --hash=sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6 \ - --hash=sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f \ - --hash=sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f \ - --hash=sha256:cdb132fc825c38e1aeec2c8aa9338310d29d337bebbd7baa06889d09a60a1fa2 \ - --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \ - --hash=sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be - # via - # -r docs/requirements.txt - # jinja2 -packaging==20.9 \ - --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ - --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a - # via - # -r docs/requirements.txt - # sphinx -pygments==2.9.0 \ - --hash=sha256:d66e804411278594d764fc69ec36ec13d9ae9147193a1740cd34d272ca383b8e \ - --hash=sha256:a18f47b506a429f6f4b9df81bb02beab9ca21d0a5fee38ed15aef65f0545519f - # via - # -r docs/requirements.txt - # sphinx - # sphinx-tabs -pyparsing==2.4.7 \ - --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ - --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b - # via - # -r docs/requirements.txt - # packaging -pytz==2021.1 \ - --hash=sha256:83a4a90894bf38e243cf052c8b58f381bfe9a7a483f6a9cab140bc7f702ac4da \ - --hash=sha256:eb10ce3e7736052ed3623d49975ce333bcd712c7bb19a58b9e2089d4057d0798 - # via - # -r docs/requirements.txt - # babel -requests==2.25.1 \ - --hash=sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804 \ - --hash=sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e - # via - # -r docs/requirements.txt - # sphinx -six==1.16.0 \ - --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 \ - --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 - # via - # -r docs/requirements.txt - # sphinxcontrib-httpdomain -smmap==4.0.0 \ - --hash=sha256:7e65386bd122d45405ddf795637b7f7d2b532e7e401d46bbe3fb49b9986d5182 \ - --hash=sha256:a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2 - # via - # -r docs/requirements.txt - # gitdb -snowballstemmer==2.1.0 \ - --hash=sha256:b51b447bea85f9968c13b650126a888aabd4cb4463fca868ec596826325dedc2 \ - --hash=sha256:e997baa4f2e9139951b6f4c631bad912dfd3c792467e2f03d7239464af90e914 - # via - # -r docs/requirements.txt - # sphinx -sphinx-copybutton==0.3.1 \ - --hash=sha256:0e0461df394515284e3907e3f418a0c60ef6ab6c9a27a800c8552772d0a402a2 \ - --hash=sha256:5125c718e763596e6e52d92e15ee0d6f4800ad3817939be6dee51218870b3e3d - # via -r docs/requirements.txt -sphinx-rtd-theme==0.5.2 \ - --hash=sha256:32bd3b5d13dc8186d7a42fc816a23d32e83a4827d7d9882948e7b837c232da5a \ - --hash=sha256:4a05bdbe8b1446d77a01e20a23ebc6777c74f43237035e76be89699308987d6f - # via -r docs/requirements.txt -sphinx-tabs==3.0.0 \ - --hash=sha256:2abbcaaa3b8a857de06f3db31762a7bdd17aba1b8979d000f193debe6f917c2c \ - --hash=sha256:3f766762fffacc99828cb877a9e4cb8ac0ba3582f2a054ea68248e5e026e5612 - # via -r docs/requirements.txt -sphinx==4.0.1 \ - --hash=sha256:b2566f5f339737a6ef37198c47d56de1f4a746c722bebdb2fe045c34bfd8b9d0 \ - --hash=sha256:cf5104777571b2b7f06fa88ee08fade24563f4a0594cf4bd17d31c47b8740b4c - # via - # -r docs/requirements.txt - # sphinx-copybutton - # sphinx-rtd-theme - # sphinx-tabs - # sphinxcontrib-httpdomain - # sphinxext-rediraffe -sphinxcontrib-applehelp==1.0.2 \ - --hash=sha256:806111e5e962be97c29ec4c1e7fe277bfd19e9652fb1a4392105b43e01af885a \ - --hash=sha256:a072735ec80e7675e3f432fcae8610ecf509c5f1869d17e2eecff44389cdbc58 - # via - # -r docs/requirements.txt - # sphinx -sphinxcontrib-devhelp==1.0.2 \ - --hash=sha256:8165223f9a335cc1af7ffe1ed31d2871f325254c0423bc0c4c7cd1c1e4734a2e \ - --hash=sha256:ff7f1afa7b9642e7060379360a67e9c41e8f3121f2ce9164266f61b9f4b338e4 - # via - # -r docs/requirements.txt - # sphinx -sphinxcontrib-htmlhelp==1.0.3 \ - --hash=sha256:3c0bc24a2c41e340ac37c85ced6dafc879ab485c095b1d65d2461ac2f7cca86f \ - --hash=sha256:e8f5bb7e31b2dbb25b9cc435c8ab7a79787ebf7f906155729338f3156d93659b - # via - # -r docs/requirements.txt - # sphinx -sphinxcontrib-httpdomain==1.7.0 \ - --hash=sha256:1fb5375007d70bf180cdd1c79e741082be7aa2d37ba99efe561e1c2e3f38191e \ - --hash=sha256:ac40b4fba58c76b073b03931c7b8ead611066a6aebccafb34dc19694f4eb6335 - # via -r docs/requirements.txt -sphinxcontrib-jsmath==1.0.1 \ - --hash=sha256:2ec2eaebfb78f3f2078e73666b1415417a116cc848b72e5172e596c871103178 \ - --hash=sha256:a9925e4a4587247ed2191a22df5f6970656cb8ca2bd6284309578f2153e0c4b8 - # via - # -r docs/requirements.txt - # sphinx -sphinxcontrib-qthelp==1.0.3 \ - --hash=sha256:4c33767ee058b70dba89a6fc5c1892c0d57a54be67ddd3e7875a18d14cba5a72 \ - --hash=sha256:bd9fc24bcb748a8d51fd4ecaade681350aa63009a347a8c14e637895444dfab6 - # via - # -r docs/requirements.txt - # sphinx -sphinxcontrib-serializinghtml==1.1.4 \ - --hash=sha256:eaa0eccc86e982a9b939b2b82d12cc5d013385ba5eadcc7e4fed23f4405f77bc \ - --hash=sha256:f242a81d423f59617a8e5cf16f5d4d74e28ee9a66f9e5b637a18082991db5a9a - # via - # -r docs/requirements.txt - # sphinx -sphinxext-rediraffe==0.2.7 \ - --hash=sha256:651dcbfae5ffda9ffd534dfb8025f36120e5efb6ea1a33f5420023862b9f725d \ - --hash=sha256:9e430a52d4403847f4ffb3a8dd6dfc34a9fe43525305131f52ed899743a5fd8c - # via -r docs/requirements.txt -urllib3==1.26.4 \ - --hash=sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df \ - --hash=sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937 - # via - # -r docs/requirements.txt - # requests - -# WARNING: The following packages were not pinned, but pip requires them to be -# pinned when the requirements file includes hashes. Consider using the --allow-unsafe flag. -# setuptools diff --git a/docs/root/_include/ads.yaml b/docs/root/_include/ads.yaml index 81d30842e113..962f1eef9b8b 100644 --- a/docs/root/_include/ads.yaml +++ b/docs/root/_include/ads.yaml @@ -21,7 +21,6 @@ dynamic_resources: static_resources: clusters: - name: ads_cluster - connect_timeout: 5s type: STRICT_DNS load_assignment: cluster_name: ads_cluster diff --git a/docs/root/api-docs/xds_protocol.rst b/docs/root/api-docs/xds_protocol.rst index 71c5f646627b..e98931f609eb 100644 --- a/docs/root/api-docs/xds_protocol.rst +++ b/docs/root/api-docs/xds_protocol.rst @@ -91,18 +91,18 @@ combinations of two dimensions. The first dimension is State of the World (SotW) vs. incremental. The SotW approach was the original mechanism used by xDS, in which the client must specify all resource names it is -interested in with each request (except when making a wildcard request in LDS/CDS), and the server -must return all resources the client has subscribed to in each request (in LDS/CDS). This means -that if the client is already subscribing to 99 resources and wants to add an additional one, it -must send a request with all 100 resource names, rather than just the one new one. And the server -must then respond by sending all 100 resources, even if the 99 that were already subscribed to have -not changed (in LDS/CDS). This mechanism can be a scalability limitation, which is why the -incremental protocol variant was introduced. The incremental approach allows both the client and -server to indicate only deltas relative to their previous state -- i.e., the client can say that -it wants to add or remove its subscription to a particular resource name without resending those -that have not changed, and the server can send updates only for those resources that have changed. -The incremental protocol also provides a mechanism for lazy loading of resources. For details on -the incremental protocol, see :ref:`Incremental xDS ` below. +interested in with each request, and for LDS and CDS resources, the server must return all +resources that the client has subscribed to in each request. This means that if the client is +already subscribing to 99 resources and wants to add an additional one, it must send a request +with all 100 resource names, rather than just the one new one. And for LDS and CDS resources, the +server must then respond by sending all 100 resources, even if the 99 that were already subscribed +to have not changed. This mechanism can be a scalability limitation, which is why the incremental +protocol variant was introduced. The incremental approach allows both the client and server to +indicate only deltas relative to their previous state -- i.e., the client can say that it wants +to add or remove its subscription to a particular resource name without resending those that have +not changed, and the server can send updates only for those resources that have changed. The +incremental protocol also provides a mechanism for lazy loading of resources. For details on the +incremental protocol, see :ref:`Incremental xDS ` below. The second dimension is using a separate gRPC stream for each resource type vs. aggregating all resource types onto a single gRPC stream. The former approach was the original mechanism used by @@ -287,9 +287,9 @@ stream, the client's initial request on the new stream should indicate the most seen by the client on the previous stream. Servers may decide to optimize by not resending resources that the client had already seen on the previous stream, but only if they know that the client is not subscribing to a new resource that it was not previously subscribed to. For example, -it is generally safe for servers to do this optimization for wildcard LDS and CDS requests, and it -is safe to do in environments where the clients will always subscribe to exactly the same set of -resources. +it is generally safe for servers to do this optimization for LDS and CDS when the only subscription +is a wildcard subscription, and it is safe to do in environments where the clients will always +subscribe to exactly the same set of resources. An example EDS request might be: @@ -427,20 +427,41 @@ names becomes empty, that means that the client is no longer interested in any r specified type. For :ref:`Listener ` and :ref:`Cluster ` resource -types, there is also a "wildcard" mode, which is triggered when the initial request on the stream -for that resource type contains no resource names. In this case, the server should use -site-specific business logic to determine the full set of resources that the client is interested -in, typically based on the client's :ref:`node ` identification. Note -that once a stream has entered wildcard mode for a given resource type, there is no way to change -the stream out of wildcard mode; resource names specified in any subsequent request on the stream -will be ignored. +types, there is also a "wildcard" subscription, which is triggered when subscribing to the special +name "*". In this case, the server should use site-specific business logic to determine the full +set of resources that the client is interested in, typically based on the client's +:ref:`node ` identification. + +For historical reasons, if the client sends a request for a given resource type but has never +explicitly subscribed to any resource names (i.e., in SotW, all requests on the stream for that +resource type have had an empty :ref:`resource_names ` +field, or in incremental, having never sent a request on the stream for that resource type with a +non-empty :ref:`resource_names_subscribe ` +field), the server should treat that identically to how it would treat the client having +explicitly subscribed to "*". However, once the client does explicitly subscribe to a resource +name (whether it be "*" or any other name), then this legacy semantic is no longer available; at +that point, clearing the list of subscribed resources is interpretted as an unsubscription (see +:ref:`Unsubscribing From Resources`) rather than as a subscription +to "*". + +For example, in SotW: +- Client sends a request with :ref:`resource_names ` unset. Server interprets this as a subscription to "*". +- Client sends a request with :ref:`resource_names ` set to "*" and "A". Server interprets this as continuing the existing subscription to "*" and adding a new subscription to "A". +- Client sends a request with :ref:`resource_names ` set to "A". Server interprets this as unsubscribing to "*" and continuing the existing subscription to "A". +- Client sends a request with :ref:`resource_names ` unset. Server interprets this as unsubscribing to "A" (i.e., the client has now unsubscribed to all resources). Although this request is identical to the first one, it is not interpreted as a wildcard subscription, because there has previously been a request on this stream for this resource type that set the :ref:`resource_names ` field. + +And in incremental: +- Client sends a request with :ref:`resource_names_subscribe ` unset. Server interprets this as a subscription to "*". +- Client sends a request with :ref:`resource_names_subscribe ` set to "A". Server interprets this as continuing the existing subscription to "*" and adding a new subscription to "A". +- Client sends a request with :ref:`resource_names_unsubscribe ` set to "*". Server interprets this as unsubscribing to "*" and continuing the existing subscription to "A". +- Client sends a request with :ref:`resource_names_unsubscribe ` set to "A". Server interprets this as unsubscribing to "A" (i.e., the client has now unsubscribed to all resources). Although the set of subscribed resources is now empty, just as it was after the initial request, it is not interpreted as a wildcard subscription, because there has previously been a request on this stream for this resource type that set the :ref:`resource_names_subscribe ` field. Client Behavior """"""""""""""" -Envoy will always use wildcard mode for :ref:`Listener ` and +Envoy will always use wildcard subscriptions for :ref:`Listener ` and :ref:`Cluster ` resources. However, other xDS clients (such as gRPC clients -that use xDS) may specify explicit resource names for these resource types, for example if they +that use xDS) may explicitly subscribe to specific resource names for these resource types, for example if they only have a singleton listener and already know its name from some out-of-band configuration. Grouping Resources into Responses @@ -522,19 +543,14 @@ not exist if they have not received the resource. In Envoy, this is done for ` resources during :ref:`resource warming `. -Note that this timeout is not strictly necessary when using wildcard mode for :ref:`Listener -` and :ref:`Cluster ` resource types, because -in that case every response will contain all existing resources that are relevant to the -client, so the client can know that a resource does not exist by its absence in the next -response it sees. However, using a timeout is still recommended in this case, since it protects -against the case where the management server fails to send a response in a timely manner. - Note that even if a requested resource does not exist at the moment when the client requests it, that resource could be created at any time. Management servers must remember the set of resources being requested by the client, and if one of those resources springs into existence later, the server must send an update to the client informing it of the new resource. Clients that initially see a resource that does not exist must be prepared for the resource to be created at any time. +.. _xds_protocol_unsubscribing: + Unsubscribing From Resources ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -550,10 +566,10 @@ to. For example, if the client had previously been subscribed to resources A and unsubscribe from B, it must send a new request containing only resource A. Note that for :ref:`Listener ` and :ref:`Cluster ` -resource types where the stream is in "wildcard" mode (see :ref:`How the client specifies what +resource types where the client is using a "wildcard" subscription (see :ref:`How the client specifies what resources to return ` for details), the set of resources being -subscribed to is determined by the server instead of the client, so there is no mechanism -for the client to unsubscribe from resources. +subscribed to is determined by the server instead of the client, so the client cannot unsubscribe +from those resources individually; it can only unsubscribe from the wildcard as a whole. Requesting Multiple Resources on a Single Stream ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -763,6 +779,10 @@ is present for debugging purposes only. - As an ACK or NACK response to a previous :ref:`DeltaDiscoveryResponse `. In this case the :ref:`response_nonce ` is set to the nonce value in the Response. ACK or NACK is determined by the absence or presence of :ref:`error_detail `. - Spontaneous :ref:`DeltaDiscoveryRequests ` from the client. This can be done to dynamically add or remove elements from the tracked :ref:`resource_names ` set. In this case :ref:`response_nonce ` must be omitted. +Note that while a :ref:`response_nonce ` may +be set on the request, the server must honor changes to the subscription state even if the nonce is stale. The nonce +may be used to correlate an ack/nack with a server response, but should *not* be used to reject stale requests. + In this first example the client connects and receives a first update that it ACKs. The second update fails and the client NACKs the update. Later the xDS client spontaneously requests the "wc" resource. @@ -774,8 +794,13 @@ On reconnect the Incremental xDS client may tell the server of its known resources to avoid resending them over the network by sending them in :ref:`initial_resource_versions `. Because no state is assumed to be preserved from the previous stream, the reconnecting -client must provide the server with all resource names it is interested in. Note that for wildcard -requests (CDS/LDS/SRDS), the request must have no resources in both +client must provide the server with all resource names it is interested in. + +Note that for "wildcard" subscriptions (see :ref:`How the client specifies what +resources to return ` for details), the +request must either specify "*" in the :ref:`resource_names_subscribe +` +field or (legacy behavior) the request must have no resources in both :ref:`resource_names_subscribe ` and :ref:`resource_names_unsubscribe `. diff --git a/docs/root/api-v3/common_messages/common_messages.rst b/docs/root/api-v3/common_messages/common_messages.rst index 843154a3bb9e..2826b6c67ecd 100644 --- a/docs/root/api-v3/common_messages/common_messages.rst +++ b/docs/root/api-v3/common_messages/common_messages.rst @@ -16,6 +16,7 @@ Common messages ../config/core/v3/grpc_service.proto ../config/core/v3/grpc_method_list.proto ../config/core/v3/http_uri.proto + ../config/core/v3/resolver.proto ../config/core/v3/socket_option.proto ../config/core/v3/udp_socket_config.proto ../config/core/v3/substitution_format_string.proto diff --git a/docs/root/api-v3/config/config.rst b/docs/root/api-v3/config/config.rst index 712ed03fa278..8489a765f629 100644 --- a/docs/root/api-v3/config/config.rst +++ b/docs/root/api-v3/config/config.rst @@ -28,3 +28,6 @@ Extensions request_id/request_id http/header_formatters http/original_ip_detection + stat_sinks/stat_sinks + quic/quic_extensions + formatter/formatter diff --git a/docs/root/api-v3/config/filter/http/http.rst b/docs/root/api-v3/config/filter/http/http.rst index 20f2c75664db..861a920b5a8e 100644 --- a/docs/root/api-v3/config/filter/http/http.rst +++ b/docs/root/api-v3/config/filter/http/http.rst @@ -6,4 +6,4 @@ HTTP filters :maxdepth: 2 */empty/* - ../../../extensions/filters/http/*/v3/* + ../../../extensions/filters/http/*/v3*/* diff --git a/docs/root/api-v3/config/formatter/formatter.rst b/docs/root/api-v3/config/formatter/formatter.rst new file mode 100644 index 000000000000..b240b2c89f10 --- /dev/null +++ b/docs/root/api-v3/config/formatter/formatter.rst @@ -0,0 +1,10 @@ +.. _api-v3_config_accesslog_formatters: + +Access log formatters +===================== + +.. toctree:: + :glob: + :maxdepth: 2 + + ../../extensions/formatter/*/v3/* diff --git a/docs/root/api-v3/config/quic/quic_extensions.rst b/docs/root/api-v3/config/quic/quic_extensions.rst new file mode 100644 index 000000000000..4f3ab247bb6d --- /dev/null +++ b/docs/root/api-v3/config/quic/quic_extensions.rst @@ -0,0 +1,9 @@ +Quic Extensions +================= + +.. toctree:: + :glob: + :maxdepth: 2 + + ../../extensions/quic/crypto_stream/v3/* + ../../extensions/quic/proof_source/v3/* diff --git a/docs/root/api-v3/config/stat_sinks/stat_sinks.rst b/docs/root/api-v3/config/stat_sinks/stat_sinks.rst new file mode 100644 index 000000000000..bc84326e5ce2 --- /dev/null +++ b/docs/root/api-v3/config/stat_sinks/stat_sinks.rst @@ -0,0 +1,9 @@ +Stat sinks +========== + +.. toctree:: + :glob: + :maxdepth: 2 + + ../../extensions/stat_sinks/graphite_statsd/v3/* + ../../extensions/stat_sinks/wasm/v3/* diff --git a/docs/root/configuration/advanced/well_known_dynamic_metadata.rst b/docs/root/configuration/advanced/well_known_dynamic_metadata.rst index f6b596441eab..b051545ea925 100644 --- a/docs/root/configuration/advanced/well_known_dynamic_metadata.rst +++ b/docs/root/configuration/advanced/well_known_dynamic_metadata.rst @@ -4,8 +4,8 @@ Well Known Dynamic Metadata =========================== Filters can emit dynamic metadata via the *setDynamicMetadata* routine in the -:repo:`StreamInfo ` interface on a -:repo:`Connection `. This metadata emitted by a filter can be +:repo:`StreamInfo ` interface on a +:repo:`Connection `. This metadata emitted by a filter can be consumed by other filters and useful features can be built by stacking such filters. For example, a logging filter can consume dynamic metadata from an RBAC filter to log details about runtime shadow rule behavior. Another example is where an RBAC filter permits/restricts MySQL/MongoDB operations @@ -15,6 +15,8 @@ The following Envoy filters emit dynamic metadata that other filters can leverag * :ref:`External Authorization Filter ` * :ref:`External Authorization Network Filter ` +* :ref:`Header-To-Metadata Filter ` +* :ref:`JWT Authentication Filter ` * :ref:`Mongo Proxy Filter ` * :ref:`MySQL Proxy Filter ` * :ref:`Postgres Proxy Filter ` diff --git a/docs/root/configuration/best_practices/_include/edge.yaml b/docs/root/configuration/best_practices/_include/edge.yaml index d74f572c3625..29f56fbac089 100644 --- a/docs/root/configuration/best_practices/_include/edge.yaml +++ b/docs/root/configuration/best_practices/_include/edge.yaml @@ -5,7 +5,7 @@ overload_manager: typed_config: "@type": type.googleapis.com/envoy.extensions.resource_monitors.fixed_heap.v3.FixedHeapConfig # TODO: Tune for your system. - max_heap_size_bytes: 2147483648 # 2 GiB + max_heap_size_bytes: 2147483648 # 2 GiB actions: - name: "envoy.overload_actions.shrink_heap" triggers: @@ -37,7 +37,7 @@ static_resources: # - name: envoy.filters.listener.proxy_protocol # typed_config: # "@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol - per_connection_buffer_limit_bytes: 32768 # 32 KiB + per_connection_buffer_limit_bytes: 32768 # 32 KiB filter_chains: - filter_chain_match: server_names: ["example.com", "www.example.com"] @@ -47,8 +47,8 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { filename: "certs/servercert.pem" } - private_key: { filename: "certs/serverkey.pem" } + - certificate_chain: {filename: "certs/servercert.pem"} + private_key: {filename: "certs/serverkey.pem"} filters: - name: envoy.filters.network.http_connection_manager typed_config: @@ -59,52 +59,51 @@ static_resources: merge_slashes: true path_with_escaped_slashes_action: UNESCAPE_AND_REDIRECT common_http_protocol_options: - idle_timeout: 3600s # 1 hour + idle_timeout: 3600s # 1 hour headers_with_underscores_action: REJECT_REQUEST http2_protocol_options: max_concurrent_streams: 100 - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB - stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests - request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB + stream_idle_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests + request_timeout: 300s # 5 mins, must be disabled for long-lived and streaming requests route_config: virtual_hosts: - name: default domains: ["*"] routes: - - match: { prefix: "/" } + - match: {prefix: "/"} route: cluster: service_foo - idle_timeout: 15s # must be disabled for long-lived and streaming requests + idle_timeout: 15s # must be disabled for long-lived and streaming requests clusters: - name: service_foo - connect_timeout: 15s - per_connection_buffer_limit_bytes: 32768 # 32 KiB + per_connection_buffer_limit_bytes: 32768 # 32 KiB load_assignment: cluster_name: some_service endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions explicit_http_config: http2_protocol_options: - initial_stream_window_size: 65536 # 64 KiB - initial_connection_window_size: 1048576 # 1 MiB + initial_stream_window_size: 65536 # 64 KiB + initial_connection_window_size: 1048576 # 1 MiB layered_runtime: layers: - - name: static_layer_0 - static_layer: - envoy: - resource_limits: - listener: - example_listener_name: - connection_limit: 10000 - overload: - global_downstream_max_connections: 50000 + - name: static_layer_0 + static_layer: + envoy: + resource_limits: + listener: + example_listener_name: + connection_limit: 10000 + overload: + global_downstream_max_connections: 50000 diff --git a/docs/root/configuration/http/http_conn_man/_include/preserve-case.yaml b/docs/root/configuration/http/http_conn_man/_include/preserve-case.yaml index cf637b1eeb7a..cd70bffa507a 100644 --- a/docs/root/configuration/http/http_conn_man/_include/preserve-case.yaml +++ b/docs/root/configuration/http/http_conn_man/_include/preserve-case.yaml @@ -1,50 +1,49 @@ static_resources: listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 443 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - http_protocol_options: - header_key_format: - stateful_formatter: - name: preserve_case - typed_config: - "@type": type.googleapis.com/envoy.extensions.http.header_formatters.preserve_case.v3.PreserveCaseFormatterConfig - http_filters: - - name: envoy.filters.http.router - route_config: - virtual_hosts: - - name: default - domains: ["*"] - routes: - - match: { prefix: "/" } - route: - cluster: service_foo + - address: + socket_address: + address: 0.0.0.0 + port_value: 443 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_protocol_options: + header_key_format: + stateful_formatter: + name: preserve_case + typed_config: + "@type": type.googleapis.com/envoy.extensions.http.header_formatters.preserve_case.v3.PreserveCaseFormatterConfig + http_filters: + - name: envoy.filters.http.router + route_config: + virtual_hosts: + - name: default + domains: ["*"] + routes: + - match: {prefix: "/"} + route: + cluster: service_foo clusters: - - name: service_foo - connect_timeout: 15s - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http_protocol_options: - header_key_format: - stateful_formatter: - name: preserve_case - typed_config: - "@type": type.googleapis.com/envoy.extensions.http.header_formatters.preserve_case.v3.PreserveCaseFormatterConfig - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 + - name: service_foo + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http_protocol_options: + header_key_format: + stateful_formatter: + name: preserve_case + typed_config: + "@type": type.googleapis.com/envoy.extensions.http.header_formatters.preserve_case.v3.PreserveCaseFormatterConfig + load_assignment: + cluster_name: some_service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 diff --git a/docs/root/configuration/http/http_conn_man/response_code_details.rst b/docs/root/configuration/http/http_conn_man/response_code_details.rst index def0da6cbba2..342350c6a4f8 100644 --- a/docs/root/configuration/http/http_conn_man/response_code_details.rst +++ b/docs/root/configuration/http/http_conn_man/response_code_details.rst @@ -26,7 +26,8 @@ Below are the list of reasons the HttpConnectionManager or Router filter may sen duration_timeout, The max connection duration was exceeded. direct_response, A direct response was generated by the router filter. filter_chain_not_found, The request was rejected due to no matching filter chain. - filter_removed_required_headers, The request was rejected in the filter manager because a configured filter removed required headers. + filter_removed_required_request_headers, The request was rejected in the filter manager because a configured filter removed required request headers. + filter_removed_required_response_headers, The response was rejected in the filter manager because a configured filter removed required response headers or these values were invalid (e.g. overflown status). internal_redirect, The original stream was replaced with an internal redirect. low_version, The HTTP/1.0 or HTTP/0.9 request was rejected due to HTTP/1.0 support not being configured. maintenance_mode, The request was rejected by the router filter because the cluster was in maintenance mode. diff --git a/docs/root/configuration/http/http_conn_man/stats.rst b/docs/root/configuration/http/http_conn_man/stats.rst index 7fd66553222f..8df5877557b6 100644 --- a/docs/root/configuration/http/http_conn_man/stats.rst +++ b/docs/root/configuration/http/http_conn_man/stats.rst @@ -87,7 +87,12 @@ the following statistics: Per listener statistics ----------------------- -Additional per listener statistics are rooted at *listener.
.http..* with the +Per listener statistics are rooted at *listener.
*. + +HTTP per listener statistics +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Additional HTTP statistics are of the form *http..* with the following statistics: .. csv-table:: @@ -101,15 +106,28 @@ following statistics: downstream_rq_4xx, Counter, Total 4xx responses downstream_rq_5xx, Counter, Total 5xx responses +HTTP/3 per listener statistics +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +HTTP/3 statistics with the form of *http3.downstream..*: + +.. csv-table:: + :header: Name, Type, Description + :widths: 1, 1, 2 + + .quic_connection_close_error_code_, Counter, A collection of counters that are lazily initialized to record each quic connection close error code that's present. + .quic_reset_stream_error_code_, Counter, A collection of counters that that lazily initialized to record quic stream reset error codes. + + .. _config_http_conn_man_stats_per_codec: Per codec statistics ----------------------- -Each codec has the option of adding per-codec statistics. Both http1 and http2 have codec stats. +Each codec has the option of adding per-codec statistics. http1, http2, and http3 all have codec stats. -Http1 codec statistics -~~~~~~~~~~~~~~~~~~~~~~ +HTTP/1 codec statistics +~~~~~~~~~~~~~~~~~~~~~~~ On the downstream side all http1 statistics are rooted at *http1.* @@ -124,8 +142,8 @@ On the upstream side all http1 statistics are rooted at *cluster..http1.* response_flood, Counter, Total number of connections closed due to response flooding requests_rejected_with_underscores_in_headers, Counter, Total numbers of rejected requests due to header names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. -Http2 codec statistics -~~~~~~~~~~~~~~~~~~~~~~ +HTTP/2 codec statistics +~~~~~~~~~~~~~~~~~~~~~~~ On the downstream side all http2 statistics are rooted at *http2.* @@ -147,6 +165,7 @@ On the upstream side all http2 statistics are rooted at *cluster..http2.* requests_rejected_with_underscores_in_headers, Counter, Total numbers of rejected requests due to header names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. rx_messaging_error, Counter, Total number of invalid received frames that violated `section 8 `_ of the HTTP/2 spec. This will result in a *tx_reset* rx_reset, Counter, Total number of reset stream frames received by Envoy + stream_refused_errors, Counter, Total number of invalid frames received by Envoy with a `REFUSED_STREAM` error code trailers, Counter, Total number of trailers seen on requests coming from downstream tx_flush_timeout, Counter, Total number of :ref:`stream idle timeouts ` waiting for open stream window to flush the remainder of a stream tx_reset, Counter, Total number of reset stream frames transmitted by Envoy @@ -160,6 +179,30 @@ On the upstream side all http2 statistics are rooted at *cluster..http2.* `downstream_rq_active` gauge due to differences in stream accounting between the codec and the HTTP connection manager. +HTTP/3 codec statistics +~~~~~~~~~~~~~~~~~~~~~~~ + +On the downstream side all http3 statistics are rooted at *http3.* + +On the upstream side all http3 statistics are rooted at *cluster..http3.* + +.. csv-table:: + :header: Name, Type, Description + :widths: 1, 1, 2 + + dropped_headers_with_underscores, Counter, Total number of dropped headers with names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. + requests_rejected_with_underscores_in_headers, Counter, Total numbers of rejected requests due to header names containing underscores. This action is configured by setting the :ref:`headers_with_underscores_action config setting `. + rx_reset, Counter, Total number of reset stream frames received by Envoy + tx_reset, Counter, Total number of reset stream frames transmitted by Envoy + metadata_not_supported_error, Counter, Total number of metadata dropped during HTTP/3 encoding + quic_version_43, Counter, Total number of quic connections that use transport version 43. This is expected to be removed when this version is deprecated. + quic_version_46, Counter, Total number of quic connections that use transport version 46. This is expected to be removed when this version is deprecated. + quic_version_50, Counter, Total number of quic connections that use transport version 50. This is expected to be removed when this version is deprecated. + quic_version_51, Counter, Total number of quic connections that use transport version 51. This is expected to be removed when this version is deprecated. + quic_version_h3_29, Counter, Total number of quic connections that use transport version h3-29. This is expected to be removed when this version is deprecated. + quic_version_rfc_v1, Counter, Total number of quic connections that use transport version rfc-v1. + + Tracing statistics ------------------ diff --git a/docs/root/configuration/http/http_filters/_include/bandwidth-limit-filter.yaml b/docs/root/configuration/http/http_filters/_include/bandwidth-limit-filter.yaml new file mode 100644 index 000000000000..76ab6d35ad92 --- /dev/null +++ b/docs/root/configuration/http/http_filters/_include/bandwidth-limit-filter.yaml @@ -0,0 +1,63 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 8000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: AUTO + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: {prefix: "/path/with/bandwidth/limit"} + route: {cluster: service_protected_by_bandwidth_limit} + typed_per_filter_config: + envoy.filters.http.bandwidth_limit: + "@type": type.googleapis.com/envoy.extensions.filters.http.bandwidth_limit.v3alpha.BandwidthLimit + stat_prefix: bandwidth_limiter_custom_route + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 500 + fill_interval: 0.1s + - match: {prefix: "/"} + route: {cluster: web_service} + http_filters: + - name: envoy.filters.http.bandwidth_limit + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.bandwidth_limit.v3alpha.BandwidthLimit + stat_prefix: bandwidth_limiter_default + - name: envoy.filters.http.router + typed_config: {} + + clusters: + - name: service_protected_by_bandwidth_limit + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: web_service + port_value: 9000 + - name: web_service + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: web_service + port_value: 9000 diff --git a/docs/root/configuration/http/http_filters/_include/composite.yaml b/docs/root/configuration/http/http_filters/_include/composite.yaml index 48109818710b..d45969ba4361 100644 --- a/docs/root/configuration/http/http_filters/_include/composite.yaml +++ b/docs/root/configuration/http/http_filters/_include/composite.yaml @@ -1,12 +1,13 @@ admin: access_log_path: /tmp/admin_access.log address: - socket_address: { address: 0.0.0.0, port_value: 9901 } + socket_address: {address: 0.0.0.0, port_value: 9901} + static_resources: listeners: - name: listener1 address: - socket_address: { address: 0.0.0.0, port_value: 51051 } + socket_address: {address: 0.0.0.0, port_value: 51051} filter_chains: - filters: - name: envoy.filters.network.http_connection_manager @@ -22,8 +23,8 @@ static_resources: routes: # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path. # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests - - match: { prefix: "/helloworld.Greeter" } - route: { cluster: grpc, timeout: 60s } + - match: {prefix: "/helloworld.Greeter"} + route: {cluster: grpc, timeout: 60s} http_filters: - name: composite typed_config: @@ -41,7 +42,7 @@ static_resources: header_name: x-fault-category exact_match_map: map: - "huge fault": # inject 10s latency into all requests + "huge fault": # inject 10s latency into all requests action: name: composite-action typed_config: @@ -55,7 +56,7 @@ static_resources: percentage: numerator: 100 denominator: HUNDRED - "tiny fault": # inject 1s latency into all requests + "tiny fault": # inject 1s latency into all requests action: name: composite-action typed_config: @@ -73,7 +74,6 @@ static_resources: clusters: - name: grpc - connect_timeout: 1.25s type: LOGICAL_DNS lb_policy: ROUND_ROBIN dns_lookup_family: V4_ONLY @@ -94,8 +94,8 @@ static_resources: layered_runtime: layers: - - name: static-layer - static_layer: - envoy: - reloadable_features: - experimental_matching_api: true + - name: static-layer + static_layer: + envoy: + reloadable_features: + experimental_matching_api: true diff --git a/docs/root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml b/docs/root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml index 1efb16f48c76..427600e10239 100644 --- a/docs/root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml +++ b/docs/root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml @@ -43,12 +43,19 @@ static_resources: dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY + dns_resolution_config: + resolvers: + - socket_address: + address: "8.8.8.8" + port_value: 53 + dns_resolver_options: + use_tcp_for_dns_lookups: true + no_default_search_domain: true - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - name: dynamic_forward_proxy_cluster - connect_timeout: 1s lb_policy: CLUSTER_PROVIDED cluster_type: name: envoy.clusters.dynamic_forward_proxy @@ -57,6 +64,14 @@ static_resources: dns_cache_config: name: dynamic_forward_proxy_cache_config dns_lookup_family: V4_ONLY + dns_resolution_config: + resolvers: + - socket_address: + address: "8.8.8.8" + port_value: 53 + dns_resolver_options: + use_tcp_for_dns_lookups: true + no_default_search_domain: true transport_socket: name: envoy.transport_sockets.tls typed_config: diff --git a/docs/root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml b/docs/root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml index 1cca540f59bd..9d62826782fb 100644 --- a/docs/root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml +++ b/docs/root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml @@ -53,21 +53,19 @@ static_resources: typed_config: {} clusters: - name: other - connect_timeout: 5.00s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: some_service endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: localhost - port_value: 4630 + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: 4630 - name: grpc - connect_timeout: 5.00s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: @@ -78,9 +76,9 @@ static_resources: load_assignment: cluster_name: grpc endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: localhost - port_value: 10005 + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: 10005 diff --git a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml index 91802786b510..80a8c67e0f72 100644 --- a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml +++ b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml @@ -1,12 +1,12 @@ admin: address: - socket_address: { address: 0.0.0.0, port_value: 9901 } + socket_address: {address: 0.0.0.0, port_value: 9901} static_resources: listeners: - name: listener1 address: - socket_address: { address: 0.0.0.0, port_value: 51051 } + socket_address: {address: 0.0.0.0, port_value: 51051} filter_chains: - filters: - name: envoy.filters.network.http_connection_manager @@ -22,8 +22,8 @@ static_resources: routes: # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path. # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests - - match: { prefix: "/helloworld.Greeter" } - route: { cluster: grpc, timeout: 60s } + - match: {prefix: "/helloworld.Greeter"} + route: {cluster: grpc, timeout: 60s} http_filters: - name: envoy.filters.http.grpc_json_transcoder typed_config: @@ -39,7 +39,6 @@ static_resources: clusters: - name: grpc - connect_timeout: 1.25s type: LOGICAL_DNS lb_policy: ROUND_ROBIN dns_lookup_family: V4_ONLY diff --git a/docs/root/configuration/http/http_filters/_include/local-rate-limit-with-descriptors.yaml b/docs/root/configuration/http/http_filters/_include/local-rate-limit-with-descriptors.yaml new file mode 100644 index 000000000000..b9109a189ae6 --- /dev/null +++ b/docs/root/configuration/http/http_filters/_include/local-rate-limit-with-descriptors.yaml @@ -0,0 +1,96 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 8000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_filters: + - name: envoy.filters.http.router + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: { prefix: "/foo" } + route: + cluster: service_protected_by_rate_limit + rate_limits: + - actions: # any actions in here + - request_headers: + header_name: x-envoy-downstream-service-cluster + descriptor_key: client_cluster + - request_headers: + header_name: ":path" + descriptor_key: path + typed_per_filter_config: + envoy.filters.http.local_ratelimit: + "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + stat_prefix: test + token_bucket: + max_tokens: 1000 + tokens_per_fill: 1000 + fill_interval: 60s + filter_enabled: + runtime_key: test_enabled + default_value: + numerator: 100 + denominator: HUNDRED + filter_enforced: + runtime_key: test_enforced + default_value: + numerator: 100 + denominator: HUNDRED + response_headers_to_add: + - append: false + header: + key: x-test-rate-limit + value: 'true' + descriptors: + - entries: + - key: client_cluster + value: foo + - key: path + value: /foo/bar + token_bucket: + max_tokens: 10 + tokens_per_fill: 10 + fill_interval: 60s + - entries: + - key: client_cluster + value: foo + - key: path + value: /foo/bar2 + token_bucket: + max_tokens: 100 + tokens_per_fill: 100 + fill_interval: 60s + - match: { prefix: "/" } + route: { cluster: default_service } + clusters: + - name: default_service + load_assignment: + cluster_name: default_service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 + - name: service_protected_by_rate_limit + load_assignment: + cluster_name: service_protected_by_rate_limit + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8081 diff --git a/docs/root/configuration/http/http_filters/admission_control_filter.rst b/docs/root/configuration/http/http_filters/admission_control_filter.rst index 146b50dc31c3..ac974b2f4067 100644 --- a/docs/root/configuration/http/http_filters/admission_control_filter.rst +++ b/docs/root/configuration/http/http_filters/admission_control_filter.rst @@ -41,6 +41,11 @@ where, rejection probability will be higher for higher success rates. See `Aggression`_ for a more detailed explanation. +Note that there are additional parameters that affect the rejection probability: + +- *rps_threshold* is a configurable value that when RPS is lower than it, requests will pass through the filter. +- *max_reject_probability* represents the upper limit of the rejection probability. + .. note:: The success rate calculations are performed on a per-thread basis for increased performance. In addition, the per-thread isolation prevents decreases the blast radius of a single bad connection @@ -91,6 +96,12 @@ fields can be overridden via runtime settings. aggression: default_value: 1.5 runtime_key: "admission_control.aggression" + rps_threshold: + default_value: 5 + runtime_key: "admission_control.rps_threshold" + max_rejection_probability: + default_value: 80.0 + runtime_key: "admission_control.max_rejection_probability" success_criteria: http_criteria: http_success_status: @@ -110,6 +121,8 @@ The above configuration can be understood as follows: window. * HTTP requests are considered successful if they are 1xx, 2xx, 3xx, or a 404. * gRPC requests are considered successful if they are OK or CANCELLED. +* Requests will never be rejeted from this filter if the RPS is lower than 5. +* Rejection probability will never exceed 80% even if the failure rate is 100%. Statistics ---------- diff --git a/docs/root/configuration/http/http_filters/bandwidth_limit_filter.rst b/docs/root/configuration/http/http_filters/bandwidth_limit_filter.rst new file mode 100644 index 000000000000..4576e9d3ac36 --- /dev/null +++ b/docs/root/configuration/http/http_filters/bandwidth_limit_filter.rst @@ -0,0 +1,64 @@ +.. _config_http_filters_bandwidth_limit: + +Bandwidth limit +==================== + +* Bandwidth limiting :ref:`architecture overview ` +* :ref:`v3 API reference ` +* This filter should be configured with the name ``envoy.filters.http.bandwidth_limit``. + +The HTTP Bandwidth limit filter limits the size of data flow to the max bandwidth set in the ``limit_kbps`` +when the request's route, virtual host or filter chain has a +:ref:`bandwidth limit configuration `. + +If the bandwidth limit has been exhausted the filter stops further transfer until more bandwidth gets allocated +according to the ``fill_interval`` (default is 50 milliseconds). If the connection buffer fills up with accumulated +data then the source of data will have ``readDisable(true)`` set as described in the :repo:`flow control doc`. + +.. note:: + The token bucket is shared across all workers, thus the limits are applied per Envoy process. + +Example configuration +--------------------- + +Example filter configuration for a globally disabled bandwidth limiter but enabled for a specific route: + +.. literalinclude:: _include/bandwidth-limit-filter.yaml + :language: yaml + :lines: 11-53 + :emphasize-lines: 9-25 + :caption: :download:`bandwidth-limit-filter.yaml <_include/bandwidth-limit-filter.yaml>` + +Note that if this filter is configured as globally disabled and there are no virtual host or route level +token buckets, no bandwidth limiting will be applied. + +Statistics +---------- + +The HTTP bandwidth limit filter outputs statistics in the ``.http_bandwidth_limit.`` namespace. + +.. csv-table:: + :header: Name, Type, Description + :widths: 1, 1, 2 + + request_enabled, Counter, Total number of request streams for which the bandwidth limiter was consulted + request_pending, GAUGE, Number of request streams which are currently pending transfer in bandwidth limiter + request_incoming_size, GAUGE, Size in bytes of incoming request data to bandwidth limiter + request_allowed_size, GAUGE, Size in bytes of outgoing request data from bandwidth limiter + request_transfer_duration, HISTOGRAM, Total time (including added delay) it took for the request stream transfer + response_enabled, Counter, Total number of response streams for which the bandwidth limiter was consulted + response_pending, GAUGE, Number of response streams which are currently pending transfer in bandwidth limiter + response_incoming_size, GAUGE, Size in bytes of incoming response data to bandwidth limiter + response_allowed_size, GAUGE, Size in bytes of outgoing response data from bandwidth limiter + response_transfer_duration, HISTOGRAM, Total time (including added delay) it took for the response stream transfer + +.. _config_http_filters_bandwidth_limit_runtime: + +Runtime +------- + +The HTTP bandwidth limit filter supports the following runtime settings: + +The bandwidth limit filter can be runtime feature flagged via the :ref:`enabled +` +configuration field. diff --git a/docs/root/configuration/http/http_filters/compressor_filter.rst b/docs/root/configuration/http/http_filters/compressor_filter.rst index 8bd65154ef8f..f39bab62c676 100644 --- a/docs/root/configuration/http/http_filters/compressor_filter.rst +++ b/docs/root/configuration/http/http_filters/compressor_filter.rst @@ -7,10 +7,6 @@ from an upstream service upon client request. Compression is useful in situations when bandwidth is scarce and large payloads can be effectively compressed at the expense of higher CPU load or offloading it to a compression accelerator. -.. note:: - - This filter deprecates the :ref:`HTTP Gzip filter `. - Configuration ------------- * :ref:`v3 API reference ` diff --git a/docs/root/configuration/http/http_filters/grpc_stats_filter.rst b/docs/root/configuration/http/http_filters/grpc_stats_filter.rst index 6546b74b501d..902d5786bb5a 100644 --- a/docs/root/configuration/http/http_filters/grpc_stats_filter.rst +++ b/docs/root/configuration/http/http_filters/grpc_stats_filter.rst @@ -17,6 +17,11 @@ emits the message counts for both uni-directional and bi-directional calls. See more info on the wire format in `gRPC over HTTP/2 `_. +Note by default, the router filter will emit translated HTTP status code stats (from the cluster namespace) for gRPC requests that generate some types +of local responses (e.g. upstream timeout). If only incrementing gRPC specific metrics is preferred, this behavior can be avoided by setting +the field :ref:`suppress_grpc_request_failure_code_stats ` +within the router filter itself. + The filter emits statistics in the *cluster..grpc.* namespace. Depending on the configuration, the stats may be prefixed with ``..``; the stats in the table below are shown in this form. See the documentation for diff --git a/docs/root/configuration/http/http_filters/gzip_filter.rst b/docs/root/configuration/http/http_filters/gzip_filter.rst deleted file mode 100644 index 71947d2510ac..000000000000 --- a/docs/root/configuration/http/http_filters/gzip_filter.rst +++ /dev/null @@ -1,95 +0,0 @@ -.. _config_http_filters_gzip: - -.. warning:: - - This filter has been deprecated in favor the - :ref:`HTTP Compressor filter `. - -Gzip -==== -Gzip is an HTTP filter which enables Envoy to compress dispatched data -from an upstream service upon client request. Compression is useful in -situations where large payloads need to be transmitted without -compromising the response time. - -Configuration -------------- -* :ref:`v3 API reference ` -* This filter should be configured with the name *envoy.filters.http.gzip*. - -.. attention:: - - The *window bits* is a number that tells the compressor how far ahead in the - text the algorithm should be looking for repeated sequence of characters. - Due to a known bug in the underlying zlib library, *window bits* with value - eight does not work as expected. Therefore any number below that will be - automatically set to 9. This issue might be solved in future releases of - the library. - -Runtime -------- - -The Gzip filter can be runtime feature flagged via the :ref:`runtime_enabled -` -configuration field within the compressor field. - -How it works ------------- -When gzip filter is enabled, request and response headers are inspected to -determine whether or not the content should be compressed. The content is -compressed and then sent to the client with the appropriate headers, if -response and request allow. - -By *default* compression will be *skipped* when: - -- A request does NOT contain *accept-encoding* header. -- A request includes *accept-encoding* header, but it does not contain "gzip" or "\*". -- A request includes *accept-encoding* with "gzip" or "\*" with the weight "q=0". Note - that the "gzip" will have a higher weight then "\*". For example, if *accept-encoding* - is "gzip;q=0,\*;q=1", the filter will not compress. But if the header is set to - "\*;q=0,gzip;q=1", the filter will compress. -- A request whose *accept-encoding* header includes any encoding type with a higher - weight than "gzip"'s given the corresponding compression filter is present in the chain. -- A response contains a *content-encoding* header. -- A response contains a *cache-control* header whose value includes "no-transform". -- A response contains a *transfer-encoding* header whose value includes "gzip". -- A response does not contain a *content-type* value that matches one of the selected - mime-types, which default to *application/javascript*, *application/json*, - *application/xhtml+xml*, *image/svg+xml*, *text/css*, *text/html*, *text/plain*, - *text/xml*. -- Neither *content-length* nor *transfer-encoding* headers are present in - the response. -- Response size is smaller than 30 bytes (only applicable when *transfer-encoding* - is not chunked). - -When compression is *applied*: - -- The *content-length* is removed from response headers. -- Response headers contain "*transfer-encoding: chunked*" and do not contain - "*content-encoding*" header. -- The "*vary: accept-encoding*" header is inserted on every response. - -.. _gzip-statistics: - -Statistics ----------- - -Every configured Gzip filter has statistics rooted at .gzip.* with the following: - -.. csv-table:: - :header: Name, Type, Description - :widths: 1, 1, 2 - - compressed, Counter, Number of requests compressed. - not_compressed, Counter, Number of requests not compressed. - no_accept_header, Counter, Number of requests with no accept header sent. - header_identity, Counter, Number of requests sent with "identity" set as the *accept-encoding*. - header_gzip, Counter, Number of requests sent with "gzip" set as the *accept-encoding*. This counter is deprecated in favour of *header_compressor_used*. - header_compressor_used, Counter, Number of requests sent with "gzip" set as the *accept-encoding*. - header_compressor_overshadowed, Counter, Number of requests skipped by this filter instance because they were handled by another filter in the same filter chain. - header_wildcard, Counter, Number of requests sent with "\*" set as the *accept-encoding*. - header_not_valid, Counter, Number of requests sent with a not valid *accept-encoding* header (aka "q=0" or an unsupported encoding type). - total_uncompressed_bytes, Counter, The total uncompressed bytes of all the requests that were marked for compression. - total_compressed_bytes, Counter, The total compressed bytes of all the requests that were marked for compression. - content_length_too_small, Counter, Number of requests that accepted gzip encoding but did not compress because the payload was too small. - not_compressed_etag, Counter, Number of requests that were not compressed due to the etag header. *disable_on_etag_header* must be turned on for this to happen. diff --git a/docs/root/configuration/http/http_filters/http_filters.rst b/docs/root/configuration/http/http_filters/http_filters.rst index 5bd61f14dc44..a87b6447a271 100644 --- a/docs/root/configuration/http/http_filters/http_filters.rst +++ b/docs/root/configuration/http/http_filters/http_filters.rst @@ -10,6 +10,7 @@ HTTP filters admission_control_filter aws_lambda_filter aws_request_signing_filter + bandwidth_limit_filter buffer_filter cdn_loop_filter compressor_filter @@ -27,7 +28,6 @@ HTTP filters grpc_json_transcoder_filter grpc_stats_filter grpc_web_filter - gzip_filter health_check_filter header_to_metadata_filter ip_tagging_filter @@ -41,6 +41,7 @@ HTTP filters rate_limit_filter rbac_filter router_filter + set_metadata_filter squash_filter tap_filter wasm_filter diff --git a/docs/root/configuration/http/http_filters/local_rate_limit_filter.rst b/docs/root/configuration/http/http_filters/local_rate_limit_filter.rst index 4467ba080a41..25db2b313d75 100644 --- a/docs/root/configuration/http/http_filters/local_rate_limit_filter.rst +++ b/docs/root/configuration/http/http_filters/local_rate_limit_filter.rst @@ -22,8 +22,9 @@ configured to be returned. ` can be configured to be added to forwarded requests to the upstream when the local rate limit filter is enabled but not enforced. -.. note:: - The token bucket is shared across all workers, thus the rate limits are applied per Envoy process. +Depending on the value of the config :ref:`local_rate_limit_per_downstream_connection `, +the token bucket is either shared across all workers or on a per connection basis. This results in the local rate limits being applied either per Envoy process or per downstream connection. +By default the rate limits are applied per Envoy process. Example configuration --------------------- @@ -55,6 +56,7 @@ Example filter configuration for a globally set rate limiter (e.g.: all vhosts/r header: key: x-local-rate-limit value: 'true' + local_rate_limit_per_downstream_connection: false Example filter configuration for a globally disabled rate limiter but enabled for a specific route: @@ -125,69 +127,10 @@ the default token bucket is used. Example filter configuration using descriptors: -.. validated-code-block:: yaml - :type-name: envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/foo" } - route: { cluster: service_protected_by_rate_limit } - typed_per_filter_config: - envoy.filters.http.local_ratelimit: - "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit - stat_prefix: test - token_bucket: - max_tokens: 1000 - tokens_per_fill: 1000 - fill_interval: 60s - filter_enabled: - runtime_key: test_enabled - default_value: - numerator: 100 - denominator: HUNDRED - filter_enforced: - runtime_key: test_enforced - default_value: - numerator: 100 - denominator: HUNDRED - response_headers_to_add: - - append: false - header: - key: x-test-rate-limit - value: 'true' - descriptors: - - entries: - - key: client_cluster - value: foo - - key: path - value: /foo/bar - token_bucket: - max_tokens: 10 - tokens_per_fill: 10 - fill_interval: 60s - - entries: - - key: client_cluster - value: foo - - key: path - value: /foo/bar2 - token_bucket: - max_tokens: 100 - tokens_per_fill: 100 - fill_interval: 60s - - match: { prefix: "/" } - route: { cluster: default_service } - rate_limits: - - actions: # any actions in here - - request_headers: - header_name: x-envoy-downstream-service-cluster - descriptor_key: client_cluster - - request_headers: - header_name: ":path" - descriptor_key: path +.. literalinclude:: _include/local-rate-limit-with-descriptors.yaml + :language: yaml + :lines: 15-75 + :caption: :download:`local-rate-limit-with-descriptors.yaml <_include/local-rate-limit-with-descriptors.yaml>` In this example, requests are rate-limited for routes prefixed with "/foo" as follow. If requests come from a downstream service cluster "foo" for "/foo/bar" diff --git a/docs/root/configuration/http/http_filters/lua_filter.rst b/docs/root/configuration/http/http_filters/lua_filter.rst index 05cd149fc6ba..72ec360587ca 100644 --- a/docs/root/configuration/http/http_filters/lua_filter.rst +++ b/docs/root/configuration/http/http_filters/lua_filter.rst @@ -459,7 +459,7 @@ streamInfo() local streamInfo = handle:streamInfo() -Returns :repo:`information ` related to the current request. +Returns :repo:`information ` related to the current request. Returns a :ref:`stream info object `. @@ -470,7 +470,7 @@ connection() local connection = handle:connection() -Returns the current request's underlying :repo:`connection `. +Returns the current request's underlying :repo:`connection `. Returns a :ref:`connection object `. @@ -658,7 +658,7 @@ protocol() streamInfo:protocol() -Returns the string representation of :repo:`HTTP protocol ` +Returns the string representation of :repo:`HTTP protocol ` used by the current request. The possible values are: ``HTTP/1.0``, ``HTTP/1.1``, ``HTTP/2`` and ``HTTP/3*``. downstreamLocalAddress() @@ -668,7 +668,7 @@ downstreamLocalAddress() streamInfo:downstreamLocalAddress() -Returns the string representation of :repo:`downstream remote address ` +Returns the string representation of :repo:`downstream remote address ` used by the current request. downstreamDirectRemoteAddress() @@ -678,7 +678,7 @@ downstreamDirectRemoteAddress() streamInfo:downstreamDirectRemoteAddress() -Returns the string representation of :repo:`downstream directly connected address ` +Returns the string representation of :repo:`downstream directly connected address ` used by the current request. This is equivalent to the address of the physical connection. dynamicMetadata() @@ -697,7 +697,7 @@ downstreamSslConnection() streamInfo:downstreamSslConnection() -Returns :repo:`information ` related to the current SSL connection. +Returns :repo:`information ` related to the current SSL connection. Returns a downstream :ref:`SSL connection info object `. @@ -710,7 +710,7 @@ requestedServerName() streamInfo:requestedServerName() -Returns the string representation of :repo:`requested server name ` +Returns the string representation of :repo:`requested server name ` (e.g. SNI in TLS) for the current request if present. Dynamic metadata object API @@ -784,7 +784,7 @@ ssl() print("secure") end -Returns :repo:`SSL connection ` object when the connection is +Returns :repo:`SSL connection ` object when the connection is secured and *nil* when it is not. Returns an :ref:`SSL connection info object `. diff --git a/docs/root/configuration/http/http_filters/set_metadata_filter.rst b/docs/root/configuration/http/http_filters/set_metadata_filter.rst new file mode 100644 index 000000000000..b56367e0105f --- /dev/null +++ b/docs/root/configuration/http/http_filters/set_metadata_filter.rst @@ -0,0 +1,52 @@ +.. _config_http_filters_set_metadata: + +Set Metadata +============ +* :ref:`v3 API reference ` +* This filter should be configured with the name *envoy.filters.http.set_metadata*. + +This filters adds or updates dynamic metadata with static data. + +Dynamic metadata values are updated with the following scheme. If a key +does not exists, it's just copied into the current metadata. If the key exists +but has a different type, it is replaced by the new value. Otherwise: + + * for scalar values (null, string, number, boolean) are replaced with the new value + * for lists: new values are added to the current list + * for structures: recursively apply this scheme + +For instance, if the namespace already contains this structure: + +.. code-block:: yaml + + myint: 1 + mylist: ["a"] + mykey: ["val"] + mytags: + tag0: 1 + +and the value to set is: + +.. code-block:: yaml + + myint: 2 + mylist: ["b","c"] + mykey: 1 + mytags: + tag1: 1 + +After applying this filter, the namespace will contain: + +.. code-block:: yaml + + myint: 2 + mylist: ["a","b","c"] + mykey: 1 + mytags: + tag0: 1 + tag1: 1 + +Statistics +---------- + +Currently, this filter generates no statistics. diff --git a/docs/root/configuration/listeners/network_filters/_include/sni-dynamic-forward-proxy-filter.yaml b/docs/root/configuration/listeners/network_filters/_include/sni-dynamic-forward-proxy-filter.yaml index 5150a03aba7a..2e30456d03d0 100644 --- a/docs/root/configuration/listeners/network_filters/_include/sni-dynamic-forward-proxy-filter.yaml +++ b/docs/root/configuration/listeners/network_filters/_include/sni-dynamic-forward-proxy-filter.yaml @@ -13,24 +13,23 @@ static_resources: address: 0.0.0.0 port_value: 10000 listener_filters: - - name: envoy.filters.listener.tls_inspector + - name: envoy.filters.listener.tls_inspector filter_chains: - - filters: - - name: envoy.filters.network.sni_dynamic_forward_proxy - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha.FilterConfig - port_value: 443 - dns_cache_config: - name: dynamic_forward_proxy_cache_config - dns_lookup_family: V4_ONLY - - name: envoy.tcp_proxy - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy - stat_prefix: tcp - cluster: dynamic_forward_proxy_cluster + - filters: + - name: envoy.filters.network.sni_dynamic_forward_proxy + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha.FilterConfig + port_value: 443 + dns_cache_config: + name: dynamic_forward_proxy_cache_config + dns_lookup_family: V4_ONLY + - name: envoy.tcp_proxy + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy + stat_prefix: tcp + cluster: dynamic_forward_proxy_cluster clusters: - name: dynamic_forward_proxy_cluster - connect_timeout: 1s lb_policy: CLUSTER_PROVIDED cluster_type: name: envoy.clusters.dynamic_forward_proxy diff --git a/docs/root/configuration/listeners/network_filters/_include/zookeeper-filter-proxy.yaml b/docs/root/configuration/listeners/network_filters/_include/zookeeper-filter-proxy.yaml index aafca89351bf..3215fcadad68 100644 --- a/docs/root/configuration/listeners/network_filters/_include/zookeeper-filter-proxy.yaml +++ b/docs/root/configuration/listeners/network_filters/_include/zookeeper-filter-proxy.yaml @@ -1,37 +1,36 @@ static_resources: listeners: - - name: main - address: - socket_address: - address: 127.0.0.1 # Host that zookeeper clients should connect to. - port_value: 10001 # Port that zookeeper clients should connect to. - filter_chains: - - filters: - - name: envoy.filters.network.zookeeper_proxy - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.zookeeper_proxy.v3.ZooKeeperProxy - stat_prefix: zookeeper - - name: envoy.filters.network.tcp_proxy - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy - stat_prefix: tcp - cluster: local_zk_server + - name: main + address: + socket_address: + address: 127.0.0.1 # Host that zookeeper clients should connect to. + port_value: 10001 # Port that zookeeper clients should connect to. + filter_chains: + - filters: + - name: envoy.filters.network.zookeeper_proxy + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.zookeeper_proxy.v3.ZooKeeperProxy + stat_prefix: zookeeper + - name: envoy.filters.network.tcp_proxy + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy + stat_prefix: tcp + cluster: local_zk_server clusters: - - name: local_zk_server - connect_timeout: 120s - type: LOGICAL_DNS - lb_policy: ROUND_ROBIN - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http2_protocol_options: {} - load_assignment: - cluster_name: local_zk_server - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 2181 + - name: local_zk_server + type: LOGICAL_DNS + lb_policy: ROUND_ROBIN + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: local_zk_server + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 2181 diff --git a/docs/root/configuration/listeners/network_filters/connection_limit_filter.rst b/docs/root/configuration/listeners/network_filters/connection_limit_filter.rst new file mode 100644 index 000000000000..d8dfe2c6fe2d --- /dev/null +++ b/docs/root/configuration/listeners/network_filters/connection_limit_filter.rst @@ -0,0 +1,52 @@ +.. _config_network_filters_connection_limit: + +Connection Limit Filter +======================= + +* Connection limiting :ref:`architecture overview ` +* :ref:`v3 API reference + ` +* This filter should be configured with the name *envoy.filters.network.connection_limit*. + +Overview +-------- + +The filter can protect for resources such as connections, CPU, memory, etc. by making sure every filter chain +gets fair share of connection resources and prevent any single entity based on filter chain match or descriptors +from consuming a large number of connections. +The connection limit filter applies a connection limit to incoming connections that are processed by the filter's filter chain. +Each connection processed by the filter marked as an active connection, and if the number of active connections reaches the max connections limit, +the connection will be closed without further filter iteration. + +- The connection limit filter is similar to the L4 local rate limit filter, but instead of enforcing the limit on connections rate, the filter limits the number of active connections. +- The filter maintains an atomic counter of active connection count. It has a max connections limit value based on the configured total number of connections. + When a new connection request comes, the filter tries to increment the connection counter. The connection is allowed if the counter is less than the max connections limit, otherwise the connection gets rejected. + When an active connection is closed, the filter decrements the active connection counter. +- The filter does not stop connection creation but will close the connections that were accepted but were deemed as overlimit. +- **Slow rejection:** The filter can stop reading from the connection and close it after a delay instead of rejecting it right away or letting requests go through before the rejection. + This way we can prevent a malicious entity from opening new connections while draining their resources. + +.. note:: + In the current implementation each filter chain has an independent connection limit. + +.. _config_network_filters_connection_limit_stats: + +Statistics +---------- + +Every configured connection limit filter has statistics rooted at *connection_limit..* +with the following statistics: + +.. csv-table:: + :header: Name, Type, Description + :widths: 1, 1, 2 + + limited_connections, Counter, Total connections that have been rejected due to connection limit exceeded + active_connections, Gauge, Number of currently active connections in the scope of this network filter chain + +Runtime +------- + +The connection limit filter can be runtime feature flagged via the :ref:`enabled +` +configuration field. diff --git a/docs/root/configuration/listeners/network_filters/network_filters.rst b/docs/root/configuration/listeners/network_filters/network_filters.rst index f75a0f9c0e61..a4b918ddf380 100644 --- a/docs/root/configuration/listeners/network_filters/network_filters.rst +++ b/docs/root/configuration/listeners/network_filters/network_filters.rst @@ -12,6 +12,7 @@ filters. dubbo_proxy_filter client_ssl_auth_filter + connection_limit_filter echo_filter direct_response_filter ext_authz_filter diff --git a/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst b/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst index 111a56446cf7..727b74b8eef3 100644 --- a/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst +++ b/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst @@ -3,6 +3,9 @@ RocketMQ proxy ============== +* :ref:`v3 API reference ` +* This filter should be configured with the name ``envoy.filters.network.rocketmq_proxy``. + Apache RocketMQ is a distributed messaging system, which is composed of four types of roles: producer, consumer, name server and broker server. The former two are embedded into user application in form of SDK; whilst the latter are standalone servers. diff --git a/docs/root/configuration/listeners/network_filters/wasm_filter.rst b/docs/root/configuration/listeners/network_filters/wasm_filter.rst index de8baaaf4e6e..fe14e1c58683 100644 --- a/docs/root/configuration/listeners/network_filters/wasm_filter.rst +++ b/docs/root/configuration/listeners/network_filters/wasm_filter.rst @@ -3,7 +3,7 @@ Wasm Network Filter =================== -* :ref:`v3 API reference ` +* :ref:`v3 API reference ` .. attention:: diff --git a/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml b/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml index 816a7657fd48..bcffbb1404df 100644 --- a/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml +++ b/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml @@ -26,7 +26,6 @@ static_resources: max_rx_datagram_size: 9000 clusters: - name: service_udp - connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: diff --git a/docs/root/configuration/listeners/udp_filters/dns_filter.rst b/docs/root/configuration/listeners/udp_filters/dns_filter.rst index d2243351f340..1c2cab456f23 100644 --- a/docs/root/configuration/listeners/udp_filters/dns_filter.rst +++ b/docs/root/configuration/listeners/udp_filters/dns_filter.rst @@ -39,22 +39,20 @@ Example Configuration stat_prefix: "dns_filter_prefix" client_config: resolution_timeout: 5s - upstream_resolvers: - - socket_address: - address: "8.8.8.8" - port_value: 53 - - socket_address: - address: "8.8.4.4" - port_value: 53 + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: false + no_default_search_domain: false + resolvers: + - socket_address: + address: "8.8.8.8" + port_value: 53 + - socket_address: + address: "8.8.4.4" + port_value: 53 max_pending_lookups: 256 server_config: inline_dns_table: - known_suffixes: - - suffix: "domain1.com" - - suffix: "domain2.com" - - suffix: "domain3.com" - - suffix: "domain4.com" - - suffix: "domain5.com" virtual_domains: - name: "www.domain1.com" endpoint: @@ -97,7 +95,7 @@ Example Configuration port: 5060 -In this example, Envoy is configured to respond to client queries for four domains. For any +In this example, Envoy is configured to respond to client queries for five domains. For any other query, it will forward upstream to external resolvers. The filter will return an address matching the input query type. If the query is for type A records and no A records are configured, Envoy will return no addresses and set the response code appropriately. Conversely, if there are @@ -147,10 +145,6 @@ DnsTable JSON Configuration .. code-block:: json { - "known_suffixes": [ - { "suffix": "suffix1.com" }, - { "suffix": "suffix2.com" } - ], "virtual_domains": [ { "name": "www.suffix1.com", diff --git a/docs/root/configuration/observability/access_log/usage.rst b/docs/root/configuration/observability/access_log/usage.rst index 4c4029c24529..deccf0abb0a9 100644 --- a/docs/root/configuration/observability/access_log/usage.rst +++ b/docs/root/configuration/observability/access_log/usage.rst @@ -304,6 +304,7 @@ The following command operators are supported: * **NR**: No :ref:`route configured ` for a given request in addition to 404 response code, or no matching filter chain for a downstream connection. * **URX**: The request was rejected because the :ref:`upstream retry limit (HTTP) ` or :ref:`maximum connect attempts (TCP) ` was reached. * **NC**: Upstream cluster not found. + * **DT**: When a request or connection exceeded :ref:`max_connection_duration ` or :ref:`max_downstream_connection_duration `. HTTP only * **DC**: Downstream connection termination. * **LH**: Local service failed :ref:`health check request ` in addition to 503 response code. @@ -322,6 +323,7 @@ The following command operators are supported: * **DPE**: The downstream request had an HTTP protocol error. * **UPE**: The upstream response had an HTTP protocol error. * **UMSDR**: The upstream request reached to max stream duration. + * **OM**: Overload Manager terminated the request. %ROUTE_NAME% Name of the route. @@ -416,6 +418,8 @@ The following command operators are supported: %DOWNSTREAM_LOCAL_PORT% Similar to **%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%**, but only extracts the port portion of the **%DOWNSTREAM_LOCAL_ADDRESS%** +.. _config_access_log_format_req: + %REQ(X?Y):Z% HTTP An HTTP request header where X is the main HTTP header, Y is the alternative one, and Z is an @@ -446,7 +450,7 @@ The following command operators are supported: where NAMESPACE is the filter namespace used when setting the metadata, KEY is an optional lookup up key in the namespace with the option of specifying nested keys separated by ':', and Z is an optional parameter denoting string truncation up to Z characters long. Dynamic Metadata - can be set by filters using the :repo:`StreamInfo ` API: + can be set by filters using the :repo:`StreamInfo ` API: *setDynamicMetadata*. The data will be logged as a JSON string. For example, for the following dynamic metadata: ``com.test.my_filter: {"test_key": "foo", "test_object": {"inner_key": "bar"}}`` diff --git a/docs/root/configuration/observability/observability.rst b/docs/root/configuration/observability/observability.rst index 1e314881d6ba..acc84d22936b 100644 --- a/docs/root/configuration/observability/observability.rst +++ b/docs/root/configuration/observability/observability.rst @@ -5,5 +5,6 @@ Observability :maxdepth: 2 statistics + stat_sinks/stat_sinks.rst application_logging access_log/access_log.rst diff --git a/docs/root/configuration/observability/stat_sinks/graphite_statsd_stat_sink.rst b/docs/root/configuration/observability/stat_sinks/graphite_statsd_stat_sink.rst new file mode 100644 index 000000000000..f38e01045834 --- /dev/null +++ b/docs/root/configuration/observability/stat_sinks/graphite_statsd_stat_sink.rst @@ -0,0 +1,7 @@ +.. _config_stat_sinks_graphite_statsd: + +Graphite+Statsd Stat Sink +========================= + +The :ref:`GraphiteStatsdSink ` configuration specifies a +stat sink that emits stats with Graphite-compatible tags. diff --git a/docs/root/configuration/observability/stat_sinks/stat_sinks.rst b/docs/root/configuration/observability/stat_sinks/stat_sinks.rst new file mode 100644 index 000000000000..d4343d9ea4af --- /dev/null +++ b/docs/root/configuration/observability/stat_sinks/stat_sinks.rst @@ -0,0 +1,8 @@ +Stat sinks +========== + +.. toctree:: + :maxdepth: 2 + + graphite_statsd_stat_sink + wasm_stat_sink diff --git a/docs/root/configuration/other_features/wasm_stat_sink.rst b/docs/root/configuration/observability/stat_sinks/wasm_stat_sink.rst similarity index 100% rename from docs/root/configuration/other_features/wasm_stat_sink.rst rename to docs/root/configuration/observability/stat_sinks/wasm_stat_sink.rst diff --git a/docs/root/configuration/other_features/other_features.rst b/docs/root/configuration/other_features/other_features.rst index 288a748250eb..c6ecf4629840 100644 --- a/docs/root/configuration/other_features/other_features.rst +++ b/docs/root/configuration/other_features/other_features.rst @@ -7,4 +7,3 @@ Other features rate_limit wasm wasm_service - wasm_stat_sink diff --git a/docs/root/configuration/other_features/wasm.rst b/docs/root/configuration/other_features/wasm.rst index bc3c74534a5e..f34146e68138 100644 --- a/docs/root/configuration/other_features/wasm.rst +++ b/docs/root/configuration/other_features/wasm.rst @@ -10,11 +10,12 @@ The following runtimes are supported by Envoy: :widths: 1, 2 envoy.wasm.runtime.v8, "`V8 `_-based runtime" + envoy.wasm.runtime.wamr, "`WAMR `_ runtime" envoy.wasm.runtime.wasmtime, "`Wasmtime `_ runtime" envoy.wasm.runtime.wavm, "`WAVM `_ runtime" envoy.wasm.runtime.null, "Compiled modules linked into Envoy" -Wasmtime and WAVM runtimes are not included in Envoy release image by default. +WAMR(WASM-Micro-Runtime), Wasmtime and WAVM runtimes are not included in Envoy release image by default. Wasm runtime emits the following statistics: diff --git a/docs/root/configuration/other_protocols/thrift_filters/router_filter.rst b/docs/root/configuration/other_protocols/thrift_filters/router_filter.rst index a6d5c50ad4d2..dae0be24d742 100644 --- a/docs/root/configuration/other_protocols/thrift_filters/router_filter.rst +++ b/docs/root/configuration/other_protocols/thrift_filters/router_filter.rst @@ -41,3 +41,10 @@ Since these stats utilize the underlying cluster scope, we prefix with the ``thr thrift.upstream_resp_exception, Counter, Total responses with the "Exception" message type. thrift.upstream_resp_invalid_type, Counter, Total responses with an unsupported message type. thrift.upstream_rq_time, Histogram, total rq time from rq complete to resp complete; includes oneway messages. + thrift.upstream_rq_size, Histogram, Request message size in bytes per upstream + thrift.upstream_resp_size, Histogram, Response message size in bytes per upstream + +.. note:: + + The request and response size histograms include what's sent and received during protocol upgrade. + However, invalid responses are not included in the response size histogram. diff --git a/examples/cors/backend/service-envoy.yaml b/docs/root/configuration/overview/_include/tagged.yaml similarity index 54% rename from examples/cors/backend/service-envoy.yaml rename to docs/root/configuration/overview/_include/tagged.yaml index c596eb508ff8..1146593ea9d3 100644 --- a/examples/cors/backend/service-envoy.yaml +++ b/docs/root/configuration/overview/_include/tagged.yaml @@ -1,46 +1,43 @@ +!ignore dynamic_sockets: +- &admin_address {address: 127.0.0.1, port_value: 9901} +- &listener_address {address: 127.0.0.1, port_value: 10000} +- &lb_address {address: 127.0.0.1, port_value: 1234} + +admin: + address: + socket_address: *admin_address + static_resources: listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 8000 + - name: listener_0 + address: + socket_address: *listener_address filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: AUTO stat_prefix: ingress_http + codec_type: AUTO route_config: name: local_route virtual_hosts: - - name: service - domains: - - "*" + - name: local_service + domains: ["*"] routes: - - match: - prefix: "/" - route: - cluster: local_service + - match: {prefix: "/"} + route: {cluster: some_service} http_filters: - name: envoy.filters.http.router - typed_config: {} clusters: - - name: local_service + - name: some_service connect_timeout: 0.25s - type: STRICT_DNS + type: STATIC lb_policy: ROUND_ROBIN load_assignment: - cluster_name: local_service + cluster_name: some_service endpoints: - lb_endpoints: - endpoint: address: - socket_address: - address: 127.0.0.1 - port_value: 8080 -admin: - address: - socket_address: - address: 0.0.0.0 - port_value: 8081 + socket_address: *lb_address diff --git a/docs/root/configuration/overview/examples.rst b/docs/root/configuration/overview/examples.rst index f6d14cf5df4b..da4c30bebd1d 100644 --- a/docs/root/configuration/overview/examples.rst +++ b/docs/root/configuration/overview/examples.rst @@ -302,3 +302,36 @@ The management server could respond to EDS requests with: socket_address: address: 127.0.0.2 port_value: 1234 + +Special YAML usage +~~~~~~~~~~~~~~~~~~ + +When loading YAML configuration, the Envoy loader will interpret map keys tagged with !ignore +specially, and omit them entirely from the native configuration tree. Ordinarily, the YAML stream +must adhere strictly to the proto schemas defined for Envoy configuration. This allows content to +be declared that is explicitly handled as a non-represented type. + +This lets you split your file into two parts: one in which we have YAML content not subject to +parsing according to the schema and another part that is parsed. YAML anchors in the first part +may be referenced by aliases in the second part. This mechanism can simplify setups that need to +re-use or dynamically generate configuration fragments. + +See the following example: + +.. literalinclude:: _include/tagged.yaml + :language: yaml + +.. warning:: + If you parse Envoy YAML configuration using external loaders, you may need to inform these + loaders about the !ignore tag. Compliant YAML loaders will typically expose an interface to + allow you to choose how to handle a custom tag. + +For example, this will instruct `PyYAML `_ to treat an ignored +node as a simple scalar when loading: + +.. code-block:: python3 + + yaml.SafeLoader.add_constructor('!ignore', yaml.loader.SafeConstructor.construct_scalar) + +Alternatively, :repo:`this is how ` +Envoy registers the !ignore tag in config validation. diff --git a/docs/root/configuration/overview/mgmt_server.rst b/docs/root/configuration/overview/mgmt_server.rst index 4d1d8406789e..33e10ee404b8 100644 --- a/docs/root/configuration/overview/mgmt_server.rst +++ b/docs/root/configuration/overview/mgmt_server.rst @@ -53,6 +53,7 @@ The following statistics are generated for all subscriptions. :widths: 1, 1, 2 config_reload, Counter, Total API fetches that resulted in a config reload due to a different config + config_reload_time_ms, Gauge, Timestamp of the last config reload as milliseconds since the epoch init_fetch_timeout, Counter, Total :ref:`initial fetch timeouts ` update_attempt, Counter, Total API fetches attempted update_success, Counter, Total API fetches completed successfully diff --git a/docs/root/configuration/upstream/cluster_manager/cds.rst b/docs/root/configuration/upstream/cluster_manager/cds.rst index 2449f4ae5234..af360c4ceba5 100644 --- a/docs/root/configuration/upstream/cluster_manager/cds.rst +++ b/docs/root/configuration/upstream/cluster_manager/cds.rst @@ -1,7 +1,7 @@ .. _config_cluster_manager_cds: -Cluster discovery service -========================= +Cluster discovery service (CDS) +=============================== The cluster discovery service (CDS) is an optional API that Envoy will call to dynamically fetch cluster manager members. Envoy will reconcile the API response and add, modify, or remove known diff --git a/docs/root/faq/configuration/timeouts.rst b/docs/root/faq/configuration/timeouts.rst index 43a228e0c27a..72c090aac266 100644 --- a/docs/root/faq/configuration/timeouts.rst +++ b/docs/root/faq/configuration/timeouts.rst @@ -100,6 +100,20 @@ stream timeouts already introduced above. :ref:`max_stream_duration ` for individual routes as well as setting both limits and a fixed time offset on grpc-timeout headers. +Scaled timeouts +^^^^^^^^^^^^^^^ + +In situations where envoy is under high load, Envoy can dynamically configure timeouts using scaled timeouts. +Envoy supports scaled timeouts through the :ref:`Overload Manager `, configured +in envoy :ref:`bootstrap configuration `. +Using a :ref:`reduce timeouts ` overload action, +the Overload Manager can be configured to monitor :ref:`resources ` +and scale timeouts accordingly. For example, a common use case may be to monitor the Envoy :ref:`heap size ` +and set the scaled TimerType to :ref:`HTTP_DOWNSTREAM_CONNECTION_IDLE `. +The overload manager will scale down the :ref:`idle timeout ` once the :ref:`scaling_threshold ` has been met +and will set the timeout to the :ref:`min timeout ` once the :ref:`scaling_threshold ` is met. +The full list of supported timers that can be scaled is available in the overload manager :ref:`docs `. + TCP --- diff --git a/docs/root/intro/_include/life-of-a-request.yaml b/docs/root/intro/_include/life-of-a-request.yaml index 6875f8861a65..f1517c3807cd 100644 --- a/docs/root/intro/_include/life-of-a-request.yaml +++ b/docs/root/intro/_include/life-of-a-request.yaml @@ -24,8 +24,8 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { filename: "certs/servercert.pem" } - private_key: { filename: "certs/serverkey.pem" } + - certificate_chain: {filename: "certs/servercert.pem"} + private_key: {filename: "certs/serverkey.pem"} filters: # The HTTP connection manager is the only network filter. - name: envoy.filters.network.http_connection_manager @@ -37,10 +37,10 @@ static_resources: max_concurrent_streams: 100 # File system based access logging. access_log: - - name: envoy.access_loggers.file - typed_config: - "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: "/var/log/envoy/access.log" + - name: envoy.access_loggers.file + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog + path: "/var/log/envoy/access.log" # The route table, mapping /foo to some_service. route_config: name: local_route @@ -54,11 +54,10 @@ static_resources: cluster: some_service # CustomFilter and the HTTP router filter are the HTTP filter chain. http_filters: - # - name: some.customer.filter - - name: envoy.filters.http.router + # - name: some.customer.filter + - name: envoy.filters.http.router clusters: - name: some_service - connect_timeout: 5s # Upstream TLS configuration. transport_socket: name: envoy.transport_sockets.tls @@ -86,11 +85,10 @@ static_resources: http2_protocol_options: max_concurrent_streams: 100 - name: some_statsd_sink - connect_timeout: 5s - # The rest of the configuration for statsd sink cluster. + # The rest of the configuration for statsd sink cluster. # statsd sink. stats_sinks: - - name: envoy.stat_sinks.statsd - typed_config: - "@type": type.googleapis.com/envoy.config.metrics.v3.StatsdSink - tcp_cluster_name: some_statsd_sink +- name: envoy.stat_sinks.statsd + typed_config: + "@type": type.googleapis.com/envoy.config.metrics.v3.StatsdSink + tcp_cluster_name: some_statsd_sink diff --git a/docs/root/intro/arch_overview/advanced/matching/_include/complicated.yaml b/docs/root/intro/arch_overview/advanced/matching/_include/complicated.yaml index 0c385de903e4..9efc4cbf217e 100644 --- a/docs/root/intro/arch_overview/advanced/matching/_include/complicated.yaml +++ b/docs/root/intro/arch_overview/advanced/matching/_include/complicated.yaml @@ -1,101 +1,100 @@ static_resources: listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 443 - listener_filters: - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - http_filters: - - name: with-matcher + - address: + socket_address: + address: 0.0.0.0 + port_value: 443 + listener_filters: + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_filters: + - name: with-matcher + typed_config: + "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher + extension_config: + name: envoy.filters.http.fault + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault + abort: + http_status: 503 + percentage: + numerator: 0 + denominator: HUNDRED + delay: + fixed_delay: 3s + percentage: + numerator: 0 + denominator: HUNDRED + matcher: + # The top level matcher is a matcher tree which conceptually selects one of several subtrees. + matcher_tree: + input: + name: request-headers typed_config: - "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher - extension_config: - name: envoy.filters.http.fault - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault - abort: - http_status: 503 - percentage: - numerator: 0 - denominator: HUNDRED - delay: - fixed_delay: 3s - percentage: - numerator: 0 - denominator: HUNDRED - matcher: - # The top level matcher is a matcher tree which conceptually selects one of several subtrees. - matcher_tree: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput - header_name: some-header - exact_match_map: - # Note this additional indirection; this is a workaround for Protobuf oneof limitations. - map: - some_value_to_match_on: # This is the header value we're trying to match against. - # The OnMatch resulting on matching with this branch of the exact matcher is another matcher, allowing for recursive matching. - matcher: - # The inner matcher is a matcher list, which attempts to match a list of predicates. - matcher_list: - matchers: - - predicate: - or_matcher: - predicate: - - single_predicate: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput - header_name: second-header - value_match: - exact: foo - - single_predicate: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput - header_name: second-header - value_match: - exact: bar - on_match: - action: - name: skip - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter - - name: envoy.filters.http.router - route_config: - virtual_hosts: - - name: default - domains: ["*"] - routes: - - match: { prefix: "/" } - route: - cluster: service_foo + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput + header_name: some-header + exact_match_map: + # Note this additional indirection; this is a workaround for Protobuf oneof limitations. + map: + some_value_to_match_on: # This is the header value we're trying to match against. + # The OnMatch resulting on matching with this branch of the exact matcher is another matcher, allowing for recursive matching. + matcher: + # The inner matcher is a matcher list, which attempts to match a list of predicates. + matcher_list: + matchers: + - predicate: + or_matcher: + predicate: + - single_predicate: + input: + name: request-headers + typed_config: + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput + header_name: second-header + value_match: + exact: foo + - single_predicate: + input: + name: request-headers + typed_config: + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput + header_name: second-header + value_match: + exact: bar + on_match: + action: + name: skip + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter + - name: envoy.filters.http.router + route_config: + virtual_hosts: + - name: default + domains: ["*"] + routes: + - match: {prefix: "/"} + route: + cluster: service_foo clusters: - - name: service_foo - connect_timeout: 15s - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 + - name: service_foo + load_assignment: + cluster_name: some_service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 layered_runtime: layers: - - name: static-layer - static_layer: - envoy: - reloadable_features: - experimental_matching_api: true + - name: static-layer + static_layer: + envoy: + reloadable_features: + experimental_matching_api: true diff --git a/docs/root/intro/arch_overview/advanced/matching/_include/request_response.yaml b/docs/root/intro/arch_overview/advanced/matching/_include/request_response.yaml index 78ae0b18b1b7..bf4721e48e24 100644 --- a/docs/root/intro/arch_overview/advanced/matching/_include/request_response.yaml +++ b/docs/root/intro/arch_overview/advanced/matching/_include/request_response.yaml @@ -1,87 +1,86 @@ static_resources: listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 443 - listener_filters: - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - http_filters: - - name: with-matcher - typed_config: - "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher - extension_config: - name: envoy.filters.http.fault + - address: + socket_address: + address: 0.0.0.0 + port_value: 443 + listener_filters: + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_filters: + - name: with-matcher + typed_config: + "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher + extension_config: + name: envoy.filters.http.fault + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault + abort: + http_status: 503 + percentage: + numerator: 0 + denominator: HUNDRED + delay: + fixed_delay: 3s + percentage: + numerator: 0 + denominator: HUNDRED + matcher: + matcher_list: + matchers: + - predicate: + or_matcher: + predicate: + - single_predicate: + input: + name: request-headers + typed_config: + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput + header_name: request-header + value_match: + exact: foo + - single_predicate: + input: + name: request-headers + typed_config: + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseHeaderMatchInput + header_name: response-header + value_match: + exact: bar + on_match: + action: + name: skip typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault - abort: - http_status: 503 - percentage: - numerator: 0 - denominator: HUNDRED - delay: - fixed_delay: 3s - percentage: - numerator: 0 - denominator: HUNDRED - matcher: - matcher_list: - matchers: - - predicate: - or_matcher: - predicate: - - single_predicate: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput - header_name: request-header - value_match: - exact: foo - - single_predicate: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseHeaderMatchInput - header_name: response-header - value_match: - exact: bar - on_match: - action: - name: skip - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter - - name: envoy.filters.http.router - route_config: - virtual_hosts: - - name: default - domains: ["*"] - routes: - - match: { prefix: "/" } - route: - cluster: service_foo + "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter + - name: envoy.filters.http.router + route_config: + virtual_hosts: + - name: default + domains: ["*"] + routes: + - match: {prefix: "/"} + route: + cluster: service_foo clusters: - - name: service_foo - connect_timeout: 15s - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 + - name: service_foo + load_assignment: + cluster_name: some_service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 layered_runtime: layers: - - name: static-layer - static_layer: - envoy: - reloadable_features: - experimental_matching_api: true + - name: static-layer + static_layer: + envoy: + reloadable_features: + experimental_matching_api: true diff --git a/docs/root/intro/arch_overview/advanced/matching/_include/simple.yaml b/docs/root/intro/arch_overview/advanced/matching/_include/simple.yaml index 9e00c6dba57d..836deb819182 100644 --- a/docs/root/intro/arch_overview/advanced/matching/_include/simple.yaml +++ b/docs/root/intro/arch_overview/advanced/matching/_include/simple.yaml @@ -1,75 +1,74 @@ static_resources: listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 443 - listener_filters: - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - http_filters: - - name: with-matcher + - address: + socket_address: + address: 0.0.0.0 + port_value: 443 + listener_filters: + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_filters: + - name: with-matcher + typed_config: + "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher + extension_config: + name: envoy.filters.http.fault + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault + abort: + http_status: 503 + percentage: + numerator: 0 + denominator: HUNDRED + delay: + fixed_delay: 3s + percentage: + numerator: 0 + denominator: HUNDRED + matcher: + matcher_tree: + input: + name: request-headers typed_config: - "@type": type.googleapis.com/envoy.extensions.common.matching.v3.ExtensionWithMatcher - extension_config: - name: envoy.filters.http.fault - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault - abort: - http_status: 503 - percentage: - numerator: 0 - denominator: HUNDRED - delay: - fixed_delay: 3s - percentage: - numerator: 0 - denominator: HUNDRED - matcher: - matcher_tree: - input: - name: request-headers - typed_config: - "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput - header_name: some-header - exact_match_map: - # Note this additional indirection; this is a workaround for Protobuf oneof limitations. - map: - some_value_to_match_on: # This is the header value we're trying to match against. - action: - name: skip - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter - - name: envoy.filters.http.router - route_config: - virtual_hosts: - - name: default - domains: ["*"] - routes: - - match: { prefix: "/" } - route: - cluster: service_foo + "@type": type.googleapis.com/envoy.type.matcher.v3.HttpRequestHeaderMatchInput + header_name: some-header + exact_match_map: + # Note this additional indirection; this is a workaround for Protobuf oneof limitations. + map: + some_value_to_match_on: # This is the header value we're trying to match against. + action: + name: skip + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.common.matcher.action.v3.SkipFilter + - name: envoy.filters.http.router + route_config: + virtual_hosts: + - name: default + domains: ["*"] + routes: + - match: {prefix: "/"} + route: + cluster: service_foo clusters: - - name: service_foo - connect_timeout: 15s - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 + - name: service_foo + load_assignment: + cluster_name: some_service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 layered_runtime: layers: - - name: static-layer - static_layer: - envoy: - reloadable_features: - experimental_matching_api: true + - name: static-layer + static_layer: + envoy: + reloadable_features: + experimental_matching_api: true diff --git a/docs/root/intro/arch_overview/listeners/connection_limiting.rst b/docs/root/intro/arch_overview/listeners/connection_limiting.rst new file mode 100644 index 000000000000..fa33bea681b9 --- /dev/null +++ b/docs/root/intro/arch_overview/listeners/connection_limiting.rst @@ -0,0 +1,8 @@ +.. _arch_overview_connection_limit: + +Connection limiting +=================== + +Envoy supports local (non-distributed) connection limiting of L4 connections via the +:ref:`Connection limit filter ` and runtime +connection limiting via the :ref:`Runtime listener connection limit `. diff --git a/docs/root/intro/arch_overview/listeners/listeners_toc.rst b/docs/root/intro/arch_overview/listeners/listeners_toc.rst index 121304996fa0..669bfa5188f1 100644 --- a/docs/root/intro/arch_overview/listeners/listeners_toc.rst +++ b/docs/root/intro/arch_overview/listeners/listeners_toc.rst @@ -11,3 +11,4 @@ Listeners tcp_proxy udp_proxy dns_filter + connection_limiting diff --git a/docs/root/intro/arch_overview/other_features/bandwidth_limiting.rst b/docs/root/intro/arch_overview/other_features/bandwidth_limiting.rst new file mode 100644 index 000000000000..146ce50cc863 --- /dev/null +++ b/docs/root/intro/arch_overview/other_features/bandwidth_limiting.rst @@ -0,0 +1,9 @@ +.. _arch_overview_bandwidth_limit: + +Bandwidth limiting +=================== + +Envoy supports local (non-distributed) bandwidth limiting of HTTP requests and response via the +:ref:`HTTP bandwidth limit filter `. This can be activated +globally at the listener level or at a more specific level (e.g.: the virtual host or route level). + diff --git a/docs/root/intro/arch_overview/other_features/ip_transparency.rst b/docs/root/intro/arch_overview/other_features/ip_transparency.rst index 92b519421c3f..76ed11b5f592 100644 --- a/docs/root/intro/arch_overview/other_features/ip_transparency.rst +++ b/docs/root/intro/arch_overview/other_features/ip_transparency.rst @@ -55,6 +55,11 @@ the downstream remote address for propagation into an conjunction with the :ref:`Original Src Listener Filter `. Finally, Envoy supports generating this header using the :ref:`Proxy Protocol Transport Socket `. + +IMPORTANT: There is currently a memory `issue `_ in Envoy where upstream connection pools are +not cleaned up after they are created. This heavily affects the usage of this transport socket as new pools are created for every downstream client +IP and port pair. Removing a cluster will clean up its associated connection pools, which could be used to mitigate this issue in the current state. + Here is an example config for setting up the socket: .. code-block:: yaml @@ -74,7 +79,15 @@ Here is an example config for setting up the socket: name: envoy.transport_sockets.raw_buffer ... -Note: If you are wrapping a TLS socket, the header will be sent before the TLS handshake occurs. +There are several things to consider if you plan to use this socket in conjunction with the +:ref:`HTTP connection manager `. There will be a performance hit as there will be no upstream connection +re-use among downstream clients. Every client that connects to Envoy will get a new connection to the upstream server. +This is due to the nature of proxy protocol being a connection based protocol. Downstream client info is only forwarded to the +upstream at the start of a connection before any other data has been sent (Note: this includes before a TLS handshake occurs). +If possible, using the :ref:`x-forwarded-for ` header should be preferred as Envoy +will be able to re-use upstream connections with this method. Due to the disconnect between Envoy's handling of downstream and upstream +connections, it is a good idea to enforce short :ref:`idle timeouts ` on upstream connections as +Envoy will not inherently close a corresponding upstream connection when a downstream connection is closed. Some drawbacks to Proxy Protocol: @@ -124,3 +137,7 @@ Some drawbacks to the Original Source filter: :ref:`x-forwarded-for ` header. * Its configuration is relatively complex. * It may introduce a slight performance hit due to restrictions on connection pooling. + +.. note:: + + This feature is not supported on Windows. diff --git a/docs/root/intro/arch_overview/other_features/other_features.rst b/docs/root/intro/arch_overview/other_features/other_features.rst index 2e2a2c054b74..be43344957d6 100644 --- a/docs/root/intro/arch_overview/other_features/other_features.rst +++ b/docs/root/intro/arch_overview/other_features/other_features.rst @@ -6,6 +6,7 @@ Other features local_rate_limiting global_rate_limiting + bandwidth_limiting scripting ip_transparency compression/libraries diff --git a/docs/root/intro/arch_overview/other_protocols/redis.rst b/docs/root/intro/arch_overview/other_protocols/redis.rst index d8da73a0f2b9..cfe2a45b77b4 100644 --- a/docs/root/intro/arch_overview/other_protocols/redis.rst +++ b/docs/root/intro/arch_overview/other_protocols/redis.rst @@ -8,8 +8,8 @@ In this mode, the goals of Envoy are to maintain availability and partition tole over consistency. This is the key point when comparing Envoy to `Redis Cluster `_. Envoy is designed as a best-effort cache, meaning that it will not try to reconcile inconsistent data or keep a globally consistent -view of cluster membership. It also supports routing commands from different workload to -different to different upstream clusters based on their access patterns, eviction, or isolation +view of cluster membership. It also supports routing commands from different workloads to +different upstream clusters based on their access patterns, eviction, or isolation requirements. The Redis project offers a thorough reference on partitioning as it relates to Redis. See diff --git a/docs/root/intro/arch_overview/security/_include/ssl.yaml b/docs/root/intro/arch_overview/security/_include/ssl.yaml index 9c6f6224bf28..205142dcbb01 100644 --- a/docs/root/intro/arch_overview/security/_include/ssl.yaml +++ b/docs/root/intro/arch_overview/security/_include/ssl.yaml @@ -1,7 +1,7 @@ static_resources: listeners: - name: listener_0 - address: { socket_address: { address: 127.0.0.1, port_value: 10000 } } + address: {socket_address: {address: 127.0.0.1, port_value: 10000}} filter_chains: - filters: - name: envoy.filters.network.http_connection_manager @@ -13,7 +13,7 @@ static_resources: - name: default domains: ["*"] routes: - - match: { prefix: "/" } + - match: {prefix: "/"} route: cluster: some_service transport_socket: @@ -22,14 +22,13 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { filename: "certs/servercert.pem" } - private_key: { filename: "certs/serverkey.pem" } + - certificate_chain: {filename: "certs/servercert.pem"} + private_key: {filename: "certs/serverkey.pem"} validation_context: trusted_ca: filename: certs/cacert.pem clusters: - name: some_service - connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: @@ -47,9 +46,9 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { "filename": "certs/servercert.pem" } - private_key: { "filename": "certs/serverkey.pem" } - ocsp_staple: { "filename": "certs/server_ocsp_resp.der" } + - certificate_chain: {"filename": "certs/servercert.pem"} + private_key: {"filename": "certs/serverkey.pem"} + ocsp_staple: {"filename": "certs/server_ocsp_resp.der"} validation_context: match_subject_alt_names: - exact: "foo" diff --git a/docs/root/intro/life_of_a_request.rst b/docs/root/intro/life_of_a_request.rst index fbd7cccdf21f..0d0fba49628a 100644 --- a/docs/root/intro/life_of_a_request.rst +++ b/docs/root/intro/life_of_a_request.rst @@ -254,7 +254,7 @@ chain. :width: 80% :align: center -The TLS inspector filter implements the :repo:`ListenerFilter ` +The TLS inspector filter implements the :repo:`ListenerFilter ` interface. All filter interfaces, whether listener or network/HTTP, require that filters implement callbacks for specific connection or stream events. In the case of ``ListenerFilter``, this is: @@ -281,7 +281,7 @@ connection. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Envoy offers pluggable transport sockets via the -:repo:`TransportSocket ` +:repo:`TransportSocket ` extension interface. Transport sockets follow the lifecycle events of a TCP connection and read/write into network buffers. Some key methods that transport sockets must implement are: @@ -323,11 +323,11 @@ lifecycle events and are invoked as data becomes available from the transport so Network filters are composed as a pipeline, unlike transport sockets which are one-per-connection. Network filters come in three varieties: -* :repo:`ReadFilter ` implementing ``onData()``, called when data is +* :repo:`ReadFilter ` implementing ``onData()``, called when data is available from the connection (due to some request). -* :repo:`WriteFilter ` implementing ``onWrite()``, called when data +* :repo:`WriteFilter ` implementing ``onWrite()``, called when data is about to be written to the connection (due to some response). -* :repo:`Filter ` implementing both *ReadFilter* and *WriteFilter*. +* :repo:`Filter ` implementing both *ReadFilter* and *WriteFilter*. The method signatures for the key filter methods are: @@ -388,9 +388,9 @@ following the pattern established above for listener and network filter chains. There are three kinds of HTTP filter interfaces: -* :repo:`StreamDecoderFilter ` with callbacks for request processing. -* :repo:`StreamEncoderFilter ` with callbacks for response processing. -* :repo:`StreamFilter ` implementing both ``StreamDecoderFilter`` and +* :repo:`StreamDecoderFilter ` with callbacks for request processing. +* :repo:`StreamEncoderFilter ` with callbacks for response processing. +* :repo:`StreamFilter ` implementing both ``StreamDecoderFilter`` and ``StreamEncoderFilter``. Looking at the decoder filter interface: diff --git a/docs/root/start/install.rst b/docs/root/start/install.rst index 599883fe54ab..752075ad4f81 100644 --- a/docs/root/start/install.rst +++ b/docs/root/start/install.rst @@ -5,9 +5,6 @@ Installing Envoy The Envoy project :ref:`provides a number of pre-built Docker images ` for both ``amd64`` and ``arm64`` architectures. -The `Get Envoy `__ project also maintains a number of binaries -and repositories to accommodate many popular distributions. - If you are :ref:`installing on Mac OSX `, you can install natively with ``brew``. Once you have installed Envoy, check out the :ref:`quick start ` guide for more information on @@ -17,96 +14,54 @@ Install Envoy on Debian GNU/Linux ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ You can `install Envoy on Debian `_ -using `Get Envoy `__. +using `Get Envoy `__ until `official packages exist `_. .. code-block:: console $ sudo apt update $ sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common - $ curl -sL 'https://getenvoy.io/gpg' | sudo apt-key add - - $ # verify the key - $ apt-key fingerprint 6FF974DB | grep "5270 CEAC" - $ sudo add-apt-repository "deb [arch=amd64] https://dl.bintray.com/tetrate/getenvoy-deb $(lsb_release -cs) stable" + $ curl -sL 'https://getenvoy.io/gpg' | sudo gpg --dearmor -o /usr/share/keyrings/getenvoy-keyring.gpg + # Verify the keyring - this should yield "OK" + $ echo 1a2f6152efc6cc39e384fb869cdf3cc3e4e1ac68f4ad8f8f114a7c58bb0bea01 /usr/share/keyrings/getenvoy-keyring.gpg | sha256sum --check + $ echo "deb [arch=amd64 signed-by=/usr/share/keyrings/getenvoy-keyring.gpg] https://dl.bintray.com/tetrate/getenvoy-deb $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/getenvoy.list $ sudo apt update $ sudo apt install getenvoy-envoy -.. tip:: - - To add the nightly repository instead, replace the word ``stable`` with ``nightly``, - when adding the ``apt`` repository. - Install Envoy on Ubuntu Linux ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ You can `install Envoy on Ubuntu `_ -using `Get Envoy `__. +using `Get Envoy `__ until `official packages exist `_. .. code-block:: console $ sudo apt update $ sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common - $ curl -sL 'https://getenvoy.io/gpg' | sudo apt-key add - - $ # verify the key - $ apt-key fingerprint 6FF974DB | grep "5270 CEAC" - $ sudo add-apt-repository "deb [arch=amd64] https://dl.bintray.com/tetrate/getenvoy-deb $(lsb_release -cs) stable" + $ curl -sL 'https://getenvoy.io/gpg' | sudo gpg --dearmor -o /usr/share/keyrings/getenvoy-keyring.gpg + # Verify the keyring - this should yield "OK" + $ echo 1a2f6152efc6cc39e384fb869cdf3cc3e4e1ac68f4ad8f8f114a7c58bb0bea01 /usr/share/keyrings/getenvoy-keyring.gpg | sha256sum --check + $ echo "deb [arch=amd64 signed-by=/usr/share/keyrings/getenvoy-keyring.gpg] https://dl.bintray.com/tetrate/getenvoy-deb $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/getenvoy.list $ sudo apt update $ sudo apt install -y getenvoy-envoy -.. tip:: - - To add the nightly repository instead, replace the word ``stable`` with ``nightly``, - when adding the ``apt`` repository. +Install Envoy on RPM-based distros +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Install Envoy on CentOS Linux -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -You can `install Envoy on CentOS `_ -using `Get Envoy `__. +You can `install Envoy on Centos/Redhat Enterprise Linux (RHEL) `_ +using `Get Envoy `__ until `official packages exist `_. .. code-block:: console $ sudo yum install yum-utils - $ sudo yum-config-manager --add-repo https://getenvoy.io/linux/centos/tetrate-getenvoy.repo + $ sudo yum-config-manager --add-repo https://getenvoy.io/linux/rpm/tetrate-getenvoy.repo $ sudo yum install getenvoy-envoy -.. tip:: - - You can enable/disable ``nightly`` using ``yum-config-manager``: - - .. code-block:: console - - $ sudo yum-config-manager --enable tetrate-getenvoy-nightly - $ sudo yum-config-manager --disable tetrate-getenvoy-nightly - -Install Envoy on Redhat Enterprise Linux (RHEL) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -You can -`install Envoy on Redhat Enterprise Linux (RHEL) `_ -using `Get Envoy `__. - -.. code-block:: console - - $ sudo yum install yum-utils - $ sudo yum-config-manager --add-repo https://getenvoy.io/linux/rhel/tetrate-getenvoy.repo - $ sudo yum install getenvoy-envoy - -.. tip:: - - You can enable/disable ``nightly`` using ``yum-config-manager``: - - .. code-block:: console - - $ sudo yum-config-manager --enable tetrate-getenvoy-nightly - $ sudo yum-config-manager --disable tetrate-getenvoy-nightly - .. _start_install_macosx: Install Envoy on Mac OSX ~~~~~~~~~~~~~~~~~~~~~~~~ -You can install Envoy on Mac OSX using the official brew repositories, or from -`Get Envoy `__. +You can install Envoy on Mac OSX using the official brew repositories. .. tabs:: @@ -115,19 +70,6 @@ You can install Envoy on Mac OSX using the official brew repositories, or from $ brew update $ brew install envoy - .. tab:: Get Envoy - - .. code-block:: console - - $ brew tap tetratelabs/getenvoy - $ brew install envoy - - .. tip:: - - You can install the ``nightly`` version from - `Get Envoy `__ by adding the ``--HEAD`` flag to - the install command. - .. _start_install_windows: Install Envoy on Windows @@ -145,8 +87,7 @@ You can run Envoy using the official Windows Docker image. Install Envoy using Docker ~~~~~~~~~~~~~~~~~~~~~~~~~~ -You can run Envoy using the official Docker images, or by -using images provided by `Get Envoy `__. +You can run Envoy using the official Docker images. The following commands will pull and show the Envoy version of current images. @@ -166,18 +107,6 @@ The following commands will pull and show the Envoy version of current images. $ docker pull envoyproxy/|envoy_distroless_docker_image| $ docker run --rm envoyproxy/|envoy_distroless_docker_image| --version - .. tab:: Get Envoy - - .. code-block:: console - - $ docker pull getenvoy/envoy:stable - $ docker run --rm getenvoy/envoy:stable --version - - .. tip:: - - To use the ``nightly`` version from `Get Envoy `__ - replace the word ``stable`` with ``nightly`` in the above commands. - .. _install_binaries: Pre-built Envoy Docker images diff --git a/docs/root/start/quick-start/_include/envoy-demo-tls-client-auth.yaml b/docs/root/start/quick-start/_include/envoy-demo-tls-client-auth.yaml index d921322280c0..84367c637f68 100644 --- a/docs/root/start/quick-start/_include/envoy-demo-tls-client-auth.yaml +++ b/docs/root/start/quick-start/_include/envoy-demo-tls-client-auth.yaml @@ -44,7 +44,6 @@ static_resources: clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/docs/root/start/quick-start/_include/envoy-demo-tls-sni.yaml b/docs/root/start/quick-start/_include/envoy-demo-tls-sni.yaml index ae2936cabcff..40f8533e1ce2 100644 --- a/docs/root/start/quick-start/_include/envoy-demo-tls-sni.yaml +++ b/docs/root/start/quick-start/_include/envoy-demo-tls-sni.yaml @@ -41,7 +41,6 @@ static_resources: clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/docs/root/start/quick-start/_include/envoy-demo-tls-validation.yaml b/docs/root/start/quick-start/_include/envoy-demo-tls-validation.yaml index 4260b1fca986..b9ad6cc0635e 100644 --- a/docs/root/start/quick-start/_include/envoy-demo-tls-validation.yaml +++ b/docs/root/start/quick-start/_include/envoy-demo-tls-validation.yaml @@ -28,7 +28,6 @@ static_resources: clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/docs/root/start/quick-start/_include/envoy-demo-tls.yaml b/docs/root/start/quick-start/_include/envoy-demo-tls.yaml index 6e0830d873c0..960b9e9bca12 100644 --- a/docs/root/start/quick-start/_include/envoy-demo-tls.yaml +++ b/docs/root/start/quick-start/_include/envoy-demo-tls.yaml @@ -38,7 +38,6 @@ static_resources: clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/docs/root/start/quick-start/_include/envoy-demo.yaml b/docs/root/start/quick-start/_include/envoy-demo.yaml index 3d3b025a8b5e..eaf9469b5aa7 100644 --- a/docs/root/start/quick-start/_include/envoy-demo.yaml +++ b/docs/root/start/quick-start/_include/envoy-demo.yaml @@ -32,7 +32,6 @@ static_resources: clusters: - name: service_envoyproxy_io - connect_timeout: 30s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY diff --git a/docs/root/start/quick-start/_include/envoy-dynamic-cds-demo.yaml b/docs/root/start/quick-start/_include/envoy-dynamic-cds-demo.yaml index 65e41b87b30a..fc564cbc9ad0 100644 --- a/docs/root/start/quick-start/_include/envoy-dynamic-cds-demo.yaml +++ b/docs/root/start/quick-start/_include/envoy-dynamic-cds-demo.yaml @@ -1,7 +1,6 @@ resources: - "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster name: example_proxy_cluster - connect_timeout: 1s type: STRICT_DNS typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: diff --git a/docs/root/start/quick-start/_include/envoy-dynamic-control-plane-demo.yaml b/docs/root/start/quick-start/_include/envoy-dynamic-control-plane-demo.yaml index e80f175d94f5..e0b300e98bce 100644 --- a/docs/root/start/quick-start/_include/envoy-dynamic-control-plane-demo.yaml +++ b/docs/root/start/quick-start/_include/envoy-dynamic-control-plane-demo.yaml @@ -18,8 +18,7 @@ dynamic_resources: static_resources: clusters: - - connect_timeout: 1s - type: STRICT_DNS + - type: STRICT_DNS typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions diff --git a/docs/root/start/quick-start/configuration-dynamic-control-plane.rst b/docs/root/start/quick-start/configuration-dynamic-control-plane.rst index 1ccdcfc56a74..eb2bbe395b80 100644 --- a/docs/root/start/quick-start/configuration-dynamic-control-plane.rst +++ b/docs/root/start/quick-start/configuration-dynamic-control-plane.rst @@ -69,6 +69,6 @@ The ``xds_cluster`` is configured to query a control plane at http://my-control- .. literalinclude:: _include/envoy-dynamic-control-plane-demo.yaml :language: yaml :linenos: - :lines: 17-39 + :lines: 17-38 :lineno-start: 17 - :emphasize-lines: 3-21 + :emphasize-lines: 3-20 diff --git a/docs/root/start/quick-start/configuration-dynamic-filesystem.rst b/docs/root/start/quick-start/configuration-dynamic-filesystem.rst index a251aa388605..3fd80238a8d3 100644 --- a/docs/root/start/quick-start/configuration-dynamic-filesystem.rst +++ b/docs/root/start/quick-start/configuration-dynamic-filesystem.rst @@ -89,4 +89,4 @@ proxies over ``TLS`` to https://www.envoyproxy.io. .. literalinclude:: _include/envoy-dynamic-cds-demo.yaml :language: yaml :linenos: - :emphasize-lines: 12, 18-19, 23-24 + :emphasize-lines: 11, 17-18, 22-23 diff --git a/docs/root/start/quick-start/configuration-static.rst b/docs/root/start/quick-start/configuration-static.rst index c269e7fd293e..1e6042483f0f 100644 --- a/docs/root/start/quick-start/configuration-static.rst +++ b/docs/root/start/quick-start/configuration-static.rst @@ -55,5 +55,5 @@ proxies over ``TLS`` to https://www.envoyproxy.io. .. literalinclude:: _include/envoy-demo.yaml :language: yaml :lineno-start: 29 - :lines: 29-52 - :emphasize-lines: 5-24 + :lines: 29-51 + :emphasize-lines: 5-23 diff --git a/docs/root/start/quick-start/securing.rst b/docs/root/start/quick-start/securing.rst index e4e74e17f54d..cf9f0b558c3c 100644 --- a/docs/root/start/quick-start/securing.rst +++ b/docs/root/start/quick-start/securing.rst @@ -59,8 +59,8 @@ to the :ref:`transport_socket ` of a :language: yaml :linenos: :lineno-start: 39 - :lines: 39-57 - :emphasize-lines: 16-19 + :lines: 39-56 + :emphasize-lines: 15-18 :caption: :download:`envoy-demo-tls.yaml <_include/envoy-demo-tls.yaml>` .. _start_quick_start_securing_validation: @@ -79,8 +79,8 @@ Firstly, you can ensure that the certificates are from a mutually trusted certif .. literalinclude:: _include/envoy-demo-tls-validation.yaml :language: yaml :linenos: - :lineno-start: 43 - :lines: 43-53 + :lineno-start: 42 + :lines: 42-52 :emphasize-lines: 6-9 :caption: :download:`envoy-demo-tls-validation.yaml <_include/envoy-demo-tls-validation.yaml>` @@ -92,8 +92,8 @@ certificate is valid for. .. literalinclude:: _include/envoy-demo-tls-validation.yaml :language: yaml :linenos: - :lineno-start: 43 - :lines: 43-53 + :lineno-start: 42 + :lines: 42-52 :emphasize-lines: 6-7, 10-11 :caption: :download:`envoy-demo-tls-validation.yaml <_include/envoy-demo-tls-validation.yaml>` @@ -154,9 +154,9 @@ When connecting to an upstream with client certificates you can set them as foll .. literalinclude:: _include/envoy-demo-tls-client-auth.yaml :language: yaml :linenos: - :lineno-start: 45 - :lines: 45-69 - :emphasize-lines: 21-25 + :lineno-start: 44 + :lines: 44-68 + :emphasize-lines: 20-25 :caption: :download:`envoy-demo-tls-client-auth.yaml <_include/envoy-demo-tls-client-auth.yaml>` .. _start_quick_start_securing_sni: @@ -195,8 +195,8 @@ This will usually be the DNS name of the service you are connecting to. .. literalinclude:: _include/envoy-demo-tls-sni.yaml :language: yaml :linenos: - :lineno-start: 56 - :lines: 56-61 + :lineno-start: 55 + :lines: 55-60 :emphasize-lines: 6 :caption: :download:`envoy-demo-tls-sni.yaml <_include/envoy-demo-tls-sni.yaml>` diff --git a/docs/root/start/sandboxes/brotli.rst b/docs/root/start/sandboxes/brotli.rst new file mode 100644 index 000000000000..b3ca2241d529 --- /dev/null +++ b/docs/root/start/sandboxes/brotli.rst @@ -0,0 +1,95 @@ +.. _install_sandboxes_brotli: + +Brotli +====== + +.. sidebar:: Requirements + + .. include:: _include/docker-env-setup-link.rst + + :ref:`curl ` + Used to make ``HTTP`` requests. + +By enabling compression in Envoy you can save some network bandwidth, at the expense of increased processor usage. + +Envoy supports compression and decompression for both requests and responses. + +This sandbox provides an example of response compression served over ``HTTPS``. + +The sandbox covers two scenarios: + +- compression of files from an upstream server +- compression of Envoy's own statistics + +Step 1: Start all of our containers +*********************************** + +Change to the ``examples/brotli`` directory and bring up the docker composition. + +.. code-block:: console + + $ pwd + envoy/examples/brotli + $ docker-compose build --pull + $ docker-compose up -d + $ docker-compose ps + Name Command State Ports + -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + brotli_envoy-stats_1 /docker-entrypoint.sh /usr ... Up 0.0.0.0:10000->10000/tcp,:::10000->10000/tcp, 0.0.0.0:9901->9901/tcp,:::9901->9901/tcp, 0.0.0.0:9902->9902/tcp,:::9902->9902/tcp + brotli_service_1 python3 /code/service.py Up + +Step 2: Test Envoy’s compression of upstream files +************************************************** + +The sandbox is configured with two endpoints on port ``10000`` for serving upstream files: + +- ``/file.txt`` +- ``/file.json`` + +Only ``/file.json`` is configured to be compressed. + +Use ``curl`` to check that the response from requesting ``file.json`` contains the ``content-encoding: br`` header. + +You will need to add an ``accept-encoding: br`` request header. + +.. code-block:: console + + $ curl -ski -H "Accept-Encoding: br" https://localhost:10000/file.json | grep "content-encoding" + content-encoding: br + +As only files with a content-type of ``application/json`` are configured to be compressed, the response from requesting ``file.txt`` should not contain the ``content-encoding: br`` header, and the file will not be compressed: + +.. code-block:: console + + $ curl -ski -H "Accept-Encoding: br" https://localhost:10000/file.txt | grep "content-encoding" + +Step 3: Test compression of Envoy’s statistics +********************************************** + +The sandbox is configured with two ports serving Envoy’s admin and statistics interface: + +- ``9901`` exposes the standard admin interface without tls +- ``9902`` exposes a compressed version of the admin interface with tls + +Use ``curl`` to make a request for uncompressed statistics on port ``9901``, it should not contain the ``content-encoding`` header in the response: + +.. code-block:: console + + $ curl -ski -H "Accept-Encoding: br" http://localhost:9901/stats/prometheus | grep "content-encoding" + +Now, use ``curl`` to make a request for the compressed statistics: + +.. code-block:: console + + $ curl -ski -H "Accept-Encoding: br" https://localhost:9902/stats/prometheus | grep "content-encoding" + content-encoding: br + +.. seealso:: + :ref:`Brotli API ` + API and configuration reference for Envoy's brotli compression. + + :ref:`Compression configuration ` + Reference documentation for Envoy's compressor filter. + + :ref:`Envoy admin quick start guide ` + Quick start guide to the Envoy admin interface. diff --git a/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst b/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst index f3ab8d01051f..eb52a8f9cf2d 100644 --- a/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst +++ b/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst @@ -90,7 +90,7 @@ from ``service1`` to ``service2``: .. literalinclude:: _include/dynamic-config-fs/configs/cds.yaml :language: yaml :linenos: - :lines: 6-14 + :lines: 6-13 :lineno-start: 6 :emphasize-lines: 8 diff --git a/docs/root/start/sandboxes/gzip.rst b/docs/root/start/sandboxes/gzip.rst new file mode 100644 index 000000000000..205403dad3b2 --- /dev/null +++ b/docs/root/start/sandboxes/gzip.rst @@ -0,0 +1,95 @@ +.. _install_sandboxes_gzip: + +Gzip +==== + +.. sidebar:: Requirements + + .. include:: _include/docker-env-setup-link.rst + + :ref:`curl ` + Used to make ``HTTP`` requests. + +By enabling compression in Envoy you can save some network bandwidth, at the expense of increased processor usage. + +Envoy supports compression and decompression for both requests and responses. + +This sandbox provides an example of response compression served over ``HTTP``. Although ``HTTPS`` is not demonstrated, compression can be used for this also. + +The sandbox covers two scenarios: + +- compression of files from an upstream server +- compression of Envoy's own statistics + +Step 1: Start all of our containers +*********************************** + +Change to the ``examples/gzip`` directory and bring up the docker composition. + +.. code-block:: console + + $ pwd + envoy/examples/gzip + $ docker-compose build --pull + $ docker-compose up -d + $ docker-compose ps + Name Command State Ports + -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + gzip_envoy-stats_1 /docker-entrypoint.sh /usr ... Up 0.0.0.0:10000->10000/tcp,:::10000->10000/tcp, 0.0.0.0:9901->9901/tcp,:::9901->9901/tcp, 0.0.0.0:9902->9902/tcp,:::9902->9902/tcp + gzip_service_1 python3 /code/service.py Up + +Step 2: Test Envoy’s compression of upstream files +************************************************** + +The sandbox is configured with two endpoints on port ``10000`` for serving upstream files: + +- ``/file.txt`` +- ``/file.json`` + +Only ``/file.json`` is configured to be compressed. + +Use ``curl`` to check that the response from requesting ``file.json`` contains the ``content-encoding: gzip`` header. + +You will need to add an ``accept-encoding: gzip`` request header. + +.. code-block:: console + + $ curl -si -H "Accept-Encoding: gzip" localhost:10000/file.json | grep "content-encoding" + content-encoding: gzip + +As only files with a content-type of ``application/json`` are configured to be gzipped, the response from requesting ``file.txt`` should not contain the ``content-encoding: gzip`` header, and the file will not be compressed: + +.. code-block:: console + + $ curl -si -H "Accept-Encoding: gzip" localhost:10000/file.txt | grep "content-encoding" + +Step 3: Test compression of Envoy’s statistics +********************************************** + +The sandbox is configured with two ports serving Envoy’s admin and statistics interface: + +- ``9901`` exposes the standard admin interface +- ``9902`` exposes a compressed version of the admin interface + +Use ``curl`` to make a request for uncompressed statistics on port ``9901``, it should not contain the ``content-encoding`` header in the response: + +.. code-block:: console + + $ curl -si -H "Accept-Encoding: gzip" localhost:9901/stats/prometheus | grep "content-encoding" + +Now, use ``curl`` to make a request for the compressed statistics: + +.. code-block:: console + + $ curl -si -H "Accept-Encoding: gzip" localhost:9902/stats/prometheus | grep "content-encoding" + content-encoding: gzip + +.. seealso:: + :ref:`Gzip API ` + API and configuration reference for Envoy's gzip compression. + + :ref:`Compression configuration ` + Reference documentation for Envoy's compressor filter. + + :ref:`Envoy admin quick start guide ` + Quick start guide to the Envoy admin interface. diff --git a/docs/root/start/sandboxes/index.rst b/docs/root/start/sandboxes/index.rst index cadaaaa45bb1..ffc5aab0610a 100644 --- a/docs/root/start/sandboxes/index.rst +++ b/docs/root/start/sandboxes/index.rst @@ -45,6 +45,7 @@ The following sandboxes are available: .. toctree:: :maxdepth: 1 + brotli cache cors csrf @@ -55,6 +56,7 @@ The following sandboxes are available: fault_injection front_proxy grpc_bridge + gzip jaeger_native_tracing jaeger_tracing load_reporting_service @@ -69,4 +71,5 @@ The following sandboxes are available: udp wasm-cc websocket + win32_front_proxy zipkin_tracing diff --git a/docs/root/start/sandboxes/setup.rst b/docs/root/start/sandboxes/setup.rst index 6f4c6067bbda..eb1c1193823b 100644 --- a/docs/root/start/sandboxes/setup.rst +++ b/docs/root/start/sandboxes/setup.rst @@ -37,6 +37,9 @@ The user account running the examples will need to have permission to use Docker Full instructions for installing Docker can be found on the `Docker website `_ +If you want to use the Windows based Envoy images make sure that you +`switch Docker to use Windows containers `_. + .. _start_sandboxes_setup_docker_compose: Install Docker Compose diff --git a/docs/root/start/sandboxes/win32_front_proxy.rst b/docs/root/start/sandboxes/win32_front_proxy.rst new file mode 100644 index 000000000000..625bc6ce2e55 --- /dev/null +++ b/docs/root/start/sandboxes/win32_front_proxy.rst @@ -0,0 +1,352 @@ +Windows based Front proxy +========================= + +.. sidebar:: Requirements + + .. include:: _include/docker-env-setup-link.rst + +To get a flavor of what Envoy has to offer on Windows, we are releasing a +`docker compose `_ sandbox that deploys a front Envoy and a +couple of services (simple Flask apps) colocated with a running service Envoy. + +The three containers will be deployed inside a virtual network called ``envoymesh``. + +Below you can see a graphic showing the docker compose deployment: + +.. image:: /_static/docker_compose_front_proxy.svg + :width: 100% + +All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on +the edge of the ``envoymesh`` network. Port ``8080``, ``8443``, and ``8001`` are exposed by docker +compose (see :download:`docker-compose.yaml <_include/front-proxy/docker-compose.yaml>`) to handle +``HTTP``, ``HTTPS`` calls to the services and requests to ``/admin`` respectively. + +Moreover, notice that all traffic routed by the front Envoy to the service containers is actually +routed to the service Envoys (routes setup in :download:`front-envoy.yaml <_include/front-proxy/front-envoy.yaml>`). + +In turn the service Envoys route the request to the Flask app via the loopback +address (routes setup in :download:`service-envoy.yaml <_include/front-proxy/service-envoy.yaml>`). This +setup illustrates the advantage of running service Envoys collocated with your services: all +requests are handled by the service Envoy, and efficiently routed to your services. + +Step 1: Start all of our containers +*********************************** + +Change to the ``examples/front-proxy`` directory. + +.. code-block:: console + + PS> $PWD + D:\envoy\examples\win32-front-proxy + PS> docker-compose build --pull + PS> docker-compose up -d + PS> docker-compose ps + Name Command State Ports + ------------------------------------------------------------------------------------------------------------------------------------------------------------ + envoy-front-proxy_front-envoy_1 powershell.exe ./start_env ... Up 10000/tcp, 0.0.0.0:8003->8003/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:8443->8443/tcp + envoy-front-proxy_service1_1 powershell.exe ./start_ser ... Up 10000/tcp + envoy-front-proxy_service2_1 powershell.exe ./start_ser ... Up 10000/tcp + +Step 2: Test Envoy's routing capabilities +***************************************** + +You can now send a request to both services via the ``front-envoy``. + +For ``service1``: + +.. code-block:: console + + PS> curl -v localhost:8080/service/1 + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8080 (#0) + > GET /service/1 HTTP/1.1 + > Host: localhost:8080 + > User-Agent: curl/7.55.1 + > Accept: */* + > + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 92 + < server: envoy + < date: Wed, 05 May 2021 05:55:55 GMT + < x-envoy-upstream-service-time: 18 + < + Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237 + * Connection #0 to host localhost left intact + +For ``service2``: + +.. code-block:: console + + PS> curl -v localhost:8080/service/2 + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8080 (#0) + > GET /service/2 HTTP/1.1 + > Host: localhost:8080 + > User-Agent: curl/7.55.1 + > Accept: */* + > + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 93 + < server: envoy + < date: Wed, 05 May 2021 05:57:03 GMT + < x-envoy-upstream-service-time: 14 + < + Hello from behind Envoy (service 2)! hostname: 51e28eb3c8b8 resolvedhostname: 172.30.109.113 + * Connection #0 to host localhost left intact + +Notice that each request, while sent to the front Envoy, was correctly routed to the respective +application. + +We can also use ``HTTPS`` to call services behind the front Envoy. For example, calling ``service1``: + +.. code-block:: console + + PS> curl https://localhost:8443/service/1 -k -v + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8443 (#0) + * schannel: SSL/TLS connection with localhost port 8443 (step 1/3) + * schannel: disabled server certificate revocation checks + * schannel: verifyhost setting prevents Schannel from comparing the supplied target name with the subject names in server certificates. + * schannel: sending initial handshake data: sending 171 bytes... + * schannel: sent initial handshake data: sent 171 bytes + * schannel: SSL/TLS connection with localhost port 8443 (step 2/3) + * schannel: failed to receive handshake, need more data + * schannel: SSL/TLS connection with localhost port 8443 (step 2/3) + * schannel: encrypted data got 1081 + * schannel: encrypted data buffer: offset 1081 length 4096 + * schannel: sending next handshake data: sending 93 bytes... + * schannel: SSL/TLS connection with localhost port 8443 (step 2/3) + * schannel: encrypted data got 258 + * schannel: encrypted data buffer: offset 258 length 4096 + * schannel: SSL/TLS handshake complete + * schannel: SSL/TLS connection with localhost port 8443 (step 3/3) + * schannel: stored credential handle in session cache + > GET /service/1 HTTP/1.1 + > Host: localhost:8443 + > User-Agent: curl/7.55.1 + > Accept: */* + > + * schannel: client wants to read 102400 bytes + * schannel: encdata_buffer resized 103424 + * schannel: encrypted data buffer: offset 0 length 103424 + * schannel: encrypted data got 286 + * schannel: encrypted data buffer: offset 286 length 103424 + * schannel: decrypted data length: 257 + * schannel: decrypted data added: 257 + * schannel: decrypted data cached: offset 257 length 102400 + * schannel: encrypted data buffer: offset 0 length 103424 + * schannel: decrypted data buffer: offset 257 length 102400 + * schannel: schannel_recv cleanup + * schannel: decrypted data returned 257 + * schannel: decrypted data buffer: offset 0 length 102400 + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 92 + < server: envoy + < date: Wed, 05 May 2021 05:57:45 GMT + < x-envoy-upstream-service-time: 3 + < + Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237 + * Connection #0 to host localhost left intact + +Step 3: Test Envoy's load balancing capabilities +************************************************ + +Now let's scale up our ``service1`` nodes to demonstrate the load balancing abilities of Envoy: + +.. code-block:: console + + PS> docker-compose scale service1=3 + Creating and starting example_service1_2 ... done + Creating and starting example_service1_3 ... done + +Now if we send a request to ``service1`` multiple times, the front Envoy will load balance the +requests by doing a round robin of the three ``service1`` machines: + +.. code-block:: console + + PS> curl -v localhost:8080/service/1 + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8080 (#0) + > GET /service/1 HTTP/1.1 + > Host: localhost:8080 + > User-Agent: curl/7.55.1 + > Accept: */* + > + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 93 + < server: envoy + < date: Wed, 05 May 2021 05:58:40 GMT + < x-envoy-upstream-service-time: 22 + < + Hello from behind Envoy (service 1)! hostname: 8d2359ee21a8 resolvedhostname: 172.30.101.143 + * Connection #0 to host localhost left intact + PS> curl -v localhost:8080/service/1 + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8080 (#0) + > GET /service/1 HTTP/1.1 + > Host: localhost:8080 + > User-Agent: curl/7.55.1 + > Accept: */* + > + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 91 + < server: envoy + < date: Wed, 05 May 2021 05:58:43 GMT + < x-envoy-upstream-service-time: 11 + < + Hello from behind Envoy (service 1)! hostname: 41e1141eebf4 resolvedhostname: 172.30.96.11 + * Connection #0 to host localhost left intact + PS> curl -v localhost:8080/service/1 + * Trying ::1... + * TCP_NODELAY set + * Trying 127.0.0.1... + * TCP_NODELAY set + * Connected to localhost (127.0.0.1) port 8080 (#0) + > GET /service/1 HTTP/1.1 + > Host: localhost:8080 + > User-Agent: curl/7.55.1 + > Accept: */* + > + < HTTP/1.1 200 OK + < content-type: text/html; charset=utf-8 + < content-length: 92 + < server: envoy + < date: Wed, 05 May 2021 05:58:44 GMT + < x-envoy-upstream-service-time: 7 + < + Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237 + * Connection #0 to host localhost left intact + +Step 4: Enter containers and curl services +****************************************** + +In addition of using ``curl`` from your host machine, you can also enter the +containers themselves and ``curl`` from inside them. To enter a container you +can use ``docker-compose exec /bin/bash``. For example we can +enter the ``front-envoy`` container, and ``curl`` for services locally: + +.. code-block:: console + + PS> docker-compose exec front-envoy powershell + PS C:\> (curl -UseBasicParsing http://localhost:8080/service/1).Content + Hello from behind Envoy (service 1)! hostname: 41e1141eebf4 resolvedhostname: 172.30.96.11 + + PS C:\> (curl -UseBasicParsing http://localhost:8080/service/1).Content + Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237 + + PS C:\> (curl -UseBasicParsing http://localhost:8080/service/1).Content + Hello from behind Envoy (service 1)! hostname: 8d2359ee21a8 resolvedhostname: 172.30.101.143 + + +Step 5: Enter container and curl admin interface +************************************************ + +When Envoy runs it also attaches an ``admin`` to your desired port. + +In the example configs the admin listener is bound to port ``8001``. + +We can ``curl`` it to gain useful information: + +- :ref:`/server_info ` provides information about the Envoy version you are running. +- :ref:`/stats ` provides statistics about the Envoy server. + +In the example we can enter the ``front-envoy`` container to query admin: + +.. code-block:: console + + PS> docker-compose exec front-envoy powershell + PS C:\> (curl http://localhost:8003/server_info -UseBasicParsing).Content + +.. code-block:: json + + { + "version": "093e2ffe046313242144d0431f1bb5cf18d82544/1.15.0-dev/Clean/RELEASE/BoringSSL", + "state": "LIVE", + "hot_restart_version": "11.104", + "command_line_options": { + "base_id": "0", + "use_dynamic_base_id": false, + "base_id_path": "", + "concurrency": 8, + "config_path": "/etc/front-envoy.yaml", + "config_yaml": "", + "allow_unknown_static_fields": false, + "reject_unknown_dynamic_fields": false, + "ignore_unknown_dynamic_fields": false, + "admin_address_path": "", + "local_address_ip_version": "v4", + "log_level": "info", + "component_log_level": "", + "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v", + "log_format_escaped": false, + "log_path": "", + "service_cluster": "front-proxy", + "service_node": "", + "service_zone": "", + "drain_strategy": "Gradual", + "mode": "Serve", + "disable_hot_restart": false, + "enable_mutex_tracing": false, + "restart_epoch": 0, + "cpuset_threads": false, + "disabled_extensions": [], + "bootstrap_version": 0, + "hidden_envoy_deprecated_max_stats": "0", + "hidden_envoy_deprecated_max_obj_name_len": "0", + "file_flush_interval": "10s", + "drain_time": "600s", + "parent_shutdown_time": "900s" + }, + "uptime_current_epoch": "188s", + "uptime_all_epochs": "188s" + } + +.. code-block:: console + + PS C:\> (curl http://localhost:8003/stats -UseBasicParsing).Content + cluster.service1.external.upstream_rq_200: 7 + ... + cluster.service1.membership_change: 2 + cluster.service1.membership_total: 3 + ... + cluster.service1.upstream_cx_http2_total: 3 + ... + cluster.service1.upstream_rq_total: 7 + ... + cluster.service2.external.upstream_rq_200: 2 + ... + cluster.service2.membership_change: 1 + cluster.service2.membership_total: 1 + ... + cluster.service2.upstream_cx_http2_total: 1 + ... + cluster.service2.upstream_rq_total: 2 + ... + +Notice that we can get the number of members of upstream clusters, number of requests fulfilled by +them, information about http ingress, and a plethora of other useful stats. + +.. seealso:: + + :ref:`Envoy admin quick start guide ` + Quick start guide to the Envoy admin interface. diff --git a/docs/root/version_history/current.rst b/docs/root/version_history/current.rst index 6d366792f448..7c927441c420 100644 --- a/docs/root/version_history/current.rst +++ b/docs/root/version_history/current.rst @@ -14,12 +14,14 @@ Minor Behavior Changes *Changes that may cause incompatibilities for some users, but should not for most* * access_log: add new access_log command operator ``%REQUEST_TX_DURATION%``. +* access_log: remove extra quotes on metadata string values. This behavior can be temporarily reverted by setting ``envoy.reloadable_features.unquote_log_string_values`` to false. +* admission control: added :ref:`admission control ` whose default value is 80%, which means that the upper limit of the default rejection probability of the filter is changed from 100% to 80%. * aws_request_signing: requests are now buffered by default to compute signatures which include the payload hash, making the filter compatible with most AWS services. Previously, requests were never buffered, which only produced correct signatures for requests without a body, or for requests to S3, ES or Glacier, which used the literal string ``UNSIGNED-PAYLOAD``. Buffering can be now be disabled in favor of using unsigned payloads with compatible services via the new - `use_unsigned_payload` filter option (default false). + ``use_unsigned_payload`` filter option (default false). * cluster: added default value of 5 seconds for :ref:`connect_timeout `. * http: disable the integration between :ref:`ExtensionWithMatcher ` and HTTP filters by default to reflects its experimental status. This feature can be enabled by seting @@ -30,18 +32,30 @@ Minor Behavior Changes ``envoy.reloadable_features.send_strict_1xx_and_204_response_headers`` (do not send 1xx or 204 responses with these headers). Both are true by default. * http: serve HEAD requests from cache. +* http: stop sending the transfer-encoding header for 304. This behavior can be temporarily reverted by setting + ``envoy.reloadable_features.no_chunked_encoding_header_for_304`` to false. +* http: the behavior of the ``present_match`` in route header matcher changed. The value of ``present_match`` is ignored in the past. The new behavior is ``present_match`` performed when value is true. absent match performed when the value is false. Please reference :ref:`present_match + `. * listener: respect the :ref:`connection balance config ` defined within the listener where the sockets are redirected to. Clear that field to restore the previous behavior. * tcp: switched to the new connection pool by default. Any unexpected behavioral changes can be reverted by setting runtime guard ``envoy.reloadable_features.new_tcp_connection_pool`` to false. - Bug Fixes --------- *Changes expected to improve the state of the world and are unlikely to have negative effects* +* aws_lambda: if ``payload_passthrough`` is set to ``false``, the downstream response content-type header will now be set from the content-type entry in the JSON response's headers map, if present. +* cluster: fixed the :ref:`cluster stats ` histograms by moving the accounting into the router + filter. This means that we now properly compute the number of bytes sent as well as handling retries which were previously ignored. +* hot_restart: fix double counting of ``server.seconds_until_first_ocsp_response_expiring`` and ``server.days_until_first_cert_expiring`` during hot-restart. This stat was only incorrect until the parent process terminated. +* http: fix erroneous handling of invalid nghttp2 frames with the ``NGHTTP2_ERR_REFUSED_STREAM`` error. Prior to the fix, + Envoy would close the entire connection when nghttp2 triggered the invalid frame callback for the said error. The fix + will cause Envoy to terminate just the refused stream and retain the connection. This behavior can be temporarily + reverted by setting the ``envoy.reloadable_features.http2_consume_stream_refused_errors`` runtime guard to false. * http: port stripping now works for CONNECT requests, though the port will be restored if the CONNECT request is sent upstream. This behavior can be temporarily reverted by setting ``envoy.reloadable_features.strip_port_from_connect`` to false. * http: raise max configurable max_request_headers_kb limit to 8192 KiB (8MiB) from 96 KiB in http connection manager. * listener: fix the crash which could happen when the ongoing filter chain only listener update is followed by the listener removal or full listener update. +* udp: limit each UDP listener to read maxmium 6000 packets per event loop. This behavior can be temporarily reverted by setting ``envoy.reloadable_features.udp_per_event_loop_read_limit`` to false. * validation: fix an issue that causes TAP sockets to panic during config validation mode. * xray: fix the default sampling 'rate' for AWS X-Ray tracer extension to be 5% as opposed to 50%. * zipkin: fix timestamp serializaiton in annotations. A prior bug fix exposed an issue with timestamps being serialized as strings. @@ -51,6 +65,7 @@ Removed Config or Runtime *Normally occurs at the end of the* :ref:`deprecation period ` * event: removed ``envoy.reloadable_features.activate_timers_next_event_loop`` runtime guard and legacy code path. +* gzip: removed legacy HTTP Gzip filter and runtime guard ``envoy.deprecated_features.allow_deprecated_gzip_http_filter``. * http: removed ``envoy.reloadable_features.allow_500_after_100`` runtime guard and the legacy code path. * http: removed ``envoy.reloadable_features.always_apply_route_header_rules`` runtime guard and legacy code path. * http: removed ``envoy.reloadable_features.hcm_stream_error_on_invalid_message`` for disabling closing HTTP/1.1 connections on error. Connection-closing can still be disabled by setting the HTTP/1 configuration :ref:`override_stream_error_on_invalid_http_message `. @@ -66,19 +81,52 @@ New Features * grpc reverse bridge: added a new :ref:`option envoy_v3_api_field_extensions.filters.http.grpc_http1_reverse_bridge.v3.FilterConfig.response_size_header` to support streaming response bodies when withholding gRPC frames from the upstream. * http: a new field `is_optional` is added to `extensions.filters.network.http_connection_manager.v3.HttpFilter`. When value is `true`, the unsupported http filter will be ignored by envoy. This is also same with unsupported http filter + +* access_log: added the new response flag for :ref:`overload manager termination `. The response flag will be set when the http stream is terminated by overload manager. +* admission control: added :ref:`admission control ` option that when average RPS of the sampling window is below this threshold, the filter will not throttle requests. Added :ref:`admission control ` option to set an upper limit on the probability of rejection. +* bandwidth_limit: added new :ref:`HTTP bandwidth limit filter `. +* bootstrap: added :ref:`dns_resolution_config ` to aggregate all of the DNS resolver configuration in a single message. By setting one such configuration option ``no_default_search_domain`` as true the DNS resolver will not use the default search domains. And by setting the configuration ``resolvers`` we can specify the external DNS servers to be used for external DNS query. +* cluster: added :ref:`dns_resolution_config ` to aggregate all of the DNS resolver configuration in a single message. By setting one such configuration option ``no_default_search_domain`` as true the DNS resolver will not use the default search domains. +* composite filter: can now be used with filters that also add an access logger, such as the WASM filter. +* config: added stat :ref:`config_reload_time_ms `. +* connection_limit: added new :ref:`Network connection limit filter `. +* crash support: restore crash context when continuing to processing requests or responses as a result of an asynchronous callback that invokes a filter directly. This is unlike the call stacks that go through the various network layers, to eventually reach the filter. For a concrete example see: ``Envoy::Extensions::HttpFilters::Cache::CacheFilter::getHeaders`` which posts a callback on the dispatcher that will invoke the filter directly. +* dns cache: added :ref:`preresolve_hostnames ` option to the DNS cache config. This option allows hostnames to be preresolved into the cache upon cache creation. This might provide performance improvement, in the form of cache hits, for hostnames that are going to be resolved during steady state and are known at config load time. +* dns resolver: added ``DnsResolverOptions`` protobuf message to reconcile all of the DNS lookup option flags. By setting the configuration option :ref:`use_tcp_for_dns_lookups ` as true we can make the underlying dns resolver library to make only TCP queries to the DNS servers and by setting the configuration option :ref:`no_default_search_domain ` as true the DNS resolver library will not use the default search domains. +* dns resolver: added ``DnsResolutionConfig`` to combine :ref:`dns_resolver_options ` and :ref:`resolvers ` in a single protobuf message. The field ``resolvers`` can be specified with a list of DNS resolver addresses. If specified, DNS client library will perform resolution via the underlying DNS resolvers. Otherwise, the default system resolvers (e.g., /etc/resolv.conf) will be used. +* dns_filter: added :ref:`dns_resolution_config ` to aggregate all of the DNS resolver configuration in a single message. By setting the configuration option ``use_tcp_for_dns_lookups`` to true we can make dns filter's external resolvers to answer queries using TCP only, by setting the configuration option ``no_default_search_domain`` as true the DNS resolver will not use the default search domains. And by setting the configuration ``resolvers`` we can specify the external DNS servers to be used for external DNS query which replaces the pre-existing alpha api field ``upstream_resolvers``. +* dynamic_forward_proxy: added :ref:`dns_resolution_config ` option to the DNS cache config in order to aggregate all of the DNS resolver configuration in a single message. By setting one such configuration option ``no_default_search_domain`` as true the DNS resolver will not use the default search domains. And by setting the configuration ``resolvers`` we can specify the external DNS servers to be used for external DNS query instead of the system default resolvers. +* http: a new field ``is_optional`` is added to ``extensions.filters.network.http_connection_manager.v3.HttpFilter``. When + value is ``true``, the unsupported http filter will be ignored by envoy. This is also same with unsupported http filter in the typed per filter config. For more information, please reference :ref:`HttpFilter `. -* http: added support for :ref:`original IP detection extensions`. +* http: added :ref:`stripping trailing host dot from host header ` support. +* http: added support for :ref:`original IP detection extensions `. Two initial extensions were added, the :ref:`custom header ` extension and the :ref:`xff ` extension. -* http: added the ability to :ref:`unescape slash sequences` in the path. Requests with unescaped slashes can be proxied, rejected or redirected to the new unescaped path. By default this feature is disabled. The default behavior can be overridden through :ref:`http_connection_manager.path_with_escaped_slashes_action` runtime variable. This action can be selectively enabled for a portion of requests by setting the :ref:`http_connection_manager.path_with_escaped_slashes_action_sampling` runtime variable. +* http: added a new option to upstream HTTP/2 :ref:`keepalive ` to send a PING ahead of a new stream if the connection has been idle for a sufficient duration. +* http: added the ability to :ref:`unescape slash sequences ` in the path. Requests with unescaped slashes can be proxied, rejected or redirected to the new unescaped path. By default this feature is disabled. The default behavior can be overridden through :ref:`http_connection_manager.path_with_escaped_slashes_action` runtime variable. This action can be selectively enabled for a portion of requests by setting the :ref:`http_connection_manager.path_with_escaped_slashes_action_sampling` runtime variable. * http: added upstream and downstream alpha HTTP/3 support! See :ref:`quic_options ` for downstream and the new http3_protocol_options in :ref:`http_protocol_options ` for upstream HTTP/3. +* jwt_authn: added support to fetch remote jwks asynchronously specified by :ref:`async_fetch `. * listener: added ability to change an existing listener's address. +* local_rate_limit_filter: added suppoort for locally rate limiting http requests on a per connection basis. This can be enabled by setting the :ref:`local_rate_limit_per_downstream_connection ` field to true. * metric service: added support for sending metric tags as labels. This can be enabled by setting the :ref:`emit_tags_as_labels ` field to true. +* proxy protocol: added support for generating the header while using the :ref:`HTTP connection manager `. This is done using the using the :ref:`Proxy Protocol Transport Socket ` on upstream clusters. + This feature is currently affected by a memory leak `issue `_. +* req_without_query: added access log formatter extension implementing command operator :ref:`REQ_WITHOUT_QUERY ` to log the request path, while excluding the query string. +* router: added flag ``suppress_grpc_request_failure_code_stats`` to :ref:`key ` to allow users to exclude incrementing HTTP status code stats on gRPC requests. +* stats: added native :ref:`Graphite-formatted tag ` support. * tcp: added support for :ref:`preconnecting `. Preconnecting is off by default, but recommended for clusters serving latency-sensitive traffic. +* thrift_proxy: added per upstream metrics within the :ref:`thrift router ` for request and response size histograms. +* tls: allow dual ECDSA/RSA certs via SDS. Previously, SDS only supported a single certificate per context, and dual cert was only supported via non-SDS. * udp_proxy: added :ref:`key ` as another hash policy to support hash based routing on any given key. +* windows container image: added user, EnvoyUser which is part of the Network Configuration Operators group to the container image. Deprecated ---------- +* bootstrap: the field :ref:`use_tcp_for_dns_lookups ` is deprecated in favor of :ref:`dns_resolution_config ` which aggregates all of the DNS resolver configuration in a single message. +* cluster: the fields :ref:`use_tcp_for_dns_lookups ` and :ref:`dns_resolvers ` are deprecated in favor of :ref:`dns_resolution_config ` which aggregates all of the DNS resolver configuration in a single message. +* dns_filter: the field :ref:`known_suffixes ` is deprecated. The internal data management of the filter has changed and the filter no longer uses the known_suffixes field. +* dynamic_forward_proxy: the field :ref:`use_tcp_for_dns_lookups ` is deprecated in favor of :ref:`dns_resolution_config ` which aggregates all of the DNS resolver configuration in a single message. * http: :ref:`xff_num_trusted_hops ` is deprecated in favor of :ref:`original IP detection extensions`. diff --git a/include/envoy/access_log/BUILD b/envoy/access_log/BUILD similarity index 55% rename from include/envoy/access_log/BUILD rename to envoy/access_log/BUILD index 6bf20375270a..c9578cb50311 100644 --- a/include/envoy/access_log/BUILD +++ b/envoy/access_log/BUILD @@ -12,10 +12,10 @@ envoy_cc_library( name = "access_log_interface", hdrs = ["access_log.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/config:typed_config_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/http:header_map_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/protobuf", ], ) diff --git a/include/envoy/access_log/access_log.h b/envoy/access_log/access_log.h similarity index 98% rename from include/envoy/access_log/access_log.h rename to envoy/access_log/access_log.h index 23a4bb063186..5c8d952877d4 100644 --- a/include/envoy/access_log/access_log.h +++ b/envoy/access_log/access_log.h @@ -8,7 +8,7 @@ #include "envoy/http/header_map.h" #include "envoy/stream_info/stream_info.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace AccessLog { diff --git a/include/envoy/api/BUILD b/envoy/api/BUILD similarity index 59% rename from include/envoy/api/BUILD rename to envoy/api/BUILD index 36736838c6d8..55e267505ee5 100644 --- a/include/envoy/api/BUILD +++ b/envoy/api/BUILD @@ -12,12 +12,12 @@ envoy_cc_library( name = "api_interface", hdrs = ["api.h"], deps = [ - "//include/envoy/common:random_generator_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:scaled_range_timer_manager_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/server:process_context_interface", - "//include/envoy/thread:thread_interface", + "//envoy/common:random_generator_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:scaled_range_timer_manager_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/server:process_context_interface", + "//envoy/thread:thread_interface", ], ) diff --git a/include/envoy/api/api.h b/envoy/api/api.h similarity index 100% rename from include/envoy/api/api.h rename to envoy/api/api.h diff --git a/include/envoy/api/io_error.h b/envoy/api/io_error.h similarity index 100% rename from include/envoy/api/io_error.h rename to envoy/api/io_error.h diff --git a/include/envoy/api/os_sys_calls.h b/envoy/api/os_sys_calls.h similarity index 100% rename from include/envoy/api/os_sys_calls.h rename to envoy/api/os_sys_calls.h diff --git a/include/envoy/api/os_sys_calls_common.h b/envoy/api/os_sys_calls_common.h similarity index 100% rename from include/envoy/api/os_sys_calls_common.h rename to envoy/api/os_sys_calls_common.h diff --git a/include/envoy/api/os_sys_calls_hot_restart.h b/envoy/api/os_sys_calls_hot_restart.h similarity index 100% rename from include/envoy/api/os_sys_calls_hot_restart.h rename to envoy/api/os_sys_calls_hot_restart.h diff --git a/include/envoy/api/os_sys_calls_linux.h b/envoy/api/os_sys_calls_linux.h similarity index 100% rename from include/envoy/api/os_sys_calls_linux.h rename to envoy/api/os_sys_calls_linux.h diff --git a/include/envoy/buffer/BUILD b/envoy/buffer/BUILD similarity index 89% rename from include/envoy/buffer/BUILD rename to envoy/buffer/BUILD index 9367bedb85ec..3b9157d06f5f 100644 --- a/include/envoy/buffer/BUILD +++ b/envoy/buffer/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( "abseil_inlined_vector", ], deps = [ - "//include/envoy/api:os_sys_calls_interface", + "//envoy/api:os_sys_calls_interface", "//source/common/common:assert_lib", "//source/common/common:byte_order_lib", "//source/common/common:utility_lib", diff --git a/include/envoy/buffer/buffer.h b/envoy/buffer/buffer.h similarity index 98% rename from include/envoy/buffer/buffer.h rename to envoy/buffer/buffer.h index d00130d48d90..a4029715e6c7 100644 --- a/include/envoy/buffer/buffer.h +++ b/envoy/buffer/buffer.h @@ -10,9 +10,9 @@ #include "envoy/common/platform.h" #include "envoy/common/pure.h" -#include "common/common/assert.h" -#include "common/common/byte_order.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/utility.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" @@ -131,7 +131,8 @@ class Instance { /** * Binds the account to be charged for resources used by the buffer. This - * should only be called once. + * should only be called when the buffer is empty as existing slices + * within the buffer won't retroactively get tagged. * * @param account a shared_ptr to the account to charge. */ @@ -449,6 +450,7 @@ class Instance { * @param watermark supplies the buffer high watermark size threshold, in bytes. */ virtual void setWatermarks(uint32_t watermark) PURE; + /** * Returns the configured high watermark. A return value of 0 indicates that watermark * functionality is disabled. diff --git a/include/envoy/common/BUILD b/envoy/common/BUILD similarity index 91% rename from include/envoy/common/BUILD rename to envoy/common/BUILD index f831dcd62708..d7e0130cf1f1 100644 --- a/include/envoy/common/BUILD +++ b/envoy/common/BUILD @@ -18,15 +18,14 @@ envoy_basic_cc_library( "pure.h", ], external_deps = ["abseil_optional"], - include_prefix = "envoy/common", ) envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ - "//include/envoy/event:deferred_deletable", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:deferred_deletable", + "//envoy/upstream:upstream_interface", ], ) diff --git a/include/envoy/common/backoff_strategy.h b/envoy/common/backoff_strategy.h similarity index 100% rename from include/envoy/common/backoff_strategy.h rename to envoy/common/backoff_strategy.h diff --git a/include/envoy/common/callback.h b/envoy/common/callback.h similarity index 100% rename from include/envoy/common/callback.h rename to envoy/common/callback.h diff --git a/include/envoy/common/conn_pool.h b/envoy/common/conn_pool.h similarity index 100% rename from include/envoy/common/conn_pool.h rename to envoy/common/conn_pool.h diff --git a/include/envoy/common/crypto/BUILD b/envoy/common/crypto/BUILD similarity index 100% rename from include/envoy/common/crypto/BUILD rename to envoy/common/crypto/BUILD diff --git a/include/envoy/common/crypto/crypto.h b/envoy/common/crypto/crypto.h similarity index 100% rename from include/envoy/common/crypto/crypto.h rename to envoy/common/crypto/crypto.h diff --git a/include/envoy/common/exception.h b/envoy/common/exception.h similarity index 100% rename from include/envoy/common/exception.h rename to envoy/common/exception.h diff --git a/include/envoy/common/interval_set.h b/envoy/common/interval_set.h similarity index 100% rename from include/envoy/common/interval_set.h rename to envoy/common/interval_set.h diff --git a/include/envoy/common/matchers.h b/envoy/common/matchers.h similarity index 100% rename from include/envoy/common/matchers.h rename to envoy/common/matchers.h diff --git a/include/envoy/common/mutex_tracer.h b/envoy/common/mutex_tracer.h similarity index 100% rename from include/envoy/common/mutex_tracer.h rename to envoy/common/mutex_tracer.h diff --git a/include/envoy/common/optref.h b/envoy/common/optref.h similarity index 100% rename from include/envoy/common/optref.h rename to envoy/common/optref.h diff --git a/include/envoy/common/platform.h b/envoy/common/platform.h similarity index 99% rename from include/envoy/common/platform.h rename to envoy/common/platform.h index 36ed51becf89..e610caccb7ee 100644 --- a/include/envoy/common/platform.h +++ b/envoy/common/platform.h @@ -229,7 +229,7 @@ constexpr bool win32SupportsOriginalDestination() { #define UDP_SEGMENT 103 #endif -typedef int os_fd_t; +typedef int os_fd_t; // NOLINT(modernize-use-using) typedef int filesystem_os_id_t; // NOLINT(modernize-use-using) typedef int signal_t; // NOLINT(modernize-use-using) diff --git a/include/envoy/common/pure.h b/envoy/common/pure.h similarity index 100% rename from include/envoy/common/pure.h rename to envoy/common/pure.h diff --git a/include/envoy/common/random_generator.h b/envoy/common/random_generator.h similarity index 97% rename from include/envoy/common/random_generator.h rename to envoy/common/random_generator.h index ed4c079d2fb0..b0e4257bcb16 100644 --- a/include/envoy/common/random_generator.h +++ b/envoy/common/random_generator.h @@ -6,7 +6,7 @@ #include "envoy/common/pure.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" namespace Envoy { namespace Random { diff --git a/include/envoy/common/regex.h b/envoy/common/regex.h similarity index 100% rename from include/envoy/common/regex.h rename to envoy/common/regex.h diff --git a/include/envoy/common/resource.h b/envoy/common/resource.h similarity index 100% rename from include/envoy/common/resource.h rename to envoy/common/resource.h diff --git a/include/envoy/common/scope_tracker.h b/envoy/common/scope_tracker.h similarity index 100% rename from include/envoy/common/scope_tracker.h rename to envoy/common/scope_tracker.h diff --git a/include/envoy/common/time.h b/envoy/common/time.h similarity index 100% rename from include/envoy/common/time.h rename to envoy/common/time.h diff --git a/include/envoy/common/token_bucket.h b/envoy/common/token_bucket.h similarity index 100% rename from include/envoy/common/token_bucket.h rename to envoy/common/token_bucket.h diff --git a/include/envoy/compression/compressor/BUILD b/envoy/compression/compressor/BUILD similarity index 76% rename from include/envoy/compression/compressor/BUILD rename to envoy/compression/compressor/BUILD index 6632229aaed4..7b767df2e189 100644 --- a/include/envoy/compression/compressor/BUILD +++ b/envoy/compression/compressor/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "compressor_interface", hdrs = ["compressor.h"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) @@ -29,7 +29,7 @@ envoy_cc_library( hdrs = ["config.h"], deps = [ ":compressor_factory_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", ], ) diff --git a/include/envoy/compression/compressor/compressor.h b/envoy/compression/compressor/compressor.h similarity index 100% rename from include/envoy/compression/compressor/compressor.h rename to envoy/compression/compressor/compressor.h diff --git a/include/envoy/compression/compressor/config.h b/envoy/compression/compressor/config.h similarity index 100% rename from include/envoy/compression/compressor/config.h rename to envoy/compression/compressor/config.h diff --git a/include/envoy/compression/compressor/factory.h b/envoy/compression/compressor/factory.h similarity index 100% rename from include/envoy/compression/compressor/factory.h rename to envoy/compression/compressor/factory.h diff --git a/include/envoy/compression/decompressor/BUILD b/envoy/compression/decompressor/BUILD similarity index 76% rename from include/envoy/compression/decompressor/BUILD rename to envoy/compression/decompressor/BUILD index 156d81d52356..f3c32382d59a 100644 --- a/include/envoy/compression/decompressor/BUILD +++ b/envoy/compression/decompressor/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( hdrs = ["config.h"], deps = [ ":decompressor_factory_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", ], ) @@ -30,6 +30,6 @@ envoy_cc_library( name = "decompressor_interface", hdrs = ["decompressor.h"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) diff --git a/include/envoy/compression/decompressor/config.h b/envoy/compression/decompressor/config.h similarity index 100% rename from include/envoy/compression/decompressor/config.h rename to envoy/compression/decompressor/config.h diff --git a/include/envoy/compression/decompressor/decompressor.h b/envoy/compression/decompressor/decompressor.h similarity index 100% rename from include/envoy/compression/decompressor/decompressor.h rename to envoy/compression/decompressor/decompressor.h diff --git a/include/envoy/compression/decompressor/factory.h b/envoy/compression/decompressor/factory.h similarity index 100% rename from include/envoy/compression/decompressor/factory.h rename to envoy/compression/decompressor/factory.h diff --git a/include/envoy/config/BUILD b/envoy/config/BUILD similarity index 89% rename from include/envoy/config/BUILD rename to envoy/config/BUILD index e01486c8d0f0..cb8b6a9ce6cf 100644 --- a/include/envoy/config/BUILD +++ b/envoy/config/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( hdrs = ["config_provider.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/common:assert_lib", "//source/common/protobuf", ], @@ -24,7 +24,7 @@ envoy_cc_library( hdrs = ["config_provider_manager.h"], deps = [ ":config_provider_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/common/protobuf", ], ) @@ -33,7 +33,7 @@ envoy_cc_library( name = "context_provider_interface", hdrs = ["context_provider.h"], deps = [ - "//include/envoy/common:callback", + "//envoy/common:callback", "@com_github_cncf_udpa//xds/core/v3:pkg_cc_proto", ], ) @@ -49,7 +49,7 @@ envoy_cc_library( hdrs = ["grpc_mux.h"], deps = [ ":subscription_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/common:cleanup_lib", "//source/common/protobuf", ], @@ -69,7 +69,7 @@ envoy_cc_library( name = "subscription_interface", hdrs = ["subscription.h"], deps = [ - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/config:api_type_oracle_lib", "//source/common/protobuf", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", diff --git a/include/envoy/config/config_provider.h b/envoy/config/config_provider.h similarity index 98% rename from include/envoy/config/config_provider.h rename to envoy/config/config_provider.h index dbc5b579c626..bda6cc5871c2 100644 --- a/include/envoy/config/config_provider.h +++ b/envoy/config/config_provider.h @@ -4,8 +4,8 @@ #include "envoy/common/time.h" -#include "common/common/assert.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/include/envoy/config/config_provider_manager.h b/envoy/config/config_provider_manager.h similarity index 98% rename from include/envoy/config/config_provider_manager.h rename to envoy/config/config_provider_manager.h index eaf6d4d0ec11..fbb98c14605c 100644 --- a/include/envoy/config/config_provider_manager.h +++ b/envoy/config/config_provider_manager.h @@ -5,7 +5,7 @@ #include "envoy/config/config_provider.h" #include "envoy/server/filter_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/include/envoy/config/context_provider.h b/envoy/config/context_provider.h similarity index 100% rename from include/envoy/config/context_provider.h rename to envoy/config/context_provider.h diff --git a/include/envoy/config/extension_config_provider.h b/envoy/config/extension_config_provider.h similarity index 97% rename from include/envoy/config/extension_config_provider.h rename to envoy/config/extension_config_provider.h index 182670f523db..6524f1027088 100644 --- a/include/envoy/config/extension_config_provider.h +++ b/envoy/config/extension_config_provider.h @@ -2,7 +2,7 @@ #include "envoy/common/pure.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/include/envoy/config/grpc_mux.h b/envoy/config/grpc_mux.h similarity index 98% rename from include/envoy/config/grpc_mux.h rename to envoy/config/grpc_mux.h index 57befc93e01c..0139cb3d9524 100644 --- a/include/envoy/config/grpc_mux.h +++ b/envoy/config/grpc_mux.h @@ -7,8 +7,8 @@ #include "envoy/config/subscription.h" #include "envoy/stats/stats_macros.h" -#include "common/common/cleanup.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/cleanup.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/include/envoy/config/subscription.h b/envoy/config/subscription.h similarity index 99% rename from include/envoy/config/subscription.h rename to envoy/config/subscription.h index 22385e6eb487..8f7ba87c2036 100644 --- a/include/envoy/config/subscription.h +++ b/envoy/config/subscription.h @@ -8,7 +8,7 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/stats_macros.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/include/envoy/config/subscription_factory.h b/envoy/config/subscription_factory.h similarity index 100% rename from include/envoy/config/subscription_factory.h rename to envoy/config/subscription_factory.h diff --git a/include/envoy/config/typed_config.h b/envoy/config/typed_config.h similarity index 94% rename from include/envoy/config/typed_config.h rename to envoy/config/typed_config.h index 49cc2c1f3416..e75a841d26e7 100644 --- a/include/envoy/config/typed_config.h +++ b/envoy/config/typed_config.h @@ -2,8 +2,8 @@ #include "envoy/common/pure.h" -#include "common/common/assert.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/include/envoy/config/typed_metadata.h b/envoy/config/typed_metadata.h similarity index 98% rename from include/envoy/config/typed_metadata.h rename to envoy/config/typed_metadata.h index 9406e6a99baa..059c563c782e 100644 --- a/include/envoy/config/typed_metadata.h +++ b/envoy/config/typed_metadata.h @@ -6,7 +6,7 @@ #include "envoy/common/pure.h" #include "envoy/config/typed_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/include/envoy/event/BUILD b/envoy/event/BUILD similarity index 68% rename from include/envoy/event/BUILD rename to envoy/event/BUILD index acc8770007d0..ec7695f54282 100644 --- a/include/envoy/event/BUILD +++ b/envoy/event/BUILD @@ -29,17 +29,17 @@ envoy_cc_library( ":schedulable_cb_interface", ":signal_interface", ":timer_interface", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/common:time_interface", - "//include/envoy/filesystem:watcher_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/server:watchdog_interface", - "//include/envoy/thread:thread_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/common:time_interface", + "//envoy/filesystem:watcher_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:connection_interface", + "//envoy/network:dns_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:listener_interface", + "//envoy/network:transport_socket_interface", + "//envoy/server:watchdog_interface", + "//envoy/thread:thread_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -81,6 +81,6 @@ envoy_cc_library( hdrs = ["timer.h"], deps = [ ":schedulable_cb_interface", - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", ], ) diff --git a/include/envoy/event/deferred_deletable.h b/envoy/event/deferred_deletable.h similarity index 100% rename from include/envoy/event/deferred_deletable.h rename to envoy/event/deferred_deletable.h diff --git a/include/envoy/event/dispatcher.h b/envoy/event/dispatcher.h similarity index 96% rename from include/envoy/event/dispatcher.h rename to envoy/event/dispatcher.h index 1618c9236d17..95220830c556 100644 --- a/include/envoy/event/dispatcher.h +++ b/envoy/event/dispatcher.h @@ -8,6 +8,7 @@ #include "envoy/common/scope_tracker.h" #include "envoy/common/time.h" +#include "envoy/config/core/v3/resolver.pb.h" #include "envoy/config/core/v3/udp_socket_config.pb.h" #include "envoy/event/dispatcher_thread_deletable.h" #include "envoy/event/file_event.h" @@ -62,6 +63,57 @@ class DispatcherBase { public: virtual ~DispatcherBase() = default; + /** + * Posts a functor to the dispatcher. This is safe cross thread. The functor runs in the context + * of the dispatcher event loop which may be on a different thread than the caller. + */ + virtual void post(PostCb callback) PURE; + + /** + * Validates that an operation is thread-safe with respect to this dispatcher; i.e. that the + * current thread of execution is on the same thread upon which the dispatcher loop is running. + */ + virtual bool isThreadSafe() const PURE; +}; + +/** + * Minimal interface to support ScopeTrackedObjects. + */ +class ScopeTracker { +public: + virtual ~ScopeTracker() = default; + + /** + * Appends a tracked object to the current stack of tracked objects operating + * in the dispatcher. + * + * It's recommended to use ScopeTrackerScopeState to manage the object's tracking. If directly + * invoking, there needs to be a subsequent call to popTrackedObject(). + */ + virtual void pushTrackedObject(const ScopeTrackedObject* object) PURE; + + /** + * Removes the top of the stack of tracked object and asserts that it was expected. + */ + virtual void popTrackedObject(const ScopeTrackedObject* expected_object) PURE; + + /** + * Whether the tracked object stack is empty. + */ + virtual bool trackedObjectStackIsEmpty() const PURE; +}; + +/** + * Abstract event dispatching loop. + */ +class Dispatcher : public DispatcherBase, public ScopeTracker { +public: + /** + * Returns the name that identifies this dispatcher, such as "worker_2" or "main_thread". + * @return const std::string& the name that identifies this dispatcher. + */ + virtual const std::string& name() PURE; + /** * Creates a file event that will signal when a file is readable or writable. On UNIX systems this * can be used for any file like interface (files, sockets, etc.). @@ -102,48 +154,6 @@ class DispatcherBase { */ virtual Event::SchedulableCallbackPtr createSchedulableCallback(std::function cb) PURE; - /** - * Appends a tracked object to the current stack of tracked objects operating - * in the dispatcher. - * - * It's recommended to use ScopeTrackerScopeState to manage the object's tracking. If directly - * invoking, there needs to be a subsequent call to popTrackedObject(). - */ - virtual void pushTrackedObject(const ScopeTrackedObject* object) PURE; - - /** - * Removes the top of the stack of tracked object and asserts that it was expected. - */ - virtual void popTrackedObject(const ScopeTrackedObject* expected_object) PURE; - - /** - * Whether the tracked object stack is empty. - */ - virtual bool trackedObjectStackIsEmpty() const PURE; - - /** - * Validates that an operation is thread-safe with respect to this dispatcher; i.e. that the - * current thread of execution is on the same thread upon which the dispatcher loop is running. - */ - virtual bool isThreadSafe() const PURE; - - /** - * Returns a recently cached MonotonicTime value. - */ - virtual MonotonicTime approximateMonotonicTime() const PURE; -}; - -/** - * Abstract event dispatching loop. - */ -class Dispatcher : public DispatcherBase { -public: - /** - * Returns the name that identifies this dispatcher, such as "worker_2" or "main_thread". - * @return const std::string& the name that identifies this dispatcher. - */ - virtual const std::string& name() PURE; - /** * Register a watchdog for this dispatcher. The dispatcher is responsible for touching the * watchdog at least once per touch interval. Dispatcher implementations may choose to touch more @@ -158,6 +168,11 @@ class Dispatcher : public DispatcherBase { */ virtual TimeSource& timeSource() PURE; + /** + * Returns a recently cached MonotonicTime value. + */ + virtual MonotonicTime approximateMonotonicTime() const PURE; + /** * Initializes stats for this dispatcher. Note that this can't generally be done at construction * time, since the main and worker thread dispatchers are constructed before @@ -208,13 +223,13 @@ class Dispatcher : public DispatcherBase { * dispatcher. * @param resolvers supplies the addresses of DNS resolvers that this resolver should use. If left * empty, it will not use any specific resolvers, but use defaults (/etc/resolv.conf) - * @param use_tcp_for_dns_lookups if set to true, tcp will be used to perform dns lookups. - * Otherwise, udp is used. + * @param dns_resolver_options supplies the aggregated area options flags needed for dns resolver + * init. * @return Network::DnsResolverSharedPtr that is owned by the caller. */ virtual Network::DnsResolverSharedPtr createDnsResolver(const std::vector& resolvers, - bool use_tcp_for_dns_lookups) PURE; + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) PURE; /** * @return Filesystem::WatcherPtr a filesystem watcher owned by the caller. @@ -263,12 +278,6 @@ class Dispatcher : public DispatcherBase { */ virtual SignalEventPtr listenForSignal(signal_t signal_num, SignalCb cb) PURE; - /** - * Posts a functor to the dispatcher. This is safe cross thread. The functor runs in the context - * of the dispatcher event loop which may be on a different thread than the caller. - */ - virtual void post(PostCb callback) PURE; - /** * Post the deletable to this dispatcher. The deletable objects are guaranteed to be destroyed on * the dispatcher's thread before dispatcher destroy. This is safe cross thread. diff --git a/include/envoy/event/dispatcher_thread_deletable.h b/envoy/event/dispatcher_thread_deletable.h similarity index 100% rename from include/envoy/event/dispatcher_thread_deletable.h rename to envoy/event/dispatcher_thread_deletable.h diff --git a/include/envoy/event/file_event.h b/envoy/event/file_event.h similarity index 100% rename from include/envoy/event/file_event.h rename to envoy/event/file_event.h diff --git a/include/envoy/event/scaled_range_timer_manager.h b/envoy/event/scaled_range_timer_manager.h similarity index 97% rename from include/envoy/event/scaled_range_timer_manager.h rename to envoy/event/scaled_range_timer_manager.h index 8b91ec5758fc..d7e86dc542d9 100644 --- a/include/envoy/event/scaled_range_timer_manager.h +++ b/envoy/event/scaled_range_timer_manager.h @@ -4,7 +4,7 @@ #include "envoy/event/scaled_timer.h" #include "envoy/event/timer.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" #include "absl/types/variant.h" diff --git a/include/envoy/event/scaled_timer.h b/envoy/event/scaled_timer.h similarity index 98% rename from include/envoy/event/scaled_timer.h rename to envoy/event/scaled_timer.h index 0d05c7961426..bfc06b87973e 100644 --- a/include/envoy/event/scaled_timer.h +++ b/envoy/event/scaled_timer.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" #include "absl/container/flat_hash_map.h" #include "absl/types/variant.h" diff --git a/include/envoy/event/schedulable_cb.h b/envoy/event/schedulable_cb.h similarity index 100% rename from include/envoy/event/schedulable_cb.h rename to envoy/event/schedulable_cb.h diff --git a/include/envoy/event/signal.h b/envoy/event/signal.h similarity index 100% rename from include/envoy/event/signal.h rename to envoy/event/signal.h diff --git a/include/envoy/event/timer.h b/envoy/event/timer.h similarity index 100% rename from include/envoy/event/timer.h rename to envoy/event/timer.h diff --git a/include/envoy/filesystem/BUILD b/envoy/filesystem/BUILD similarity index 75% rename from include/envoy/filesystem/BUILD rename to envoy/filesystem/BUILD index 94d5405b122b..e4349eba0d17 100644 --- a/include/envoy/filesystem/BUILD +++ b/envoy/filesystem/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "filesystem_interface", hdrs = ["filesystem.h"], deps = [ - "//include/envoy/api:io_error_interface", - "//include/envoy/api:os_sys_calls_interface", + "//envoy/api:io_error_interface", + "//envoy/api:os_sys_calls_interface", ], ) diff --git a/include/envoy/filesystem/filesystem.h b/envoy/filesystem/filesystem.h similarity index 100% rename from include/envoy/filesystem/filesystem.h rename to envoy/filesystem/filesystem.h diff --git a/include/envoy/filesystem/watcher.h b/envoy/filesystem/watcher.h similarity index 100% rename from include/envoy/filesystem/watcher.h rename to envoy/filesystem/watcher.h diff --git a/include/envoy/filter/http/BUILD b/envoy/filter/http/BUILD similarity index 59% rename from include/envoy/filter/http/BUILD rename to envoy/filter/http/BUILD index 5a76c4ba7b9d..887967fd5e8c 100644 --- a/include/envoy/filter/http/BUILD +++ b/envoy/filter/http/BUILD @@ -12,10 +12,10 @@ envoy_cc_library( name = "filter_config_provider_interface", hdrs = ["filter_config_provider.h"], deps = [ - "//include/envoy/config:extension_config_provider_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:extension_config_provider_interface", + "//envoy/http:filter_interface", + "//envoy/init:manager_interface", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/filter/http/filter_config_provider.h b/envoy/filter/http/filter_config_provider.h similarity index 100% rename from include/envoy/filter/http/filter_config_provider.h rename to envoy/filter/http/filter_config_provider.h diff --git a/include/envoy/formatter/BUILD b/envoy/formatter/BUILD similarity index 61% rename from include/envoy/formatter/BUILD rename to envoy/formatter/BUILD index df87c4cbac10..f630c6607644 100644 --- a/include/envoy/formatter/BUILD +++ b/envoy/formatter/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "substitution_formatter_interface", hdrs = ["substitution_formatter.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/config:typed_config_interface", + "//envoy/http:header_map_interface", + "//envoy/stream_info:stream_info_interface", ], ) diff --git a/include/envoy/formatter/substitution_formatter.h b/envoy/formatter/substitution_formatter.h similarity index 100% rename from include/envoy/formatter/substitution_formatter.h rename to envoy/formatter/substitution_formatter.h diff --git a/include/envoy/grpc/BUILD b/envoy/grpc/BUILD similarity index 67% rename from include/envoy/grpc/BUILD rename to envoy/grpc/BUILD index 07d87ce33d19..0d782aee76e5 100644 --- a/include/envoy/grpc/BUILD +++ b/envoy/grpc/BUILD @@ -14,10 +14,10 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":status", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/http:async_client_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/buffer:buffer_interface", + "//envoy/http:async_client_interface", + "//envoy/http:header_map_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/common:assert_lib", "//source/common/protobuf", ], @@ -28,7 +28,7 @@ envoy_cc_library( hdrs = ["async_client_manager.h"], deps = [ ":async_client_interface", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -37,8 +37,8 @@ envoy_cc_library( name = "context_interface", hdrs = ["context.h"], deps = [ - "//include/envoy/http:context_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:context_interface", + "//envoy/upstream:upstream_interface", ], ) @@ -49,8 +49,8 @@ envoy_cc_library( "grpc", ], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/api:api_interface", + "//envoy/config:typed_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/grpc/async_client.h b/envoy/grpc/async_client.h similarity index 98% rename from include/envoy/grpc/async_client.h rename to envoy/grpc/async_client.h index bba3d106df00..09caee17099f 100644 --- a/include/envoy/grpc/async_client.h +++ b/envoy/grpc/async_client.h @@ -9,8 +9,8 @@ #include "envoy/http/header_map.h" #include "envoy/tracing/http_tracer.h" -#include "common/common/assert.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/include/envoy/grpc/async_client_manager.h b/envoy/grpc/async_client_manager.h similarity index 100% rename from include/envoy/grpc/async_client_manager.h rename to envoy/grpc/async_client_manager.h diff --git a/include/envoy/grpc/context.h b/envoy/grpc/context.h similarity index 100% rename from include/envoy/grpc/context.h rename to envoy/grpc/context.h diff --git a/include/envoy/grpc/google_grpc_creds.h b/envoy/grpc/google_grpc_creds.h similarity index 100% rename from include/envoy/grpc/google_grpc_creds.h rename to envoy/grpc/google_grpc_creds.h diff --git a/include/envoy/grpc/status.h b/envoy/grpc/status.h similarity index 100% rename from include/envoy/grpc/status.h rename to envoy/grpc/status.h diff --git a/include/envoy/http/BUILD b/envoy/http/BUILD similarity index 66% rename from include/envoy/http/BUILD rename to envoy/http/BUILD index de8f76446a1d..dab2c3fab66c 100644 --- a/include/envoy/http/BUILD +++ b/envoy/http/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "alternate_protocols_cache_interface", hdrs = ["alternate_protocols_cache.h"], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -29,8 +29,8 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":message_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/protobuf", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], @@ -43,10 +43,10 @@ envoy_cc_library( ":header_map_interface", ":metadata_interface", ":protocol_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/grpc:status", - "//include/envoy/network:address_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/buffer:buffer_interface", + "//envoy/grpc:status", + "//envoy/network:address_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/http:status_lib", ], ) @@ -54,7 +54,7 @@ envoy_cc_library( envoy_cc_library( name = "codes_interface", hdrs = ["codes.h"], - deps = ["//include/envoy/stats:stats_interface"], + deps = ["//envoy/stats:stats_interface"], ) envoy_cc_library( @@ -62,9 +62,9 @@ envoy_cc_library( hdrs = ["conn_pool.h"], deps = [ ":codec_interface", - "//include/envoy/common:conn_pool_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/upstream:upstream_interface", + "//envoy/common:conn_pool_interface", + "//envoy/event:deferred_deletable", + "//envoy/upstream:upstream_interface", ], ) @@ -84,15 +84,15 @@ envoy_cc_library( deps = [ ":codec_interface", ":header_map_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:status", - "//include/envoy/matcher:matcher_interface", - "//include/envoy/router:router_interface", - "//include/envoy/ssl:connection_interface", - "//include/envoy/stream_info:stream_info_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/access_log:access_log_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:status", + "//envoy/matcher:matcher_interface", + "//envoy/router:router_interface", + "//envoy/ssl:connection_interface", + "//envoy/stream_info:stream_info_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/common:scope_tracked_object_stack", ], ) @@ -102,8 +102,8 @@ envoy_cc_library( hdrs = ["hash_policy.h"], deps = [ ":header_map_interface", - "//include/envoy/network:address_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/network:address_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -125,7 +125,7 @@ envoy_cc_library( hdrs = ["message.h"], deps = [ ":header_map_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) @@ -150,7 +150,7 @@ envoy_cc_library( hdrs = ["request_id_extension.h"], deps = [ ":header_map_interface", - "//include/envoy/tracing:trace_reason_interface", + "//envoy/tracing:trace_reason_interface", ], ) @@ -158,7 +158,7 @@ envoy_cc_library( name = "header_formatter_interface", hdrs = ["header_formatter.h"], deps = [ - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", ], ) @@ -168,8 +168,8 @@ envoy_cc_library( deps = [ ":codes_interface", ":header_map_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/network:address_interface", - "//include/envoy/server:factory_context_interface", + "//envoy/config:typed_config_interface", + "//envoy/network:address_interface", + "//envoy/server:factory_context_interface", ], ) diff --git a/include/envoy/http/alternate_protocols_cache.h b/envoy/http/alternate_protocols_cache.h similarity index 91% rename from include/envoy/http/alternate_protocols_cache.h rename to envoy/http/alternate_protocols_cache.h index 6d94f32eafcb..2d02cda9bd48 100644 --- a/include/envoy/http/alternate_protocols_cache.h +++ b/envoy/http/alternate_protocols_cache.h @@ -64,16 +64,18 @@ class AlternateProtocolsCache { }; /** - * Represents an alternative protocol that can be used to connect to an origin. + * Represents an alternative protocol that can be used to connect to an origin + * with a specified expiration time. */ struct AlternateProtocol { public: - AlternateProtocol(absl::string_view alpn, absl::string_view hostname, uint32_t port) - : alpn_(alpn), hostname_(hostname), port_(port) {} + AlternateProtocol(absl::string_view alpn, absl::string_view hostname, uint32_t port, + MonotonicTime expiration) + : alpn_(alpn), hostname_(hostname), port_(port), expiration_(expiration) {} bool operator==(const AlternateProtocol& other) const { - return std::tie(alpn_, hostname_, port_) == - std::tie(other.alpn_, other.hostname_, other.port_); + return std::tie(alpn_, hostname_, port_, expiration_) == + std::tie(other.alpn_, other.hostname_, other.port_, other.expiration_); } bool operator!=(const AlternateProtocol& other) const { return !this->operator==(other); } @@ -81,6 +83,7 @@ class AlternateProtocolsCache { std::string alpn_; std::string hostname_; uint32_t port_; + MonotonicTime expiration_; }; virtual ~AlternateProtocolsCache() = default; @@ -90,11 +93,9 @@ class AlternateProtocolsCache { * specified origin. Expires after the specified expiration time. * @param origin The origin to set alternate protocols for. * @param protocols A list of alternate protocols. - * @param expiration The time after which the alternatives are no longer valid. */ virtual void setAlternatives(const Origin& origin, - const std::vector& protocols, - const MonotonicTime& expiration) PURE; + const std::vector& protocols) PURE; /** * Returns the possible alternative protocols which can be used to connect to the diff --git a/include/envoy/http/api_listener.h b/envoy/http/api_listener.h similarity index 100% rename from include/envoy/http/api_listener.h rename to envoy/http/api_listener.h diff --git a/include/envoy/http/async_client.h b/envoy/http/async_client.h similarity index 99% rename from include/envoy/http/async_client.h rename to envoy/http/async_client.h index b38eabc2d76c..81058137ce6a 100644 --- a/include/envoy/http/async_client.h +++ b/envoy/http/async_client.h @@ -9,7 +9,7 @@ #include "envoy/stream_info/stream_info.h" #include "envoy/tracing/http_tracer.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/include/envoy/http/codec.h b/envoy/http/codec.h similarity index 98% rename from include/envoy/http/codec.h rename to envoy/http/codec.h index 9e91a4d9df4a..3674fd88c312 100644 --- a/include/envoy/http/codec.h +++ b/envoy/http/codec.h @@ -14,11 +14,13 @@ #include "envoy/network/address.h" #include "envoy/stream_info/stream_info.h" -#include "common/http/status.h" +#include "source/common/http/status.h" namespace Envoy { namespace Http { +enum class CodecType { HTTP1, HTTP2, HTTP3 }; + namespace Http1 { struct CodecStats; } @@ -282,7 +284,9 @@ enum class StreamResetReason { // Either there was an early TCP error for a CONNECT request or the peer reset with CONNECT_ERROR ConnectError, // Received payload did not conform to HTTP protocol. - ProtocolError + ProtocolError, + // If the stream was locally reset by the Overload Manager. + OverloadManager }; /** @@ -379,6 +383,12 @@ class Stream { * small window updates as satisfying the idle timeout as this is a potential DoS vector. */ virtual void setFlushTimeout(std::chrono::milliseconds timeout) PURE; + + /** + * Sets the account for this stream, propagating it to all of its buffers. + * @param the account to assign this stream. + */ + virtual void setAccount(Buffer::BufferMemoryAccountSharedPtr account) PURE; }; /** diff --git a/include/envoy/http/codes.h b/envoy/http/codes.h similarity index 93% rename from include/envoy/http/codes.h rename to envoy/http/codes.h index c0d80c64078f..6be4a4157cfc 100644 --- a/include/envoy/http/codes.h +++ b/envoy/http/codes.h @@ -99,9 +99,11 @@ class CodeStats { /** * Charge a response stat to both agg counters (*xx) as well as code specific counters. This * routine also looks for the x-envoy-upstream-canary header and if it is set, also charges - * canary stats. + * canary stats. exclude_http_code_stats will skip charging HTTP group/individual status + * code stats if set to True. */ - virtual void chargeResponseStat(const ResponseStatInfo& info) const PURE; + virtual void chargeResponseStat(const ResponseStatInfo& info, + bool exclude_http_code_stats) const PURE; /** * Charge a response timing to the various dynamic stat postfixes. diff --git a/include/envoy/http/conn_pool.h b/envoy/http/conn_pool.h similarity index 100% rename from include/envoy/http/conn_pool.h rename to envoy/http/conn_pool.h diff --git a/include/envoy/http/context.h b/envoy/http/context.h similarity index 100% rename from include/envoy/http/context.h rename to envoy/http/context.h diff --git a/include/envoy/http/filter.h b/envoy/http/filter.h similarity index 99% rename from include/envoy/http/filter.h rename to envoy/http/filter.h index 48a23a7e8e7b..e677c85e1b7d 100644 --- a/include/envoy/http/filter.h +++ b/envoy/http/filter.h @@ -6,6 +6,7 @@ #include #include "envoy/access_log/access_log.h" +#include "envoy/buffer/buffer.h" #include "envoy/common/scope_tracker.h" #include "envoy/event/dispatcher.h" #include "envoy/grpc/status.h" @@ -17,7 +18,7 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/upstream.h" -#include "common/common/scope_tracked_object_stack.h" +#include "source/common/common/scope_tracked_object_stack.h" #include "absl/types/optional.h" @@ -556,6 +557,11 @@ class StreamDecoderFilterCallbacks : public virtual StreamFilterCallbacks { */ virtual uint32_t decoderBufferLimit() PURE; + /** + * @return the account, if any, used by this stream. + */ + virtual Buffer::BufferMemoryAccountSharedPtr account() const PURE; + /** * Takes a stream, and acts as if the headers are newly arrived. * On success, this will result in a creating a new filter chain and likely diff --git a/include/envoy/http/hash_policy.h b/envoy/http/hash_policy.h similarity index 100% rename from include/envoy/http/hash_policy.h rename to envoy/http/hash_policy.h diff --git a/include/envoy/http/header_formatter.h b/envoy/http/header_formatter.h similarity index 100% rename from include/envoy/http/header_formatter.h rename to envoy/http/header_formatter.h diff --git a/include/envoy/http/header_map.h b/envoy/http/header_map.h similarity index 99% rename from include/envoy/http/header_map.h rename to envoy/http/header_map.h index 2567a95b6935..202f2e492f44 100644 --- a/include/envoy/http/header_map.h +++ b/envoy/http/header_map.h @@ -12,9 +12,9 @@ #include "envoy/common/pure.h" #include "envoy/http/header_formatter.h" -#include "common/common/assert.h" -#include "common/common/hash.h" -#include "common/common/macros.h" +#include "source/common/common/assert.h" +#include "source/common/common/hash.h" +#include "source/common/common/macros.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" diff --git a/include/envoy/http/message.h b/envoy/http/message.h similarity index 100% rename from include/envoy/http/message.h rename to envoy/http/message.h diff --git a/include/envoy/http/metadata_interface.h b/envoy/http/metadata_interface.h similarity index 100% rename from include/envoy/http/metadata_interface.h rename to envoy/http/metadata_interface.h diff --git a/include/envoy/http/original_ip_detection.h b/envoy/http/original_ip_detection.h similarity index 100% rename from include/envoy/http/original_ip_detection.h rename to envoy/http/original_ip_detection.h diff --git a/include/envoy/http/protocol.h b/envoy/http/protocol.h similarity index 100% rename from include/envoy/http/protocol.h rename to envoy/http/protocol.h diff --git a/include/envoy/http/query_params.h b/envoy/http/query_params.h similarity index 100% rename from include/envoy/http/query_params.h rename to envoy/http/query_params.h diff --git a/include/envoy/http/request_id_extension.h b/envoy/http/request_id_extension.h similarity index 100% rename from include/envoy/http/request_id_extension.h rename to envoy/http/request_id_extension.h diff --git a/include/envoy/init/BUILD b/envoy/init/BUILD similarity index 100% rename from include/envoy/init/BUILD rename to envoy/init/BUILD diff --git a/include/envoy/init/manager.h b/envoy/init/manager.h similarity index 100% rename from include/envoy/init/manager.h rename to envoy/init/manager.h diff --git a/include/envoy/init/target.h b/envoy/init/target.h similarity index 100% rename from include/envoy/init/target.h rename to envoy/init/target.h diff --git a/include/envoy/init/watcher.h b/envoy/init/watcher.h similarity index 100% rename from include/envoy/init/watcher.h rename to envoy/init/watcher.h diff --git a/include/envoy/json/BUILD b/envoy/json/BUILD similarity index 100% rename from include/envoy/json/BUILD rename to envoy/json/BUILD diff --git a/include/envoy/json/json_object.h b/envoy/json/json_object.h similarity index 100% rename from include/envoy/json/json_object.h rename to envoy/json/json_object.h diff --git a/include/envoy/local_info/BUILD b/envoy/local_info/BUILD similarity index 64% rename from include/envoy/local_info/BUILD rename to envoy/local_info/BUILD index 20cf5b66d0bb..31ee44aa746e 100644 --- a/include/envoy/local_info/BUILD +++ b/envoy/local_info/BUILD @@ -12,9 +12,9 @@ envoy_cc_library( name = "local_info_interface", hdrs = ["local_info.h"], deps = [ - "//include/envoy/config:context_provider_interface", - "//include/envoy/network:address_interface", - "//include/envoy/stats:symbol_table_interface", + "//envoy/config:context_provider_interface", + "//envoy/network:address_interface", + "//envoy/stats:symbol_table_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/local_info/local_info.h b/envoy/local_info/local_info.h similarity index 100% rename from include/envoy/local_info/local_info.h rename to envoy/local_info/local_info.h diff --git a/include/envoy/matcher/BUILD b/envoy/matcher/BUILD similarity index 78% rename from include/envoy/matcher/BUILD rename to envoy/matcher/BUILD index fadfc109afb0..e04a38f51cfb 100644 --- a/include/envoy/matcher/BUILD +++ b/envoy/matcher/BUILD @@ -16,8 +16,8 @@ envoy_cc_library( "abseil_hash", ], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/config:typed_config_interface", + "//envoy/protobuf:message_validator_interface", "@envoy_api//envoy/config/common/matcher/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], diff --git a/include/envoy/matcher/matcher.h b/envoy/matcher/matcher.h similarity index 90% rename from include/envoy/matcher/matcher.h rename to envoy/matcher/matcher.h index f334ccedf209..9606d841c1fa 100644 --- a/include/envoy/matcher/matcher.h +++ b/envoy/matcher/matcher.h @@ -146,15 +146,16 @@ class InputMatcher { }; using InputMatcherPtr = std::unique_ptr; +using InputMatcherFactoryCb = std::function; /** * Factory for registering custom input matchers. */ class InputMatcherFactory : public Config::TypedFactory { public: - virtual InputMatcherPtr - createInputMatcher(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) PURE; + virtual InputMatcherFactoryCb + createInputMatcherFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) PURE; std::string category() const override { return "envoy.matching.input_matchers"; } }; @@ -183,7 +184,7 @@ struct DataInputGetResult { // which attempts to look a key up in the map: if we don't have access to the map yet, we return // absl::nullopt with NotAvailable. If we have the entire map, but the key doesn't exist in the // map, we return absl::nullopt with AllDataAvailable. - absl::optional data_; + absl::optional data_; // For pretty printing. friend std::ostream& operator<<(std::ostream& out, const DataInputGetResult& result) { @@ -209,10 +210,11 @@ template class DataInput { public: virtual ~DataInput() = default; - virtual DataInputGetResult get(const DataType& data) PURE; + virtual DataInputGetResult get(const DataType& data) const PURE; }; template using DataInputPtr = std::unique_ptr>; +template using DataInputFactoryCb = std::function()>; /** * Factory for data inputs. @@ -222,9 +224,9 @@ template class DataInputFactory : public Config::TypedFactory { /** * Creates a DataInput from the provided config. */ - virtual DataInputPtr - createDataInput(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) PURE; + virtual DataInputFactoryCb + createDataInputFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) PURE; /** * The category of this factory depends on the DataType, so we require a name() function to exist @@ -245,9 +247,10 @@ template class DataInputFactory : public Config::TypedFactory { class CommonProtocolInput { public: virtual ~CommonProtocolInput() = default; - virtual absl::optional get() PURE; + virtual absl::optional get() PURE; }; using CommonProtocolInputPtr = std::unique_ptr; +using CommonProtocolInputFactoryCb = std::function; /** * Factory for CommonProtocolInput. @@ -257,9 +260,9 @@ class CommonProtocolInputFactory : public Config::TypedFactory { /** * Creates a CommonProtocolInput from the provided config. */ - virtual CommonProtocolInputPtr - createCommonProtocolInput(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) PURE; + virtual CommonProtocolInputFactoryCb + createCommonProtocolInputFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) PURE; std::string category() const override { return "envoy.matching.common_inputs"; } }; diff --git a/include/envoy/network/BUILD b/envoy/network/BUILD similarity index 72% rename from include/envoy/network/BUILD rename to envoy/network/BUILD index 32239faccff6..10a3458c687a 100644 --- a/include/envoy/network/BUILD +++ b/envoy/network/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "address_interface", hdrs = ["address.h"], deps = [ - "//include/envoy/api:os_sys_calls_interface", + "//envoy/api:os_sys_calls_interface", ], ) @@ -24,10 +24,10 @@ envoy_cc_library( ":address_interface", ":filter_interface", ":listen_socket_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/ssl:connection_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:deferred_deletable", + "//envoy/ssl:connection_interface", + "//envoy/stream_info:stream_info_interface", ], ) @@ -38,7 +38,7 @@ envoy_cc_library( ":connection_balancer_interface", ":listen_socket_interface", ":listener_interface", - "//include/envoy/ssl:context_interface", + "//envoy/ssl:context_interface", "//source/common/common:interval_value", ], ) @@ -50,17 +50,17 @@ envoy_cc_library( ":address_interface", ":io_handle_interface", ":socket_interface", - "//include/envoy/api:io_error_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/api:io_error_interface", + "//envoy/buffer:buffer_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", ], ) envoy_cc_library( name = "dns_interface", hdrs = ["dns.h"], - deps = ["//include/envoy/network:address_interface"], + deps = ["//envoy/network:address_interface"], ) envoy_cc_library( @@ -79,9 +79,9 @@ envoy_cc_library( deps = [ ":listen_socket_interface", ":transport_socket_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/stream_info:stream_info_interface", - "//include/envoy/upstream:host_description_interface", + "//envoy/buffer:buffer_interface", + "//envoy/stream_info:stream_info_interface", + "//envoy/upstream:host_description_interface", "//source/common/protobuf", ], ) @@ -101,9 +101,9 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":address_interface", - "//include/envoy/api:io_error_interface", - "//include/envoy/api:os_sys_calls_interface", - "//include/envoy/event:file_event_interface", + "//envoy/api:io_error_interface", + "//envoy/api:os_sys_calls_interface", + "//envoy/event:file_event_interface", "//source/common/common:assert_lib", ], ) @@ -123,7 +123,7 @@ envoy_cc_library( hdrs = ["socket_interface.h"], deps = [ ":socket_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", ], ) @@ -133,7 +133,7 @@ envoy_cc_library( deps = [ ":io_handle_interface", ":socket_interface", - "//include/envoy/common:scope_tracker_interface", + "//envoy/common:scope_tracker_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -145,8 +145,8 @@ envoy_cc_library( ":io_handle_interface", ":post_io_action_interface", ":proxy_protocol_options_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/ssl:connection_interface", + "//envoy/buffer:buffer_interface", + "//envoy/ssl:connection_interface", ], ) @@ -172,10 +172,10 @@ envoy_cc_library( ":connection_interface", ":listen_socket_interface", ":udp_packet_writer_handler_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/common:resource_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/stats:stats_interface", + "//envoy/access_log:access_log_interface", + "//envoy/common:resource_interface", + "//envoy/init:manager_interface", + "//envoy/stats:stats_interface", "//source/common/common:interval_value", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", @@ -187,7 +187,7 @@ envoy_cc_library( hdrs = ["resolver.h"], deps = [ ":address_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/network/address.h b/envoy/network/address.h similarity index 100% rename from include/envoy/network/address.h rename to envoy/network/address.h diff --git a/include/envoy/network/connection.h b/envoy/network/connection.h similarity index 100% rename from include/envoy/network/connection.h rename to envoy/network/connection.h diff --git a/include/envoy/network/connection_balancer.h b/envoy/network/connection_balancer.h similarity index 100% rename from include/envoy/network/connection_balancer.h rename to envoy/network/connection_balancer.h diff --git a/include/envoy/network/connection_handler.h b/envoy/network/connection_handler.h similarity index 99% rename from include/envoy/network/connection_handler.h rename to envoy/network/connection_handler.h index 1a3ba831bfc9..e5c48a359ed6 100644 --- a/include/envoy/network/connection_handler.h +++ b/envoy/network/connection_handler.h @@ -10,7 +10,7 @@ #include "envoy/network/listener.h" #include "envoy/ssl/context.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" namespace Envoy { namespace Network { diff --git a/include/envoy/network/dns.h b/envoy/network/dns.h similarity index 100% rename from include/envoy/network/dns.h rename to envoy/network/dns.h diff --git a/include/envoy/network/drain_decision.h b/envoy/network/drain_decision.h similarity index 100% rename from include/envoy/network/drain_decision.h rename to envoy/network/drain_decision.h diff --git a/include/envoy/network/exception.h b/envoy/network/exception.h similarity index 100% rename from include/envoy/network/exception.h rename to envoy/network/exception.h diff --git a/include/envoy/network/filter.h b/envoy/network/filter.h similarity index 99% rename from include/envoy/network/filter.h rename to envoy/network/filter.h index 88b94cc664ab..f14a11bf53c8 100644 --- a/include/envoy/network/filter.h +++ b/envoy/network/filter.h @@ -8,7 +8,7 @@ #include "envoy/stream_info/stream_info.h" #include "envoy/upstream/host_description.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { diff --git a/include/envoy/network/hash_policy.h b/envoy/network/hash_policy.h similarity index 100% rename from include/envoy/network/hash_policy.h rename to envoy/network/hash_policy.h diff --git a/include/envoy/network/io_handle.h b/envoy/network/io_handle.h similarity index 100% rename from include/envoy/network/io_handle.h rename to envoy/network/io_handle.h diff --git a/include/envoy/network/listen_socket.h b/envoy/network/listen_socket.h similarity index 100% rename from include/envoy/network/listen_socket.h rename to envoy/network/listen_socket.h diff --git a/include/envoy/network/listener.h b/envoy/network/listener.h similarity index 98% rename from include/envoy/network/listener.h rename to envoy/network/listener.h index 7c6eabe3e3c6..d4377278d59a 100644 --- a/include/envoy/network/listener.h +++ b/envoy/network/listener.h @@ -17,7 +17,7 @@ #include "envoy/network/udp_packet_writer_handler.h" #include "envoy/stats/scope.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" namespace Envoy { namespace Network { @@ -330,6 +330,11 @@ class UdpListenerCallbacks { * Posts ``data`` to be delivered on this worker. */ virtual void post(Network::UdpRecvData&& data) PURE; + + /** + * An estimated number of UDP packets this callback expects to process in current read event. + */ + virtual size_t numPacketsExpectedPerEventLoop() const PURE; }; using UdpListenerCallbacksOptRef = absl::optional>; diff --git a/include/envoy/network/post_io_action.h b/envoy/network/post_io_action.h similarity index 100% rename from include/envoy/network/post_io_action.h rename to envoy/network/post_io_action.h diff --git a/include/envoy/network/proxy_protocol.h b/envoy/network/proxy_protocol.h similarity index 100% rename from include/envoy/network/proxy_protocol.h rename to envoy/network/proxy_protocol.h diff --git a/include/envoy/network/resolver.h b/envoy/network/resolver.h similarity index 100% rename from include/envoy/network/resolver.h rename to envoy/network/resolver.h diff --git a/include/envoy/network/socket.h b/envoy/network/socket.h similarity index 100% rename from include/envoy/network/socket.h rename to envoy/network/socket.h diff --git a/include/envoy/network/socket_interface.h b/envoy/network/socket_interface.h similarity index 100% rename from include/envoy/network/socket_interface.h rename to envoy/network/socket_interface.h diff --git a/include/envoy/network/transport_socket.h b/envoy/network/transport_socket.h similarity index 100% rename from include/envoy/network/transport_socket.h rename to envoy/network/transport_socket.h diff --git a/include/envoy/network/udp_packet_writer_handler.h b/envoy/network/udp_packet_writer_handler.h similarity index 100% rename from include/envoy/network/udp_packet_writer_handler.h rename to envoy/network/udp_packet_writer_handler.h diff --git a/include/envoy/protobuf/BUILD b/envoy/protobuf/BUILD similarity index 100% rename from include/envoy/protobuf/BUILD rename to envoy/protobuf/BUILD diff --git a/include/envoy/protobuf/message_validator.h b/envoy/protobuf/message_validator.h similarity index 97% rename from include/envoy/protobuf/message_validator.h rename to envoy/protobuf/message_validator.h index 8ec4dccb46e3..6a2f02c274c7 100644 --- a/include/envoy/protobuf/message_validator.h +++ b/envoy/protobuf/message_validator.h @@ -3,7 +3,7 @@ #include "envoy/common/exception.h" #include "envoy/common/pure.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/string_view.h" diff --git a/include/envoy/ratelimit/BUILD b/envoy/ratelimit/BUILD similarity index 55% rename from include/envoy/ratelimit/BUILD rename to envoy/ratelimit/BUILD index 96c325023043..42e2cd2b6b23 100644 --- a/include/envoy/ratelimit/BUILD +++ b/envoy/ratelimit/BUILD @@ -12,10 +12,10 @@ envoy_cc_library( name = "ratelimit_interface", hdrs = ["ratelimit.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/config:typed_config_interface", + "//envoy/http:header_map_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/stream_info:stream_info_interface", "@envoy_api//envoy/type/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/ratelimit/ratelimit.h b/envoy/ratelimit/ratelimit.h similarity index 100% rename from include/envoy/ratelimit/ratelimit.h rename to envoy/ratelimit/ratelimit.h diff --git a/include/envoy/registry/BUILD b/envoy/registry/BUILD similarity index 100% rename from include/envoy/registry/BUILD rename to envoy/registry/BUILD diff --git a/include/envoy/registry/registry.h b/envoy/registry/registry.h similarity index 98% rename from include/envoy/registry/registry.h rename to envoy/registry/registry.h index b90e86ca52f3..1bc909f23c76 100644 --- a/include/envoy/registry/registry.h +++ b/envoy/registry/registry.h @@ -9,14 +9,13 @@ #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/config/api_type_oracle.h" -#include "common/protobuf/utility.h" - -#include "extensions/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_type_oracle.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/common/utility.h" #include "absl/base/attributes.h" #include "absl/container/flat_hash_map.h" diff --git a/include/envoy/router/BUILD b/envoy/router/BUILD similarity index 55% rename from include/envoy/router/BUILD rename to envoy/router/BUILD index 754412a7ee34..86bc52bc99f0 100644 --- a/include/envoy/router/BUILD +++ b/envoy/router/BUILD @@ -18,7 +18,7 @@ envoy_cc_library( hdrs = ["rds.h"], deps = [ ":router_interface", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) @@ -28,14 +28,14 @@ envoy_cc_library( hdrs = ["route_config_provider_manager.h"], deps = [ ":rds_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/json:json_object_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/json:json_object_interface", + "//envoy/local_info:local_info_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], @@ -47,7 +47,7 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":rds_interface", - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/protobuf", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", @@ -60,20 +60,20 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":internal_redirect_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/common:conn_pool_interface", - "//include/envoy/common:matchers_interface", - "//include/envoy/common:time_interface", - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:hash_policy_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:resource_manager_interface", - "//include/envoy/upstream:retry_interface", + "//envoy/access_log:access_log_interface", + "//envoy/common:conn_pool_interface", + "//envoy/common:matchers_interface", + "//envoy/common:time_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/http:codec_interface", + "//envoy/http:codes_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:hash_policy_interface", + "//envoy/http:header_map_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:resource_manager_interface", + "//envoy/upstream:retry_interface", "//source/common/protobuf", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -87,8 +87,8 @@ envoy_cc_library( hdrs = ["scopes.h"], deps = [ ":router_interface", - "//include/envoy/config:config_provider_interface", - "//include/envoy/http:header_map_interface", + "//envoy/config:config_provider_interface", + "//envoy/http:header_map_interface", ], ) @@ -96,8 +96,8 @@ envoy_cc_library( name = "router_ratelimit_interface", hdrs = ["router_ratelimit.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/ratelimit:ratelimit_interface", + "//envoy/http:filter_interface", + "//envoy/ratelimit:ratelimit_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -106,8 +106,8 @@ envoy_cc_library( name = "shadow_writer_interface", hdrs = ["shadow_writer.h"], deps = [ - "//include/envoy/http:async_client_interface", - "//include/envoy/http:message_interface", + "//envoy/http:async_client_interface", + "//envoy/http:message_interface", ], ) @@ -116,7 +116,7 @@ envoy_cc_library( hdrs = ["string_accessor.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -124,8 +124,8 @@ envoy_cc_library( name = "internal_redirect_interface", hdrs = ["internal_redirect.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/config:typed_config_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:minimal_logger_lib", ], ) diff --git a/include/envoy/router/context.h b/envoy/router/context.h similarity index 100% rename from include/envoy/router/context.h rename to envoy/router/context.h diff --git a/include/envoy/router/internal_redirect.h b/envoy/router/internal_redirect.h similarity index 98% rename from include/envoy/router/internal_redirect.h rename to envoy/router/internal_redirect.h index 95f624255ace..1352bb1e2f2f 100644 --- a/include/envoy/router/internal_redirect.h +++ b/envoy/router/internal_redirect.h @@ -3,7 +3,7 @@ #include "envoy/config/typed_config.h" #include "envoy/stream_info/filter_state.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/strings/string_view.h" diff --git a/include/envoy/router/rds.h b/envoy/router/rds.h similarity index 100% rename from include/envoy/router/rds.h rename to envoy/router/rds.h diff --git a/include/envoy/router/route_config_provider_manager.h b/envoy/router/route_config_provider_manager.h similarity index 100% rename from include/envoy/router/route_config_provider_manager.h rename to envoy/router/route_config_provider_manager.h diff --git a/include/envoy/router/route_config_update_receiver.h b/envoy/router/route_config_update_receiver.h similarity index 98% rename from include/envoy/router/route_config_update_receiver.h rename to envoy/router/route_config_update_receiver.h index a22342274c0c..13ab7c45cefb 100644 --- a/include/envoy/router/route_config_update_receiver.h +++ b/envoy/router/route_config_update_receiver.h @@ -8,7 +8,7 @@ #include "envoy/router/rds.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/include/envoy/router/router.h b/envoy/router/router.h similarity index 98% rename from include/envoy/router/router.h rename to envoy/router/router.h index 95944beddb2b..e8a932262bfb 100644 --- a/include/envoy/router/router.h +++ b/envoy/router/router.h @@ -26,8 +26,8 @@ #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/retry.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "absl/types/optional.h" @@ -64,9 +64,11 @@ class ResponseEntry { * process them later. Note: do not use unless you are sure that there will be no route * modifications later in the filter chain. * @param stream_info holds additional information about the request. + * @param do_formatting whether or not to evaluate configured transformations; if false, returns + * original values instead. */ - virtual Http::HeaderTransforms - responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const PURE; + virtual Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const PURE; }; /** @@ -1327,6 +1329,12 @@ class GenericUpstream { * @param reason supplies the reset reason. */ virtual void resetStream() PURE; + + /** + * Sets the upstream to use the following account. + * @param the account to assign the generic upstream. + */ + virtual void setAccount(Buffer::BufferMemoryAccountSharedPtr account) PURE; }; using GenericConnPoolPtr = std::unique_ptr; diff --git a/include/envoy/router/router_ratelimit.h b/envoy/router/router_ratelimit.h similarity index 100% rename from include/envoy/router/router_ratelimit.h rename to envoy/router/router_ratelimit.h diff --git a/include/envoy/router/scopes.h b/envoy/router/scopes.h similarity index 100% rename from include/envoy/router/scopes.h rename to envoy/router/scopes.h diff --git a/include/envoy/router/shadow_writer.h b/envoy/router/shadow_writer.h similarity index 100% rename from include/envoy/router/shadow_writer.h rename to envoy/router/shadow_writer.h diff --git a/include/envoy/router/string_accessor.h b/envoy/router/string_accessor.h similarity index 100% rename from include/envoy/router/string_accessor.h rename to envoy/router/string_accessor.h diff --git a/include/envoy/runtime/BUILD b/envoy/runtime/BUILD similarity index 81% rename from include/envoy/runtime/BUILD rename to envoy/runtime/BUILD index f28a5af6a50e..da5c1527ab1a 100644 --- a/include/envoy/runtime/BUILD +++ b/envoy/runtime/BUILD @@ -16,8 +16,8 @@ envoy_cc_library( "abseil_optional", ], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_object", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_object", "//source/common/common:assert_lib", "//source/common/singleton:threadsafe_singleton", "@envoy_api//envoy/type/v3:pkg_cc_proto", diff --git a/include/envoy/runtime/runtime.h b/envoy/runtime/runtime.h similarity index 99% rename from include/envoy/runtime/runtime.h rename to envoy/runtime/runtime.h index 27264a1f9e58..36be807ac628 100644 --- a/include/envoy/runtime/runtime.h +++ b/envoy/runtime/runtime.h @@ -12,8 +12,8 @@ #include "envoy/thread_local/thread_local_object.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/assert.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_map.h" diff --git a/include/envoy/secret/BUILD b/envoy/secret/BUILD similarity index 76% rename from include/envoy/secret/BUILD rename to envoy/secret/BUILD index 04adec2fab50..0f510ec3992e 100644 --- a/include/envoy/secret/BUILD +++ b/envoy/secret/BUILD @@ -18,9 +18,9 @@ envoy_cc_library( hdrs = ["secret_provider.h"], deps = [ ":secret_callbacks_interface", - "//include/envoy/common:callback", - "//include/envoy/ssl:certificate_validation_context_config_interface", - "//include/envoy/ssl:tls_certificate_config_interface", + "//envoy/common:callback", + "//envoy/ssl:certificate_validation_context_config_interface", + "//envoy/ssl:tls_certificate_config_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) @@ -30,7 +30,7 @@ envoy_cc_library( hdrs = ["secret_manager.h"], deps = [ ":secret_provider_interface", - "//include/envoy/init:target_interface", + "//envoy/init:target_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], diff --git a/include/envoy/secret/secret_callbacks.h b/envoy/secret/secret_callbacks.h similarity index 100% rename from include/envoy/secret/secret_callbacks.h rename to envoy/secret/secret_callbacks.h diff --git a/include/envoy/secret/secret_manager.h b/envoy/secret/secret_manager.h similarity index 100% rename from include/envoy/secret/secret_manager.h rename to envoy/secret/secret_manager.h diff --git a/include/envoy/secret/secret_provider.h b/envoy/secret/secret_provider.h similarity index 100% rename from include/envoy/secret/secret_provider.h rename to envoy/secret/secret_provider.h diff --git a/include/envoy/server/BUILD b/envoy/server/BUILD similarity index 50% rename from include/envoy/server/BUILD rename to envoy/server/BUILD index accac0a60427..e7914be88152 100644 --- a/include/envoy/server/BUILD +++ b/envoy/server/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( hdrs = ["access_log_config.h"], deps = [ ":filter_config_interface", - "//include/envoy/access_log:access_log_interface", + "//envoy/access_log:access_log_interface", "//source/common/protobuf", ], ) @@ -23,18 +23,18 @@ envoy_cc_library( hdrs = ["admin.h"], deps = [ ":config_tracker_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:query_params_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/buffer:buffer_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/http:query_params_interface", + "//envoy/network:listen_socket_interface", ], ) envoy_cc_library( name = "api_listener_interface", hdrs = ["api_listener.h"], - deps = ["//include/envoy/http:api_listener_interface"], + deps = ["//envoy/http:api_listener_interface"], ) envoy_cc_library( @@ -42,9 +42,9 @@ envoy_cc_library( hdrs = ["configuration.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/http:context_interface", - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:context_interface", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) @@ -61,17 +61,17 @@ envoy_cc_library( envoy_cc_library( name = "drain_manager_interface", hdrs = ["drain_manager.h"], - deps = ["//include/envoy/network:drain_decision_interface"], + deps = ["//envoy/network:drain_decision_interface"], ) envoy_cc_library( name = "guarddog_interface", hdrs = ["guarddog.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/server:watchdog_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread:thread_interface", + "//envoy/event:dispatcher_interface", + "//envoy/server:watchdog_interface", + "//envoy/stats:stats_interface", + "//envoy/thread:thread_interface", ], ) @@ -80,8 +80,8 @@ envoy_cc_library( hdrs = ["guarddog_config.h"], deps = [ ":guarddog_interface", - "//include/envoy/api:api_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/api:api_interface", + "//envoy/protobuf:message_validator_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) @@ -90,9 +90,9 @@ envoy_cc_library( name = "health_checker_config_interface", hdrs = ["health_checker_config.h"], deps = [ - "//include/envoy/common:random_generator_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/upstream:health_checker_interface", + "//envoy/common:random_generator_interface", + "//envoy/config:typed_config_interface", + "//envoy/upstream:health_checker_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -101,8 +101,8 @@ envoy_cc_library( name = "hot_restart_interface", hdrs = ["hot_restart.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/thread:thread_interface", + "//envoy/event:dispatcher_interface", + "//envoy/thread:thread_interface", "//source/server:hot_restart_cc_proto", ], ) @@ -118,21 +118,21 @@ envoy_cc_library( ":lifecycle_notifier_interface", ":listener_manager_interface", ":options_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/api:api_interface", - "//include/envoy/common:mutex_tracer", - "//include/envoy/event:timer_interface", - "//include/envoy/http:context_interface", - "//include/envoy/http:query_params_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/access_log:access_log_interface", + "//envoy/api:api_interface", + "//envoy/common:mutex_tracer", + "//envoy/event:timer_interface", + "//envoy/http:context_interface", + "//envoy/http:query_params_interface", + "//envoy/init:manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/runtime:runtime_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", ], ) @@ -141,8 +141,8 @@ envoy_cc_library( name = "options_interface", hdrs = ["options.h"], deps = [ - "//include/envoy/network:address_interface", - "//include/envoy/stats:stats_interface", + "//envoy/network:address_interface", + "//envoy/stats:stats_interface", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], @@ -152,8 +152,8 @@ envoy_cc_library( name = "worker_interface", hdrs = ["worker.h"], deps = [ - "//include/envoy/server:guarddog_interface", - "//include/envoy/server/overload:overload_manager_interface", + "//envoy/server:guarddog_interface", + "//envoy/server/overload:overload_manager_interface", ], ) @@ -161,7 +161,7 @@ envoy_cc_library( name = "watchdog_interface", hdrs = ["watchdog.h"], deps = [ - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", ], ) @@ -175,23 +175,23 @@ envoy_cc_library( ":lifecycle_notifier_interface", ":options_interface", ":process_context_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/api:api_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/grpc:context_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:context_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:drain_decision_interface", - "//include/envoy/router:context_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/access_log:access_log_interface", + "//envoy/api:api_interface", + "//envoy/config:typed_config_interface", + "//envoy/grpc:context_interface", + "//envoy/http:codes_interface", + "//envoy/http:context_interface", + "//envoy/http:filter_interface", + "//envoy/init:manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:drain_decision_interface", + "//envoy/router:context_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/singleton:manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:macros", "//source/common/protobuf", @@ -207,16 +207,16 @@ envoy_cc_library( ":factory_context_interface", ":lifecycle_notifier_interface", ":process_context_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/access_log:access_log_interface", + "//envoy/config:typed_config_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/singleton:manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:macros", "//source/common/protobuf", @@ -228,7 +228,7 @@ envoy_cc_library( name = "lifecycle_notifier_interface", hdrs = ["lifecycle_notifier.h"], deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", ], ) @@ -240,9 +240,9 @@ envoy_cc_library( ":drain_manager_interface", ":filter_config_interface", ":guarddog_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/ssl:context_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/ssl:context_interface", "//source/common/protobuf", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -260,18 +260,18 @@ envoy_cc_library( hdrs = ["transport_socket_config.h"], deps = [ ":factory_context_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:typed_config_interface", + "//envoy/event:dispatcher_interface", + "//envoy/init:manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:transport_socket_interface", + "//envoy/runtime:runtime_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/singleton:manager_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/protobuf", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -281,7 +281,7 @@ envoy_cc_library( name = "resource_monitor_interface", hdrs = ["resource_monitor.h"], deps = [ - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", "//source/common/protobuf", ], ) @@ -291,7 +291,7 @@ envoy_cc_library( hdrs = ["request_id_extension_config.h"], deps = [ ":filter_config_interface", - "//include/envoy/http:request_id_extension_interface", + "//envoy/http:request_id_extension_interface", "//source/common/protobuf", ], ) @@ -302,9 +302,9 @@ envoy_cc_library( deps = [ ":options_interface", ":resource_monitor_interface", - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", + "//envoy/protobuf:message_validator_interface", ], ) @@ -313,7 +313,7 @@ envoy_cc_library( hdrs = ["tracer_config.h"], deps = [ ":filter_config_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", "//source/common/protobuf", ], ) @@ -323,7 +323,7 @@ envoy_cc_library( hdrs = ["bootstrap_extension_config.h"], deps = [ ":factory_context_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", ], ) @@ -331,10 +331,10 @@ envoy_cc_library( name = "fatal_action_interface", hdrs = ["fatal_action_config.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/server:instance_interface", + "//envoy/config:typed_config_interface", + "//envoy/event:dispatcher_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/server:instance_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], ) @@ -343,7 +343,7 @@ envoy_cc_library( name = "platform_interface", hdrs = ["platform.h"], deps = [ - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/thread:thread_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/thread:thread_interface", ], ) diff --git a/include/envoy/server/access_log_config.h b/envoy/server/access_log_config.h similarity index 97% rename from include/envoy/server/access_log_config.h rename to envoy/server/access_log_config.h index 4202b3b61e41..7b64779ce792 100644 --- a/include/envoy/server/access_log_config.h +++ b/envoy/server/access_log_config.h @@ -6,7 +6,7 @@ #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/admin.h b/envoy/server/admin.h similarity index 100% rename from include/envoy/server/admin.h rename to envoy/server/admin.h diff --git a/include/envoy/server/api_listener.h b/envoy/server/api_listener.h similarity index 100% rename from include/envoy/server/api_listener.h rename to envoy/server/api_listener.h diff --git a/include/envoy/server/bootstrap_extension_config.h b/envoy/server/bootstrap_extension_config.h similarity index 97% rename from include/envoy/server/bootstrap_extension_config.h rename to envoy/server/bootstrap_extension_config.h index f674540d19fb..d70fb8d9ce0e 100644 --- a/include/envoy/server/bootstrap_extension_config.h +++ b/envoy/server/bootstrap_extension_config.h @@ -4,7 +4,7 @@ #include "envoy/server/factory_context.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/config_tracker.h b/envoy/server/config_tracker.h similarity index 95% rename from include/envoy/server/config_tracker.h rename to envoy/server/config_tracker.h index 53bcb11121e9..62932be2c853 100644 --- a/include/envoy/server/config_tracker.h +++ b/envoy/server/config_tracker.h @@ -6,8 +6,8 @@ #include "envoy/common/pure.h" -#include "common/common/non_copyable.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/non_copyable.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/configuration.h b/envoy/server/configuration.h similarity index 100% rename from include/envoy/server/configuration.h rename to envoy/server/configuration.h diff --git a/include/envoy/server/drain_manager.h b/envoy/server/drain_manager.h similarity index 100% rename from include/envoy/server/drain_manager.h rename to envoy/server/drain_manager.h diff --git a/include/envoy/server/factory_context.h b/envoy/server/factory_context.h similarity index 98% rename from include/envoy/server/factory_context.h rename to envoy/server/factory_context.h index cbe5433bd64b..7e63b2b0b302 100644 --- a/include/envoy/server/factory_context.h +++ b/envoy/server/factory_context.h @@ -30,9 +30,9 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/fatal_action_config.h b/envoy/server/fatal_action_config.h similarity index 100% rename from include/envoy/server/fatal_action_config.h rename to envoy/server/fatal_action_config.h diff --git a/include/envoy/server/filter_config.h b/envoy/server/filter_config.h similarity index 98% rename from include/envoy/server/filter_config.h rename to envoy/server/filter_config.h index cea17eceabde..5abe7f6e5872 100644 --- a/include/envoy/server/filter_config.h +++ b/envoy/server/filter_config.h @@ -10,9 +10,9 @@ #include "envoy/server/drain_manager.h" #include "envoy/server/factory_context.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/guarddog.h b/envoy/server/guarddog.h similarity index 100% rename from include/envoy/server/guarddog.h rename to envoy/server/guarddog.h diff --git a/include/envoy/server/guarddog_config.h b/envoy/server/guarddog_config.h similarity index 97% rename from include/envoy/server/guarddog_config.h rename to envoy/server/guarddog_config.h index e89a3f5308c7..5063e809f65f 100644 --- a/include/envoy/server/guarddog_config.h +++ b/envoy/server/guarddog_config.h @@ -11,7 +11,7 @@ #include "envoy/server/guarddog.h" #include "envoy/stats/scope.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/health_checker_config.h b/envoy/server/health_checker_config.h similarity index 100% rename from include/envoy/server/health_checker_config.h rename to envoy/server/health_checker_config.h diff --git a/include/envoy/server/hot_restart.h b/envoy/server/hot_restart.h similarity index 100% rename from include/envoy/server/hot_restart.h rename to envoy/server/hot_restart.h diff --git a/include/envoy/server/instance.h b/envoy/server/instance.h similarity index 100% rename from include/envoy/server/instance.h rename to envoy/server/instance.h diff --git a/include/envoy/server/lifecycle_notifier.h b/envoy/server/lifecycle_notifier.h similarity index 100% rename from include/envoy/server/lifecycle_notifier.h rename to envoy/server/lifecycle_notifier.h diff --git a/include/envoy/server/listener_manager.h b/envoy/server/listener_manager.h similarity index 99% rename from include/envoy/server/listener_manager.h rename to envoy/server/listener_manager.h index 9f43b26a4e05..5fa8c2503e67 100644 --- a/include/envoy/server/listener_manager.h +++ b/envoy/server/listener_manager.h @@ -14,7 +14,7 @@ #include "envoy/server/filter_config.h" #include "envoy/server/guarddog.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/options.h b/envoy/server/options.h similarity index 100% rename from include/envoy/server/options.h rename to envoy/server/options.h diff --git a/include/envoy/server/overload/BUILD b/envoy/server/overload/BUILD similarity index 64% rename from include/envoy/server/overload/BUILD rename to envoy/server/overload/BUILD index a6e3f789c444..6d937fb8d5e1 100644 --- a/include/envoy/server/overload/BUILD +++ b/envoy/server/overload/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( hdrs = ["overload_manager.h"], deps = [ ":thread_local_overload_state", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/singleton:const_singleton", ], ) @@ -23,9 +23,9 @@ envoy_cc_library( name = "thread_local_overload_state", hdrs = ["thread_local_overload_state.h"], deps = [ - "//include/envoy/event:scaled_range_timer_manager_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/thread_local:thread_local_object", + "//envoy/event:scaled_range_timer_manager_interface", + "//envoy/event:timer_interface", + "//envoy/thread_local:thread_local_object", "//source/common/common:interval_value", ], ) diff --git a/include/envoy/server/overload/overload_manager.h b/envoy/server/overload/overload_manager.h similarity index 98% rename from include/envoy/server/overload/overload_manager.h rename to envoy/server/overload/overload_manager.h index a9092b64341b..7aa694b34f48 100644 --- a/include/envoy/server/overload/overload_manager.h +++ b/envoy/server/overload/overload_manager.h @@ -7,7 +7,7 @@ #include "envoy/event/scaled_range_timer_manager.h" #include "envoy/server/overload/thread_local_overload_state.h" -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/overload/thread_local_overload_state.h b/envoy/server/overload/thread_local_overload_state.h similarity index 97% rename from include/envoy/server/overload/thread_local_overload_state.h rename to envoy/server/overload/thread_local_overload_state.h index ccee5b9ceb22..9a57400d8eb3 100644 --- a/include/envoy/server/overload/thread_local_overload_state.h +++ b/envoy/server/overload/thread_local_overload_state.h @@ -7,7 +7,7 @@ #include "envoy/event/timer.h" #include "envoy/thread_local/thread_local_object.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/platform.h b/envoy/server/platform.h similarity index 100% rename from include/envoy/server/platform.h rename to envoy/server/platform.h diff --git a/include/envoy/server/process_context.h b/envoy/server/process_context.h similarity index 100% rename from include/envoy/server/process_context.h rename to envoy/server/process_context.h diff --git a/include/envoy/server/request_id_extension_config.h b/envoy/server/request_id_extension_config.h similarity index 95% rename from include/envoy/server/request_id_extension_config.h rename to envoy/server/request_id_extension_config.h index 4e56597e4fb7..fa2288ae7f9f 100644 --- a/include/envoy/server/request_id_extension_config.h +++ b/envoy/server/request_id_extension_config.h @@ -5,7 +5,7 @@ #include "envoy/http/request_id_extension.h" #include "envoy/server/filter_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/resource_monitor.h b/envoy/server/resource_monitor.h similarity index 100% rename from include/envoy/server/resource_monitor.h rename to envoy/server/resource_monitor.h diff --git a/include/envoy/server/resource_monitor_config.h b/envoy/server/resource_monitor_config.h similarity index 97% rename from include/envoy/server/resource_monitor_config.h rename to envoy/server/resource_monitor_config.h index f72587022c1e..18e211e3801f 100644 --- a/include/envoy/server/resource_monitor_config.h +++ b/envoy/server/resource_monitor_config.h @@ -8,7 +8,7 @@ #include "envoy/server/options.h" #include "envoy/server/resource_monitor.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/tracer_config.h b/envoy/server/tracer_config.h similarity index 97% rename from include/envoy/server/tracer_config.h rename to envoy/server/tracer_config.h index 4af4caf45bc9..53fb87969ff4 100644 --- a/include/envoy/server/tracer_config.h +++ b/envoy/server/tracer_config.h @@ -5,7 +5,7 @@ #include "envoy/server/filter_config.h" #include "envoy/tracing/http_tracer.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/transport_socket_config.h b/envoy/server/transport_socket_config.h similarity index 99% rename from include/envoy/server/transport_socket_config.h rename to envoy/server/transport_socket_config.h index db15960bac1b..2cea944a4f45 100644 --- a/include/envoy/server/transport_socket_config.h +++ b/envoy/server/transport_socket_config.h @@ -16,7 +16,7 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Server { diff --git a/include/envoy/server/watchdog.h b/envoy/server/watchdog.h similarity index 100% rename from include/envoy/server/watchdog.h rename to envoy/server/watchdog.h diff --git a/include/envoy/server/worker.h b/envoy/server/worker.h similarity index 95% rename from include/envoy/server/worker.h rename to envoy/server/worker.h index 762cf83005e7..911cde97f9f9 100644 --- a/include/envoy/server/worker.h +++ b/envoy/server/worker.h @@ -2,6 +2,7 @@ #include +#include "envoy/event/dispatcher.h" #include "envoy/server/guarddog.h" #include "envoy/server/overload/overload_manager.h" @@ -44,8 +45,9 @@ class Worker { /** * Start the worker thread. * @param guard_dog supplies the guard dog to use for thread watching. + * @param cb a callback to run when the worker thread starts running. */ - virtual void start(GuardDog& guard_dog) PURE; + virtual void start(GuardDog& guard_dog, const Event::PostCb& cb) PURE; /** * Initialize stats for this worker's dispatcher, if available. The worker will output diff --git a/include/envoy/singleton/BUILD b/envoy/singleton/BUILD similarity index 79% rename from include/envoy/singleton/BUILD rename to envoy/singleton/BUILD index a0eb2536c45e..ae51a9dd285b 100644 --- a/include/envoy/singleton/BUILD +++ b/envoy/singleton/BUILD @@ -18,7 +18,7 @@ envoy_cc_library( hdrs = ["manager.h"], deps = [ ":instance_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/registry", + "//envoy/config:typed_config_interface", + "//envoy/registry", ], ) diff --git a/include/envoy/singleton/instance.h b/envoy/singleton/instance.h similarity index 100% rename from include/envoy/singleton/instance.h rename to envoy/singleton/instance.h diff --git a/include/envoy/singleton/manager.h b/envoy/singleton/manager.h similarity index 100% rename from include/envoy/singleton/manager.h rename to envoy/singleton/manager.h diff --git a/include/envoy/ssl/BUILD b/envoy/ssl/BUILD similarity index 75% rename from include/envoy/ssl/BUILD rename to envoy/ssl/BUILD index 30f15f687f3e..d9234abdfafe 100644 --- a/include/envoy/ssl/BUILD +++ b/envoy/ssl/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":ssl_socket_state", - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", ], ) @@ -40,9 +40,9 @@ envoy_cc_library( deps = [ ":context_config_interface", ":context_interface", - "//include/envoy/common:time_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/stats:stats_interface", + "//envoy/common:time_interface", + "//envoy/config:typed_config_interface", + "//envoy/stats:stats_interface", ], ) @@ -50,7 +50,7 @@ envoy_cc_library( name = "tls_certificate_config_interface", hdrs = ["tls_certificate_config.h"], deps = [ - "//include/envoy/ssl/private_key:private_key_interface", + "//envoy/ssl/private_key:private_key_interface", ], ) @@ -80,10 +80,10 @@ envoy_cc_library( hdrs = ["handshaker.h"], external_deps = ["ssl"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:post_io_action_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/api:api_interface", + "//envoy/config:typed_config_interface", + "//envoy/network:connection_interface", + "//envoy/network:post_io_action_interface", + "//envoy/protobuf:message_validator_interface", ], ) diff --git a/include/envoy/ssl/certificate_validation_context_config.h b/envoy/ssl/certificate_validation_context_config.h similarity index 93% rename from include/envoy/ssl/certificate_validation_context_config.h rename to envoy/ssl/certificate_validation_context_config.h index 4098c0b7369c..544215a73dae 100644 --- a/include/envoy/ssl/certificate_validation_context_config.h +++ b/envoy/ssl/certificate_validation_context_config.h @@ -40,11 +40,6 @@ class CertificateValidationContextConfig { */ virtual const std::string& certificateRevocationListPath() const PURE; - /** - * @return The subject alt names to be verified, if enabled. - */ - virtual const std::vector& verifySubjectAltNameList() const PURE; - /** * @return The subject alt name matchers to be verified, if enabled. */ diff --git a/include/envoy/ssl/connection.h b/envoy/ssl/connection.h similarity index 100% rename from include/envoy/ssl/connection.h rename to envoy/ssl/connection.h diff --git a/include/envoy/ssl/context.h b/envoy/ssl/context.h similarity index 100% rename from include/envoy/ssl/context.h rename to envoy/ssl/context.h diff --git a/include/envoy/ssl/context_config.h b/envoy/ssl/context_config.h similarity index 100% rename from include/envoy/ssl/context_config.h rename to envoy/ssl/context_config.h diff --git a/include/envoy/ssl/context_manager.h b/envoy/ssl/context_manager.h similarity index 100% rename from include/envoy/ssl/context_manager.h rename to envoy/ssl/context_manager.h diff --git a/include/envoy/ssl/handshaker.h b/envoy/ssl/handshaker.h similarity index 100% rename from include/envoy/ssl/handshaker.h rename to envoy/ssl/handshaker.h diff --git a/include/envoy/ssl/private_key/BUILD b/envoy/ssl/private_key/BUILD similarity index 83% rename from include/envoy/ssl/private_key/BUILD rename to envoy/ssl/private_key/BUILD index 51ecf0198ec2..aedc02691ed0 100644 --- a/include/envoy/ssl/private_key/BUILD +++ b/envoy/ssl/private_key/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( external_deps = ["ssl"], deps = [ ":private_key_callbacks_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) @@ -24,8 +24,8 @@ envoy_cc_library( hdrs = ["private_key_config.h"], deps = [ ":private_key_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/registry", + "//envoy/config:typed_config_interface", + "//envoy/registry", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/ssl/private_key/private_key.h b/envoy/ssl/private_key/private_key.h similarity index 100% rename from include/envoy/ssl/private_key/private_key.h rename to envoy/ssl/private_key/private_key.h diff --git a/include/envoy/ssl/private_key/private_key_callbacks.h b/envoy/ssl/private_key/private_key_callbacks.h similarity index 100% rename from include/envoy/ssl/private_key/private_key_callbacks.h rename to envoy/ssl/private_key/private_key_callbacks.h diff --git a/include/envoy/ssl/private_key/private_key_config.h b/envoy/ssl/private_key/private_key_config.h similarity index 100% rename from include/envoy/ssl/private_key/private_key_config.h rename to envoy/ssl/private_key/private_key_config.h diff --git a/include/envoy/ssl/ssl_socket_extended_info.h b/envoy/ssl/ssl_socket_extended_info.h similarity index 100% rename from include/envoy/ssl/ssl_socket_extended_info.h rename to envoy/ssl/ssl_socket_extended_info.h diff --git a/include/envoy/ssl/ssl_socket_state.h b/envoy/ssl/ssl_socket_state.h similarity index 100% rename from include/envoy/ssl/ssl_socket_state.h rename to envoy/ssl/ssl_socket_state.h diff --git a/include/envoy/ssl/tls_certificate_config.h b/envoy/ssl/tls_certificate_config.h similarity index 100% rename from include/envoy/ssl/tls_certificate_config.h rename to envoy/ssl/tls_certificate_config.h diff --git a/include/envoy/stats/BUILD b/envoy/stats/BUILD similarity index 93% rename from include/envoy/stats/BUILD rename to envoy/stats/BUILD index 27953a270041..0516c76b1552 100644 --- a/include/envoy/stats/BUILD +++ b/envoy/stats/BUILD @@ -33,8 +33,8 @@ envoy_cc_library( deps = [ ":refcount_ptr_interface", ":symbol_table_interface", - "//include/envoy/common:interval_set_interface", - "//include/envoy/common:time_interface", + "//envoy/common:interval_set_interface", + "//envoy/common:time_interface", ], ) diff --git a/include/envoy/stats/allocator.h b/envoy/stats/allocator.h similarity index 100% rename from include/envoy/stats/allocator.h rename to envoy/stats/allocator.h diff --git a/include/envoy/stats/histogram.h b/envoy/stats/histogram.h similarity index 100% rename from include/envoy/stats/histogram.h rename to envoy/stats/histogram.h diff --git a/include/envoy/stats/primitive_stats.h b/envoy/stats/primitive_stats.h similarity index 94% rename from include/envoy/stats/primitive_stats.h rename to envoy/stats/primitive_stats.h index 704908201fe0..d27375a21c00 100644 --- a/include/envoy/stats/primitive_stats.h +++ b/envoy/stats/primitive_stats.h @@ -2,8 +2,8 @@ #include -#include "common/common/assert.h" -#include "common/common/non_copyable.h" +#include "source/common/common/assert.h" +#include "source/common/common/non_copyable.h" #include "absl/strings/string_view.h" diff --git a/include/envoy/stats/primitive_stats_macros.h b/envoy/stats/primitive_stats_macros.h similarity index 100% rename from include/envoy/stats/primitive_stats_macros.h rename to envoy/stats/primitive_stats_macros.h diff --git a/include/envoy/stats/refcount_ptr.h b/envoy/stats/refcount_ptr.h similarity index 99% rename from include/envoy/stats/refcount_ptr.h rename to envoy/stats/refcount_ptr.h index 437f7b40cce2..c467df821584 100644 --- a/include/envoy/stats/refcount_ptr.h +++ b/envoy/stats/refcount_ptr.h @@ -4,7 +4,7 @@ #include "envoy/common/pure.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Stats { diff --git a/include/envoy/stats/scope.h b/envoy/stats/scope.h similarity index 100% rename from include/envoy/stats/scope.h rename to envoy/stats/scope.h diff --git a/include/envoy/stats/sink.h b/envoy/stats/sink.h similarity index 100% rename from include/envoy/stats/sink.h rename to envoy/stats/sink.h diff --git a/include/envoy/stats/stats.h b/envoy/stats/stats.h similarity index 100% rename from include/envoy/stats/stats.h rename to envoy/stats/stats.h diff --git a/include/envoy/stats/stats_macros.h b/envoy/stats/stats_macros.h similarity index 98% rename from include/envoy/stats/stats_macros.h rename to envoy/stats/stats_macros.h index 0f61674cfdca..0cc6ee927472 100644 --- a/include/envoy/stats/stats_macros.h +++ b/envoy/stats/stats_macros.h @@ -5,8 +5,8 @@ #include "envoy/stats/histogram.h" #include "envoy/stats/stats.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" diff --git a/include/envoy/stats/stats_matcher.h b/envoy/stats/stats_matcher.h similarity index 100% rename from include/envoy/stats/stats_matcher.h rename to envoy/stats/stats_matcher.h diff --git a/include/envoy/stats/store.h b/envoy/stats/store.h similarity index 100% rename from include/envoy/stats/store.h rename to envoy/stats/store.h diff --git a/include/envoy/stats/symbol_table.h b/envoy/stats/symbol_table.h similarity index 100% rename from include/envoy/stats/symbol_table.h rename to envoy/stats/symbol_table.h diff --git a/include/envoy/stats/tag.h b/envoy/stats/tag.h similarity index 100% rename from include/envoy/stats/tag.h rename to envoy/stats/tag.h diff --git a/include/envoy/stats/tag_extractor.h b/envoy/stats/tag_extractor.h similarity index 100% rename from include/envoy/stats/tag_extractor.h rename to envoy/stats/tag_extractor.h diff --git a/include/envoy/stats/tag_producer.h b/envoy/stats/tag_producer.h similarity index 100% rename from include/envoy/stats/tag_producer.h rename to envoy/stats/tag_producer.h diff --git a/include/envoy/stats/timespan.h b/envoy/stats/timespan.h similarity index 100% rename from include/envoy/stats/timespan.h rename to envoy/stats/timespan.h diff --git a/include/envoy/stream_info/BUILD b/envoy/stream_info/BUILD similarity index 70% rename from include/envoy/stream_info/BUILD rename to envoy/stream_info/BUILD index ff6df798b1d6..fb517d70d97e 100644 --- a/include/envoy/stream_info/BUILD +++ b/envoy/stream_info/BUILD @@ -14,13 +14,13 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":filter_state_interface", - "//include/envoy/common:time_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:protocol_interface", - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/network:socket_interface", - "//include/envoy/ssl:connection_interface", - "//include/envoy/upstream:host_description_interface", + "//envoy/common:time_interface", + "//envoy/http:header_map_interface", + "//envoy/http:protocol_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/network:socket_interface", + "//envoy/ssl:connection_interface", + "//envoy/upstream:host_description_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/common/singleton:const_singleton", diff --git a/include/envoy/stream_info/filter_state.h b/envoy/stream_info/filter_state.h similarity index 98% rename from include/envoy/stream_info/filter_state.h rename to envoy/stream_info/filter_state.h index 612dc6994ec5..2faa5bb8c089 100644 --- a/include/envoy/stream_info/filter_state.h +++ b/envoy/stream_info/filter_state.h @@ -6,9 +6,9 @@ #include "envoy/common/exception.h" #include "envoy/common/pure.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/include/envoy/stream_info/stream_info.h b/envoy/stream_info/stream_info.h similarity index 97% rename from include/envoy/stream_info/stream_info.h rename to envoy/stream_info/stream_info.h index acf84800d730..2b146b6e421a 100644 --- a/include/envoy/stream_info/stream_info.h +++ b/envoy/stream_info/stream_info.h @@ -16,9 +16,9 @@ #include "envoy/tracing/trace_reason.h" #include "envoy/upstream/host_description.h" -#include "common/common/assert.h" -#include "common/protobuf/protobuf.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/singleton/const_singleton.h" #include "absl/types/optional.h" @@ -86,8 +86,10 @@ enum ResponseFlag { UpstreamProtocolError = 0x800000, // No cluster found for a given request. NoClusterFound = 0x1000000, + // Overload Manager terminated the stream. + OverloadManager = 0x2000000, // ATTENTION: MAKE SURE THIS REMAINS EQUAL TO THE LAST FLAG. - LastFlag = NoClusterFound, + LastFlag = OverloadManager, }; /** @@ -179,8 +181,13 @@ struct ResponseCodeDetailValues { const std::string AdminFilterResponse = "admin_filter_response"; // The original stream was replaced with an internal redirect. const std::string InternalRedirect = "internal_redirect"; - // The request was rejected because configured filters erroneously removed required headers. - const std::string FilterRemovedRequiredHeaders = "filter_removed_required_headers"; + // The request was rejected because configured filters erroneously removed required request + // headers. + const std::string FilterRemovedRequiredRequestHeaders = "filter_removed_required_request_headers"; + // The request was rejected because configured filters erroneously removed required response + // headers. + const std::string FilterRemovedRequiredResponseHeaders = + "filter_removed_required_response_headers"; // The request was rejected because the original IP couldn't be detected. const std::string OriginalIPDetectionFailed = "rejecting because detection failed"; // Changes or additions to details should be reflected in diff --git a/include/envoy/stream_info/uint32_accessor.h b/envoy/stream_info/uint32_accessor.h similarity index 100% rename from include/envoy/stream_info/uint32_accessor.h rename to envoy/stream_info/uint32_accessor.h diff --git a/include/envoy/tcp/BUILD b/envoy/tcp/BUILD similarity index 57% rename from include/envoy/tcp/BUILD rename to envoy/tcp/BUILD index 2ab93df03996..7a19f5f9ad7e 100644 --- a/include/envoy/tcp/BUILD +++ b/envoy/tcp/BUILD @@ -12,10 +12,10 @@ envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common:conn_pool_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/upstream:upstream_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common:conn_pool_interface", + "//envoy/event:deferred_deletable", + "//envoy/upstream:upstream_interface", ], ) @@ -23,8 +23,8 @@ envoy_cc_library( name = "upstream_interface", hdrs = ["upstream.h"], deps = [ - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:upstream_interface", "@envoy_api//envoy/extensions/filters/network/tcp_proxy/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/tcp/conn_pool.h b/envoy/tcp/conn_pool.h similarity index 97% rename from include/envoy/tcp/conn_pool.h rename to envoy/tcp/conn_pool.h index 14dd5677907f..6b31a7e6bc12 100644 --- a/include/envoy/tcp/conn_pool.h +++ b/envoy/tcp/conn_pool.h @@ -103,10 +103,11 @@ class Callbacks { /** * Called when a pool error occurred and no connection could be acquired for making the request. * @param reason supplies the failure reason. + * @param transport_failure_reason supplies the details of the transport failure reason. * @param host supplies the description of the host that caused the failure. This may be nullptr * if no host was involved in the failure (for example overflow). */ - virtual void onPoolFailure(PoolFailureReason reason, + virtual void onPoolFailure(PoolFailureReason reason, absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) PURE; /** diff --git a/include/envoy/tcp/upstream.h b/envoy/tcp/upstream.h similarity index 100% rename from include/envoy/tcp/upstream.h rename to envoy/tcp/upstream.h diff --git a/include/envoy/thread/BUILD b/envoy/thread/BUILD similarity index 100% rename from include/envoy/thread/BUILD rename to envoy/thread/BUILD diff --git a/include/envoy/thread/thread.h b/envoy/thread/thread.h similarity index 97% rename from include/envoy/thread/thread.h rename to envoy/thread/thread.h index 6a2cce96eeb0..7b969f3e2c01 100644 --- a/include/envoy/thread/thread.h +++ b/envoy/thread/thread.h @@ -7,7 +7,7 @@ #include "envoy/common/pure.h" -#include "common/common/thread_annotations.h" +#include "source/common/common/thread_annotations.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/include/envoy/thread_local/BUILD b/envoy/thread_local/BUILD similarity index 89% rename from include/envoy/thread_local/BUILD rename to envoy/thread_local/BUILD index 9a5e61235494..01b0a4cf5e4d 100644 --- a/include/envoy/thread_local/BUILD +++ b/envoy/thread_local/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( hdrs = ["thread_local.h"], deps = [ ":thread_local_object", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/common:assert_lib", ], ) diff --git a/include/envoy/thread_local/thread_local.h b/envoy/thread_local/thread_local.h similarity index 97% rename from include/envoy/thread_local/thread_local.h rename to envoy/thread_local/thread_local.h index 8ff2ca99c8c0..b314fa817aaf 100644 --- a/include/envoy/thread_local/thread_local.h +++ b/envoy/thread_local/thread_local.h @@ -9,7 +9,7 @@ #include "envoy/event/dispatcher.h" #include "envoy/thread_local/thread_local_object.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace ThreadLocal { @@ -226,6 +226,13 @@ class Instance : public SlotAllocator { * @return Event::Dispatcher& the thread local dispatcher. */ virtual Event::Dispatcher& dispatcher() PURE; + + /** + * Returns whether or not global threading has been shutdown. + * + * @return true if global threading has been shutdown or false if not. + */ + virtual bool isShutdown() const PURE; }; } // namespace ThreadLocal diff --git a/include/envoy/thread_local/thread_local_object.h b/envoy/thread_local/thread_local_object.h similarity index 94% rename from include/envoy/thread_local/thread_local_object.h rename to envoy/thread_local/thread_local_object.h index e305102f7118..f5500fa9a4ba 100644 --- a/include/envoy/thread_local/thread_local_object.h +++ b/envoy/thread_local/thread_local_object.h @@ -4,7 +4,7 @@ #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace ThreadLocal { diff --git a/include/envoy/tracing/BUILD b/envoy/tracing/BUILD similarity index 80% rename from include/envoy/tracing/BUILD rename to envoy/tracing/BUILD index 9bed839d05ae..c1711b1a92ac 100644 --- a/include/envoy/tracing/BUILD +++ b/envoy/tracing/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( hdrs = ["http_tracer.h"], deps = [ ":trace_driver_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/http:header_map_interface", + "//envoy/access_log:access_log_interface", + "//envoy/http:header_map_interface", ], ) @@ -37,6 +37,6 @@ envoy_cc_library( hdrs = ["trace_driver.h"], deps = [ ":trace_reason_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/stream_info:stream_info_interface", ], ) diff --git a/include/envoy/tracing/http_tracer.h b/envoy/tracing/http_tracer.h similarity index 100% rename from include/envoy/tracing/http_tracer.h rename to envoy/tracing/http_tracer.h diff --git a/include/envoy/tracing/http_tracer_manager.h b/envoy/tracing/http_tracer_manager.h similarity index 100% rename from include/envoy/tracing/http_tracer_manager.h rename to envoy/tracing/http_tracer_manager.h diff --git a/include/envoy/tracing/trace_driver.h b/envoy/tracing/trace_driver.h similarity index 100% rename from include/envoy/tracing/trace_driver.h rename to envoy/tracing/trace_driver.h diff --git a/include/envoy/tracing/trace_reason.h b/envoy/tracing/trace_reason.h similarity index 100% rename from include/envoy/tracing/trace_reason.h rename to envoy/tracing/trace_reason.h diff --git a/include/envoy/udp/BUILD b/envoy/udp/BUILD similarity index 84% rename from include/envoy/udp/BUILD rename to envoy/udp/BUILD index bc5cce7271e3..8454b0e89759 100644 --- a/include/envoy/udp/BUILD +++ b/envoy/udp/BUILD @@ -13,6 +13,6 @@ envoy_cc_library( hdrs = ["hash_policy.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/network:address_interface", + "//envoy/network:address_interface", ], ) diff --git a/include/envoy/udp/hash_policy.h b/envoy/udp/hash_policy.h similarity index 100% rename from include/envoy/udp/hash_policy.h rename to envoy/udp/hash_policy.h diff --git a/include/envoy/upstream/BUILD b/envoy/upstream/BUILD similarity index 57% rename from include/envoy/upstream/BUILD rename to envoy/upstream/BUILD index be14e1d398c7..7a19f61deec2 100644 --- a/include/envoy/upstream/BUILD +++ b/envoy/upstream/BUILD @@ -19,21 +19,21 @@ envoy_cc_library( ":load_balancer_interface", ":thread_local_cluster_interface", ":upstream_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/common:random_generator_interface", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_factory_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/http:async_client_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:options_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/access_log:access_log_interface", + "//envoy/common:random_generator_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_factory_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/http:async_client_interface", + "//envoy/http:conn_pool_interface", + "//envoy/local_info:local_info_interface", + "//envoy/runtime:runtime_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/server:admin_interface", + "//envoy/server:options_interface", + "//envoy/singleton:manager_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/thread_local:thread_local_interface", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -60,10 +60,10 @@ envoy_cc_library( deps = [ ":health_check_host_monitor_interface", ":outlier_detection_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/stats:primitive_stats_macros", - "//include/envoy/stats:stats_macros", + "//envoy/network:address_interface", + "//envoy/network:transport_socket_interface", + "//envoy/stats:primitive_stats_macros", + "//envoy/stats:stats_macros", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -73,8 +73,8 @@ envoy_cc_library( hdrs = ["load_balancer.h"], deps = [ ":upstream_interface", - "//include/envoy/router:router_interface", - "//include/envoy/upstream:types_interface", + "//envoy/router:router_interface", + "//envoy/upstream:types_interface", ], ) @@ -101,7 +101,7 @@ envoy_cc_library( hdrs = ["outlier_detection.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "@envoy_api//envoy/data/cluster/v3:pkg_cc_proto", ], ) @@ -110,16 +110,16 @@ envoy_cc_library( name = "retry_interface", hdrs = ["retry.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/upstream:types_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/config:typed_config_interface", + "//envoy/upstream:types_interface", + "//envoy/upstream:upstream_interface", ], ) envoy_cc_library( name = "resource_manager_interface", hdrs = ["resource_manager.h"], - deps = ["//include/envoy/common:resource_interface"], + deps = ["//envoy/common:resource_interface"], ) envoy_cc_library( @@ -128,6 +128,7 @@ envoy_cc_library( deps = [ ":load_balancer_interface", ":upstream_interface", + "//envoy/http:async_client_interface", ], ) @@ -148,16 +149,16 @@ envoy_cc_library( ":load_balancer_type_interface", ":locality_lib", ":resource_manager_interface", - "//include/envoy/common:callback", - "//include/envoy/config:subscription_interface", - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/upstream:types_interface", + "//envoy/common:callback", + "//envoy/config:subscription_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/http:codec_interface", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", + "//envoy/runtime:runtime_interface", + "//envoy/ssl:context_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/upstream:types_interface", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -173,15 +174,15 @@ envoy_cc_library( ":locality_lib", ":resource_manager_interface", ":upstream_interface", - "//include/envoy/common:callback", - "//include/envoy/config:typed_config_interface", - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/ssl:context_manager_interface", + "//envoy/common:callback", + "//envoy/config:typed_config_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/http:codec_interface", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", + "//envoy/runtime:runtime_interface", + "//envoy/ssl:context_interface", + "//envoy/ssl:context_manager_interface", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], ) diff --git a/include/envoy/upstream/cluster_factory.h b/envoy/upstream/cluster_factory.h similarity index 100% rename from include/envoy/upstream/cluster_factory.h rename to envoy/upstream/cluster_factory.h diff --git a/include/envoy/upstream/cluster_manager.h b/envoy/upstream/cluster_manager.h similarity index 100% rename from include/envoy/upstream/cluster_manager.h rename to envoy/upstream/cluster_manager.h diff --git a/include/envoy/upstream/health_check_host_monitor.h b/envoy/upstream/health_check_host_monitor.h similarity index 100% rename from include/envoy/upstream/health_check_host_monitor.h rename to envoy/upstream/health_check_host_monitor.h diff --git a/include/envoy/upstream/health_checker.h b/envoy/upstream/health_checker.h similarity index 100% rename from include/envoy/upstream/health_checker.h rename to envoy/upstream/health_checker.h diff --git a/include/envoy/upstream/host_description.h b/envoy/upstream/host_description.h similarity index 95% rename from include/envoy/upstream/host_description.h rename to envoy/upstream/host_description.h index 71f91cde11dc..2a958d6ab2e8 100644 --- a/include/envoy/upstream/host_description.h +++ b/envoy/upstream/host_description.h @@ -3,6 +3,7 @@ #include #include #include +#include #include "envoy/common/time.h" #include "envoy/config/core/v3/base.pb.h" @@ -119,6 +120,12 @@ class HostDescription { */ virtual Network::Address::InstanceConstSharedPtr address() const PURE; + /** + * @return a optional list of additional addresses which the host resolved to. These addresses + * may be used to create upstream connections if the primary address is unreachable. + */ + virtual const std::vector& addressList() const PURE; + /** * @return host specific stats. */ diff --git a/include/envoy/upstream/load_balancer.h b/envoy/upstream/load_balancer.h similarity index 100% rename from include/envoy/upstream/load_balancer.h rename to envoy/upstream/load_balancer.h diff --git a/include/envoy/upstream/load_balancer_type.h b/envoy/upstream/load_balancer_type.h similarity index 98% rename from include/envoy/upstream/load_balancer_type.h rename to envoy/upstream/load_balancer_type.h index 44d8f708e814..280c317cdcce 100644 --- a/include/envoy/upstream/load_balancer_type.h +++ b/envoy/upstream/load_balancer_type.h @@ -7,7 +7,7 @@ #include "envoy/common/pure.h" #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { diff --git a/include/envoy/upstream/locality.h b/envoy/upstream/locality.h similarity index 98% rename from include/envoy/upstream/locality.h rename to envoy/upstream/locality.h index 0f5c23ac20b5..a01a0baf697f 100644 --- a/include/envoy/upstream/locality.h +++ b/envoy/upstream/locality.h @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Upstream { diff --git a/include/envoy/upstream/outlier_detection.h b/envoy/upstream/outlier_detection.h similarity index 100% rename from include/envoy/upstream/outlier_detection.h rename to envoy/upstream/outlier_detection.h diff --git a/include/envoy/upstream/resource_manager.h b/envoy/upstream/resource_manager.h similarity index 100% rename from include/envoy/upstream/resource_manager.h rename to envoy/upstream/resource_manager.h diff --git a/include/envoy/upstream/retry.h b/envoy/upstream/retry.h similarity index 100% rename from include/envoy/upstream/retry.h rename to envoy/upstream/retry.h diff --git a/include/envoy/upstream/thread_local_cluster.h b/envoy/upstream/thread_local_cluster.h similarity index 53% rename from include/envoy/upstream/thread_local_cluster.h rename to envoy/upstream/thread_local_cluster.h index 6c08c194103b..2efe62622847 100644 --- a/include/envoy/upstream/thread_local_cluster.h +++ b/envoy/upstream/thread_local_cluster.h @@ -8,6 +8,65 @@ namespace Envoy { namespace Upstream { +// HttpPoolData returns information about a given pool as well as a function +// to create streams on that pool. +class HttpPoolData { +public: + using OnNewStreamFn = std::function; + + HttpPoolData(OnNewStreamFn on_new_stream, Http::ConnectionPool::Instance* pool) + : on_new_stream_(on_new_stream), pool_(pool) {} + + /** + * See documentation of Http::ConnectionPool::Instance. + */ + Envoy::Http::ConnectionPool::Cancellable* + newStream(Http::ResponseDecoder& response_decoder, + Envoy::Http::ConnectionPool::Callbacks& callbacks) { + on_new_stream_(); + return pool_->newStream(response_decoder, callbacks); + } + bool hasActiveConnections() const { return pool_->hasActiveConnections(); }; + + /** + * See documentation of Envoy::ConnectionPool::Instance. + */ + void addDrainedCallback(ConnectionPool::Instance::DrainedCb cb) { + pool_->addDrainedCallback(cb); + }; + + Upstream::HostDescriptionConstSharedPtr host() const { return pool_->host(); } + +private: + friend class HttpPoolDataPeer; + + OnNewStreamFn on_new_stream_; + Http::ConnectionPool::Instance* pool_; +}; + +// Tcp pool returns information about a given pool, as well as a function to +// create connections on that pool. +class TcpPoolData { +public: + using OnNewConnectionFn = std::function; + + TcpPoolData(OnNewConnectionFn on_new_connection, Tcp::ConnectionPool::Instance* pool) + : on_new_connection_(on_new_connection), pool_(pool) {} + + Envoy::Tcp::ConnectionPool::Cancellable* + newConnection(Envoy::Tcp::ConnectionPool::Callbacks& callbacks) { + on_new_connection_(); + return pool_->newConnection(callbacks); + } + + Upstream::HostDescriptionConstSharedPtr host() const { return pool_->host(); } + +private: + friend class TcpPoolDataPeer; + OnNewConnectionFn on_new_connection_; + Tcp::ConnectionPool::Instance* pool_; +}; + /** * A thread local cluster instance that can be used for direct load balancing and host set * interactions. In general, an instance of ThreadLocalCluster can only be safely used in the @@ -42,10 +101,11 @@ class ThreadLocalCluster { * @param priority the connection pool priority. * @param downstream_protocol the downstream protocol (if one exists) to use in protocol * selection. - * @param context the optional load balancer context. - * @return the connection pool or nullptr if there is no host available in the cluster. + * @param context the optional load balancer context. Must continue to be + * valid until newConnection is called on the pool (if it is to be called). + * @return the connection pool data or nullopt if there is no host available in the cluster. */ - virtual Http::ConnectionPool::Instance* + virtual absl::optional httpConnPool(ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context) PURE; @@ -55,11 +115,12 @@ class ThreadLocalCluster { * is used is the one defined on the cluster when it was created. * * @param priority the connection pool priority. - * @param context the optional load balancer context. - * @return the connection pool or nullptr if there is no host available in the cluster. + * @param context the optional load balancer context. Must continue to be + * valid until newConnection is called on the pool (if it is to be called). + * @return the connection pool data or nullopt if there is no host available in the cluster. */ - virtual Tcp::ConnectionPool::Instance* tcpConnPool(ResourcePriority priority, - LoadBalancerContext* context) PURE; + virtual absl::optional tcpConnPool(ResourcePriority priority, + LoadBalancerContext* context) PURE; /** * Allocate a load balanced TCP connection for a cluster. The created connection is already diff --git a/include/envoy/upstream/types.h b/envoy/upstream/types.h similarity index 97% rename from include/envoy/upstream/types.h rename to envoy/upstream/types.h index dafc0f22f6bf..589dbe75cee8 100644 --- a/include/envoy/upstream/types.h +++ b/envoy/upstream/types.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/phantom.h" +#include "source/common/common/phantom.h" namespace Envoy { namespace Upstream { diff --git a/include/envoy/upstream/upstream.h b/envoy/upstream/upstream.h similarity index 100% rename from include/envoy/upstream/upstream.h rename to envoy/upstream/upstream.h diff --git a/examples/BUILD b/examples/BUILD index 4024d929f207..e8ea0aed15fd 100644 --- a/examples/BUILD +++ b/examples/BUILD @@ -31,3 +31,10 @@ filegroup( name = "lua", srcs = glob(["**/*.lua"]), ) + +filegroup( + name = "files", + srcs = glob(["**/*"]) + [ + "//examples/wasm-cc:files", + ], +) diff --git a/examples/brotli/Dockerfile-brotli b/examples/brotli/Dockerfile-brotli new file mode 100644 index 000000000000..611cc556eaa4 --- /dev/null +++ b/examples/brotli/Dockerfile-brotli @@ -0,0 +1,5 @@ +FROM envoyproxy/envoy-dev:latest + +COPY ./brotli-envoy.yaml /etc/brotli-envoy.yaml +RUN chmod go+r /etc/brotli-envoy.yaml +CMD ["/usr/local/bin/envoy", "-c", "/etc/brotli-envoy.yaml", "--service-cluster", "brotli"] diff --git a/examples/brotli/Dockerfile-service b/examples/brotli/Dockerfile-service new file mode 100644 index 000000000000..4712019f501b --- /dev/null +++ b/examples/brotli/Dockerfile-service @@ -0,0 +1,13 @@ +FROM debian:buster-slim + +RUN apt-get update \ + && apt-get install --no-install-recommends -y python3 python3-pip \ + && apt-get autoremove -y && apt-get clean \ + && rm -rf /tmp/* /var/tmp/* \ + && rm -rf /var/lib/apt/lists/* +RUN pip3 install -q flask +RUN mkdir -p /code/data +RUN dd if=/dev/zero of="/code/data/file.txt" bs=1024 count=10240 \ + && dd if=/dev/zero of="/code/data/file.json" bs=1024 count=10240 +ADD ./service.py /code +ENTRYPOINT ["python3", "/code/service.py"] diff --git a/examples/brotli/README.md b/examples/brotli/README.md new file mode 100644 index 000000000000..575b73903e7b --- /dev/null +++ b/examples/brotli/README.md @@ -0,0 +1,2 @@ +To learn about this sandbox and for instructions on how to run it please head over +to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/brotli.html) diff --git a/examples/brotli/brotli-envoy.yaml b/examples/brotli/brotli-envoy.yaml new file mode 100644 index 000000000000..f3bb8efbe5bc --- /dev/null +++ b/examples/brotli/brotli-envoy.yaml @@ -0,0 +1,236 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 10000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/" + route: + cluster: service + http_filters: + - name: envoy.filters.http.compressor + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor + response_direction_config: + common_config: + min_content_length: 100 + content_type: + - application/json + disable_on_etag_header: true + compressor_library: + name: text_optimized + typed_config: + "@type": type.googleapis.com/envoy.extensions.compression.brotli.compressor.v3.Brotli + window_bits: 10 + - name: envoy.filters.http.router + typed_config: {} + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + common_tls_context: + tls_certificates: + # The following self-signed certificate pair is generated using: + # $ openssl req -x509 -newkey rsa:2048 -keyout a/brotli-key.pem -out a/brotli-crt.pem -days 3650 -nodes -subj '/CN=brotli' + # + # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy + # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. + # + # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via + # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret. + - certificate_chain: + inline_string: | + -----BEGIN CERTIFICATE----- + MIICqDCCAZACCQCquzpHNpqBcDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtm + cm9udC1lbnZveTAeFw0yMDA3MDgwMTMxNDZaFw0zMDA3MDYwMTMxNDZaMBYxFDAS + BgNVBAMMC2Zyb250LWVudm95MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC + AQEAthnYkqVQBX+Wg7aQWyCCb87hBce1hAFhbRM8Y9dQTqxoMXZiA2n8G089hUou + oQpEdJgitXVS6YMFPFUUWfwcqxYAynLK4X5im26Yfa1eO8La8sZUS+4Bjao1gF5/ + VJxSEo2yZ7fFBo8M4E44ZehIIocipCRS+YZehFs6dmHoq/MGvh2eAHIa+O9xssPt + ofFcQMR8rwBHVbKy484O10tNCouX4yUkyQXqCRy6HRu7kSjOjNKSGtjfG+h5M8bh + 10W7ZrsJ1hWhzBulSaMZaUY3vh5ngpws1JATQVSK1Jm/dmMRciwlTK7KfzgxHlSX + 58ENpS7yPTISkEICcLbXkkKGEQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCmj6Hg + vwOxWz0xu+6fSfRL6PGJUGq6wghCfUvjfwZ7zppDUqU47fk+yqPIOzuGZMdAqi7N + v1DXkeO4A3hnMD22Rlqt25vfogAaZVToBeQxCPd/ALBLFrvLUFYuSlS3zXSBpQqQ + Ny2IKFYsMllz5RSROONHBjaJOn5OwqenJ91MPmTAG7ujXKN6INSBM0PjX9Jy4Xb9 + zT+I85jRDQHnTFce1WICBDCYidTIvJtdSSokGSuy4/xyxAAc/BpZAfOjBQ4G1QRe + 9XwOi790LyNUYFJVyeOvNJwveloWuPLHb9idmY5YABwikUY6QNcXwyHTbRCkPB2I + m+/R4XnmL4cKQ+5Z + -----END CERTIFICATE----- + private_key: + inline_string: | + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2GdiSpVAFf5aD + tpBbIIJvzuEFx7WEAWFtEzxj11BOrGgxdmIDafwbTz2FSi6hCkR0mCK1dVLpgwU8 + VRRZ/ByrFgDKcsrhfmKbbph9rV47wtryxlRL7gGNqjWAXn9UnFISjbJnt8UGjwzg + Tjhl6EgihyKkJFL5hl6EWzp2Yeir8wa+HZ4Achr473Gyw+2h8VxAxHyvAEdVsrLj + zg7XS00Ki5fjJSTJBeoJHLodG7uRKM6M0pIa2N8b6HkzxuHXRbtmuwnWFaHMG6VJ + oxlpRje+HmeCnCzUkBNBVIrUmb92YxFyLCVMrsp/ODEeVJfnwQ2lLvI9MhKQQgJw + tteSQoYRAgMBAAECggEAeDGdEkYNCGQLe8pvg8Z0ccoSGpeTxpqGrNEKhjfi6NrB + NwyVav10iq4FxEmPd3nobzDPkAftfvWc6hKaCT7vyTkPspCMOsQJ39/ixOk+jqFx + lNa1YxyoZ9IV2DIHR1iaj2Z5gB367PZUoGTgstrbafbaNY9IOSyojCIO935ubbcx + DWwL24XAf51ez6sXnI8V5tXmrFlNXhbhJdH8iIxNyM45HrnlUlOk0lCK4gmLJjy9 + 10IS2H2Wh3M5zsTpihH1JvM56oAH1ahrhMXs/rVFXXkg50yD1KV+HQiEbglYKUxO + eMYtfaY9i2CuLwhDnWp3oxP3HfgQQhD09OEN3e0IlQKBgQDZ/3poG9TiMZSjfKqL + xnCABMXGVQsfFWNC8THoW6RRx5Rqi8q08yJrmhCu32YKvccsOljDQJQQJdQO1g09 + e/adJmCnTrqxNtjPkX9txV23Lp6Ak7emjiQ5ICu7iWxrcO3zf7hmKtj7z+av8sjO + mDI7NkX5vnlE74nztBEjp3eC0wKBgQDV2GeJV028RW3b/QyP3Gwmax2+cKLR9PKR + nJnmO5bxAT0nQ3xuJEAqMIss/Rfb/macWc2N/6CWJCRT6a2vgy6xBW+bqG6RdQMB + xEZXFZl+sSKhXPkc5Wjb4lQ14YWyRPrTjMlwez3k4UolIJhJmwl+D7OkMRrOUERO + EtUvc7odCwKBgBi+nhdZKWXveM7B5N3uzXBKmmRz3MpPdC/yDtcwJ8u8msUpTv4R + JxQNrd0bsIqBli0YBmFLYEMg+BwjAee7vXeDFq+HCTv6XMva2RsNryCO4yD3I359 + XfE6DJzB8ZOUgv4Dvluie3TB2Y6ZQV/p+LGt7G13yG4hvofyJYvlg3RPAoGAcjDg + +OH5zLN2eqah8qBN0CYa9/rFt0AJ19+7/smLTJ7QvQq4g0gwS1couplcCEnNGWiK + 72y1n/ckvvplmPeAE19HveMvR9UoCeV5ej86fACy8V/oVpnaaLBvL2aCMjPLjPP9 + DWeCIZp8MV86cvOrGfngf6kJG2qZTueXl4NAuwkCgYEArKkhlZVXjwBoVvtHYmN2 + o+F6cGMlRJTLhNc391WApsgDZfTZSdeJsBsvvzS/Nc0burrufJg0wYioTlpReSy4 + ohhtprnQQAddfjHP7rh2LGt+irFzhdXXQ1ybGaGM9D764KUNCXLuwdly0vzXU4HU + q5sGxGrC1RECGB5Zwx2S2ZY= + -----END PRIVATE KEY----- + - address: + socket_address: + address: 0.0.0.0 + port_value: 9902 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/stats/prometheus" + route: + cluster: envoy-stats + http_filters: + - name: envoy.filters.http.compressor + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor + response_direction_config: + common_config: + min_content_length: 100 + content_type: + - text/plain + disable_on_etag_header: true + compressor_library: + name: text_optimized + typed_config: + "@type": type.googleapis.com/envoy.extensions.compression.brotli.compressor.v3.Brotli + window_bits: 10 + - name: envoy.filters.http.router + typed_config: {} + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + common_tls_context: + tls_certificates: + # The following self-signed certificate pair is generated using: + # $ openssl req -x509 -newkey rsa:2048 -keyout a/brotli.pem -out a/brotli-crt.pem -days 3650 -nodes -subj '/CN=brotli' + # + # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy + # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. + # + # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via + # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret. + - certificate_chain: + inline_string: | + -----BEGIN CERTIFICATE----- + MIICqDCCAZACCQCquzpHNpqBcDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtm + cm9udC1lbnZveTAeFw0yMDA3MDgwMTMxNDZaFw0zMDA3MDYwMTMxNDZaMBYxFDAS + BgNVBAMMC2Zyb250LWVudm95MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC + AQEAthnYkqVQBX+Wg7aQWyCCb87hBce1hAFhbRM8Y9dQTqxoMXZiA2n8G089hUou + oQpEdJgitXVS6YMFPFUUWfwcqxYAynLK4X5im26Yfa1eO8La8sZUS+4Bjao1gF5/ + VJxSEo2yZ7fFBo8M4E44ZehIIocipCRS+YZehFs6dmHoq/MGvh2eAHIa+O9xssPt + ofFcQMR8rwBHVbKy484O10tNCouX4yUkyQXqCRy6HRu7kSjOjNKSGtjfG+h5M8bh + 10W7ZrsJ1hWhzBulSaMZaUY3vh5ngpws1JATQVSK1Jm/dmMRciwlTK7KfzgxHlSX + 58ENpS7yPTISkEICcLbXkkKGEQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCmj6Hg + vwOxWz0xu+6fSfRL6PGJUGq6wghCfUvjfwZ7zppDUqU47fk+yqPIOzuGZMdAqi7N + v1DXkeO4A3hnMD22Rlqt25vfogAaZVToBeQxCPd/ALBLFrvLUFYuSlS3zXSBpQqQ + Ny2IKFYsMllz5RSROONHBjaJOn5OwqenJ91MPmTAG7ujXKN6INSBM0PjX9Jy4Xb9 + zT+I85jRDQHnTFce1WICBDCYidTIvJtdSSokGSuy4/xyxAAc/BpZAfOjBQ4G1QRe + 9XwOi790LyNUYFJVyeOvNJwveloWuPLHb9idmY5YABwikUY6QNcXwyHTbRCkPB2I + m+/R4XnmL4cKQ+5Z + -----END CERTIFICATE----- + private_key: + inline_string: | + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2GdiSpVAFf5aD + tpBbIIJvzuEFx7WEAWFtEzxj11BOrGgxdmIDafwbTz2FSi6hCkR0mCK1dVLpgwU8 + VRRZ/ByrFgDKcsrhfmKbbph9rV47wtryxlRL7gGNqjWAXn9UnFISjbJnt8UGjwzg + Tjhl6EgihyKkJFL5hl6EWzp2Yeir8wa+HZ4Achr473Gyw+2h8VxAxHyvAEdVsrLj + zg7XS00Ki5fjJSTJBeoJHLodG7uRKM6M0pIa2N8b6HkzxuHXRbtmuwnWFaHMG6VJ + oxlpRje+HmeCnCzUkBNBVIrUmb92YxFyLCVMrsp/ODEeVJfnwQ2lLvI9MhKQQgJw + tteSQoYRAgMBAAECggEAeDGdEkYNCGQLe8pvg8Z0ccoSGpeTxpqGrNEKhjfi6NrB + NwyVav10iq4FxEmPd3nobzDPkAftfvWc6hKaCT7vyTkPspCMOsQJ39/ixOk+jqFx + lNa1YxyoZ9IV2DIHR1iaj2Z5gB367PZUoGTgstrbafbaNY9IOSyojCIO935ubbcx + DWwL24XAf51ez6sXnI8V5tXmrFlNXhbhJdH8iIxNyM45HrnlUlOk0lCK4gmLJjy9 + 10IS2H2Wh3M5zsTpihH1JvM56oAH1ahrhMXs/rVFXXkg50yD1KV+HQiEbglYKUxO + eMYtfaY9i2CuLwhDnWp3oxP3HfgQQhD09OEN3e0IlQKBgQDZ/3poG9TiMZSjfKqL + xnCABMXGVQsfFWNC8THoW6RRx5Rqi8q08yJrmhCu32YKvccsOljDQJQQJdQO1g09 + e/adJmCnTrqxNtjPkX9txV23Lp6Ak7emjiQ5ICu7iWxrcO3zf7hmKtj7z+av8sjO + mDI7NkX5vnlE74nztBEjp3eC0wKBgQDV2GeJV028RW3b/QyP3Gwmax2+cKLR9PKR + nJnmO5bxAT0nQ3xuJEAqMIss/Rfb/macWc2N/6CWJCRT6a2vgy6xBW+bqG6RdQMB + xEZXFZl+sSKhXPkc5Wjb4lQ14YWyRPrTjMlwez3k4UolIJhJmwl+D7OkMRrOUERO + EtUvc7odCwKBgBi+nhdZKWXveM7B5N3uzXBKmmRz3MpPdC/yDtcwJ8u8msUpTv4R + JxQNrd0bsIqBli0YBmFLYEMg+BwjAee7vXeDFq+HCTv6XMva2RsNryCO4yD3I359 + XfE6DJzB8ZOUgv4Dvluie3TB2Y6ZQV/p+LGt7G13yG4hvofyJYvlg3RPAoGAcjDg + +OH5zLN2eqah8qBN0CYa9/rFt0AJ19+7/smLTJ7QvQq4g0gwS1couplcCEnNGWiK + 72y1n/ckvvplmPeAE19HveMvR9UoCeV5ej86fACy8V/oVpnaaLBvL2aCMjPLjPP9 + DWeCIZp8MV86cvOrGfngf6kJG2qZTueXl4NAuwkCgYEArKkhlZVXjwBoVvtHYmN2 + o+F6cGMlRJTLhNc391WApsgDZfTZSdeJsBsvvzS/Nc0burrufJg0wYioTlpReSy4 + ohhtprnQQAddfjHP7rh2LGt+irFzhdXXQ1ybGaGM9D764KUNCXLuwdly0vzXU4HU + q5sGxGrC1RECGB5Zwx2S2ZY= + -----END PRIVATE KEY----- + + clusters: + - name: envoy-stats + connect_timeout: 0.25s + type: STATIC + load_assignment: + cluster_name: envoy-stats + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 9901 + - name: service + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: service + port_value: 8080 +admin: + address: + socket_address: + address: 0.0.0.0 + port_value: 9901 diff --git a/examples/brotli/docker-compose.yaml b/examples/brotli/docker-compose.yaml new file mode 100644 index 000000000000..7c7a88953bbc --- /dev/null +++ b/examples/brotli/docker-compose.yaml @@ -0,0 +1,15 @@ +version: "3.7" +services: + envoy-stats: + build: + context: . + dockerfile: Dockerfile-brotli + ports: + - "9901:9901" + - "9902:9902" + - "10000:10000" + + service: + build: + context: . + dockerfile: Dockerfile-service diff --git a/examples/brotli/service.py b/examples/brotli/service.py new file mode 100644 index 000000000000..1d3fa1bbe556 --- /dev/null +++ b/examples/brotli/service.py @@ -0,0 +1,18 @@ +from flask import Flask +from flask.helpers import send_from_directory + +app = Flask(__name__) + + +@app.route('/file.txt') +def get_plain_file(): + return send_from_directory("data", "file.txt") + + +@app.route('/file.json') +def get_json_file(): + return send_from_directory("data", "file.json") + + +if __name__ == "__main__": + app.run(host='0.0.0.0', port=8080, debug=True) diff --git a/examples/brotli/verify.sh b/examples/brotli/verify.sh new file mode 100755 index 000000000000..674bc892a9c5 --- /dev/null +++ b/examples/brotli/verify.sh @@ -0,0 +1,30 @@ +#!/bin/bash -e + +export NAME=brotli + +# shellcheck source=examples/verify-common.sh +. "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" + +run_log "Test service: localhost:10000/file.json with compression" +responds_with_header \ + "content-encoding: br" \ + https://localhost:10000/file.json \ + -ki -H "Accept-Encoding: br" + +run_log "Test service: localhost:10000/file.txt without compression" +responds_without_header \ + "content-encoding: br" \ + https://localhost:10000/file.txt \ + -ki -H "Accept-Encoding: br" + +run_log "Test service: localhost:9901/stats/prometheus without compression" +responds_without_header \ + "content-encoding: br" \ + http://localhost:9901/stats/prometheus \ + -ki -H "Accept-Encoding: br" + +run_log "Test service: localhost:9902/stats/prometheus with compression" +responds_with_header \ + "content-encoding: br" \ + https://localhost:9902/stats/prometheus \ + -ki -H "Accept-Encoding: br" diff --git a/examples/cache/Dockerfile-service b/examples/cache/Dockerfile-service index 9cb60da727ae..a05db06f5e24 100644 --- a/examples/cache/Dockerfile-service +++ b/examples/cache/Dockerfile-service @@ -1,10 +1,7 @@ -FROM envoyproxy/envoy-alpine-dev:latest +FROM alpine:latest -RUN apk update && apk add py3-pip bash curl -RUN pip3 install -q Flask==0.11.1 requests==2.18.4 pyyaml +RUN apk update && apk add py3-pip +RUN pip3 install -q Flask==0.11.1 pyyaml RUN mkdir /code -COPY ./start_service.sh /usr/local/bin/start_service.sh -COPY ./service-envoy.yaml /etc/service-envoy.yaml COPY ./service.py /code -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT /usr/local/bin/start_service.sh +CMD ["python3", "/code/service.py"] diff --git a/examples/cache/docker-compose.yaml b/examples/cache/docker-compose.yaml index 058cf203b3f4..d13c1353816c 100644 --- a/examples/cache/docker-compose.yaml +++ b/examples/cache/docker-compose.yaml @@ -5,32 +5,23 @@ services: build: context: . dockerfile: Dockerfile-frontenvoy - networks: - - envoymesh ports: - - "8000:8000" + - "8000:8000" service1: build: context: . dockerfile: Dockerfile-service volumes: - - ./responses.yaml:/etc/responses.yaml - networks: - - envoymesh + - ./responses.yaml:/etc/responses.yaml environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 service2: build: context: . dockerfile: Dockerfile-service volumes: - - ./responses.yaml:/etc/responses.yaml - networks: - - envoymesh + - ./responses.yaml:/etc/responses.yaml environment: - - SERVICE_NAME=2 - -networks: - envoymesh: {} + - SERVICE_NAME=2 diff --git a/examples/cache/front-envoy.yaml b/examples/cache/front-envoy.yaml index 345e96f4f734..00091a052ca8 100644 --- a/examples/cache/front-envoy.yaml +++ b/examples/cache/front-envoy.yaml @@ -37,7 +37,6 @@ static_resources: clusters: - name: service1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -50,7 +49,6 @@ static_resources: address: service1 port_value: 8000 - name: service2 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/cache/service.py b/examples/cache/service.py index 4433bc4e3c24..846220b78417 100644 --- a/examples/cache/service.py +++ b/examples/cache/service.py @@ -3,9 +3,6 @@ from flask import make_response, abort import yaml import os -import requests -import socket -import sys import datetime app = Flask(__name__) @@ -13,7 +10,7 @@ @app.route('/service//') def get(service_number, response_id): - stored_response = yaml.load(open('/etc/responses.yaml', 'r')).get(response_id) + stored_response = yaml.safe_load(open('/etc/responses.yaml', 'r')).get(response_id) if stored_response is None: abort(404, 'No response found with the given id') @@ -41,4 +38,4 @@ def get(service_number, response_id): if not os.path.isfile('/etc/responses.yaml'): print('Responses file not found at /etc/responses.yaml') exit(1) - app.run(host='127.0.0.1', port=8080, debug=True) + app.run(host='0.0.0.0', port=8000, debug=True) diff --git a/examples/cache/start_service.sh b/examples/cache/start_service.sh deleted file mode 100644 index 43a8c112e636..000000000000 --- a/examples/cache/start_service.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -python3 /code/service.py & -envoy -c /etc/service-envoy.yaml --service-cluster "service${SERVICE_NAME}" diff --git a/examples/cors/backend/Dockerfile-service b/examples/cors/backend/Dockerfile-service index 0583e9c5846a..4b98a80704dc 100644 --- a/examples/cors/backend/Dockerfile-service +++ b/examples/cors/backend/Dockerfile-service @@ -1,9 +1,8 @@ -FROM envoyproxy/envoy-alpine-dev:latest +FROM alpine:latest -RUN apk update && apk add py3-pip bash +RUN apk update && apk add py3-pip RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./service.py /code/ -ADD ./start_service.sh /usr/local/bin/start_service.sh -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] + +CMD ["python3", "/code/service.py"] diff --git a/examples/cors/backend/docker-compose.yaml b/examples/cors/backend/docker-compose.yaml index 175fe6f67786..00a29c16bf6b 100644 --- a/examples/cors/backend/docker-compose.yaml +++ b/examples/cors/backend/docker-compose.yaml @@ -5,22 +5,11 @@ services: build: context: . dockerfile: Dockerfile-frontenvoy - networks: - - envoymesh ports: - - "8002:8000" - - "8003:8001" + - "8002:8000" + - "8003:8001" backend-service: build: context: . dockerfile: Dockerfile-service - volumes: - - ./service-envoy.yaml:/etc/service-envoy.yaml - networks: - envoymesh: - aliases: - - backendservice - -networks: - envoymesh: {} diff --git a/examples/cors/backend/front-envoy.yaml b/examples/cors/backend/front-envoy.yaml index b6b4f9d63e0b..3b480ab24fdc 100644 --- a/examples/cors/backend/front-envoy.yaml +++ b/examples/cors/backend/front-envoy.yaml @@ -12,9 +12,9 @@ static_resources: codec_type: AUTO stat_prefix: ingress_http access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog route_config: name: local_route virtual_hosts: @@ -72,7 +72,6 @@ static_resources: typed_config: {} clusters: - name: backend_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -82,7 +81,7 @@ static_resources: - endpoint: address: socket_address: - address: backendservice + address: backend-service port_value: 8000 admin: diff --git a/examples/cors/backend/service.py b/examples/cors/backend/service.py index 23641d79c402..d212ac7a014c 100644 --- a/examples/cors/backend/service.py +++ b/examples/cors/backend/service.py @@ -1,5 +1,4 @@ -from flask import Flask, request, send_from_directory -import os +from flask import Flask app = Flask(__name__) @@ -10,4 +9,4 @@ def cors_enabled(status): if __name__ == "__main__": - app.run(host='127.0.0.1', port=8080, debug=True) + app.run(host='0.0.0.0', port=8000) diff --git a/examples/cors/backend/start_service.sh b/examples/cors/backend/start_service.sh deleted file mode 100644 index 832148bd74c1..000000000000 --- a/examples/cors/backend/start_service.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -python3 /code/service.py & -envoy -c /etc/service-envoy.yaml --service-cluster backend-service diff --git a/examples/cors/frontend/Dockerfile-service b/examples/cors/frontend/Dockerfile-service index 31da7f6febf3..85dba2382f99 100644 --- a/examples/cors/frontend/Dockerfile-service +++ b/examples/cors/frontend/Dockerfile-service @@ -1,9 +1,8 @@ -FROM envoyproxy/envoy-alpine-dev:latest +FROM alpine:latest -RUN apk update && apk add py3-pip bash +RUN apk update && apk add py3-pip RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./service.py ./index.html /code/ -ADD ./start_service.sh /usr/local/bin/start_service.sh -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] + +CMD ["python3", "/code/service.py"] diff --git a/examples/cors/frontend/docker-compose.yaml b/examples/cors/frontend/docker-compose.yaml index d0aeffaf8e4d..20b6b81a5e9c 100644 --- a/examples/cors/frontend/docker-compose.yaml +++ b/examples/cors/frontend/docker-compose.yaml @@ -5,21 +5,10 @@ services: build: context: . dockerfile: Dockerfile-frontenvoy - networks: - - envoymesh ports: - - "8000:8000" + - "8000:8000" frontend-service: build: context: . dockerfile: Dockerfile-service - volumes: - - ./service-envoy.yaml:/etc/service-envoy.yaml - networks: - envoymesh: - aliases: - - frontendservice - -networks: - envoymesh: {} diff --git a/examples/cors/frontend/front-envoy.yaml b/examples/cors/frontend/front-envoy.yaml index 604ada75465b..50fa897b238e 100644 --- a/examples/cors/frontend/front-envoy.yaml +++ b/examples/cors/frontend/front-envoy.yaml @@ -12,9 +12,9 @@ static_resources: codec_type: AUTO stat_prefix: ingress_http access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog route_config: name: local_route virtual_hosts: @@ -33,7 +33,6 @@ static_resources: typed_config: {} clusters: - name: frontend_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -43,5 +42,5 @@ static_resources: - endpoint: address: socket_address: - address: frontendservice + address: frontend-service port_value: 8000 diff --git a/examples/cors/frontend/service-envoy.yaml b/examples/cors/frontend/service-envoy.yaml deleted file mode 100644 index c596eb508ff8..000000000000 --- a/examples/cors/frontend/service-envoy.yaml +++ /dev/null @@ -1,46 +0,0 @@ -static_resources: - listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 8000 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: AUTO - stat_prefix: ingress_http - route_config: - name: local_route - virtual_hosts: - - name: service - domains: - - "*" - routes: - - match: - prefix: "/" - route: - cluster: local_service - http_filters: - - name: envoy.filters.http.router - typed_config: {} - clusters: - - name: local_service - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: local_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 -admin: - address: - socket_address: - address: 0.0.0.0 - port_value: 8081 diff --git a/examples/cors/frontend/service.py b/examples/cors/frontend/service.py index 5db220ed34bf..3ab663fcdc48 100644 --- a/examples/cors/frontend/service.py +++ b/examples/cors/frontend/service.py @@ -11,4 +11,4 @@ def index(): if __name__ == "__main__": - app.run(host='127.0.0.1', port=8080, debug=True) + app.run(host='0.0.0.0', port=8000, debug=True) diff --git a/examples/cors/frontend/start_service.sh b/examples/cors/frontend/start_service.sh deleted file mode 100644 index 982bd079e17b..000000000000 --- a/examples/cors/frontend/start_service.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -python3 /code/service.py & -envoy -c /etc/service-envoy.yaml --service-cluster frontend-service diff --git a/examples/csrf/crosssite/Dockerfile-service b/examples/csrf/crosssite/Dockerfile-service index ed8cdfdfb580..873f00e04246 100644 --- a/examples/csrf/crosssite/Dockerfile-service +++ b/examples/csrf/crosssite/Dockerfile-service @@ -1,9 +1,7 @@ -FROM envoyproxy/envoy-alpine-dev:latest +FROM alpine:latest -RUN apk update && apk add py3-pip bash +RUN apk update && apk add py3-pip RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./crosssite/service.py ./index.html /code/ -ADD ./start_service.sh /usr/local/bin/start_service.sh -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] +CMD ["python3", "/code/service.py"] diff --git a/examples/csrf/crosssite/docker-compose.yml b/examples/csrf/crosssite/docker-compose.yml index e2329906e1b3..feb091e90671 100644 --- a/examples/csrf/crosssite/docker-compose.yml +++ b/examples/csrf/crosssite/docker-compose.yml @@ -5,19 +5,10 @@ services: build: context: . dockerfile: Dockerfile-frontenvoy - networks: - - envoymesh ports: - - "8002:8000" + - "8002:8000" service: build: context: .. dockerfile: crosssite/Dockerfile-service - volumes: - - ../service-envoy.yaml:/etc/service-envoy.yaml - networks: - - envoymesh - -networks: - envoymesh: {} diff --git a/examples/csrf/crosssite/front-envoy.yaml b/examples/csrf/crosssite/front-envoy.yaml index 114b0f06ddd0..a6cb4f9eb596 100644 --- a/examples/csrf/crosssite/front-envoy.yaml +++ b/examples/csrf/crosssite/front-envoy.yaml @@ -12,9 +12,9 @@ static_resources: codec_type: AUTO stat_prefix: ingress_http access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog route_config: name: local_route virtual_hosts: @@ -31,7 +31,6 @@ static_resources: typed_config: {} clusters: - name: generic_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/csrf/crosssite/service.py b/examples/csrf/crosssite/service.py index 10b71e0e6e47..bac49e2a10bb 100644 --- a/examples/csrf/crosssite/service.py +++ b/examples/csrf/crosssite/service.py @@ -13,4 +13,4 @@ def index(): if __name__ == "__main__": - app.run(host='127.0.0.1', port=8080, debug=True) + app.run(host='0.0.0.0', port=8000) diff --git a/examples/csrf/samesite/Dockerfile-service b/examples/csrf/samesite/Dockerfile-service index 3a78e72af04e..17fd1f51a6dc 100644 --- a/examples/csrf/samesite/Dockerfile-service +++ b/examples/csrf/samesite/Dockerfile-service @@ -1,9 +1,7 @@ -FROM envoyproxy/envoy-alpine-dev:latest +FROM alpine:latest -RUN apk update && apk add py3-pip bash +RUN apk update && apk add py3-pip RUN pip3 install -q Flask==0.11.1 RUN mkdir /code ADD ./samesite/service.py ./index.html /code/ -ADD ./start_service.sh /usr/local/bin/start_service.sh -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] +CMD ["python3", "/code/service.py"] diff --git a/examples/csrf/samesite/docker-compose.yml b/examples/csrf/samesite/docker-compose.yml index 9a80918bd167..2ed503341fe2 100644 --- a/examples/csrf/samesite/docker-compose.yml +++ b/examples/csrf/samesite/docker-compose.yml @@ -5,20 +5,11 @@ services: build: context: . dockerfile: Dockerfile-frontenvoy - networks: - - envoymesh ports: - - "8000:8000" - - "8001:8001" + - "8000:8000" + - "8001:8001" service: build: context: .. dockerfile: samesite/Dockerfile-service - volumes: - - ../service-envoy.yaml:/etc/service-envoy.yaml - networks: - - envoymesh - -networks: - envoymesh: {} diff --git a/examples/csrf/samesite/front-envoy.yaml b/examples/csrf/samesite/front-envoy.yaml index c8fc0c77eb3d..57773f803257 100644 --- a/examples/csrf/samesite/front-envoy.yaml +++ b/examples/csrf/samesite/front-envoy.yaml @@ -12,9 +12,9 @@ static_resources: codec_type: AUTO stat_prefix: ingress_http access_log: - - name: envoy.access_loggers.stdout - typed_config: - "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog + - name: envoy.access_loggers.stdout + typed_config: + "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog route_config: name: local_route virtual_hosts: @@ -103,7 +103,6 @@ static_resources: typed_config: {} clusters: - name: generic_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/csrf/samesite/service.py b/examples/csrf/samesite/service.py index 3d54346532af..0fd88193a7bb 100644 --- a/examples/csrf/samesite/service.py +++ b/examples/csrf/samesite/service.py @@ -23,4 +23,4 @@ def index(): if __name__ == "__main__": - app.run(host='127.0.0.1', port=8080, debug=True) + app.run(host='0.0.0.0', port=8000) diff --git a/examples/csrf/service-envoy.yaml b/examples/csrf/service-envoy.yaml deleted file mode 100644 index c596eb508ff8..000000000000 --- a/examples/csrf/service-envoy.yaml +++ /dev/null @@ -1,46 +0,0 @@ -static_resources: - listeners: - - address: - socket_address: - address: 0.0.0.0 - port_value: 8000 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - codec_type: AUTO - stat_prefix: ingress_http - route_config: - name: local_route - virtual_hosts: - - name: service - domains: - - "*" - routes: - - match: - prefix: "/" - route: - cluster: local_service - http_filters: - - name: envoy.filters.http.router - typed_config: {} - clusters: - - name: local_service - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: local_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 8080 -admin: - address: - socket_address: - address: 0.0.0.0 - port_value: 8081 diff --git a/examples/double-proxy/docker-compose.yaml b/examples/double-proxy/docker-compose.yaml index 5b4d7b6452ee..5d51b65186c8 100644 --- a/examples/double-proxy/docker-compose.yaml +++ b/examples/double-proxy/docker-compose.yaml @@ -8,7 +8,7 @@ services: networks: edge: ports: - - "10000:10000" + - "10000:10000" app: build: @@ -25,7 +25,7 @@ services: networks: postgres-frontend: aliases: - - postgres + - postgres postgres-in-between: proxy-postgres-backend: diff --git a/examples/double-proxy/envoy-backend.yaml b/examples/double-proxy/envoy-backend.yaml index 598749325af4..d04f33f2996f 100644 --- a/examples/double-proxy/envoy-backend.yaml +++ b/examples/double-proxy/envoy-backend.yaml @@ -38,7 +38,6 @@ static_resources: clusters: - name: postgres_cluster - connect_timeout: 1s type: STRICT_DNS load_assignment: cluster_name: postgres_cluster diff --git a/examples/double-proxy/envoy-frontend.yaml b/examples/double-proxy/envoy-frontend.yaml index 49cee3933325..af836ba8fc30 100644 --- a/examples/double-proxy/envoy-frontend.yaml +++ b/examples/double-proxy/envoy-frontend.yaml @@ -19,7 +19,6 @@ static_resources: clusters: - name: postgres_cluster - connect_timeout: 1s type: STRICT_DNS load_assignment: cluster_name: postgres_cluster diff --git a/examples/double-proxy/envoy.yaml b/examples/double-proxy/envoy.yaml index 97fb2c039d2d..a96271592472 100644 --- a/examples/double-proxy/envoy.yaml +++ b/examples/double-proxy/envoy.yaml @@ -27,7 +27,6 @@ static_resources: clusters: - name: service1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/dynamic-config-cp/docker-compose.yaml b/examples/dynamic-config-cp/docker-compose.yaml index dde3bb3696bc..7431c17f0754 100644 --- a/examples/dynamic-config-cp/docker-compose.yaml +++ b/examples/dynamic-config-cp/docker-compose.yaml @@ -6,11 +6,11 @@ services: context: . dockerfile: Dockerfile-proxy depends_on: - - service1 - - service2 + - service1 + - service2 ports: - - 10000:10000 - - 19000:19000 + - 10000:10000 + - 19000:19000 service1: image: jmalloc/echo-server diff --git a/examples/dynamic-config-cp/envoy.yaml b/examples/dynamic-config-cp/envoy.yaml index 9b7eb57dd1b9..aafd750656cf 100644 --- a/examples/dynamic-config-cp/envoy.yaml +++ b/examples/dynamic-config-cp/envoy.yaml @@ -18,8 +18,7 @@ dynamic_resources: static_resources: clusters: - - connect_timeout: 1s - type: STRICT_DNS + - type: STRICT_DNS typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions diff --git a/examples/dynamic-config-fs/configs/cds.yaml b/examples/dynamic-config-fs/configs/cds.yaml index f22089e0c7f0..8cc9e3c0b26c 100644 --- a/examples/dynamic-config-fs/configs/cds.yaml +++ b/examples/dynamic-config-fs/configs/cds.yaml @@ -1,7 +1,6 @@ resources: - "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster name: example_proxy_cluster - connect_timeout: 1s type: STRICT_DNS load_assignment: cluster_name: example_proxy_cluster diff --git a/examples/ext_authz/config/grpc-service/v3.yaml b/examples/ext_authz/config/grpc-service/v3.yaml index 8ad48325eb41..f42f33213795 100644 --- a/examples/ext_authz/config/grpc-service/v3.yaml +++ b/examples/ext_authz/config/grpc-service/v3.yaml @@ -36,7 +36,6 @@ static_resources: clusters: - name: upstream-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -50,7 +49,6 @@ static_resources: port_value: 8080 - name: ext_authz-grpc-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/ext_authz/config/http-service.yaml b/examples/ext_authz/config/http-service.yaml index 1bfb7df4ff96..4bc3fc9ea39b 100644 --- a/examples/ext_authz/config/http-service.yaml +++ b/examples/ext_authz/config/http-service.yaml @@ -31,7 +31,7 @@ static_resources: server_uri: uri: ext_authz cluster: ext_authz-http-service - timeout: 0.250s + timeout: 0.250s authorization_response: allowed_upstream_headers: patterns: @@ -41,7 +41,6 @@ static_resources: clusters: - name: upstream-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -55,7 +54,6 @@ static_resources: port_value: 8080 - name: ext_authz-http-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/ext_authz/config/opa-service/v3.yaml b/examples/ext_authz/config/opa-service/v3.yaml index 72dd285de3ea..f5a6697cb466 100644 --- a/examples/ext_authz/config/opa-service/v3.yaml +++ b/examples/ext_authz/config/opa-service/v3.yaml @@ -36,7 +36,6 @@ static_resources: clusters: - name: upstream-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -50,7 +49,6 @@ static_resources: port_value: 8080 - name: ext_authz-opa-service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/ext_authz/docker-compose.yaml b/examples/ext_authz/docker-compose.yaml index 1805409cc65d..947c8e853b40 100644 --- a/examples/ext_authz/docker-compose.yaml +++ b/examples/ext_authz/docker-compose.yaml @@ -6,53 +6,53 @@ services: context: . dockerfile: Dockerfile-frontenvoy environment: - - FRONT_ENVOY_YAML + - FRONT_ENVOY_YAML networks: - - envoymesh + - envoymesh ports: - - "8000:8000" + - "8000:8000" ext_authz-http-service: build: context: ./auth dockerfile: http-service/Dockerfile volumes: - - ./users.json:/etc/users.json + - ./users.json:/etc/users.json environment: - - USERS=/etc/users.json + - USERS=/etc/users.json networks: - - envoymesh + - envoymesh ext_authz-grpc-service: build: context: ./auth dockerfile: grpc-service/Dockerfile volumes: - - ./users.json:/etc/users.json + - ./users.json:/etc/users.json networks: - - envoymesh + - envoymesh ext_authz-opa-service: image: openpolicyagent/opa:0.25.1-istio volumes: - - ./config/opa-service/policy.rego:/etc/policy.rego + - ./config/opa-service/policy.rego:/etc/policy.rego command: - - run - - --log-level=debug - - --server - - --log-format=json-pretty - - --set=plugins.envoy_ext_authz_grpc.addr=:9002 - - --set=decision_logs.console=true - - /etc/policy.rego + - run + - --log-level=debug + - --server + - --log-format=json-pretty + - --set=plugins.envoy_ext_authz_grpc.addr=:9002 + - --set=decision_logs.console=true + - /etc/policy.rego networks: - - envoymesh + - envoymesh upstream-service: build: context: ./upstream dockerfile: service/Dockerfile networks: - - envoymesh + - envoymesh networks: envoymesh: {} diff --git a/examples/fault-injection/docker-compose.yaml b/examples/fault-injection/docker-compose.yaml index 0a7cb9988c14..7d933eac2eb8 100644 --- a/examples/fault-injection/docker-compose.yaml +++ b/examples/fault-injection/docker-compose.yaml @@ -6,16 +6,16 @@ services: dockerfile: Dockerfile-envoy command: /usr/local/bin/envoy -c /etc/envoy.yaml volumes: - - ./runtime:/srv/runtime + - ./runtime:/srv/runtime networks: - - envoymesh + - envoymesh ports: - - 9211:9211 + - 9211:9211 backend: image: kennethreitz/httpbin@sha256:2c7abc4803080c22928265744410173b6fea3b898872c01c5fd0f0f9df4a59fb networks: - - envoymesh + - envoymesh ports: - - 8080:80 + - 8080:80 networks: envoymesh: {} diff --git a/examples/fault-injection/envoy.yaml b/examples/fault-injection/envoy.yaml index 1cce4ec52aea..a526edb6fa01 100644 --- a/examples/fault-injection/envoy.yaml +++ b/examples/fault-injection/envoy.yaml @@ -44,7 +44,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/front-proxy/docker-compose.yaml b/examples/front-proxy/docker-compose.yaml index 4deb35d7cb9b..2bc2f0f48afd 100644 --- a/examples/front-proxy/docker-compose.yaml +++ b/examples/front-proxy/docker-compose.yaml @@ -6,33 +6,33 @@ services: context: . dockerfile: Dockerfile-frontenvoy networks: - - envoymesh + - envoymesh ports: - - "8080:8080" - - "8443:8443" - - "8001:8001" + - "8080:8080" + - "8443:8443" + - "8001:8001" service1: build: context: . dockerfile: Dockerfile-service volumes: - - ./service-envoy.yaml:/etc/service-envoy.yaml + - ./service-envoy.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 service2: build: context: . dockerfile: Dockerfile-service volumes: - - ./service-envoy.yaml:/etc/service-envoy.yaml + - ./service-envoy.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=2 + - SERVICE_NAME=2 networks: envoymesh: {} diff --git a/examples/front-proxy/front-envoy.yaml b/examples/front-proxy/front-envoy.yaml index d96a5d31538c..bbd124295898 100644 --- a/examples/front-proxy/front-envoy.yaml +++ b/examples/front-proxy/front-envoy.yaml @@ -126,7 +126,6 @@ static_resources: clusters: - name: service1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -139,7 +138,6 @@ static_resources: address: service1 port_value: 8000 - name: service2 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -158,10 +156,10 @@ admin: port_value: 8001 layered_runtime: layers: - - name: static_layer_0 - static_layer: - envoy: - resource_limits: - listener: - example_listener_name: - connection_limit: 10000 + - name: static_layer_0 + static_layer: + envoy: + resource_limits: + listener: + example_listener_name: + connection_limit: 10000 diff --git a/examples/front-proxy/service-envoy.yaml b/examples/front-proxy/service-envoy.yaml index b3ea728cc5f6..eaa849dd4079 100644 --- a/examples/front-proxy/service-envoy.yaml +++ b/examples/front-proxy/service-envoy.yaml @@ -27,7 +27,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/grpc-bridge/client/envoy-proxy.yaml b/examples/grpc-bridge/client/envoy-proxy.yaml index 91ea42788988..c96d32a6dfc4 100644 --- a/examples/grpc-bridge/client/envoy-proxy.yaml +++ b/examples/grpc-bridge/client/envoy-proxy.yaml @@ -40,7 +40,6 @@ static_resources: type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN - connect_timeout: 0.250s http_protocol_options: {} load_assignment: cluster_name: backend-proxy diff --git a/examples/grpc-bridge/client/requirements.txt b/examples/grpc-bridge/client/requirements.txt index bda4a54f6297..c6c2fd2fa343 100644 --- a/examples/grpc-bridge/client/requirements.txt +++ b/examples/grpc-bridge/client/requirements.txt @@ -1,4 +1,4 @@ requests>=2.22.0 grpcio grpcio-tools -protobuf==3.17.0 +protobuf==3.17.3 diff --git a/examples/grpc-bridge/docker-compose-protos.yaml b/examples/grpc-bridge/docker-compose-protos.yaml index 543fe4bf5aca..d21ca8bc5a24 100644 --- a/examples/grpc-bridge/docker-compose-protos.yaml +++ b/examples/grpc-bridge/docker-compose-protos.yaml @@ -9,13 +9,13 @@ services: image: grpc/go command: protoc --go_out=plugins=grpc:/stubs -I/protos /protos/kv.proto volumes: - - ./protos:/protos - - ./server/kv:/stubs + - ./protos:/protos + - ./server/kv:/stubs # $ docker run -ti -v $(pwd):/protos -v $(pwd)/stubs:/stubs grpc/python python -m grpc.tools.protoc --python_out=/stubs --grpc_python_out=/stubs -I/protos /protos/kv.proto stubs_python: image: grpc/python command: python -m grpc.tools.protoc --python_out=/stubs --grpc_python_out=/stubs -I/protos /protos/kv.proto volumes: - - ./protos:/protos - - ./client/kv:/stubs + - ./protos:/protos + - ./client/kv:/stubs diff --git a/examples/grpc-bridge/docker-compose.yaml b/examples/grpc-bridge/docker-compose.yaml index d709403011e1..7d6db81d6a35 100644 --- a/examples/grpc-bridge/docker-compose.yaml +++ b/examples/grpc-bridge/docker-compose.yaml @@ -8,11 +8,11 @@ services: build: context: server ports: - - "8081:8081" + - "8081:8081" networks: envoymesh: aliases: - - kv-backend-service + - kv-backend-service grpc-server-proxy: build: @@ -21,9 +21,9 @@ services: networks: envoymesh: aliases: - - kv-backend-proxy + - kv-backend-proxy ports: - - "8811:8811" + - "8811:8811" # Requires the build of the stubs first grpc-client: @@ -31,9 +31,9 @@ services: build: context: client environment: - - CLIENT_PROXY=http://kv-client-proxy:9911 + - CLIENT_PROXY=http://kv-client-proxy:9911 networks: - - envoymesh + - envoymesh grpc-client-proxy: build: @@ -42,9 +42,9 @@ services: networks: envoymesh: aliases: - - kv-client-proxy + - kv-client-proxy ports: - - "9911:9911" + - "9911:9911" networks: envoymesh: {} diff --git a/examples/grpc-bridge/server/envoy-proxy.yaml b/examples/grpc-bridge/server/envoy-proxy.yaml index d03dd25c53d7..8e63706b5aaa 100644 --- a/examples/grpc-bridge/server/envoy-proxy.yaml +++ b/examples/grpc-bridge/server/envoy-proxy.yaml @@ -32,7 +32,6 @@ static_resources: typed_config: {} clusters: - name: backend_grpc_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/gzip/Dockerfile-gzip b/examples/gzip/Dockerfile-gzip new file mode 100644 index 000000000000..835f5fa354df --- /dev/null +++ b/examples/gzip/Dockerfile-gzip @@ -0,0 +1,5 @@ +FROM envoyproxy/envoy-dev:latest + +COPY ./gzip-envoy.yaml /etc/gzip-envoy.yaml +RUN chmod go+r /etc/gzip-envoy.yaml +CMD ["/usr/local/bin/envoy", "-c", "/etc/gzip-envoy.yaml", "--service-cluster", "gzip"] diff --git a/examples/gzip/Dockerfile-service b/examples/gzip/Dockerfile-service new file mode 100644 index 000000000000..4712019f501b --- /dev/null +++ b/examples/gzip/Dockerfile-service @@ -0,0 +1,13 @@ +FROM debian:buster-slim + +RUN apt-get update \ + && apt-get install --no-install-recommends -y python3 python3-pip \ + && apt-get autoremove -y && apt-get clean \ + && rm -rf /tmp/* /var/tmp/* \ + && rm -rf /var/lib/apt/lists/* +RUN pip3 install -q flask +RUN mkdir -p /code/data +RUN dd if=/dev/zero of="/code/data/file.txt" bs=1024 count=10240 \ + && dd if=/dev/zero of="/code/data/file.json" bs=1024 count=10240 +ADD ./service.py /code +ENTRYPOINT ["python3", "/code/service.py"] diff --git a/examples/gzip/README.md b/examples/gzip/README.md new file mode 100644 index 000000000000..8f8a87470044 --- /dev/null +++ b/examples/gzip/README.md @@ -0,0 +1,2 @@ +To learn about this sandbox and for instructions on how to run it please head over +to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/gzip.html) diff --git a/examples/gzip/docker-compose.yaml b/examples/gzip/docker-compose.yaml new file mode 100644 index 000000000000..ea9a094922fe --- /dev/null +++ b/examples/gzip/docker-compose.yaml @@ -0,0 +1,15 @@ +version: "3.7" +services: + envoy-stats: + build: + context: . + dockerfile: Dockerfile-gzip + ports: + - "9901:9901" + - "9902:9902" + - "10000:10000" + + service: + build: + context: . + dockerfile: Dockerfile-service diff --git a/examples/gzip/gzip-envoy.yaml b/examples/gzip/gzip-envoy.yaml new file mode 100644 index 000000000000..034333fc5aae --- /dev/null +++ b/examples/gzip/gzip-envoy.yaml @@ -0,0 +1,112 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 10000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/" + route: + cluster: service + http_filters: + - name: envoy.filters.http.compressor + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor + response_direction_config: + common_config: + min_content_length: 100 + content_type: + - application/json + disable_on_etag_header: true + compressor_library: + name: text_optimized + typed_config: + "@type": type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip + memory_level: 3 + window_bits: 10 + - name: envoy.filters.http.router + typed_config: {} + - address: + socket_address: + address: 0.0.0.0 + port_value: 9902 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/stats/prometheus" + route: + cluster: envoy-stats + http_filters: + - name: envoy.filters.http.compressor + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.compressor.v3.Compressor + response_direction_config: + common_config: + min_content_length: 100 + content_type: + - text/plain + disable_on_etag_header: true + compressor_library: + name: text_optimized + typed_config: + "@type": type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip + memory_level: 3 + window_bits: 10 + - name: envoy.filters.http.router + typed_config: {} + + clusters: + - name: envoy-stats + connect_timeout: 0.25s + type: STATIC + load_assignment: + cluster_name: envoy-stats + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 9901 + - name: service + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: service + port_value: 8080 +admin: + address: + socket_address: + address: 0.0.0.0 + port_value: 9901 diff --git a/examples/gzip/service.py b/examples/gzip/service.py new file mode 100644 index 000000000000..1d3fa1bbe556 --- /dev/null +++ b/examples/gzip/service.py @@ -0,0 +1,18 @@ +from flask import Flask +from flask.helpers import send_from_directory + +app = Flask(__name__) + + +@app.route('/file.txt') +def get_plain_file(): + return send_from_directory("data", "file.txt") + + +@app.route('/file.json') +def get_json_file(): + return send_from_directory("data", "file.json") + + +if __name__ == "__main__": + app.run(host='0.0.0.0', port=8080, debug=True) diff --git a/examples/gzip/verify.sh b/examples/gzip/verify.sh new file mode 100755 index 000000000000..ea16d0fc8510 --- /dev/null +++ b/examples/gzip/verify.sh @@ -0,0 +1,30 @@ +#!/bin/bash -e + +export NAME=gzip + +# shellcheck source=examples/verify-common.sh +. "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh" + +run_log "Test service: localhost:10000/file.json with compression" +responds_with_header \ + "content-encoding: gzip" \ + http://localhost:10000/file.json \ + -i -H "Accept-Encoding: gzip" + +run_log "Test service: localhost:10000/file.txt without compression" +responds_without_header \ + "content-encoding: gzip" \ + http://localhost:10000/file.txt \ + -i -H "Accept-Encoding: gzip" + +run_log "Test service: localhost:9901/stats/prometheus without compression" +responds_without_header \ + "content-encoding: gzip" \ + http://localhost:9901/stats/prometheus \ + -i -H "Accept-Encoding: gzip" + +run_log "Test service: localhost:9902/stats/prometheus with compression" +responds_with_header \ + "content-encoding: gzip" \ + http://localhost:9902/stats/prometheus \ + -i -H "Accept-Encoding: gzip" diff --git a/examples/jaeger-native-tracing/docker-compose.yaml b/examples/jaeger-native-tracing/docker-compose.yaml index 07c9c01c0bf0..5294cffd99aa 100644 --- a/examples/jaeger-native-tracing/docker-compose.yaml +++ b/examples/jaeger-native-tracing/docker-compose.yaml @@ -6,49 +6,49 @@ services: context: . dockerfile: Dockerfile-frontenvoy networks: - - envoymesh + - envoymesh ports: - - "8000:8000" + - "8000:8000" dns: - - 8.8.8.8 - - 8.8.4.4 + - 8.8.8.8 + - 8.8.4.4 service1: build: context: ../front-proxy dockerfile: Dockerfile-jaeger-service volumes: - - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml + - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 dns: - - 8.8.8.8 - - 8.8.4.4 + - 8.8.8.8 + - 8.8.4.4 service2: build: context: ../front-proxy dockerfile: Dockerfile-jaeger-service volumes: - - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml + - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=2 + - SERVICE_NAME=2 dns: - - 8.8.8.8 - - 8.8.4.4 + - 8.8.8.8 + - 8.8.4.4 jaeger: image: jaegertracing/all-in-one environment: - - COLLECTOR_ZIPKIN_HTTP_PORT=9411 + - COLLECTOR_ZIPKIN_HTTP_PORT=9411 networks: - - envoymesh + - envoymesh ports: - - "16686:16686" + - "16686:16686" networks: envoymesh: {} diff --git a/examples/jaeger-native-tracing/front-envoy-jaeger.yaml b/examples/jaeger-native-tracing/front-envoy-jaeger.yaml index 956920239917..a32051d5dc7b 100644 --- a/examples/jaeger-native-tracing/front-envoy-jaeger.yaml +++ b/examples/jaeger-native-tracing/front-envoy-jaeger.yaml @@ -52,7 +52,6 @@ static_resources: use_remote_address: true clusters: - name: service1 - connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: diff --git a/examples/jaeger-native-tracing/service1-envoy-jaeger.yaml b/examples/jaeger-native-tracing/service1-envoy-jaeger.yaml index cfb10f325943..7614f6354c88 100644 --- a/examples/jaeger-native-tracing/service1-envoy-jaeger.yaml +++ b/examples/jaeger-native-tracing/service1-envoy-jaeger.yaml @@ -78,7 +78,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: @@ -91,7 +90,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: service2 - connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: diff --git a/examples/jaeger-native-tracing/service2-envoy-jaeger.yaml b/examples/jaeger-native-tracing/service2-envoy-jaeger.yaml index b2349b7fac9a..a56ba608c312 100644 --- a/examples/jaeger-native-tracing/service2-envoy-jaeger.yaml +++ b/examples/jaeger-native-tracing/service2-envoy-jaeger.yaml @@ -50,7 +50,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: strict_dns lb_policy: round_robin load_assignment: diff --git a/examples/jaeger-tracing/docker-compose.yaml b/examples/jaeger-tracing/docker-compose.yaml index 061ea802e166..a803fa94c28d 100644 --- a/examples/jaeger-tracing/docker-compose.yaml +++ b/examples/jaeger-tracing/docker-compose.yaml @@ -6,42 +6,42 @@ services: context: . dockerfile: Dockerfile-frontenvoy networks: - - envoymesh + - envoymesh ports: - - "8000:8000" - - "8001:8001" + - "8000:8000" + - "8001:8001" service1: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml + - ./service1-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 service2: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml + - ./service2-envoy-jaeger.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=2 + - SERVICE_NAME=2 jaeger: image: jaegertracing/all-in-one environment: - - COLLECTOR_ZIPKIN_HTTP_PORT=9411 + - COLLECTOR_ZIPKIN_HTTP_PORT=9411 networks: - - envoymesh + - envoymesh ports: - - "9411:9411" - - "16686:16686" + - "9411:9411" + - "16686:16686" networks: envoymesh: {} diff --git a/examples/jaeger-tracing/front-envoy-jaeger.yaml b/examples/jaeger-tracing/front-envoy-jaeger.yaml index 831175b810b2..b5ac02f727e6 100644 --- a/examples/jaeger-tracing/front-envoy-jaeger.yaml +++ b/examples/jaeger-tracing/front-envoy-jaeger.yaml @@ -41,7 +41,6 @@ static_resources: use_remote_address: true clusters: - name: service1 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -54,7 +53,6 @@ static_resources: address: service1 port_value: 8000 - name: jaeger - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/jaeger-tracing/service1-envoy-jaeger.yaml b/examples/jaeger-tracing/service1-envoy-jaeger.yaml index a33970821c97..7ef911a69ea8 100644 --- a/examples/jaeger-tracing/service1-envoy-jaeger.yaml +++ b/examples/jaeger-tracing/service1-envoy-jaeger.yaml @@ -76,7 +76,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -89,7 +88,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: service2 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -102,7 +100,6 @@ static_resources: address: service2 port_value: 8000 - name: jaeger - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/jaeger-tracing/service2-envoy-jaeger.yaml b/examples/jaeger-tracing/service2-envoy-jaeger.yaml index c48878e9c189..afb0a2d70df5 100644 --- a/examples/jaeger-tracing/service2-envoy-jaeger.yaml +++ b/examples/jaeger-tracing/service2-envoy-jaeger.yaml @@ -39,7 +39,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -52,7 +51,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: jaeger - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/load-reporting-service/Dockerfile-envoy b/examples/load-reporting-service/Dockerfile-envoy new file mode 100644 index 000000000000..ac31ed9e017c --- /dev/null +++ b/examples/load-reporting-service/Dockerfile-envoy @@ -0,0 +1,6 @@ +FROM envoyproxy/envoy-dev:latest + +COPY ./service-envoy-w-lrs.yaml /etc/service-envoy-w-lrs.yaml +RUN chmod go+r /etc/service-envoy-w-lrs.yaml + +CMD ["/usr/local/bin/envoy", "-c", "/etc/service-envoy-w-lrs.yaml", "--service-node", "${HOSTNAME}", "--service-cluster", "http_service"] diff --git a/examples/load-reporting-service/Dockerfile-http-server b/examples/load-reporting-service/Dockerfile-http-server index e71aa6b75468..a63927fbd804 100644 --- a/examples/load-reporting-service/Dockerfile-http-server +++ b/examples/load-reporting-service/Dockerfile-http-server @@ -1,11 +1,8 @@ -FROM envoyproxy/envoy-alpine-dev:latest - -RUN apk update && apk add py3-pip bash curl -RUN mkdir /code -ADD ./start_service.sh /usr/local/bin/start_service.sh -COPY . ./code +FROM alpine:latest +RUN apk update && apk add py3-pip RUN pip3 install -q Flask==0.11.1 +RUN mkdir /code +COPY ./service.py ./code -RUN chmod u+x /usr/local/bin/start_service.sh -ENTRYPOINT ["/bin/sh", "/usr/local/bin/start_service.sh"] +CMD ["python3", "/code/service.py"] diff --git a/examples/load-reporting-service/docker-compose.yaml b/examples/load-reporting-service/docker-compose.yaml index a5182e2b6de2..3298a8287a01 100644 --- a/examples/load-reporting-service/docker-compose.yaml +++ b/examples/load-reporting-service/docker-compose.yaml @@ -1,29 +1,23 @@ version: '3.7' services: + envoy: + build: + context: . + dockerfile: Dockerfile-envoy + ports: + - "80-81:80" + http_service: build: context: . dockerfile: Dockerfile-http-server - volumes: - - ./service-envoy-w-lrs.yaml:/etc/service-envoy-w-lrs.yaml - environment: - ENVOY_UID: 0 - networks: - - envoymesh - ports: - - "80-81:80" lrs_server: build: context: . dockerfile: Dockerfile-lrs - networks: - - envoymesh volumes: - - /go/src/github.com/envoyproxy/envoy/examples/load-reporting-service + - /go/src/github.com/envoyproxy/envoy/examples/load-reporting-service ports: - - "18000:18000" - -networks: - envoymesh: {} + - "18000:18000" diff --git a/examples/load-reporting-service/service-envoy-w-lrs.yaml b/examples/load-reporting-service/service-envoy-w-lrs.yaml index e908f8ff1582..8c40861470bc 100644 --- a/examples/load-reporting-service/service-envoy-w-lrs.yaml +++ b/examples/load-reporting-service/service-envoy-w-lrs.yaml @@ -27,7 +27,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -37,10 +36,9 @@ static_resources: - endpoint: address: socket_address: - address: 127.0.0.1 + address: http_service port_value: 8082 - name: load_reporting_cluster - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/load-reporting-service/http_server.py b/examples/load-reporting-service/service.py similarity index 100% rename from examples/load-reporting-service/http_server.py rename to examples/load-reporting-service/service.py diff --git a/examples/load-reporting-service/start_service.sh b/examples/load-reporting-service/start_service.sh deleted file mode 100644 index 3fa5d85f7a37..000000000000 --- a/examples/load-reporting-service/start_service.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -python3 /code/http_server.py & -/usr/local/bin/envoy -c /etc/service-envoy-w-lrs.yaml --service-node "${HOSTNAME}" --service-cluster http_service diff --git a/examples/lua/docker-compose.yaml b/examples/lua/docker-compose.yaml index e21a52c2be0a..f1d36fba7339 100644 --- a/examples/lua/docker-compose.yaml +++ b/examples/lua/docker-compose.yaml @@ -6,18 +6,18 @@ services: context: . dockerfile: Dockerfile-proxy networks: - - envoymesh + - envoymesh ports: - - "8000:8000" + - "8000:8000" web_service: build: context: . dockerfile: Dockerfile-web-service networks: - - envoymesh + - envoymesh ports: - - "8080:80" + - "8080:80" networks: envoymesh: {} diff --git a/examples/lua/envoy.yaml b/examples/lua/envoy.yaml index f46988822990..2876d1e9d8cb 100644 --- a/examples/lua/envoy.yaml +++ b/examples/lua/envoy.yaml @@ -42,8 +42,7 @@ static_resources: clusters: - name: web_service - connect_timeout: 0.25s - type: STRICT_DNS # static + type: STRICT_DNS # static lb_policy: ROUND_ROBIN load_assignment: cluster_name: web_service diff --git a/examples/mysql/docker-compose.yaml b/examples/mysql/docker-compose.yaml index 22c46dc72e7a..42a880eac877 100644 --- a/examples/mysql/docker-compose.yaml +++ b/examples/mysql/docker-compose.yaml @@ -6,19 +6,19 @@ services: context: . dockerfile: Dockerfile-proxy networks: - - envoymesh + - envoymesh ports: - - "1999:1999" - - "8001:8001" + - "1999:1999" + - "8001:8001" mysql: build: context: . dockerfile: Dockerfile-mysql networks: - - envoymesh + - envoymesh environment: - - MYSQL_ALLOW_EMPTY_PASSWORD=yes + - MYSQL_ALLOW_EMPTY_PASSWORD=yes networks: envoymesh: diff --git a/examples/mysql/envoy.yaml b/examples/mysql/envoy.yaml index b530e0e2f694..4760b2c3eaca 100644 --- a/examples/mysql/envoy.yaml +++ b/examples/mysql/envoy.yaml @@ -19,7 +19,6 @@ static_resources: clusters: - name: mysql_cluster - connect_timeout: 1s type: STRICT_DNS load_assignment: cluster_name: mysql_cluster diff --git a/examples/postgres/docker-compose.yaml b/examples/postgres/docker-compose.yaml index c4073f142225..0532125d5913 100644 --- a/examples/postgres/docker-compose.yaml +++ b/examples/postgres/docker-compose.yaml @@ -8,8 +8,8 @@ services: networks: envoymesh: ports: - - "1999:1999" - - "8001:8001" + - "1999:1999" + - "8001:8001" command: "/usr/local/bin/envoy -c /etc/envoy.yaml -l debug" postgres: diff --git a/examples/postgres/envoy.yaml b/examples/postgres/envoy.yaml index 5433bc54b6eb..bc3bbe7b373e 100644 --- a/examples/postgres/envoy.yaml +++ b/examples/postgres/envoy.yaml @@ -19,7 +19,6 @@ static_resources: clusters: - name: postgres_cluster - connect_timeout: 1s type: STRICT_DNS load_assignment: cluster_name: postgres_cluster diff --git a/examples/redis/docker-compose.yaml b/examples/redis/docker-compose.yaml index 1dc0b9e21dd2..8dc223a2f5d2 100644 --- a/examples/redis/docker-compose.yaml +++ b/examples/redis/docker-compose.yaml @@ -6,10 +6,10 @@ services: context: . dockerfile: Dockerfile-proxy networks: - - envoymesh + - envoymesh ports: - - "1999:1999" - - "8001:8001" + - "1999:1999" + - "8001:8001" redis: build: @@ -18,7 +18,7 @@ services: networks: envoymesh: aliases: - - redis_server + - redis_server networks: envoymesh: {} diff --git a/examples/redis/envoy.yaml b/examples/redis/envoy.yaml index d9f4bd9450b4..7af3a0e196b0 100644 --- a/examples/redis/envoy.yaml +++ b/examples/redis/envoy.yaml @@ -18,8 +18,7 @@ static_resources: cluster: redis_cluster clusters: - name: redis_cluster - connect_timeout: 1s - type: STRICT_DNS # static + type: STRICT_DNS # static lb_policy: MAGLEV load_assignment: cluster_name: redis_cluster diff --git a/examples/skywalking-tracing/docker-compose.yaml b/examples/skywalking-tracing/docker-compose.yaml index e09ddb4b141a..6962e59e0adc 100644 --- a/examples/skywalking-tracing/docker-compose.yaml +++ b/examples/skywalking-tracing/docker-compose.yaml @@ -6,43 +6,43 @@ services: context: . dockerfile: Dockerfile-frontenvoy networks: - - envoymesh + - envoymesh ports: - - 8000:8000 - - 8001:8001 + - 8000:8000 + - 8001:8001 depends_on: - - skywalking-oap + - skywalking-oap # First service. service1: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service1-envoy-skywalking.yaml:/etc/service-envoy.yaml + - ./service1-envoy-skywalking.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 depends_on: - - skywalking-oap + - skywalking-oap # Second service. service2: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service2-envoy-skywalking.yaml:/etc/service-envoy.yaml + - ./service2-envoy-skywalking.yaml:/etc/service-envoy.yaml networks: - - envoymesh + - envoymesh environment: - - SERVICE_NAME=2 + - SERVICE_NAME=2 depends_on: - - skywalking-oap + - skywalking-oap # Skywalking components. elasticsearch: image: elasticsearch:7.9.2 networks: - - envoymesh + - envoymesh healthcheck: test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"] interval: 30s @@ -56,11 +56,11 @@ services: soft: -1 hard: -1 skywalking-oap: - image: apache/skywalking-oap-server:8.4.0-es7 + image: apache/skywalking-oap-server:8.6.0-es7 networks: - - envoymesh + - envoymesh depends_on: - - elasticsearch + - elasticsearch environment: SW_STORAGE: elasticsearch7 SW_STORAGE_ES_CLUSTER_NODES: elasticsearch:9200 @@ -72,13 +72,13 @@ services: start_period: 40s restart: on-failure skywalking-ui: - image: apache/skywalking-ui:8.4.0 + image: apache/skywalking-ui:8.6.0 networks: - - envoymesh + - envoymesh depends_on: - - skywalking-oap + - skywalking-oap ports: - - 8080:8080 + - 8080:8080 environment: SW_OAP_ADDRESS: skywalking-oap:12800 networks: diff --git a/examples/skywalking-tracing/front-envoy-skywalking.yaml b/examples/skywalking-tracing/front-envoy-skywalking.yaml index 61baeec4add1..eddedbb40787 100644 --- a/examples/skywalking-tracing/front-envoy-skywalking.yaml +++ b/examples/skywalking-tracing/front-envoy-skywalking.yaml @@ -45,7 +45,6 @@ static_resources: start_child_span: true clusters: - name: service1 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: @@ -63,7 +62,6 @@ static_resources: address: service1 port_value: 8000 - name: skywalking - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/skywalking-tracing/service1-envoy-skywalking.yaml b/examples/skywalking-tracing/service1-envoy-skywalking.yaml index fc3220bb5a00..96937a17b4fc 100644 --- a/examples/skywalking-tracing/service1-envoy-skywalking.yaml +++ b/examples/skywalking-tracing/service1-envoy-skywalking.yaml @@ -86,7 +86,6 @@ static_resources: start_child_span: true clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -99,7 +98,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: service2 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: @@ -117,7 +115,6 @@ static_resources: address: service2 port_value: 8000 - name: skywalking - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/skywalking-tracing/service2-envoy-skywalking.yaml b/examples/skywalking-tracing/service2-envoy-skywalking.yaml index 0cdb6ded67a5..5a9eb92e9dd7 100644 --- a/examples/skywalking-tracing/service2-envoy-skywalking.yaml +++ b/examples/skywalking-tracing/service2-envoy-skywalking.yaml @@ -44,7 +44,6 @@ static_resources: start_child_span: true clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -57,7 +56,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: skywalking - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN typed_extension_protocol_options: diff --git a/examples/tls-inspector/docker-compose.yaml b/examples/tls-inspector/docker-compose.yaml index c2fd6b665192..879aa860d466 100644 --- a/examples/tls-inspector/docker-compose.yaml +++ b/examples/tls-inspector/docker-compose.yaml @@ -6,23 +6,23 @@ services: context: . dockerfile: Dockerfile ports: - - "10000:10000" - - "12345:12345" + - "10000:10000" + - "12345:12345" service-https-http2: image: mendhak/http-https-echo hostname: service-https-http2 environment: - - HTTP_PORT=0 + - HTTP_PORT=0 service-https-http1.1: image: mendhak/http-https-echo hostname: service-https-http1.1 environment: - - HTTP_PORT=0 + - HTTP_PORT=0 service-http: image: mendhak/http-https-echo hostname: service-http environment: - - HTTPS_PORT=0 + - HTTPS_PORT=0 diff --git a/examples/tls-inspector/envoy.yaml b/examples/tls-inspector/envoy.yaml index d4462920d891..b8e444dae1f2 100644 --- a/examples/tls-inspector/envoy.yaml +++ b/examples/tls-inspector/envoy.yaml @@ -11,9 +11,9 @@ static_resources: address: 0.0.0.0 port_value: 10000 listener_filters: - - name: "envoy.filters.listener.tls_inspector" - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector + - name: "envoy.filters.listener.tls_inspector" + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector filter_chains: - filter_chain_match: transport_protocol: tls @@ -43,7 +43,6 @@ static_resources: clusters: - name: service-https-http2 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -56,7 +55,6 @@ static_resources: address: service-https-http2 port_value: 443 - name: service-https-http1.1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -69,7 +67,6 @@ static_resources: address: service-https-http1.1 port_value: 443 - name: service-http - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls-sni/docker-compose.yaml b/examples/tls-sni/docker-compose.yaml index 0c5fbd4ac516..a76732c16195 100644 --- a/examples/tls-sni/docker-compose.yaml +++ b/examples/tls-sni/docker-compose.yaml @@ -6,29 +6,29 @@ services: context: . dockerfile: Dockerfile ports: - - "10000:10000" + - "10000:10000" proxy-client: build: context: . dockerfile: Dockerfile-client ports: - - "20000:10000" + - "20000:10000" http-upstream1: image: mendhak/http-https-echo hostname: http-upstream1 environment: - - HTTPS_PORT=0 + - HTTPS_PORT=0 http-upstream2: image: mendhak/http-https-echo hostname: http-upstream2 environment: - - HTTPS_PORT=0 + - HTTPS_PORT=0 https-upstream3: image: mendhak/http-https-echo hostname: https-upstream3 environment: - - HTTP_PORT=0 + - HTTP_PORT=0 diff --git a/examples/tls-sni/envoy-client.yaml b/examples/tls-sni/envoy-client.yaml index e64aae12dc2a..b99bbeead452 100644 --- a/examples/tls-sni/envoy-client.yaml +++ b/examples/tls-sni/envoy-client.yaml @@ -35,7 +35,6 @@ static_resources: clusters: - name: proxy-client-domain1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -54,7 +53,6 @@ static_resources: sni: domain1.example.com - name: proxy-client-domain2 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -73,7 +71,6 @@ static_resources: sni: domain2.example.com - name: proxy-client-domain3 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls-sni/envoy.yaml b/examples/tls-sni/envoy.yaml index 7ad9843c6d8c..b6248f9d748a 100644 --- a/examples/tls-sni/envoy.yaml +++ b/examples/tls-sni/envoy.yaml @@ -85,7 +85,6 @@ static_resources: clusters: - name: proxy-domain1 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -99,7 +98,6 @@ static_resources: port_value: 80 - name: proxy-domain2 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -113,7 +111,6 @@ static_resources: port_value: 80 - name: proxy-domain3 - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls/docker-compose.yaml b/examples/tls/docker-compose.yaml index 1db7809a2220..46b9a41f14c9 100644 --- a/examples/tls/docker-compose.yaml +++ b/examples/tls/docker-compose.yaml @@ -6,37 +6,37 @@ services: context: . dockerfile: Dockerfile-proxy-https-http ports: - - "10000:10000" + - "10000:10000" proxy-https-to-https: build: context: . dockerfile: Dockerfile-proxy-https-https ports: - - "10001:10000" + - "10001:10000" proxy-http-to-https: build: context: . dockerfile: Dockerfile-proxy-http-https ports: - - "10002:10000" + - "10002:10000" proxy-https-passthrough: build: context: . dockerfile: Dockerfile-proxy-https-passthrough ports: - - "10003:10000" + - "10003:10000" service-http: image: mendhak/http-https-echo hostname: service-http environment: - - HTTPS_PORT=0 + - HTTPS_PORT=0 service-https: image: mendhak/http-https-echo hostname: service-https environment: - - HTTP_PORT=0 + - HTTP_PORT=0 diff --git a/examples/tls/envoy-http-https.yaml b/examples/tls/envoy-http-https.yaml index 0695099e8981..ae532dd7c355 100644 --- a/examples/tls/envoy-http-https.yaml +++ b/examples/tls/envoy-http-https.yaml @@ -27,7 +27,6 @@ static_resources: clusters: - name: service-https - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls/envoy-https-http.yaml b/examples/tls/envoy-https-http.yaml index 79496d520e00..640b0ca8429d 100644 --- a/examples/tls/envoy-https-http.yaml +++ b/examples/tls/envoy-https-http.yaml @@ -90,7 +90,6 @@ static_resources: clusters: - name: service-http - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls/envoy-https-https.yaml b/examples/tls/envoy-https-https.yaml index 2702adb6b8e9..13a60d4d9c36 100644 --- a/examples/tls/envoy-https-https.yaml +++ b/examples/tls/envoy-https-https.yaml @@ -90,7 +90,6 @@ static_resources: clusters: - name: service-https - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/tls/envoy-https-passthrough.yaml b/examples/tls/envoy-https-passthrough.yaml index 3c7a221ff060..8707204a5c41 100644 --- a/examples/tls/envoy-https-passthrough.yaml +++ b/examples/tls/envoy-https-passthrough.yaml @@ -14,7 +14,6 @@ static_resources: clusters: - name: service-https - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/udp/docker-compose.yaml b/examples/udp/docker-compose.yaml index 1127d4894e52..fa17ea189304 100644 --- a/examples/udp/docker-compose.yaml +++ b/examples/udp/docker-compose.yaml @@ -6,8 +6,8 @@ services: context: . dockerfile: Dockerfile ports: - - "10000:10000/udp" - - "10001:10001" + - "10000:10000/udp" + - "10001:10001" service-udp: image: mendhak/udp-listener diff --git a/examples/udp/envoy.yaml b/examples/udp/envoy.yaml index 6ae56223a2fc..9937bba45f1f 100644 --- a/examples/udp/envoy.yaml +++ b/examples/udp/envoy.yaml @@ -16,7 +16,6 @@ static_resources: clusters: - name: service_udp - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/vrp-litmus/docker-compose.yaml b/examples/vrp-litmus/docker-compose.yaml index 46eefcafb9aa..db11603fa012 100644 --- a/examples/vrp-litmus/docker-compose.yaml +++ b/examples/vrp-litmus/docker-compose.yaml @@ -9,9 +9,9 @@ services: ENVOY_EDGE_EXTRA_ARGS: "" ENVOY_ORIGIN_EXTRA_ARGS: "" networks: - - envoymesh + - envoymesh ports: - - "10000:10000" + - "10000:10000" networks: envoymesh: {} diff --git a/examples/vrp-local/docker-compose.yaml b/examples/vrp-local/docker-compose.yaml index 46eefcafb9aa..db11603fa012 100644 --- a/examples/vrp-local/docker-compose.yaml +++ b/examples/vrp-local/docker-compose.yaml @@ -9,9 +9,9 @@ services: ENVOY_EDGE_EXTRA_ARGS: "" ENVOY_ORIGIN_EXTRA_ARGS: "" networks: - - envoymesh + - envoymesh ports: - - "10000:10000" + - "10000:10000" networks: envoymesh: {} diff --git a/examples/wasm-cc/BUILD b/examples/wasm-cc/BUILD index dcc8ea0ea275..d8a2c77e2c9f 100644 --- a/examples/wasm-cc/BUILD +++ b/examples/wasm-cc/BUILD @@ -43,3 +43,8 @@ envoy_wasm_cc_binary( name = "envoy_filter_http_wasm_updated_example.wasm", srcs = ["envoy_filter_http_wasm_updated_example.cc"], ) + +filegroup( + name = "files", + srcs = glob(["**/*"]), +) diff --git a/examples/wasm-cc/docker-compose-wasm.yaml b/examples/wasm-cc/docker-compose-wasm.yaml index 32caf4245c27..0f3c45f09ce1 100644 --- a/examples/wasm-cc/docker-compose-wasm.yaml +++ b/examples/wasm-cc/docker-compose-wasm.yaml @@ -8,8 +8,8 @@ services: && cp -a bazel-bin/examples/wasm-cc/* /build" working_dir: /source volumes: - - ../..:/source - - ./lib:/build + - ../..:/source + - ./lib:/build wasm_compile: image: envoyproxy/envoy-build-ubuntu:55d9e4719d2bd0accce8f829b44dab70cd42112a @@ -18,5 +18,5 @@ services: && cp -a bazel-bin/examples/wasm-cc/* /build" working_dir: /source volumes: - - ../..:/source - - ./lib:/build + - ../..:/source + - ./lib:/build diff --git a/examples/wasm-cc/docker-compose.yaml b/examples/wasm-cc/docker-compose.yaml index 8e9f1aacbcb0..948de012b98b 100644 --- a/examples/wasm-cc/docker-compose.yaml +++ b/examples/wasm-cc/docker-compose.yaml @@ -6,18 +6,18 @@ services: context: . dockerfile: Dockerfile-proxy depends_on: - - web_service + - web_service networks: - - envoymesh + - envoymesh ports: - - "8000:8000" + - "8000:8000" web_service: build: context: . dockerfile: Dockerfile-web-service networks: - - envoymesh + - envoymesh networks: envoymesh: {} diff --git a/examples/wasm-cc/envoy.yaml b/examples/wasm-cc/envoy.yaml index 1d04c7a26f62..e65d4e6ce826 100644 --- a/examples/wasm-cc/envoy.yaml +++ b/examples/wasm-cc/envoy.yaml @@ -47,7 +47,6 @@ static_resources: clusters: - name: web_service - connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: diff --git a/examples/websocket/docker-compose.yaml b/examples/websocket/docker-compose.yaml index 0435bfddaec2..14cf5f983e4e 100644 --- a/examples/websocket/docker-compose.yaml +++ b/examples/websocket/docker-compose.yaml @@ -6,21 +6,21 @@ services: context: . dockerfile: Dockerfile-proxy-ws ports: - - "10000:10000" + - "10000:10000" proxy-wss-wss: build: context: . dockerfile: Dockerfile-proxy-wss ports: - - "20000:10000" + - "20000:10000" proxy-wss-passthrough: build: context: . dockerfile: Dockerfile-proxy-wss-passthrough ports: - - "30000:10000" + - "30000:10000" service-ws: image: solsson/websocat @@ -32,4 +32,4 @@ services: hostname: service-wss command: wss-listen:0.0.0.0:443 literalreply:"[wss] HELO" --pkcs12-der /certs/output.pkcs12 volumes: - - ./certs/output.pkcs12:/certs/output.pkcs12 + - ./certs/output.pkcs12:/certs/output.pkcs12 diff --git a/examples/websocket/envoy-ws.yaml b/examples/websocket/envoy-ws.yaml index aa670d2bd412..5db9005f3d53 100644 --- a/examples/websocket/envoy-ws.yaml +++ b/examples/websocket/envoy-ws.yaml @@ -28,7 +28,6 @@ static_resources: clusters: - name: service_ws - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/websocket/envoy-wss-passthrough.yaml b/examples/websocket/envoy-wss-passthrough.yaml index 5d546329c3e1..6634d483def6 100644 --- a/examples/websocket/envoy-wss-passthrough.yaml +++ b/examples/websocket/envoy-wss-passthrough.yaml @@ -14,7 +14,6 @@ static_resources: clusters: - name: service_wss_passthrough - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/websocket/envoy-wss.yaml b/examples/websocket/envoy-wss.yaml index 8e94de35f591..f4dee8fd0bd7 100644 --- a/examples/websocket/envoy-wss.yaml +++ b/examples/websocket/envoy-wss.yaml @@ -91,7 +91,6 @@ static_resources: clusters: - name: service_wss - connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/win32-front-proxy/Dockerfile-frontenvoy b/examples/win32-front-proxy/Dockerfile-frontenvoy new file mode 100644 index 000000000000..3a3494f54c0d --- /dev/null +++ b/examples/win32-front-proxy/Dockerfile-frontenvoy @@ -0,0 +1,6 @@ +FROM envoyproxy/envoy-windows-dev:latest + +COPY ./front-envoy.yaml './front-envoy.yaml' +COPY ./start_envoy.ps1 ./start_envoy.ps1 +ENTRYPOINT ["powershell.exe", "./start_envoy.ps1"] + diff --git a/examples/win32-front-proxy/Dockerfile-service b/examples/win32-front-proxy/Dockerfile-service new file mode 100644 index 000000000000..a347d8c3189f --- /dev/null +++ b/examples/win32-front-proxy/Dockerfile-service @@ -0,0 +1,12 @@ +FROM envoyproxy/envoy-windows-dev:latest + +COPY ./setup_python.ps1 / + +RUN powershell.exe .\\setup_python.ps1 +RUN pip3 install -q Flask==0.11.1 requests==2.18.4 + +RUN powershell mkdir code +ADD ./service.py ./code +ADD ./service-envoy.yaml ./service-envoy.yaml +ADD ./start_service.ps1 ./start_service.ps1 +ENTRYPOINT ["powershell.exe", "./start_service.ps1"] diff --git a/examples/win32-front-proxy/README.md b/examples/win32-front-proxy/README.md new file mode 100644 index 000000000000..cca1fdaf55f9 --- /dev/null +++ b/examples/win32-front-proxy/README.md @@ -0,0 +1,2 @@ +To learn about this sandbox and for instructions on how to run it please head over +to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/win32_front_proxy.html) diff --git a/examples/win32-front-proxy/docker-compose.yaml b/examples/win32-front-proxy/docker-compose.yaml new file mode 100644 index 000000000000..5c5b31adeb32 --- /dev/null +++ b/examples/win32-front-proxy/docker-compose.yaml @@ -0,0 +1,34 @@ +version: "3.7" +services: + + front-envoy: + build: + context: . + dockerfile: Dockerfile-frontenvoy + networks: + - envoymesh + ports: + - "8080:8080" + - "8443:8443" + - "8003:8003" + + service1: + build: + context: . + dockerfile: Dockerfile-service + networks: + - envoymesh + environment: + - SERVICE_NAME=1 + + service2: + build: + context: . + dockerfile: Dockerfile-service + networks: + - envoymesh + environment: + - SERVICE_NAME=2 + +networks: + envoymesh: {} diff --git a/examples/win32-front-proxy/front-envoy.yaml b/examples/win32-front-proxy/front-envoy.yaml new file mode 100644 index 000000000000..2cc1c547bef8 --- /dev/null +++ b/examples/win32-front-proxy/front-envoy.yaml @@ -0,0 +1,167 @@ +static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 8080 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: AUTO + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/service/1" + route: + cluster: service1 + - match: + prefix: "/service/2" + route: + cluster: service2 + http_filters: + - name: envoy.filters.http.router + typed_config: {} + + - address: + socket_address: + address: 0.0.0.0 + port_value: 8443 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + codec_type: AUTO + stat_prefix: ingress_http + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + prefix: "/service/1" + route: + cluster: service1 + - match: + prefix: "/service/2" + route: + cluster: service2 + http_filters: + - name: envoy.filters.http.router + typed_config: {} + + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext + common_tls_context: + tls_certificates: + # The following self-signed certificate pair is generated using: + # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy' + # + # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy + # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource. + # + # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via + # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret. + - certificate_chain: + inline_string: | + -----BEGIN CERTIFICATE----- + MIICqDCCAZACCQCquzpHNpqBcDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtm + cm9udC1lbnZveTAeFw0yMDA3MDgwMTMxNDZaFw0zMDA3MDYwMTMxNDZaMBYxFDAS + BgNVBAMMC2Zyb250LWVudm95MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC + AQEAthnYkqVQBX+Wg7aQWyCCb87hBce1hAFhbRM8Y9dQTqxoMXZiA2n8G089hUou + oQpEdJgitXVS6YMFPFUUWfwcqxYAynLK4X5im26Yfa1eO8La8sZUS+4Bjao1gF5/ + VJxSEo2yZ7fFBo8M4E44ZehIIocipCRS+YZehFs6dmHoq/MGvh2eAHIa+O9xssPt + ofFcQMR8rwBHVbKy484O10tNCouX4yUkyQXqCRy6HRu7kSjOjNKSGtjfG+h5M8bh + 10W7ZrsJ1hWhzBulSaMZaUY3vh5ngpws1JATQVSK1Jm/dmMRciwlTK7KfzgxHlSX + 58ENpS7yPTISkEICcLbXkkKGEQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCmj6Hg + vwOxWz0xu+6fSfRL6PGJUGq6wghCfUvjfwZ7zppDUqU47fk+yqPIOzuGZMdAqi7N + v1DXkeO4A3hnMD22Rlqt25vfogAaZVToBeQxCPd/ALBLFrvLUFYuSlS3zXSBpQqQ + Ny2IKFYsMllz5RSROONHBjaJOn5OwqenJ91MPmTAG7ujXKN6INSBM0PjX9Jy4Xb9 + zT+I85jRDQHnTFce1WICBDCYidTIvJtdSSokGSuy4/xyxAAc/BpZAfOjBQ4G1QRe + 9XwOi790LyNUYFJVyeOvNJwveloWuPLHb9idmY5YABwikUY6QNcXwyHTbRCkPB2I + m+/R4XnmL4cKQ+5Z + -----END CERTIFICATE----- + private_key: + inline_string: | + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2GdiSpVAFf5aD + tpBbIIJvzuEFx7WEAWFtEzxj11BOrGgxdmIDafwbTz2FSi6hCkR0mCK1dVLpgwU8 + VRRZ/ByrFgDKcsrhfmKbbph9rV47wtryxlRL7gGNqjWAXn9UnFISjbJnt8UGjwzg + Tjhl6EgihyKkJFL5hl6EWzp2Yeir8wa+HZ4Achr473Gyw+2h8VxAxHyvAEdVsrLj + zg7XS00Ki5fjJSTJBeoJHLodG7uRKM6M0pIa2N8b6HkzxuHXRbtmuwnWFaHMG6VJ + oxlpRje+HmeCnCzUkBNBVIrUmb92YxFyLCVMrsp/ODEeVJfnwQ2lLvI9MhKQQgJw + tteSQoYRAgMBAAECggEAeDGdEkYNCGQLe8pvg8Z0ccoSGpeTxpqGrNEKhjfi6NrB + NwyVav10iq4FxEmPd3nobzDPkAftfvWc6hKaCT7vyTkPspCMOsQJ39/ixOk+jqFx + lNa1YxyoZ9IV2DIHR1iaj2Z5gB367PZUoGTgstrbafbaNY9IOSyojCIO935ubbcx + DWwL24XAf51ez6sXnI8V5tXmrFlNXhbhJdH8iIxNyM45HrnlUlOk0lCK4gmLJjy9 + 10IS2H2Wh3M5zsTpihH1JvM56oAH1ahrhMXs/rVFXXkg50yD1KV+HQiEbglYKUxO + eMYtfaY9i2CuLwhDnWp3oxP3HfgQQhD09OEN3e0IlQKBgQDZ/3poG9TiMZSjfKqL + xnCABMXGVQsfFWNC8THoW6RRx5Rqi8q08yJrmhCu32YKvccsOljDQJQQJdQO1g09 + e/adJmCnTrqxNtjPkX9txV23Lp6Ak7emjiQ5ICu7iWxrcO3zf7hmKtj7z+av8sjO + mDI7NkX5vnlE74nztBEjp3eC0wKBgQDV2GeJV028RW3b/QyP3Gwmax2+cKLR9PKR + nJnmO5bxAT0nQ3xuJEAqMIss/Rfb/macWc2N/6CWJCRT6a2vgy6xBW+bqG6RdQMB + xEZXFZl+sSKhXPkc5Wjb4lQ14YWyRPrTjMlwez3k4UolIJhJmwl+D7OkMRrOUERO + EtUvc7odCwKBgBi+nhdZKWXveM7B5N3uzXBKmmRz3MpPdC/yDtcwJ8u8msUpTv4R + JxQNrd0bsIqBli0YBmFLYEMg+BwjAee7vXeDFq+HCTv6XMva2RsNryCO4yD3I359 + XfE6DJzB8ZOUgv4Dvluie3TB2Y6ZQV/p+LGt7G13yG4hvofyJYvlg3RPAoGAcjDg + +OH5zLN2eqah8qBN0CYa9/rFt0AJ19+7/smLTJ7QvQq4g0gwS1couplcCEnNGWiK + 72y1n/ckvvplmPeAE19HveMvR9UoCeV5ej86fACy8V/oVpnaaLBvL2aCMjPLjPP9 + DWeCIZp8MV86cvOrGfngf6kJG2qZTueXl4NAuwkCgYEArKkhlZVXjwBoVvtHYmN2 + o+F6cGMlRJTLhNc391WApsgDZfTZSdeJsBsvvzS/Nc0burrufJg0wYioTlpReSy4 + ohhtprnQQAddfjHP7rh2LGt+irFzhdXXQ1ybGaGM9D764KUNCXLuwdly0vzXU4HU + q5sGxGrC1RECGB5Zwx2S2ZY= + -----END PRIVATE KEY----- + + clusters: + - name: service1 + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: service1 + port_value: 8000 + - name: service2 + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service2 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: service2 + port_value: 8000 +admin: + address: + socket_address: + address: 0.0.0.0 + port_value: 8001 +layered_runtime: + layers: + - name: static_layer_0 + static_layer: + envoy: + resource_limits: + listener: + example_listener_name: + connection_limit: 10000 diff --git a/examples/cache/service-envoy.yaml b/examples/win32-front-proxy/service-envoy.yaml similarity index 100% rename from examples/cache/service-envoy.yaml rename to examples/win32-front-proxy/service-envoy.yaml diff --git a/examples/win32-front-proxy/service.py b/examples/win32-front-proxy/service.py new file mode 100644 index 000000000000..d08b0a897c9e --- /dev/null +++ b/examples/win32-front-proxy/service.py @@ -0,0 +1,31 @@ +from flask import Flask +import os +import requests +import socket +import sys + +app = Flask(__name__) + + +@app.route('/service/') +def hello(service_number): + return ( + 'Hello from behind Envoy (service {})! hostname: {} resolved' + 'hostname: {}\n'.format( + os.environ['SERVICE_NAME'], socket.gethostname(), + socket.gethostbyname(socket.gethostname()))) + + +@app.route('/trace/') +def trace(service_number): + if int(os.environ['SERVICE_NAME']) == 1: + requests.get("http://localhost:9000/trace/2") + return ( + 'Hello from behind Envoy (service {})! hostname: {} resolved' + 'hostname: {}\n'.format( + os.environ['SERVICE_NAME'], socket.gethostname(), + socket.gethostbyname(socket.gethostname()))) + + +if __name__ == "__main__": + app.run(host='127.0.0.1', port=8080, debug=True) diff --git a/examples/win32-front-proxy/setup_python.ps1 b/examples/win32-front-proxy/setup_python.ps1 new file mode 100644 index 000000000000..0905a4b03062 --- /dev/null +++ b/examples/win32-front-proxy/setup_python.ps1 @@ -0,0 +1,54 @@ +$ErrorActionPreference = "Stop"; + +function DownloadAndCheck +{ + param([string]$to, [string]$url, [string]$sha256) + + Write-Host "Downloading $url to $to..." + (New-Object System.Net.WebClient).DownloadFile($url, $to) + $actual = (Get-FileHash -Path $to -Algorithm SHA256).Hash + if ($actual -ne $sha256) { + Write-Host "Download of $url to $to is invalid, expected sha256: $sha256, but got: $actual"; + exit 1 + } + Write-Host "done." +} + +function AddToPath +{ + param([string] $directory) + + $oldPath = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path + $newPath = "$oldPath;$directory" + Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $newPath + # Add to local path so subsequent commands have access to the executables they need + $env:PATH += ";$directory" + Write-Host "Added $directory to PATH" +} + +function RunAndCheckError +{ + param([string] $exe, [string[]] $argList, [Parameter(Mandatory=$false)] $isInstaller = $false) + + Write-Host "Running '$exe $argList'..." + if ($isInstaller) { + Write-Host "(running as Windows software installer)" + Start-Process $exe -ArgumentList "$argList" -Wait -NoNewWindow + } else { + &$exe $argList + if ($LASTEXITCODE -ne 0) { + Write-Host "$exe $argList exited with code $LASTEXITCODE" + exit $LASTEXITCODE + } + } + Write-Host "done." +} + +# Python3 (do not install via msys2 or the MS store's flavors, this version follows Win32 semantics) +DownloadAndCheck $env:TEMP\python3-installer.exe ` + https://www.python.org/ftp/python/3.8.5/python-3.8.5-amd64.exe ` + cd427c7b17337d7c13761ca20877d2d8be661bd30415ddc17072a31a65a91b64 +# python installer needs to be run as an installer with Start-Process +RunAndCheckError "$env:TEMP\python3-installer.exe" @("/quiet", "InstallAllUsers=1", "Include_launcher=0", "InstallLauncherAllUsers=0") $true +AddToPath $env:ProgramFiles\Python38 +AddToPath $env:ProgramFiles\Python38\Scripts diff --git a/examples/win32-front-proxy/start_envoy.ps1 b/examples/win32-front-proxy/start_envoy.ps1 new file mode 100644 index 000000000000..efe1e2592e24 --- /dev/null +++ b/examples/win32-front-proxy/start_envoy.ps1 @@ -0,0 +1 @@ +& 'C:\\Program Files\\envoy\\envoy.exe' --config-path .\front-envoy.yaml --service-cluster front-proxy diff --git a/examples/win32-front-proxy/start_service.ps1 b/examples/win32-front-proxy/start_service.ps1 new file mode 100644 index 000000000000..0aabb3b0b3de --- /dev/null +++ b/examples/win32-front-proxy/start_service.ps1 @@ -0,0 +1,4 @@ +Start-Process -FilePath "python" -ArgumentList @("./code/service.py") + +$serviceName = "service$env:ServiceId" +& 'C:\\Program Files\\envoy\\envoy.exe' --config-path .\service-envoy.yaml --service-cluster $serviceName diff --git a/examples/zipkin-tracing/docker-compose.yaml b/examples/zipkin-tracing/docker-compose.yaml index 6f0e7542186e..443a4377070e 100644 --- a/examples/zipkin-tracing/docker-compose.yaml +++ b/examples/zipkin-tracing/docker-compose.yaml @@ -6,44 +6,44 @@ services: context: . dockerfile: Dockerfile-frontenvoy networks: - - envoymesh + - envoymesh ports: - - "8000:8000" + - "8000:8000" service1: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service1-envoy-zipkin.yaml:/etc/service-envoy.yaml + - ./service1-envoy-zipkin.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - - service1 + - service1 environment: - - SERVICE_NAME=1 + - SERVICE_NAME=1 service2: build: context: ../front-proxy dockerfile: Dockerfile-service volumes: - - ./service2-envoy-zipkin.yaml:/etc/service-envoy.yaml + - ./service2-envoy-zipkin.yaml:/etc/service-envoy.yaml networks: envoymesh: aliases: - - service2 + - service2 environment: - - SERVICE_NAME=2 + - SERVICE_NAME=2 zipkin: image: openzipkin/zipkin networks: envoymesh: aliases: - - zipkin + - zipkin ports: - - "9411:9411" + - "9411:9411" networks: envoymesh: {} diff --git a/examples/zipkin-tracing/front-envoy-zipkin.yaml b/examples/zipkin-tracing/front-envoy-zipkin.yaml index 599b28d009b5..7fc5cfb61f70 100644 --- a/examples/zipkin-tracing/front-envoy-zipkin.yaml +++ b/examples/zipkin-tracing/front-envoy-zipkin.yaml @@ -46,7 +46,6 @@ static_resources: typed_config: {} clusters: - name: service1 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -59,7 +58,6 @@ static_resources: address: service1 port_value: 8000 - name: zipkin - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/zipkin-tracing/service1-envoy-zipkin.yaml b/examples/zipkin-tracing/service1-envoy-zipkin.yaml index b006bed4b419..fd790aa3c1e9 100644 --- a/examples/zipkin-tracing/service1-envoy-zipkin.yaml +++ b/examples/zipkin-tracing/service1-envoy-zipkin.yaml @@ -74,7 +74,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -87,7 +86,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: service2 - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -100,7 +98,6 @@ static_resources: address: service2 port_value: 8000 - name: zipkin - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/examples/zipkin-tracing/service2-envoy-zipkin.yaml b/examples/zipkin-tracing/service2-envoy-zipkin.yaml index be152059d234..2078d93d0077 100644 --- a/examples/zipkin-tracing/service2-envoy-zipkin.yaml +++ b/examples/zipkin-tracing/service2-envoy-zipkin.yaml @@ -38,7 +38,6 @@ static_resources: typed_config: {} clusters: - name: local_service - connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: @@ -51,7 +50,6 @@ static_resources: address: 127.0.0.1 port_value: 8080 - name: zipkin - connect_timeout: 1s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: diff --git a/generated_api_shadow/BUILD b/generated_api_shadow/BUILD index 04b94ff211fd..cb40c29c8e40 100644 --- a/generated_api_shadow/BUILD +++ b/generated_api_shadow/BUILD @@ -17,104 +17,42 @@ proto_library( "//envoy/api/v2/listener:pkg", "//envoy/api/v2/ratelimit:pkg", "//envoy/api/v2/route:pkg", - "//envoy/config/accesslog/v2:pkg", "//envoy/config/bootstrap/v2:pkg", - "//envoy/config/cluster/aggregate/v2alpha:pkg", "//envoy/config/cluster/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/cluster/redis:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/filter/accesslog/v2:pkg", - "//envoy/config/filter/dubbo/router/v2alpha1:pkg", "//envoy/config/filter/fault/v2:pkg", - "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", - "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", - "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", - "//envoy/config/filter/http/buffer/v2:pkg", - "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/filter/http/compressor/v2:pkg", - "//envoy/config/filter/http/cors/v2:pkg", - "//envoy/config/filter/http/csrf/v2:pkg", - "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", - "//envoy/config/filter/http/dynamo/v2:pkg", "//envoy/config/filter/http/ext_authz/v2:pkg", - "//envoy/config/filter/http/fault/v2:pkg", - "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", - "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", - "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", - "//envoy/config/filter/http/grpc_web/v2:pkg", "//envoy/config/filter/http/gzip/v2:pkg", - "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/config/filter/http/health_check/v2:pkg", "//envoy/config/filter/http/ip_tagging/v2:pkg", - "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", - "//envoy/config/filter/http/lua/v2:pkg", - "//envoy/config/filter/http/on_demand/v2:pkg", - "//envoy/config/filter/http/original_src/v2alpha1:pkg", - "//envoy/config/filter/http/rate_limit/v2:pkg", - "//envoy/config/filter/http/rbac/v2:pkg", - "//envoy/config/filter/http/router/v2:pkg", - "//envoy/config/filter/http/squash/v2:pkg", - "//envoy/config/filter/http/tap/v2alpha:pkg", - "//envoy/config/filter/http/transcoder/v2:pkg", - "//envoy/config/filter/listener/http_inspector/v2:pkg", - "//envoy/config/filter/listener/original_dst/v2:pkg", - "//envoy/config/filter/listener/original_src/v2alpha1:pkg", - "//envoy/config/filter/listener/proxy_protocol/v2:pkg", - "//envoy/config/filter/listener/tls_inspector/v2:pkg", - "//envoy/config/filter/network/client_ssl_auth/v2:pkg", - "//envoy/config/filter/network/direct_response/v2:pkg", - "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", - "//envoy/config/filter/network/echo/v2:pkg", - "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/config/filter/network/http_connection_manager/v2:pkg", - "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", - "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", - "//envoy/config/filter/network/mongo_proxy/v2:pkg", - "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", - "//envoy/config/filter/network/rate_limit/v2:pkg", - "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/filter/network/redis_proxy/v2:pkg", - "//envoy/config/filter/network/sni_cluster/v2:pkg", "//envoy/config/filter/network/tcp_proxy/v2:pkg", "//envoy/config/filter/network/thrift_proxy/v2alpha1:pkg", - "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", - "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", - "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", - "//envoy/config/grpc_credential/v2alpha:pkg", "//envoy/config/health_checker/redis/v2:pkg", "//envoy/config/listener/v2:pkg", "//envoy/config/metrics/v2:pkg", "//envoy/config/overload/v2alpha:pkg", - "//envoy/config/ratelimit/v2:pkg", - "//envoy/config/rbac/v2:pkg", "//envoy/config/resource_monitor/fixed_heap/v2alpha:pkg", "//envoy/config/resource_monitor/injected_resource/v2alpha:pkg", "//envoy/config/retry/omit_canary_hosts/v2:pkg", - "//envoy/config/retry/omit_host_metadata/v2:pkg", "//envoy/config/retry/previous_hosts/v2:pkg", - "//envoy/config/retry/previous_priorities:pkg", "//envoy/config/trace/v2:pkg", "//envoy/config/trace/v2alpha:pkg", "//envoy/config/transport_socket/alts/v2alpha:pkg", - "//envoy/config/transport_socket/raw_buffer/v2:pkg", - "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", - "//envoy/data/cluster/v2alpha:pkg", - "//envoy/data/core/v2alpha:pkg", - "//envoy/data/dns/v2alpha:pkg", "//envoy/data/tap/v2alpha:pkg", "//envoy/service/accesslog/v2:pkg", "//envoy/service/auth/v2:pkg", "//envoy/service/discovery/v2:pkg", - "//envoy/service/event_reporting/v2alpha:pkg", "//envoy/service/load_stats/v2:pkg", "//envoy/service/metrics/v2:pkg", "//envoy/service/ratelimit/v2:pkg", "//envoy/service/status/v2:pkg", "//envoy/service/tap/v2alpha:pkg", - "//envoy/service/trace/v2:pkg", "//envoy/type:pkg", "//envoy/type/matcher:pkg", "//envoy/type/metadata/v2:pkg", @@ -175,8 +113,10 @@ proto_library( "//envoy/extensions/filters/common/matcher/action/v3:pkg", "//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg", "//envoy/extensions/filters/http/admission_control/v3alpha:pkg", + "//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg", "//envoy/extensions/filters/http/aws_lambda/v3:pkg", "//envoy/extensions/filters/http/aws_request_signing/v3:pkg", + "//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg", "//envoy/extensions/filters/http/buffer/v3:pkg", "//envoy/extensions/filters/http/cache/v3alpha:pkg", "//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg", @@ -209,6 +149,7 @@ proto_library( "//envoy/extensions/filters/http/ratelimit/v3:pkg", "//envoy/extensions/filters/http/rbac/v3:pkg", "//envoy/extensions/filters/http/router/v3:pkg", + "//envoy/extensions/filters/http/set_metadata/v3:pkg", "//envoy/extensions/filters/http/squash/v3:pkg", "//envoy/extensions/filters/http/tap/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", @@ -218,6 +159,7 @@ proto_library( "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", "//envoy/extensions/filters/listener/tls_inspector/v3:pkg", "//envoy/extensions/filters/network/client_ssl_auth/v3:pkg", + "//envoy/extensions/filters/network/connection_limit/v3:pkg", "//envoy/extensions/filters/network/direct_response/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg", "//envoy/extensions/filters/network/dubbo_proxy/v3:pkg", @@ -243,6 +185,7 @@ proto_library( "//envoy/extensions/filters/network/zookeeper_proxy/v3:pkg", "//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg", "//envoy/extensions/filters/udp/udp_proxy/v3:pkg", + "//envoy/extensions/formatter/req_without_query/v3:pkg", "//envoy/extensions/health_checkers/redis/v3:pkg", "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg", "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg", @@ -253,6 +196,8 @@ proto_library( "//envoy/extensions/matching/common_inputs/environment_variable/v3:pkg", "//envoy/extensions/matching/input_matchers/consistent_hashing/v3:pkg", "//envoy/extensions/network/socket_interface/v3:pkg", + "//envoy/extensions/quic/crypto_stream/v3:pkg", + "//envoy/extensions/quic/proof_source/v3:pkg", "//envoy/extensions/rate_limit_descriptors/expr/v3:pkg", "//envoy/extensions/request_id/uuid/v3:pkg", "//envoy/extensions/resource_monitors/fixed_heap/v3:pkg", @@ -261,6 +206,7 @@ proto_library( "//envoy/extensions/retry/host/omit_host_metadata/v3:pkg", "//envoy/extensions/retry/host/previous_hosts/v3:pkg", "//envoy/extensions/retry/priority/previous_priorities/v3:pkg", + "//envoy/extensions/stat_sinks/graphite_statsd/v3:pkg", "//envoy/extensions/stat_sinks/wasm/v3:pkg", "//envoy/extensions/transport_sockets/alts/v3:pkg", "//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg", diff --git a/generated_api_shadow/bazel/repository_locations.bzl b/generated_api_shadow/bazel/repository_locations.bzl index 9d8159c5fd01..f2685aaeb014 100644 --- a/generated_api_shadow/bazel/repository_locations.bzl +++ b/generated_api_shadow/bazel/repository_locations.bzl @@ -6,19 +6,19 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/bazelbuild/bazel-skylib", version = "1.0.3", sha256 = "1c531376ac7e5a180e0237938a2536de0c54d93f5c278634818e0efc952dd56c", - urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], release_date = "2020-08-27", + urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/{version}/bazel-skylib-{version}.tar.gz"], use_category = ["api"], ), com_envoyproxy_protoc_gen_validate = dict( project_name = "protoc-gen-validate (PGV)", project_desc = "protoc plugin to generate polyglot message validators", project_url = "https://github.com/envoyproxy/protoc-gen-validate", - version = "9db8e779b46119eef7d67e3d1120c118d593611c", - sha256 = "a3bfcf965499bfb17299a6931325eab653f99306dac413a5205e4b65e6ab027d", + version = "0.6.1", + sha256 = "c695fc5a2e5a1b52904cd8a58ce7a1c3a80f7f50719496fd606e551685c01101", + release_date = "2021-04-26", strip_prefix = "protoc-gen-validate-{version}", - urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/{version}.tar.gz"], - release_date = "2021-03-16", + urls = ["https://github.com/envoyproxy/protoc-gen-validate/archive/v{version}.tar.gz"], use_category = ["api"], implied_untracked_deps = [ "com_github_iancoleman_strcase", @@ -32,11 +32,11 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_name = "Bazel build tools", project_desc = "Developer tools for working with Google's bazel buildtool.", project_url = "https://github.com/bazelbuild/buildtools", - version = "4.0.0", - sha256 = "0d3ca4ed434958dda241fb129f77bd5ef0ce246250feed2d5a5470c6f29a77fa", - strip_prefix = "buildtools-4.0.0", - urls = ["https://github.com/bazelbuild/buildtools/archive/4.0.0.tar.gz"], - release_date = "2021-02-03", + version = "4.0.1", + sha256 = "c28eef4d30ba1a195c6837acf6c75a4034981f5b4002dda3c5aa6e48ce023cf1", + release_date = "2021-03-01", + strip_prefix = "buildtools-{version}", + urls = ["https://github.com/bazelbuild/buildtools/archive/{version}.tar.gz"], use_category = ["api"], ), com_github_cncf_udpa = dict( @@ -46,20 +46,20 @@ REPOSITORY_LOCATIONS_SPEC = dict( # During the UDPA -> xDS migration, we aren't working with releases. version = "b88cc788a63e5b38ee334a2e702c67901355ae2c", sha256 = "3220df8564f217665b6e17776569c5f748178c2b9cbf83bb55a13ddc0a3738f0", + release_date = "2021-03-23", strip_prefix = "xds-{version}", urls = ["https://github.com/cncf/xds/archive/{version}.tar.gz"], - release_date = "2021-03-23", use_category = ["api"], ), com_github_openzipkin_zipkinapi = dict( project_name = "Zipkin API", project_desc = "Zipkin's language independent model and HTTP Api Definitions", project_url = "https://github.com/openzipkin/zipkin-api", - version = "0.2.2", - sha256 = "688c4fe170821dd589f36ec45aaadc03a618a40283bc1f97da8fa11686fc816b", + version = "1.0.0", + sha256 = "6c8ee2014cf0746ba452e5f2c01f038df60e85eb2d910b226f9aa27ddc0e44cf", + release_date = "2020-11-22", strip_prefix = "zipkin-api-{version}", urls = ["https://github.com/openzipkin/zipkin-api/archive/{version}.tar.gz"], - release_date = "2019-08-23", use_category = ["api"], ), com_google_googleapis = dict( @@ -69,9 +69,9 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/googleapis/googleapis", version = "82944da21578a53b74e547774cf62ed31a05b841", sha256 = "a45019af4d3290f02eaeb1ce10990166978c807cb33a9692141a076ba46d1405", + release_date = "2019-12-02", strip_prefix = "googleapis-{version}", urls = ["https://github.com/googleapis/googleapis/archive/{version}.tar.gz"], - release_date = "2019-12-02", use_category = ["api"], ), opencensus_proto = dict( @@ -80,42 +80,42 @@ REPOSITORY_LOCATIONS_SPEC = dict( project_url = "https://github.com/census-instrumentation/opencensus-proto", version = "0.3.0", sha256 = "b7e13f0b4259e80c3070b583c2f39e53153085a6918718b1c710caf7037572b0", + release_date = "2020-07-21", strip_prefix = "opencensus-proto-{version}/src", urls = ["https://github.com/census-instrumentation/opencensus-proto/archive/v{version}.tar.gz"], - release_date = "2020-07-21", use_category = ["api"], ), prometheus_metrics_model = dict( project_name = "Prometheus client model", project_desc = "Data model artifacts for Prometheus", project_url = "https://github.com/prometheus/client_model", - version = "60555c9708c786597e6b07bf846d0dc5c2a46f54", - sha256 = "6748b42f6879ad4d045c71019d2512c94be3dd86f60965e9e31e44a3f464323e", + version = "0255a22d35ad5661ef7aa89c95fdf5dfd685283f", + sha256 = "a83fd26a80c5f9b82d1231448141a148c1d7a0c8f581ddf49fdbd8c1545e5661", + release_date = "2021-01-16", strip_prefix = "client_model-{version}", urls = ["https://github.com/prometheus/client_model/archive/{version}.tar.gz"], - release_date = "2020-06-23", use_category = ["api"], ), rules_proto = dict( project_name = "Protobuf Rules for Bazel", project_desc = "Protocol buffer rules for Bazel", project_url = "https://github.com/bazelbuild/rules_proto", - version = "40298556293ae502c66579620a7ce867d5f57311", - sha256 = "aa1ee19226f707d44bee44c720915199c20c84a23318bb0597ed4e5c873ccbd5", + version = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf", + sha256 = "9fc210a34f0f9e7cc31598d109b5d069ef44911a82f507d5a88716db171615a8", + release_date = "2021-02-09", strip_prefix = "rules_proto-{version}", urls = ["https://github.com/bazelbuild/rules_proto/archive/{version}.tar.gz"], - release_date = "2020-08-17", use_category = ["api"], ), opentelemetry_proto = dict( project_name = "OpenTelemetry Proto", project_desc = "Language Independent Interface Types For OpenTelemetry", project_url = "https://github.com/open-telemetry/opentelemetry-proto", - version = "0.7.0", - sha256 = "39cc1fb45039c7687354ca497aff8a55c71d0f1e484f6b81124ba9d821c36441", + version = "0.9.0", + sha256 = "9ec38ab51eedbd7601979b0eda962cf37bc8a4dc35fcef604801e463f01dcc00", + release_date = "2021-05-12", strip_prefix = "opentelemetry-proto-{version}", urls = ["https://github.com/open-telemetry/opentelemetry-proto/archive/v{version}.tar.gz"], - release_date = "2020-12-09", use_category = ["api"], ), ) diff --git a/generated_api_shadow/envoy/config/accesslog/v3/accesslog.proto b/generated_api_shadow/envoy/config/accesslog/v3/accesslog.proto index dc3e611b6c1a..2161f80478c2 100644 --- a/generated_api_shadow/envoy/config/accesslog/v3/accesslog.proto +++ b/generated_api_shadow/envoy/config/accesslog/v3/accesslog.proto @@ -247,6 +247,7 @@ message ResponseFlagFilter { in: "DT" in: "UPE" in: "NC" + in: "OM" } } }]; diff --git a/generated_api_shadow/envoy/config/accesslog/v4alpha/accesslog.proto b/generated_api_shadow/envoy/config/accesslog/v4alpha/accesslog.proto index 7559a3b82c79..3e0c7f53598c 100644 --- a/generated_api_shadow/envoy/config/accesslog/v4alpha/accesslog.proto +++ b/generated_api_shadow/envoy/config/accesslog/v4alpha/accesslog.proto @@ -245,6 +245,7 @@ message ResponseFlagFilter { in: "DT" in: "UPE" in: "NC" + in: "OM" } } }]; diff --git a/generated_api_shadow/envoy/config/bootstrap/v3/bootstrap.proto b/generated_api_shadow/envoy/config/bootstrap/v3/bootstrap.proto index 20470800201d..32d865f1abf1 100644 --- a/generated_api_shadow/envoy/config/bootstrap/v3/bootstrap.proto +++ b/generated_api_shadow/envoy/config/bootstrap/v3/bootstrap.proto @@ -9,6 +9,7 @@ import "envoy/config/core/v3/base.proto"; import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/event_service_config.proto"; import "envoy/config/core/v3/extension.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/config/core/v3/socket_option.proto"; import "envoy/config/listener/v3/listener.proto"; import "envoy/config/metrics/v3/stats.proto"; @@ -39,7 +40,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // ` for more detail. // Bootstrap :ref:`configuration overview `. -// [#next-free-field: 30] +// [#next-free-field: 31] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Bootstrap"; @@ -248,7 +249,16 @@ message Bootstrap { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 20; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 20 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + // This may be overridden on a per-cluster basis in cds_config, when + // :ref:`dns_resolution_config ` + // is specified. + core.v3.DnsResolutionConfig dns_resolution_config = 30; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. diff --git a/generated_api_shadow/envoy/config/bootstrap/v4alpha/bootstrap.proto b/generated_api_shadow/envoy/config/bootstrap/v4alpha/bootstrap.proto index b572cd301959..00f640675453 100644 --- a/generated_api_shadow/envoy/config/bootstrap/v4alpha/bootstrap.proto +++ b/generated_api_shadow/envoy/config/bootstrap/v4alpha/bootstrap.proto @@ -9,6 +9,7 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/event_service_config.proto"; import "envoy/config/core/v4alpha/extension.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/config/core/v4alpha/socket_option.proto"; import "envoy/config/listener/v4alpha/listener.proto"; import "envoy/config/metrics/v4alpha/stats.proto"; @@ -38,7 +39,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // ` for more detail. // Bootstrap :ref:`configuration overview `. -// [#next-free-field: 30] +// [#next-free-field: 31] message Bootstrap { option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v3.Bootstrap"; @@ -246,7 +247,16 @@ message Bootstrap { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 20; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool hidden_envoy_deprecated_use_tcp_for_dns_lookups = 20 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + // This may be overridden on a per-cluster basis in cds_config, when + // :ref:`dns_resolution_config ` + // is specified. + core.v4alpha.DnsResolutionConfig dns_resolution_config = 30; // Specifies optional bootstrap extensions to be instantiated at startup time. // Each item contains extension specific configuration. diff --git a/generated_api_shadow/envoy/config/cluster/v3/cluster.proto b/generated_api_shadow/envoy/config/cluster/v3/cluster.proto index d9e64b44ce88..3311955725fa 100644 --- a/generated_api_shadow/envoy/config/cluster/v3/cluster.proto +++ b/generated_api_shadow/envoy/config/cluster/v3/cluster.proto @@ -11,6 +11,7 @@ import "envoy/config/core/v3/config_source.proto"; import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/health_check.proto"; import "envoy/config/core/v3/protocol.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/extensions/transport_sockets/tls/v3/tls.proto"; import "envoy/type/v3/percent.proto"; @@ -43,7 +44,7 @@ message ClusterCollection { } // Configuration for a single upstream cluster. -// [#next-free-field: 53] +// [#next-free-field: 54] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster"; @@ -415,8 +416,8 @@ message Cluster { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. - // The table size must be prime number. If it is not specified, the default is 65537. - google.protobuf.UInt64Value table_size = 1; + // The table size must be prime number limited to 5000011. If it is not specified, the default is 65537. + google.protobuf.UInt64Value table_size = 1 [(validate.rules).uint64 = {lte: 5000011}]; } // Specific configuration for the @@ -859,14 +860,22 @@ message Cluster { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. - repeated core.v3.Address dns_resolvers = 18; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + repeated core.v3.Address dns_resolvers = 18 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; - // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 45; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 45 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + core.v3.DnsResolutionConfig dns_resolution_config = 53; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via diff --git a/generated_api_shadow/envoy/config/cluster/v3/filter.proto b/generated_api_shadow/envoy/config/cluster/v3/filter.proto index 74f4a1137dab..7d11b87bcd5d 100644 --- a/generated_api_shadow/envoy/config/cluster/v3/filter.proto +++ b/generated_api_shadow/envoy/config/cluster/v3/filter.proto @@ -20,7 +20,8 @@ message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.cluster.Filter"; // The name of the filter to instantiate. The name must match a - // :ref:`supported filter `. + // supported upstream filter. Note that Envoy's :ref:`downstream network + // filters ` are not valid upstream filters. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being diff --git a/generated_api_shadow/envoy/config/cluster/v4alpha/cluster.proto b/generated_api_shadow/envoy/config/cluster/v4alpha/cluster.proto index d637591a2251..aac4cc1920a2 100644 --- a/generated_api_shadow/envoy/config/cluster/v4alpha/cluster.proto +++ b/generated_api_shadow/envoy/config/cluster/v4alpha/cluster.proto @@ -11,6 +11,7 @@ import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/health_check.proto"; import "envoy/config/core/v4alpha/protocol.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; @@ -44,7 +45,7 @@ message ClusterCollection { } // Configuration for a single upstream cluster. -// [#next-free-field: 53] +// [#next-free-field: 54] message Cluster { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Cluster"; @@ -417,8 +418,8 @@ message Cluster { // The table size for Maglev hashing. The Maglev aims for ‘minimal disruption’ rather than an absolute guarantee. // Minimal disruption means that when the set of upstreams changes, a connection will likely be sent to the same // upstream as it was before. Increasing the table size reduces the amount of disruption. - // The table size must be prime number. If it is not specified, the default is 65537. - google.protobuf.UInt64Value table_size = 1; + // The table size must be prime number limited to 5000011. If it is not specified, the default is 65537. + google.protobuf.UInt64Value table_size = 1 [(validate.rules).uint64 = {lte: 5000011}]; } // Specific configuration for the @@ -867,14 +868,22 @@ message Cluster { // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple's API only allows overriding DNS resolvers via system settings. - repeated core.v4alpha.Address dns_resolvers = 18; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + repeated core.v4alpha.Address hidden_envoy_deprecated_dns_resolvers = 18 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; - // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 45; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool hidden_envoy_deprecated_use_tcp_for_dns_lookups = 45 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + core.v4alpha.DnsResolutionConfig dns_resolution_config = 53; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via diff --git a/generated_api_shadow/envoy/config/cluster/v4alpha/filter.proto b/generated_api_shadow/envoy/config/cluster/v4alpha/filter.proto index 5a4a4facbd81..d478fd34f1c7 100644 --- a/generated_api_shadow/envoy/config/cluster/v4alpha/filter.proto +++ b/generated_api_shadow/envoy/config/cluster/v4alpha/filter.proto @@ -20,7 +20,8 @@ message Filter { option (udpa.annotations.versioning).previous_message_type = "envoy.config.cluster.v3.Filter"; // The name of the filter to instantiate. The name must match a - // :ref:`supported filter `. + // supported upstream filter. Note that Envoy's :ref:`downstream network + // filters ` are not valid upstream filters. string name = 1 [(validate.rules).string = {min_len: 1}]; // Filter specific configuration which depends on the filter being diff --git a/generated_api_shadow/envoy/config/core/v3/protocol.proto b/generated_api_shadow/envoy/config/core/v3/protocol.proto index bb1998828464..cf98e537261a 100644 --- a/generated_api_shadow/envoy/config/core/v3/protocol.proto +++ b/generated_api_shadow/envoy/config/core/v3/protocol.proto @@ -244,10 +244,8 @@ message Http1ProtocolOptions { message KeepaliveSettings { // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. - google.protobuf.Duration interval = 1 [(validate.rules).duration = { - required: true - gte {nanos: 1000000} - }]; + // If this is zero, interval PINGs will not be sent. + google.protobuf.Duration interval = 1 [(validate.rules).duration = {gte {nanos: 1000000}}]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. @@ -260,6 +258,14 @@ message KeepaliveSettings { // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; + + // If the connection has been idle for this duration, send a HTTP/2 ping ahead + // of new stream creation, to quickly detect dead connections. + // If this is zero, this type of PING will not be sent. + // If an interval ping is outstanding, a second ping will not be sent as the + // interval ping will determine if the connection is dead. + google.protobuf.Duration connection_idle_interval = 4 + [(validate.rules).duration = {gte {nanos: 1000000}}]; } // [#next-free-field: 16] diff --git a/generated_api_shadow/envoy/config/core/v3/resolver.proto b/generated_api_shadow/envoy/config/core/v3/resolver.proto new file mode 100644 index 000000000000..21d40425f7a6 --- /dev/null +++ b/generated_api_shadow/envoy/config/core/v3/resolver.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "envoy/config/core/v3/address.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "ResolverProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Resolver] + +// Configuration of DNS resolver option flags which control the behavior of the DNS resolver. +message DnsResolverOptions { + // Use TCP for all DNS queries instead of the default protocol UDP. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only uses UDP for DNS resolution. + bool use_tcp_for_dns_lookups = 1; + + // Do not use the default search domains; only query hostnames as-is or as aliases. + bool no_default_search_domain = 2; +} + +// DNS resolution configuration which includes the underlying dns resolver addresses and options. +message DnsResolutionConfig { + // A list of dns resolver addresses. If specified, the DNS client library will perform resolution + // via the underlying DNS resolvers. Otherwise, the default system resolvers + // (e.g., /etc/resolv.conf) will be used. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only allows overriding DNS resolvers via system settings. + repeated Address resolvers = 1 [(validate.rules).repeated = {min_items: 1}]; + + // Configuration of DNS resolver option flags which control the behavior of the DNS resolver. + DnsResolverOptions dns_resolver_options = 2; +} diff --git a/generated_api_shadow/envoy/config/core/v3/substitution_format_string.proto b/generated_api_shadow/envoy/config/core/v3/substitution_format_string.proto index 85eeabe66219..b2a1c5e13ee4 100644 --- a/generated_api_shadow/envoy/config/core/v3/substitution_format_string.proto +++ b/generated_api_shadow/envoy/config/core/v3/substitution_format_string.proto @@ -109,5 +109,6 @@ message SubstitutionFormatString { // Specifies a collection of Formatter plugins that can be called from the access log configuration. // See the formatters extensions documentation for details. + // [#extension-category: envoy.formatter] repeated TypedExtensionConfig formatters = 6; } diff --git a/generated_api_shadow/envoy/config/core/v4alpha/protocol.proto b/generated_api_shadow/envoy/config/core/v4alpha/protocol.proto index ba1c933eeb4d..857bbef739f1 100644 --- a/generated_api_shadow/envoy/config/core/v4alpha/protocol.proto +++ b/generated_api_shadow/envoy/config/core/v4alpha/protocol.proto @@ -253,10 +253,8 @@ message KeepaliveSettings { "envoy.config.core.v3.KeepaliveSettings"; // Send HTTP/2 PING frames at this period, in order to test that the connection is still alive. - google.protobuf.Duration interval = 1 [(validate.rules).duration = { - required: true - gte {nanos: 1000000} - }]; + // If this is zero, interval PINGs will not be sent. + google.protobuf.Duration interval = 1 [(validate.rules).duration = {gte {nanos: 1000000}}]; // How long to wait for a response to a keepalive PING. If a response is not received within this // time period, the connection will be aborted. @@ -269,6 +267,14 @@ message KeepaliveSettings { // A value of zero means there will be no jitter. // The default value is 15%. type.v3.Percent interval_jitter = 3; + + // If the connection has been idle for this duration, send a HTTP/2 ping ahead + // of new stream creation, to quickly detect dead connections. + // If this is zero, this type of PING will not be sent. + // If an interval ping is outstanding, a second ping will not be sent as the + // interval ping will determine if the connection is dead. + google.protobuf.Duration connection_idle_interval = 4 + [(validate.rules).duration = {gte {nanos: 1000000}}]; } // [#next-free-field: 16] diff --git a/generated_api_shadow/envoy/config/core/v4alpha/resolver.proto b/generated_api_shadow/envoy/config/core/v4alpha/resolver.proto new file mode 100644 index 000000000000..4849a54161ce --- /dev/null +++ b/generated_api_shadow/envoy/config/core/v4alpha/resolver.proto @@ -0,0 +1,48 @@ +syntax = "proto3"; + +package envoy.config.core.v4alpha; + +import "envoy/config/core/v4alpha/address.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v4alpha"; +option java_outer_classname = "ResolverProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Resolver] + +// Configuration of DNS resolver option flags which control the behavior of the DNS resolver. +message DnsResolverOptions { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.core.v3.DnsResolverOptions"; + + // Use TCP for all DNS queries instead of the default protocol UDP. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only uses UDP for DNS resolution. + bool use_tcp_for_dns_lookups = 1; + + // Do not use the default search domains; only query hostnames as-is or as aliases. + bool no_default_search_domain = 2; +} + +// DNS resolution configuration which includes the underlying dns resolver addresses and options. +message DnsResolutionConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.core.v3.DnsResolutionConfig"; + + // A list of dns resolver addresses. If specified, the DNS client library will perform resolution + // via the underlying DNS resolvers. Otherwise, the default system resolvers + // (e.g., /etc/resolv.conf) will be used. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple's API only allows overriding DNS resolvers via system settings. + repeated Address resolvers = 1 [(validate.rules).repeated = {min_items: 1}]; + + // Configuration of DNS resolver option flags which control the behavior of the DNS resolver. + DnsResolverOptions dns_resolver_options = 2; +} diff --git a/generated_api_shadow/envoy/config/core/v4alpha/substitution_format_string.proto b/generated_api_shadow/envoy/config/core/v4alpha/substitution_format_string.proto index c58e7dabf6b7..8bb1a9e53e56 100644 --- a/generated_api_shadow/envoy/config/core/v4alpha/substitution_format_string.proto +++ b/generated_api_shadow/envoy/config/core/v4alpha/substitution_format_string.proto @@ -113,5 +113,6 @@ message SubstitutionFormatString { // Specifies a collection of Formatter plugins that can be called from the access log configuration. // See the formatters extensions documentation for details. + // [#extension-category: envoy.formatter] repeated TypedExtensionConfig formatters = 6; } diff --git a/generated_api_shadow/envoy/config/filter/http/gzip/v2/gzip.proto b/generated_api_shadow/envoy/config/filter/http/gzip/v2/gzip.proto index f3601b612b02..0c134c6208b1 100644 --- a/generated_api_shadow/envoy/config/filter/http/gzip/v2/gzip.proto +++ b/generated_api_shadow/envoy/config/filter/http/gzip/v2/gzip.proto @@ -17,8 +17,6 @@ option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.filte option (udpa.annotations.file_status).package_version_status = FROZEN; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 11] message Gzip { diff --git a/generated_api_shadow/envoy/config/grpc_credential/v3/BUILD b/generated_api_shadow/envoy/config/grpc_credential/v3/BUILD index 9511b184cb43..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/config/grpc_credential/v3/BUILD +++ b/generated_api_shadow/envoy/config/grpc_credential/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/grpc_credential/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/config/listener/v3/quic_config.proto b/generated_api_shadow/envoy/config/listener/v3/quic_config.proto index 69df722c6fbb..1432e1911b5d 100644 --- a/generated_api_shadow/envoy/config/listener/v3/quic_config.proto +++ b/generated_api_shadow/envoy/config/listener/v3/quic_config.proto @@ -3,12 +3,15 @@ syntax = "proto3"; package envoy.config.listener.v3; import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/extension.proto"; import "envoy/config/core/v3/protocol.proto"; import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v3"; option java_outer_classname = "QuicConfigProto"; @@ -18,6 +21,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: QUIC listener config] // Configuration specific to the UDP QUIC listener. +// [#next-free-field: 8] message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.listener.QuicProtocolOptions"; @@ -35,4 +39,24 @@ message QuicProtocolOptions { // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v3.RuntimeFeatureFlag enabled = 4; + + // A multiplier to number of connections which is used to determine how many packets to read per + // event loop. A reasonable number should allow the listener to process enough payload but not + // starve TCP and other UDP sockets and also prevent long event loop duration. + // The default value is 32. This means if there are N QUIC connections, the total number of + // packets to read in each read event will be 32 * N. + // The actual number of packets to read in total by the UDP listener is also + // bound by 6000, regardless of this field or how many connections there are. + google.protobuf.UInt32Value packets_to_read_to_connection_count_ratio = 5 + [(validate.rules).uint32 = {gte: 1}]; + + // Configure which implementation of `quic::QuicCryptoClientStreamBase` to be used for this listener. + // If not specified the :ref:`QUICHE default one configured by ` will be used. + // [#extension-category: envoy.quic.server.crypto_stream] + core.v3.TypedExtensionConfig crypto_stream_config = 6; + + // Configure which implementation of `quic::ProofSource` to be used for this listener. + // If not specified the :ref:`default one configured by ` will be used. + // [#extension-category: envoy.quic.proof_source] + core.v3.TypedExtensionConfig proof_source_config = 7; } diff --git a/generated_api_shadow/envoy/config/listener/v4alpha/quic_config.proto b/generated_api_shadow/envoy/config/listener/v4alpha/quic_config.proto index c9e218137ae2..0b6d6bd7584c 100644 --- a/generated_api_shadow/envoy/config/listener/v4alpha/quic_config.proto +++ b/generated_api_shadow/envoy/config/listener/v4alpha/quic_config.proto @@ -3,12 +3,15 @@ syntax = "proto3"; package envoy.config.listener.v4alpha; import "envoy/config/core/v4alpha/base.proto"; +import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/protocol.proto"; import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.config.listener.v4alpha"; option java_outer_classname = "QuicConfigProto"; @@ -18,6 +21,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // [#protodoc-title: QUIC listener config] // Configuration specific to the UDP QUIC listener. +// [#next-free-field: 8] message QuicProtocolOptions { option (udpa.annotations.versioning).previous_message_type = "envoy.config.listener.v3.QuicProtocolOptions"; @@ -35,4 +39,24 @@ message QuicProtocolOptions { // Runtime flag that controls whether the listener is enabled or not. If not specified, defaults // to enabled. core.v4alpha.RuntimeFeatureFlag enabled = 4; + + // A multiplier to number of connections which is used to determine how many packets to read per + // event loop. A reasonable number should allow the listener to process enough payload but not + // starve TCP and other UDP sockets and also prevent long event loop duration. + // The default value is 32. This means if there are N QUIC connections, the total number of + // packets to read in each read event will be 32 * N. + // The actual number of packets to read in total by the UDP listener is also + // bound by 6000, regardless of this field or how many connections there are. + google.protobuf.UInt32Value packets_to_read_to_connection_count_ratio = 5 + [(validate.rules).uint32 = {gte: 1}]; + + // Configure which implementation of `quic::QuicCryptoClientStreamBase` to be used for this listener. + // If not specified the :ref:`QUICHE default one configured by ` will be used. + // [#extension-category: envoy.quic.server.crypto_stream] + core.v4alpha.TypedExtensionConfig crypto_stream_config = 6; + + // Configure which implementation of `quic::ProofSource` to be used for this listener. + // If not specified the :ref:`default one configured by ` will be used. + // [#extension-category: envoy.quic.proof_source] + core.v4alpha.TypedExtensionConfig proof_source_config = 7; } diff --git a/generated_api_shadow/envoy/config/ratelimit/v3/BUILD b/generated_api_shadow/envoy/config/ratelimit/v3/BUILD index c7e05372b857..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/config/ratelimit/v3/BUILD +++ b/generated_api_shadow/envoy/config/ratelimit/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/ratelimit/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/config/rbac/v3/BUILD b/generated_api_shadow/envoy/config/rbac/v3/BUILD index bf5d6038a261..c5246439c7b5 100644 --- a/generated_api_shadow/envoy/config/rbac/v3/BUILD +++ b/generated_api_shadow/envoy/config/rbac/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( deps = [ "//envoy/annotations:pkg", "//envoy/config/core/v3:pkg", - "//envoy/config/rbac/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/generated_api_shadow/envoy/config/rbac/v3/rbac.proto b/generated_api_shadow/envoy/config/rbac/v3/rbac.proto index 3d9c9c2627ed..3b7f79d605df 100644 --- a/generated_api_shadow/envoy/config/rbac/v3/rbac.proto +++ b/generated_api_shadow/envoy/config/rbac/v3/rbac.proto @@ -25,9 +25,9 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a -// service. RBAC policies are additive. The policies are examined in order. Requests are allowed -// or denied based on the `action` and whether a matching policy is found. For instance, if the -// action is ALLOW and a matching policy is found the request should be allowed. +// service. Requests are allowed or denied based on the `action` and whether a matching policy is +// found. For instance, if the action is ALLOW and a matching policy is found the request should be +// allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the @@ -105,6 +105,7 @@ message RBAC { Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. + // The policies are evaluated in lexicographic order of the policy name. map policies = 2; } diff --git a/generated_api_shadow/envoy/config/rbac/v4alpha/rbac.proto b/generated_api_shadow/envoy/config/rbac/v4alpha/rbac.proto index e373d0a3ee34..7006099d4169 100644 --- a/generated_api_shadow/envoy/config/rbac/v4alpha/rbac.proto +++ b/generated_api_shadow/envoy/config/rbac/v4alpha/rbac.proto @@ -24,9 +24,9 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // [#protodoc-title: Role Based Access Control (RBAC)] // Role Based Access Control (RBAC) provides service-level and method-level access control for a -// service. RBAC policies are additive. The policies are examined in order. Requests are allowed -// or denied based on the `action` and whether a matching policy is found. For instance, if the -// action is ALLOW and a matching policy is found the request should be allowed. +// service. Requests are allowed or denied based on the `action` and whether a matching policy is +// found. For instance, if the action is ALLOW and a matching policy is found the request should be +// allowed. // // RBAC can also be used to make access logging decisions by communicating with access loggers // through dynamic metadata. When the action is LOG and at least one policy matches, the @@ -104,6 +104,7 @@ message RBAC { Action action = 1 [(validate.rules).enum = {defined_only: true}]; // Maps from policy name to policy. A match occurs when at least one policy matches the request. + // The policies are evaluated in lexicographic order of the policy name. map policies = 2; } diff --git a/generated_api_shadow/envoy/config/route/v3/route_components.proto b/generated_api_shadow/envoy/config/route/v3/route_components.proto index 1b70f539c2c0..b8f03cde3a9d 100644 --- a/generated_api_shadow/envoy/config/route/v3/route_components.proto +++ b/generated_api_shadow/envoy/config/route/v3/route_components.proto @@ -1916,8 +1916,8 @@ message HeaderMatcher { // "-1somestring" type.v3.Int64Range range_match = 6; - // If specified, header match will be performed based on whether the header is in the - // request. + // If specified as true, header match will be performed based on whether the header is in the + // request. If specified as false, header match will be performed based on whether the header is absent. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. diff --git a/generated_api_shadow/envoy/config/route/v4alpha/route_components.proto b/generated_api_shadow/envoy/config/route/v4alpha/route_components.proto index 34d3762bfdde..6b8c146582a3 100644 --- a/generated_api_shadow/envoy/config/route/v4alpha/route_components.proto +++ b/generated_api_shadow/envoy/config/route/v4alpha/route_components.proto @@ -1915,8 +1915,8 @@ message HeaderMatcher { // "-1somestring" type.v3.Int64Range range_match = 6; - // If specified, header match will be performed based on whether the header is in the - // request. + // If specified as true, header match will be performed based on whether the header is in the + // request. If specified as false, header match will be performed based on whether the header is absent. bool present_match = 7; // If specified, header match will be performed based on the prefix of the header value. diff --git a/generated_api_shadow/envoy/data/accesslog/v3/accesslog.proto b/generated_api_shadow/envoy/data/accesslog/v3/accesslog.proto index 98bdd1d6e832..c53ae0d6ab85 100644 --- a/generated_api_shadow/envoy/data/accesslog/v3/accesslog.proto +++ b/generated_api_shadow/envoy/data/accesslog/v3/accesslog.proto @@ -186,7 +186,7 @@ message AccessLogCommon { } // Flags indicating occurrences during request/response processing. -// [#next-free-field: 26] +// [#next-free-field: 27] message ResponseFlags { option (udpa.annotations.versioning).previous_message_type = "envoy.data.accesslog.v2.ResponseFlags"; @@ -281,6 +281,9 @@ message ResponseFlags { // Indicates no cluster was found for the request. bool no_cluster_found = 25; + + // Indicates overload manager terminated the request. + bool overload_manager = 26; } // Properties of a negotiated TLS connection. diff --git a/generated_api_shadow/envoy/data/cluster/v3/BUILD b/generated_api_shadow/envoy/data/cluster/v3/BUILD index 147f990bfe91..ee92fb652582 100644 --- a/generated_api_shadow/envoy/data/cluster/v3/BUILD +++ b/generated_api_shadow/envoy/data/cluster/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/data/cluster/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/data/core/v3/BUILD b/generated_api_shadow/envoy/data/core/v3/BUILD index e056514db97d..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/data/core/v3/BUILD +++ b/generated_api_shadow/envoy/data/core/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/data/core/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/data/dns/v3/BUILD b/generated_api_shadow/envoy/data/dns/v3/BUILD index 24703c78c914..516369f09675 100644 --- a/generated_api_shadow/envoy/data/dns/v3/BUILD +++ b/generated_api_shadow/envoy/data/dns/v3/BUILD @@ -6,7 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/data/dns/v2alpha:pkg", + "//envoy/annotations:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/data/dns/v3/dns_table.proto b/generated_api_shadow/envoy/data/dns/v3/dns_table.proto index 4398403b7ed0..5cc04440f700 100644 --- a/generated_api_shadow/envoy/data/dns/v3/dns_table.proto +++ b/generated_api_shadow/envoy/data/dns/v3/dns_table.proto @@ -6,6 +6,7 @@ import "envoy/type/matcher/v3/string.proto"; import "google/protobuf/duration.proto"; +import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; @@ -143,8 +144,13 @@ message DnsTable { // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; + // This field is deprecated and no longer used in Envoy. The filter's behavior has changed + // internally to use a different data structure allowing the filter to determine whether a + // query is for known domain without the use of this field. + // // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server - repeated type.matcher.v3.StringMatcher known_suffixes = 3; + repeated type.matcher.v3.StringMatcher known_suffixes = 3 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; } diff --git a/generated_api_shadow/envoy/data/dns/v4alpha/BUILD b/generated_api_shadow/envoy/data/dns/v4alpha/BUILD index 4c5278c0884d..d26c09b3bed0 100644 --- a/generated_api_shadow/envoy/data/dns/v4alpha/BUILD +++ b/generated_api_shadow/envoy/data/dns/v4alpha/BUILD @@ -6,6 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ + "//envoy/annotations:pkg", "//envoy/data/dns/v3:pkg", "//envoy/type/matcher/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/generated_api_shadow/envoy/data/dns/v4alpha/dns_table.proto b/generated_api_shadow/envoy/data/dns/v4alpha/dns_table.proto index f142cfa7bf8c..ed596b2cee79 100644 --- a/generated_api_shadow/envoy/data/dns/v4alpha/dns_table.proto +++ b/generated_api_shadow/envoy/data/dns/v4alpha/dns_table.proto @@ -6,6 +6,7 @@ import "envoy/type/matcher/v4alpha/string.proto"; import "google/protobuf/duration.proto"; +import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; @@ -155,8 +156,13 @@ message DnsTable { // list empty, Envoy will forward all queries to external resolvers repeated DnsVirtualDomain virtual_domains = 2; + // This field is deprecated and no longer used in Envoy. The filter's behavior has changed + // internally to use a different data structure allowing the filter to determine whether a + // query is for known domain without the use of this field. + // // This field serves to help Envoy determine whether it can authoritatively answer a query // for a name matching a suffix in this list. If the query name does not match a suffix in // this list, Envoy will forward the query to an upstream DNS server - repeated type.matcher.v4alpha.StringMatcher known_suffixes = 3; + repeated type.matcher.v4alpha.StringMatcher hidden_envoy_deprecated_known_suffixes = 3 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; } diff --git a/generated_api_shadow/envoy/extensions/access_loggers/file/v3/BUILD b/generated_api_shadow/envoy/extensions/access_loggers/file/v3/BUILD index 20cbee8b9463..a1775bbe6f51 100644 --- a/generated_api_shadow/envoy/extensions/access_loggers/file/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/access_loggers/file/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/annotations:pkg", - "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/BUILD b/generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/BUILD index 627b855a467e..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/access_loggers/grpc/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/accesslog/v2:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/clusters/aggregate/v3/BUILD b/generated_api_shadow/envoy/extensions/clusters/aggregate/v3/BUILD index 7ff7bd523b75..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/clusters/aggregate/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/clusters/aggregate/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/cluster/aggregate/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/api/envoy/config/filter/http/cache/v2alpha/BUILD b/generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD similarity index 66% rename from api/envoy/config/filter/http/cache/v2alpha/BUILD rename to generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD index 5cbf4e821fc8..ca83092e39b1 100644 --- a/api/envoy/config/filter/http/cache/v2alpha/BUILD +++ b/generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/BUILD @@ -6,8 +6,8 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/api/v2/route:pkg", - "//envoy/type/matcher:pkg", + "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg", + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto b/generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto new file mode 100644 index 000000000000..1b989e0bb725 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/clusters/dynamic_forward_proxy/v4alpha/cluster.proto @@ -0,0 +1,35 @@ +syntax = "proto3"; + +package envoy.extensions.clusters.dynamic_forward_proxy.v4alpha; + +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.clusters.dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "ClusterProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Dynamic forward proxy cluster configuration] + +// Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview +// ` for more information. +// [#extension: envoy.clusters.dynamic_forward_proxy] +message ClusterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig"; + + // The DNS cache configuration that the cluster will attach to. Note this configuration must + // match that of associated :ref:`dynamic forward proxy HTTP filter configuration + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 + [(validate.rules).message = {required: true}]; + + // If true allow the cluster configuration to disable the auto_sni and auto_san_validation options + // in the :ref:`cluster's upstream_http_protocol_options + // ` + bool allow_insecure_cluster_options = 2; +} diff --git a/generated_api_shadow/envoy/extensions/clusters/redis/v3/BUILD b/generated_api_shadow/envoy/extensions/clusters/redis/v3/BUILD index 9ff96b6becfb..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/clusters/redis/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/clusters/redis/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/cluster/redis:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD index b7a0695c214b..fb5436a6bf93 100644 --- a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD @@ -6,8 +6,10 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ + "//envoy/annotations:pkg", "//envoy/config/cluster/v3:pkg", "//envoy/config/common/dynamic_forward_proxy/v2alpha:pkg", + "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto index 4b182a29711b..5c35e80d591f 100644 --- a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto +++ b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto @@ -3,10 +3,13 @@ syntax = "proto3"; package envoy.extensions.common.dynamic_forward_proxy.v3; import "envoy/config/cluster/v3/cluster.proto"; +import "envoy/config/core/v3/address.proto"; +import "envoy/config/core/v3/resolver.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; +import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; @@ -27,7 +30,7 @@ message DnsCacheCircuitBreakers { // Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview // ` for more information. -// [#next-free-field: 9] +// [#next-free-field: 11] message DnsCacheConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.config.common.dynamic_forward_proxy.v2alpha.DnsCacheConfig"; @@ -95,10 +98,20 @@ message DnsCacheConfig { // Envoy will use dns cache circuit breakers with default settings even if this value is not set. DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; - // [#next-major-version: Reconcile DNS options in a single message.] // Always use TCP queries instead of UDP queries for DNS lookups. // Setting this value causes failure if the // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during // server startup. Apple' API only uses UDP for DNS resolution. - bool use_tcp_for_dns_lookups = 8; + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool use_tcp_for_dns_lookups = 8 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v3.DnsResolutionConfig dns_resolution_config = 9; + + // Hostnames that should be preresolved into the cache upon creation. This might provide a + // performance improvement, in the form of cache hits, for hostnames that are going to be + // resolved during steady state and are known at config load time. + repeated config.core.v3.SocketAddress preresolve_hostnames = 10; } diff --git a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD new file mode 100644 index 000000000000..20571020ac92 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/BUILD @@ -0,0 +1,15 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/annotations:pkg", + "//envoy/config/cluster/v4alpha:pkg", + "//envoy/config/core/v4alpha:pkg", + "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto new file mode 100644 index 000000000000..dde756a1608a --- /dev/null +++ b/generated_api_shadow/envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto @@ -0,0 +1,120 @@ +syntax = "proto3"; + +package envoy.extensions.common.dynamic_forward_proxy.v4alpha; + +import "envoy/config/cluster/v4alpha/cluster.proto"; +import "envoy/config/core/v4alpha/address.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "envoy/annotations/deprecation.proto"; +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.common.dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "DnsCacheProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Dynamic forward proxy common configuration] + +// Configuration of circuit breakers for resolver. +message DnsCacheCircuitBreakers { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.common.dynamic_forward_proxy.v3.DnsCacheCircuitBreakers"; + + // The maximum number of pending requests that Envoy will allow to the + // resolver. If not specified, the default is 1024. + google.protobuf.UInt32Value max_pending_requests = 1; +} + +// Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview +// ` for more information. +// [#next-free-field: 11] +message DnsCacheConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig"; + + // The name of the cache. Multiple named caches allow independent dynamic forward proxy + // configurations to operate within a single Envoy process using different configurations. All + // configurations with the same name *must* otherwise have the same settings when referenced + // from different configuration components. Configuration will fail to load if this is not + // the case. + string name = 1 [(validate.rules).string = {min_len: 1}]; + + // The DNS lookup family to use during resolution. + // + // [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The + // way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and + // then configures a host to have a primary and fall back address. With this, we could very + // likely build a "happy eyeballs" connection pool which would race the primary / fall back + // address and return the one that wins. This same method could potentially also be used for + // QUIC to TCP fall back.] + config.cluster.v4alpha.Cluster.DnsLookupFamily dns_lookup_family = 2 + [(validate.rules).enum = {defined_only: true}]; + + // The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s. + // + // .. note: + // + // The returned DNS TTL is not currently used to alter the refresh rate. This feature will be + // added in a future change. + // + // .. note: + // + // The refresh rate is rounded to the closest millisecond, and must be at least 1ms. + google.protobuf.Duration dns_refresh_rate = 3 + [(validate.rules).duration = {gte {nanos: 1000000}}]; + + // The TTL for hosts that are unused. Hosts that have not been used in the configured time + // interval will be purged. If not specified defaults to 5m. + // + // .. note: + // + // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This + // means that if the configured TTL is shorter than the refresh rate the host may not be removed + // immediately. + // + // .. note: + // + // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. + google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; + + // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. + // + // .. note: + // + // The implementation is approximate and enforced independently on each worker thread, thus + // it is possible for the maximum hosts in the cache to go slightly above the configured + // value depending on timing. This is similar to how other circuit breakers work. + google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}]; + + // If the DNS failure refresh rate is specified, + // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is + // not specified, the failure refresh rate defaults to the dns_refresh_rate. + config.cluster.v4alpha.Cluster.RefreshRate dns_failure_refresh_rate = 6; + + // The config of circuit breakers for resolver. It provides a configurable threshold. + // Envoy will use dns cache circuit breakers with default settings even if this value is not set. + DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7; + + // Always use TCP queries instead of UDP queries for DNS lookups. + // Setting this value causes failure if the + // ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during + // server startup. Apple' API only uses UDP for DNS resolution. + // This field is deprecated in favor of *dns_resolution_config* + // which aggregates all of the DNS resolver configuration in a single message. + bool hidden_envoy_deprecated_use_tcp_for_dns_lookups = 8 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v4alpha.DnsResolutionConfig dns_resolution_config = 9; + + // Hostnames that should be preresolved into the cache upon creation. This might provide a + // performance improvement, in the form of cache hits, for hostnames that are going to be + // resolved during steady state and are known at config load time. + repeated config.core.v4alpha.SocketAddress preresolve_hostnames = 10; +} diff --git a/generated_api_shadow/envoy/extensions/common/tap/v3/BUILD b/generated_api_shadow/envoy/extensions/common/tap/v3/BUILD index c7fd66efbdbd..a99fa811f859 100644 --- a/generated_api_shadow/envoy/extensions/common/tap/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/common/tap/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/common/tap/v2alpha:pkg", "//envoy/config/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD index d40a72b07b84..ad2fc9a9a84f 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/adaptive_concurrency/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/adaptive_concurrency/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto b/generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto index 33d415ab4391..9bb3603f9ebd 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/admission_control/v3alpha/admission_control.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Admission Control] // [#extension: envoy.filters.http.admission_control] -// [#next-free-field: 6] +// [#next-free-field: 8] message AdmissionControl { // Default method of specifying what constitutes a successful request. All status codes that // indicate a successful request must be explicitly specified if not relying on the default @@ -91,4 +91,13 @@ message AdmissionControl { // below this threshold, rejection probability will increase. Any success rate above the threshold // results in a rejection probability of 0. Defaults to 95%. config.core.v3.RuntimePercent sr_threshold = 5; + + // If the average RPS of the sampling window is below this threshold, the request + // will not be rejected, even if the success rate is lower than sr_threshold. + // Defaults to 0. + config.core.v3.RuntimeUInt32 rps_threshold = 6; + + // The probability of rejection will never exceed this value, even if the failure rate is rising. + // Defaults to 80%. + config.core.v3.RuntimePercent max_rejection_probability = 7; } diff --git a/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD new file mode 100644 index 000000000000..1c1a6f6b4423 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto b/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto new file mode 100644 index 000000000000..e628a6ca73fb --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.proto @@ -0,0 +1,27 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.alternate_protocols_cache.v3; + +import "envoy/config/core/v3/protocol.proto"; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.alternate_protocols_cache.v3"; +option java_outer_classname = "AlternateProtocolsCacheProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Alternate Protocols Cache] + +// Configuration for the alternate protocols cache HTTP filter. +// [#extension: envoy.filters.http.alternate_protocols_cache] +// TODO(RyanTheOptimist): Move content from source/docs/http3_upstream.md to +// docs/root/intro/arch_overview/upstream/connection_pooling.rst when unhiding the proto. +message FilterConfig { + // [#not-implemented-hide:] + // If set, causes the use of the alternate protocols cache, which is responsible for + // parsing and caching HTTP Alt-Svc headers. This enables the use of HTTP/3 for upstream + // servers that advertise supporting it. + // TODO(RyanTheOptimist): Make this field required when HTTP/3 is enabled via auto_http. + config.core.v3.AlternateProtocolsCacheOptions alternate_protocols_cache_options = 1; +} diff --git a/generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/BUILD index 8bc4fef8da4d..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/aws_lambda/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/aws_lambda/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/BUILD index fa7012277c34..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/aws_request_signing/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/aws_request_signing/v2alpha:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD b/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD new file mode 100644 index 000000000000..1c1a6f6b4423 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto b/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto new file mode 100644 index 000000000000..4cd5f8268b70 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.proto @@ -0,0 +1,70 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.bandwidth_limit.v3alpha; + +import "envoy/config/core/v3/base.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.bandwidth_limit.v3alpha"; +option java_outer_classname = "BandwidthLimitProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).work_in_progress = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Bandwidth limit] +// Bandwidth limit :ref:`configuration overview `. +// [#extension: envoy.filters.http.bandwidth_limit] + +// [#next-free-field: 6] +message BandwidthLimit { + // Defines the mode for the bandwidth limit filter. + // Values represent bitmask. + enum EnableMode { + // Filter is disabled. + DISABLED = 0; + + // Filter enabled only for incoming traffic. + REQUEST = 1; + + // Filter enabled only for outgoing traffic. + RESPONSE = 2; + + // Filter enabled for both incoming and outgoing traffic. + REQUEST_AND_RESPONSE = 3; + } + + // The human readable prefix to use when emitting stats. + string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; + + // The enable mode for the bandwidth limit filter. + // Default is Disabled. + EnableMode enable_mode = 2 [(validate.rules).enum = {defined_only: true}]; + + // The limit supplied in KiB/s. + // + // .. note:: + // It's fine for the limit to be unset for the global configuration since the bandwidth limit + // can be applied at a the virtual host or route level. Thus, the limit must be set for the + // per route configuration otherwise the config will be rejected. + // + // .. note:: + // When using per route configuration, the limit becomes unique to that route. + // + google.protobuf.UInt64Value limit_kbps = 3 [(validate.rules).uint64 = {gte: 1}]; + + // Optional Fill interval in milliseconds for the token refills. Defaults to 50ms. + // It must be at least 20ms to avoid too aggressive refills. + google.protobuf.Duration fill_interval = 4 [(validate.rules).duration = { + lte {seconds: 1} + gte {nanos: 20000000} + }]; + + // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults + // to enabled. + config.core.v3.RuntimeFeatureFlag runtime_enabled = 5; +} diff --git a/generated_api_shadow/envoy/extensions/filters/http/buffer/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/buffer/v3/BUILD index c30559bc389d..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/buffer/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/buffer/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/buffer/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/BUILD b/generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/BUILD index 20ae32258b44..c0ffdf28daaf 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/cache/v3alpha/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/cache/v2alpha:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/generated_api_shadow/envoy/extensions/filters/http/compressor/v3/compressor.proto b/generated_api_shadow/envoy/extensions/filters/http/compressor/v3/compressor.proto index ab1d426be454..72b435c93dda 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/compressor/v3/compressor.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/compressor/v3/compressor.proto @@ -10,6 +10,7 @@ import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v3"; option java_outer_classname = "CompressorProto"; @@ -101,9 +102,9 @@ message Compressor { // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. - // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. // [#extension-category: envoy.compression.compressor] - config.core.v3.TypedExtensionConfig compressor_library = 6; + config.core.v3.TypedExtensionConfig compressor_library = 6 + [(validate.rules).message = {required: true}]; // Configuration for request compression. Compression is disabled by default if left empty. RequestDirectionConfig request_direction_config = 7; diff --git a/generated_api_shadow/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto b/generated_api_shadow/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto index 2dbcf3917a71..b7757531c024 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/compressor/v4alpha/compressor.proto @@ -10,6 +10,7 @@ import "google/protobuf/wrappers.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.extensions.filters.http.compressor.v4alpha"; option java_outer_classname = "CompressorProto"; @@ -110,9 +111,9 @@ message Compressor { // A compressor library to use for compression. Currently only // :ref:`envoy.compression.gzip.compressor` // is included in Envoy. - // This field is ignored if used in the context of the gzip http-filter, but is mandatory otherwise. // [#extension-category: envoy.compression.compressor] - config.core.v4alpha.TypedExtensionConfig compressor_library = 6; + config.core.v4alpha.TypedExtensionConfig compressor_library = 6 + [(validate.rules).message = {required: true}]; // Configuration for request compression. Compression is disabled by default if left empty. RequestDirectionConfig request_direction_config = 7; diff --git a/generated_api_shadow/envoy/extensions/filters/http/cors/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/cors/v3/BUILD index 4e161178b785..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/cors/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/cors/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/cors/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/csrf/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/csrf/v3/BUILD index c79e8aec9af8..3f3a5395d2aa 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/csrf/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/csrf/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/csrf/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD index 01f8b59e2438..05f25a2fe5d9 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/dynamic_forward_proxy/v2alpha:pkg", "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD new file mode 100644 index 000000000000..8486b45d71d9 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", + "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto new file mode 100644 index 000000000000..0dba06106b07 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/dynamic_forward_proxy/v4alpha/dynamic_forward_proxy.proto @@ -0,0 +1,64 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.dynamic_forward_proxy.v4alpha; + +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "DynamicForwardProxyProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: Dynamic forward proxy] + +// Configuration for the dynamic forward proxy HTTP filter. See the :ref:`architecture overview +// ` for more information. +// [#extension: envoy.filters.http.dynamic_forward_proxy] +message FilterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig"; + + // The DNS cache configuration that the filter will attach to. Note this configuration must + // match that of associated :ref:`dynamic forward proxy cluster configuration + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 + [(validate.rules).message = {required: true}]; +} + +// Per route Configuration for the dynamic forward proxy HTTP filter. +message PerRouteConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.dynamic_forward_proxy.v3.PerRouteConfig"; + + oneof host_rewrite_specifier { + // Indicates that before DNS lookup, the host header will be swapped with + // this value. If not set or empty, the original host header value + // will be used and no rewrite will happen. + // + // Note: this rewrite affects both DNS lookup and host header forwarding. However, this + // option shouldn't be used with + // :ref:`HCM host rewrite ` given that the + // value set here would be used for DNS lookups whereas the value set in the HCM would be used + // for host header forwarding which is not the desired outcome. + string host_rewrite_literal = 1; + + // Indicates that before DNS lookup, the host header will be swapped with + // the value of this header. If not set or empty, the original host header + // value will be used and no rewrite will happen. + // + // Note: this rewrite affects both DNS lookup and host header forwarding. However, this + // option shouldn't be used with + // :ref:`HCM host rewrite header ` + // given that the value set here would be used for DNS lookups whereas the value set in the HCM + // would be used for host header forwarding which is not the desired outcome. + // + // .. note:: + // + // If the header appears multiple times only the first value is used. + string host_rewrite_header = 2; + } +} diff --git a/generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/BUILD index a452c74febd4..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/dynamo/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/dynamo/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/fault/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/fault/v3/BUILD index 8c18028f5a46..53db91cad82c 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/fault/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/fault/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/fault/v2:pkg", "//envoy/config/route/v3:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "//envoy/type/v3:pkg", diff --git a/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD index 7e2b76a377e8..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_bridge/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_http1_bridge/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD index afe08f939142..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD index 736e75a6dba5..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/grpc_json_transcoder/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/transcoder/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/BUILD index 37ba5da68858..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/grpc_stats/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/grpc_stats/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/BUILD index 5f5430c9bb4d..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/grpc_web/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/grpc_web/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/gzip/v3/gzip.proto b/generated_api_shadow/envoy/extensions/filters/http/gzip/v3/gzip.proto index 0578903dad51..8c3786f5f12a 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/gzip/v3/gzip.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/gzip/v3/gzip.proto @@ -17,8 +17,6 @@ option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { diff --git a/generated_api_shadow/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto b/generated_api_shadow/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto index 860b185ec20a..8689148b4625 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/gzip/v4alpha/gzip.proto @@ -16,8 +16,6 @@ option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; // [#protodoc-title: Gzip] -// Gzip :ref:`configuration overview `. -// [#extension: envoy.filters.http.gzip] // [#next-free-field: 12] message Gzip { diff --git a/generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/BUILD index d0d7ca6fb9b3..693f0b92ff34 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/header_to_metadata/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/header_to_metadata/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/BUILD index 32e463407361..6eb33fe8151a 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/jwt_authn/v2alpha:pkg", "//envoy/config/route/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/config.proto b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/config.proto index 08ef7a09feb2..afc761c07c7e 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/config.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v3/config.proto @@ -232,6 +232,35 @@ message RemoteJwks { // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; + + // Fetch Jwks asynchronously in the main thread before the listener is activated. + // Fetched Jwks can be used by all worker threads. + // + // If this feature is not enabled: + // + // * The Jwks is fetched on-demand when the requests come. During the fetching, first + // few requests are paused until the Jwks is fetched. + // * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. + // + // If this feature is enabled: + // + // * Fetched Jwks is done in the main thread before the listener is activated. Its fetched + // Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. + // * Jwks is ready when the requests come, not need to wait for the Jwks fetching. + // + JwksAsyncFetch async_fetch = 3; +} + +// Fetch Jwks asynchronously in the main thread when the filter config is parsed. +// The listener is activated only after the Jwks is fetched. +// When the Jwks is expired in the cache, it is fetched again in the main thread. +// The fetched Jwks from the main thread can be used by all worker threads. +message JwksAsyncFetch { + // If false, the listener is activated after the initial fetch is completed. + // The initial fetch result can be either successful or failed. + // If true, it is activated without waiting for the initial fetch to complete. + // Default is false. + bool fast_listener = 1; } // This message specifies a header location to extract JWT token. diff --git a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto index 7656f09912e9..442ba7df061e 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/jwt_authn/v4alpha/config.proto @@ -232,6 +232,38 @@ message RemoteJwks { // Duration after which the cached JWKS should be expired. If not specified, default cache // duration is 5 minutes. google.protobuf.Duration cache_duration = 2; + + // Fetch Jwks asynchronously in the main thread before the listener is activated. + // Fetched Jwks can be used by all worker threads. + // + // If this feature is not enabled: + // + // * The Jwks is fetched on-demand when the requests come. During the fetching, first + // few requests are paused until the Jwks is fetched. + // * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. + // + // If this feature is enabled: + // + // * Fetched Jwks is done in the main thread before the listener is activated. Its fetched + // Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. + // * Jwks is ready when the requests come, not need to wait for the Jwks fetching. + // + JwksAsyncFetch async_fetch = 3; +} + +// Fetch Jwks asynchronously in the main thread when the filter config is parsed. +// The listener is activated only after the Jwks is fetched. +// When the Jwks is expired in the cache, it is fetched again in the main thread. +// The fetched Jwks from the main thread can be used by all worker threads. +message JwksAsyncFetch { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch"; + + // If false, the listener is activated after the initial fetch is completed. + // The initial fetch result can be either successful or failed. + // If true, it is activated without waiting for the initial fetch to complete. + // Default is false. + bool fast_listener = 1; } // This message specifies a header location to extract JWT token. diff --git a/generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto b/generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto index 7766ee2573d0..1cf6c5f2fa52 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // Local Rate limit :ref:`configuration overview `. // [#extension: envoy.filters.http.local_ratelimit] -// [#next-free-field: 11] +// [#next-free-field: 12] message LocalRateLimit { // The human readable prefix to use when emitting stats. string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; @@ -97,4 +97,13 @@ message LocalRateLimit { // // The filter supports a range of 0 - 10 inclusively for stage numbers. uint32 stage = 9 [(validate.rules).uint32 = {lte: 10}]; + + // Specifies the scope of the rate limiter's token bucket. + // If set to false, the token bucket is shared across all worker threads, + // thus the rate limits are applied per Envoy process. + // If set to true, a token bucket is allocated for each connection. + // Thus the rate limits are applied per connection thereby allowing + // one to rate limit requests on a per connection basis. + // If unspecified, the default value is false. + bool local_rate_limit_per_downstream_connection = 11; } diff --git a/generated_api_shadow/envoy/extensions/filters/http/lua/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/lua/v3/BUILD index c0eea4243ea8..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/lua/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/lua/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/http/lua/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/BUILD index 7d1afef788cc..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/on_demand/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/on_demand/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/original_src/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/original_src/v3/BUILD index e24dc0dea402..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/original_src/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/original_src/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/original_src/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/BUILD index 7e242aade472..0bad14913d21 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/BUILD index 81854bd675f5..fd183569e5a1 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/rbac.proto b/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/rbac.proto index 67cb338ef1fc..7ad7ac5e6aa2 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/rbac.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/rbac/v3/rbac.proto @@ -23,6 +23,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) diff --git a/generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto b/generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto index 6f1a61e54b89..41040592cace 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/rbac/v4alpha/rbac.proto @@ -23,6 +23,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter (i.e., returning a 403) diff --git a/generated_api_shadow/envoy/extensions/filters/http/router/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/router/v3/BUILD index 440666471e16..0b02b988e42f 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/router/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/router/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/accesslog/v3:pkg", - "//envoy/config/filter/http/router/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/router/v3/router.proto b/generated_api_shadow/envoy/extensions/filters/http/router/v3/router.proto index 6ab64f92f2b0..ce595c057c01 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/router/v3/router.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/router/v3/router.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] -// [#next-free-field: 7] +// [#next-free-field: 8] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.router.v2.Router"; @@ -78,4 +78,14 @@ message Router { // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; + + // If set, Envoy will avoid incrementing HTTP failure code stats + // on gRPC requests. This includes the individual status code value + // (e.g. upstream_rq_504) and group stats (e.g. upstream_rq_5xx). + // This field is useful if interested in relying only on the gRPC + // stats filter to define success and failure metrics for gRPC requests + // as not all failed gRPC requests charge HTTP status code metrics. See + // :ref:`gRPC stats filter` documentation + // for more details. + bool suppress_grpc_request_failure_code_stats = 7; } diff --git a/generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/router.proto b/generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/router.proto index d0baaab84a39..2d72bd1470c0 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/router.proto +++ b/generated_api_shadow/envoy/extensions/filters/http/router/v4alpha/router.proto @@ -19,7 +19,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // Router :ref:`configuration overview `. // [#extension: envoy.filters.http.router] -// [#next-free-field: 7] +// [#next-free-field: 8] message Router { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.http.router.v3.Router"; @@ -78,4 +78,14 @@ message Router { // :ref:`config_http_filters_router_x-envoy-expected-rq-timeout-ms` header, populated by egress // Envoy, when deriving timeout for upstream cluster. bool respect_expected_rq_timeout = 6; + + // If set, Envoy will avoid incrementing HTTP failure code stats + // on gRPC requests. This includes the individual status code value + // (e.g. upstream_rq_504) and group stats (e.g. upstream_rq_5xx). + // This field is useful if interested in relying only on the gRPC + // stats filter to define success and failure metrics for gRPC requests + // as not all failed gRPC requests charge HTTP status code metrics. See + // :ref:`gRPC stats filter` documentation + // for more details. + bool suppress_grpc_request_failure_code_stats = 7; } diff --git a/api/envoy/config/filter/http/aws_request_signing/v2alpha/BUILD b/generated_api_shadow/envoy/extensions/filters/http/set_metadata/v3/BUILD similarity index 100% rename from api/envoy/config/filter/http/aws_request_signing/v2alpha/BUILD rename to generated_api_shadow/envoy/extensions/filters/http/set_metadata/v3/BUILD diff --git a/generated_api_shadow/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto b/generated_api_shadow/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto new file mode 100644 index 000000000000..f7ff348e2025 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/http/set_metadata/v3/set_metadata.proto @@ -0,0 +1,30 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.set_metadata.v3; + +import "google/protobuf/struct.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.set_metadata.v3"; +option java_outer_classname = "SetMetadataProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Set-Metadata Filter] +// +// This filters adds or updates dynamic metadata with static data. +// +// [#extension: envoy.filters.http.set_metadata] + +message Config { + // The metadata namespace. + string metadata_namespace = 1 [(validate.rules).string = {min_len: 1}]; + + // The value to update the namespace with. See + // :ref:`the filter documentation ` for + // more information on how this value is merged with potentially existing + // ones. + google.protobuf.Struct value = 2; +} diff --git a/generated_api_shadow/envoy/extensions/filters/http/squash/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/squash/v3/BUILD index bc73113edc2d..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/squash/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/squash/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/http/squash/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/http/tap/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/http/tap/v3/BUILD index 7a7da171e779..6b2b1215048c 100644 --- a/generated_api_shadow/envoy/extensions/filters/http/tap/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/http/tap/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/http/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/BUILD index af97cda2241e..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/listener/http_inspector/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/http_inspector/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/BUILD index 4a1bdfeb0ee4..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/listener/original_dst/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/original_dst/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/BUILD index 02d98123a186..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/listener/original_src/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/original_src/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD index 279bc63a3905..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/listener/proxy_protocol/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/proxy_protocol/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/BUILD index d6f76cc795c1..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/listener/tls_inspector/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/listener/tls_inspector/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD index 63ddc6cce31c..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/client_ssl_auth/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/client_ssl_auth/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/BUILD new file mode 100644 index 000000000000..1c1a6f6b4423 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto b/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto new file mode 100644 index 000000000000..ccd30aaba692 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/network/connection_limit/v3/connection_limit.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; + +package envoy.extensions.filters.network.connection_limit.v3; + +import "envoy/config/core/v3/base.proto"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.network.connection_limit.v3"; +option java_outer_classname = "ConnectionLimitProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Connection limit] +// Connection limit :ref:`configuration overview `. +// [#extension: envoy.filters.network.connection_limit] + +message ConnectionLimit { + // The prefix to use when emitting :ref:`statistics + // `. + string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; + + // The max connections configuration to use for new incoming connections that are processed + // by the filter's filter chain. When max_connection is reached, the incoming connection + // will be closed after delay duration. + google.protobuf.UInt64Value max_connections = 2 [(validate.rules).uint64 = {gte: 1}]; + + // The delay configuration to use for rejecting the connection after some specified time duration + // instead of immediately rejecting the connection. That way, a malicious user is not able to + // retry as fast as possible which provides a better DoS protection for Envoy. If this is not present, + // the connection will be closed immediately. + google.protobuf.Duration delay = 3; + + // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults + // to enabled. + config.core.v3.RuntimeFeatureFlag runtime_enabled = 4; +} diff --git a/generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/BUILD index 3811eea543d0..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/direct_response/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/direct_response/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD index ee019776bb57..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/router/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/dubbo/router/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD index 07ee4e43c93d..b6e6273d28f5 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/dubbo_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/dubbo_proxy/v2alpha1:pkg", "//envoy/config/route/v3:pkg", "//envoy/type/matcher/v3:pkg", "//envoy/type/v3:pkg", diff --git a/generated_api_shadow/envoy/extensions/filters/network/echo/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/echo/v3/BUILD index 64f6e338d260..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/echo/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/echo/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/echo/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/BUILD index a5c5b57b7227..3f3a5395d2aa 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/ext_authz/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/ext_authz/v2:pkg", "//envoy/type/matcher/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto b/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto index 76c8488c32be..095f3a28d712 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto +++ b/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto @@ -36,7 +36,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] -// [#next-free-field: 47] +// [#next-free-field: 48] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager"; @@ -708,6 +708,16 @@ message HttpConnectionManager { // for details. PathNormalizationOptions path_normalization_options = 43; + // Determines if trailing dot of the host should be removed from host/authority header before any + // processing of request by HTTP filters or routing. + // This affects the upstream host header. + // Without setting this option, incoming requests with host `example.com.` will not match against + // route with :ref:`domains` match set to `example.com`. Defaults to `false`. + // When the incoming request contains a host/authority header that includes a port number, + // setting this option will strip a trailing dot, if present, from the host section, + // leaving the port as is (e.g. host value `example.com.:443` will be updated to `example.com:443`). + bool strip_trailing_host_dot = 47; + google.protobuf.Duration hidden_envoy_deprecated_idle_timeout = 11 [ deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0", diff --git a/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto b/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto index e2f85d4b3e15..db628cc585ec 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto +++ b/generated_api_shadow/envoy/extensions/filters/network/http_connection_manager/v4alpha/http_connection_manager.proto @@ -34,7 +34,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO // HTTP connection manager :ref:`configuration overview `. // [#extension: envoy.filters.network.http_connection_manager] -// [#next-free-field: 47] +// [#next-free-field: 48] message HttpConnectionManager { option (udpa.annotations.versioning).previous_message_type = "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"; @@ -704,6 +704,16 @@ message HttpConnectionManager { // ` // for details. PathNormalizationOptions path_normalization_options = 43; + + // Determines if trailing dot of the host should be removed from host/authority header before any + // processing of request by HTTP filters or routing. + // This affects the upstream host header. + // Without setting this option, incoming requests with host `example.com.` will not match against + // route with :ref:`domains` match set to `example.com`. Defaults to `false`. + // When the incoming request contains a host/authority header that includes a port number, + // setting this option will strip a trailing dot, if present, from the host section, + // leaving the port as is (e.g. host value `example.com.:443` will be updated to `example.com:443`). + bool strip_trailing_host_dot = 47; } // The configuration to customize local reply returned by Envoy. diff --git a/generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/BUILD index 841625db358e..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/kafka_broker/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/kafka_broker/v2alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/BUILD index 6063fac9a03e..ad2fc9a9a84f 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/local_ratelimit/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/network/local_rate_limit/v2alpha:pkg", "//envoy/type/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/BUILD index 89c91e756797..d399b876a7f4 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/mongo_proxy/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/mongo_proxy/v2:pkg", "//envoy/extensions/filters/common/fault/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/BUILD index ea52e79aaad3..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/mysql_proxy/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/mysql_proxy/v1alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/BUILD index d70a49190005..9276f5ab3d2d 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/rate_limit/v2:pkg", "//envoy/config/ratelimit/v3:pkg", "//envoy/extensions/common/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", diff --git a/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/BUILD index 565d52c46bb3..fd183569e5a1 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/network/rbac/v2:pkg", "//envoy/config/rbac/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/rbac.proto b/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/rbac.proto index e38b0cf448ba..4d1ff296fa4a 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/rbac.proto +++ b/generated_api_shadow/envoy/extensions/filters/network/rbac/v3/rbac.proto @@ -39,6 +39,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v3.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs diff --git a/generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto b/generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto index 9e15a86e60c3..3512bae2d2ab 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto +++ b/generated_api_shadow/envoy/extensions/filters/network/rbac/v4alpha/rbac.proto @@ -39,6 +39,7 @@ message RBAC { // Specify the RBAC rules to be applied globally. // If absent, no enforcing RBAC policy will be applied. + // If present and empty, DENY. config.rbac.v4alpha.RBAC rules = 1; // Shadow rules are not enforced by the filter but will emit stats and logs diff --git a/generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/BUILD index 380c8623d523..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/sni_cluster/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/sni_cluster/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD b/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD new file mode 100644 index 000000000000..465ea4ff2844 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/extensions/common/dynamic_forward_proxy/v4alpha:pkg", + "//envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto b/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto new file mode 100644 index 000000000000..de2947fcba9e --- /dev/null +++ b/generated_api_shadow/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v4alpha/sni_dynamic_forward_proxy.proto @@ -0,0 +1,40 @@ +syntax = "proto3"; + +package envoy.extensions.filters.network.sni_dynamic_forward_proxy.v4alpha; + +import "envoy/extensions/common/dynamic_forward_proxy/v4alpha/dns_cache.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.network.sni_dynamic_forward_proxy.v4alpha"; +option java_outer_classname = "SniDynamicForwardProxyProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).work_in_progress = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: SNI dynamic forward proxy] + +// Configuration for the SNI-based dynamic forward proxy filter. See the +// :ref:`architecture overview ` for +// more information. Note this filter must be configured along with +// :ref:`TLS inspector listener filter ` +// to work. +// [#extension: envoy.filters.network.sni_dynamic_forward_proxy] +message FilterConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3alpha.FilterConfig"; + + // The DNS cache configuration that the filter will attach to. Note this + // configuration must match that of associated :ref:`dynamic forward proxy + // cluster configuration + // `. + common.dynamic_forward_proxy.v4alpha.DnsCacheConfig dns_cache_config = 1 + [(validate.rules).message = {required: true}]; + + oneof port_specifier { + // The port number to connect to the upstream. + uint32 port_value = 2 [(validate.rules).uint32 = {lte: 65535 gt: 0}]; + } +} diff --git a/generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD index 8f23a610a964..0bad14913d21 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/BUILD @@ -6,7 +6,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ - "//envoy/config/filter/thrift/rate_limit/v2alpha1:pkg", "//envoy/config/ratelimit/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD index 20fd72e09cd2..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/network/zookeeper_proxy/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/filter/network/zookeeper_proxy/v1alpha1:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto b/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto index 32103540c1d2..8221c11efbe7 100644 --- a/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto +++ b/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v3alpha; -import "envoy/config/core/v3/address.proto"; import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/resolver.proto"; import "envoy/data/dns/v3/dns_table.proto"; import "google/protobuf/duration.proto"; @@ -51,10 +51,8 @@ message DnsFilterConfig { // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; - // A list of DNS servers to which we can forward queries. If not - // specified, Envoy will use the ambient DNS resolvers in the - // system. - repeated config.core.v3.Address upstream_resolvers = 2; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v3.DnsResolutionConfig dns_resolution_config = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external diff --git a/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto b/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto index 54615b8b93ed..6957e58dbb06 100644 --- a/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto +++ b/generated_api_shadow/envoy/extensions/filters/udp/dns_filter/v4alpha/dns_filter.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.extensions.filters.udp.dns_filter.v4alpha; -import "envoy/config/core/v4alpha/address.proto"; import "envoy/config/core/v4alpha/base.proto"; +import "envoy/config/core/v4alpha/resolver.proto"; import "envoy/data/dns/v4alpha/dns_table.proto"; import "google/protobuf/duration.proto"; @@ -61,10 +61,8 @@ message DnsFilterConfig { // number of retries multiplied by the resolver_timeout. google.protobuf.Duration resolver_timeout = 1 [(validate.rules).duration = {gte {seconds: 1}}]; - // A list of DNS servers to which we can forward queries. If not - // specified, Envoy will use the ambient DNS resolvers in the - // system. - repeated config.core.v4alpha.Address upstream_resolvers = 2; + // DNS resolution configuration which includes the underlying dns resolver addresses and options. + config.core.v4alpha.DnsResolutionConfig dns_resolution_config = 2; // Controls how many outstanding external lookup contexts the filter tracks. // The context structure allows the filter to respond to every query even if the external diff --git a/generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/BUILD b/generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/BUILD index 97a07915b41d..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/filters/udp/udp_proxy/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/filter/udp/udp_proxy/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/api/envoy/config/filter/http/buffer/v2/BUILD b/generated_api_shadow/envoy/extensions/formatter/req_without_query/v3/BUILD similarity index 100% rename from api/envoy/config/filter/http/buffer/v2/BUILD rename to generated_api_shadow/envoy/extensions/formatter/req_without_query/v3/BUILD diff --git a/generated_api_shadow/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto b/generated_api_shadow/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto new file mode 100644 index 000000000000..e1b6c32a97e6 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/formatter/req_without_query/v3/req_without_query.proto @@ -0,0 +1,29 @@ +syntax = "proto3"; + +package envoy.extensions.formatter.req_without_query.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.formatter.req_without_query.v3"; +option java_outer_classname = "ReqWithoutQueryProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Formatter extension for printing request without query string] +// [#extension: envoy.formatter.req_without_query] + +// ReqWithoutQuery formatter extension implements REQ_WITHOUT_QUERY command operator that +// works the same way as :ref:`REQ ` except that it will +// remove the query string. It is used to avoid logging any sensitive information into +// the access log. +// See :ref:`here ` for more information on access log configuration. + +// %REQ_WITHOUT_QUERY(X?Y):Z% +// An HTTP request header where X is the main HTTP header, Y is the alternative one, and Z is an +// optional parameter denoting string truncation up to Z characters long. The value is taken from +// the HTTP request header named X first and if it's not set, then request header Y is used. If +// none of the headers are present '-' symbol will be in the log. + +// Configuration for the request without query formatter. +message ReqWithoutQuery { +} diff --git a/api/envoy/config/filter/http/cors/v2/BUILD b/generated_api_shadow/envoy/extensions/quic/crypto_stream/v3/BUILD similarity index 100% rename from api/envoy/config/filter/http/cors/v2/BUILD rename to generated_api_shadow/envoy/extensions/quic/crypto_stream/v3/BUILD diff --git a/generated_api_shadow/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto b/generated_api_shadow/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto new file mode 100644 index 000000000000..6313f79861e8 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/quic/crypto_stream/v3/crypto_stream.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package envoy.extensions.quic.crypto_stream.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.quic.crypto_stream.v3"; +option java_outer_classname = "CryptoStreamProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: QUIC server crypto stream config] +// [#extension: envoy.quic.crypto_stream.server.quiche] + +// Configuration for the default QUIC server crypto stream provided by QUICHE. +message CryptoServerStreamConfig { +} diff --git a/api/envoy/config/filter/http/dynamo/v2/BUILD b/generated_api_shadow/envoy/extensions/quic/proof_source/v3/BUILD similarity index 100% rename from api/envoy/config/filter/http/dynamo/v2/BUILD rename to generated_api_shadow/envoy/extensions/quic/proof_source/v3/BUILD diff --git a/generated_api_shadow/envoy/extensions/quic/proof_source/v3/proof_source.proto b/generated_api_shadow/envoy/extensions/quic/proof_source/v3/proof_source.proto new file mode 100644 index 000000000000..1459142d4091 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/quic/proof_source/v3/proof_source.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package envoy.extensions.quic.proof_source.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.quic.proof_source.v3"; +option java_outer_classname = "ProofSourceProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: QUIC proof source config] +// [#extension: envoy.quic.proof_source.filter_chain] + +// Configuration for the default QUIC proof source. +message ProofSourceConfig { +} diff --git a/generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD b/generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD index 8ab45257bb7a..1c1a6f6b4423 100644 --- a/generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/retry/host/omit_host_metadata/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/retry/omit_host_metadata/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/BUILD b/generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/BUILD index a7574a4e6e87..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/retry/priority/previous_priorities/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/retry/previous_priorities:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD b/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD new file mode 100644 index 000000000000..1c1a6f6b4423 --- /dev/null +++ b/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto b/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto new file mode 100644 index 000000000000..72306389bfec --- /dev/null +++ b/generated_api_shadow/envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.proto @@ -0,0 +1,44 @@ +syntax = "proto3"; + +package envoy.extensions.stat_sinks.graphite_statsd.v3; + +import "envoy/config/core/v3/address.proto"; + +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.stat_sinks.graphite_statsd.v3"; +option java_outer_classname = "GraphiteStatsdProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Graphite+Statsd] +// Stats configuration proto schema for ``envoy.stat_sinks.graphite_statsd`` sink. +// The sink emits stats with `Graphite `_ +// compatible tags. Tags are configurable via :ref:`StatsConfig +// `. +// [#extension: envoy.stat_sinks.graphite_statsd] + +message GraphiteStatsdSink { + oneof statsd_specifier { + option (validate.required) = true; + + // The UDP address of a running Graphite-compliant listener. If specified, + // statistics will be flushed to this address. + config.core.v3.Address address = 1; + } + + // Optional custom metric name prefix. See :ref:`StatsdSink's prefix field + // ` for more details. + string prefix = 3; + + // Optional max datagram size to use when sending UDP messages. By default Envoy + // will emit one metric per datagram. By specifying a max-size larger than a single + // metric, Envoy will emit multiple, new-line separated metrics. The max datagram + // size should not exceed your network's MTU. + // + // Note that this value may not be respected if smaller than a single metric. + google.protobuf.UInt64Value max_bytes_per_datagram = 4 [(validate.rules).uint64 = {gt: 0}]; +} diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD b/generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD index 77acc959be8f..ee92fb652582 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/transport_sockets/raw_buffer/v3/BUILD @@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") licenses(["notice"]) # Apache 2 api_proto_package( - deps = [ - "//envoy/config/transport_socket/raw_buffer/v2:pkg", - "@com_github_cncf_udpa//udpa/annotations:pkg", - ], + deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], ) diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/BUILD b/generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/BUILD index 8104239e63ea..b97db3d63736 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/BUILD +++ b/generated_api_shadow/envoy/extensions/transport_sockets/tap/v3/BUILD @@ -7,7 +7,6 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ "//envoy/config/core/v3:pkg", - "//envoy/config/transport_socket/tap/v2alpha:pkg", "//envoy/extensions/common/tap/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/common.proto b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/common.proto index 0c5c19951076..64b3f59dcb26 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/common.proto +++ b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/common.proto @@ -53,10 +53,12 @@ message TlsParameters { // If specified, the TLS listener will only support the specified `cipher list // `_ - // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not - // specified, the default list will be used. + // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). // - // In non-FIPS builds, the default cipher list is: + // If not specified, a default list will be used. Defaults are different for server (downstream) and + // client (upstream) TLS configurations. + // + // In non-FIPS builds, the default server cipher list is: // // .. code-block:: none // @@ -73,7 +75,7 @@ message TlsParameters { // AES256-GCM-SHA384 // AES256-SHA // - // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: + // In builds using :ref:`BoringSSL FIPS `, the default server cipher list is: // // .. code-block:: none // @@ -89,6 +91,24 @@ message TlsParameters { // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA + // + // In non-FIPS builds, the default client cipher list is: + // + // .. code-block:: none + // + // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] + // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 + // + // In builds using :ref:`BoringSSL FIPS `, the default client cipher list is: + // + // .. code-block:: none + // + // ECDHE-ECDSA-AES128-GCM-SHA256 + // ECDHE-RSA-AES128-GCM-SHA256 + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/tls.proto b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/tls.proto index 44325bdbee6a..02287de5875f 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/tls.proto +++ b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v3/tls.proto @@ -216,8 +216,14 @@ message CommonTlsContext { // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. + // + // The same number and types of certificates as :ref:`tls_certificates ` + // are valid in the the certificates fetched through this setting. + // + // If :ref:`tls_certificates ` + // is non-empty, this field is ignored. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 - [(validate.rules).repeated = {max_items: 1}]; + [(validate.rules).repeated = {max_items: 2}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/common.proto b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/common.proto index 0bc4bf9e963f..e696fffc5e57 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/common.proto +++ b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/common.proto @@ -52,10 +52,12 @@ message TlsParameters { // If specified, the TLS listener will only support the specified `cipher list // `_ - // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not - // specified, the default list will be used. + // when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). // - // In non-FIPS builds, the default cipher list is: + // If not specified, a default list will be used. Defaults are different for server (downstream) and + // client (upstream) TLS configurations. + // + // In non-FIPS builds, the default server cipher list is: // // .. code-block:: none // @@ -72,7 +74,7 @@ message TlsParameters { // AES256-GCM-SHA384 // AES256-SHA // - // In builds using :ref:`BoringSSL FIPS `, the default cipher list is: + // In builds using :ref:`BoringSSL FIPS `, the default server cipher list is: // // .. code-block:: none // @@ -88,6 +90,24 @@ message TlsParameters { // ECDHE-RSA-AES256-SHA // AES256-GCM-SHA384 // AES256-SHA + // + // In non-FIPS builds, the default client cipher list is: + // + // .. code-block:: none + // + // [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305] + // [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305] + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 + // + // In builds using :ref:`BoringSSL FIPS `, the default client cipher list is: + // + // .. code-block:: none + // + // ECDHE-ECDSA-AES128-GCM-SHA256 + // ECDHE-RSA-AES128-GCM-SHA256 + // ECDHE-ECDSA-AES256-GCM-SHA384 + // ECDHE-RSA-AES256-GCM-SHA384 repeated string cipher_suites = 3; // If specified, the TLS connection will only support the specified ECDH diff --git a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto index 7ddf55dfa6fa..b92cae619dd9 100644 --- a/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto +++ b/generated_api_shadow/envoy/extensions/transport_sockets/tls/v4alpha/tls.proto @@ -221,8 +221,14 @@ message CommonTlsContext { // Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be // fetched/refreshed over the network asynchronously with respect to the TLS handshake. + // + // The same number and types of certificates as :ref:`tls_certificates ` + // are valid in the the certificates fetched through this setting. + // + // If :ref:`tls_certificates ` + // is non-empty, this field is ignored. repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6 - [(validate.rules).repeated = {max_items: 1}]; + [(validate.rules).repeated = {max_items: 2}]; // Certificate provider for fetching TLS certificates. // [#not-implemented-hide:] diff --git a/generated_api_shadow/envoy/extensions/wasm/v3/wasm.proto b/generated_api_shadow/envoy/extensions/wasm/v3/wasm.proto index 58b5c2130f6d..b4566c826ed0 100644 --- a/generated_api_shadow/envoy/extensions/wasm/v3/wasm.proto +++ b/generated_api_shadow/envoy/extensions/wasm/v3/wasm.proto @@ -62,6 +62,11 @@ message VmConfig { // // **envoy.wasm.runtime.v8**: `V8 `_-based WebAssembly runtime. // + // .. _extension_envoy.wasm.runtime.wamr: + // + // **envoy.wasm.runtime.wamr**: `WAMR `_-based WebAssembly runtime. + // This runtime is not enabled in the official build. + // // .. _extension_envoy.wasm.runtime.wavm: // // **envoy.wasm.runtime.wavm**: `WAVM `_-based WebAssembly runtime. @@ -72,6 +77,7 @@ message VmConfig { // **envoy.wasm.runtime.wasmtime**: `Wasmtime `_-based WebAssembly runtime. // This runtime is not enabled in the official build. // + // [#extension-category: envoy.wasm.runtime] string runtime = 2 [(validate.rules).string = {min_len: 1}]; // The Wasm code that Envoy will execute. @@ -81,7 +87,6 @@ message VmConfig { // (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before // passing it to the plugin. `google.protobuf.BytesValue` and // `google.protobuf.StringValue` are passed directly without the wrapper. - // [#extension-category: envoy.wasm.runtime] google.protobuf.Any configuration = 4; // Allow the wasm file to include pre-compiled code on VMs which support it. diff --git a/generated_api_shadow/envoy/service/event_reporting/v3/BUILD b/generated_api_shadow/envoy/service/event_reporting/v3/BUILD index 631c92b0bd6b..7753cfeb3d6e 100644 --- a/generated_api_shadow/envoy/service/event_reporting/v3/BUILD +++ b/generated_api_shadow/envoy/service/event_reporting/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", - "//envoy/service/event_reporting/v2alpha:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", ], ) diff --git a/generated_api_shadow/envoy/service/ratelimit/v3/rls.proto b/generated_api_shadow/envoy/service/ratelimit/v3/rls.proto index 74ddd3305d62..ab8e0ffc0eba 100644 --- a/generated_api_shadow/envoy/service/ratelimit/v3/rls.proto +++ b/generated_api_shadow/envoy/service/ratelimit/v3/rls.proto @@ -7,9 +7,11 @@ import "envoy/extensions/common/ratelimit/v3/ratelimit.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; option java_package = "io.envoyproxy.envoy.service.ratelimit.v3"; option java_outer_classname = "RlsProto"; @@ -101,6 +103,20 @@ message RateLimitResponse { Unit unit = 2; } + // Cacheable quota for responses, see documentation for the :ref:`quota + // ` field. + // [#not-implemented-hide:] + message Quota { + // Number of matching requests granted in quota. Must be 1 or more. + uint32 requests = 1 [(validate.rules).uint32 = {gt: 0}]; + + oneof expiration_specifier { + // Point in time at which the quota expires. + google.protobuf.Timestamp valid_until = 2; + } + } + + // [#next-free-field: 6] message DescriptorStatus { option (udpa.annotations.versioning).previous_message_type = "envoy.service.ratelimit.v2.RateLimitResponse.DescriptorStatus"; @@ -116,6 +132,39 @@ message RateLimitResponse { // Duration until reset of the current limit window. google.protobuf.Duration duration_until_reset = 4; + + // Quota granted for the descriptor. This is a certain number of requests over a period of time. + // The client may cache this result and apply the effective RateLimitResponse to future matching + // requests containing a matching descriptor without querying rate limit service. + // + // Quota is available for a request if its descriptor set has cached quota available for all + // descriptors. + // + // If quota is available, a RLS request will not be made and the quota will be reduced by 1 for + // all matching descriptors. + // + // If there is not sufficient quota, there are three cases: + // 1. A cached entry exists for a RLS descriptor that is out-of-quota, but not expired. + // In this case, the request will be treated as OVER_LIMIT. + // 2. Some RLS descriptors have a cached entry that has valid quota but some RLS descriptors + // have no cached entry. This will trigger a new RLS request. + // When the result is returned, a single unit will be consumed from the quota for all + // matching descriptors. + // If the server did not provide a quota, such as the quota message is empty for some of + // the descriptors, then the request admission is determined by the + // :ref:`overall_code `. + // 3. All RLS descriptors lack a cached entry, this will trigger a new RLS request, + // When the result is returned, a single unit will be consumed from the quota for all + // matching descriptors. + // If the server did not provide a quota, such as the quota message is empty for some of + // the descriptors, then the request admission is determined by the + // :ref:`overall_code `. + // + // When quota expires due to timeout, a new RLS request will also be made. + // The implementation may choose to preemptively query the rate limit server for more quota on or + // before expiration or before the available quota runs out. + // [#not-implemented-hide:] + Quota quota = 5; } // The overall response code which takes into account all of the descriptors that were passed diff --git a/generated_api_shadow/envoy/service/status/v3/csds.proto b/generated_api_shadow/envoy/service/status/v3/csds.proto index 3a1c748fc81b..1d940d6a2dfe 100644 --- a/generated_api_shadow/envoy/service/status/v3/csds.proto +++ b/generated_api_shadow/envoy/service/status/v3/csds.proto @@ -7,6 +7,8 @@ import "envoy/config/core/v3/base.proto"; import "envoy/type/matcher/v3/node.proto"; import "google/api/annotations.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; @@ -124,10 +126,60 @@ message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v2.ClientConfig"; + // GenericXdsConfig is used to specify the config status and the dump + // of any xDS resource identified by their type URL. It is the generalized + // version of the now deprecated ListenersConfigDump, ClustersConfigDump etc + // [#next-free-field: 10] + message GenericXdsConfig { + // Type_url represents the fully qualified name of xDS resource type + // like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. + string type_url = 1; + + // Name of the xDS resource + string name = 2; + + // This is the :ref:`version_info ` + // in the last processed xDS discovery response. If there are only + // static bootstrap listeners, this field will be "" + string version_info = 3; + + // The xDS resource config. Actual content depends on the type + google.protobuf.Any xds_config = 4; + + // Timestamp when the xDS resource was last updated + google.protobuf.Timestamp last_updated = 5; + + // Per xDS resource config status. It is generated by management servers. + // It will not be present if the CSDS server is an xDS client. + ConfigStatus config_status = 6; + + // Per xDS resource status from the view of a xDS client + admin.v3.ClientResourceStatus client_status = 7; + + // Set if the last update failed, cleared after the next successful + // update. The *error_state* field contains the rejected version of + // this particular resource along with the reason and timestamp. For + // successfully updated or acknowledged resource, this field should + // be empty. + // [#not-implemented-hide:] + admin.v3.UpdateFailureState error_state = 8; + + // Is static resource is true if it is specified in the config supplied + // through the file at the startup. + bool is_static_resource = 9; + } + // Node for a particular client. config.core.v3.Node node = 1; - repeated PerXdsConfig xds_config = 2; + // This field is deprecated in favor of generic_xds_configs which is + // much simpler and uniform in structure. + repeated PerXdsConfig xds_config = 2 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // Represents generic xDS config and the exact config structure depends on + // the type URL (like Cluster if it is CDS) + repeated GenericXdsConfig generic_xds_configs = 3; } message ClientStatusResponse { diff --git a/generated_api_shadow/envoy/service/status/v4alpha/csds.proto b/generated_api_shadow/envoy/service/status/v4alpha/csds.proto index 751e06b645ce..8a47045546f7 100644 --- a/generated_api_shadow/envoy/service/status/v4alpha/csds.proto +++ b/generated_api_shadow/envoy/service/status/v4alpha/csds.proto @@ -7,6 +7,8 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/type/matcher/v4alpha/node.proto"; import "google/api/annotations.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; import "envoy/annotations/deprecation.proto"; import "udpa/annotations/status.proto"; @@ -124,10 +126,63 @@ message ClientConfig { option (udpa.annotations.versioning).previous_message_type = "envoy.service.status.v3.ClientConfig"; + // GenericXdsConfig is used to specify the config status and the dump + // of any xDS resource identified by their type URL. It is the generalized + // version of the now deprecated ListenersConfigDump, ClustersConfigDump etc + // [#next-free-field: 10] + message GenericXdsConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.status.v3.ClientConfig.GenericXdsConfig"; + + // Type_url represents the fully qualified name of xDS resource type + // like envoy.v3.Cluster, envoy.v3.ClusterLoadAssignment etc. + string type_url = 1; + + // Name of the xDS resource + string name = 2; + + // This is the :ref:`version_info ` + // in the last processed xDS discovery response. If there are only + // static bootstrap listeners, this field will be "" + string version_info = 3; + + // The xDS resource config. Actual content depends on the type + google.protobuf.Any xds_config = 4; + + // Timestamp when the xDS resource was last updated + google.protobuf.Timestamp last_updated = 5; + + // Per xDS resource config status. It is generated by management servers. + // It will not be present if the CSDS server is an xDS client. + ConfigStatus config_status = 6; + + // Per xDS resource status from the view of a xDS client + admin.v4alpha.ClientResourceStatus client_status = 7; + + // Set if the last update failed, cleared after the next successful + // update. The *error_state* field contains the rejected version of + // this particular resource along with the reason and timestamp. For + // successfully updated or acknowledged resource, this field should + // be empty. + // [#not-implemented-hide:] + admin.v4alpha.UpdateFailureState error_state = 8; + + // Is static resource is true if it is specified in the config supplied + // through the file at the startup. + bool is_static_resource = 9; + } + // Node for a particular client. config.core.v4alpha.Node node = 1; - repeated PerXdsConfig xds_config = 2; + // This field is deprecated in favor of generic_xds_configs which is + // much simpler and uniform in structure. + repeated PerXdsConfig hidden_envoy_deprecated_xds_config = 2 + [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"]; + + // Represents generic xDS config and the exact config structure depends on + // the type URL (like Cluster if it is CDS) + repeated GenericXdsConfig generic_xds_configs = 3; } message ClientStatusResponse { diff --git a/generated_api_shadow/envoy/service/trace/v3/BUILD b/generated_api_shadow/envoy/service/trace/v3/BUILD index 42e86afd09c7..a00d454ff974 100644 --- a/generated_api_shadow/envoy/service/trace/v3/BUILD +++ b/generated_api_shadow/envoy/service/trace/v3/BUILD @@ -8,7 +8,6 @@ api_proto_package( has_services = True, deps = [ "//envoy/config/core/v3:pkg", - "//envoy/service/trace/v2:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@opencensus_proto//opencensus/proto/trace/v1:trace_proto", ], diff --git a/security/email-templates.md b/security/email-templates.md index 3e6c17897866..550fa02955b5 100644 --- a/security/email-templates.md +++ b/security/email-templates.md @@ -206,3 +206,32 @@ Thanks, $PERSON (on behalf of the Envoy security team and maintainers) ``` + +## Security Advisory (for feature accidentally marked as production) +``` +Subject: Security advisory +To: envoy-security-announce@googlegroups.com +Cc: envoy-announce@googlegroups.com, envoy-security@googlegroups.com, envoy-maintainers@googlegroups.com + +Hello Envoy Community, + +The Envoy securitty team would like to announce a security advisory for a feature introduced in +$ENVOYRELEASE. As this is a security advisory for a feature not considered production ready that may +have been labeled as such, no fix is provided and the advice is to not make use of this feature in +a production capacity until future hardening has been done. + +$DEFECTSSUMMARY + + + +The CVSS score for this is [$CVSSSTRING]($CVSSURL). + +**Thank you** + +Thank you to $REPORTER, $DEVELOPERS for the coordination in making this release. + +Thanks, + +$PERSON (on behalf of the Envoy security team and maintainers) +``` diff --git a/source/common/access_log/BUILD b/source/common/access_log/BUILD index 00bfcb101f79..0ba22ffe9a4d 100644 --- a/source/common/access_log/BUILD +++ b/source/common/access_log/BUILD @@ -16,13 +16,13 @@ envoy_cc_library( "abseil_hash", ], deps = [ - "//include/envoy/access_log:access_log_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:access_log_config_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/access_log:access_log_interface", + "//envoy/config:typed_config_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/http:header_map_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:access_log_config_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", @@ -43,8 +43,8 @@ envoy_cc_library( srcs = ["access_log_manager_impl.cc"], hdrs = ["access_log_manager_impl.h"], deps = [ - "//include/envoy/access_log:access_log_interface", - "//include/envoy/api:api_interface", + "//envoy/access_log:access_log_interface", + "//envoy/api:api_interface", "//source/common/buffer:buffer_lib", "//source/common/common:logger_lib", "//source/common/common:thread_lib", diff --git a/source/common/access_log/access_log_impl.cc b/source/common/access_log/access_log_impl.cc index 6eeeeafb9f11..6e8b0542d493 100644 --- a/source/common/access_log/access_log_impl.cc +++ b/source/common/access_log/access_log_impl.cc @@ -1,4 +1,4 @@ -#include "common/access_log/access_log_impl.h" +#include "source/common/access_log/access_log_impl.h" #include #include @@ -11,17 +11,17 @@ #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/config/metadata.h" -#include "common/config/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/utility.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/config/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/utility.h" +#include "source/common/tracing/http_tracer_impl.h" #include "absl/types/optional.h" diff --git a/source/common/access_log/access_log_impl.h b/source/common/access_log/access_log_impl.h index 6993012a356d..1a524bd2c1b2 100644 --- a/source/common/access_log/access_log_impl.h +++ b/source/common/access_log/access_log_impl.h @@ -12,10 +12,10 @@ #include "envoy/server/access_log_config.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/matchers.h" -#include "common/grpc/status.h" -#include "common/http/header_utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/matchers.h" +#include "source/common/grpc/status.h" +#include "source/common/http/header_utility.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/node_hash_set.h" #include "absl/hash/hash.h" diff --git a/source/common/access_log/access_log_manager_impl.cc b/source/common/access_log/access_log_manager_impl.cc index 14bcb798b06d..9c5f83a189e7 100644 --- a/source/common/access_log/access_log_manager_impl.cc +++ b/source/common/access_log/access_log_manager_impl.cc @@ -1,12 +1,12 @@ -#include "common/access_log/access_log_manager_impl.h" +#include "source/common/access_log/access_log_manager_impl.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/lock_guard.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/lock_guard.h" #include "absl/container/fixed_array.h" diff --git a/source/common/access_log/access_log_manager_impl.h b/source/common/access_log/access_log_manager_impl.h index 6a94ccedf275..23651b874e1c 100644 --- a/source/common/access_log/access_log_manager_impl.h +++ b/source/common/access_log/access_log_manager_impl.h @@ -9,9 +9,9 @@ #include "envoy/stats/stats_macros.h" #include "envoy/stats/store.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/common/thread.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/api/BUILD b/source/common/api/BUILD index 7e7264f8f0ff..60412c451343 100644 --- a/source/common/api/BUILD +++ b/source/common/api/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["api_impl.cc"], hdrs = ["api_impl.h"], deps = [ - "//include/envoy/api:api_interface", + "//envoy/api:api_interface", "//source/common/common:thread_lib", "//source/common/event:dispatcher_lib", "//source/common/network:socket_lib", @@ -39,12 +39,13 @@ envoy_cc_library( "//bazel:windows_x86_64": ["win32/os_sys_calls_impl.h"], "//conditions:default": ["posix/os_sys_calls_impl.h"], }) + envoy_select_hot_restart(["posix/os_sys_calls_impl_hot_restart.h"]), + include_prefix = "source/common/api", strip_include_prefix = select({ "//bazel:windows_x86_64": "win32", "//conditions:default": "posix", }), deps = [ - "//include/envoy/api:os_sys_calls_interface", + "//envoy/api:os_sys_calls_interface", "//source/common/singleton:threadsafe_singleton", ], ) diff --git a/source/common/api/api_impl.cc b/source/common/api/api_impl.cc index f91e5c6a1c6f..73de8f4a320c 100644 --- a/source/common/api/api_impl.cc +++ b/source/common/api/api_impl.cc @@ -1,10 +1,10 @@ -#include "common/api/api_impl.h" +#include "source/common/api/api_impl.h" #include #include -#include "common/common/thread.h" -#include "common/event/dispatcher_impl.h" +#include "source/common/common/thread.h" +#include "source/common/event/dispatcher_impl.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl.cc b/source/common/api/posix/os_sys_calls_impl.cc index 9428dc7c5e6f..ad2a36dd2af1 100644 --- a/source/common/api/posix/os_sys_calls_impl.cc +++ b/source/common/api/posix/os_sys_calls_impl.cc @@ -5,7 +5,7 @@ #include #include -#include "common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl.h b/source/common/api/posix/os_sys_calls_impl.h index bb23b16aad92..77ccb0da2b08 100644 --- a/source/common/api/posix/os_sys_calls_impl.h +++ b/source/common/api/posix/os_sys_calls_impl.h @@ -4,7 +4,7 @@ #include "envoy/api/os_sys_calls.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl_hot_restart.cc b/source/common/api/posix/os_sys_calls_impl_hot_restart.cc index 7f9d6e0ffd28..813ffe1b30b9 100644 --- a/source/common/api/posix/os_sys_calls_impl_hot_restart.cc +++ b/source/common/api/posix/os_sys_calls_impl_hot_restart.cc @@ -1,6 +1,6 @@ #include -#include "common/api/os_sys_calls_impl_hot_restart.h" +#include "source/common/api/os_sys_calls_impl_hot_restart.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl_hot_restart.h b/source/common/api/posix/os_sys_calls_impl_hot_restart.h index 59ce2cb6bed9..146b421dac91 100644 --- a/source/common/api/posix/os_sys_calls_impl_hot_restart.h +++ b/source/common/api/posix/os_sys_calls_impl_hot_restart.h @@ -2,7 +2,7 @@ #include "envoy/api/os_sys_calls_hot_restart.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl_linux.cc b/source/common/api/posix/os_sys_calls_impl_linux.cc index 1eece81f7822..2971191ac88f 100644 --- a/source/common/api/posix/os_sys_calls_impl_linux.cc +++ b/source/common/api/posix/os_sys_calls_impl_linux.cc @@ -6,7 +6,7 @@ #include -#include "common/api/os_sys_calls_impl_linux.h" +#include "source/common/api/os_sys_calls_impl_linux.h" namespace Envoy { namespace Api { diff --git a/source/common/api/posix/os_sys_calls_impl_linux.h b/source/common/api/posix/os_sys_calls_impl_linux.h index 7a250943c7ac..eaa72435c164 100644 --- a/source/common/api/posix/os_sys_calls_impl_linux.h +++ b/source/common/api/posix/os_sys_calls_impl_linux.h @@ -6,7 +6,7 @@ #include "envoy/api/os_sys_calls_linux.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { diff --git a/source/common/api/win32/os_sys_calls_impl.cc b/source/common/api/win32/os_sys_calls_impl.cc index 717c3a1965d8..d534e5e07cd0 100644 --- a/source/common/api/win32/os_sys_calls_impl.cc +++ b/source/common/api/win32/os_sys_calls_impl.cc @@ -6,7 +6,7 @@ #include #include -#include "common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl.h" #define DWORD_MAX UINT32_MAX diff --git a/source/common/api/win32/os_sys_calls_impl.h b/source/common/api/win32/os_sys_calls_impl.h index 89e75f40a29c..4dc62e0770d2 100644 --- a/source/common/api/win32/os_sys_calls_impl.h +++ b/source/common/api/win32/os_sys_calls_impl.h @@ -4,7 +4,7 @@ #include "envoy/api/os_sys_calls.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Api { diff --git a/source/common/buffer/BUILD b/source/common/buffer/BUILD index 171aa8a08987..832d72c91312 100644 --- a/source/common/buffer/BUILD +++ b/source/common/buffer/BUILD @@ -24,7 +24,7 @@ envoy_cc_library( srcs = ["buffer_impl.cc"], hdrs = ["buffer_impl.h"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:non_copyable", "//source/common/common:utility_lib", "//source/common/event:libevent_lib", diff --git a/source/common/buffer/buffer_impl.cc b/source/common/buffer/buffer_impl.cc index 6d2241171a13..85a7bd34f658 100644 --- a/source/common/buffer/buffer_impl.cc +++ b/source/common/buffer/buffer_impl.cc @@ -1,10 +1,10 @@ -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/fixed_array.h" #include "event2/buffer.h" @@ -43,11 +43,11 @@ void OwnedImpl::addDrainTracker(std::function drain_tracker) { void OwnedImpl::bindAccount(BufferMemoryAccountSharedPtr account) { ASSERT(slices_.empty()); - // We don't yet have an account bound. - ASSERT(!account_); account_ = std::move(account); } +BufferMemoryAccountSharedPtr OwnedImpl::getAccountForTest() { return account_; } + void OwnedImpl::add(const void* data, uint64_t size) { addImpl(data, size); } void OwnedImpl::addBufferFragment(BufferFragment& fragment) { diff --git a/source/common/buffer/buffer_impl.h b/source/common/buffer/buffer_impl.h index a794b0e02051..8f7977f9c269 100644 --- a/source/common/buffer/buffer_impl.h +++ b/source/common/buffer/buffer_impl.h @@ -8,10 +8,10 @@ #include "envoy/buffer/buffer.h" -#include "common/common/assert.h" -#include "common/common/non_copyable.h" -#include "common/common/utility.h" -#include "common/event/libevent.h" +#include "source/common/common/assert.h" +#include "source/common/common/non_copyable.h" +#include "source/common/common/utility.h" +#include "source/common/event/libevent.h" namespace Envoy { namespace Buffer { @@ -710,6 +710,11 @@ class OwnedImpl : public LibEventInstance { */ virtual void appendSliceForTest(absl::string_view data); + /** + * @return the BufferMemoryAccount bound to this buffer, if any. + */ + BufferMemoryAccountSharedPtr getAccountForTest(); + // Does not implement watermarking. // TODO(antoniovicente) Implement watermarks by merging the OwnedImpl and WatermarkBuffer // implementations. Also, make high-watermark config a constructor argument. diff --git a/source/common/buffer/watermark_buffer.cc b/source/common/buffer/watermark_buffer.cc index eefa6022c8ef..781321f99dc4 100644 --- a/source/common/buffer/watermark_buffer.cc +++ b/source/common/buffer/watermark_buffer.cc @@ -1,7 +1,7 @@ -#include "common/buffer/watermark_buffer.h" +#include "source/common/buffer/watermark_buffer.h" -#include "common/common/assert.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Buffer { diff --git a/source/common/buffer/watermark_buffer.h b/source/common/buffer/watermark_buffer.h index 68d260b15532..3a432c76481c 100644 --- a/source/common/buffer/watermark_buffer.h +++ b/source/common/buffer/watermark_buffer.h @@ -3,7 +3,7 @@ #include #include -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Buffer { @@ -47,7 +47,7 @@ class WatermarkBuffer : public OwnedImpl { protected: virtual void checkHighAndOverflowWatermarks(); - void checkLowWatermark(); + virtual void checkLowWatermark(); private: void commit(uint64_t length, absl::Span slices, diff --git a/source/common/buffer/zero_copy_input_stream_impl.cc b/source/common/buffer/zero_copy_input_stream_impl.cc index bfd0e4794c0a..83bccc807c04 100644 --- a/source/common/buffer/zero_copy_input_stream_impl.cc +++ b/source/common/buffer/zero_copy_input_stream_impl.cc @@ -1,7 +1,7 @@ -#include "common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Buffer { diff --git a/source/common/buffer/zero_copy_input_stream_impl.h b/source/common/buffer/zero_copy_input_stream_impl.h index 23304d06e34f..07d4a3f3afb1 100644 --- a/source/common/buffer/zero_copy_input_stream_impl.h +++ b/source/common/buffer/zero_copy_input_stream_impl.h @@ -5,7 +5,7 @@ #include "envoy/buffer/buffer.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { diff --git a/source/common/chromium_url/envoy_shim.h b/source/common/chromium_url/envoy_shim.h index 2b7443926c1f..c581e21d45bf 100644 --- a/source/common/chromium_url/envoy_shim.h +++ b/source/common/chromium_url/envoy_shim.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/assert.h" +#include "source/common/common/assert.h" // This is a minimal Envoy adaptation layer for the Chromium URL library. // NOLINT(namespace-envoy) diff --git a/source/common/chromium_url/url_canon.cc b/source/common/chromium_url/url_canon.cc index b9ad1b829726..79b36e986ca5 100644 --- a/source/common/chromium_url/url_canon.cc +++ b/source/common/chromium_url/url_canon.cc @@ -5,9 +5,9 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "common/chromium_url/url_canon.h" +#include "source/common/chromium_url/url_canon.h" -#include "common/chromium_url/envoy_shim.h" +#include "source/common/chromium_url/envoy_shim.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon.h b/source/common/chromium_url/url_canon.h index a5d0939cb761..d56346d5ee16 100644 --- a/source/common/chromium_url/url_canon.h +++ b/source/common/chromium_url/url_canon.h @@ -11,9 +11,9 @@ #include #include -#include "common/chromium_url/envoy_shim.h" -#include "common/chromium_url/url_parse.h" -#include "common/common/mem_block_builder.h" +#include "source/common/chromium_url/envoy_shim.h" +#include "source/common/chromium_url/url_parse.h" +#include "source/common/common/mem_block_builder.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon_internal.cc b/source/common/chromium_url/url_canon_internal.cc index 38c932cad5b4..ee29b04ef162 100644 --- a/source/common/chromium_url/url_canon_internal.cc +++ b/source/common/chromium_url/url_canon_internal.cc @@ -5,7 +5,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "common/chromium_url/url_canon_internal.h" +#include "source/common/chromium_url/url_canon_internal.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon_internal.h b/source/common/chromium_url/url_canon_internal.h index 8c405b49814a..84c761a6a068 100644 --- a/source/common/chromium_url/url_canon_internal.h +++ b/source/common/chromium_url/url_canon_internal.h @@ -16,8 +16,8 @@ #include #include -#include "common/chromium_url/envoy_shim.h" -#include "common/chromium_url/url_canon.h" +#include "source/common/chromium_url/envoy_shim.h" +#include "source/common/chromium_url/url_canon.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon_path.cc b/source/common/chromium_url/url_canon_path.cc index 22587c0ab8a1..17eec73510db 100644 --- a/source/common/chromium_url/url_canon_path.cc +++ b/source/common/chromium_url/url_canon_path.cc @@ -7,9 +7,9 @@ #include -#include "common/chromium_url/url_canon.h" -#include "common/chromium_url/url_canon_internal.h" -#include "common/chromium_url/url_parse_internal.h" +#include "source/common/chromium_url/url_canon.h" +#include "source/common/chromium_url/url_canon_internal.h" +#include "source/common/chromium_url/url_parse_internal.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon_stdstring.cc b/source/common/chromium_url/url_canon_stdstring.cc index 0c61831e5f1a..0d62cf576424 100644 --- a/source/common/chromium_url/url_canon_stdstring.cc +++ b/source/common/chromium_url/url_canon_stdstring.cc @@ -5,7 +5,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "common/chromium_url/url_canon_stdstring.h" +#include "source/common/chromium_url/url_canon_stdstring.h" namespace chromium_url { diff --git a/source/common/chromium_url/url_canon_stdstring.h b/source/common/chromium_url/url_canon_stdstring.h index e14d6c22e74e..6292c4e61dae 100644 --- a/source/common/chromium_url/url_canon_stdstring.h +++ b/source/common/chromium_url/url_canon_stdstring.h @@ -14,8 +14,8 @@ #include -#include "common/chromium_url/envoy_shim.h" -#include "common/chromium_url/url_canon.h" +#include "source/common/chromium_url/envoy_shim.h" +#include "source/common/chromium_url/url_canon.h" #define DISALLOW_COPY_AND_ASSIGN(TypeName) \ TypeName(const TypeName&) = delete; \ diff --git a/source/common/common/BUILD b/source/common/common/BUILD index 664e2564e3fa..6fd4fd29cce6 100644 --- a/source/common/common/BUILD +++ b/source/common/common/BUILD @@ -5,8 +5,8 @@ load( "envoy_cc_platform_dep", "envoy_cc_posix_library", "envoy_cc_win32_library", - "envoy_include_prefix", "envoy_package", + "envoy_pch_library", ) licenses(["notice"]) # Apache 2 @@ -44,8 +44,8 @@ envoy_cc_library( hdrs = ["backoff_strategy.h"], deps = [ ":assert_lib", - "//include/envoy/common:backoff_strategy_interface", - "//include/envoy/common:random_generator_interface", + "//envoy/common:backoff_strategy_interface", + "//envoy/common:random_generator_interface", ], ) @@ -56,7 +56,7 @@ envoy_cc_library( deps = [ ":assert_lib", ":empty_string", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) @@ -111,8 +111,7 @@ envoy_basic_cc_library( "abseil_strings", "fmtlib", ], - include_prefix = envoy_include_prefix(package_name()), - deps = ["//include/envoy/common:base_includes"], + deps = ["//envoy/common:base_includes"], ) envoy_cc_library( @@ -189,6 +188,7 @@ envoy_cc_library( envoy_cc_library( name = "logger_impl_lib_standard", hdrs = ["standard/logger_impl.h"], + include_prefix = "source/common/common", strip_include_prefix = "standard", deps = [":base_logger_lib"], ) @@ -203,6 +203,7 @@ envoy_cc_library( "//bazel:android_logger": ["android/logger_impl.h"], "//conditions:default": [], }), + include_prefix = "source/common/common", strip_include_prefix = "android", deps = [":base_logger_lib"], ) @@ -227,7 +228,7 @@ envoy_cc_library( external_deps = ["abseil_synchronization"], deps = [ ":assert_lib", - "//include/envoy/common:mutex_tracer", + "//envoy/common:mutex_tracer", ], ) @@ -241,7 +242,7 @@ envoy_cc_library( ":dump_state_utils", ":macros", ":minimal_logger_lib", - "//include/envoy/access_log:access_log_interface", + "//envoy/access_log:access_log_interface", ], ) @@ -249,8 +250,8 @@ envoy_cc_library( name = "basic_resource_lib", hdrs = ["basic_resource_impl.h"], deps = [ - "//include/envoy/common:resource_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/common:resource_interface", + "//envoy/runtime:runtime_interface", ], ) @@ -266,7 +267,7 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":utility_lib", - "//include/envoy/common:matchers_interface", + "//envoy/common:matchers_interface", "//source/common/common:regex_lib", "//source/common/config:metadata_lib", "//source/common/http:path_utility_lib", @@ -287,7 +288,7 @@ envoy_cc_library( external_deps = ["ssl"], deps = [ ":assert_lib", - "//include/envoy/common:random_generator_interface", + "//envoy/common:random_generator_interface", ], ) @@ -297,7 +298,7 @@ envoy_cc_library( hdrs = ["regex.h"], deps = [ ":assert_lib", - "//include/envoy/common:regex_interface", + "//envoy/common:regex_interface", "//source/common/protobuf:utility_lib", "//source/common/stats:symbol_table_lib", "@com_googlesource_code_re2//:re2", @@ -319,8 +320,8 @@ envoy_cc_library( name = "scope_tracker", hdrs = ["scope_tracker.h"], deps = [ - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/event:dispatcher_interface", ], ) @@ -328,7 +329,7 @@ envoy_cc_library( name = "scope_tracked_object_stack", hdrs = ["scope_tracked_object_stack.h"], deps = [ - "//include/envoy/common:scope_tracker_interface", + "//envoy/common:scope_tracker_interface", ], ) @@ -368,10 +369,11 @@ envoy_cc_posix_library( name = "thread_impl_lib", srcs = ["posix/thread_impl.cc"], hdrs = ["posix/thread_impl.h"], + include_prefix = "source/common/common", strip_include_prefix = "posix", deps = [ ":assert_lib", - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", ], ) @@ -379,10 +381,11 @@ envoy_cc_win32_library( name = "thread_impl_lib", srcs = ["win32/thread_impl.cc"], hdrs = ["win32/thread_impl.h"], + include_prefix = "source/common/common", strip_include_prefix = "win32", deps = [ ":assert_lib", - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", ], ) @@ -391,7 +394,7 @@ envoy_cc_library( hdrs = ["lock_guard.h"], deps = [ ":thread_annotations", - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", ], ) @@ -404,8 +407,8 @@ envoy_cc_library( ":assert_lib", ":hash_lib", ":non_copyable", - "//include/envoy/common:interval_set_interface", - "//include/envoy/common:time_interface", + "//envoy/common:interval_set_interface", + "//envoy/common:time_interface", "//source/common/singleton:const_singleton", ], ) @@ -415,7 +418,7 @@ envoy_cc_library( hdrs = ["callback_impl.h"], deps = [ ":assert_lib", - "//include/envoy/common:callback", + "//envoy/common:callback", ], ) @@ -441,8 +444,8 @@ envoy_cc_library( srcs = ["token_bucket_impl.cc"], hdrs = ["token_bucket_impl.h"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/common:token_bucket_interface", + "//envoy/common:time_interface", + "//envoy/common:token_bucket_interface", "//source/common/common:utility_lib", ], ) @@ -452,7 +455,7 @@ envoy_cc_library( srcs = ["shared_token_bucket_impl.cc"], hdrs = ["shared_token_bucket_impl.h"], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/common:thread_lib", "//source/common/common:thread_synchronizer_lib", "//source/common/common:token_bucket_impl_lib", @@ -467,3 +470,30 @@ envoy_cc_library( "@com_google_absl//absl/status:statusor", ], ) + +envoy_pch_library( + name = "common_pch", + external_deps = [ + "spdlog", + ], + includes = [ + "envoy/config/bootstrap/v3/bootstrap.pb.h", + "envoy/config/cluster/v3/cluster.pb.h", + "envoy/config/core/v3/base.pb.h", + "envoy/config/core/v3/config_source.pb.h", + "envoy/config/route/v3/route_components.pb.h", + "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h", + "envoy/service/discovery/v3/discovery.pb.h", + "spdlog/sinks/android_sink.h", + "spdlog/spdlog.h", + ], + visibility = ["//visibility:public"], + deps = [ + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", + "@envoy_api//envoy/config/route/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", + ], +) diff --git a/source/common/common/android/logger_impl.cc b/source/common/common/android/logger_impl.cc index 90af89767d04..4a566863eeea 100644 --- a/source/common/common/android/logger_impl.cc +++ b/source/common/common/android/logger_impl.cc @@ -1,4 +1,4 @@ -#include "common/common/logger_impl.h" +#include "source/common/common/logger_impl.h" #include "spdlog/sinks/android_sink.h" diff --git a/source/common/common/android/logger_impl.h b/source/common/common/android/logger_impl.h index 11bb1a7a4838..4e75598dcf8e 100644 --- a/source/common/common/android/logger_impl.h +++ b/source/common/common/android/logger_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/base_logger.h" +#include "source/common/common/base_logger.h" namespace Envoy { namespace Logger { diff --git a/source/common/common/assert.cc b/source/common/common/assert.cc index ae26004b6427..9f79edc0bd65 100644 --- a/source/common/common/assert.cc +++ b/source/common/common/assert.cc @@ -1,4 +1,4 @@ -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/str_join.h" diff --git a/source/common/common/assert.h b/source/common/common/assert.h index 2580910700ae..2e184bbe1316 100644 --- a/source/common/common/assert.h +++ b/source/common/common/assert.h @@ -2,7 +2,7 @@ #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Assert { diff --git a/source/common/common/backoff_strategy.cc b/source/common/common/backoff_strategy.cc index 8e007a6554ab..46a298d11903 100644 --- a/source/common/common/backoff_strategy.cc +++ b/source/common/common/backoff_strategy.cc @@ -1,4 +1,4 @@ -#include "common/common/backoff_strategy.h" +#include "source/common/common/backoff_strategy.h" namespace Envoy { diff --git a/source/common/common/backoff_strategy.h b/source/common/common/backoff_strategy.h index 2247d5dde730..cb47e9c6279b 100644 --- a/source/common/common/backoff_strategy.h +++ b/source/common/common/backoff_strategy.h @@ -6,7 +6,7 @@ #include "envoy/common/backoff_strategy.h" #include "envoy/common/random_generator.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { diff --git a/source/common/common/base64.cc b/source/common/common/base64.cc index ea215b85b9ee..8d0f02e090c4 100644 --- a/source/common/common/base64.cc +++ b/source/common/common/base64.cc @@ -1,10 +1,10 @@ -#include "common/common/base64.h" +#include "source/common/common/base64.h" #include #include -#include "common/common/assert.h" -#include "common/common/empty_string.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" #include "absl/container/fixed_array.h" @@ -234,13 +234,6 @@ std::string Base64::encode(const char* input, uint64_t length, bool add_padding) return ret; } -void Base64::completePadding(std::string& encoded) { - if (encoded.length() % 4 != 0) { - std::string trailing_padding(4 - encoded.length() % 4, '='); - encoded.append(trailing_padding); - } -} - std::string Base64Url::decode(const std::string& input) { if (input.empty()) { return EMPTY_STRING; diff --git a/source/common/common/base64.h b/source/common/common/base64.h index a69ffbf910a3..13beff40b64a 100644 --- a/source/common/common/base64.h +++ b/source/common/common/base64.h @@ -54,12 +54,6 @@ class Base64 { * bytes. */ static std::string decodeWithoutPadding(absl::string_view input); - - /** - * Add the padding in the base64 encoded binary if the padding is missing. - * @param encoded is the target to complete the padding. - */ - static void completePadding(std::string& encoded); }; /** diff --git a/source/common/common/base_logger.cc b/source/common/common/base_logger.cc index 2491ab389dc3..f42eeafdb442 100644 --- a/source/common/common/base_logger.cc +++ b/source/common/common/base_logger.cc @@ -1,4 +1,4 @@ -#include "common/common/base_logger.h" +#include "source/common/common/base_logger.h" namespace Envoy { namespace Logger { diff --git a/source/common/common/basic_resource_impl.h b/source/common/common/basic_resource_impl.h index 820412e04a88..8fedbb4ad801 100644 --- a/source/common/common/basic_resource_impl.h +++ b/source/common/common/basic_resource_impl.h @@ -5,7 +5,7 @@ #include "envoy/common/resource.h" #include "envoy/runtime/runtime.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/types/optional.h" diff --git a/source/common/common/callback_impl.h b/source/common/common/callback_impl.h index 0e8d0bd017f2..367aa05591ec 100644 --- a/source/common/common/callback_impl.h +++ b/source/common/common/callback_impl.h @@ -5,7 +5,7 @@ #include "envoy/common/callback.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Common { diff --git a/source/common/common/cleanup.h b/source/common/common/cleanup.h index abcf23f6a7b7..7f18c9854c21 100644 --- a/source/common/common/cleanup.h +++ b/source/common/common/cleanup.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { diff --git a/source/common/common/containers.h b/source/common/common/containers.h index ac96e6949dfb..a2f4090b418c 100644 --- a/source/common/common/containers.h +++ b/source/common/common/containers.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/cleanup.h" +#include "source/common/common/cleanup.h" namespace Envoy { namespace Common { diff --git a/source/common/common/debug_recursion_checker.h b/source/common/common/debug_recursion_checker.h index e2ab275ca219..437029db4415 100644 --- a/source/common/common/debug_recursion_checker.h +++ b/source/common/common/debug_recursion_checker.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Common { diff --git a/source/common/common/fancy_logger.cc b/source/common/common/fancy_logger.cc index 3c28414cbf40..4c5686ec9a27 100644 --- a/source/common/common/fancy_logger.cc +++ b/source/common/common/fancy_logger.cc @@ -1,9 +1,9 @@ -#include "common/common/fancy_logger.h" +#include "source/common/common/fancy_logger.h" #include #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" using spdlog::level::level_enum; diff --git a/source/common/common/fancy_logger.h b/source/common/common/fancy_logger.h index bd3e37d2dbd4..da149d9cdfbf 100644 --- a/source/common/common/fancy_logger.h +++ b/source/common/common/fancy_logger.h @@ -2,7 +2,7 @@ #include -#include "common/common/macros.h" +#include "source/common/common/macros.h" #include "absl/container/flat_hash_map.h" #include "absl/synchronization/mutex.h" diff --git a/source/common/common/hash.cc b/source/common/common/hash.cc index 984f040fa3da..4db50b44e3d2 100644 --- a/source/common/common/hash.cc +++ b/source/common/common/hash.cc @@ -1,4 +1,4 @@ -#include "common/common/hash.h" +#include "source/common/common/hash.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/hash.h b/source/common/common/hash.h index de37144ab5d8..2c9fb22e777c 100644 --- a/source/common/common/hash.h +++ b/source/common/common/hash.h @@ -2,8 +2,8 @@ #include -#include "common/common/macros.h" -#include "common/common/safe_memcpy.h" +#include "source/common/common/macros.h" +#include "source/common/common/safe_memcpy.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/common/hex.cc b/source/common/common/hex.cc index 7c0b7f8c2e13..83d6788b50fb 100644 --- a/source/common/common/hex.cc +++ b/source/common/common/hex.cc @@ -1,4 +1,4 @@ -#include "common/common/hex.h" +#include "source/common/common/hex.h" #include #include @@ -7,8 +7,8 @@ #include "envoy/common/exception.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" namespace Envoy { std::string Hex::encode(const uint8_t* data, size_t length) { diff --git a/source/common/common/json_escape_string.h b/source/common/common/json_escape_string.h index 94e93bfce255..679f0ef1da4c 100644 --- a/source/common/common/json_escape_string.h +++ b/source/common/common/json_escape_string.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/macros.h" +#include "source/common/common/macros.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/linked_object.h b/source/common/common/linked_object.h index 9c65e085b76f..bad90149d72d 100644 --- a/source/common/common/linked_object.h +++ b/source/common/common/linked_object.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { diff --git a/source/common/common/logger.cc b/source/common/common/logger.cc index cca504814e42..fa62bc23f2de 100644 --- a/source/common/common/logger.cc +++ b/source/common/common/logger.cc @@ -1,4 +1,4 @@ -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include // use direct system-assert to avoid cyclic dependency. #include @@ -6,8 +6,8 @@ #include #include -#include "common/common/json_escape_string.h" -#include "common/common/lock_guard.h" +#include "source/common/common/json_escape_string.h" +#include "source/common/common/lock_guard.h" #include "absl/strings/ascii.h" #include "absl/strings/escaping.h" diff --git a/source/common/common/logger.h b/source/common/common/logger.h index 4db2216c43b3..03edb6b56930 100644 --- a/source/common/common/logger.h +++ b/source/common/common/logger.h @@ -9,12 +9,12 @@ #include "envoy/thread/thread.h" -#include "common/common/base_logger.h" -#include "common/common/fancy_logger.h" -#include "common/common/fmt.h" -#include "common/common/logger_impl.h" -#include "common/common/macros.h" -#include "common/common/non_copyable.h" +#include "source/common/common/base_logger.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger_impl.h" +#include "source/common/common/macros.h" +#include "source/common/common/non_copyable.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/logger_delegates.cc b/source/common/common/logger_delegates.cc index df6bc446c83e..8f008b296fb7 100644 --- a/source/common/common/logger_delegates.cc +++ b/source/common/common/logger_delegates.cc @@ -1,4 +1,4 @@ -#include "common/common/logger_delegates.h" +#include "source/common/common/logger_delegates.h" #include // use direct system-assert to avoid cyclic dependency. #include diff --git a/source/common/common/logger_delegates.h b/source/common/common/logger_delegates.h index f6058fcd507f..f9e1d7da69cc 100644 --- a/source/common/common/logger_delegates.h +++ b/source/common/common/logger_delegates.h @@ -6,8 +6,8 @@ #include "envoy/access_log/access_log.h" -#include "common/common/logger.h" -#include "common/common/macros.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/matchers.cc b/source/common/common/matchers.cc index 11c3099d674e..b1970aead08c 100644 --- a/source/common/common/matchers.cc +++ b/source/common/common/matchers.cc @@ -1,4 +1,4 @@ -#include "common/common/matchers.h" +#include "source/common/common/matchers.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/matcher/v3/metadata.pb.h" @@ -6,10 +6,10 @@ #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" -#include "common/common/macros.h" -#include "common/common/regex.h" -#include "common/config/metadata.h" -#include "common/http/path_utility.h" +#include "source/common/common/macros.h" +#include "source/common/common/regex.h" +#include "source/common/config/metadata.h" +#include "source/common/http/path_utility.h" #include "absl/strings/match.h" @@ -66,14 +66,7 @@ bool DoubleMatcher::match(const ProtobufWkt::Value& value) const { StringMatcherImpl::StringMatcherImpl(const envoy::type::matcher::v3::StringMatcher& matcher) : matcher_(matcher) { if (matcher.match_pattern_case() == - envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kHiddenEnvoyDeprecatedRegex) { - if (matcher.ignore_case()) { - throw EnvoyException("ignore_case has no effect for regex."); - } - regex_ = - Regex::Utility::parseStdRegexAsCompiledMatcher(matcher_.hidden_envoy_deprecated_regex()); - } else if (matcher.match_pattern_case() == - envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSafeRegex) { + envoy::type::matcher::v3::StringMatcher::MatchPatternCase::kSafeRegex) { if (matcher.ignore_case()) { throw EnvoyException("ignore_case has no effect for safe_regex."); } @@ -164,6 +157,13 @@ PathMatcherConstSharedPtr PathMatcher::createPrefix(const std::string& prefix, b return std::make_shared(matcher); } +PathMatcherConstSharedPtr +PathMatcher::createSafeRegex(const envoy::type::matcher::v3::RegexMatcher& regex_matcher) { + envoy::type::matcher::v3::StringMatcher matcher; + matcher.mutable_safe_regex()->MergeFrom(regex_matcher); + return std::make_shared(matcher); +} + bool MetadataMatcher::match(const envoy::config::core::v3::Metadata& metadata) const { const auto& value = Envoy::Config::Metadata::metadataValue(&metadata, matcher_.filter(), path_); return value_matcher_ && value_matcher_->match(value); diff --git a/source/common/common/matchers.h b/source/common/common/matchers.h index f325653824e2..396203ce5b50 100644 --- a/source/common/common/matchers.h +++ b/source/common/common/matchers.h @@ -11,8 +11,8 @@ #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" -#include "common/common/utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/utility.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Matchers { @@ -128,6 +128,8 @@ class PathMatcher : public StringMatcher { static PathMatcherConstSharedPtr createExact(const std::string& exact, bool ignore_case); static PathMatcherConstSharedPtr createPrefix(const std::string& prefix, bool ignore_case); + static PathMatcherConstSharedPtr + createSafeRegex(const envoy::type::matcher::v3::RegexMatcher& regex_matcher); bool match(const absl::string_view path) const override; diff --git a/source/common/common/mem_block_builder.h b/source/common/common/mem_block_builder.h index ce2323c44fa8..a391db7cd5c9 100644 --- a/source/common/common/mem_block_builder.h +++ b/source/common/common/mem_block_builder.h @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/types/span.h" diff --git a/source/common/common/mutex_tracer_impl.cc b/source/common/common/mutex_tracer_impl.cc index 3f7c3aa855f2..2683ed61c803 100644 --- a/source/common/common/mutex_tracer_impl.cc +++ b/source/common/common/mutex_tracer_impl.cc @@ -1,9 +1,9 @@ -#include "common/common/mutex_tracer_impl.h" +#include "source/common/common/mutex_tracer_impl.h" #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/synchronization/mutex.h" diff --git a/source/common/common/mutex_tracer_impl.h b/source/common/common/mutex_tracer_impl.h index f9fa99e11946..d5368f3c83e9 100644 --- a/source/common/common/mutex_tracer_impl.h +++ b/source/common/common/mutex_tracer_impl.h @@ -6,7 +6,7 @@ #include "envoy/common/mutex_tracer.h" -#include "common/common/thread_annotations.h" +#include "source/common/common/thread_annotations.h" namespace Envoy { diff --git a/source/common/common/perf_annotation.cc b/source/common/common/perf_annotation.cc index daa39ff0ca31..f5170e5b4d0c 100644 --- a/source/common/common/perf_annotation.cc +++ b/source/common/common/perf_annotation.cc @@ -2,7 +2,7 @@ #define ENVOY_PERF_ANNOTATION #endif -#include "common/common/perf_annotation.h" +#include "source/common/common/perf_annotation.h" #include #include @@ -10,8 +10,8 @@ #include "envoy/common/platform.h" -#include "common/common/lock_guard.h" -#include "common/common/utility.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/utility.h" #include "absl/strings/str_cat.h" diff --git a/source/common/common/perf_annotation.h b/source/common/common/perf_annotation.h index 7fba5aec0321..ab9ec215eae4 100644 --- a/source/common/common/perf_annotation.h +++ b/source/common/common/perf_annotation.h @@ -5,8 +5,8 @@ #include #include -#include "common/common/thread.h" -#include "common/common/utility.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" #include "absl/container/node_hash_map.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/posix/thread_impl.cc b/source/common/common/posix/thread_impl.cc index 71cbf2b02eb6..fae09194d8cc 100644 --- a/source/common/common/posix/thread_impl.cc +++ b/source/common/common/posix/thread_impl.cc @@ -1,5 +1,5 @@ -#include "common/common/assert.h" -#include "common/common/thread_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread_impl.h" #include "absl/strings/str_cat.h" diff --git a/source/common/common/random_generator.cc b/source/common/common/random_generator.cc index 69eabc5e6c07..53e59c2ffb60 100644 --- a/source/common/common/random_generator.cc +++ b/source/common/common/random_generator.cc @@ -1,6 +1,6 @@ -#include "common/common/random_generator.h" +#include "source/common/common/random_generator.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "openssl/rand.h" diff --git a/source/common/common/regex.cc b/source/common/common/regex.cc index 735a24d25b8d..1f1aa4cc4a57 100644 --- a/source/common/common/regex.cc +++ b/source/common/common/regex.cc @@ -1,13 +1,13 @@ -#include "common/common/regex.h" +#include "source/common/common/regex.h" #include "envoy/common/exception.h" #include "envoy/runtime/runtime.h" #include "envoy/type/matcher/v3/regex.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/protobuf/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/symbol_table_impl.h" #include "re2/re2.h" @@ -127,11 +127,6 @@ CompiledMatcherPtr Utility::parseRegex(const envoy::type::matcher::v3::RegexMatc return std::make_unique(matcher); } -CompiledMatcherPtr Utility::parseStdRegexAsCompiledMatcher(const std::string& regex, - std::regex::flag_type flags) { - return std::make_unique(parseStdRegex(regex, flags)); -} - std::regex Utility::parseStdRegex(const std::string& regex, std::regex::flag_type flags) { // TODO(zuercher): In the future, PGV (https://github.com/envoyproxy/protoc-gen-validate) // annotations may allow us to remove this in favor of direct validation of regular diff --git a/source/common/common/regex.h b/source/common/common/regex.h index 2fdcd52ebc1c..e360cab01b96 100644 --- a/source/common/common/regex.h +++ b/source/common/common/regex.h @@ -26,16 +26,6 @@ class Utility { static std::regex parseStdRegex(const std::string& regex, std::regex::flag_type flags = std::regex::optimize); - /** - * Construct an std::regex compiled regex matcher. - * - * TODO(mattklein123): In general this is only currently used in deprecated code paths and can be - * removed once all of those code paths are removed. - */ - static CompiledMatcherPtr - parseStdRegexAsCompiledMatcher(const std::string& regex, - std::regex::flag_type flags = std::regex::optimize); - /** * Construct a compiled regex matcher from a match config. */ diff --git a/source/common/common/scope_tracker.h b/source/common/common/scope_tracker.h index 4426bbaca5cc..eb2690a27325 100644 --- a/source/common/common/scope_tracker.h +++ b/source/common/common/scope_tracker.h @@ -3,27 +3,27 @@ #include "envoy/common/scope_tracker.h" #include "envoy/event/dispatcher.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { // A small class for managing the scope of a tracked object which is currently having // work done in this thread. // -// When created, it appends the tracked object to the dispatcher's stack of tracked objects, and -// when destroyed it pops the dispatcher's stack of tracked object, which should be the object it +// When created, it appends the tracked object to the tracker's stack of tracked objects, and +// when destroyed it pops the tracker's stack of tracked object, which should be the object it // registered. class ScopeTrackerScopeState { public: - ScopeTrackerScopeState(const ScopeTrackedObject* object, Event::Dispatcher& dispatcher) - : registered_object_(object), dispatcher_(dispatcher) { - dispatcher_.pushTrackedObject(registered_object_); + ScopeTrackerScopeState(const ScopeTrackedObject* object, Event::ScopeTracker& tracker) + : registered_object_(object), tracker_(tracker) { + tracker_.pushTrackedObject(registered_object_); } ~ScopeTrackerScopeState() { // If ScopeTrackerScopeState is always used for managing tracked objects, // then the object popped off should be the object we registered. - dispatcher_.popTrackedObject(registered_object_); + tracker_.popTrackedObject(registered_object_); } // Make this object stack-only, it doesn't make sense for it @@ -32,7 +32,7 @@ class ScopeTrackerScopeState { private: const ScopeTrackedObject* registered_object_; - Event::Dispatcher& dispatcher_; + Event::ScopeTracker& tracker_; }; } // namespace Envoy diff --git a/source/common/common/shared_token_bucket_impl.cc b/source/common/common/shared_token_bucket_impl.cc index 50a5e02ec582..f0942226afcf 100644 --- a/source/common/common/shared_token_bucket_impl.cc +++ b/source/common/common/shared_token_bucket_impl.cc @@ -1,8 +1,8 @@ -#include "common/common/shared_token_bucket_impl.h" +#include "source/common/common/shared_token_bucket_impl.h" #include -#include "common/common/lock_guard.h" +#include "source/common/common/lock_guard.h" namespace Envoy { diff --git a/source/common/common/shared_token_bucket_impl.h b/source/common/common/shared_token_bucket_impl.h index 7b677e543134..51594c3da57f 100644 --- a/source/common/common/shared_token_bucket_impl.h +++ b/source/common/common/shared_token_bucket_impl.h @@ -1,8 +1,8 @@ #pragma once -#include "common/common/thread.h" -#include "common/common/thread_synchronizer.h" -#include "common/common/token_bucket_impl.h" +#include "source/common/common/thread.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/common/common/token_bucket_impl.h" namespace Envoy { diff --git a/source/common/common/standard/logger_impl.h b/source/common/common/standard/logger_impl.h index a07664151c65..938ed5f6ea29 100644 --- a/source/common/common/standard/logger_impl.h +++ b/source/common/common/standard/logger_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/base_logger.h" +#include "source/common/common/base_logger.h" namespace Envoy { namespace Logger { diff --git a/source/common/common/stl_helpers.h b/source/common/common/stl_helpers.h index 080edc43c4c7..674372f64eaa 100644 --- a/source/common/common/stl_helpers.h +++ b/source/common/common/stl_helpers.h @@ -34,6 +34,19 @@ std::string accumulateToString(const ContainerT& source, }) + "]"; } + +// Used for converting sanctioned uses of std string_view (e.g. extensions) to absl::string_view +// for internal use. +inline absl::string_view toAbslStringView(std::string_view view) { // NOLINT(std::string_view) + return absl::string_view(view.data(), view.size()); // NOLINT(std::string_view) +} + +// Used for converting internal absl::string_view to sanctioned uses of std string_view (e.g. +// extensions). +inline std::string_view toStdStringView(absl::string_view view) { // NOLINT(std::string_view) + return std::string_view(view.data(), view.size()); // NOLINT(std::string_view) +} + } // namespace Envoy // NOLINT(namespace-envoy) diff --git a/source/common/common/thread.cc b/source/common/common/thread.cc index d32907be0676..282858399000 100644 --- a/source/common/common/thread.cc +++ b/source/common/common/thread.cc @@ -1,4 +1,4 @@ -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Thread { @@ -13,6 +13,16 @@ bool MainThread::isMainThread() { return main_thread_singleton->inMainThread() || main_thread_singleton->inTestThread(); } +bool MainThread::isWorkerThread() { + auto main_thread_singleton = MainThreadSingleton::getExisting(); + // Allow worker thread code to be executed in test thread. + if (main_thread_singleton == nullptr) { + return true; + } + // When threading is on, compare thread id with main thread id. + return !main_thread_singleton->inMainThread(); +} + void MainThread::clear() { delete MainThreadSingleton::getExisting(); MainThreadSingleton::clear(); diff --git a/source/common/common/thread.h b/source/common/common/thread.h index e84fb7b38bf7..347df89c9fab 100644 --- a/source/common/common/thread.h +++ b/source/common/common/thread.h @@ -7,8 +7,8 @@ #include "envoy/thread/thread.h" -#include "common/common/non_copyable.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/common/non_copyable.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/synchronization/mutex.h" @@ -194,6 +194,7 @@ struct MainThread { */ static void clear(); static bool isMainThread(); + static bool isWorkerThread(); private: std::thread::id main_thread_id_; diff --git a/source/common/common/thread_synchronizer.cc b/source/common/common/thread_synchronizer.cc index 099fafdb6ab8..c4330b4710d2 100644 --- a/source/common/common/thread_synchronizer.cc +++ b/source/common/common/thread_synchronizer.cc @@ -1,4 +1,4 @@ -#include "common/common/thread_synchronizer.h" +#include "source/common/common/thread_synchronizer.h" namespace Envoy { namespace Thread { diff --git a/source/common/common/thread_synchronizer.h b/source/common/common/thread_synchronizer.h index b86df8a926bc..bdb4a18a1c09 100644 --- a/source/common/common/thread_synchronizer.h +++ b/source/common/common/thread_synchronizer.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/token_bucket_impl.cc b/source/common/common/token_bucket_impl.cc index 74dd981e1828..eaf6f06d0c9e 100644 --- a/source/common/common/token_bucket_impl.cc +++ b/source/common/common/token_bucket_impl.cc @@ -1,4 +1,4 @@ -#include "common/common/token_bucket_impl.h" +#include "source/common/common/token_bucket_impl.h" #include diff --git a/source/common/common/token_bucket_impl.h b/source/common/common/token_bucket_impl.h index b168b4cc2894..96ac238e3778 100644 --- a/source/common/common/token_bucket_impl.h +++ b/source/common/common/token_bucket_impl.h @@ -3,7 +3,7 @@ #include "envoy/common/time.h" #include "envoy/common/token_bucket.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { diff --git a/source/common/common/utility.cc b/source/common/common/utility.cc index 659259fd8619..06a2a7027fc4 100644 --- a/source/common/common/utility.cc +++ b/source/common/common/utility.cc @@ -1,4 +1,4 @@ -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include #include @@ -12,10 +12,10 @@ #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/hash.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hash.h" +#include "source/common/singleton/const_singleton.h" #include "absl/container/node_hash_map.h" #include "absl/strings/ascii.h" diff --git a/source/common/common/utility.h b/source/common/common/utility.h index dbf1d4192f2e..24b29a127350 100644 --- a/source/common/common/utility.h +++ b/source/common/common/utility.h @@ -11,9 +11,9 @@ #include "envoy/common/interval_set.h" #include "envoy/common/time.h" -#include "common/common/assert.h" -#include "common/common/hash.h" -#include "common/common/non_copyable.h" +#include "source/common/common/assert.h" +#include "source/common/common/hash.h" +#include "source/common/common/non_copyable.h" #include "absl/strings/string_view.h" diff --git a/source/common/common/win32/event_logger_impl.cc b/source/common/common/win32/event_logger_impl.cc index 96e0cc74b06b..f547152ae7da 100644 --- a/source/common/common/win32/event_logger_impl.cc +++ b/source/common/common/win32/event_logger_impl.cc @@ -1,4 +1,4 @@ -#include "common/common/win32/event_logger_impl.h" +#include "source/common/common/win32/event_logger_impl.h" #include "spdlog/sinks/win_eventlog_sink.h" diff --git a/source/common/common/win32/event_logger_impl.h b/source/common/common/win32/event_logger_impl.h index 5fd864bce0ee..02c711ee5754 100644 --- a/source/common/common/win32/event_logger_impl.h +++ b/source/common/common/win32/event_logger_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/base_logger.h" +#include "source/common/common/base_logger.h" namespace Envoy { namespace Logger { diff --git a/source/common/common/win32/thread_impl.cc b/source/common/common/win32/thread_impl.cc index 8f26d63e0eb3..e7e548883a80 100644 --- a/source/common/common/win32/thread_impl.cc +++ b/source/common/common/win32/thread_impl.cc @@ -1,7 +1,7 @@ #include -#include "common/common/assert.h" -#include "common/common/thread_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread_impl.h" namespace Envoy { namespace Thread { diff --git a/source/common/config/BUILD b/source/common/config/BUILD index e5e73d9e9d4d..1890b921b93d 100644 --- a/source/common/config/BUILD +++ b/source/common/config/BUILD @@ -29,13 +29,13 @@ envoy_cc_library( hdrs = ["config_provider_impl.h"], deps = [ ":utility_lib", - "//include/envoy/config:config_provider_interface", - "//include/envoy/config:config_provider_manager_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:config_tracker_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/config:config_provider_interface", + "//envoy/config:config_provider_manager_interface", + "//envoy/init:manager_interface", + "//envoy/server:admin_interface", + "//envoy/server:config_tracker_interface", + "//envoy/singleton:instance_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/init:manager_lib", "//source/common/init:target_lib", "//source/common/init:watcher_lib", @@ -48,7 +48,7 @@ envoy_cc_library( hdrs = ["context_provider_impl.h"], deps = [ ":xds_context_params_lib", - "//include/envoy/config:context_provider_interface", + "//envoy/config:context_provider_interface", "//source/common/common:callback_impl_lib", "//source/common/common:thread_lib", ], @@ -60,9 +60,9 @@ envoy_cc_library( hdrs = ["datasource.h"], deps = [ ":remote_data_fetcher_lib", - "//include/envoy/api:api_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/api:api_interface", + "//envoy/init:manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:backoff_lib", "//source/common/common:empty_string", "//source/common/init:target_lib", @@ -75,7 +75,7 @@ envoy_cc_library( name = "decoded_resource_lib", hdrs = ["decoded_resource_impl.h"], deps = [ - "//include/envoy/config:subscription_interface", + "//envoy/config:subscription_interface", "//source/common/protobuf:utility_lib", "@com_github_cncf_udpa//xds/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", @@ -87,9 +87,9 @@ envoy_cc_library( srcs = ["ttl.cc"], hdrs = ["ttl.h"], deps = [ - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", "@com_google_absl//absl/container:btree", ], ) @@ -104,8 +104,8 @@ envoy_cc_library( ":ttl_lib", ":utility_lib", ":watch_map_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", @@ -123,9 +123,9 @@ envoy_cc_library( hdrs = ["filesystem_subscription_impl.h"], deps = [ ":decoded_resource_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/filesystem:filesystem_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", + "//envoy/filesystem:filesystem_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:utility_lib", @@ -141,10 +141,10 @@ envoy_cc_library( hdrs = ["grpc_stream.h"], deps = [ ":utility_lib", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/grpc:async_client_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_interface", + "//envoy/grpc:async_client_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:token_bucket_impl_lib", @@ -163,9 +163,9 @@ envoy_cc_library( ":grpc_stream_lib", ":ttl_lib", ":utility_lib", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", @@ -184,9 +184,9 @@ envoy_cc_library( deps = [ ":grpc_mux_lib", ":xds_resource_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:async_client_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:async_client_interface", ], ) @@ -202,8 +202,8 @@ envoy_cc_library( ":watch_map_lib", ":xds_context_params_lib", ":xds_resource_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:async_client_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:async_client_interface", "//source/common/memory:utils_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", @@ -221,8 +221,8 @@ envoy_cc_library( ":api_version_lib", ":decoded_resource_lib", ":version_converter_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", @@ -241,10 +241,10 @@ envoy_cc_library( srcs = ["metadata.cc"], hdrs = ["metadata.h"], deps = [ - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/registry", - "//include/envoy/singleton:manager_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/event:dispatcher_interface", + "//envoy/registry", + "//envoy/singleton:manager_interface", "//source/common/common:assert_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", @@ -258,7 +258,7 @@ envoy_cc_library( name = "opaque_resource_decoder_lib", hdrs = ["opaque_resource_decoder_impl.h"], deps = [ - "//include/envoy/config:subscription_interface", + "//envoy/config:subscription_interface", "//source/common/protobuf:utility_lib", ], ) @@ -298,7 +298,7 @@ envoy_cc_library( srcs = ["remote_data_fetcher.cc"], hdrs = ["remote_data_fetcher.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:hex_lib", "//source/common/crypto:utility_lib", "//source/common/http:utility_lib", @@ -335,9 +335,9 @@ envoy_cc_library( ":type_to_endpoint_lib", ":utility_lib", ":xds_resource_lib", - "//include/envoy/config:subscription_factory_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:subscription_factory_interface", + "//envoy/config:subscription_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/http:utility_lib", "//source/common/protobuf", @@ -392,12 +392,12 @@ envoy_cc_library( deps = [ ":api_type_oracle_lib", ":version_converter_lib", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_interface", + "//envoy/local_info:local_info_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:hash_lib", @@ -440,7 +440,7 @@ envoy_cc_library( deps = [ ":decoded_resource_lib", ":xds_resource_lib", - "//include/envoy/config:subscription_interface", + "//envoy/config:subscription_interface", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", @@ -456,7 +456,7 @@ envoy_cc_library( deps = [ ":opaque_resource_decoder_lib", ":resource_name_lib", - "//include/envoy/config:subscription_interface", + "//envoy/config:subscription_interface", ], ) @@ -465,8 +465,8 @@ envoy_cc_library( srcs = ["watched_directory.cc"], hdrs = ["watched_directory.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/filesystem:watcher_interface", + "//envoy/event:dispatcher_interface", + "//envoy/filesystem:watcher_interface", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/source/common/config/api_type_oracle.cc b/source/common/config/api_type_oracle.cc index 8762392af5cb..66da4f79a928 100644 --- a/source/common/config/api_type_oracle.cc +++ b/source/common/config/api_type_oracle.cc @@ -1,4 +1,4 @@ -#include "common/config/api_type_oracle.h" +#include "source/common/config/api_type_oracle.h" #include "udpa/annotations/versioning.pb.h" diff --git a/source/common/config/api_type_oracle.h b/source/common/config/api_type_oracle.h index bde8186fa555..7320309b33cc 100644 --- a/source/common/config/api_type_oracle.h +++ b/source/common/config/api_type_oracle.h @@ -1,6 +1,6 @@ #pragma once -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/source/common/config/config_provider_impl.cc b/source/common/config/config_provider_impl.cc index 78eddb0ffe10..172c5305ee57 100644 --- a/source/common/config/config_provider_impl.cc +++ b/source/common/config/config_provider_impl.cc @@ -1,4 +1,4 @@ -#include "common/config/config_provider_impl.h" +#include "source/common/config/config_provider_impl.h" namespace Envoy { namespace Config { diff --git a/source/common/config/config_provider_impl.h b/source/common/config/config_provider_impl.h index f1ecf3cf8932..8db998ebab88 100644 --- a/source/common/config/config_provider_impl.h +++ b/source/common/config/config_provider_impl.h @@ -8,13 +8,13 @@ #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/thread.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/init/manager_impl.h" -#include "common/init/target_impl.h" -#include "common/init/watcher_impl.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/target_impl.h" +#include "source/common/init/watcher_impl.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Config { diff --git a/source/common/config/context_provider_impl.h b/source/common/config/context_provider_impl.h index 08e4b6c5c85a..3123b2066cef 100644 --- a/source/common/config/context_provider_impl.h +++ b/source/common/config/context_provider_impl.h @@ -2,9 +2,10 @@ #include "envoy/config/context_provider.h" -#include "common/common/callback_impl.h" -#include "common/common/thread.h" -#include "common/config/xds_context_params.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/stl_helpers.h" +#include "source/common/common/thread.h" +#include "source/common/config/xds_context_params.h" namespace Envoy { namespace Config { @@ -29,13 +30,16 @@ class ContextProviderImpl : public ContextProvider { void setDynamicContextParam(absl::string_view resource_type_url, absl::string_view key, absl::string_view value) override { ASSERT(Thread::MainThread::isMainThread()); - (*dynamic_context_[resource_type_url].mutable_params())[key] = value; + (*dynamic_context_[resource_type_url] + .mutable_params())[toStdStringView(key)] = // NOLINT(std::string_view) + toStdStringView(value); // NOLINT(std::string_view) update_cb_helper_.runCallbacks(resource_type_url); } void unsetDynamicContextParam(absl::string_view resource_type_url, absl::string_view key) override { ASSERT(Thread::MainThread::isMainThread()); - dynamic_context_[resource_type_url].mutable_params()->erase(key); + dynamic_context_[resource_type_url].mutable_params()->erase( + toStdStringView(key)); // NOLINT(std::string_view) update_cb_helper_.runCallbacks(resource_type_url); } ABSL_MUST_USE_RESULT Common::CallbackHandlePtr diff --git a/source/common/config/datasource.cc b/source/common/config/datasource.cc index 3f60da031a28..19a4b82e6a9d 100644 --- a/source/common/config/datasource.cc +++ b/source/common/config/datasource.cc @@ -1,4 +1,4 @@ -#include "common/config/datasource.h" +#include "source/common/config/datasource.h" #include "envoy/config/core/v3/base.pb.h" diff --git a/source/common/config/datasource.h b/source/common/config/datasource.h index c3969ee7f450..9f884bd40968 100644 --- a/source/common/config/datasource.h +++ b/source/common/config/datasource.h @@ -7,11 +7,11 @@ #include "envoy/init/manager.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/backoff_strategy.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/config/remote_data_fetcher.h" -#include "common/init/target_impl.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/config/remote_data_fetcher.h" +#include "source/common/init/target_impl.h" #include "absl/types/optional.h" diff --git a/source/common/config/decoded_resource_impl.h b/source/common/config/decoded_resource_impl.h index 04299f7745ba..58f6b9d5cd5d 100644 --- a/source/common/config/decoded_resource_impl.h +++ b/source/common/config/decoded_resource_impl.h @@ -3,7 +3,7 @@ #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "xds/core/v3/collection_entry.pb.h" diff --git a/source/common/config/delta_subscription_state.cc b/source/common/config/delta_subscription_state.cc index 215dc55602fb..b1b162d3f327 100644 --- a/source/common/config/delta_subscription_state.cc +++ b/source/common/config/delta_subscription_state.cc @@ -1,12 +1,12 @@ -#include "common/config/delta_subscription_state.h" +#include "source/common/config/delta_subscription_state.h" #include "envoy/event/dispatcher.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/hash.h" -#include "common/config/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/hash.h" +#include "source/common/config/utility.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Config { diff --git a/source/common/config/delta_subscription_state.h b/source/common/config/delta_subscription_state.h index 7c478002ce37..cafdbe0022ee 100644 --- a/source/common/config/delta_subscription_state.h +++ b/source/common/config/delta_subscription_state.h @@ -7,12 +7,12 @@ #include "envoy/local_info/local_info.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/config/api_version.h" -#include "common/config/pausable_ack_queue.h" -#include "common/config/ttl.h" -#include "common/config/watch_map.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/config/api_version.h" +#include "source/common/config/pausable_ack_queue.h" +#include "source/common/config/ttl.h" +#include "source/common/config/watch_map.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/config/filesystem_subscription_impl.cc b/source/common/config/filesystem_subscription_impl.cc index 5e27d1e8d937..0bed53c374e6 100644 --- a/source/common/config/filesystem_subscription_impl.cc +++ b/source/common/config/filesystem_subscription_impl.cc @@ -1,13 +1,13 @@ -#include "common/config/filesystem_subscription_impl.h" +#include "source/common/config/filesystem_subscription_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/filesystem_subscription_impl.h b/source/common/config/filesystem_subscription_impl.h index 1c8d9d041ccf..178b6a44a030 100644 --- a/source/common/config/filesystem_subscription_impl.h +++ b/source/common/config/filesystem_subscription_impl.h @@ -6,7 +6,7 @@ #include "envoy/filesystem/filesystem.h" #include "envoy/protobuf/message_validator.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Config { diff --git a/source/common/config/grpc_mux_impl.cc b/source/common/config/grpc_mux_impl.cc index eab59e846bda..58807df00d2d 100644 --- a/source/common/config/grpc_mux_impl.cc +++ b/source/common/config/grpc_mux_impl.cc @@ -1,12 +1,12 @@ -#include "common/config/grpc_mux_impl.h" +#include "source/common/config/grpc_mux_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/memory/utils.h" -#include "common/protobuf/protobuf.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/memory/utils.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/btree_map.h" #include "absl/container/node_hash_set.h" @@ -137,10 +137,6 @@ void GrpcMuxImpl::onDiscoveryResponse( ControlPlaneStats& control_plane_stats) { const std::string type_url = message->type_url(); ENVOY_LOG(debug, "Received gRPC message for {} at version {}", type_url, message->version_info()); - if (message->has_control_plane()) { - control_plane_stats.identifier_.set(message->control_plane().identifier()); - } - if (api_state_.count(type_url) == 0) { // TODO(yuval-k): This should never happen. consider dropping the stream as this is a // protocol violation @@ -149,16 +145,28 @@ void GrpcMuxImpl::onDiscoveryResponse( return; } - if (apiStateFor(type_url).watches_.empty()) { + ApiState& api_state = apiStateFor(type_url); + + if (message->has_control_plane()) { + control_plane_stats.identifier_.set(message->control_plane().identifier()); + } + + if (message->control_plane().identifier() != api_state.control_plane_identifier_) { + api_state.control_plane_identifier_ = message->control_plane().identifier(); + ENVOY_LOG(debug, "Receiving gRPC updates for {} from {}", type_url, + api_state.control_plane_identifier_); + } + + if (api_state.watches_.empty()) { // update the nonce as we are processing this response. - apiStateFor(type_url).request_.set_response_nonce(message->nonce()); + api_state.request_.set_response_nonce(message->nonce()); if (message->resources().empty()) { // No watches and no resources. This can happen when envoy unregisters from a // resource that's removed from the server as well. For example, a deleted cluster // triggers un-watching the ClusterLoadAssignment watch, and at the same time the // xDS server sends an empty list of ClusterLoadAssignment resources. we'll accept // this update. no need to send a discovery request, as we don't watch for anything. - apiStateFor(type_url).request_.set_version_info(message->version_info()); + api_state.request_.set_version_info(message->version_info()); } else { // No watches and we have resources - this should not happen. send a NACK (by not // updating the version). @@ -182,10 +190,9 @@ void GrpcMuxImpl::onDiscoveryResponse( std::vector resources; absl::btree_map resource_ref_map; std::vector all_resource_refs; - OpaqueResourceDecoder& resource_decoder = - apiStateFor(type_url).watches_.front()->resource_decoder_; + OpaqueResourceDecoder& resource_decoder = api_state.watches_.front()->resource_decoder_; - const auto scoped_ttl_update = apiStateFor(type_url).ttl_.scopedTtlUpdate(); + const auto scoped_ttl_update = api_state.ttl_.scopedTtlUpdate(); for (const auto& resource : message->resources()) { // TODO(snowp): Check the underlying type when the resource is a Resource. @@ -200,9 +207,9 @@ void GrpcMuxImpl::onDiscoveryResponse( DecodedResourceImpl::fromResource(resource_decoder, resource, message->version_info()); if (decoded_resource->ttl()) { - apiStateFor(type_url).ttl_.add(*decoded_resource->ttl(), decoded_resource->name()); + api_state.ttl_.add(*decoded_resource->ttl(), decoded_resource->name()); } else { - apiStateFor(type_url).ttl_.clear(decoded_resource->name()); + api_state.ttl_.clear(decoded_resource->name()); } if (!isHeartbeatResource(type_url, *decoded_resource)) { @@ -212,7 +219,7 @@ void GrpcMuxImpl::onDiscoveryResponse( } } - for (auto watch : apiStateFor(type_url).watches_) { + for (auto watch : api_state.watches_) { // onConfigUpdate should be called in all cases for single watch xDS (Cluster and // Listener) even if the message does not have resources so that update_empty stat // is properly incremented and state-of-the-world semantics are maintained. @@ -236,21 +243,21 @@ void GrpcMuxImpl::onDiscoveryResponse( } // TODO(mattklein123): In the future if we start tracking per-resource versions, we // would do that tracking here. - apiStateFor(type_url).request_.set_version_info(message->version_info()); + api_state.request_.set_version_info(message->version_info()); Memory::Utils::tryShrinkHeap(); } END_TRY catch (const EnvoyException& e) { - for (auto watch : apiStateFor(type_url).watches_) { + for (auto watch : api_state.watches_) { watch->callbacks_.onConfigUpdateFailed( Envoy::Config::ConfigUpdateFailureReason::UpdateRejected, &e); } - ::google::rpc::Status* error_detail = apiStateFor(type_url).request_.mutable_error_detail(); + ::google::rpc::Status* error_detail = api_state.request_.mutable_error_detail(); error_detail->set_code(Grpc::Status::WellKnownGrpcStatus::Internal); error_detail->set_message(Config::Utility::truncateGrpcStatusMessage(e.what())); } - apiStateFor(type_url).request_.set_response_nonce(message->nonce()); - ASSERT(apiStateFor(type_url).paused()); + api_state.request_.set_response_nonce(message->nonce()); + ASSERT(api_state.paused()); queueDiscoveryRequest(type_url); } diff --git a/source/common/config/grpc_mux_impl.h b/source/common/config/grpc_mux_impl.h index 3c4b973b8d9d..585d028fe2b6 100644 --- a/source/common/config/grpc_mux_impl.h +++ b/source/common/config/grpc_mux_impl.h @@ -14,13 +14,13 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/cleanup.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/config/api_version.h" -#include "common/config/grpc_stream.h" -#include "common/config/ttl.h" -#include "common/config/utility.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/config/grpc_stream.h" +#include "source/common/config/ttl.h" +#include "source/common/config/utility.h" #include "absl/container/node_hash_map.h" @@ -140,6 +140,9 @@ class GrpcMuxImpl : public GrpcMux, // This resource type must have a Node sent at next request. bool must_send_node_{}; TtlManager ttl_; + // The identifier for the server that sent the most recent response, or + // empty if there is none. + std::string control_plane_identifier_{}; }; bool isHeartbeatResource(const std::string& type_url, const DecodedResource& resource) { diff --git a/source/common/config/grpc_stream.h b/source/common/config/grpc_stream.h index f6673402df4f..a682fef77d0c 100644 --- a/source/common/config/grpc_stream.h +++ b/source/common/config/grpc_stream.h @@ -7,10 +7,10 @@ #include "envoy/config/grpc_mux.h" #include "envoy/grpc/async_client.h" -#include "common/common/backoff_strategy.h" -#include "common/common/token_bucket_impl.h" -#include "common/config/utility.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/token_bucket_impl.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/typed_async_client.h" namespace Envoy { namespace Config { diff --git a/source/common/config/grpc_subscription_impl.cc b/source/common/config/grpc_subscription_impl.cc index 3b6412d111dc..fbc55abe693b 100644 --- a/source/common/config/grpc_subscription_impl.cc +++ b/source/common/config/grpc_subscription_impl.cc @@ -1,14 +1,14 @@ -#include "common/config/grpc_subscription_impl.h" +#include "source/common/config/grpc_subscription_impl.h" #include -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/config/xds_resource.h" -#include "common/grpc/common.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/config/xds_resource.h" +#include "source/common/grpc/common.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/grpc_subscription_impl.h b/source/common/config/grpc_subscription_impl.h index 35dfa34f166e..b1b15c585011 100644 --- a/source/common/config/grpc_subscription_impl.h +++ b/source/common/config/grpc_subscription_impl.h @@ -7,7 +7,7 @@ #include "envoy/config/subscription.h" #include "envoy/event/dispatcher.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "xds/core/v3/resource_locator.pb.h" diff --git a/source/common/config/http_subscription_impl.cc b/source/common/config/http_subscription_impl.cc index d8ad488e108a..ecf6afffa9b9 100644 --- a/source/common/config/http_subscription_impl.cc +++ b/source/common/config/http_subscription_impl.cc @@ -1,19 +1,19 @@ -#include "common/config/http_subscription_impl.h" +#include "source/common/config/http_subscription_impl.h" #include #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/http/headers.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "google/api/annotations.pb.h" diff --git a/source/common/config/http_subscription_impl.h b/source/common/config/http_subscription_impl.h index 33263e0ef3eb..4672e4589488 100644 --- a/source/common/config/http_subscription_impl.h +++ b/source/common/config/http_subscription_impl.h @@ -6,8 +6,8 @@ #include "envoy/event/dispatcher.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/http/rest_api_fetcher.h" +#include "source/common/config/api_version.h" +#include "source/common/http/rest_api_fetcher.h" namespace Envoy { namespace Config { diff --git a/source/common/config/metadata.cc b/source/common/config/metadata.cc index c5dfaa77540d..522d82e97303 100644 --- a/source/common/config/metadata.cc +++ b/source/common/config/metadata.cc @@ -1,9 +1,9 @@ -#include "common/config/metadata.h" +#include "source/common/config/metadata.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/metadata/v3/metadata.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/metadata.h b/source/common/config/metadata.h index 9b4ddbbcb0f4..fe870c516901 100644 --- a/source/common/config/metadata.h +++ b/source/common/config/metadata.h @@ -10,8 +10,8 @@ #include "envoy/singleton/manager.h" #include "envoy/type/metadata/v3/metadata.pb.h" -#include "common/protobuf/protobuf.h" -#include "common/shared_pool/shared_pool.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/shared_pool/shared_pool.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/config/new_grpc_mux_impl.cc b/source/common/config/new_grpc_mux_impl.cc index 62a2ba950d15..89a829167e27 100644 --- a/source/common/config/new_grpc_mux_impl.cc +++ b/source/common/config/new_grpc_mux_impl.cc @@ -1,17 +1,17 @@ -#include "common/config/new_grpc_mux_impl.h" +#include "source/common/config/new_grpc_mux_impl.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/backoff_strategy.h" -#include "common/common/token_bucket_impl.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/config/xds_context_params.h" -#include "common/config/xds_resource.h" -#include "common/memory/utils.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/token_bucket_impl.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/config/xds_context_params.h" +#include "source/common/config/xds_resource.h" +#include "source/common/memory/utils.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { @@ -65,9 +65,6 @@ void NewGrpcMuxImpl::onDiscoveryResponse( ControlPlaneStats& control_plane_stats) { ENVOY_LOG(debug, "Received DeltaDiscoveryResponse for {} at version {}", message->type_url(), message->system_version_info()); - if (message->has_control_plane()) { - control_plane_stats.identifier_.set(message->control_plane().identifier()); - } auto sub = subscriptions_.find(message->type_url()); if (sub == subscriptions_.end()) { ENVOY_LOG(warn, @@ -77,6 +74,16 @@ void NewGrpcMuxImpl::onDiscoveryResponse( return; } + if (message->has_control_plane()) { + control_plane_stats.identifier_.set(message->control_plane().identifier()); + } + + if (message->control_plane().identifier() != sub->second->control_plane_identifier_) { + sub->second->control_plane_identifier_ = message->control_plane().identifier(); + ENVOY_LOG(debug, "Receiving gRPC updates for {} from {}", message->type_url(), + sub->second->control_plane_identifier_); + } + kickOffAck(sub->second->sub_state_.handleResponse(*message)); Memory::Utils::tryShrinkHeap(); } diff --git a/source/common/config/new_grpc_mux_impl.h b/source/common/config/new_grpc_mux_impl.h index 570cc7dfafc4..4c2246fed813 100644 --- a/source/common/config/new_grpc_mux_impl.h +++ b/source/common/config/new_grpc_mux_impl.h @@ -9,14 +9,14 @@ #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/logger.h" -#include "common/config/api_version.h" -#include "common/config/delta_subscription_state.h" -#include "common/config/grpc_stream.h" -#include "common/config/pausable_ack_queue.h" -#include "common/config/watch_map.h" -#include "common/grpc/common.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/logger.h" +#include "source/common/config/api_version.h" +#include "source/common/config/delta_subscription_state.h" +#include "source/common/config/grpc_stream.h" +#include "source/common/config/pausable_ack_queue.h" +#include "source/common/config/watch_map.h" +#include "source/common/grpc/common.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Config { @@ -80,6 +80,7 @@ class NewGrpcMuxImpl WatchMap watch_map_; DeltaSubscriptionState sub_state_; + std::string control_plane_identifier_{}; SubscriptionStuff(const SubscriptionStuff&) = delete; SubscriptionStuff& operator=(const SubscriptionStuff&) = delete; diff --git a/source/common/config/opaque_resource_decoder_impl.h b/source/common/config/opaque_resource_decoder_impl.h index ef066101952b..bb0af603f15d 100644 --- a/source/common/config/opaque_resource_decoder_impl.h +++ b/source/common/config/opaque_resource_decoder_impl.h @@ -2,7 +2,7 @@ #include "envoy/config/subscription.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/pausable_ack_queue.cc b/source/common/config/pausable_ack_queue.cc index b18cb9754f5e..d2e433c63d38 100644 --- a/source/common/config/pausable_ack_queue.cc +++ b/source/common/config/pausable_ack_queue.cc @@ -1,8 +1,8 @@ -#include "common/config/pausable_ack_queue.h" +#include "source/common/config/pausable_ack_queue.h" #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Config { diff --git a/source/common/config/pausable_ack_queue.h b/source/common/config/pausable_ack_queue.h index eb04358398df..07af25fa9bfd 100644 --- a/source/common/config/pausable_ack_queue.h +++ b/source/common/config/pausable_ack_queue.h @@ -2,7 +2,7 @@ #include -#include "common/config/update_ack.h" +#include "source/common/config/update_ack.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/config/remote_data_fetcher.cc b/source/common/config/remote_data_fetcher.cc index c6f8382c5c15..66e0e9074e1e 100644 --- a/source/common/config/remote_data_fetcher.cc +++ b/source/common/config/remote_data_fetcher.cc @@ -1,12 +1,12 @@ -#include "common/config/remote_data_fetcher.h" +#include "source/common/config/remote_data_fetcher.h" #include "envoy/config/core/v3/http_uri.pb.h" -#include "common/common/enum_to_int.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/resource_name.h b/source/common/config/resource_name.h index b21a7d47d710..b3ca8e817526 100644 --- a/source/common/config/resource_name.h +++ b/source/common/config/resource_name.h @@ -5,8 +5,8 @@ #include "envoy/config/core/v3/config_source.pb.h" -#include "common/common/assert.h" -#include "common/config/api_type_oracle.h" +#include "source/common/common/assert.h" +#include "source/common/config/api_type_oracle.h" namespace Envoy { namespace Config { diff --git a/source/common/config/runtime_utility.cc b/source/common/config/runtime_utility.cc index b3db72983f98..07f06af8e33e 100644 --- a/source/common/config/runtime_utility.cc +++ b/source/common/config/runtime_utility.cc @@ -1,4 +1,4 @@ -#include "common/config/runtime_utility.h" +#include "source/common/config/runtime_utility.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" diff --git a/source/common/config/subscription_base.h b/source/common/config/subscription_base.h index 765e28934ebc..447931d1c36b 100644 --- a/source/common/config/subscription_base.h +++ b/source/common/config/subscription_base.h @@ -2,8 +2,8 @@ #include "envoy/config/subscription.h" -#include "common/config/opaque_resource_decoder_impl.h" -#include "common/config/resource_name.h" +#include "source/common/config/opaque_resource_decoder_impl.h" +#include "source/common/config/resource_name.h" namespace Envoy { namespace Config { diff --git a/source/common/config/subscription_factory_impl.cc b/source/common/config/subscription_factory_impl.cc index 277a3524e728..2da2fc83032b 100644 --- a/source/common/config/subscription_factory_impl.cc +++ b/source/common/config/subscription_factory_impl.cc @@ -1,18 +1,18 @@ -#include "common/config/subscription_factory_impl.h" +#include "source/common/config/subscription_factory_impl.h" #include "envoy/config/core/v3/config_source.pb.h" -#include "common/config/filesystem_subscription_impl.h" -#include "common/config/grpc_mux_impl.h" -#include "common/config/grpc_subscription_impl.h" -#include "common/config/http_subscription_impl.h" -#include "common/config/new_grpc_mux_impl.h" -#include "common/config/type_to_endpoint.h" -#include "common/config/utility.h" -#include "common/config/xds_resource.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/filesystem_subscription_impl.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/config/grpc_subscription_impl.h" +#include "source/common/config/http_subscription_impl.h" +#include "source/common/config/new_grpc_mux_impl.h" +#include "source/common/config/type_to_endpoint.h" +#include "source/common/config/utility.h" +#include "source/common/config/xds_resource.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { @@ -29,7 +29,6 @@ SubscriptionPtr SubscriptionFactoryImpl::subscriptionFromConfigSource( Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder, const SubscriptionOptions& options) { Config::Utility::checkLocalInfo(type_url, local_info_); - std::unique_ptr result; SubscriptionStats stats = Utility::generateStats(scope); switch (config.config_source_specifier_case()) { @@ -103,7 +102,6 @@ SubscriptionPtr SubscriptionFactoryImpl::collectionSubscriptionFromUrl( const envoy::config::core::v3::ConfigSource& config, absl::string_view resource_type, Stats::Scope& scope, SubscriptionCallbacks& callbacks, OpaqueResourceDecoder& resource_decoder) { - std::unique_ptr result; SubscriptionStats stats = Utility::generateStats(scope); switch (collection_locator.scheme()) { diff --git a/source/common/config/subscription_factory_impl.h b/source/common/config/subscription_factory_impl.h index 246d5afe6574..07cfa5d17520 100644 --- a/source/common/config/subscription_factory_impl.h +++ b/source/common/config/subscription_factory_impl.h @@ -8,7 +8,7 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Config { diff --git a/source/common/config/ttl.cc b/source/common/config/ttl.cc index 07dfec5fe33c..86dd100c71fc 100644 --- a/source/common/config/ttl.cc +++ b/source/common/config/ttl.cc @@ -1,4 +1,4 @@ -#include "common/config/ttl.h" +#include "source/common/config/ttl.h" namespace Envoy { namespace Config { diff --git a/source/common/config/type_to_endpoint.cc b/source/common/config/type_to_endpoint.cc index 1c32fe47ad2c..2ac9af5b27f5 100644 --- a/source/common/config/type_to_endpoint.cc +++ b/source/common/config/type_to_endpoint.cc @@ -1,8 +1,8 @@ -#include "common/config/type_to_endpoint.h" +#include "source/common/config/type_to_endpoint.h" #include "envoy/annotations/resource.pb.h" -#include "common/grpc/common.h" +#include "source/common/grpc/common.h" // API_NO_BOOST_FILE diff --git a/source/common/config/type_to_endpoint.h b/source/common/config/type_to_endpoint.h index ed9f9e6e5c89..7c9f5a500737 100644 --- a/source/common/config/type_to_endpoint.h +++ b/source/common/config/type_to_endpoint.h @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/config_source.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/string_view.h" diff --git a/source/common/config/utility.cc b/source/common/config/utility.cc index 440957d0ef55..d1743deeb042 100644 --- a/source/common/config/utility.cc +++ b/source/common/config/utility.cc @@ -1,4 +1,4 @@ -#include "common/config/utility.h" +#include "source/common/config/utility.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" @@ -9,18 +9,18 @@ #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/common/utility.h" -#include "common/config/api_type_oracle.h" -#include "common/config/version_converter.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/stats_matcher_impl.h" -#include "common/stats/tag_producer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_type_oracle.h" +#include "source/common/config/version_converter.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/stats_matcher_impl.h" +#include "source/common/stats/tag_producer_impl.h" namespace Envoy { namespace Config { @@ -254,22 +254,6 @@ Grpc::AsyncClientFactoryPtr Utility::factoryForGrpcApiConfigSource( return async_client_manager.factoryForGrpcService(grpc_service, scope, skip_cluster_check); } -envoy::config::endpoint::v3::ClusterLoadAssignment Utility::translateClusterHosts( - const Protobuf::RepeatedPtrField& hosts) { - envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment; - envoy::config::endpoint::v3::LocalityLbEndpoints* locality_lb_endpoints = - load_assignment.add_endpoints(); - // Since this LocalityLbEndpoints is built from hosts list, set the default weight to 1. - locality_lb_endpoints->mutable_load_balancing_weight()->set_value(1); - for (const envoy::config::core::v3::Address& host : hosts) { - envoy::config::endpoint::v3::LbEndpoint* lb_endpoint = - locality_lb_endpoints->add_lb_endpoints(); - lb_endpoint->mutable_endpoint()->mutable_address()->MergeFrom(host); - lb_endpoint->mutable_load_balancing_weight()->set_value(1); - } - return load_assignment; -} - void Utility::translateOpaqueConfig(const ProtobufWkt::Any& typed_config, const ProtobufWkt::Struct& config, ProtobufMessage::ValidationVisitor& validation_visitor, diff --git a/source/common/config/utility.h b/source/common/config/utility.h index 93304377ccf4..bce7b7f688d3 100644 --- a/source/common/config/utility.h +++ b/source/common/config/utility.h @@ -19,16 +19,16 @@ #include "envoy/stats/tag_producer.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/backoff_strategy.h" -#include "common/common/hash.h" -#include "common/common/hex.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/hash.h" +#include "source/common/common/hex.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/singleton/const_singleton.h" #include "udpa/type/v1/typed_struct.pb.h" @@ -451,14 +451,6 @@ class Utility { const envoy::config::core::v3::ApiConfigSource& api_config_source, Stats::Scope& scope, bool skip_cluster_check); - /** - * Translate a set of cluster's hosts into a load assignment configuration. - * @param hosts cluster's list of hosts. - * @return envoy::config::endpoint::v3::ClusterLoadAssignment a load assignment configuration. - */ - static envoy::config::endpoint::v3::ClusterLoadAssignment - translateClusterHosts(const Protobuf::RepeatedPtrField& hosts); - /** * Translate opaque config from google.protobuf.Any or google.protobuf.Struct to defined proto * message. diff --git a/source/common/config/version_converter.cc b/source/common/config/version_converter.cc index 0477c29bcf86..be6bfa25b5ac 100644 --- a/source/common/config/version_converter.cc +++ b/source/common/config/version_converter.cc @@ -1,12 +1,12 @@ -#include "common/config/version_converter.h" +#include "source/common/config/version_converter.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/config/api_type_oracle.h" -#include "common/protobuf/visitor.h" -#include "common/protobuf/well_known.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/config/api_type_oracle.h" +#include "source/common/protobuf/visitor.h" +#include "source/common/protobuf/well_known.h" #include "absl/strings/match.h" @@ -110,7 +110,7 @@ void VersionConverter::annotateWithOriginalType(const Protobuf::Descriptor& prev // ClusterManagerImpl with type erasure, but protobuf doesn't free up memory // as expected, we probably need some arena level trick to address this. if (prev_descriptor->full_name() == "envoy.api.v2.Cluster" && - (field.name() == "hidden_envoy_deprecated_hosts" || field.name() == "load_assignment")) { + field.name() == "load_assignment") { // This will cause the sub-message visit to abort early. return field.message_type(); } diff --git a/source/common/config/version_converter.h b/source/common/config/version_converter.h index db9c76523931..a7f5db3e9d8a 100644 --- a/source/common/config/version_converter.h +++ b/source/common/config/version_converter.h @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/config_source.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" // Convenience macro for downgrading a message and obtaining a reference. #define API_DOWNGRADE(msg) (*Envoy::Config::VersionConverter::downgrade(msg)->msg_) diff --git a/source/common/config/watch_map.cc b/source/common/config/watch_map.cc index fd65b5375b1f..992fdc35393c 100644 --- a/source/common/config/watch_map.cc +++ b/source/common/config/watch_map.cc @@ -1,11 +1,11 @@ -#include "common/config/watch_map.h" +#include "source/common/config/watch_map.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/cleanup.h" -#include "common/common/utility.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/xds_resource.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/utility.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/xds_resource.h" namespace Envoy { namespace Config { diff --git a/source/common/config/watch_map.h b/source/common/config/watch_map.h index 768117e93be6..d1139e23e0af 100644 --- a/source/common/config/watch_map.h +++ b/source/common/config/watch_map.h @@ -7,8 +7,8 @@ #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/config/watched_directory.cc b/source/common/config/watched_directory.cc index c3843ee3f71c..fc2a3a832a50 100644 --- a/source/common/config/watched_directory.cc +++ b/source/common/config/watched_directory.cc @@ -1,4 +1,4 @@ -#include "common/config/watched_directory.h" +#include "source/common/config/watched_directory.h" namespace Envoy { namespace Config { diff --git a/source/common/config/well_known_names.cc b/source/common/config/well_known_names.cc index 53388bf16042..71a03839b1a7 100644 --- a/source/common/config/well_known_names.cc +++ b/source/common/config/well_known_names.cc @@ -1,4 +1,4 @@ -#include "common/config/well_known_names.h" +#include "source/common/config/well_known_names.h" #include "absl/strings/str_replace.h" diff --git a/source/common/config/well_known_names.h b/source/common/config/well_known_names.h index 5b809ec8366c..0b694392a4ae 100644 --- a/source/common/config/well_known_names.h +++ b/source/common/config/well_known_names.h @@ -5,9 +5,9 @@ #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/regex.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/common/regex.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Config { diff --git a/source/common/config/xds_context_params.cc b/source/common/config/xds_context_params.cc index d618364dcce5..7a2ad91ec33d 100644 --- a/source/common/config/xds_context_params.cc +++ b/source/common/config/xds_context_params.cc @@ -1,7 +1,7 @@ -#include "common/config/xds_context_params.h" +#include "source/common/config/xds_context_params.h" -#include "common/common/macros.h" -#include "common/protobuf/utility.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Config { diff --git a/source/common/config/xds_context_params.h b/source/common/config/xds_context_params.h index 2627ba8e1513..68519eb414d0 100644 --- a/source/common/config/xds_context_params.h +++ b/source/common/config/xds_context_params.h @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" #include "xds/core/v3/context_params.pb.h" diff --git a/source/common/config/xds_resource.cc b/source/common/config/xds_resource.cc index 414d2f6b3018..9baa14ea8a95 100644 --- a/source/common/config/xds_resource.cc +++ b/source/common/config/xds_resource.cc @@ -1,9 +1,9 @@ -#include "common/config/xds_resource.h" +#include "source/common/config/xds_resource.h" #include -#include "common/common/fmt.h" -#include "common/http/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/http/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" diff --git a/source/common/conn_pool/BUILD b/source/common/conn_pool/BUILD index fafa208adc16..d526dfbf956b 100644 --- a/source/common/conn_pool/BUILD +++ b/source/common/conn_pool/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["conn_pool_base.cc"], hdrs = ["conn_pool_base.h"], deps = [ - "//include/envoy/stats:timespan_interface", + "//envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/stats:timespan_lib", "//source/common/upstream:upstream_lib", diff --git a/source/common/conn_pool/conn_pool_base.cc b/source/common/conn_pool/conn_pool_base.cc index a1982b7fa0fe..198c08c33648 100644 --- a/source/common/conn_pool/conn_pool_base.cc +++ b/source/common/conn_pool/conn_pool_base.cc @@ -1,10 +1,10 @@ -#include "common/conn_pool/conn_pool_base.h" +#include "source/common/conn_pool/conn_pool_base.h" -#include "common/common/assert.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/runtime/runtime_features.h" -#include "common/stats/timespan_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/assert.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace ConnectionPool { @@ -561,13 +561,13 @@ ActiveClient::ActiveClient(ConnPoolImplBase& parent, uint32_t lifetime_stream_li parent_.host()->cluster().resourceManager(parent_.priority()).connections().inc(); } -ActiveClient::~ActiveClient() { releaseResources(); } +ActiveClient::~ActiveClient() { releaseResourcesBase(); } void ActiveClient::onEvent(Network::ConnectionEvent event) { parent_.onConnectionEvent(*this, "", event); } -void ActiveClient::releaseResources() { +void ActiveClient::releaseResourcesBase() { if (!resources_released_) { resources_released_ = true; diff --git a/source/common/conn_pool/conn_pool_base.h b/source/common/conn_pool/conn_pool_base.h index dd72cc83a30b..322c7967912c 100644 --- a/source/common/conn_pool/conn_pool_base.h +++ b/source/common/conn_pool/conn_pool_base.h @@ -6,8 +6,8 @@ #include "envoy/stats/timespan.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/dump_state_utils.h" -#include "common/common/linked_object.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/linked_object.h" #include "absl/strings/string_view.h" @@ -34,7 +34,8 @@ class ActiveClient : public LinkedObject, uint32_t concurrent_stream_limit); ~ActiveClient() override; - void releaseResources(); + virtual void releaseResources() { releaseResourcesBase(); } + void releaseResourcesBase(); // Network::ConnectionCallbacks void onEvent(Network::ConnectionEvent event) override; diff --git a/source/common/crypto/BUILD b/source/common/crypto/BUILD index e47c843fe72a..07b461c6ab0b 100644 --- a/source/common/crypto/BUILD +++ b/source/common/crypto/BUILD @@ -14,8 +14,8 @@ envoy_cc_library( "utility.h", ], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common/crypto:crypto_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common/crypto:crypto_interface", "//source/common/common:assert_lib", "//source/common/singleton:threadsafe_singleton", ], diff --git a/source/common/crypto/utility.h b/source/common/crypto/utility.h index 4f81b0d73e6f..2dbc4427e8da 100644 --- a/source/common/crypto/utility.h +++ b/source/common/crypto/utility.h @@ -6,7 +6,7 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/crypto/crypto.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/strings/string_view.h" diff --git a/source/common/event/BUILD b/source/common/event/BUILD index 35e5bb6601b1..f847b9dd614f 100644 --- a/source/common/event/BUILD +++ b/source/common/event/BUILD @@ -25,6 +25,7 @@ envoy_cc_library( "posix/signal_impl.h", ], }), + include_prefix = "source/common/event", strip_include_prefix = select({ "//bazel:windows_x86_64": "win32", "//conditions:default": "posix", @@ -35,11 +36,11 @@ envoy_cc_library( ":real_time_system_lib", ":signal_lib", ":scaled_range_timer_manager_lib", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/common:time_interface", - "//include/envoy/event:signal_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:listener_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/common:time_interface", + "//envoy/event:signal_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:listener_interface", "//source/common/common:assert_lib", "//source/common/common:thread_lib", "//source/common/filesystem:watcher_lib", @@ -61,10 +62,11 @@ envoy_cc_posix_library( name = "signal_impl_lib", srcs = ["posix/signal_impl.cc"], hdrs = ["posix/signal_impl.h"], + include_prefix = "source/common/event", strip_include_prefix = "posix", deps = [ ":dispatcher_includes", - "//include/envoy/event:signal_interface", + "//envoy/event:signal_interface", "//source/common/common:thread_lib", ], ) @@ -73,10 +75,11 @@ envoy_cc_win32_library( name = "signal_impl_lib", srcs = ["win32/signal_impl.cc"], hdrs = ["win32/signal_impl.h"], + include_prefix = "source/common/event", strip_include_prefix = "win32", deps = [ ":dispatcher_includes", - "//include/envoy/event:signal_interface", + "//envoy/event:signal_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:thread_lib", "//source/common/network:default_socket_interface_lib", @@ -99,7 +102,7 @@ envoy_cc_library( deps = [ ":event_impl_base_lib", ":timer_lib", - "//include/envoy/event:timer_interface", + "//envoy/event:timer_interface", "//source/common/common:utility_lib", "//source/common/event:dispatcher_includes", ], @@ -119,11 +122,11 @@ envoy_cc_library( deps = [ ":libevent_lib", ":libevent_scheduler_lib", - "//include/envoy/api:api_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/network:connection_handler_interface", + "//envoy/api:api_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/network:connection_handler_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", "//source/common/signal:fatal_error_handler_lib", @@ -157,8 +160,8 @@ envoy_cc_library( ":libevent_lib", ":schedulable_cb_lib", ":timer_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", "//source/common/common:assert_lib", ], ) @@ -171,7 +174,7 @@ envoy_cc_library( deps = [ ":event_impl_base_lib", ":libevent_lib", - "//include/envoy/event:schedulable_cb_interface", + "//envoy/event:schedulable_cb_interface", ], ) @@ -183,7 +186,7 @@ envoy_cc_library( deps = [ ":event_impl_base_lib", ":libevent_lib", - "//include/envoy/event:timer_interface", + "//envoy/event:timer_interface", "//source/common/common:scope_tracker", "//source/common/common:utility_lib", ], @@ -193,8 +196,8 @@ envoy_cc_library( name = "deferred_task", hdrs = ["deferred_task.h"], deps = [ - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", ], ) @@ -203,9 +206,9 @@ envoy_cc_library( srcs = ["scaled_range_timer_manager_impl.cc"], hdrs = ["scaled_range_timer_manager_impl.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:scaled_range_timer_manager_interface", - "//include/envoy/event:timer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:scaled_range_timer_manager_interface", + "//envoy/event:timer_interface", "//source/common/common:scope_tracker", ], ) diff --git a/source/common/event/dispatcher_impl.cc b/source/common/event/dispatcher_impl.cc index b3ff5128eb78..e6ce9164b0e8 100644 --- a/source/common/event/dispatcher_impl.cc +++ b/source/common/event/dispatcher_impl.cc @@ -1,4 +1,4 @@ -#include "common/event/dispatcher_impl.h" +#include "source/common/event/dispatcher_impl.h" #include #include @@ -11,30 +11,30 @@ #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" -#include "common/event/file_event_impl.h" -#include "common/event/libevent_scheduler.h" -#include "common/event/scaled_range_timer_manager_impl.h" -#include "common/event/signal_impl.h" -#include "common/event/timer_impl.h" -#include "common/filesystem/watcher_impl.h" -#include "common/network/connection_impl.h" -#include "common/network/dns_impl.h" -#include "common/network/tcp_listener_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/runtime/runtime_features.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/common/event/file_event_impl.h" +#include "source/common/event/libevent_scheduler.h" +#include "source/common/event/scaled_range_timer_manager_impl.h" +#include "source/common/event/signal_impl.h" +#include "source/common/event/timer_impl.h" +#include "source/common/filesystem/watcher_impl.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/dns_impl.h" +#include "source/common/network/tcp_listener_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/runtime/runtime_features.h" #include "event2/event.h" #ifdef ENVOY_HANDLE_SIGNALS -#include "common/signal/signal_action.h" +#include "source/common/signal/signal_action.h" #endif #ifdef __APPLE__ -#include "common/network/apple_dns_impl.h" +#include "source/common/network/apple_dns_impl.h" #endif namespace Envoy { @@ -157,7 +157,7 @@ DispatcherImpl::createClientConnection(Network::Address::InstanceConstSharedPtr Network::DnsResolverSharedPtr DispatcherImpl::createDnsResolver( const std::vector& resolvers, - const bool use_tcp_for_dns_lookups) { + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) { ASSERT(isThreadSafe()); #ifdef __APPLE__ static bool use_apple_api_for_dns_lookups = @@ -169,7 +169,7 @@ Network::DnsResolverSharedPtr DispatcherImpl::createDnsResolver( "Apple's API only allows overriding DNS resolvers via system settings. Delete resolvers " "config or disable the envoy.restart_features.use_apple_api_for_dns_lookups runtime " "feature."); - RELEASE_ASSERT(!use_tcp_for_dns_lookups, + RELEASE_ASSERT(!dns_resolver_options.use_tcp_for_dns_lookups(), "using TCP for DNS lookups is not possible when using Apple APIs for DNS " "resolution. Apple' API only uses UDP for DNS resolution. Use UDP or disable " "the envoy.restart_features.use_apple_api_for_dns_lookups runtime feature."); @@ -177,7 +177,7 @@ Network::DnsResolverSharedPtr DispatcherImpl::createDnsResolver( api_.rootScope()); } #endif - return std::make_shared(*this, resolvers, use_tcp_for_dns_lookups); + return std::make_shared(*this, resolvers, dns_resolver_options); } FileEventPtr DispatcherImpl::createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, diff --git a/source/common/event/dispatcher_impl.h b/source/common/event/dispatcher_impl.h index fe16145e7cd2..601bc206c1c3 100644 --- a/source/common/event/dispatcher_impl.h +++ b/source/common/event/dispatcher_impl.h @@ -14,11 +14,11 @@ #include "envoy/network/connection_handler.h" #include "envoy/stats/scope.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/event/libevent.h" -#include "common/event/libevent_scheduler.h" -#include "common/signal/fatal_error_handler.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/event/libevent.h" +#include "source/common/event/libevent_scheduler.h" +#include "source/common/signal/fatal_error_handler.h" #include "absl/container/inlined_vector.h" @@ -66,9 +66,9 @@ class DispatcherImpl : Logger::Loggable, Network::Address::InstanceConstSharedPtr source_address, Network::TransportSocketPtr&& transport_socket, const Network::ConnectionSocket::OptionsSharedPtr& options) override; - Network::DnsResolverSharedPtr - createDnsResolver(const std::vector& resolvers, - const bool use_tcp_for_dns_lookups) override; + Network::DnsResolverSharedPtr createDnsResolver( + const std::vector& resolvers, + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) override; FileEventPtr createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events) override; Filesystem::WatcherPtr createFilesystemWatcher() override; diff --git a/source/common/event/event_impl_base.cc b/source/common/event/event_impl_base.cc index c14eb1874bc1..e7cb00f06696 100644 --- a/source/common/event/event_impl_base.cc +++ b/source/common/event/event_impl_base.cc @@ -1,4 +1,4 @@ -#include "common/event/event_impl_base.h" +#include "source/common/event/event_impl_base.h" #include "event2/event.h" diff --git a/source/common/event/file_event_impl.cc b/source/common/event/file_event_impl.cc index 252bb53650f9..5b83e694d548 100644 --- a/source/common/event/file_event_impl.cc +++ b/source/common/event/file_event_impl.cc @@ -1,9 +1,9 @@ -#include "common/event/file_event_impl.h" +#include "source/common/event/file_event_impl.h" #include -#include "common/common/assert.h" -#include "common/event/dispatcher_impl.h" +#include "source/common/common/assert.h" +#include "source/common/event/dispatcher_impl.h" #include "event2/event.h" @@ -85,7 +85,16 @@ void FileEventImpl::assignEvents(uint32_t events, event_base* base) { void FileEventImpl::updateEvents(uint32_t events) { ASSERT(dispatcher_.isThreadSafe()); - if (events == enabled_events_) { + // The update can be skipped in cases where the old and new event mask are the same if the fd is + // using Level or EmulatedEdge trigger modes, but not Edge trigger mode. When the fd is registered + // in edge trigger mode, re-registering the fd will force re-computation of the readable/writable + // state even in cases where the event mask is not changing. See + // https://github.com/envoyproxy/envoy/pull/16389 for more details. + // TODO(antoniovicente) Consider ways to optimize away event registration updates in edge trigger + // mode once setEnabled stops clearing injected_activation_events_ before calling updateEvents + // and/or implement optimizations at the Network::ConnectionImpl level to reduce the number of + // calls to setEnabled. + if (events == enabled_events_ && trigger_ != FileTriggerType::Edge) { return; } auto* base = event_get_base(&raw_event_); diff --git a/source/common/event/file_event_impl.h b/source/common/event/file_event_impl.h index a0dd6a362334..acb43334ccc3 100644 --- a/source/common/event/file_event_impl.h +++ b/source/common/event/file_event_impl.h @@ -4,8 +4,8 @@ #include "envoy/event/file_event.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/event_impl_base.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/event_impl_base.h" namespace Envoy { namespace Event { diff --git a/source/common/event/libevent.cc b/source/common/event/libevent.cc index c7ec364ddf24..d84dc16d4c51 100644 --- a/source/common/event/libevent.cc +++ b/source/common/event/libevent.cc @@ -1,8 +1,8 @@ -#include "common/event/libevent.h" +#include "source/common/event/libevent.h" #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "event2/thread.h" diff --git a/source/common/event/libevent.h b/source/common/event/libevent.h index 304b326fb4dd..6687333926ca 100644 --- a/source/common/event/libevent.h +++ b/source/common/event/libevent.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/c_smart_ptr.h" +#include "source/common/common/c_smart_ptr.h" struct event_base; extern "C" { diff --git a/source/common/event/libevent_scheduler.cc b/source/common/event/libevent_scheduler.cc index e0f21c5da2ba..b41c8db0901d 100644 --- a/source/common/event/libevent_scheduler.cc +++ b/source/common/event/libevent_scheduler.cc @@ -1,8 +1,8 @@ -#include "common/event/libevent_scheduler.h" +#include "source/common/event/libevent_scheduler.h" -#include "common/common/assert.h" -#include "common/event/schedulable_cb_impl.h" -#include "common/event/timer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/event/schedulable_cb_impl.h" +#include "source/common/event/timer_impl.h" #include "event2/util.h" diff --git a/source/common/event/libevent_scheduler.h b/source/common/event/libevent_scheduler.h index 063f3061a5ce..93e81ef424ba 100644 --- a/source/common/event/libevent_scheduler.h +++ b/source/common/event/libevent_scheduler.h @@ -6,7 +6,7 @@ #include "envoy/event/schedulable_cb.h" #include "envoy/event/timer.h" -#include "common/event/libevent.h" +#include "source/common/event/libevent.h" #include "event2/event.h" #include "event2/watch.h" diff --git a/source/common/event/posix/signal_impl.cc b/source/common/event/posix/signal_impl.cc index 459e3f9b0dea..3e3a55160efc 100644 --- a/source/common/event/posix/signal_impl.cc +++ b/source/common/event/posix/signal_impl.cc @@ -1,5 +1,5 @@ -#include "common/event/dispatcher_impl.h" -#include "common/event/signal_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/signal_impl.h" #include "event2/event.h" diff --git a/source/common/event/posix/signal_impl.h b/source/common/event/posix/signal_impl.h index b2d6014b041a..d48aed73aad5 100644 --- a/source/common/event/posix/signal_impl.h +++ b/source/common/event/posix/signal_impl.h @@ -2,8 +2,8 @@ #include "envoy/event/signal.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/event_impl_base.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/event_impl_base.h" namespace Envoy { namespace Event { diff --git a/source/common/event/real_time_system.cc b/source/common/event/real_time_system.cc index 7f022c23a0bb..7f8f76005fe6 100644 --- a/source/common/event/real_time_system.cc +++ b/source/common/event/real_time_system.cc @@ -1,9 +1,9 @@ -#include "common/event/real_time_system.h" +#include "source/common/event/real_time_system.h" #include -#include "common/common/assert.h" -#include "common/event/timer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/event/timer_impl.h" namespace Envoy { namespace Event { diff --git a/source/common/event/real_time_system.h b/source/common/event/real_time_system.h index a5b86466eec1..01b593d4d5f1 100644 --- a/source/common/event/real_time_system.h +++ b/source/common/event/real_time_system.h @@ -2,7 +2,7 @@ #include "envoy/event/timer.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Event { diff --git a/source/common/event/scaled_range_timer_manager_impl.cc b/source/common/event/scaled_range_timer_manager_impl.cc index 919116ae06d2..81e4e91afd48 100644 --- a/source/common/event/scaled_range_timer_manager_impl.cc +++ b/source/common/event/scaled_range_timer_manager_impl.cc @@ -1,4 +1,4 @@ -#include "common/event/scaled_range_timer_manager_impl.h" +#include "source/common/event/scaled_range_timer_manager_impl.h" #include #include @@ -6,8 +6,8 @@ #include "envoy/event/timer.h" -#include "common/common/assert.h" -#include "common/common/scope_tracker.h" +#include "source/common/common/assert.h" +#include "source/common/common/scope_tracker.h" namespace Envoy { namespace Event { diff --git a/source/common/event/schedulable_cb_impl.cc b/source/common/event/schedulable_cb_impl.cc index 2109af17972e..f59ea2ff5bcb 100644 --- a/source/common/event/schedulable_cb_impl.cc +++ b/source/common/event/schedulable_cb_impl.cc @@ -1,6 +1,6 @@ -#include "common/event/schedulable_cb_impl.h" +#include "source/common/event/schedulable_cb_impl.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "event2/event.h" diff --git a/source/common/event/schedulable_cb_impl.h b/source/common/event/schedulable_cb_impl.h index 48c6224f6a96..be9e434140c0 100644 --- a/source/common/event/schedulable_cb_impl.h +++ b/source/common/event/schedulable_cb_impl.h @@ -2,8 +2,8 @@ #include "envoy/event/schedulable_cb.h" -#include "common/event/event_impl_base.h" -#include "common/event/libevent.h" +#include "source/common/event/event_impl_base.h" +#include "source/common/event/libevent.h" namespace Envoy { namespace Event { diff --git a/source/common/event/timer_impl.cc b/source/common/event/timer_impl.cc index 3a2189f95c40..813bd7af5524 100644 --- a/source/common/event/timer_impl.cc +++ b/source/common/event/timer_impl.cc @@ -1,8 +1,8 @@ -#include "common/event/timer_impl.h" +#include "source/common/event/timer_impl.h" #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "event2/event.h" diff --git a/source/common/event/timer_impl.h b/source/common/event/timer_impl.h index bd56d528409e..20641db7e29a 100644 --- a/source/common/event/timer_impl.h +++ b/source/common/event/timer_impl.h @@ -4,10 +4,10 @@ #include "envoy/event/timer.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/event/event_impl_base.h" -#include "common/event/libevent.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/event/event_impl_base.h" +#include "source/common/event/libevent.h" namespace Envoy { namespace Event { diff --git a/source/common/event/win32/signal_impl.cc b/source/common/event/win32/signal_impl.cc index 4ffd62b73094..d2a96b0de6fe 100644 --- a/source/common/event/win32/signal_impl.cc +++ b/source/common/event/win32/signal_impl.cc @@ -1,6 +1,6 @@ -#include "common/api/os_sys_calls_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/signal_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/signal_impl.h" #include "event2/event.h" diff --git a/source/common/event/win32/signal_impl.h b/source/common/event/win32/signal_impl.h index 51e21e4f1ec9..fc7a05cf5697 100644 --- a/source/common/event/win32/signal_impl.h +++ b/source/common/event/win32/signal_impl.h @@ -3,10 +3,10 @@ #include "envoy/event/signal.h" #include "envoy/network/io_handle.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/event_impl_base.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/event_impl_base.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/filesystem/BUILD b/source/common/filesystem/BUILD index afcf463ef0b3..9fc6afae7863 100644 --- a/source/common/filesystem/BUILD +++ b/source/common/filesystem/BUILD @@ -21,9 +21,10 @@ envoy_cc_win32_library( name = "directory_iterator_impl_lib", srcs = ["win32/directory_iterator_impl.cc"], hdrs = ["win32/directory_iterator_impl.h"], + include_prefix = "source/common/filesystem", strip_include_prefix = "win32", deps = [ - "//include/envoy/filesystem:filesystem_interface", + "//envoy/filesystem:filesystem_interface", ], ) @@ -31,9 +32,10 @@ envoy_cc_posix_library( name = "directory_iterator_impl_lib", srcs = ["posix/directory_iterator_impl.cc"], hdrs = ["posix/directory_iterator_impl.h"], + include_prefix = "source/common/filesystem", strip_include_prefix = "posix", deps = [ - "//include/envoy/filesystem:filesystem_interface", + "//envoy/filesystem:filesystem_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:utility_lib", ], @@ -48,6 +50,7 @@ envoy_cc_posix_library( name = "filesystem_impl_lib", srcs = ["posix/filesystem_impl.cc"], hdrs = ["posix/filesystem_impl.h"], + include_prefix = "source/common/filesystem", strip_include_prefix = "posix", deps = [ ":file_shared_lib", @@ -58,6 +61,7 @@ envoy_cc_win32_library( name = "filesystem_impl_lib", srcs = ["win32/filesystem_impl.cc"], hdrs = ["win32/filesystem_impl.h"], + include_prefix = "source/common/filesystem", strip_include_prefix = "win32", deps = [ ":file_shared_lib", @@ -69,7 +73,7 @@ envoy_cc_library( srcs = ["file_shared_impl.cc"], hdrs = ["file_shared_impl.h"], deps = [ - "//include/envoy/filesystem:filesystem_interface", + "//envoy/filesystem:filesystem_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], @@ -102,14 +106,15 @@ envoy_cc_library( external_deps = [ "event", ], + include_prefix = "source/common/filesystem", strip_include_prefix = select({ "//bazel:apple": "kqueue", "//bazel:windows_x86_64": "win32", "//conditions:default": "inotify", }), deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", "//source/common/common:minimal_logger_lib", diff --git a/source/common/filesystem/directory.h b/source/common/filesystem/directory.h index a949ce724a72..2ca76e19fc0d 100644 --- a/source/common/filesystem/directory.h +++ b/source/common/filesystem/directory.h @@ -4,7 +4,7 @@ #include "envoy/filesystem/filesystem.h" -#include "common/filesystem/directory_iterator_impl.h" +#include "source/common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/file_shared_impl.cc b/source/common/filesystem/file_shared_impl.cc index 510912e220de..f4ad412f61cf 100644 --- a/source/common/filesystem/file_shared_impl.cc +++ b/source/common/filesystem/file_shared_impl.cc @@ -1,6 +1,6 @@ -#include "common/filesystem/file_shared_impl.h" +#include "source/common/filesystem/file_shared_impl.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/file_shared_impl.h b/source/common/filesystem/file_shared_impl.h index b3834938b755..fd81d03ec794 100644 --- a/source/common/filesystem/file_shared_impl.h +++ b/source/common/filesystem/file_shared_impl.h @@ -4,7 +4,7 @@ #include "envoy/filesystem/filesystem.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/inotify/watcher_impl.cc b/source/common/filesystem/inotify/watcher_impl.cc index 2aeb9b6ef30b..a30d6ef48e56 100644 --- a/source/common/filesystem/inotify/watcher_impl.cc +++ b/source/common/filesystem/inotify/watcher_impl.cc @@ -8,10 +8,10 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/filesystem/watcher_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/watcher_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/inotify/watcher_impl.h b/source/common/filesystem/inotify/watcher_impl.h index 9b416f5c9c03..73c4439fc53a 100644 --- a/source/common/filesystem/inotify/watcher_impl.h +++ b/source/common/filesystem/inotify/watcher_impl.h @@ -8,7 +8,7 @@ #include "envoy/event/dispatcher.h" #include "envoy/filesystem/watcher.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/filesystem/kqueue/watcher_impl.cc b/source/common/filesystem/kqueue/watcher_impl.cc index 2452eeb688b2..47edf3a2c291 100644 --- a/source/common/filesystem/kqueue/watcher_impl.cc +++ b/source/common/filesystem/kqueue/watcher_impl.cc @@ -6,10 +6,10 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/filesystem/watcher_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/watcher_impl.h" #include "event2/event.h" diff --git a/source/common/filesystem/kqueue/watcher_impl.h b/source/common/filesystem/kqueue/watcher_impl.h index e34d90548979..4a86f8be4ca5 100644 --- a/source/common/filesystem/kqueue/watcher_impl.h +++ b/source/common/filesystem/kqueue/watcher_impl.h @@ -8,8 +8,8 @@ #include "envoy/event/dispatcher.h" #include "envoy/filesystem/watcher.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/filesystem/posix/directory_iterator_impl.cc b/source/common/filesystem/posix/directory_iterator_impl.cc index 34a0ca9b2c4c..65c1fe2bd7df 100644 --- a/source/common/filesystem/posix/directory_iterator_impl.cc +++ b/source/common/filesystem/posix/directory_iterator_impl.cc @@ -1,8 +1,8 @@ #include "envoy/common/exception.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/filesystem/directory_iterator_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/posix/directory_iterator_impl.h b/source/common/filesystem/posix/directory_iterator_impl.h index abbe8e3fc1aa..ffb2a6b2d62a 100644 --- a/source/common/filesystem/posix/directory_iterator_impl.h +++ b/source/common/filesystem/posix/directory_iterator_impl.h @@ -4,7 +4,7 @@ #include "envoy/filesystem/filesystem.h" -#include "common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/posix/filesystem_impl.cc b/source/common/filesystem/posix/filesystem_impl.cc index 0e514c91261a..c89cacd6dafb 100644 --- a/source/common/filesystem/posix/filesystem_impl.cc +++ b/source/common/filesystem/posix/filesystem_impl.cc @@ -11,11 +11,11 @@ #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/filesystem/filesystem_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/filesystem_impl.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" diff --git a/source/common/filesystem/posix/filesystem_impl.h b/source/common/filesystem/posix/filesystem_impl.h index 65ff10c64c1a..98abed720c61 100644 --- a/source/common/filesystem/posix/filesystem_impl.h +++ b/source/common/filesystem/posix/filesystem_impl.h @@ -5,7 +5,7 @@ #include "envoy/api/os_sys_calls.h" -#include "common/filesystem/file_shared_impl.h" +#include "source/common/filesystem/file_shared_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/win32/directory_iterator_impl.cc b/source/common/filesystem/win32/directory_iterator_impl.cc index 559cfda7eb27..645d5b16e521 100644 --- a/source/common/filesystem/win32/directory_iterator_impl.cc +++ b/source/common/filesystem/win32/directory_iterator_impl.cc @@ -1,7 +1,7 @@ #include "envoy/common/exception.h" -#include "common/common/fmt.h" -#include "common/filesystem/directory_iterator_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/filesystem/directory_iterator_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/win32/filesystem_impl.cc b/source/common/filesystem/win32/filesystem_impl.cc index 058cca07fe0b..9ec504375951 100644 --- a/source/common/filesystem/win32/filesystem_impl.cc +++ b/source/common/filesystem/win32/filesystem_impl.cc @@ -8,9 +8,9 @@ #include "envoy/common/exception.h" #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/filesystem/filesystem_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/filesystem/filesystem_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" diff --git a/source/common/filesystem/win32/filesystem_impl.h b/source/common/filesystem/win32/filesystem_impl.h index fe9b1fea0dc1..4c009dd30bea 100644 --- a/source/common/filesystem/win32/filesystem_impl.h +++ b/source/common/filesystem/win32/filesystem_impl.h @@ -3,7 +3,7 @@ #include #include -#include "common/filesystem/file_shared_impl.h" +#include "source/common/filesystem/file_shared_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/win32/watcher_impl.cc b/source/common/filesystem/win32/watcher_impl.cc index f7e5ed12dfa8..e4a3dd7e87f9 100644 --- a/source/common/filesystem/win32/watcher_impl.cc +++ b/source/common/filesystem/win32/watcher_impl.cc @@ -1,8 +1,8 @@ -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/thread_impl.h" -#include "common/filesystem/watcher_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread_impl.h" +#include "source/common/filesystem/watcher_impl.h" namespace Envoy { namespace Filesystem { diff --git a/source/common/filesystem/win32/watcher_impl.h b/source/common/filesystem/win32/watcher_impl.h index 0633b254b4fc..2742293db648 100644 --- a/source/common/filesystem/win32/watcher_impl.h +++ b/source/common/filesystem/win32/watcher_impl.h @@ -13,12 +13,12 @@ #include "envoy/filesystem/watcher.h" #include "envoy/network/io_handle.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/thread_impl.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread_impl.h" +#include "source/common/network/io_socket_handle_impl.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/filter/http/BUILD b/source/common/filter/http/BUILD index 3248d7341745..683467b9530f 100644 --- a/source/common/filter/http/BUILD +++ b/source/common/filter/http/BUILD @@ -13,11 +13,11 @@ envoy_cc_library( srcs = ["filter_config_discovery_impl.cc"], hdrs = ["filter_config_discovery_impl.h"], deps = [ - "//include/envoy/config:subscription_interface", - "//include/envoy/filter/http:filter_config_provider_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/config:subscription_interface", + "//envoy/filter/http:filter_config_provider_interface", + "//envoy/singleton:instance_interface", + "//envoy/stats:stats_macros", + "//envoy/thread_local:thread_local_interface", "//source/common/common:containers_lib", "//source/common/config:subscription_base_interface", "//source/common/config:subscription_factory_lib", diff --git a/source/common/filter/http/filter_config_discovery_impl.cc b/source/common/filter/http/filter_config_discovery_impl.cc index 8f5f74b00025..33c47f94eec9 100644 --- a/source/common/filter/http/filter_config_discovery_impl.cc +++ b/source/common/filter/http/filter_config_discovery_impl.cc @@ -1,4 +1,4 @@ -#include "common/filter/http/filter_config_discovery_impl.h" +#include "source/common/filter/http/filter_config_discovery_impl.h" #include "envoy/config/core/v3/extension.pb.h" #include "envoy/config/core/v3/extension.pb.validate.h" @@ -6,11 +6,11 @@ #include "envoy/http/filter.h" #include "envoy/server/filter_config.h" -#include "common/common/containers.h" -#include "common/common/thread.h" -#include "common/config/utility.h" -#include "common/grpc/common.h" -#include "common/protobuf/utility.h" +#include "source/common/common/containers.h" +#include "source/common/common/thread.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/protobuf/utility.h" #include "absl/strings/str_join.h" diff --git a/source/common/filter/http/filter_config_discovery_impl.h b/source/common/filter/http/filter_config_discovery_impl.h index 5027bc863f5f..a207eca3099d 100644 --- a/source/common/filter/http/filter_config_discovery_impl.h +++ b/source/common/filter/http/filter_config_discovery_impl.h @@ -12,10 +12,10 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/assert.h" -#include "common/config/subscription_base.h" -#include "common/init/manager_impl.h" -#include "common/init/target_impl.h" +#include "source/common/common/assert.h" +#include "source/common/config/subscription_base.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/target_impl.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/formatter/BUILD b/source/common/formatter/BUILD index 3acb8213a463..202ad9d030cd 100644 --- a/source/common/formatter/BUILD +++ b/source/common/formatter/BUILD @@ -14,11 +14,11 @@ envoy_cc_library( hdrs = ["substitution_formatter.h"], external_deps = ["abseil_str_format"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/formatter:substitution_formatter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stream_info:stream_info_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/api:api_interface", + "//envoy/formatter:substitution_formatter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stream_info:stream_info_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/config:datasource_lib", diff --git a/source/common/formatter/substitution_format_string.cc b/source/common/formatter/substitution_format_string.cc index 5cd4a2f22e35..62c41c9ef732 100644 --- a/source/common/formatter/substitution_format_string.cc +++ b/source/common/formatter/substitution_format_string.cc @@ -1,10 +1,11 @@ -#include "common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_format_string.h" #include "envoy/api/api.h" -#include "common/config/datasource.h" -#include "common/config/utility.h" -#include "common/formatter/substitution_formatter.h" +#include "source/common/config/datasource.h" +#include "source/common/config/utility.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/protobuf/message_validator_impl.h" namespace Envoy { namespace Formatter { @@ -18,7 +19,8 @@ SubstitutionFormatStringUtils::createJsonFormatter(const ProtobufWkt::Struct& st } FormatterPtr SubstitutionFormatStringUtils::fromProtoConfig( - const envoy::config::core::v3::SubstitutionFormatString& config, Api::Api& api) { + const envoy::config::core::v3::SubstitutionFormatString& config, + Server::Configuration::CommonFactoryContext& context) { // Instantiate formatter extensions. std::vector commands; for (const auto& formatter : config.formatters()) { @@ -26,7 +28,9 @@ FormatterPtr SubstitutionFormatStringUtils::fromProtoConfig( if (!factory) { throw EnvoyException(absl::StrCat("Formatter not found: ", formatter.name())); } - auto parser = factory->createCommandParserFromProto(formatter.typed_config()); + auto typed_config = Envoy::Config::Utility::translateAnyToFactoryConfig( + formatter.typed_config(), context.messageValidationVisitor(), *factory); + auto parser = factory->createCommandParserFromProto(*typed_config); if (!parser) { throw EnvoyException(absl::StrCat("Failed to create command parser: ", formatter.name())); } @@ -42,7 +46,8 @@ FormatterPtr SubstitutionFormatStringUtils::fromProtoConfig( config.omit_empty_values(), commands); case envoy::config::core::v3::SubstitutionFormatString::FormatCase::kTextFormatSource: return std::make_unique( - Config::DataSource::read(config.text_format_source(), true, api), false, commands); + Config::DataSource::read(config.text_format_source(), true, context.api()), false, + commands); default: NOT_REACHED_GCOVR_EXCL_LINE; } diff --git a/source/common/formatter/substitution_format_string.h b/source/common/formatter/substitution_format_string.h index d60033cabafd..9c6b899bdd0d 100644 --- a/source/common/formatter/substitution_format_string.h +++ b/source/common/formatter/substitution_format_string.h @@ -5,8 +5,9 @@ #include "envoy/api/api.h" #include "envoy/config/core/v3/substitution_format_string.pb.h" #include "envoy/formatter/substitution_formatter.h" +#include "envoy/server/factory_context.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Formatter { @@ -20,7 +21,8 @@ class SubstitutionFormatStringUtils { * Generate a formatter object from config SubstitutionFormatString. */ static FormatterPtr - fromProtoConfig(const envoy::config::core::v3::SubstitutionFormatString& config, Api::Api& api); + fromProtoConfig(const envoy::config::core::v3::SubstitutionFormatString& config, + Server::Configuration::CommonFactoryContext& context); /** * Generate a Json formatter object from proto::Struct config diff --git a/source/common/formatter/substitution_formatter.cc b/source/common/formatter/substitution_formatter.cc index 6c1c48c51320..76261d9f882a 100644 --- a/source/common/formatter/substitution_formatter.cc +++ b/source/common/formatter/substitution_formatter.cc @@ -1,4 +1,4 @@ -#include "common/formatter/substitution_formatter.h" +#include "source/common/formatter/substitution_formatter.h" #include #include @@ -9,20 +9,20 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/upstream/upstream.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/thread.h" -#include "common/common/utility.h" -#include "common/config/metadata.h" -#include "common/grpc/common.h" -#include "common/grpc/status.h" -#include "common/http/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" -#include "common/stream_info/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/status.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stream_info/utility.h" #include "absl/strings/str_split.h" #include "fmt/format.h" @@ -415,7 +415,7 @@ FormatterProviderPtr SubstitutionFormatParser::parseBuiltinCommand(const std::st } if (serialize_type.empty()) { - serialize_type = TYPED_SERIALIZATION; + serialize_type = std::string(TYPED_SERIALIZATION); } if (serialize_type != PLAIN_SERIALIZATION && serialize_type != TYPED_SERIALIZATION) { throw EnvoyException("Invalid filter state serialize type, only support PLAIN/TYPED."); @@ -1146,9 +1146,15 @@ MetadataFormatter::formatMetadata(const envoy::config::core::v3::Metadata& metad return absl::nullopt; } - std::string json = MessageUtil::getJsonStringFromMessageOrDie(value, false, true); - truncate(json, max_length_); - return json; + std::string str; + if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.unquote_log_string_values") && + value.kind_case() == ProtobufWkt::Value::kStringValue) { + str = value.string_value(); + } else { + str = MessageUtil::getJsonStringFromMessageOrDie(value, false, true); + } + truncate(str, max_length_); + return str; } ProtobufWkt::Value diff --git a/source/common/formatter/substitution_formatter.h b/source/common/formatter/substitution_formatter.h index 2a3150be4f2f..ebe4752d1a56 100644 --- a/source/common/formatter/substitution_formatter.h +++ b/source/common/formatter/substitution_formatter.h @@ -10,7 +10,7 @@ #include "envoy/formatter/substitution_formatter.h" #include "envoy/stream_info/stream_info.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "absl/container/flat_hash_map.h" #include "absl/types/optional.h" @@ -81,13 +81,15 @@ class SubstitutionFormatParser { if constexpr (std::is_same_v::type, std::string>) { // Compile time handler for std::string. - param = *it; + param = std::string(*it); it++; } else { // Compile time handler for container type. It will catch all remaining tokens and // move iterator to the end. - param.insert(param.begin(), it, tokens.end()); - it = tokens.end(); + do { + param.push_back(std::string(*it)); + it++; + } while (it != tokens.end()); } } }(params), diff --git a/source/common/grpc/BUILD b/source/common/grpc/BUILD index c00ce5555e07..a0b15654ed0d 100644 --- a/source/common/grpc/BUILD +++ b/source/common/grpc/BUILD @@ -17,7 +17,7 @@ envoy_cc_library( deps = [ ":codec_lib", ":context_lib", - "//include/envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/http:async_client_lib", ], @@ -31,7 +31,7 @@ envoy_cc_library( ":codec_lib", ":context_lib", ":typed_async_client_lib", - "//include/envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/config:version_converter_lib", "//source/common/http:async_client_lib", @@ -46,10 +46,10 @@ envoy_cc_library( deps = [ ":async_client_lib", ":context_lib", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/singleton:manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", ] + envoy_select_google_grpc([":google_async_client_lib"]), ) @@ -58,7 +58,7 @@ envoy_cc_library( srcs = ["codec.cc"], hdrs = ["codec.h"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", ], @@ -70,7 +70,7 @@ envoy_cc_library( hdrs = ["status.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/grpc:status", + "//envoy/grpc:status", ], ) @@ -80,11 +80,11 @@ envoy_cc_library( hdrs = ["common.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/http:header_map_interface", - "//include/envoy/http:message_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:header_map_interface", + "//envoy/http:message_interface", + "//envoy/stats:stats_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/common:assert_lib", @@ -112,9 +112,9 @@ envoy_cc_library( deps = [ ":common_lib", ":stat_names_lib", - "//include/envoy/grpc:context_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/stats:stats_interface", + "//envoy/grpc:context_interface", + "//envoy/http:header_map_interface", + "//envoy/stats:stats_interface", "//source/common/common:hash_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", @@ -131,8 +131,8 @@ envoy_cc_library( ], deps = [ ":google_grpc_creds_lib", - "//include/envoy/api:api_interface", - "//include/envoy/registry", + "//envoy/api:api_interface", + "//envoy/registry", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -149,7 +149,7 @@ envoy_cc_library( srcs = ["stat_names.cc"], hdrs = ["stat_names.h"], deps = [ - "//include/envoy/grpc:status", + "//envoy/grpc:status", "//source/common/stats:symbol_table_lib", ], ) @@ -169,10 +169,10 @@ envoy_cc_library( ":google_grpc_utils_lib", ":stat_names_lib", ":typed_async_client_lib", - "//include/envoy/api:api_interface", - "//include/envoy/grpc:google_grpc_creds_interface", - "//include/envoy/thread:thread_interface", - "//include/envoy/thread_local:thread_local_object", + "//envoy/api:api_interface", + "//envoy/grpc:google_grpc_creds_interface", + "//envoy/thread:thread_interface", + "//envoy/thread_local:thread_local_object", "//source/common/common:base64_lib", "//source/common/common:empty_string", "//source/common/common:linked_object", @@ -200,9 +200,9 @@ envoy_cc_library( hdrs = ["google_grpc_creds_impl.h"], external_deps = ["grpc"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/grpc:google_grpc_creds_interface", - "//include/envoy/registry", + "//envoy/api:api_interface", + "//envoy/grpc:google_grpc_creds_interface", + "//envoy/registry", "//source/common/config:datasource_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -216,9 +216,9 @@ envoy_cc_library( "grpc", ], deps = [ - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/server:factory_context_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/server:factory_context_interface", + "//envoy/singleton:instance_interface", + "//envoy/thread_local:thread_local_interface", ], ) diff --git a/source/common/grpc/async_client_impl.cc b/source/common/grpc/async_client_impl.cc index 6d1152ef9f45..53aeacf6236e 100644 --- a/source/common/grpc/async_client_impl.cc +++ b/source/common/grpc/async_client_impl.cc @@ -1,13 +1,13 @@ -#include "common/grpc/async_client_impl.h" +#include "source/common/grpc/async_client_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/enum_to_int.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/async_client_impl.h b/source/common/grpc/async_client_impl.h index 2e7139df209c..33d68f61417e 100644 --- a/source/common/grpc/async_client_impl.h +++ b/source/common/grpc/async_client_impl.h @@ -6,11 +6,11 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/async_client.h" -#include "common/common/linked_object.h" -#include "common/grpc/codec.h" -#include "common/grpc/typed_async_client.h" -#include "common/http/async_client_impl.h" -#include "common/router/header_parser.h" +#include "source/common/common/linked_object.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/router/header_parser.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/async_client_manager_impl.cc b/source/common/grpc/async_client_manager_impl.cc index 7b122e8bd59e..9538aa3d9d71 100644 --- a/source/common/grpc/async_client_manager_impl.cc +++ b/source/common/grpc/async_client_manager_impl.cc @@ -1,15 +1,15 @@ -#include "common/grpc/async_client_manager_impl.h" +#include "source/common/grpc/async_client_manager_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" -#include "common/common/base64.h" -#include "common/grpc/async_client_impl.h" +#include "source/common/common/base64.h" +#include "source/common/grpc/async_client_impl.h" #include "absl/strings/match.h" #ifdef ENVOY_GOOGLE_GRPC -#include "common/grpc/google_async_client_impl.h" +#include "source/common/grpc/google_async_client_impl.h" #endif namespace Envoy { diff --git a/source/common/grpc/async_client_manager_impl.h b/source/common/grpc/async_client_manager_impl.h index 923dc3beb9c1..8e3abaf23b55 100644 --- a/source/common/grpc/async_client_manager_impl.h +++ b/source/common/grpc/async_client_manager_impl.h @@ -8,7 +8,7 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/grpc/stat_names.h" +#include "source/common/grpc/stat_names.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/codec.cc b/source/common/grpc/codec.cc index d37079260f8b..ca4808a5852f 100644 --- a/source/common/grpc/codec.cc +++ b/source/common/grpc/codec.cc @@ -1,11 +1,11 @@ -#include "common/grpc/codec.h" +#include "source/common/grpc/codec.h" #include #include #include #include -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "absl/container/fixed_array.h" diff --git a/source/common/grpc/common.cc b/source/common/grpc/common.cc index 306062d78142..3cf1af966ffd 100644 --- a/source/common/grpc/common.cc +++ b/source/common/grpc/common.cc @@ -1,25 +1,25 @@ -#include "common/grpc/common.h" +#include "source/common/grpc/common.h" #include #include #include #include -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" diff --git a/source/common/grpc/common.h b/source/common/grpc/common.h index dcade2ad8015..c723aeca970f 100644 --- a/source/common/grpc/common.h +++ b/source/common/grpc/common.h @@ -10,9 +10,9 @@ #include "envoy/http/header_map.h" #include "envoy/http/message.h" -#include "common/common/hash.h" -#include "common/grpc/status.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/hash.h" +#include "source/common/grpc/status.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" #include "google/rpc/status.pb.h" diff --git a/source/common/grpc/context_impl.cc b/source/common/grpc/context_impl.cc index 4c0e2f91ebc3..11350f454616 100644 --- a/source/common/grpc/context_impl.cc +++ b/source/common/grpc/context_impl.cc @@ -1,10 +1,10 @@ -#include "common/grpc/context_impl.h" +#include "source/common/grpc/context_impl.h" #include #include -#include "common/grpc/common.h" -#include "common/stats/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/context_impl.h b/source/common/grpc/context_impl.h index 98a34695235b..8cc073a46be4 100644 --- a/source/common/grpc/context_impl.h +++ b/source/common/grpc/context_impl.h @@ -6,10 +6,10 @@ #include "envoy/grpc/context.h" #include "envoy/http/header_map.h" -#include "common/common/hash.h" -#include "common/grpc/stat_names.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/common/hash.h" +#include "source/common/grpc/stat_names.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" #include "absl/types/optional.h" diff --git a/source/common/grpc/google_async_client_cache.cc b/source/common/grpc/google_async_client_cache.cc index 5150f8182b20..2d7e5c664a73 100644 --- a/source/common/grpc/google_async_client_cache.cc +++ b/source/common/grpc/google_async_client_cache.cc @@ -1,4 +1,4 @@ -#include "common/grpc/google_async_client_cache.h" +#include "source/common/grpc/google_async_client_cache.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/google_async_client_impl.cc b/source/common/grpc/google_async_client_impl.cc index c3d1cdd89bc4..56380d58dcb1 100644 --- a/source/common/grpc/google_async_client_impl.cc +++ b/source/common/grpc/google_async_client_impl.cc @@ -1,17 +1,17 @@ -#include "common/grpc/google_async_client_impl.h" +#include "source/common/grpc/google_async_client_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" -#include "common/common/base64.h" -#include "common/common/empty_string.h" -#include "common/common/lock_guard.h" -#include "common/config/datasource.h" -#include "common/grpc/common.h" -#include "common/grpc/google_grpc_creds_impl.h" -#include "common/grpc/google_grpc_utils.h" -#include "common/router/header_parser.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/lock_guard.h" +#include "source/common/config/datasource.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/google_grpc_creds_impl.h" +#include "source/common/grpc/google_grpc_utils.h" +#include "source/common/router/header_parser.h" +#include "source/common/tracing/http_tracer_impl.h" #include "grpcpp/support/proto_buffer_reader.h" diff --git a/source/common/grpc/google_async_client_impl.h b/source/common/grpc/google_async_client_impl.h index c3ea7f4c12d4..4977ed219132 100644 --- a/source/common/grpc/google_async_client_impl.h +++ b/source/common/grpc/google_async_client_impl.h @@ -13,14 +13,14 @@ #include "envoy/thread_local/thread_local_object.h" #include "envoy/tracing/http_tracer.h" -#include "common/common/linked_object.h" -#include "common/common/thread.h" -#include "common/common/thread_annotations.h" -#include "common/grpc/google_grpc_context.h" -#include "common/grpc/stat_names.h" -#include "common/grpc/typed_async_client.h" -#include "common/router/header_parser.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/thread.h" +#include "source/common/common/thread_annotations.h" +#include "source/common/grpc/google_grpc_context.h" +#include "source/common/grpc/stat_names.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/common/router/header_parser.h" +#include "source/common/tracing/http_tracer_impl.h" #include "absl/container/node_hash_set.h" #include "grpcpp/generic/generic_stub.h" diff --git a/source/common/grpc/google_grpc_context.cc b/source/common/grpc/google_grpc_context.cc index cdd980839928..5309b11ac2c4 100644 --- a/source/common/grpc/google_grpc_context.cc +++ b/source/common/grpc/google_grpc_context.cc @@ -1,11 +1,11 @@ -#include "common/grpc/google_grpc_context.h" +#include "source/common/grpc/google_grpc_context.h" #include -#include "common/common/assert.h" -#include "common/common/lock_guard.h" -#include "common/common/macros.h" -#include "common/common/thread.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/macros.h" +#include "source/common/common/thread.h" #ifdef ENVOY_GOOGLE_GRPC #include "grpcpp/grpcpp.h" diff --git a/source/common/grpc/google_grpc_context.h b/source/common/grpc/google_grpc_context.h index 2ec235161f2e..b1378a11cf08 100644 --- a/source/common/grpc/google_grpc_context.h +++ b/source/common/grpc/google_grpc_context.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/google_grpc_creds_impl.cc b/source/common/grpc/google_grpc_creds_impl.cc index b534c2eebdf7..dc45e45bd78c 100644 --- a/source/common/grpc/google_grpc_creds_impl.cc +++ b/source/common/grpc/google_grpc_creds_impl.cc @@ -1,10 +1,10 @@ -#include "common/grpc/google_grpc_creds_impl.h" +#include "source/common/grpc/google_grpc_creds_impl.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" -#include "common/config/datasource.h" +#include "source/common/config/datasource.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/google_grpc_utils.cc b/source/common/grpc/google_grpc_utils.cc index b3fe1e20a320..dc7575ffae56 100644 --- a/source/common/grpc/google_grpc_utils.cc +++ b/source/common/grpc/google_grpc_utils.cc @@ -1,4 +1,4 @@ -#include "common/grpc/google_grpc_utils.h" +#include "source/common/grpc/google_grpc_utils.h" #include #include @@ -8,13 +8,13 @@ #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" -#include "common/common/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" diff --git a/source/common/grpc/stat_names.cc b/source/common/grpc/stat_names.cc index 3366c45c99cf..51df2f66247a 100644 --- a/source/common/grpc/stat_names.cc +++ b/source/common/grpc/stat_names.cc @@ -1,4 +1,4 @@ -#include "common/grpc/stat_names.h" +#include "source/common/grpc/stat_names.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/stat_names.h b/source/common/grpc/stat_names.h index daa2f7c9aeb9..2c65f597aeea 100644 --- a/source/common/grpc/stat_names.h +++ b/source/common/grpc/stat_names.h @@ -2,7 +2,7 @@ #include "envoy/grpc/status.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/grpc/status.cc b/source/common/grpc/status.cc index 7f0c194e2f6c..87cc5547637d 100644 --- a/source/common/grpc/status.cc +++ b/source/common/grpc/status.cc @@ -1,4 +1,4 @@ -#include "common/grpc/status.h" +#include "source/common/grpc/status.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/typed_async_client.cc b/source/common/grpc/typed_async_client.cc index 465bde6e139e..8afc4ae192a3 100644 --- a/source/common/grpc/typed_async_client.cc +++ b/source/common/grpc/typed_async_client.cc @@ -1,11 +1,11 @@ -#include "common/grpc/typed_async_client.h" +#include "source/common/grpc/typed_async_client.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/utility.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Grpc { diff --git a/source/common/grpc/typed_async_client.h b/source/common/grpc/typed_async_client.h index 2905db8f345a..22a009054357 100644 --- a/source/common/grpc/typed_async_client.h +++ b/source/common/grpc/typed_async_client.h @@ -5,8 +5,8 @@ #include "envoy/grpc/async_client.h" -#include "common/common/empty_string.h" -#include "common/config/version_converter.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/version_converter.h" namespace Envoy { namespace Grpc { diff --git a/source/common/html/utility.cc b/source/common/html/utility.cc index e2b80e188da6..e895fe857ff4 100644 --- a/source/common/html/utility.cc +++ b/source/common/html/utility.cc @@ -1,4 +1,4 @@ -#include "common/html/utility.h" +#include "source/common/html/utility.h" #include diff --git a/source/common/http/BUILD b/source/common/http/BUILD index bc2b727a1b3f..55c15b06a3f3 100644 --- a/source/common/http/BUILD +++ b/source/common/http/BUILD @@ -14,18 +14,18 @@ envoy_cc_library( srcs = ["async_client_impl.cc"], hdrs = ["async_client_impl.h"], deps = [ - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:async_client_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:context_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:message_interface", - "//include/envoy/router:context_interface", - "//include/envoy/router:router_interface", - "//include/envoy/router:router_ratelimit_interface", - "//include/envoy/router:shadow_writer_interface", - "//include/envoy/ssl:connection_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:async_client_interface", + "//envoy/http:codec_interface", + "//envoy/http:context_interface", + "//envoy/http:header_map_interface", + "//envoy/http:message_interface", + "//envoy/router:context_interface", + "//envoy/router:router_interface", + "//envoy/router:router_ratelimit_interface", + "//envoy/router:shadow_writer_interface", + "//envoy/ssl:connection_interface", "//source/common/common:empty_string", "//source/common/common:linked_object", "//source/common/router:router_lib", @@ -42,7 +42,7 @@ envoy_cc_library( srcs = ["async_client_utility.cc"], hdrs = ["async_client_utility.h"], deps = [ - "//include/envoy/http:async_client_interface", + "//envoy/http:async_client_interface", ], ) @@ -55,10 +55,10 @@ envoy_cc_library( ":exception_lib", ":status_lib", ":utility_lib", - "//include/envoy/event:deferred_deletable", - "//include/envoy/http:codec_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/event:deferred_deletable", + "//envoy/http:codec_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/common:linked_object", @@ -76,7 +76,7 @@ envoy_cc_library( name = "codec_helper_lib", hdrs = ["codec_helper.h"], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", "//source/common/common:assert_lib", ], ) @@ -92,7 +92,7 @@ envoy_cc_library( envoy_cc_library( name = "codec_wrappers_lib", hdrs = ["codec_wrappers.h"], - deps = ["//include/envoy/http:codec_interface"], + deps = ["//envoy/http:codec_interface"], ) envoy_cc_library( @@ -102,9 +102,9 @@ envoy_cc_library( deps = [ ":headers_lib", ":utility_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/stats:stats_interface", + "//envoy/http:codes_interface", + "//envoy/http:header_map_interface", + "//envoy/stats:stats_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/stats:symbol_table_lib", @@ -118,7 +118,7 @@ envoy_cc_library( deps = [ ":codes_lib", ":user_agent_lib", - "//include/envoy/http:context_interface", + "//envoy/http:context_interface", ], ) @@ -128,8 +128,8 @@ envoy_cc_library( hdrs = ["conn_pool_base.h"], deps = [ ":codec_client_lib", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/http:conn_pool_interface", + "//envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/conn_pool:conn_pool_base_lib", "//source/common/stats:timespan_lib", @@ -154,8 +154,8 @@ envoy_cc_library( srcs = ["http3_status_tracker.cc"], hdrs = ["http3_status_tracker.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", ], ) @@ -170,12 +170,13 @@ envoy_cc_library( "alternate_protocols_cache_manager_impl.h", ], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:alternate_protocols_cache_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:resource_manager_interface", + "//envoy/common:time_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:alternate_protocols_cache_interface", + "//envoy/singleton:manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:resource_manager_interface", + "//source/common/common:logger_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -197,11 +198,11 @@ envoy_cc_library( hdrs = ["conn_manager_config.h"], deps = [ ":date_provider_lib", - "//include/envoy/config:config_provider_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:original_ip_detection_interface", - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/router:rds_interface", + "//envoy/config:config_provider_interface", + "//envoy/http:filter_interface", + "//envoy/http:original_ip_detection_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/router:rds_interface", "//source/common/local_reply:local_reply_lib", "//source/common/network:utility_lib", "//source/common/stats:symbol_table_lib", @@ -220,8 +221,8 @@ envoy_cc_library( ], deps = [ ":headers_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/matcher:matcher_interface", + "//envoy/http:filter_interface", + "//envoy/matcher:matcher_interface", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:linked_object", "//source/common/common:scope_tracked_object_stack", @@ -259,30 +260,30 @@ envoy_cc_library( ":status_lib", ":user_agent_lib", ":utility_lib", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/common:time_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:api_listener_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:context_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:drain_decision_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/router:rds_interface", - "//include/envoy/router:scopes_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/ssl:connection_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/stats:timespan_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/access_log:access_log_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/common:time_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/http:api_listener_interface", + "//envoy/http:codec_interface", + "//envoy/http:context_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:connection_interface", + "//envoy/network:drain_decision_interface", + "//envoy/network:filter_interface", + "//envoy/router:rds_interface", + "//envoy/router:scopes_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/ssl:connection_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", + "//envoy/stats:timespan_interface", + "//envoy/upstream:upstream_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", @@ -296,6 +297,7 @@ envoy_cc_library( "//source/common/http/http1:codec_lib", "//source/common/http/http2:codec_lib", "//source/common/http/match_wrapper:config", + "//source/common/network:proxy_protocol_filter_state_lib", "//source/common/network:utility_lib", "//source/common/router:config_lib", "//source/common/router:scoped_rds_lib", @@ -315,10 +317,10 @@ envoy_cc_library( "date_provider_impl.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:header_map_interface", + "//envoy/singleton:instance_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:utility_lib", ], ) @@ -327,8 +329,8 @@ envoy_cc_library( name = "exception_lib", hdrs = ["exception.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:header_map_interface", + "//envoy/http:codes_interface", + "//envoy/http:header_map_interface", ], ) @@ -338,7 +340,7 @@ envoy_cc_library( hdrs = ["hash_policy.h"], deps = [ ":utility_lib", - "//include/envoy/http:hash_policy_interface", + "//envoy/http:hash_policy_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) @@ -348,7 +350,7 @@ envoy_cc_library( srcs = ["header_list_view.cc"], hdrs = ["header_list_view.h"], deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", ], ) @@ -358,7 +360,7 @@ envoy_cc_library( hdrs = ["header_map_impl.h"], deps = [ ":headers_lib", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/common:empty_string", @@ -373,7 +375,7 @@ envoy_cc_library( name = "headers_lib", hdrs = ["headers.h"], deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/singleton:const_singleton", "//source/common/singleton:threadsafe_singleton", ], @@ -384,8 +386,8 @@ envoy_cc_library( hdrs = ["message_impl.h"], deps = [ ":header_map_lib", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:message_interface", + "//envoy/http:header_map_interface", + "//envoy/http:message_interface", "//source/common/buffer:buffer_lib", "//source/common/common:non_copyable", ], @@ -398,9 +400,9 @@ envoy_cc_library( deps = [ ":message_lib", ":utility_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/config:utility_lib", ], @@ -412,11 +414,11 @@ envoy_cc_library( hdrs = ["user_agent.h"], deps = [ ":headers_lib", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/stats:timespan_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", + "//envoy/stats:timespan_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], @@ -437,10 +439,10 @@ envoy_cc_library( ":header_map_lib", ":headers_lib", ":message_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:query_params_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/http:query_params_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -465,8 +467,8 @@ envoy_cc_library( ":header_map_lib", ":status_lib", ":utility_lib", - "//include/envoy/common:regex_interface", - "//include/envoy/http:header_map_interface", + "//envoy/common:regex_interface", + "//envoy/http:header_map_interface", "//source/common/common:regex_lib", "//source/common/common:utility_lib", "//source/common/protobuf:utility_lib", @@ -486,7 +488,7 @@ envoy_cc_library( ], deps = [ ":legacy_path_canonicalizer", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/common:logger_lib", "//source/common/runtime:runtime_features_lib", "@com_googlesource_googleurl//url:envoy_url", @@ -509,8 +511,8 @@ envoy_cc_library( "request_id_extension_impl.h", ], deps = [ - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/server:request_id_extension_config_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/server:request_id_extension_config_interface", "//source/common/config:utility_lib", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], @@ -524,7 +526,7 @@ envoy_cc_library( "abseil_status", ], deps = [ - "//include/envoy/http:codes_interface", + "//envoy/http:codes_interface", "//source/common/common:assert_lib", ], ) diff --git a/source/common/http/alternate_protocols_cache_impl.cc b/source/common/http/alternate_protocols_cache_impl.cc index 89d31df615aa..f4a176fb405d 100644 --- a/source/common/http/alternate_protocols_cache_impl.cc +++ b/source/common/http/alternate_protocols_cache_impl.cc @@ -1,4 +1,6 @@ -#include "common/http/alternate_protocols_cache_impl.h" +#include "source/common/http/alternate_protocols_cache_impl.h" + +#include "source/common/common/logger.h" namespace Envoy { namespace Http { @@ -9,14 +11,13 @@ AlternateProtocolsCacheImpl::AlternateProtocolsCacheImpl(TimeSource& time_source AlternateProtocolsCacheImpl::~AlternateProtocolsCacheImpl() = default; void AlternateProtocolsCacheImpl::setAlternatives(const Origin& origin, - const std::vector& protocols, - const MonotonicTime& expiration) { - Entry& entry = protocols_[origin]; - if (entry.protocols_ != protocols) { - entry.protocols_ = protocols; - } - if (entry.expiration_ != expiration) { - entry.expiration_ = expiration; + const std::vector& protocols) { + protocols_[origin] = protocols; + static const size_t max_protocols = 10; + if (protocols.size() > max_protocols) { + ENVOY_LOG_MISC(trace, "Too many alternate protocols: {}, truncating", protocols.size()); + std::vector& p = protocols_[origin]; + p.erase(p.begin() + max_protocols, p.end()); } } @@ -24,19 +25,24 @@ OptRef> AlternateProtocolsCacheImpl::findAlternatives(const Origin& origin) { auto entry_it = protocols_.find(origin); if (entry_it == protocols_.end()) { - return makeOptRefFromPtr>( - nullptr); + return makeOptRefFromPtr>(nullptr); } - const Entry& entry = entry_it->second; - if (time_source_.monotonicTime() > entry.expiration_) { - // Expire the entry. - // TODO(RyanTheOptimist): expire entries based on a timer. + std::vector& protocols = entry_it->second; + + const MonotonicTime now = time_source_.monotonicTime(); + protocols.erase(std::remove_if(protocols.begin(), protocols.end(), + [now](const AlternateProtocol& protocol) { + return (now > protocol.expiration_); + }), + protocols.end()); + + if (protocols.empty()) { protocols_.erase(entry_it); - return makeOptRefFromPtr>( - nullptr); + return makeOptRefFromPtr>(nullptr); } - return makeOptRef(entry.protocols_); + + return makeOptRef(const_cast&>(protocols)); } size_t AlternateProtocolsCacheImpl::size() const { return protocols_.size(); } diff --git a/source/common/http/alternate_protocols_cache_impl.h b/source/common/http/alternate_protocols_cache_impl.h index f72ec506dc2d..a029a970c763 100644 --- a/source/common/http/alternate_protocols_cache_impl.h +++ b/source/common/http/alternate_protocols_cache_impl.h @@ -22,23 +22,18 @@ class AlternateProtocolsCacheImpl : public AlternateProtocolsCache { ~AlternateProtocolsCacheImpl() override; // AlternateProtocolsCache - void setAlternatives(const Origin& origin, const std::vector& protocols, - const MonotonicTime& expiration) override; + void setAlternatives(const Origin& origin, + const std::vector& protocols) override; OptRef> findAlternatives(const Origin& origin) override; size_t size() const override; private: - struct Entry { - std::vector protocols_; - MonotonicTime expiration_; - }; - // Time source used to check expiration of entries. TimeSource& time_source_; // Map from hostname to list of alternate protocols. // TODO(RyanTheOptimist): Add a limit to the size of this map and evict based on usage. - std::map protocols_; + std::map> protocols_; }; } // namespace Http diff --git a/source/common/http/alternate_protocols_cache_manager_impl.cc b/source/common/http/alternate_protocols_cache_manager_impl.cc index b70290b86f6c..fc04a6d084f4 100644 --- a/source/common/http/alternate_protocols_cache_manager_impl.cc +++ b/source/common/http/alternate_protocols_cache_manager_impl.cc @@ -1,7 +1,7 @@ -#include "common/http/alternate_protocols_cache_manager_impl.h" +#include "source/common/http/alternate_protocols_cache_manager_impl.h" -#include "common/http/alternate_protocols_cache_impl.h" -#include "common/protobuf/protobuf.h" +#include "source/common/http/alternate_protocols_cache_impl.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" @@ -10,8 +10,8 @@ namespace Http { SINGLETON_MANAGER_REGISTRATION(alternate_protocols_cache_manager); -AlternateProtocolsCacheManagerImpl::AlternateProtocolsCacheManagerImpl(TimeSource& time_source, - ThreadLocal::Instance& tls) +AlternateProtocolsCacheManagerImpl::AlternateProtocolsCacheManagerImpl( + TimeSource& time_source, ThreadLocal::SlotAllocator& tls) : time_source_(time_source), slot_(tls) { slot_.set([](Event::Dispatcher& /*dispatcher*/) { return std::make_shared(); }); } diff --git a/source/common/http/alternate_protocols_cache_manager_impl.h b/source/common/http/alternate_protocols_cache_manager_impl.h index 59af34103f65..227569ac19a6 100644 --- a/source/common/http/alternate_protocols_cache_manager_impl.h +++ b/source/common/http/alternate_protocols_cache_manager_impl.h @@ -14,7 +14,7 @@ namespace Http { class AlternateProtocolsCacheManagerImpl : public AlternateProtocolsCacheManager, public Singleton::Instance { public: - AlternateProtocolsCacheManagerImpl(TimeSource& time_source, ThreadLocal::Instance& tls); + AlternateProtocolsCacheManagerImpl(TimeSource& time_source, ThreadLocal::SlotAllocator& tls); // AlternateProtocolsCacheManager AlternateProtocolsCacheSharedPtr @@ -27,7 +27,7 @@ class AlternateProtocolsCacheManagerImpl : public AlternateProtocolsCacheManager AlternateProtocolsCacheSharedPtr cache) : options_(options), cache_(cache) {} - const envoy::config::core::v3::AlternateProtocolsCacheOptions& options_; + const envoy::config::core::v3::AlternateProtocolsCacheOptions options_; AlternateProtocolsCacheSharedPtr cache_; }; @@ -46,7 +46,8 @@ class AlternateProtocolsCacheManagerImpl : public AlternateProtocolsCacheManager class AlternateProtocolsCacheManagerFactoryImpl : public AlternateProtocolsCacheManagerFactory { public: AlternateProtocolsCacheManagerFactoryImpl(Singleton::Manager& singleton_manager, - TimeSource& time_source, ThreadLocal::Instance& tls) + TimeSource& time_source, + ThreadLocal::SlotAllocator& tls) : singleton_manager_(singleton_manager), time_source_(time_source), tls_(tls) {} AlternateProtocolsCacheManagerSharedPtr get() override; @@ -54,7 +55,7 @@ class AlternateProtocolsCacheManagerFactoryImpl : public AlternateProtocolsCache private: Singleton::Manager& singleton_manager_; TimeSource& time_source_; - ThreadLocal::Instance& tls_; + ThreadLocal::SlotAllocator& tls_; }; } // namespace Http diff --git a/source/common/http/async_client_impl.cc b/source/common/http/async_client_impl.cc index 044bf497b4c4..5c09a9f6cddf 100644 --- a/source/common/http/async_client_impl.cc +++ b/source/common/http/async_client_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/async_client_impl.h" +#include "source/common/http/async_client_impl.h" #include #include @@ -8,9 +8,9 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/grpc/common.h" -#include "common/http/utility.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/http/utility.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { @@ -42,9 +42,10 @@ AsyncClientImpl::AsyncClientImpl(Upstream::ClusterInfoConstSharedPtr cluster, Random::RandomGenerator& random, Router::ShadowWriterPtr&& shadow_writer, Http::Context& http_context, Router::Context& router_context) - : cluster_(cluster), config_(http_context.asyncClientStatPrefix(), local_info, stats_store, cm, - runtime, random, std::move(shadow_writer), true, false, false, - false, {}, dispatcher.timeSource(), http_context, router_context), + : cluster_(cluster), + config_(http_context.asyncClientStatPrefix(), local_info, stats_store, cm, runtime, random, + std::move(shadow_writer), true, false, false, false, false, {}, + dispatcher.timeSource(), http_context, router_context), dispatcher_(dispatcher) {} AsyncClientImpl::~AsyncClientImpl() { diff --git a/source/common/http/async_client_impl.h b/source/common/http/async_client_impl.h index 798907b0763b..d496e21bbefa 100644 --- a/source/common/http/async_client_impl.h +++ b/source/common/http/async_client_impl.h @@ -31,13 +31,13 @@ #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/linked_object.h" -#include "common/http/message_impl.h" -#include "common/router/router.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/linked_object.h" +#include "source/common/http/message_impl.h" +#include "source/common/router/router.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { @@ -237,7 +237,8 @@ class AsyncStreamImpl : public AsyncClient::Stream, bool) const override {} void finalizeResponseHeaders(Http::ResponseHeaderMap&, const StreamInfo::StreamInfo&) const override {} - Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo&) const override { + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo&, + bool) const override { return {}; } const HashPolicy* hashPolicy() const override { return hash_policy_.get(); } @@ -365,6 +366,8 @@ class AsyncStreamImpl : public AsyncClient::Stream, Upstream::ClusterInfoConstSharedPtr clusterInfo() override { return parent_.cluster_; } void clearRouteCache() override {} uint64_t streamId() const override { return stream_id_; } + // TODO(kbaichoo): Plumb account from owning request filter. + Buffer::BufferMemoryAccountSharedPtr account() const override { return nullptr; } Tracing::Span& activeSpan() override { return active_span_; } const Tracing::Config& tracingConfig() override { return tracing_config_; } void continueDecoding() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } diff --git a/source/common/http/async_client_utility.cc b/source/common/http/async_client_utility.cc index 664a0fc0c651..95630bc474bb 100644 --- a/source/common/http/async_client_utility.cc +++ b/source/common/http/async_client_utility.cc @@ -1,6 +1,6 @@ -#include "common/http/async_client_utility.h" +#include "source/common/http/async_client_utility.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Http { diff --git a/source/common/http/codec_client.cc b/source/common/http/codec_client.cc index 3353ff81d090..899dde6f9eff 100644 --- a/source/common/http/codec_client.cc +++ b/source/common/http/codec_client.cc @@ -1,31 +1,31 @@ -#include "common/http/codec_client.h" +#include "source/common/http/codec_client.h" #include #include #include "envoy/http/codec.h" -#include "common/common/enum_to_int.h" -#include "common/config/utility.h" -#include "common/http/exception.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/status.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/config/utility.h" +#include "source/common/http/exception.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/status.h" +#include "source/common/http/utility.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/codec_impl.h" +#include "source/common/quic/codec_impl.h" #endif namespace Envoy { namespace Http { -CodecClient::CodecClient(Type type, Network::ClientConnectionPtr&& connection, +CodecClient::CodecClient(CodecType type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher) : type_(type), host_(host), connection_(std::move(connection)), idle_timeout_(host_->cluster().idleTimeout()) { - if (type_ != Type::HTTP3) { + if (type_ != CodecType::HTTP3) { // Make sure upstream connections process data and then the FIN, rather than processing // TCP disconnects immediately. (see https://github.com/envoyproxy/envoy/issues/1679 for // details) @@ -95,7 +95,7 @@ void CodecClient::onEvent(Network::ConnectionEvent event) { } // HTTP/1 can signal end of response by disconnecting. We need to handle that case. - if (type_ == Type::HTTP1 && event == Network::ConnectionEvent::RemoteClose && + if (type_ == CodecType::HTTP1 && event == Network::ConnectionEvent::RemoteClose && !active_requests_.empty()) { Buffer::OwnedImpl empty; onData(empty); @@ -169,26 +169,26 @@ void CodecClient::onData(Buffer::Instance& data) { absl::StrCat("extraneous bytes after response complete: ", data.length())); } -CodecClientProd::CodecClientProd(Type type, Network::ClientConnectionPtr&& connection, +CodecClientProd::CodecClientProd(CodecType type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator) : CodecClient(type, std::move(connection), host, dispatcher) { switch (type) { - case Type::HTTP1: { + case CodecType::HTTP1: { codec_ = std::make_unique( *connection_, host->cluster().http1CodecStats(), *this, host->cluster().http1Settings(), host->cluster().maxResponseHeadersCount()); break; } - case Type::HTTP2: { + case CodecType::HTTP2: { codec_ = std::make_unique( *connection_, *this, host->cluster().http2CodecStats(), random_generator, host->cluster().http2Options(), Http::DEFAULT_MAX_REQUEST_HEADERS_KB, host->cluster().maxResponseHeadersCount(), Http2::ProdNghttp2SessionFactory::get()); break; } - case Type::HTTP3: { + case CodecType::HTTP3: { #ifdef ENVOY_ENABLE_QUIC auto& quic_session = dynamic_cast(*connection_); codec_ = std::make_unique( diff --git a/source/common/http/codec_client.h b/source/common/http/codec_client.h index 07eb9724d607..684c962380f3 100644 --- a/source/common/http/codec_client.h +++ b/source/common/http/codec_client.h @@ -12,11 +12,11 @@ #include "envoy/network/filter.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/http/codec_wrappers.h" -#include "common/network/filter_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/http/codec_wrappers.h" +#include "source/common/network/filter_impl.h" namespace Envoy { namespace Http { @@ -55,7 +55,8 @@ class CodecClient : protected Logger::Loggable, /** * Type of HTTP codec to use. */ - enum class Type { HTTP1, HTTP2, HTTP3 }; + // This is a legacy alias. + using Type = Envoy::Http::CodecType; ~CodecClient() override; @@ -125,7 +126,7 @@ class CodecClient : protected Logger::Loggable, bool remoteClosed() const { return remote_closed_; } - Type type() const { return type_; } + CodecType type() const { return type_; } // Note this is the L4 stream info, not L7. const StreamInfo::StreamInfo& streamInfo() { return connection_->streamInfo(); } @@ -137,7 +138,7 @@ class CodecClient : protected Logger::Loggable, * @param connection supplies the connection to communicate on. * @param host supplies the owning host. */ - CodecClient(Type type, Network::ClientConnectionPtr&& connection, + CodecClient(CodecType type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher); /** @@ -175,7 +176,7 @@ class CodecClient : protected Logger::Loggable, } } - const Type type_; + const CodecType type_; // The order of host_, connection_, and codec_ matter as during destruction each can refer to // the previous, at least in tests. Upstream::HostDescriptionConstSharedPtr host_; @@ -273,7 +274,7 @@ using CodecClientPtr = std::unique_ptr; */ class CodecClientProd : public CodecClient { public: - CodecClientProd(Type type, Network::ClientConnectionPtr&& connection, + CodecClientProd(CodecType type, Network::ClientConnectionPtr&& connection, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator); }; diff --git a/source/common/http/codec_helper.h b/source/common/http/codec_helper.h index 5128891e4105..4a304c159e56 100644 --- a/source/common/http/codec_helper.h +++ b/source/common/http/codec_helper.h @@ -2,7 +2,7 @@ #include "envoy/http/codec.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/inlined_vector.h" diff --git a/source/common/http/codes.cc b/source/common/http/codes.cc index 37273856a1c6..6418137fc5ec 100644 --- a/source/common/http/codes.cc +++ b/source/common/http/codes.cc @@ -1,4 +1,4 @@ -#include "common/http/codes.h" +#include "source/common/http/codes.h" #include #include @@ -6,10 +6,10 @@ #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" -#include "common/common/enum_to_int.h" -#include "common/common/utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" @@ -72,11 +72,14 @@ void CodeStatsImpl::chargeBasicResponseStat(Stats::Scope& scope, Stats::StatName incCounter(scope, prefix, upstreamRqStatName(response_code)); } -void CodeStatsImpl::chargeResponseStat(const ResponseStatInfo& info) const { +void CodeStatsImpl::chargeResponseStat(const ResponseStatInfo& info, + bool exclude_http_code_stats) const { const Code code = static_cast(info.response_status_code_); ASSERT(&info.cluster_scope_.symbolTable() == &symbol_table_); - chargeBasicResponseStat(info.cluster_scope_, info.prefix_, code); + if (!exclude_http_code_stats) { + chargeBasicResponseStat(info.cluster_scope_, info.prefix_, code); + } const Stats::StatName rq_group = upstreamRqGroup(code); const Stats::StatName rq_code = upstreamRqStatName(code); diff --git a/source/common/http/codes.h b/source/common/http/codes.h index 3957377aa2c2..7530841bf0c2 100644 --- a/source/common/http/codes.h +++ b/source/common/http/codes.h @@ -8,8 +8,8 @@ #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" -#include "common/common/thread.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/thread.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { @@ -47,7 +47,8 @@ class CodeStatsImpl : public CodeStats { // CodeStats void chargeBasicResponseStat(Stats::Scope& scope, Stats::StatName prefix, Code response_code) const override; - void chargeResponseStat(const ResponseStatInfo& info) const override; + void chargeResponseStat(const ResponseStatInfo& info, + bool exclude_http_code_stats) const override; void chargeResponseTiming(const ResponseTimingInfo& info) const override; private: diff --git a/source/common/http/conn_manager_config.h b/source/common/http/conn_manager_config.h index 8b05b4bbff49..d69beb04e080 100644 --- a/source/common/http/conn_manager_config.h +++ b/source/common/http/conn_manager_config.h @@ -10,10 +10,10 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" -#include "common/http/date_provider.h" -#include "common/local_reply/local_reply.h" -#include "common/network/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/http/date_provider.h" +#include "source/common/local_reply/local_reply.h" +#include "source/common/network/utility.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { @@ -484,6 +484,12 @@ class ConnectionManagerConfig { */ virtual const std::vector& originalIpDetectionExtensions() const PURE; + + /** + * @return if the HttpConnectionManager should remove trailing host dot from host/authority + * header. + */ + virtual bool shouldStripTrailingHostDot() const PURE; }; } // namespace Http } // namespace Envoy diff --git a/source/common/http/conn_manager_impl.cc b/source/common/http/conn_manager_impl.cc index 87fd8073de1f..12c29a1e0cbd 100644 --- a/source/common/http/conn_manager_impl.cc +++ b/source/common/http/conn_manager_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/conn_manager_impl.h" +#include "source/common/http/conn_manager_impl.h" #include #include @@ -22,28 +22,28 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/http/codes.h" -#include "common/http/conn_manager_utility.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/path_utility.h" -#include "common/http/status.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/router/config_impl.h" -#include "common/runtime/runtime_features.h" -#include "common/stats/timespan_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/conn_manager_utility.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/path_utility.h" +#include "source/common/http/status.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/router/config_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stats/timespan_impl.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" @@ -122,6 +122,19 @@ void ConnectionManagerImpl::initializeReadFilterCallbacks(Network::ReadFilterCal read_callbacks_->connection().addConnectionCallbacks(*this); + if (!read_callbacks_->connection() + .streamInfo() + .filterState() + ->hasData(Network::ProxyProtocolFilterState::key())) { + read_callbacks_->connection().streamInfo().filterState()->setData( + Network::ProxyProtocolFilterState::key(), + std::make_unique(Network::ProxyProtocolData{ + read_callbacks_->connection().addressProvider().remoteAddress(), + read_callbacks_->connection().addressProvider().localAddress()}), + StreamInfo::FilterState::StateType::ReadOnly, + StreamInfo::FilterState::LifeSpan::Connection); + } + if (config_.idleTimeout()) { connection_idle_timer_ = read_callbacks_->connection().dispatcher().createScaledTimer( Event::ScaledTimerType::HttpDownstreamIdleConnectionTimeout, @@ -259,7 +272,18 @@ RequestDecoder& ConnectionManagerImpl::newStream(ResponseEncoder& response_encod } ENVOY_CONN_LOG(debug, "new stream", read_callbacks_->connection()); - ActiveStreamPtr new_stream(new ActiveStream(*this, response_encoder.getStream().bufferLimit())); + + // Set the account to start accounting if enabled. This is still a + // work-in-progress, and will be removed when other features using the + // accounting are implemented. + Buffer::BufferMemoryAccountSharedPtr downstream_request_account; + if (Runtime::runtimeFeatureEnabled("envoy.test_only.per_stream_buffer_accounting")) { + downstream_request_account = std::make_shared(); + response_encoder.getStream().setAccount(downstream_request_account); + } + ActiveStreamPtr new_stream(new ActiveStream(*this, response_encoder.getStream().bufferLimit(), + std::move(downstream_request_account))); + new_stream->state_.is_internally_created_ = is_internally_created; new_stream->response_encoder_ = &response_encoder; new_stream->response_encoder_->getStream().addCallbacks(*new_stream); @@ -571,13 +595,14 @@ void ConnectionManagerImpl::RdsRouteConfigUpdateRequester::requestSrdsUpdate( } ConnectionManagerImpl::ActiveStream::ActiveStream(ConnectionManagerImpl& connection_manager, - uint32_t buffer_limit) + uint32_t buffer_limit, + Buffer::BufferMemoryAccountSharedPtr account) : connection_manager_(connection_manager), stream_id_(connection_manager.random_generator_.random()), filter_manager_(*this, connection_manager_.read_callbacks_->connection().dispatcher(), connection_manager_.read_callbacks_->connection(), stream_id_, - connection_manager_.config_.proxy100Continue(), buffer_limit, - connection_manager_.config_.filterFactory(), + std::move(account), connection_manager_.config_.proxy100Continue(), + buffer_limit, connection_manager_.config_.filterFactory(), connection_manager_.config_.localReply(), connection_manager_.codec_->protocol(), connection_manager_.timeSource(), connection_manager_.read_callbacks_->connection().streamInfo().filterState(), @@ -669,19 +694,6 @@ ConnectionManagerImpl::ActiveStream::ActiveStream(ConnectionManagerImpl& connect void ConnectionManagerImpl::ActiveStream::completeRequest() { filter_manager_.streamInfo().onRequestComplete(); - Upstream::HostDescriptionConstSharedPtr upstream_host = - connection_manager_.read_callbacks_->upstreamHost(); - - if (upstream_host != nullptr) { - Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = - upstream_host->cluster().requestResponseSizeStats(); - if (req_resp_stats.has_value()) { - req_resp_stats->get().upstream_rq_body_size_.recordValue( - filter_manager_.streamInfo().bytesReceived()); - req_resp_stats->get().upstream_rs_body_size_.recordValue( - filter_manager_.streamInfo().bytesSent()); - } - } if (connection_manager_.remote_close_) { filter_manager_.streamInfo().setResponseCodeDetails( @@ -769,17 +781,6 @@ void ConnectionManagerImpl::ActiveStream::chargeStats(const ResponseHeaderMap& h return; } - Upstream::HostDescriptionConstSharedPtr upstream_host = - connection_manager_.read_callbacks_->upstreamHost(); - - if (upstream_host != nullptr) { - Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = - upstream_host->cluster().requestResponseSizeStats(); - if (req_resp_stats.has_value()) { - req_resp_stats->get().upstream_rs_headers_size_.recordValue(headers.byteSize()); - } - } - // No response is sent back downstream for internal redirects, so don't charge downstream stats. const absl::optional& response_code_details = filter_manager_.streamInfo().responseCodeDetails(); @@ -841,17 +842,6 @@ void ConnectionManagerImpl::ActiveStream::decodeHeaders(RequestHeaderMapPtr&& he request_header_timer_.reset(); } - Upstream::HostDescriptionConstSharedPtr upstream_host = - connection_manager_.read_callbacks_->upstreamHost(); - - if (upstream_host != nullptr) { - Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats = - upstream_host->cluster().requestResponseSizeStats(); - if (req_resp_stats.has_value()) { - req_resp_stats->get().upstream_rq_headers_size_.recordValue(request_headers_->byteSize()); - } - } - // Both saw_connection_close_ and is_head_request_ affect local replies: set // them as early as possible. const Protocol protocol = connection_manager_.codec_->protocol(); diff --git a/source/common/http/conn_manager_impl.h b/source/common/http/conn_manager_impl.h index ce8c6648a84e..a81b95b6ac65 100644 --- a/source/common/http/conn_manager_impl.h +++ b/source/common/http/conn_manager_impl.h @@ -35,18 +35,19 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/upstream.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/dump_state_utils.h" -#include "common/common/linked_object.h" -#include "common/grpc/common.h" -#include "common/http/conn_manager_config.h" -#include "common/http/filter_manager.h" -#include "common/http/user_agent.h" -#include "common/http/utility.h" -#include "common/local_reply/local_reply.h" -#include "common/router/scoped_rds.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/linked_object.h" +#include "source/common/grpc/common.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/filter_manager.h" +#include "source/common/http/user_agent.h" +#include "source/common/http/utility.h" +#include "source/common/local_reply/local_reply.h" +#include "source/common/network/proxy_protocol_filter_state.h" +#include "source/common/router/scoped_rds.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Http { @@ -156,7 +157,8 @@ class ConnectionManagerImpl : Logger::Loggable, public Tracing::Config, public ScopeTrackedObject, public FilterManagerCallbacks { - ActiveStream(ConnectionManagerImpl& connection_manager, uint32_t buffer_limit); + ActiveStream(ConnectionManagerImpl& connection_manager, uint32_t buffer_limit, + Buffer::BufferMemoryAccountSharedPtr account); void completeRequest(); const Network::Connection* connection(); diff --git a/source/common/http/conn_manager_utility.cc b/source/common/http/conn_manager_utility.cc index 1131f40113bb..4c0bddcd6a61 100644 --- a/source/common/http/conn_manager_utility.cc +++ b/source/common/http/conn_manager_utility.cc @@ -1,4 +1,4 @@ -#include "common/http/conn_manager_utility.h" +#include "source/common/http/conn_manager_utility.h" #include #include @@ -6,18 +6,18 @@ #include "envoy/type/v3/percent.pb.h" -#include "common/common/empty_string.h" -#include "common/common/utility.h" -#include "common/http/conn_manager_config.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/path_utility.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/runtime/runtime_features.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/utility.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/path_utility.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/tracing/http_tracer_impl.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" @@ -499,6 +499,9 @@ ConnectionManagerUtility::maybeNormalizePath(RequestHeaderMap& request_headers, absl::optional ConnectionManagerUtility::maybeNormalizeHost(RequestHeaderMap& request_headers, const ConnectionManagerConfig& config, uint32_t port) { + if (config.shouldStripTrailingHostDot()) { + HeaderUtility::stripTrailingHostDot(request_headers); + } if (config.stripPortType() == Http::StripPortType::Any) { return HeaderUtility::stripPortFromHost(request_headers, absl::nullopt); } else if (config.stripPortType() == Http::StripPortType::MatchingHost) { diff --git a/source/common/http/conn_manager_utility.h b/source/common/http/conn_manager_utility.h index f5b15eebdfeb..a33af8efcae3 100644 --- a/source/common/http/conn_manager_utility.h +++ b/source/common/http/conn_manager_utility.h @@ -7,9 +7,9 @@ #include "envoy/network/connection.h" #include "envoy/tracing/trace_reason.h" -#include "common/http/conn_manager_impl.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" namespace Envoy { namespace Http { diff --git a/source/common/http/conn_pool_base.cc b/source/common/http/conn_pool_base.cc index 16a043b1fc58..74c2709a9862 100644 --- a/source/common/http/conn_pool_base.cc +++ b/source/common/http/conn_pool_base.cc @@ -1,11 +1,11 @@ -#include "common/http/conn_pool_base.h" +#include "source/common/http/conn_pool_base.h" -#include "common/common/assert.h" -#include "common/http/utility.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/runtime/runtime_features.h" -#include "common/stats/timespan_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/assert.h" +#include "source/common/http/utility.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Http { @@ -154,6 +154,7 @@ void MultiplexedActiveClientBase::onStreamReset(Http::StreamResetReason reason) break; case StreamResetReason::LocalReset: case StreamResetReason::ProtocolError: + case StreamResetReason::OverloadManager: parent_.host()->cluster().stats().upstream_rq_tx_reset_.inc(); break; case StreamResetReason::RemoteReset: diff --git a/source/common/http/conn_pool_base.h b/source/common/http/conn_pool_base.h index cde57ea4fb89..0be7cf2fc7c1 100644 --- a/source/common/http/conn_pool_base.h +++ b/source/common/http/conn_pool_base.h @@ -5,10 +5,10 @@ #include "envoy/network/connection.h" #include "envoy/stats/timespan.h" -#include "common/common/linked_object.h" -#include "common/conn_pool/conn_pool_base.h" -#include "common/http/codec_client.h" -#include "common/http/utility.h" +#include "source/common/common/linked_object.h" +#include "source/common/conn_pool/conn_pool_base.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/utility.h" #include "absl/strings/string_view.h" diff --git a/source/common/http/conn_pool_grid.cc b/source/common/http/conn_pool_grid.cc index 12d143717a9d..5938c0d1ed34 100644 --- a/source/common/http/conn_pool_grid.cc +++ b/source/common/http/conn_pool_grid.cc @@ -1,7 +1,7 @@ -#include "common/http/conn_pool_grid.h" +#include "source/common/http/conn_pool_grid.h" -#include "common/http/http3/conn_pool.h" -#include "common/http/mixed_conn_pool.h" +#include "source/common/http/http3/conn_pool.h" +#include "source/common/http/mixed_conn_pool.h" #include "quiche/quic/core/quic_versions.h" diff --git a/source/common/http/conn_pool_grid.h b/source/common/http/conn_pool_grid.h index e05a2ae68dc8..3c1b74ed74ea 100644 --- a/source/common/http/conn_pool_grid.h +++ b/source/common/http/conn_pool_grid.h @@ -1,8 +1,8 @@ #pragma once -#include "common/http/alternate_protocols_cache_impl.h" -#include "common/http/conn_pool_base.h" -#include "common/http/http3_status_tracker.h" +#include "source/common/http/alternate_protocols_cache_impl.h" +#include "source/common/http/conn_pool_base.h" +#include "source/common/http/http3_status_tracker.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/http/context_impl.cc b/source/common/http/context_impl.cc index 05fdd5f54f3d..837564dff815 100644 --- a/source/common/http/context_impl.cc +++ b/source/common/http/context_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/context_impl.h" +#include "source/common/http/context_impl.h" namespace Envoy { namespace Http { diff --git a/source/common/http/context_impl.h b/source/common/http/context_impl.h index c7fb0732e8dd..590b997e1f0a 100644 --- a/source/common/http/context_impl.h +++ b/source/common/http/context_impl.h @@ -2,8 +2,8 @@ #include "envoy/http/context.h" -#include "common/http/codes.h" -#include "common/http/user_agent.h" +#include "source/common/http/codes.h" +#include "source/common/http/user_agent.h" namespace Envoy { namespace Http { diff --git a/source/common/http/date_provider_impl.cc b/source/common/http/date_provider_impl.cc index 6f08a53258ee..da41a64e1fa4 100644 --- a/source/common/http/date_provider_impl.cc +++ b/source/common/http/date_provider_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/date_provider_impl.h" +#include "source/common/http/date_provider_impl.h" #include #include diff --git a/source/common/http/date_provider_impl.h b/source/common/http/date_provider_impl.h index 08ff1bfe6f2e..03a73aa04c3e 100644 --- a/source/common/http/date_provider_impl.h +++ b/source/common/http/date_provider_impl.h @@ -7,7 +7,7 @@ #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "date_provider.h" diff --git a/source/common/http/default_server_string.h b/source/common/http/default_server_string.h index 26fb7ff47d46..3f0915c66abd 100644 --- a/source/common/http/default_server_string.h +++ b/source/common/http/default_server_string.h @@ -2,7 +2,7 @@ #include -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Http { diff --git a/source/common/http/filter_manager.cc b/source/common/http/filter_manager.cc index 982dd80a864c..a68e3207c7a3 100644 --- a/source/common/http/filter_manager.cc +++ b/source/common/http/filter_manager.cc @@ -1,17 +1,17 @@ -#include "common/http/filter_manager.h" +#include "source/common/http/filter_manager.h" #include #include "envoy/http/header_map.h" #include "envoy/matcher/matcher.h" -#include "common/common/enum_to_int.h" -#include "common/common/scope_tracked_object_stack.h" -#include "common/common/scope_tracker.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/scope_tracked_object_stack.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Http { @@ -1084,6 +1084,21 @@ void FilterManager::encodeHeaders(ActiveStreamEncoderFilter* filter, ResponseHea } } + // Check if the filter chain above did not remove critical headers or set malformed header values. + // We could do this at the codec in order to prevent other places than the filter chain from + // removing critical headers, but it will come with the implementation complexity. + // See the previous attempt (#15658) for detail, and for now we choose to protect only against + // filter chains. + const auto status = HeaderUtility::checkRequiredResponseHeaders(headers); + if (!status.ok()) { + // If the check failed, then we reply with BadGateway, and stop the further processing. + sendLocalReply( + Http::Code::BadGateway, status.message(), nullptr, absl::nullopt, + absl::StrCat(StreamInfo::ResponseCodeDetails::get().FilterRemovedRequiredResponseHeaders, + "{", status.message(), "}")); + return; + } + const bool modified_end_stream = (end_stream && continue_data_entry == encoder_filters_.end()); state_.non_100_response_headers_encoded_ = true; filter_manager_callbacks_.encodeHeaders(headers, modified_end_stream); @@ -1578,5 +1593,9 @@ void ActiveStreamFilterBase::resetStream() { parent_.filter_manager_callbacks_.r uint64_t ActiveStreamFilterBase::streamId() const { return parent_.streamId(); } +Buffer::BufferMemoryAccountSharedPtr ActiveStreamDecoderFilter::account() const { + return parent_.account(); +} + } // namespace Http } // namespace Envoy diff --git a/source/common/http/filter_manager.h b/source/common/http/filter_manager.h index c861d08a228f..1e826f1df5d1 100644 --- a/source/common/http/filter_manager.h +++ b/source/common/http/filter_manager.h @@ -3,6 +3,7 @@ #include #include +#include "envoy/buffer/buffer.h" #include "envoy/common/optref.h" #include "envoy/extensions/filters/common/matcher/action/v3/skip_action.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" @@ -14,18 +15,18 @@ #include "envoy/protobuf/message_validator.h" #include "envoy/type/matcher/v3/http_inputs.pb.validate.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/dump_state_utils.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/grpc/common.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/matching/data_impl.h" -#include "common/local_reply/local_reply.h" -#include "common/matcher/matcher.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/matching/data_impl.h" +#include "source/common/local_reply/local_reply.h" +#include "source/common/matcher/matcher.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/stream_info_impl.h" namespace Envoy { namespace Http { @@ -277,6 +278,7 @@ struct ActiveStreamDecoderFilter : public ActiveStreamFilterBase, void addUpstreamSocketOptions(const Network::Socket::OptionsSharedPtr& options) override; Network::Socket::OptionsSharedPtr getUpstreamSocketOptions() const override; + Buffer::BufferMemoryAccountSharedPtr account() const override; // Each decoder filter instance checks if the request passed to the filter is gRPC // so that we can issue gRPC local responses to gRPC requests. Filter's decodeHeaders() @@ -640,15 +642,16 @@ class FilterManager : public ScopeTrackedObject, Logger::Loggable { public: FilterManager(FilterManagerCallbacks& filter_manager_callbacks, Event::Dispatcher& dispatcher, - const Network::Connection& connection, uint64_t stream_id, bool proxy_100_continue, + const Network::Connection& connection, uint64_t stream_id, + Buffer::BufferMemoryAccountSharedPtr account, bool proxy_100_continue, uint32_t buffer_limit, FilterChainFactory& filter_chain_factory, const LocalReply::LocalReply& local_reply, Http::Protocol protocol, TimeSource& time_source, StreamInfo::FilterStateSharedPtr parent_filter_state, StreamInfo::FilterState::LifeSpan filter_state_life_span) : filter_manager_callbacks_(filter_manager_callbacks), dispatcher_(dispatcher), - connection_(connection), stream_id_(stream_id), proxy_100_continue_(proxy_100_continue), - buffer_limit_(buffer_limit), filter_chain_factory_(filter_chain_factory), - local_reply_(local_reply), + connection_(connection), stream_id_(stream_id), account_(std::move(account)), + proxy_100_continue_(proxy_100_continue), buffer_limit_(buffer_limit), + filter_chain_factory_(filter_chain_factory), local_reply_(local_reply), stream_info_(protocol, time_source, connection.addressProviderSharedPtr(), parent_filter_state, filter_state_life_span) {} ~FilterManager() override { @@ -913,6 +916,7 @@ class FilterManager : public ScopeTrackedObject, const Network::Connection* connection() const { return &connection_; } uint64_t streamId() const { return stream_id_; } + Buffer::BufferMemoryAccountSharedPtr account() const { return account_; } Buffer::InstancePtr& bufferedRequestData() { return buffered_request_data_; } @@ -986,6 +990,7 @@ class FilterManager : public ScopeTrackedObject, Event::Dispatcher& dispatcher_; const Network::Connection& connection_; const uint64_t stream_id_; + Buffer::BufferMemoryAccountSharedPtr account_; const bool proxy_100_continue_; std::list decoder_filters_; diff --git a/source/common/http/hash_policy.cc b/source/common/http/hash_policy.cc index e8f331d6165a..a2eda3f01579 100644 --- a/source/common/http/hash_policy.cc +++ b/source/common/http/hash_policy.cc @@ -1,13 +1,13 @@ -#include "common/http/hash_policy.h" +#include "source/common/http/hash_policy.h" #include #include "envoy/config/route/v3/route_components.pb.h" -#include "common/common/matchers.h" -#include "common/common/regex.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/matchers.h" +#include "source/common/common/regex.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/str_cat.h" diff --git a/source/common/http/header_list_view.cc b/source/common/http/header_list_view.cc index dab359253b10..7b5e551b720e 100644 --- a/source/common/http/header_list_view.cc +++ b/source/common/http/header_list_view.cc @@ -1,4 +1,4 @@ -#include "common/http/header_list_view.h" +#include "source/common/http/header_list_view.h" namespace Envoy { namespace Http { diff --git a/source/common/http/header_map_impl.cc b/source/common/http/header_map_impl.cc index cc83f950e7d2..ed84303497cc 100644 --- a/source/common/http/header_map_impl.cc +++ b/source/common/http/header_map_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" #include #include @@ -7,11 +7,11 @@ #include "envoy/http/header_map.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/common/empty_string.h" -#include "common/runtime/runtime_features.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/empty_string.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/singleton/const_singleton.h" #include "absl/strings/match.h" diff --git a/source/common/http/header_map_impl.h b/source/common/http/header_map_impl.h index 2f52e70c6669..e146e1b4c2bf 100644 --- a/source/common/http/header_map_impl.h +++ b/source/common/http/header_map_impl.h @@ -10,10 +10,10 @@ #include "envoy/common/optref.h" #include "envoy/http/header_map.h" -#include "common/common/non_copyable.h" -#include "common/common/utility.h" -#include "common/http/headers.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/non_copyable.h" +#include "source/common/common/utility.h" +#include "source/common/http/headers.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Http { diff --git a/source/common/http/header_utility.cc b/source/common/http/header_utility.cc index e504a21ad8a2..a25d62cc83a3 100644 --- a/source/common/http/header_utility.cc +++ b/source/common/http/header_utility.cc @@ -1,13 +1,13 @@ -#include "common/http/header_utility.h" +#include "source/common/http/header_utility.h" #include "envoy/config/route/v3/route_components.pb.h" -#include "common/common/regex.h" -#include "common/common/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/regex.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/match.h" #include "nghttp2/nghttp2.h" @@ -41,12 +41,6 @@ HeaderUtility::HeaderData::HeaderData(const envoy::config::route::v3::HeaderMatc header_match_type_ = HeaderMatchType::Value; value_ = config.exact_match(); break; - case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase:: - kHiddenEnvoyDeprecatedRegexMatch: - header_match_type_ = HeaderMatchType::Regex; - regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( - config.hidden_envoy_deprecated_regex_match()); - break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kSafeRegexMatch: header_match_type_ = HeaderMatchType::Regex; regex_ = Regex::Utility::parseRegex(config.safe_regex_match()); @@ -58,6 +52,7 @@ HeaderUtility::HeaderData::HeaderData(const envoy::config::route::v3::HeaderMatc break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPresentMatch: header_match_type_ = HeaderMatchType::Present; + present_ = config.present_match(); break; case envoy::config::route::v3::HeaderMatcher::HeaderMatchSpecifierCase::kPrefixMatch: header_match_type_ = HeaderMatchType::Prefix; @@ -76,6 +71,7 @@ HeaderUtility::HeaderData::HeaderData(const envoy::config::route::v3::HeaderMatc FALLTHRU; default: header_match_type_ = HeaderMatchType::Present; + present_ = true; break; } } @@ -135,7 +131,11 @@ bool HeaderUtility::matchHeaders(const HeaderMap& request_headers, const HeaderD const auto header_value = getAllOfHeaderAsString(request_headers, header_data.name_); if (!header_value.result().has_value()) { - return header_data.invert_match_ && header_data.header_match_type_ == HeaderMatchType::Present; + if (header_data.invert_match_) { + return header_data.header_match_type_ == HeaderMatchType::Present && header_data.present_; + } else { + return header_data.header_match_type_ == HeaderMatchType::Present && !header_data.present_; + } } bool match; @@ -154,7 +154,7 @@ bool HeaderUtility::matchHeaders(const HeaderMap& request_headers, const HeaderD break; } case HeaderMatchType::Present: - match = true; + match = header_data.present_; break; case HeaderMatchType::Prefix: match = absl::StartsWith(header_value.result().value(), header_data.value_); @@ -216,6 +216,25 @@ bool HeaderUtility::isEnvoyInternalRequest(const RequestHeaderMap& headers) { internal_request_header->value() == Headers::get().EnvoyInternalRequestValues.True; } +void HeaderUtility::stripTrailingHostDot(RequestHeaderMap& headers) { + auto host = headers.getHostValue(); + // If the host ends in a period, remove it. + auto dot_index = host.rfind('.'); + if (dot_index == std::string::npos) { + return; + } else if (dot_index == (host.size() - 1)) { + host.remove_suffix(1); + headers.setHost(host); + return; + } + // If the dot is just before a colon, it must be preceding the port number. + // IPv6 addresses may contain colons or dots, but the dot will never directly + // precede the colon, so this check should be sufficient to detect a trailing port number. + if (host[dot_index + 1] == ':') { + headers.setHost(absl::StrCat(host.substr(0, dot_index), host.substr(dot_index + 1))); + } +} + absl::optional HeaderUtility::stripPortFromHost(RequestHeaderMap& headers, absl::optional listener_port) { if (headers.getMethodValue() == Http::Headers::get().MethodValues.Connect && @@ -297,7 +316,7 @@ bool HeaderUtility::shouldCloseConnection(Http::Protocol protocol, return false; } -Http::Status HeaderUtility::checkRequiredHeaders(const Http::RequestHeaderMap& headers) { +Http::Status HeaderUtility::checkRequiredRequestHeaders(const Http::RequestHeaderMap& headers) { if (!headers.Method()) { return absl::InvalidArgumentError( absl::StrCat("missing required header: ", Envoy::Http::Headers::get().Method.get())); @@ -319,6 +338,15 @@ Http::Status HeaderUtility::checkRequiredHeaders(const Http::RequestHeaderMap& h return Http::okStatus(); } +Http::Status HeaderUtility::checkRequiredResponseHeaders(const Http::ResponseHeaderMap& headers) { + const absl::optional status = Utility::getResponseStatusNoThrow(headers); + if (!status.has_value()) { + return absl::InvalidArgumentError( + absl::StrCat("missing required header: ", Envoy::Http::Headers::get().Status.get())); + } + return Http::okStatus(); +} + bool HeaderUtility::isRemovableHeader(absl::string_view header) { return (header.empty() || header[0] != ':') && !absl::EqualsIgnoreCase(header, Headers::get().HostLegacy.get()); diff --git a/source/common/http/header_utility.h b/source/common/http/header_utility.h index 20719003733c..c3b8a2088ea9 100644 --- a/source/common/http/header_utility.h +++ b/source/common/http/header_utility.h @@ -9,8 +9,8 @@ #include "envoy/http/protocol.h" #include "envoy/type/v3/range.pb.h" -#include "common/http/status.h" -#include "common/protobuf/protobuf.h" +#include "source/common/http/status.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Http { @@ -66,6 +66,7 @@ class HeaderUtility { Regex::CompiledMatcherPtr regex_; envoy::type::v3::Int64Range range_; const bool invert_match_; + bool present_; // HeaderMatcher bool matchesHeaders(const HeaderMap& headers) const override { @@ -176,6 +177,11 @@ class HeaderUtility { static bool shouldCloseConnection(Http::Protocol protocol, const RequestOrResponseHeaderMap& headers); + /** + * @brief Remove the trailing host dot from host/authority header. + */ + static void stripTrailingHostDot(RequestHeaderMap& headers); + /** * @brief Remove the port part from host/authority header if it is equal to provided port. * @return absl::optional containing the port, if removed, else absl::nullopt. @@ -192,13 +198,20 @@ class HeaderUtility { */ static absl::string_view::size_type getPortStart(absl::string_view host); - /* Does a common header check ensuring required headers are present. + /* Does a common header check ensuring required request headers are present. * Required request headers include :method header, :path for non-CONNECT requests, and * host/authority for HTTP/1.1 or CONNECT requests. * @return Status containing the result. If failed, message includes details on which header was * missing. */ - static Http::Status checkRequiredHeaders(const Http::RequestHeaderMap& headers); + static Http::Status checkRequiredRequestHeaders(const Http::RequestHeaderMap& headers); + + /* Does a common header check ensuring required response headers are present. + * Current required response headers only includes :status. + * @return Status containing the result. If failed, message includes details on which header was + * missing. + */ + static Http::Status checkRequiredResponseHeaders(const Http::ResponseHeaderMap& headers); /** * Returns true if a header may be safely removed without causing additional diff --git a/source/common/http/headers.h b/source/common/http/headers.h index 9471dae6eb60..50edd1fa9254 100644 --- a/source/common/http/headers.h +++ b/source/common/http/headers.h @@ -4,8 +4,8 @@ #include "envoy/http/header_map.h" -#include "common/singleton/const_singleton.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/const_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { namespace Http { @@ -51,7 +51,6 @@ class PrefixValue { class CustomHeaderValues { public: const LowerCaseString Accept{"accept"}; - const LowerCaseString Age{"age"}; const LowerCaseString AcceptEncoding{"accept-encoding"}; const LowerCaseString AccessControlRequestMethod{"access-control-request-method"}; const LowerCaseString AccessControlAllowOrigin{"access-control-allow-origin"}; @@ -60,6 +59,8 @@ class CustomHeaderValues { const LowerCaseString AccessControlExposeHeaders{"access-control-expose-headers"}; const LowerCaseString AccessControlMaxAge{"access-control-max-age"}; const LowerCaseString AccessControlAllowCredentials{"access-control-allow-credentials"}; + const LowerCaseString Age{"age"}; + const LowerCaseString AltSvc{"alt-svc"}; const LowerCaseString Authentication{"authentication"}; const LowerCaseString Authorization{"authorization"}; const LowerCaseString CacheControl{"cache-control"}; diff --git a/source/common/http/http1/BUILD b/source/common/http/http1/BUILD index 495eef9ee4fd..e801968ec533 100644 --- a/source/common/http/http1/BUILD +++ b/source/common/http/http1/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["header_formatter.cc"], hdrs = ["header_formatter.h"], deps = [ - "//include/envoy/http:header_formatter_interface", + "//envoy/http:header_formatter_interface", ], ) @@ -21,8 +21,8 @@ envoy_cc_library( name = "codec_stats_lib", hdrs = ["codec_stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/common:thread_lib", ], ) @@ -36,11 +36,11 @@ envoy_cc_library( ":header_formatter_lib", ":legacy_parser_lib", ":parser_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/http:codec_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", @@ -68,12 +68,12 @@ envoy_cc_library( hdrs = ["conn_pool.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:header_map_interface", + "//envoy/upstream:upstream_interface", "//source/common/http:codec_client_lib", "//source/common/http:codec_wrappers_lib", "//source/common/http:codes_lib", @@ -90,8 +90,8 @@ envoy_cc_library( hdrs = ["settings.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/http:codec_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/http:codec_interface", + "//envoy/protobuf:message_validator_interface", "//source/common/config:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], diff --git a/source/common/http/http1/codec_impl.cc b/source/common/http/http1/codec_impl.cc index 23859ac380a2..01ff8b69f439 100644 --- a/source/common/http/http1/codec_impl.cc +++ b/source/common/http/http1/codec_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/http1/codec_impl.h" +#include "source/common/http/http1/codec_impl.h" #include #include @@ -9,20 +9,20 @@ #include "envoy/http/header_map.h" #include "envoy/network/connection.h" -#include "common/common/cleanup.h" -#include "common/common/dump_state_utils.h" -#include "common/common/enum_to_int.h" -#include "common/common/scope_tracker.h" -#include "common/common/statusor.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/exception.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/http1/header_formatter.h" -#include "common/http/http1/legacy_parser_impl.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/statusor.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/http1/header_formatter.h" +#include "source/common/http/http1/legacy_parser_impl.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" #include "absl/strings/ascii.h" @@ -177,6 +177,10 @@ void StreamEncoderImpl::encodeHeadersBase(const RequestOrResponseHeaderMap& head if (status && *status == 100) { // Make sure we don't serialize chunk information with 100-Continue headers. chunk_encoding_ = false; + } else if (status && *status == 304 && connection_.noChunkedEncodingHeaderFor304()) { + // For 304 response, since it should never have a body, we should not need to chunk_encode at + // all. + chunk_encoding_ = false; } else if (end_stream && !is_response_to_head_request_) { // If this is a headers-only stream, append an explicit "Content-Length: 0" unless it's a // response to a HEAD request. @@ -402,7 +406,7 @@ static const char REQUEST_POSTFIX[] = " HTTP/1.1\r\n"; Status RequestEncoderImpl::encodeHeaders(const RequestHeaderMap& headers, bool end_stream) { // Required headers must be present. This can only happen by some erroneous processing after the // downstream codecs decode. - RETURN_IF_ERROR(HeaderUtility::checkRequiredHeaders(headers)); + RETURN_IF_ERROR(HeaderUtility::checkRequiredRequestHeaders(headers)); const HeaderEntry* method = headers.Method(); const HeaderEntry* path = headers.Path(); @@ -463,10 +467,12 @@ ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stat "envoy.reloadable_features.require_strict_1xx_and_204_response_headers")), send_strict_1xx_and_204_headers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.send_strict_1xx_and_204_response_headers")), - dispatching_(false), output_buffer_(connection.dispatcher().getWatermarkFactory().create( - [&]() -> void { this->onBelowLowWatermark(); }, - [&]() -> void { this->onAboveHighWatermark(); }, - []() -> void { /* TODO(adisuissa): Handle overflow watermark */ })), + dispatching_(false), no_chunked_encoding_header_for_304_(Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.no_chunked_encoding_header_for_304")), + output_buffer_(connection.dispatcher().getWatermarkFactory().create( + [&]() -> void { this->onBelowLowWatermark(); }, + [&]() -> void { this->onAboveHighWatermark(); }, + []() -> void { /* TODO(adisuissa): Handle overflow watermark */ })), max_headers_kb_(max_headers_kb), max_headers_count_(max_headers_count) { output_buffer_->setWatermarks(connection.bufferLimit()); parser_ = std::make_unique(type, this); @@ -858,7 +864,7 @@ void ConnectionImpl::dumpState(std::ostream& os, int indent_level) const { << DUMP_MEMBER(handling_upgrade_) << DUMP_MEMBER(deferred_end_stream_headers_) << DUMP_MEMBER(require_strict_1xx_and_204_headers_) << DUMP_MEMBER(send_strict_1xx_and_204_headers_) << DUMP_MEMBER(processing_trailers_) - << DUMP_MEMBER(buffered_body_.length()); + << DUMP_MEMBER(no_chunked_encoding_header_for_304_) << DUMP_MEMBER(buffered_body_.length()); // Dump header parsing state, and any progress on headers. os << DUMP_MEMBER(header_parsing_state_); diff --git a/source/common/http/http1/codec_impl.h b/source/common/http/http1/codec_impl.h index 031d972a5a08..aa8125b440d2 100644 --- a/source/common/http/http1/codec_impl.h +++ b/source/common/http/http1/codec_impl.h @@ -12,16 +12,16 @@ #include "envoy/http/codec.h" #include "envoy/network/connection.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/assert.h" -#include "common/common/statusor.h" -#include "common/http/codec_helper.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http1/header_formatter.h" -#include "common/http/http1/parser.h" -#include "common/http/status.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/assert.h" +#include "source/common/common/statusor.h" +#include "source/common/http/codec_helper.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http1/header_formatter.h" +#include "source/common/http/http1/parser.h" +#include "source/common/http/status.h" namespace Envoy { namespace Http { @@ -69,6 +69,10 @@ class StreamEncoderImpl : public virtual StreamEncoder, // require a flush timeout not already covered by other timeouts. } + void setAccount(Buffer::BufferMemoryAccountSharedPtr) override { + // TODO(kbaichoo): implement account tracking for H1. + } + void setIsResponseToHeadRequest(bool value) { is_response_to_head_request_ = value; } void setIsResponseToConnectRequest(bool value) { is_response_to_connect_request_ = value; } void setDetails(absl::string_view details) { details_ = details; } @@ -229,7 +233,7 @@ class ConnectionImpl : public virtual Connection, void onUnderlyingConnectionAboveWriteBufferHighWatermark() override { onAboveHighWatermark(); } void onUnderlyingConnectionBelowWriteBufferLowWatermark() override { onBelowLowWatermark(); } - bool sendStrict1xxAnd204Headers() { return send_strict_1xx_and_204_headers_; } + bool sendStrict1xxAnd204Headers() const { return send_strict_1xx_and_204_headers_; } // Codec errors found in callbacks are overridden within the http_parser library. This holds those // errors to propagate them through to dispatch() where we can handle the error. @@ -238,6 +242,8 @@ class ConnectionImpl : public virtual Connection, // ScopeTrackedObject void dumpState(std::ostream& os, int indent_level) const override; + bool noChunkedEncodingHeaderFor304() const { return no_chunked_encoding_header_for_304_; } + protected: ConnectionImpl(Network::Connection& connection, CodecStats& stats, const Http1Settings& settings, MessageType type, uint32_t max_headers_kb, const uint32_t max_headers_count); @@ -284,6 +290,7 @@ class ConnectionImpl : public virtual Connection, const bool send_strict_1xx_and_204_headers_ : 1; bool dispatching_ : 1; bool dispatching_slice_already_drained_ : 1; + const bool no_chunked_encoding_header_for_304_ : 1; private: enum class HeaderParsingState { Field, Value, Done }; diff --git a/source/common/http/http1/codec_stats.h b/source/common/http/http1/codec_stats.h index ac296522adc2..8fa7f254a0bd 100644 --- a/source/common/http/http1/codec_stats.h +++ b/source/common/http/http1/codec_stats.h @@ -3,7 +3,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http1/conn_pool.cc b/source/common/http/http1/conn_pool.cc index 8a59c0100557..9928b08819f4 100644 --- a/source/common/http/http1/conn_pool.cc +++ b/source/common/http/http1/conn_pool.cc @@ -1,4 +1,4 @@ -#include "common/http/http1/conn_pool.h" +#include "source/common/http/http1/conn_pool.h" #include #include @@ -11,11 +11,11 @@ #include "envoy/http/header_map.h" #include "envoy/upstream/upstream.h" -#include "common/http/codec_client.h" -#include "common/http/codes.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/runtime/runtime_features.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/match.h" @@ -87,6 +87,8 @@ ActiveClient::ActiveClient(HttpConnPoolImplBase& parent, Upstream::Host::CreateC parent.host()->cluster().stats().upstream_cx_http1_total_.inc(); } +ActiveClient::~ActiveClient() { ASSERT(!stream_wrapper_.get()); } + bool ActiveClient::closingWithIncompleteStream() const { return (stream_wrapper_ != nullptr) && (!stream_wrapper_->decode_complete_); } @@ -108,9 +110,9 @@ allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_ random_generator, state, [](HttpConnPoolImplBase* pool) { return std::make_unique(*pool); }, [](Upstream::Host::CreateConnectionData& data, HttpConnPoolImplBase* pool) { - CodecClientPtr codec{new CodecClientProd( - CodecClient::Type::HTTP1, std::move(data.connection_), data.host_description_, - pool->dispatcher(), pool->randomGenerator())}; + CodecClientPtr codec{new CodecClientProd(CodecType::HTTP1, std::move(data.connection_), + data.host_description_, pool->dispatcher(), + pool->randomGenerator())}; return codec; }, std::vector{Protocol::Http11}); diff --git a/source/common/http/http1/conn_pool.h b/source/common/http/http1/conn_pool.h index d45109ac9327..e6c975ecb39a 100644 --- a/source/common/http/http1/conn_pool.h +++ b/source/common/http/http1/conn_pool.h @@ -4,8 +4,8 @@ #include "envoy/http/codec.h" #include "envoy/upstream/upstream.h" -#include "common/http/codec_wrappers.h" -#include "common/http/conn_pool_base.h" +#include "source/common/http/codec_wrappers.h" +#include "source/common/http/conn_pool_base.h" namespace Envoy { namespace Http { @@ -18,6 +18,7 @@ class ActiveClient : public Envoy::Http::ActiveClient { public: ActiveClient(HttpConnPoolImplBase& parent); ActiveClient(HttpConnPoolImplBase& parent, Upstream::Host::CreateConnectionData& data); + ~ActiveClient() override; // ConnPoolImplBase::ActiveClient bool closingWithIncompleteStream() const override; @@ -30,11 +31,17 @@ class ActiveClient : public Envoy::Http::ActiveClient { // capacity and assign a new stream before decode is complete. return stream_wrapper_.get() ? 1 : 0; } + void releaseResources() override { + parent_.dispatcher().deferredDelete(std::move(stream_wrapper_)); + Envoy::Http::ActiveClient::releaseResources(); + } struct StreamWrapper : public RequestEncoderWrapper, public ResponseDecoderWrapper, public StreamCallbacks, + public Event::DeferredDeletable, protected Logger::Loggable { + public: StreamWrapper(ResponseDecoder& response_decoder, ActiveClient& parent); ~StreamWrapper() override; @@ -51,8 +58,6 @@ class ActiveClient : public Envoy::Http::ActiveClient { void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} - void onStreamDestroy(); - ActiveClient& parent_; bool stream_incomplete_{}; bool encode_complete_{}; diff --git a/source/common/http/http1/header_formatter.cc b/source/common/http/http1/header_formatter.cc index 514f2383dff0..c66c70fead20 100644 --- a/source/common/http/http1/header_formatter.cc +++ b/source/common/http/http1/header_formatter.cc @@ -1,4 +1,4 @@ -#include "common/http/http1/header_formatter.h" +#include "source/common/http/http1/header_formatter.h" #include diff --git a/source/common/http/http1/legacy_parser_impl.cc b/source/common/http/http1/legacy_parser_impl.cc index 8087e663c8ac..840ba419099f 100644 --- a/source/common/http/http1/legacy_parser_impl.cc +++ b/source/common/http/http1/legacy_parser_impl.cc @@ -1,11 +1,11 @@ -#include "common/http/http1/legacy_parser_impl.h" +#include "source/common/http/http1/legacy_parser_impl.h" #include #include -#include "common/common/assert.h" -#include "common/http/http1/parser.h" +#include "source/common/common/assert.h" +#include "source/common/http/http1/parser.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http1/legacy_parser_impl.h b/source/common/http/http1/legacy_parser_impl.h index 62b46dde0b06..2099f815824b 100644 --- a/source/common/http/http1/legacy_parser_impl.h +++ b/source/common/http/http1/legacy_parser_impl.h @@ -2,7 +2,7 @@ #include -#include "common/http/http1/parser.h" +#include "source/common/http/http1/parser.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http1/parser.h b/source/common/http/http1/parser.h index 9008b2afd4af..23f6795a1f75 100644 --- a/source/common/http/http1/parser.h +++ b/source/common/http/http1/parser.h @@ -4,8 +4,8 @@ #include "envoy/common/pure.h" -#include "common/common/statusor.h" -#include "common/http/status.h" +#include "source/common/common/statusor.h" +#include "source/common/http/status.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http1/settings.cc b/source/common/http/http1/settings.cc index 18a4dd0dadf0..43155b42fbe4 100644 --- a/source/common/http/http1/settings.cc +++ b/source/common/http/http1/settings.cc @@ -1,8 +1,8 @@ -#include "common/http/http1/settings.h" +#include "source/common/http/http1/settings.h" #include "envoy/http/header_formatter.h" -#include "common/config/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http2/BUILD b/source/common/http/http2/BUILD index 7e31b3e97a47..3ec423ce65c1 100644 --- a/source/common/http/http2/BUILD +++ b/source/common/http/http2/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "codec_stats_lib", hdrs = ["codec_stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/common:thread_lib", ], ) @@ -33,13 +33,13 @@ envoy_cc_library( ":metadata_decoder_lib", ":metadata_encoder_lib", ":protocol_constraints_lib", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stats:stats_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/http:codec_interface", + "//envoy/http:codes_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", + "//envoy/stats:stats_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", @@ -78,8 +78,8 @@ envoy_cc_library( srcs = ["conn_pool.cc"], hdrs = ["conn_pool.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:dispatcher_interface", + "//envoy/upstream:upstream_interface", "//source/common/http:codec_client_lib", "//source/common/http:conn_pool_base_lib", ], @@ -93,7 +93,7 @@ envoy_cc_library( "nghttp2", ], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -108,7 +108,7 @@ envoy_cc_library( "nghttp2", ], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -124,7 +124,7 @@ envoy_cc_library( ], deps = [ ":codec_stats_lib", - "//include/envoy/network:connection_interface", + "//envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/http:status_lib", diff --git a/source/common/http/http2/codec_impl.cc b/source/common/http/http2/codec_impl.cc index 758dea9d326f..3e46ce24206b 100644 --- a/source/common/http/http2/codec_impl.cc +++ b/source/common/http/http2/codec_impl.cc @@ -1,4 +1,4 @@ -#include "common/http/http2/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" #include #include @@ -11,21 +11,21 @@ #include "envoy/http/header_map.h" #include "envoy/network/connection.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/dump_state_utils.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/safe_memcpy.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/http/codes.h" -#include "common/http/exception.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" @@ -130,8 +130,17 @@ template static T* removeConst(const void* object) { } ConnectionImpl::StreamImpl::StreamImpl(ConnectionImpl& parent, uint32_t buffer_limit) - : parent_(parent), local_end_stream_sent_(false), remote_end_stream_(false), - data_deferred_(false), received_noninformational_headers_(false), + : parent_(parent), + pending_recv_data_(parent_.connection_.dispatcher().getWatermarkFactory().create( + [this]() -> void { this->pendingRecvBufferLowWatermark(); }, + [this]() -> void { this->pendingRecvBufferHighWatermark(); }, + []() -> void { /* TODO(adisuissa): Handle overflow watermark */ })), + pending_send_data_(parent_.connection_.dispatcher().getWatermarkFactory().create( + [this]() -> void { this->pendingSendBufferLowWatermark(); }, + [this]() -> void { this->pendingSendBufferHighWatermark(); }, + []() -> void { /* TODO(adisuissa): Handle overflow watermark */ })), + local_end_stream_sent_(false), remote_end_stream_(false), data_deferred_(false), + received_noninformational_headers_(false), pending_receive_buffer_high_watermark_called_(false), pending_send_buffer_high_watermark_called_(false), reset_due_to_messaging_error_(false) { parent_.stats_.streams_active_.inc(); @@ -145,7 +154,7 @@ ConnectionImpl::StreamImpl::~StreamImpl() { ASSERT(stream_idle_timer_ == nullptr void ConnectionImpl::StreamImpl::destroy() { disarmStreamIdleTimer(); parent_.stats_.streams_active_.dec(); - parent_.stats_.pending_send_bytes_.sub(pending_send_data_.length()); + parent_.stats_.pending_send_bytes_.sub(pending_send_data_->length()); } static void insertHeader(std::vector& headers, const HeaderEntry& header) { @@ -201,7 +210,7 @@ Status ConnectionImpl::ClientStreamImpl::encodeHeaders(const RequestHeaderMap& h bool end_stream) { // Required headers must be present. This can only happen by some erroneous processing after the // downstream codecs decode. - RETURN_IF_ERROR(HeaderUtility::checkRequiredHeaders(headers)); + RETURN_IF_ERROR(HeaderUtility::checkRequiredRequestHeaders(headers)); // This must exist outside of the scope of isUpgrade as the underlying memory is // needed until encodeHeadersBase has been called. std::vector final_headers; @@ -253,7 +262,7 @@ void ConnectionImpl::ServerStreamImpl::encodeHeaders(const ResponseHeaderMap& he void ConnectionImpl::StreamImpl::encodeTrailersBase(const HeaderMap& trailers) { ASSERT(!local_end_stream_); local_end_stream_ = true; - if (pending_send_data_.length() > 0) { + if (pending_send_data_->length() > 0) { // In this case we want trailers to come after we release all pending body data that is // waiting on window updates. We need to save the trailers so that we can emit them later. // However, for empty trailers, we don't need to to save the trailers. @@ -409,13 +418,13 @@ void ConnectionImpl::StreamImpl::submitMetadata(uint8_t flags) { } ssize_t ConnectionImpl::StreamImpl::onDataSourceRead(uint64_t length, uint32_t* data_flags) { - if (pending_send_data_.length() == 0 && !local_end_stream_) { + if (pending_send_data_->length() == 0 && !local_end_stream_) { ASSERT(!data_deferred_); data_deferred_ = true; return NGHTTP2_ERR_DEFERRED; } else { *data_flags |= NGHTTP2_DATA_FLAG_NO_COPY; - if (local_end_stream_ && pending_send_data_.length() <= length) { + if (local_end_stream_ && pending_send_data_->length() <= length) { *data_flags |= NGHTTP2_DATA_FLAG_EOF; if (pending_trailers_to_encode_) { // We need to tell the library to not set end stream so that we can emit the trailers. @@ -425,7 +434,7 @@ ssize_t ConnectionImpl::StreamImpl::onDataSourceRead(uint64_t length, uint32_t* } } - return std::min(length, pending_send_data_.length()); + return std::min(length, pending_send_data_->length()); } } @@ -446,7 +455,7 @@ void ConnectionImpl::StreamImpl::onDataSourceSend(const uint8_t* framehd, size_t } parent_.stats_.pending_send_bytes_.sub(length); - output.move(pending_send_data_, length); + output.move(*pending_send_data_, length); parent_.connection_.write(output, false); } @@ -491,7 +500,9 @@ void ConnectionImpl::StreamImpl::onPendingFlushTimer() { void ConnectionImpl::StreamImpl::encodeData(Buffer::Instance& data, bool end_stream) { ASSERT(!local_end_stream_); - encodeDataHelper(data, end_stream, /*skip_encoding_empty_trailers=*/false); + encodeDataHelper(data, end_stream, + /*skip_encoding_empty_trailers=*/ + false); } void ConnectionImpl::StreamImpl::encodeDataHelper(Buffer::Instance& data, bool end_stream, @@ -502,7 +513,7 @@ void ConnectionImpl::StreamImpl::encodeDataHelper(Buffer::Instance& data, bool e local_end_stream_ = end_stream; parent_.stats_.pending_send_bytes_.add(data.length()); - pending_send_data_.move(data); + pending_send_data_->move(data); if (data_deferred_) { int rc = nghttp2_session_resume_data(parent_.session_, stream_id_); ASSERT(rc == 0); @@ -514,7 +525,7 @@ void ConnectionImpl::StreamImpl::encodeDataHelper(Buffer::Instance& data, bool e // Intended to check through coverage that this error case is tested return; } - if (local_end_stream_ && pending_send_data_.length() > 0) { + if (local_end_stream_ && pending_send_data_->length() > 0) { createPendingFlushTimer(); } } @@ -576,6 +587,12 @@ void ConnectionImpl::StreamImpl::onMetadataDecoded(MetadataMapPtr&& metadata_map } } +void ConnectionImpl::StreamImpl::setAccount(Buffer::BufferMemoryAccountSharedPtr account) { + buffer_memory_account_ = account; + pending_recv_data_->bindAccount(buffer_memory_account_); + pending_send_data_->bindAccount(buffer_memory_account_); +} + ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stats, Random::RandomGenerator& random_generator, const envoy::config::core::v3::Http2ProtocolOptions& http2_options, @@ -589,16 +606,19 @@ ConnectionImpl::ConnectionImpl(Network::Connection& connection, CodecStats& stat skip_encoding_empty_trailers_(Runtime::runtimeFeatureEnabled( "envoy.reloadable_features.http2_skip_encoding_empty_trailers")), dispatching_(false), raised_goaway_(false), pending_deferred_reset_(false), - random_(random_generator) { + random_(random_generator), + last_received_data_time_(connection_.dispatcher().timeSource().monotonicTime()) { if (http2_options.has_connection_keepalive()) { keepalive_interval_ = std::chrono::milliseconds( - PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), interval)); + PROTOBUF_GET_MS_OR_DEFAULT(http2_options.connection_keepalive(), interval, 0)); keepalive_timeout_ = std::chrono::milliseconds( PROTOBUF_GET_MS_REQUIRED(http2_options.connection_keepalive(), timeout)); keepalive_interval_jitter_percent_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( http2_options.connection_keepalive(), interval_jitter, 15.0); - keepalive_send_timer_ = connection.dispatcher().createTimer([this]() { sendKeepalive(); }); + if (keepalive_interval_.count() > 0) { + keepalive_send_timer_ = connection.dispatcher().createTimer([this]() { sendKeepalive(); }); + } keepalive_timeout_timer_ = connection.dispatcher().createTimer([this]() { onKeepaliveResponseTimeout(); }); @@ -615,6 +635,12 @@ ConnectionImpl::~ConnectionImpl() { } void ConnectionImpl::sendKeepalive() { + ASSERT(keepalive_timeout_timer_); + if (keepalive_timeout_timer_->enabled()) { + ENVOY_CONN_LOG(trace, "Skipping PING: already awaiting PING ACK {}", connection_); + return; + } + // Include the current time as the payload to help with debugging. SystemTime now = connection_.dispatcher().timeSource().systemTime(); uint64_t ms_since_epoch = @@ -631,12 +657,13 @@ void ConnectionImpl::sendKeepalive() { } keepalive_timeout_timer_->enableTimer(keepalive_timeout_); } + void ConnectionImpl::onKeepaliveResponse() { // Check the timers for nullptr in case the peer sent an unsolicited PING ACK. if (keepalive_timeout_timer_ != nullptr) { keepalive_timeout_timer_->disableTimer(); } - if (keepalive_send_timer_ != nullptr) { + if (keepalive_send_timer_ != nullptr && keepalive_interval_.count()) { uint64_t interval_ms = keepalive_interval_.count(); const uint64_t jitter_percent_mod = keepalive_interval_jitter_percent_ * interval_ms / 100; if (jitter_percent_mod > 0) { @@ -663,6 +690,7 @@ Http::Status ConnectionImpl::dispatch(Buffer::Instance& data) { current_slice_ = nullptr; current_stream_id_.reset(); }); + last_received_data_time_ = connection_.dispatcher().timeSource().monotonicTime(); for (const Buffer::RawSlice& slice : data.getRawSlices()) { current_slice_ = &slice; dispatching_ = true; @@ -707,7 +735,7 @@ int ConnectionImpl::onData(int32_t stream_id, const uint8_t* data, size_t len) { StreamImpl* stream = getStream(stream_id); // If this results in buffering too much data, the watermark buffer will call // pendingRecvBufferHighWatermark, resulting in ++read_disable_count_ - stream->pending_recv_data_.add(data, len); + stream->pending_recv_data_->add(data, len); // Update the window to the peer unless some consumer of this stream's data has hit a flow control // limit and disabled reads on this stream if (!stream->buffersOverrun()) { @@ -750,8 +778,8 @@ Status ConnectionImpl::protocolErrorForTest() { } Status ConnectionImpl::onBeforeFrameReceived(const nghttp2_frame_hd* hd) { - ENVOY_CONN_LOG(trace, "about to recv frame type={}, flags={}", connection_, - static_cast(hd->type), static_cast(hd->flags)); + ENVOY_CONN_LOG(trace, "about to recv frame type={}, flags={}, stream_id={}", connection_, + static_cast(hd->type), static_cast(hd->flags), hd->stream_id); current_stream_id_ = hd->stream_id; // Track all the frames without padding here, since this is the only callback we receive @@ -862,10 +890,10 @@ Status ConnectionImpl::onFrameReceived(const nghttp2_frame* frame) { // It's possible that we are waiting to send a deferred reset, so only raise data if local // is not complete. if (!stream->deferred_reset_) { - stream->decoder().decodeData(stream->pending_recv_data_, stream->remote_end_stream_); + stream->decoder().decodeData(*stream->pending_recv_data_, stream->remote_end_stream_); } - stream->pending_recv_data_.drain(stream->pending_recv_data_.length()); + stream->pending_recv_data_->drain(stream->pending_recv_data_->length()); break; } case NGHTTP2_RST_STREAM: { @@ -934,9 +962,18 @@ int ConnectionImpl::onInvalidFrame(int32_t stream_id, int error_code) { stream->setDetails(Http2ResponseCodeDetails::get().errorDetails(error_code)); } - if (error_code == NGHTTP2_ERR_HTTP_HEADER || error_code == NGHTTP2_ERR_HTTP_MESSAGING) { - stats_.rx_messaging_error_.inc(); + switch (error_code) { + case NGHTTP2_ERR_REFUSED_STREAM: + if (Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.http2_consume_stream_refused_errors")) { + stats_.stream_refused_errors_.inc(); + return 0; + } + break; + case NGHTTP2_ERR_HTTP_HEADER: + case NGHTTP2_ERR_HTTP_MESSAGING: + stats_.rx_messaging_error_.inc(); if (stream_error_on_invalid_http_messaging_) { // The stream is about to be closed due to an invalid header or messaging. Don't kill the // entire connection if one stream has bad headers or messaging. @@ -946,6 +983,18 @@ int ConnectionImpl::onInvalidFrame(int32_t stream_id, int error_code) { } return 0; } + break; + + case NGHTTP2_ERR_FLOW_CONTROL: + case NGHTTP2_ERR_PROTO: + case NGHTTP2_ERR_STREAM_CLOSED: + // Known error conditions that should trigger connection close. + break; + + default: + // Unknown error conditions. Trigger ENVOY_BUG and connection close. + ENVOY_BUG(false, absl::StrCat("Unexpected error_code: ", error_code)); + break; } // Cause dispatch to return with an error code. @@ -1545,9 +1594,19 @@ ClientConnectionImpl::ClientConnectionImpl( client_http2_options.options()); http2_session_factory.init(session_, base(), http2_options); allow_metadata_ = http2_options.allow_metadata(); + idle_session_requires_ping_interval_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT( + http2_options.connection_keepalive(), connection_idle_interval, 0)); } RequestEncoder& ClientConnectionImpl::newStream(ResponseDecoder& decoder) { + // If the connection has been idle long enough to trigger a ping, send one + // ahead of creating the stream. + if (idle_session_requires_ping_interval_.count() != 0 && + (connection_.dispatcher().timeSource().monotonicTime() - lastReceivedDataTime() > + idle_session_requires_ping_interval_)) { + sendKeepalive(); + } + ClientStreamImplPtr stream(new ClientStreamImpl(*this, per_stream_buffer_limit_, decoder)); // If the connection is currently above the high watermark, make sure to inform the new stream. // The connection can not pass this on automatically as it has no awareness that a new stream is diff --git a/source/common/http/http2/codec_impl.h b/source/common/http/http2/codec_impl.h index 6f4a3a6f0270..6b86ee41b9aa 100644 --- a/source/common/http/http2/codec_impl.h +++ b/source/common/http/http2/codec_impl.h @@ -8,6 +8,7 @@ #include #include +#include "envoy/buffer/buffer.h" #include "envoy/common/random_generator.h" #include "envoy/common/scope_tracker.h" #include "envoy/config/core/v3/protocol.pb.h" @@ -15,20 +16,21 @@ #include "envoy/http/codec.h" #include "envoy/network/connection.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/common/statusor.h" -#include "common/common/thread.h" -#include "common/http/codec_helper.h" -#include "common/http/header_map_impl.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/http2/metadata_decoder.h" -#include "common/http/http2/metadata_encoder.h" -#include "common/http/http2/protocol_constraints.h" -#include "common/http/status.h" -#include "common/http/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/assert.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/common/statusor.h" +#include "source/common/common/thread.h" +#include "source/common/http/codec_helper.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/http2/metadata_decoder.h" +#include "source/common/http/http2/metadata_encoder.h" +#include "source/common/http/http2/protocol_constraints.h" +#include "source/common/http/status.h" +#include "source/common/http/utility.h" #include "absl/types/optional.h" #include "nghttp2/nghttp2.h" @@ -229,7 +231,7 @@ class ConnectionImpl : public virtual Connection, void removeCallbacks(StreamCallbacks& callbacks) override { removeCallbacksHelper(callbacks); } void resetStream(StreamResetReason reason) override; void readDisable(bool disable) override; - uint32_t bufferLimit() override { return pending_recv_data_.highWatermark(); } + uint32_t bufferLimit() override { return pending_recv_data_->highWatermark(); } const Network::Address::InstanceConstSharedPtr& connectionLocalAddress() override { return parent_.connection_.addressProvider().localAddress(); } @@ -237,6 +239,7 @@ class ConnectionImpl : public virtual Connection, void setFlushTimeout(std::chrono::milliseconds timeout) override { stream_idle_timeout_ = timeout; } + void setAccount(Buffer::BufferMemoryAccountSharedPtr account) override; // ScopeTrackedObject void dumpState(std::ostream& os, int indent_level) const override; @@ -258,8 +261,8 @@ class ConnectionImpl : public virtual Connection, } void setWriteBufferWatermarks(uint32_t high_watermark) { - pending_recv_data_.setWatermarks(high_watermark); - pending_send_data_.setWatermarks(high_watermark); + pending_recv_data_->setWatermarks(high_watermark); + pending_send_data_->setWatermarks(high_watermark); } // If the receive buffer encounters watermark callbacks, enable/disable reads on this stream. @@ -293,19 +296,14 @@ class ConnectionImpl : public virtual Connection, uint32_t unconsumed_bytes_{0}; uint32_t read_disable_count_{0}; + Buffer::BufferMemoryAccountSharedPtr buffer_memory_account_; // Note that in current implementation the watermark callbacks of the pending_recv_data_ are // never called. The watermark value is set to the size of the stream window. As a result this // watermark can never overflow because the peer can never send more bytes than the stream // window without triggering protocol error and this buffer is drained after each DATA frame was // dispatched through the filter chain. See source/docs/flow_control.md for more information. - Buffer::WatermarkBuffer pending_recv_data_{ - [this]() -> void { this->pendingRecvBufferLowWatermark(); }, - [this]() -> void { this->pendingRecvBufferHighWatermark(); }, - []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; - Buffer::WatermarkBuffer pending_send_data_{ - [this]() -> void { this->pendingSendBufferLowWatermark(); }, - [this]() -> void { this->pendingSendBufferHighWatermark(); }, - []() -> void { /* TODO(adisuissa): Handle overflow watermark */ }}; + Buffer::InstancePtr pending_recv_data_; + Buffer::InstancePtr pending_send_data_; HeaderMapPtr pending_trailers_to_encode_; std::unique_ptr metadata_decoder_; std::unique_ptr metadata_encoder_; @@ -535,6 +533,11 @@ class ConnectionImpl : public virtual Connection, // dumpState helper method. virtual void dumpStreams(std::ostream& os, int indent_level) const; + // Send a keepalive ping, and set the idle timer for ping timeout. + void sendKeepalive(); + + const MonotonicTime& lastReceivedDataTime() { return last_received_data_time_; } + private: virtual ConnectionCallbacks& callbacks() PURE; virtual Status onBeginHeaders(const nghttp2_frame* frame) PURE; @@ -556,7 +559,6 @@ class ConnectionImpl : public virtual Connection, virtual ProtocolConstraints::ReleasorProc trackOutboundFrames(bool is_outbound_flood_monitored_control_frame) PURE; virtual Status trackInboundFrames(const nghttp2_frame_hd* hd, uint32_t padding_length) PURE; - void sendKeepalive(); void onKeepaliveResponse(); void onKeepaliveResponseTimeout(); virtual StreamResetReason getMessagingErrorResetReason() const PURE; @@ -568,6 +570,7 @@ class ConnectionImpl : public virtual Connection, bool pending_deferred_reset_ : 1; Event::SchedulableCallbackPtr protocol_constraint_violation_callback_; Random::RandomGenerator& random_; + MonotonicTime last_received_data_time_{}; Event::TimerPtr keepalive_send_timer_; Event::TimerPtr keepalive_timeout_timer_; std::chrono::milliseconds keepalive_interval_; @@ -606,6 +609,7 @@ class ClientConnectionImpl : public ClientConnection, public ConnectionImpl { void dumpStreams(std::ostream& os, int indent_level) const override; StreamResetReason getMessagingErrorResetReason() const override; Http::ConnectionCallbacks& callbacks_; + std::chrono::milliseconds idle_session_requires_ping_interval_; // Latched value of "envoy.reloadable_features.upstream_http2_flood_checks" runtime feature. bool enable_upstream_http2_flood_checks_; }; diff --git a/source/common/http/http2/codec_stats.h b/source/common/http/http2/codec_stats.h index eb11291f82f4..3bfcad7cc0b4 100644 --- a/source/common/http/http2/codec_stats.h +++ b/source/common/http/http2/codec_stats.h @@ -3,7 +3,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Http { @@ -25,6 +25,7 @@ namespace Http2 { COUNTER(requests_rejected_with_underscores_in_headers) \ COUNTER(rx_messaging_error) \ COUNTER(rx_reset) \ + COUNTER(stream_refused_errors) \ COUNTER(trailers) \ COUNTER(tx_flush_timeout) \ COUNTER(tx_reset) \ diff --git a/source/common/http/http2/conn_pool.cc b/source/common/http/http2/conn_pool.cc index fe8dca2c4247..50cb7778b8bf 100644 --- a/source/common/http/http2/conn_pool.cc +++ b/source/common/http/http2/conn_pool.cc @@ -1,12 +1,12 @@ -#include "common/http/http2/conn_pool.h" +#include "source/common/http/http2/conn_pool.h" #include #include "envoy/event/dispatcher.h" #include "envoy/upstream/upstream.h" -#include "common/http/http2/codec_impl.h" -#include "common/runtime/runtime_features.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Http { @@ -33,9 +33,9 @@ allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_ host, priority, dispatcher, options, transport_socket_options, random_generator, state, [](HttpConnPoolImplBase* pool) { return std::make_unique(*pool); }, [](Upstream::Host::CreateConnectionData& data, HttpConnPoolImplBase* pool) { - CodecClientPtr codec{new CodecClientProd( - CodecClient::Type::HTTP2, std::move(data.connection_), data.host_description_, - pool->dispatcher(), pool->randomGenerator())}; + CodecClientPtr codec{new CodecClientProd(CodecType::HTTP2, std::move(data.connection_), + data.host_description_, pool->dispatcher(), + pool->randomGenerator())}; return codec; }, std::vector{Protocol::Http2}); diff --git a/source/common/http/http2/conn_pool.h b/source/common/http/http2/conn_pool.h index 529167cb8535..9d96c494873c 100644 --- a/source/common/http/http2/conn_pool.h +++ b/source/common/http/http2/conn_pool.h @@ -4,8 +4,8 @@ #include "envoy/upstream/upstream.h" -#include "common/http/codec_client.h" -#include "common/http/conn_pool_base.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/conn_pool_base.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http2/metadata_decoder.cc b/source/common/http/http2/metadata_decoder.cc index 836bc8dbbe36..3efd9346e591 100644 --- a/source/common/http/http2/metadata_decoder.cc +++ b/source/common/http/http2/metadata_decoder.cc @@ -1,6 +1,6 @@ -#include "common/http/http2/metadata_decoder.h" +#include "source/common/http/http2/metadata_decoder.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/fixed_array.h" diff --git a/source/common/http/http2/metadata_decoder.h b/source/common/http/http2/metadata_decoder.h index 16510776e563..4a3c9ad301ec 100644 --- a/source/common/http/http2/metadata_decoder.h +++ b/source/common/http/http2/metadata_decoder.h @@ -5,8 +5,8 @@ #include "envoy/http/codec.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" #include "nghttp2/nghttp2.h" diff --git a/source/common/http/http2/metadata_encoder.cc b/source/common/http/http2/metadata_encoder.cc index ac1c06af4f36..81002de8566d 100644 --- a/source/common/http/http2/metadata_encoder.cc +++ b/source/common/http/http2/metadata_encoder.cc @@ -1,6 +1,6 @@ -#include "common/http/http2/metadata_encoder.h" +#include "source/common/http/http2/metadata_encoder.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/fixed_array.h" #include "nghttp2/nghttp2.h" diff --git a/source/common/http/http2/metadata_encoder.h b/source/common/http/http2/metadata_encoder.h index 64e520e0cded..9fe06ce6e459 100644 --- a/source/common/http/http2/metadata_encoder.h +++ b/source/common/http/http2/metadata_encoder.h @@ -6,9 +6,9 @@ #include "envoy/http/codec.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/c_smart_ptr.h" -#include "common/common/logger.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/common/logger.h" #include "nghttp2/nghttp2.h" diff --git a/source/common/http/http2/nghttp2.cc b/source/common/http/http2/nghttp2.cc index 68e9c620e9c8..83e37878221d 100644 --- a/source/common/http/http2/nghttp2.cc +++ b/source/common/http/http2/nghttp2.cc @@ -1,6 +1,6 @@ -#include "common/http/http2/nghttp2.h" +#include "source/common/http/http2/nghttp2.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" // nghttp2 fails to convey the POSIX ssize_t declaration // that Microsoft declines to implement. Pick up a valid diff --git a/source/common/http/http2/protocol_constraints.cc b/source/common/http/http2/protocol_constraints.cc index 5d8f38a44c40..cc3d2252d8dc 100644 --- a/source/common/http/http2/protocol_constraints.cc +++ b/source/common/http/http2/protocol_constraints.cc @@ -1,7 +1,7 @@ -#include "common/http/http2/protocol_constraints.h" +#include "source/common/http/http2/protocol_constraints.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" namespace Envoy { namespace Http { diff --git a/source/common/http/http2/protocol_constraints.h b/source/common/http/http2/protocol_constraints.h index 017db57289e0..a2e1f203cedc 100644 --- a/source/common/http/http2/protocol_constraints.h +++ b/source/common/http/http2/protocol_constraints.h @@ -6,8 +6,8 @@ #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/network/connection.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/status.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/status.h" #include "nghttp2/nghttp2.h" diff --git a/source/common/http/http3/BUILD b/source/common/http/http3/BUILD index 62021588859a..92a28b20c1d5 100644 --- a/source/common/http/http3/BUILD +++ b/source/common/http/http3/BUILD @@ -14,8 +14,8 @@ envoy_cc_library( hdrs = ["conn_pool.h"], deps = [ ":quic_client_connection_factory_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:dispatcher_interface", + "//envoy/upstream:upstream_interface", "//source/common/http:codec_client_lib", "//source/common/http:conn_pool_base_lib", "//source/common/quic:client_connection_factory_lib", @@ -31,8 +31,8 @@ envoy_cc_library( name = "codec_stats_lib", hdrs = ["codec_stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/common:thread_lib", ], ) diff --git a/source/common/http/http3/codec_stats.h b/source/common/http/http3/codec_stats.h index 327b345f1d46..47b69965896e 100644 --- a/source/common/http/http3/codec_stats.h +++ b/source/common/http/http3/codec_stats.h @@ -3,7 +3,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Http { @@ -11,18 +11,19 @@ namespace Http3 { /** * All stats for the HTTP/3 codec. @see stats_macros.h - * TODO(danzh) populate all of them in codec. */ #define ALL_HTTP3_CODEC_STATS(COUNTER, GAUGE) \ COUNTER(dropped_headers_with_underscores) \ - COUNTER(header_overflow) \ COUNTER(requests_rejected_with_underscores_in_headers) \ - COUNTER(rx_messaging_error) \ COUNTER(rx_reset) \ - COUNTER(trailers) \ COUNTER(tx_reset) \ COUNTER(metadata_not_supported_error) \ - GAUGE(streams_active, Accumulate) + COUNTER(quic_version_43) \ + COUNTER(quic_version_46) \ + COUNTER(quic_version_50) \ + COUNTER(quic_version_51) \ + COUNTER(quic_version_h3_29) \ + COUNTER(quic_version_rfc_v1) /** * Wrapper struct for the HTTP/3 codec stats. @see stats_macros.h diff --git a/source/common/http/http3/conn_pool.cc b/source/common/http/http3/conn_pool.cc index 3f1fbcbe5c1a..0c361b7a4588 100644 --- a/source/common/http/http3/conn_pool.cc +++ b/source/common/http/http3/conn_pool.cc @@ -1,61 +1,58 @@ -#include "common/http/http3/conn_pool.h" +#include "source/common/http/http3/conn_pool.h" #include #include "envoy/event/dispatcher.h" #include "envoy/upstream/upstream.h" -#include "common/config/utility.h" -#include "common/http/http3/quic_client_connection_factory.h" -#include "common/http/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/runtime/runtime_features.h" - -#ifdef ENVOY_ENABLE_QUIC -#include "common/quic/client_connection_factory_impl.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_transport_socket_factory.h" -#else -#error "http3 conn pool should not be built with QUIC disabled" -#endif +#include "source/common/config/utility.h" +#include "source/common/http/http3/quic_client_connection_factory.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Http { namespace Http3 { -// Http3 subclass of FixedHttpConnPoolImpl which exists to store quic data. -class Http3ConnPoolImpl : public FixedHttpConnPoolImpl { -public: - Http3ConnPoolImpl(Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, - Event::Dispatcher& dispatcher, - const Network::ConnectionSocket::OptionsSharedPtr& options, - const Network::TransportSocketOptionsSharedPtr& transport_socket_options, - Random::RandomGenerator& random_generator, - Upstream::ClusterConnectivityState& state, CreateClientFn client_fn, - CreateCodecFn codec_fn, std::vector protocol, - TimeSource& time_source) - : FixedHttpConnPoolImpl(host, priority, dispatcher, options, transport_socket_options, - random_generator, state, client_fn, codec_fn, protocol) { - auto source_address = host_->cluster().sourceAddress(); - if (!source_address.get()) { - auto host_address = host->address(); - source_address = Network::Utility::getLocalAddress(host_address->ip()->version()); - } - Network::TransportSocketFactory& transport_socket_factory = host->transportSocketFactory(); - quic_info_ = std::make_unique( - dispatcher, transport_socket_factory, time_source, source_address); - Quic::configQuicInitialFlowControlWindow( - host_->cluster().http3Options().quic_protocol_options(), quic_info_->quic_config_); - } +void Http3ConnPoolImpl::setQuicConfigFromClusterConfig(const Upstream::ClusterInfo& cluster, + quic::QuicConfig& quic_config) { + quic::QuicTime::Delta crypto_timeout = + quic::QuicTime::Delta::FromMilliseconds(cluster.connectTimeout().count()); + quic_config.set_max_time_before_crypto_handshake(crypto_timeout); + int32_t max_streams = + cluster.http3Options().quic_protocol_options().max_concurrent_streams().value(); + quic_config.SetMaxBidirectionalStreamsToSend(max_streams); + quic_config.SetMaxUnidirectionalStreamsToSend(max_streams); + Quic::configQuicInitialFlowControlWindow(cluster.http3Options().quic_protocol_options(), + quic_config); +} - // Make sure all connections are torn down before quic_info_ is deleted. - ~Http3ConnPoolImpl() override { destructAllConnections(); } +Http3ConnPoolImpl::Http3ConnPoolImpl( + Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, + Event::Dispatcher& dispatcher, const Network::ConnectionSocket::OptionsSharedPtr& options, + const Network::TransportSocketOptionsSharedPtr& transport_socket_options, + Random::RandomGenerator& random_generator, Upstream::ClusterConnectivityState& state, + CreateClientFn client_fn, CreateCodecFn codec_fn, std::vector protocol, + TimeSource& time_source) + : FixedHttpConnPoolImpl(host, priority, dispatcher, options, transport_socket_options, + random_generator, state, client_fn, codec_fn, protocol) { + auto source_address = host_->cluster().sourceAddress(); + if (!source_address.get()) { + auto host_address = host->address(); + source_address = Network::Utility::getLocalAddress(host_address->ip()->version()); + } + Network::TransportSocketFactory& transport_socket_factory = host->transportSocketFactory(); + quic::QuicConfig quic_config; + setQuicConfigFromClusterConfig(host_->cluster(), quic_config); + quic_info_ = std::make_unique( + dispatcher, transport_socket_factory, time_source, source_address, quic_config, + host->cluster().perConnectionBufferLimitBytes()); +} - // Store quic helpers which can be shared between connections and must live - // beyond the lifetime of individual connections. - std::unique_ptr quic_info_; -}; +// Make sure all connections are torn down before quic_info_ is deleted. +Http3ConnPoolImpl::~Http3ConnPoolImpl() { destructAllConnections(); } ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, @@ -81,13 +78,13 @@ allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_ source_address = Network::Utility::getLocalAddress(host_address->ip()->version()); } data.connection_ = Quic::createQuicNetworkConnection( - *h3_pool->quic_info_, pool->dispatcher(), host_address, source_address); + h3_pool->quicInfo(), pool->dispatcher(), host_address, source_address); return std::make_unique(*pool, data); }, [](Upstream::Host::CreateConnectionData& data, HttpConnPoolImplBase* pool) { - CodecClientPtr codec{new CodecClientProd( - CodecClient::Type::HTTP3, std::move(data.connection_), data.host_description_, - pool->dispatcher(), pool->randomGenerator())}; + CodecClientPtr codec{new CodecClientProd(CodecType::HTTP3, std::move(data.connection_), + data.host_description_, pool->dispatcher(), + pool->randomGenerator())}; return codec; }, std::vector{Protocol::Http3}, time_source); diff --git a/source/common/http/http3/conn_pool.h b/source/common/http/http3/conn_pool.h index 6f3196253048..7ab19f1f4a66 100644 --- a/source/common/http/http3/conn_pool.h +++ b/source/common/http/http3/conn_pool.h @@ -4,8 +4,16 @@ #include "envoy/upstream/upstream.h" -#include "common/http/codec_client.h" -#include "common/http/conn_pool_base.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/conn_pool_base.h" + +#ifdef ENVOY_ENABLE_QUIC +#include "source/common/quic/client_connection_factory_impl.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_transport_socket_factory.h" +#else +#error "http3 conn pool should not be built with QUIC disabled" +#endif namespace Envoy { namespace Http { @@ -26,6 +34,33 @@ class ActiveClient : public MultiplexedActiveClientBase { data) {} }; +// Http3 subclass of FixedHttpConnPoolImpl which exists to store quic data. +class Http3ConnPoolImpl : public FixedHttpConnPoolImpl { +public: + Http3ConnPoolImpl(Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, + Event::Dispatcher& dispatcher, + const Network::ConnectionSocket::OptionsSharedPtr& options, + const Network::TransportSocketOptionsSharedPtr& transport_socket_options, + Random::RandomGenerator& random_generator, + Upstream::ClusterConnectivityState& state, CreateClientFn client_fn, + CreateCodecFn codec_fn, std::vector protocol, + TimeSource& time_source); + + ~Http3ConnPoolImpl() override; + + // Set relevant fields in quic_config based on the cluster configuration + // supplied in cluster. + static void setQuicConfigFromClusterConfig(const Upstream::ClusterInfo& cluster, + quic::QuicConfig& quic_config); + + Quic::PersistentQuicInfoImpl& quicInfo() { return *quic_info_; } + +private: + // Store quic helpers which can be shared between connections and must live + // beyond the lifetime of individual connections. + std::unique_ptr quic_info_; +}; + ConnectionPool::InstancePtr allocateConnPool(Event::Dispatcher& dispatcher, Random::RandomGenerator& random_generator, Upstream::HostConstSharedPtr host, Upstream::ResourcePriority priority, diff --git a/source/common/http/http3_status_tracker.cc b/source/common/http/http3_status_tracker.cc index 472d0672ed5b..1ace46923b66 100644 --- a/source/common/http/http3_status_tracker.cc +++ b/source/common/http/http3_status_tracker.cc @@ -1,4 +1,4 @@ -#include "common/http/http3_status_tracker.h" +#include "source/common/http/http3_status_tracker.h" namespace Envoy { namespace Http { diff --git a/source/common/http/legacy_path_canonicalizer.cc b/source/common/http/legacy_path_canonicalizer.cc index 920e81bef260..e1798b8ec80c 100644 --- a/source/common/http/legacy_path_canonicalizer.cc +++ b/source/common/http/legacy_path_canonicalizer.cc @@ -1,7 +1,7 @@ -#include "common/http/legacy_path_canonicalizer.h" +#include "source/common/http/legacy_path_canonicalizer.h" -#include "common/chromium_url/url_canon.h" -#include "common/chromium_url/url_canon_stdstring.h" +#include "source/common/chromium_url/url_canon.h" +#include "source/common/chromium_url/url_canon_stdstring.h" namespace Envoy { namespace Http { diff --git a/source/common/http/match_wrapper/BUILD b/source/common/http/match_wrapper/BUILD index 1350d3db39e0..6515bcffe786 100644 --- a/source/common/http/match_wrapper/BUILD +++ b/source/common/http/match_wrapper/BUILD @@ -13,10 +13,9 @@ envoy_cc_library( srcs = ["config.cc"], hdrs = ["config.h"], deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/matcher:matcher_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/common/matching/v3:pkg_cc_proto", ], diff --git a/source/common/http/match_wrapper/config.cc b/source/common/http/match_wrapper/config.cc index fe1bf7efd34f..5d9ecd2f1685 100644 --- a/source/common/http/match_wrapper/config.cc +++ b/source/common/http/match_wrapper/config.cc @@ -1,11 +1,11 @@ -#include "common/http/match_wrapper/config.h" +#include "source/common/http/match_wrapper/config.h" #include "envoy/http/filter.h" #include "envoy/matcher/matcher.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/matcher/matcher.h" +#include "source/common/config/utility.h" +#include "source/common/matcher/matcher.h" #include "absl/status/status.h" @@ -26,8 +26,9 @@ class MatchTreeValidationVisitor data_input_allowlist_ = requirements.data_input_allow_list().type_url(); } } - absl::Status performDataInputValidation(const Matcher::DataInput&, - absl::string_view type_url) override { + absl::Status + performDataInputValidation(const Matcher::DataInputFactory&, + absl::string_view type_url) override { if (!data_input_allowlist_) { return absl::OkStatus(); } @@ -113,7 +114,7 @@ Envoy::Http::FilterFactoryCb MatchWrapperConfig::createFilterFactoryFromProtoTyp } return [filter_factory, match_tree](Envoy::Http::FilterChainFactoryCallbacks& callbacks) -> void { - DelegatingFactoryCallbacks delegated_callbacks(callbacks, match_tree); + DelegatingFactoryCallbacks delegated_callbacks(callbacks, match_tree()); return filter_factory(delegated_callbacks); }; diff --git a/source/common/http/match_wrapper/config.h b/source/common/http/match_wrapper/config.h index c1417aaa6f24..e9ce2d3568c2 100644 --- a/source/common/http/match_wrapper/config.h +++ b/source/common/http/match_wrapper/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/common/matching/v3/extension_matcher.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Common { diff --git a/source/common/http/matching/BUILD b/source/common/http/matching/BUILD index 8b379453cbc6..87837d2e6ff3 100644 --- a/source/common/http/matching/BUILD +++ b/source/common/http/matching/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "data_impl_lib", hdrs = ["data_impl.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", ], ) @@ -22,8 +22,8 @@ envoy_cc_library( srcs = ["inputs.cc"], hdrs = ["inputs.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", "//source/common/http:header_utility_lib", "@envoy_api//envoy/type/matcher/v3:pkg_cc_proto", ], diff --git a/source/common/http/matching/inputs.cc b/source/common/http/matching/inputs.cc index a7874d440456..ed1afbfc30ab 100644 --- a/source/common/http/matching/inputs.cc +++ b/source/common/http/matching/inputs.cc @@ -1,4 +1,4 @@ -#include "common/http/matching/inputs.h" +#include "source/common/http/matching/inputs.h" #include "envoy/registry/registry.h" diff --git a/source/common/http/matching/inputs.h b/source/common/http/matching/inputs.h index bb69aa26b306..052308c5c547 100644 --- a/source/common/http/matching/inputs.h +++ b/source/common/http/matching/inputs.h @@ -6,7 +6,7 @@ #include "envoy/type/matcher/v3/http_inputs.pb.h" #include "envoy/type/matcher/v3/http_inputs.pb.validate.h" -#include "common/http/header_utility.h" +#include "source/common/http/header_utility.h" namespace Envoy { namespace Http { @@ -22,32 +22,25 @@ class HttpHeadersDataInputBase : public Matcher::DataInput { virtual absl::optional> headerMap(const HttpMatchingData& data) const PURE; - Matcher::DataInputGetResult get(const HttpMatchingData& data) override { + Matcher::DataInputGetResult get(const HttpMatchingData& data) const override { const auto maybe_headers = headerMap(data); if (!maybe_headers) { return {Matcher::DataInputGetResult::DataAvailability::NotAvailable, absl::nullopt}; } - auto header = maybe_headers->get().get(name_); - if (header.empty()) { - return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt}; - } + auto header_string = HeaderUtility::getAllOfHeaderAsString(maybe_headers->get(), name_, ","); - if (header_as_string_result_) { + if (header_string.result()) { return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, - header_as_string_result_->result()}; + std::string(header_string.result().value())}; } - header_as_string_result_ = HeaderUtility::getAllOfHeaderAsString(header, ","); - - return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, - header_as_string_result_->result()}; + return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt}; } private: const LowerCaseString name_; - absl::optional header_as_string_result_; }; /** @@ -60,13 +53,15 @@ class HttpHeadersDataInputFactoryBase : public Matcher::DataInputFactory - createDataInput(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) override { + Matcher::DataInputFactoryCb + createDataInputFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) override { const auto& typed_config = MessageUtil::downcastAndValidate( config, factory_context.messageValidationVisitor()); - return std::make_unique(typed_config.header_name()); + return [header_name = typed_config.header_name()] { + return std::make_unique(header_name); + }; }; ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique(); diff --git a/source/common/http/message_impl.h b/source/common/http/message_impl.h index d746227912fc..49ad140fd480 100644 --- a/source/common/http/message_impl.h +++ b/source/common/http/message_impl.h @@ -5,9 +5,9 @@ #include "envoy/http/header_map.h" #include "envoy/http/message.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/non_copyable.h" -#include "common/http/header_map_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/non_copyable.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Http { diff --git a/source/common/http/mixed_conn_pool.cc b/source/common/http/mixed_conn_pool.cc index 26322fb992e9..f9622d746a21 100644 --- a/source/common/http/mixed_conn_pool.cc +++ b/source/common/http/mixed_conn_pool.cc @@ -1,10 +1,10 @@ -#include "common/http/mixed_conn_pool.h" +#include "source/common/http/mixed_conn_pool.h" -#include "common/http/codec_client.h" -#include "common/http/http1/conn_pool.h" -#include "common/http/http2/conn_pool.h" -#include "common/http/utility.h" -#include "common/tcp/conn_pool.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/http1/conn_pool.h" +#include "source/common/http/http2/conn_pool.h" +#include "source/common/http/utility.h" +#include "source/common/tcp/conn_pool.h" namespace Envoy { namespace Http { @@ -16,8 +16,7 @@ Envoy::ConnectionPool::ActiveClientPtr HttpConnPoolImplMixed::instantiateActiveC CodecClientPtr HttpConnPoolImplMixed::createCodecClient(Upstream::Host::CreateConnectionData& data) { - auto protocol = - protocol_ == Protocol::Http11 ? CodecClient::Type::HTTP1 : CodecClient::Type::HTTP2; + auto protocol = protocol_ == Protocol::Http11 ? CodecType::HTTP1 : CodecType::HTTP2; CodecClientPtr codec{new CodecClientProd(protocol, std::move(data.connection_), data.host_description_, dispatcher_, random_generator_)}; return codec; diff --git a/source/common/http/mixed_conn_pool.h b/source/common/http/mixed_conn_pool.h index bdee838d7817..4528aeb6eacd 100644 --- a/source/common/http/mixed_conn_pool.h +++ b/source/common/http/mixed_conn_pool.h @@ -1,6 +1,6 @@ #pragma once -#include "common/http/conn_pool_base.h" +#include "source/common/http/conn_pool_base.h" namespace Envoy { namespace Http { diff --git a/source/common/http/path_utility.cc b/source/common/http/path_utility.cc index 3967520be305..4afc26cd6ed2 100644 --- a/source/common/http/path_utility.cc +++ b/source/common/http/path_utility.cc @@ -1,8 +1,8 @@ -#include "common/http/path_utility.h" +#include "source/common/http/path_utility.h" -#include "common/common/logger.h" -#include "common/http/legacy_path_canonicalizer.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/logger.h" +#include "source/common/http/legacy_path_canonicalizer.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" diff --git a/source/common/http/request_id_extension_impl.cc b/source/common/http/request_id_extension_impl.cc index 8798c5848413..482a32b60ee4 100644 --- a/source/common/http/request_id_extension_impl.cc +++ b/source/common/http/request_id_extension_impl.cc @@ -1,6 +1,6 @@ -#include "common/http/request_id_extension_impl.h" +#include "source/common/http/request_id_extension_impl.h" -#include "common/config/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Http { diff --git a/source/common/http/rest_api_fetcher.cc b/source/common/http/rest_api_fetcher.cc index af154ef89caf..cbcb6a99232c 100644 --- a/source/common/http/rest_api_fetcher.cc +++ b/source/common/http/rest_api_fetcher.cc @@ -1,13 +1,13 @@ -#include "common/http/rest_api_fetcher.h" +#include "source/common/http/rest_api_fetcher.h" #include #include #include -#include "common/common/enum_to_int.h" -#include "common/config/utility.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/config/utility.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Http { diff --git a/source/common/http/status.cc b/source/common/http/status.cc index 1204a9ac9e4f..a6eb3c92eb8f 100644 --- a/source/common/http/status.cc +++ b/source/common/http/status.cc @@ -1,6 +1,6 @@ -#include "common/http/status.h" +#include "source/common/http/status.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/str_cat.h" diff --git a/source/common/http/user_agent.cc b/source/common/http/user_agent.cc index 65c243aeae24..cf5e6746f778 100644 --- a/source/common/http/user_agent.cc +++ b/source/common/http/user_agent.cc @@ -1,4 +1,4 @@ -#include "common/http/user_agent.h" +#include "source/common/http/user_agent.h" #include #include @@ -8,9 +8,9 @@ #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" -#include "common/http/headers.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/http/headers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Http { diff --git a/source/common/http/user_agent.h b/source/common/http/user_agent.h index aa617f48c4e5..8cb482b556c3 100644 --- a/source/common/http/user_agent.h +++ b/source/common/http/user_agent.h @@ -10,7 +10,7 @@ #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Http { diff --git a/source/common/http/utility.cc b/source/common/http/utility.cc index 8075a7ba6e60..50d2123b5a83 100644 --- a/source/common/http/utility.cc +++ b/source/common/http/utility.cc @@ -1,4 +1,4 @@ -#include "common/http/utility.h" +#include "source/common/http/utility.h" #include @@ -10,20 +10,20 @@ #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/http/header_map.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/grpc/status.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/status.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" @@ -421,6 +421,13 @@ absl::string_view Utility::findQueryStringStart(const HeaderString& path) { return path_str; } +std::string Utility::stripQueryString(const HeaderString& path) { + absl::string_view path_str = path.getStringView(); + size_t query_offset = path_str.find('?'); + return std::string(path_str.data(), + query_offset != path_str.npos ? query_offset : path_str.size()); +} + std::string Utility::parseCookieValue(const HeaderMap& headers, const std::string& key) { return parseCookie(headers, key, Http::Headers::get().Cookie.get()); } @@ -778,7 +785,7 @@ void Utility::extractHostPathFromUri(const absl::string_view& uri, absl::string_ // Start position of the host const auto host_pos = (pos == std::string::npos) ? 0 : pos + 3; // Start position of the path - const auto path_pos = uri.find("/", host_pos); + const auto path_pos = uri.find('/', host_pos); if (path_pos == std::string::npos) { // If uri doesn't have "/", the whole string is treated as host. host = uri.substr(host_pos); @@ -840,6 +847,8 @@ const std::string Utility::resetReasonToString(const Http::StreamResetReason res return "remote error with CONNECT request"; case Http::StreamResetReason::ProtocolError: return "protocol error"; + case Http::StreamResetReason::OverloadManager: + return "overload manager reset"; } NOT_REACHED_GCOVR_EXCL_LINE; @@ -888,18 +897,6 @@ void Utility::transformUpgradeResponseFromH2toH1(ResponseHeaderMap& headers, } } -const Router::RouteSpecificFilterConfig* -Utility::resolveMostSpecificPerFilterConfigGeneric(const std::string& filter_name, - const Router::RouteConstSharedPtr& route) { - - const Router::RouteSpecificFilterConfig* maybe_filter_config{}; - traversePerFilterConfigGeneric( - filter_name, route, [&maybe_filter_config](const Router::RouteSpecificFilterConfig& cfg) { - maybe_filter_config = &cfg; - }); - return maybe_filter_config; -} - void Utility::traversePerFilterConfigGeneric( const std::string& filter_name, const Router::RouteConstSharedPtr& route, std::function cb) { diff --git a/source/common/http/utility.h b/source/common/http/utility.h index b05ff1b0b510..a035fcafafd9 100644 --- a/source/common/http/utility.h +++ b/source/common/http/utility.h @@ -13,8 +13,8 @@ #include "envoy/http/metadata_interface.h" #include "envoy/http/query_params.h" -#include "common/http/exception.h" -#include "common/http/status.h" +#include "source/common/http/exception.h" +#include "source/common/http/status.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" @@ -240,6 +240,13 @@ QueryParams parseParameters(absl::string_view data, size_t start, bool decode_pa */ absl::string_view findQueryStringStart(const HeaderString& path); +/** + * Returns the path without the query string. + * @param path supplies a HeaderString& possibly containing a query string. + * @return std::string the path without query string. + */ +std::string stripQueryString(const HeaderString& path); + /** * Parse a particular value out of a cookie * @param headers supplies the headers to get the cookie from. @@ -487,9 +494,10 @@ const ConfigType* resolveMostSpecificPerFilterConfig(const std::string& filter_n const Router::RouteConstSharedPtr& route) { static_assert(std::is_base_of::value, "ConfigType must be a subclass of Router::RouteSpecificFilterConfig"); - const Router::RouteSpecificFilterConfig* generic_config = - resolveMostSpecificPerFilterConfigGeneric(filter_name, route); - return dynamic_cast(generic_config); + if (!route || !route->routeEntry()) { + return nullptr; + } + return route->routeEntry()->mostSpecificPerFilterConfigTyped(filter_name); } /** diff --git a/source/common/init/BUILD b/source/common/init/BUILD index 5b75ca4a8285..7df56e667b4b 100644 --- a/source/common/init/BUILD +++ b/source/common/init/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["watcher_impl.cc"], hdrs = ["watcher_impl.h"], deps = [ - "//include/envoy/init:watcher_interface", + "//envoy/init:watcher_interface", "//source/common/common:logger_lib", ], ) @@ -23,7 +23,7 @@ envoy_cc_library( srcs = ["target_impl.cc"], hdrs = ["target_impl.h"], deps = [ - "//include/envoy/init:target_interface", + "//envoy/init:target_interface", "//source/common/common:logger_lib", ], ) @@ -34,7 +34,7 @@ envoy_cc_library( hdrs = ["manager_impl.h"], deps = [ ":watcher_lib", - "//include/envoy/init:manager_interface", + "//envoy/init:manager_interface", "//source/common/common:logger_lib", ], ) diff --git a/source/common/init/manager_impl.cc b/source/common/init/manager_impl.cc index f0452170d778..4ffbf75a2b1b 100644 --- a/source/common/init/manager_impl.cc +++ b/source/common/init/manager_impl.cc @@ -1,9 +1,9 @@ -#include "common/init/manager_impl.h" +#include "source/common/init/manager_impl.h" #include -#include "common/common/assert.h" -#include "common/init/watcher_impl.h" +#include "source/common/common/assert.h" +#include "source/common/init/watcher_impl.h" namespace Envoy { namespace Init { diff --git a/source/common/init/manager_impl.h b/source/common/init/manager_impl.h index 4bba5b344659..85d901cd56a6 100644 --- a/source/common/init/manager_impl.h +++ b/source/common/init/manager_impl.h @@ -4,8 +4,8 @@ #include "envoy/init/manager.h" -#include "common/common/logger.h" -#include "common/init/watcher_impl.h" +#include "source/common/common/logger.h" +#include "source/common/init/watcher_impl.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/init/target_impl.cc b/source/common/init/target_impl.cc index 4e3fda44b6a0..1c8ddfdea5ce 100644 --- a/source/common/init/target_impl.cc +++ b/source/common/init/target_impl.cc @@ -1,4 +1,4 @@ -#include "common/init/target_impl.h" +#include "source/common/init/target_impl.h" namespace Envoy { namespace Init { diff --git a/source/common/init/target_impl.h b/source/common/init/target_impl.h index 9cc0bac76c11..72bde7f8d32a 100644 --- a/source/common/init/target_impl.h +++ b/source/common/init/target_impl.h @@ -4,7 +4,7 @@ #include "envoy/init/target.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Init { diff --git a/source/common/init/watcher_impl.cc b/source/common/init/watcher_impl.cc index 50b792bdcbbe..de17f7c1b5dc 100644 --- a/source/common/init/watcher_impl.cc +++ b/source/common/init/watcher_impl.cc @@ -1,4 +1,4 @@ -#include "common/init/watcher_impl.h" +#include "source/common/init/watcher_impl.h" namespace Envoy { namespace Init { diff --git a/source/common/init/watcher_impl.h b/source/common/init/watcher_impl.h index fb41d8c0400a..10ff51ee83b5 100644 --- a/source/common/init/watcher_impl.h +++ b/source/common/init/watcher_impl.h @@ -4,7 +4,7 @@ #include "envoy/init/watcher.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Init { diff --git a/source/common/json/BUILD b/source/common/json/BUILD index 4cc634bc0d69..23060918cb52 100644 --- a/source/common/json/BUILD +++ b/source/common/json/BUILD @@ -16,7 +16,7 @@ envoy_cc_library( "rapidjson", ], deps = [ - "//include/envoy/json:json_object_interface", + "//envoy/json:json_object_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:utility_lib", @@ -32,7 +32,7 @@ envoy_cc_library( "json", ], deps = [ - "//include/envoy/json:json_object_interface", + "//envoy/json:json_object_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:utility_lib", @@ -47,7 +47,7 @@ envoy_cc_library( deps = [ ":json_internal_legacy_lib", ":json_internal_lib", - "//include/envoy/json:json_object_interface", + "//envoy/json:json_object_interface", "//source/common/runtime:runtime_features_lib", ], ) diff --git a/source/common/json/json_internal.cc b/source/common/json/json_internal.cc index d26c62d1e163..ce6138d870ad 100644 --- a/source/common/json/json_internal.cc +++ b/source/common/json/json_internal.cc @@ -1,4 +1,4 @@ -#include "common/json/json_internal.h" +#include "source/common/json/json_internal.h" #include #include @@ -9,11 +9,11 @@ #include #include -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/hash.h" -#include "common/common/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hash.h" +#include "source/common/common/utility.h" +#include "source/common/protobuf/utility.h" // Do not let nlohmann/json leak outside of this file. #include "include/nlohmann/json.hpp" @@ -209,7 +209,7 @@ class ObjectHandler : public nlohmann::json_sax { "documentation in case error string changed."); } else { // Extract portion after ": " to get error string. - error_ = error.substr(end + 2); + error_ = std::string(error.substr(end + 2)); // Extract position information if present. auto start = error.find("at "); if (start != std::string::npos && (start + 3) < end) { diff --git a/source/common/json/json_internal_legacy.cc b/source/common/json/json_internal_legacy.cc index c323cf75810c..d77fd773122b 100644 --- a/source/common/json/json_internal_legacy.cc +++ b/source/common/json/json_internal_legacy.cc @@ -1,4 +1,4 @@ -#include "common/json/json_internal_legacy.h" +#include "source/common/json/json_internal_legacy.h" #include #include @@ -9,11 +9,11 @@ #include #include -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/hash.h" -#include "common/common/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hash.h" +#include "source/common/common/utility.h" +#include "source/common/protobuf/utility.h" // Do not let RapidJson leak outside of this file. #include "rapidjson/document.h" diff --git a/source/common/json/json_loader.cc b/source/common/json/json_loader.cc index 0e4f3669a1b8..2bef4c314be2 100644 --- a/source/common/json/json_loader.cc +++ b/source/common/json/json_loader.cc @@ -1,8 +1,8 @@ -#include "common/json/json_loader.h" +#include "source/common/json/json_loader.h" -#include "common/json/json_internal.h" -#include "common/json/json_internal_legacy.h" -#include "common/runtime/runtime_features.h" +#include "source/common/json/json_internal.h" +#include "source/common/json/json_internal_legacy.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Json { diff --git a/source/common/local_info/BUILD b/source/common/local_info/BUILD index 47c3b542d5bb..254710601695 100644 --- a/source/common/local_info/BUILD +++ b/source/common/local_info/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "local_info_lib", hdrs = ["local_info_impl.h"], deps = [ - "//include/envoy/local_info:local_info_interface", + "//envoy/local_info:local_info_interface", "//source/common/config:context_provider_lib", "//source/common/config:version_converter_lib", "//source/common/stats:symbol_table_lib", diff --git a/source/common/local_info/local_info_impl.h b/source/common/local_info/local_info_impl.h index 629d5eaff0e0..6280d782088c 100644 --- a/source/common/local_info/local_info_impl.h +++ b/source/common/local_info/local_info_impl.h @@ -5,9 +5,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/local_info/local_info.h" -#include "common/config/context_provider_impl.h" -#include "common/config/version_converter.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/config/context_provider_impl.h" +#include "source/common/config/version_converter.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace LocalInfo { @@ -55,8 +55,9 @@ class LocalInfoImpl : public LocalInfo { zone_stat_name_(zone_stat_name_storage_.statName()), dynamic_update_callback_handle_(context_provider_.addDynamicContextUpdateCallback( [this](absl::string_view resource_type_url) { - (*node_.mutable_dynamic_parameters())[resource_type_url].CopyFrom( - context_provider_.dynamicContext(resource_type_url)); + (*node_.mutable_dynamic_parameters()) + [toStdStringView(resource_type_url)] // NOLINT(std::string_view) + .CopyFrom(context_provider_.dynamicContext(resource_type_url)); })) {} Network::Address::InstanceConstSharedPtr address() const override { return address_; } diff --git a/source/common/local_reply/BUILD b/source/common/local_reply/BUILD index a01895c3bebc..4976d7c19ab5 100644 --- a/source/common/local_reply/BUILD +++ b/source/common/local_reply/BUILD @@ -13,11 +13,11 @@ envoy_cc_library( srcs = ["local_reply.cc"], hdrs = ["local_reply.h"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/api:api_interface", + "//envoy/http:codes_interface", + "//envoy/http:header_map_interface", + "//envoy/server:filter_config_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/access_log:access_log_lib", "//source/common/common:enum_to_int", "//source/common/config:datasource_lib", diff --git a/source/common/local_reply/local_reply.cc b/source/common/local_reply/local_reply.cc index 753003f223b3..0f8b2db58867 100644 --- a/source/common/local_reply/local_reply.cc +++ b/source/common/local_reply/local_reply.cc @@ -1,17 +1,17 @@ -#include "common/local_reply/local_reply.h" +#include "source/common/local_reply/local_reply.h" #include #include #include "envoy/api/api.h" -#include "common/access_log/access_log_impl.h" -#include "common/common/enum_to_int.h" -#include "common/config/datasource.h" -#include "common/formatter/substitution_format_string.h" -#include "common/formatter/substitution_formatter.h" -#include "common/http/header_map_impl.h" -#include "common/router/header_parser.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/config/datasource.h" +#include "source/common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/header_parser.h" namespace Envoy { namespace LocalReply { @@ -22,8 +22,9 @@ class BodyFormatter { : formatter_(std::make_unique("%LOCAL_REPLY_BODY%")), content_type_(Http::Headers::get().ContentTypeValues.Text) {} - BodyFormatter(const envoy::config::core::v3::SubstitutionFormatString& config, Api::Api& api) - : formatter_(Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, api)), + BodyFormatter(const envoy::config::core::v3::SubstitutionFormatString& config, + Server::Configuration::CommonFactoryContext& context) + : formatter_(Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config, context)), content_type_( !config.content_type().empty() ? config.content_type() : config.format_case() == @@ -66,8 +67,7 @@ class ResponseMapper { } if (config.has_body_format_override()) { - body_formatter_ = - std::make_unique(config.body_format_override(), context.api()); + body_formatter_ = std::make_unique(config.body_format_override(), context); } header_parser_ = Envoy::Router::HeaderParser::configure(config.headers_to_add()); @@ -120,7 +120,7 @@ class LocalReplyImpl : public LocalReply { config, Server::Configuration::FactoryContext& context) : body_formatter_(config.has_body_format() - ? std::make_unique(config.body_format(), context.api()) + ? std::make_unique(config.body_format(), context) : std::make_unique()) { for (const auto& mapper : config.mappers()) { mappers_.emplace_back(std::make_unique(mapper, context)); diff --git a/source/common/local_reply/local_reply.h b/source/common/local_reply/local_reply.h index 5db93caa07fd..23294df76a25 100644 --- a/source/common/local_reply/local_reply.h +++ b/source/common/local_reply/local_reply.h @@ -5,7 +5,7 @@ #include "envoy/http/header_map.h" #include "envoy/server/filter_config.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/stream_info/stream_info_impl.h" namespace Envoy { namespace LocalReply { diff --git a/source/common/matcher/BUILD b/source/common/matcher/BUILD index 98fe3f15b0ce..303c889ef82b 100644 --- a/source/common/matcher/BUILD +++ b/source/common/matcher/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "exact_map_matcher_lib", hdrs = ["exact_map_matcher.h"], deps = [ - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", ], ) @@ -20,7 +20,7 @@ envoy_cc_library( name = "value_input_matcher_lib", hdrs = ["value_input_matcher.h"], deps = [ - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", "//source/common/common:matchers_lib", ], ) @@ -29,7 +29,7 @@ envoy_cc_library( name = "validation_visitor_lib", hdrs = ["validation_visitor.h"], deps = [ - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", ], ) @@ -38,7 +38,7 @@ envoy_cc_library( hdrs = ["list_matcher.h"], deps = [ ":field_matcher_lib", - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", ], ) @@ -46,7 +46,7 @@ envoy_cc_library( name = "field_matcher_lib", hdrs = ["field_matcher.h"], deps = [ - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", ], ) @@ -60,8 +60,8 @@ envoy_cc_library( ":list_matcher_lib", ":validation_visitor_lib", ":value_input_matcher_lib", - "//include/envoy/config:typed_config_interface", - "//include/envoy/matcher:matcher_interface", + "//envoy/config:typed_config_interface", + "//envoy/matcher:matcher_interface", "//source/common/config:utility_lib", "@envoy_api//envoy/config/common/matcher/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", diff --git a/source/common/matcher/list_matcher.h b/source/common/matcher/list_matcher.h index 94b9b9274f77..336446160a3e 100644 --- a/source/common/matcher/list_matcher.h +++ b/source/common/matcher/list_matcher.h @@ -2,7 +2,7 @@ #include "envoy/matcher/matcher.h" -#include "common/matcher/field_matcher.h" +#include "source/common/matcher/field_matcher.h" namespace Envoy { namespace Matcher { diff --git a/source/common/matcher/matcher.cc b/source/common/matcher/matcher.cc index e784c8f02496..ea7215a3fcf6 100644 --- a/source/common/matcher/matcher.cc +++ b/source/common/matcher/matcher.cc @@ -1,6 +1,6 @@ -#include "common/matcher/matcher.h" +#include "source/common/matcher/matcher.h" -#include "common/common/assert.h" -#include "common/config/utility.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" namespace Envoy {} diff --git a/source/common/matcher/matcher.h b/source/common/matcher/matcher.h index 511e844287e9..376e48606057 100644 --- a/source/common/matcher/matcher.h +++ b/source/common/matcher/matcher.h @@ -1,5 +1,6 @@ #pragma once +#include #include #include @@ -8,13 +9,13 @@ #include "envoy/config/typed_config.h" #include "envoy/matcher/matcher.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/matcher/exact_map_matcher.h" -#include "common/matcher/field_matcher.h" -#include "common/matcher/list_matcher.h" -#include "common/matcher/validation_visitor.h" -#include "common/matcher/value_input_matcher.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/matcher/exact_map_matcher.h" +#include "source/common/matcher/field_matcher.h" +#include "source/common/matcher/list_matcher.h" +#include "source/common/matcher/validation_visitor.h" +#include "source/common/matcher/value_input_matcher.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" @@ -57,6 +58,12 @@ static inline MaybeMatchResult evaluateMatch(MatchTree& match_tree, return MaybeMatchResult{result.on_match_->action_cb_(), MatchState::MatchComplete}; } +template using FieldMatcherFactoryCb = std::function()>; +template +using MatchTreeFactoryCb = std::function>()>; +template using OnMatchFactoryCb = std::function()>; +template using DataInputFactoryCb = std::function()>; + /** * Recursively constructs a MatchTree from a protobuf configuration. */ @@ -68,7 +75,7 @@ template class MatchTreeFactory { : stats_prefix_(stats_prefix), factory_context_(factory_context), validation_visitor_(validation_visitor) {} - MatchTreeSharedPtr create(const envoy::config::common::matcher::v3::Matcher& config) { + MatchTreeFactoryCb create(const envoy::config::common::matcher::v3::Matcher& config) { switch (config.matcher_type_case()) { case envoy::config::common::matcher::v3::Matcher::kMatcherTree: return createTreeMatcher(config); @@ -81,65 +88,102 @@ template class MatchTreeFactory { } private: - MatchTreeSharedPtr + MatchTreeFactoryCb createListMatcher(const envoy::config::common::matcher::v3::Matcher& config) { - auto list_matcher = - std::make_shared>(createOnMatch(config.on_no_match())); - + std::vector, OnMatchFactoryCb>> + matcher_factories; + matcher_factories.reserve(config.matcher_list().matchers().size()); for (const auto& matcher : config.matcher_list().matchers()) { - list_matcher->addMatcher(createFieldMatcher(matcher.predicate()), - *createOnMatch(matcher.on_match())); + matcher_factories.push_back(std::make_pair(createFieldMatcher(matcher.predicate()), + *createOnMatch(matcher.on_match()))); } - return list_matcher; - } + auto on_no_match = createOnMatch(config.on_no_match()); - FieldMatcherPtr createFieldMatcher( - const envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate& field_predicate) { - switch (field_predicate.match_type_case()) { - case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kSinglePredicate): - - return std::make_unique>( - createDataInput(field_predicate.single_predicate().input()), - createInputMatcher(field_predicate.single_predicate())); - case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kOrMatcher): { - std::vector> sub_matchers; - for (const auto& predicate : field_predicate.or_matcher().predicate()) { - sub_matchers.emplace_back(createFieldMatcher(predicate)); + return [matcher_factories, on_no_match]() { + auto list_matcher = std::make_unique>( + on_no_match ? absl::make_optional((*on_no_match)()) : absl::nullopt); + + for (const auto& matcher : matcher_factories) { + list_matcher->addMatcher(matcher.first(), matcher.second()); } - return std::make_unique>(std::move(sub_matchers)); + return list_matcher; + }; + } + + template + FieldMatcherFactoryCb createAggregateFieldMatcherFactoryCb( + const Protobuf::RepeatedPtrField< + envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate>& predicates) { + std::vector> sub_matchers; + for (const auto& predicate : predicates) { + sub_matchers.emplace_back(createFieldMatcher(predicate)); } - case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kAndMatcher): { - std::vector> sub_matchers; - for (const auto& predicate : field_predicate.and_matcher().predicate()) { - sub_matchers.emplace_back(createFieldMatcher(predicate)); + + return [sub_matchers]() { + std::vector> matchers; + matchers.reserve(sub_matchers.size()); + for (const auto& factory_cb : sub_matchers) { + matchers.emplace_back(factory_cb()); } - return std::make_unique>(std::move(sub_matchers)); + return std::make_unique(std::move(matchers)); + }; + } + + FieldMatcherFactoryCb createFieldMatcher( + const envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate& field_predicate) { + switch (field_predicate.match_type_case()) { + case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kSinglePredicate): { + auto data_input = createDataInput(field_predicate.single_predicate().input()); + auto input_matcher = createInputMatcher(field_predicate.single_predicate()); + + return [data_input, input_matcher]() { + return std::make_unique>(data_input(), input_matcher()); + }; } + case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kOrMatcher): + return createAggregateFieldMatcherFactoryCb>( + field_predicate.or_matcher().predicate()); + case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kAndMatcher): + return createAggregateFieldMatcherFactoryCb>( + field_predicate.and_matcher().predicate()); case (envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::kNotMatcher): { - return std::make_unique>( - createFieldMatcher(field_predicate.not_matcher())); + auto matcher_factory = createFieldMatcher(field_predicate.not_matcher()); + + return [matcher_factory]() { + return std::make_unique>(matcher_factory()); + }; } default: NOT_REACHED_GCOVR_EXCL_LINE; } } - MatchTreeSharedPtr + MatchTreeFactoryCb createTreeMatcher(const envoy::config::common::matcher::v3::Matcher& matcher) { switch (matcher.matcher_tree().tree_type_case()) { case envoy::config::common::matcher::v3::Matcher_MatcherTree::kExactMatchMap: { - auto multimap_matcher = std::make_shared>( - createDataInput(matcher.matcher_tree().input()), createOnMatch(matcher.on_no_match())); + std::vector>> match_children; + match_children.reserve(matcher.matcher_tree().exact_match_map().map().size()); for (const auto& children : matcher.matcher_tree().exact_match_map().map()) { - multimap_matcher->addChild(children.first, - *MatchTreeFactory::createOnMatch(children.second)); + match_children.push_back( + std::make_pair(children.first, *MatchTreeFactory::createOnMatch(children.second))); } - return multimap_matcher; + auto data_input = createDataInput(matcher.matcher_tree().input()); + auto on_no_match = createOnMatch(matcher.on_no_match()); + + return [match_children, data_input, on_no_match]() { + auto multimap_matcher = std::make_unique>( + data_input(), on_no_match ? absl::make_optional((*on_no_match)()) : absl::nullopt); + for (const auto& children : match_children) { + multimap_matcher->addChild(children.first, children.second()); + } + return multimap_matcher; + }; } case envoy::config::common::matcher::v3::Matcher_MatcherTree::kPrefixMatchMap: NOT_IMPLEMENTED_GCOVR_EXCL_LINE; @@ -149,16 +193,20 @@ template class MatchTreeFactory { NOT_REACHED_GCOVR_EXCL_LINE; } } - absl::optional> + absl::optional> createOnMatch(const envoy::config::common::matcher::v3::Matcher::OnMatch& on_match) { if (on_match.has_matcher()) { - return OnMatch{{}, create(on_match.matcher())}; + return [matcher_factory = create(on_match.matcher())]() { + return OnMatch{{}, matcher_factory()}; + }; } else if (on_match.has_action()) { auto& factory = Config::Utility::getAndCheckFactory(on_match.action()); ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( on_match.action().typed_config(), factory_context_.messageValidationVisitor(), factory); - return OnMatch{ - factory.createActionFactoryCb(*message, stats_prefix_, factory_context_), {}}; + + auto action_factory = + factory.createActionFactoryCb(*message, stats_prefix_, factory_context_); + return [action_factory] { return OnMatch{action_factory, {}}; }; } return absl::nullopt; @@ -170,7 +218,7 @@ template class MatchTreeFactory { explicit CommonProtocolInputWrapper(CommonProtocolInputPtr&& common_protocol_input) : common_protocol_input_(std::move(common_protocol_input)) {} - DataInputGetResult get(const DataType&) override { + DataInputGetResult get(const DataType&) const override { return DataInputGetResult{DataInputGetResult::DataAvailability::AllDataAvailable, common_protocol_input_->get()}; } @@ -179,14 +227,15 @@ template class MatchTreeFactory { const CommonProtocolInputPtr common_protocol_input_; }; - DataInputPtr + DataInputFactoryCb createDataInput(const envoy::config::core::v3::TypedExtensionConfig& config) { auto* factory = Config::Utility::getFactory>(config); if (factory != nullptr) { + validation_visitor_.validateDataInput(*factory, config.typed_config().type_url()); + ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( config.typed_config(), factory_context_.messageValidationVisitor(), *factory); - auto data_input = factory->createDataInput(*message, factory_context_); - validation_visitor_.validateDataInput(*data_input, config.typed_config().type_url()); + auto data_input = factory->createDataInputFactoryCb(*message, factory_context_); return data_input; } @@ -196,17 +245,21 @@ template class MatchTreeFactory { Config::Utility::getAndCheckFactory(config); ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( config.typed_config(), factory_context_.messageValidationVisitor(), common_input_factory); - return std::make_unique( - common_input_factory.createCommonProtocolInput(*message, factory_context_)); + auto common_input = + common_input_factory.createCommonProtocolInputFactoryCb(*message, factory_context_); + return + [common_input]() { return std::make_unique(common_input()); }; } - InputMatcherPtr createInputMatcher( + InputMatcherFactoryCb createInputMatcher( const envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::SinglePredicate& predicate) { switch (predicate.matcher_case()) { case envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::SinglePredicate:: kValueMatch: - return std::make_unique(predicate.value_match()); + return [value_match = predicate.value_match()]() { + return std::make_unique(value_match); + }; case envoy::config::common::matcher::v3::Matcher::MatcherList::Predicate::SinglePredicate:: kCustomMatch: { auto& factory = @@ -214,7 +267,7 @@ template class MatchTreeFactory { ProtobufTypes::MessagePtr message = Config::Utility::translateAnyToFactoryConfig( predicate.custom_match().typed_config(), factory_context_.messageValidationVisitor(), factory); - return factory.createInputMatcher(*message, factory_context_); + return factory.createInputMatcherFactoryCb(*message, factory_context_); } default: NOT_REACHED_GCOVR_EXCL_LINE; diff --git a/source/common/matcher/validation_visitor.h b/source/common/matcher/validation_visitor.h index 188244173ec6..d36b5714a5c7 100644 --- a/source/common/matcher/validation_visitor.h +++ b/source/common/matcher/validation_visitor.h @@ -21,7 +21,7 @@ template class MatchTreeValidationVisitor { virtual ~MatchTreeValidationVisitor() = default; // Validates a single DataInput its type_url. - void validateDataInput(const DataInput& data_input, absl::string_view type_url) { + void validateDataInput(const DataInputFactory& data_input, absl::string_view type_url) { auto status = performDataInputValidation(data_input, type_url); if (!status.ok()) { @@ -34,7 +34,7 @@ template class MatchTreeValidationVisitor { protected: // Implementations would subclass this to specify the validation logic for data inputs, // returning a helpful error message if validation fails. - virtual absl::Status performDataInputValidation(const DataInput& data_input, + virtual absl::Status performDataInputValidation(const DataInputFactory& data_input, absl::string_view type_url) PURE; private: diff --git a/source/common/matcher/value_input_matcher.h b/source/common/matcher/value_input_matcher.h index acbfded9cd7e..e381f393550c 100644 --- a/source/common/matcher/value_input_matcher.h +++ b/source/common/matcher/value_input_matcher.h @@ -2,7 +2,7 @@ #include "envoy/matcher/matcher.h" -#include "common/common/matchers.h" +#include "source/common/common/matchers.h" namespace Envoy { namespace Matcher { diff --git a/source/common/memory/BUILD b/source/common/memory/BUILD index 1fe67e534e49..e6e528c96000 100644 --- a/source/common/memory/BUILD +++ b/source/common/memory/BUILD @@ -34,9 +34,9 @@ envoy_cc_library( hdrs = ["heap_shrinker.h"], deps = [ ":utils_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/stats:stats_interface", + "//envoy/event:dispatcher_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", ], ) diff --git a/source/common/memory/heap_shrinker.cc b/source/common/memory/heap_shrinker.cc index 5df99c8b42d0..4cc3ea7c5131 100644 --- a/source/common/memory/heap_shrinker.cc +++ b/source/common/memory/heap_shrinker.cc @@ -1,7 +1,7 @@ -#include "common/memory/heap_shrinker.h" +#include "source/common/memory/heap_shrinker.h" -#include "common/memory/utils.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/memory/utils.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/strings/str_cat.h" diff --git a/source/common/memory/stats.cc b/source/common/memory/stats.cc index 5b4e97261a4c..3c3abb00aae4 100644 --- a/source/common/memory/stats.cc +++ b/source/common/memory/stats.cc @@ -1,8 +1,8 @@ -#include "common/memory/stats.h" +#include "source/common/memory/stats.h" #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" #if defined(TCMALLOC) diff --git a/source/common/memory/utils.cc b/source/common/memory/utils.cc index c6ac4f6c5fe8..f8b19d92e350 100644 --- a/source/common/memory/utils.cc +++ b/source/common/memory/utils.cc @@ -1,7 +1,7 @@ -#include "common/memory/utils.h" +#include "source/common/memory/utils.h" -#include "common/common/assert.h" -#include "common/memory/stats.h" +#include "source/common/common/assert.h" +#include "source/common/memory/stats.h" #if defined(TCMALLOC) #include "tcmalloc/malloc_extension.h" diff --git a/source/common/network/BUILD b/source/common/network/BUILD index 4991af1ad899..529e25ad6c05 100644 --- a/source/common/network/BUILD +++ b/source/common/network/BUILD @@ -14,10 +14,12 @@ envoy_cc_library( hdrs = ["address_impl.h"], deps = [ ":socket_interface_lib", - "//include/envoy/network:address_interface", + "//envoy/network:address_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:safe_memcpy_lib", + "//source/common/common:statusor_lib", + "//source/common/common:thread_lib", "//source/common/common:utility_lib", ], ) @@ -27,7 +29,7 @@ envoy_cc_library( srcs = ["application_protocol.cc"], hdrs = ["application_protocol.h"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) @@ -39,7 +41,7 @@ envoy_cc_library( deps = [ ":address_lib", ":utility_lib", - "//include/envoy/network:address_interface", + "//envoy/network:address_interface", "//source/common/common:assert_lib", "//source/common/common:safe_memcpy_lib", "//source/common/common:utility_lib", @@ -52,7 +54,7 @@ envoy_cc_library( srcs = ["connection_balancer_impl.cc"], hdrs = ["connection_balancer_impl.h"], deps = [ - "//include/envoy/network:connection_balancer_interface", + "//envoy/network:connection_balancer_interface", ], ) @@ -62,8 +64,8 @@ envoy_cc_library( hdrs = ["connection_impl_base.h"], deps = [ ":filter_manager_lib", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/common:scope_tracker_interface", + "//envoy/event:dispatcher_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", ], @@ -79,10 +81,10 @@ envoy_cc_library( ":connection_base_lib", ":raw_buffer_socket_lib", ":utility_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/server/overload:thread_local_overload_state", + "//envoy/event:timer_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/server/overload:thread_local_overload_state", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", @@ -109,10 +111,10 @@ envoy_cc_library( deps = [ ":address_lib", ":utility_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:dns_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/event:timer_interface", + "//envoy/network:dns_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:linked_object", @@ -128,9 +130,9 @@ envoy_cc_library( deps = [ ":address_lib", ":utility_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/network:dns_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/network:dns_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", ], @@ -140,7 +142,7 @@ envoy_cc_library( name = "filter_lib", hdrs = ["filter_impl.h"], deps = [ - "//include/envoy/network:filter_interface", + "//envoy/network:filter_interface", ], ) @@ -149,8 +151,8 @@ envoy_cc_library( srcs = ["filter_manager_impl.cc"], hdrs = ["filter_manager_impl.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:linked_object", ], @@ -161,7 +163,7 @@ envoy_cc_library( srcs = ["hash_policy.cc"], hdrs = ["hash_policy.h"], deps = [ - "//include/envoy/network:hash_policy_interface", + "//envoy/network:hash_policy_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "@envoy_api//envoy/type/v3:pkg_cc_proto", @@ -173,7 +175,7 @@ envoy_cc_library( srcs = ["io_socket_error_impl.cc"], hdrs = ["io_socket_error_impl.h"], deps = [ - "//include/envoy/api:io_error_interface", + "//envoy/api:io_error_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", ], @@ -198,10 +200,10 @@ envoy_cc_library( name = "socket_interface_lib", hdrs = ["socket_interface.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/network:socket_interface_interface", - "//include/envoy/registry", - "//include/envoy/server:bootstrap_extension_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/network:socket_interface_interface", + "//envoy/registry", + "//envoy/server:bootstrap_extension_config_interface", ], ) @@ -220,8 +222,8 @@ envoy_cc_library( ":io_socket_error_lib", ":socket_interface_lib", ":socket_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:io_handle_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:io_handle_interface", "//source/common/api:os_sys_calls_lib", "//source/common/event:dispatcher_includes", "@envoy_api//envoy/extensions/network/socket_interface/v3:pkg_cc_proto", @@ -233,8 +235,8 @@ envoy_cc_library( srcs = ["socket_impl.cc"], hdrs = ["socket_impl.h"], deps = [ - "//include/envoy/network:socket_interface", - "//include/envoy/network:socket_interface_interface", + "//envoy/network:socket_interface", + "//envoy/network:socket_interface_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", @@ -249,8 +251,8 @@ envoy_cc_library( deps = [ ":socket_lib", ":utility_lib", - "//include/envoy/network:exception_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:exception_interface", + "//envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -272,13 +274,13 @@ envoy_cc_library( ":address_lib", ":default_socket_interface_lib", ":listen_socket_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/network:exception_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/network:exception_interface", + "//envoy/network:listener_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -294,8 +296,8 @@ envoy_cc_library( hdrs = ["raw_buffer_socket.h"], deps = [ ":utility_lib", - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:headers_lib", @@ -308,9 +310,9 @@ envoy_cc_library( hdrs = ["resolver_impl.h"], deps = [ ":utility_lib", - "//include/envoy/network:address_interface", - "//include/envoy/network:resolver_interface", - "//include/envoy/registry", + "//envoy/network:address_interface", + "//envoy/network:resolver_interface", + "//envoy/registry", "//source/common/config:well_known_names", "//source/common/network:address_lib", "//source/common/protobuf", @@ -326,8 +328,8 @@ envoy_cc_library( deps = [ ":address_lib", ":listen_socket_lib", - "//include/envoy/api:os_sys_calls_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/api:os_sys_calls_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -345,7 +347,7 @@ envoy_cc_library( ":address_lib", ":socket_lib", ":socket_option_lib", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:logger_lib", @@ -361,7 +363,7 @@ envoy_cc_library( ":address_lib", ":socket_lib", ":socket_option_lib", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:logger_lib", @@ -380,7 +382,7 @@ envoy_cc_library( ":address_lib", ":socket_option_lib", ":win32_redirect_records_option_lib", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:listen_socket_interface", "//source/common/common:logger_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -394,9 +396,9 @@ envoy_cc_library( ":address_lib", ":default_socket_interface_lib", ":socket_lib", - "//include/envoy/network:connection_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/stats:stats_interface", + "//envoy/network:connection_interface", + "//envoy/network:listener_interface", + "//envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", @@ -416,9 +418,9 @@ envoy_cc_library( ":proxy_protocol_filter_state_lib", ":upstream_server_name_lib", ":upstream_subject_alt_names_lib", - "//include/envoy/network:proxy_protocol_options_lib", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/network:proxy_protocol_options_lib", + "//envoy/network:transport_socket_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:scalar_to_byte_vector_lib", "//source/common/common:utility_lib", ], @@ -429,7 +431,7 @@ envoy_cc_library( srcs = ["upstream_server_name.cc"], hdrs = ["upstream_server_name.h"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) @@ -439,7 +441,7 @@ envoy_cc_library( srcs = ["upstream_subject_alt_names.cc"], hdrs = ["upstream_subject_alt_names.h"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) @@ -454,8 +456,8 @@ envoy_cc_library( "abseil_str_format", ], deps = [ - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) @@ -467,8 +469,8 @@ envoy_cc_library( deps = [ ":io_socket_error_lib", ":utility_lib", - "//include/envoy/network:socket_interface", - "//include/envoy/network:udp_packet_writer_handler_interface", + "//envoy/network:socket_interface", + "//envoy/network:udp_packet_writer_handler_interface", "//source/common/buffer:buffer_lib", ], ) @@ -478,8 +480,8 @@ envoy_cc_library( srcs = ["proxy_protocol_filter_state.cc"], hdrs = ["proxy_protocol_filter_state.h"], deps = [ - "//include/envoy/network:proxy_protocol_options_lib", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/network:proxy_protocol_options_lib", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) @@ -491,8 +493,8 @@ envoy_cc_library( deps = [ ":socket_interface_lib", ":socket_option_factory_lib", - "//include/envoy/network:io_handle_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/network:io_handle_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) diff --git a/source/common/network/addr_family_aware_socket_option_impl.cc b/source/common/network/addr_family_aware_socket_option_impl.cc index 4e48958f2712..8c4c756a1093 100644 --- a/source/common/network/addr_family_aware_socket_option_impl.cc +++ b/source/common/network/addr_family_aware_socket_option_impl.cc @@ -1,13 +1,13 @@ -#include "common/network/addr_family_aware_socket_option_impl.h" +#include "source/common/network/addr_family_aware_socket_option_impl.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/addr_family_aware_socket_option_impl.h b/source/common/network/addr_family_aware_socket_option_impl.h index 5f06b13e9cd8..749788a4d9fa 100644 --- a/source/common/network/addr_family_aware_socket_option_impl.h +++ b/source/common/network/addr_family_aware_socket_option_impl.h @@ -4,8 +4,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/listen_socket.h" -#include "common/common/logger.h" -#include "common/network/socket_option_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/socket_option_impl.h" #include "absl/types/optional.h" diff --git a/source/common/network/address_impl.cc b/source/common/network/address_impl.cc index 478299a503ee..e612505d8336 100644 --- a/source/common/network/address_impl.cc +++ b/source/common/network/address_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/address_impl.h" +#include "source/common/network/address_impl.h" #include #include @@ -7,11 +7,12 @@ #include "envoy/common/exception.h" #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" -#include "common/network/socket_interface.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/network/socket_interface.h" namespace Envoy { namespace Network { @@ -19,26 +20,6 @@ namespace Address { namespace { -// Validate that IPv4 is supported on this platform, raise an exception for the -// given address if not. -void validateIpv4Supported(const std::string& address) { - static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET); - if (!supported) { - throw EnvoyException( - fmt::format("IPv4 addresses are not supported on this machine: {}", address)); - } -} - -// Validate that IPv6 is supported on this platform, raise an exception for the -// given address if not. -void validateIpv6Supported(const std::string& address) { - static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET6); - if (!supported) { - throw EnvoyException( - fmt::format("IPv6 addresses are not supported on this machine: {}", address)); - } -} - // Constructs a readable string with the embedded nulls in the abstract path replaced with '@'. std::string friendlyNameFromAbstractPath(absl::string_view path) { std::string friendly_name(path.data(), path.size()); @@ -50,17 +31,30 @@ const SocketInterface* sockInterfaceOrDefault(const SocketInterface* sock_interf return sock_interface == nullptr ? &SocketInterfaceSingleton::get() : sock_interface; } +void throwOnError(absl::Status status) { + if (!status.ok()) { + throw EnvoyException(status.ToString()); + } +} + +InstanceConstSharedPtr throwOnError(StatusOr address) { + if (!address.ok()) { + throwOnError(address.status()); + } + return *address; +} + } // namespace -Address::InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, socklen_t ss_len, - bool v6only) { +StatusOr addressFromSockAddr(const sockaddr_storage& ss, + socklen_t ss_len, bool v6only) { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) >= sizeof(sa_family_t), ""); switch (ss.ss_family) { case AF_INET: { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) == sizeof(sockaddr_in), ""); const struct sockaddr_in* sin = reinterpret_cast(&ss); ASSERT(AF_INET == sin->sin_family); - return std::make_shared(sin); + return Address::InstanceFactory::createInstancePtr(sin); } case AF_INET6: { RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) == sizeof(sockaddr_in6), ""); @@ -77,9 +71,9 @@ Address::InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, #else struct sockaddr_in sin = {AF_INET, sin6->sin6_port, {sin6->sin6_addr.s6_addr32[3]}, {}}; #endif - return std::make_shared(&sin); + return Address::InstanceFactory::createInstancePtr(&sin); } else { - return std::make_shared(*sin6, v6only); + return Address::InstanceFactory::createInstancePtr(*sin6, v6only); } } case AF_UNIX: { @@ -88,27 +82,47 @@ Address::InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, RELEASE_ASSERT(ss_len == 0 || static_cast(ss_len) >= offsetof(struct sockaddr_un, sun_path) + 1, ""); - return std::make_shared(sun, ss_len); + return Address::InstanceFactory::createInstancePtr(sun, ss_len); } default: - throw EnvoyException(fmt::format("Unexpected sockaddr family: {}", ss.ss_family)); + return absl::InvalidArgumentError(fmt::format("Unexpected sockaddr family: {}", ss.ss_family)); } NOT_REACHED_GCOVR_EXCL_LINE; } +Address::InstanceConstSharedPtr addressFromSockAddrOrThrow(const sockaddr_storage& ss, + socklen_t ss_len, bool v6only) { + // Though we don't have any test coverage where address validation in addressFromSockAddr() fails, + // this code is called in worker thread and can throw in theory. In that case, the program will + // crash due to uncaught exception. In practice, we don't expect any address validation in + // addressFromSockAddr() to fail in worker thread. + StatusOr address = addressFromSockAddr(ss, ss_len, v6only); + return throwOnError(address); +} + +Address::InstanceConstSharedPtr +addressFromSockAddrOrDie(const sockaddr_storage& ss, socklen_t ss_len, os_fd_t fd, bool v6only) { + // Set v6only to false so that mapped-v6 address can be normalize to v4 + // address. Though dual stack may be disabled, it's still okay to assume the + // address is from a dual stack socket. This is because mapped-v6 address + // must come from a dual stack socket. An actual v6 address can come from + // both dual stack socket and v6 only socket. If |peer_addr| is an actual v6 + // address and the socket is actually v6 only, the returned address will be + // regarded as a v6 address from dual stack socket. However, this address is not going to be + // used to create socket. Wrong knowledge of dual stack support won't hurt. + ASSERT(Thread::MainThread::isWorkerThread()); + StatusOr address = + Address::addressFromSockAddr(ss, ss_len, v6only); + if (!address.ok()) { + PANIC(fmt::format("Invalid address for fd: {}, error: {}", fd, address.status().ToString())); + } + return *address; +} + Ipv4Instance::Ipv4Instance(const sockaddr_in* address, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { - memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); - ip_.ipv4_.address_ = *address; - ip_.friendly_address_ = sockaddrToString(*address); - - // Based on benchmark testing, this reserve+append implementation runs faster than absl::StrCat. - fmt::format_int port(ntohs(address->sin_port)); - friendly_name_.reserve(ip_.friendly_address_.size() + 1 + port.size()); - friendly_name_.append(ip_.friendly_address_); - friendly_name_.push_back(':'); - friendly_name_.append(port.data(), port.size()); - validateIpv4Supported(friendly_name_); + throwOnError(validateProtocolSupported()); + initHelper(address); } Ipv4Instance::Ipv4Instance(const std::string& address, const SocketInterface* sock_interface) @@ -117,6 +131,7 @@ Ipv4Instance::Ipv4Instance(const std::string& address, const SocketInterface* so Ipv4Instance::Ipv4Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { + throwOnError(validateProtocolSupported()); memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); ip_.ipv4_.address_.sin_family = AF_INET; ip_.ipv4_.address_.sin_port = htons(port); @@ -126,21 +141,30 @@ Ipv4Instance::Ipv4Instance(const std::string& address, uint32_t port, } friendly_name_ = absl::StrCat(address, ":", port); - validateIpv4Supported(friendly_name_); ip_.friendly_address_ = address; } Ipv4Instance::Ipv4Instance(uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { + throwOnError(validateProtocolSupported()); memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); ip_.ipv4_.address_.sin_family = AF_INET; ip_.ipv4_.address_.sin_port = htons(port); ip_.ipv4_.address_.sin_addr.s_addr = INADDR_ANY; friendly_name_ = absl::StrCat("0.0.0.0:", port); - validateIpv4Supported(friendly_name_); ip_.friendly_address_ = "0.0.0.0"; } +Ipv4Instance::Ipv4Instance(absl::Status& status, const sockaddr_in* address, + const SocketInterface* sock_interface) + : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { + status = validateProtocolSupported(); + if (!status.ok()) { + return; + } + initHelper(address); +} + bool Ipv4Instance::operator==(const Instance& rhs) const { const Ipv4Instance* rhs_casted = dynamic_cast(&rhs); return (rhs_casted && (ip_.ipv4_.address() == rhs_casted->ip_.ipv4_.address()) && @@ -173,6 +197,27 @@ std::string Ipv4Instance::sockaddrToString(const sockaddr_in& addr) { return std::string(start, str + BufferSize - start); } +absl::Status Ipv4Instance::validateProtocolSupported() { + static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET); + if (supported) { + return absl::OkStatus(); + } + return absl::FailedPreconditionError("IPv4 addresses are not supported on this machine"); +} + +void Ipv4Instance::initHelper(const sockaddr_in* address) { + memset(&ip_.ipv4_.address_, 0, sizeof(ip_.ipv4_.address_)); + ip_.ipv4_.address_ = *address; + ip_.friendly_address_ = sockaddrToString(*address); + + // Based on benchmark testing, this reserve+append implementation runs faster than absl::StrCat. + fmt::format_int port(ntohs(address->sin_port)); + friendly_name_.reserve(ip_.friendly_address_.size() + 1 + port.size()); + friendly_name_.append(ip_.friendly_address_); + friendly_name_.push_back(':'); + friendly_name_.append(port.data(), port.size()); +} + absl::uint128 Ipv6Instance::Ipv6Helper::address() const { absl::uint128 result{0}; static_assert(sizeof(absl::uint128) == 16, "The size of asbl::uint128 is not 16."); @@ -194,11 +239,8 @@ std::string Ipv6Instance::Ipv6Helper::makeFriendlyAddress() const { Ipv6Instance::Ipv6Instance(const sockaddr_in6& address, bool v6only, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { - ip_.ipv6_.address_ = address; - ip_.friendly_address_ = ip_.ipv6_.makeFriendlyAddress(); - ip_.ipv6_.v6only_ = v6only; - friendly_name_ = fmt::format("[{}]:{}", ip_.friendly_address_, ip_.port()); - validateIpv6Supported(friendly_name_); + throwOnError(validateProtocolSupported()); + initHelper(address, v6only); } Ipv6Instance::Ipv6Instance(const std::string& address, const SocketInterface* sock_interface) @@ -207,6 +249,7 @@ Ipv6Instance::Ipv6Instance(const std::string& address, const SocketInterface* so Ipv6Instance::Ipv6Instance(const std::string& address, uint32_t port, const SocketInterface* sock_interface) : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { + throwOnError(validateProtocolSupported()); ip_.ipv6_.address_.sin6_family = AF_INET6; ip_.ipv6_.address_.sin6_port = htons(port); if (!address.empty()) { @@ -219,7 +262,6 @@ Ipv6Instance::Ipv6Instance(const std::string& address, uint32_t port, // Just in case address is in a non-canonical format, format from network address. ip_.friendly_address_ = ip_.ipv6_.makeFriendlyAddress(); friendly_name_ = fmt::format("[{}]:{}", ip_.friendly_address_, ip_.port()); - validateIpv6Supported(friendly_name_); } Ipv6Instance::Ipv6Instance(uint32_t port, const SocketInterface* sock_interface) @@ -231,6 +273,31 @@ bool Ipv6Instance::operator==(const Instance& rhs) const { (ip_.port() == rhs_casted->ip_.port())); } +Ipv6Instance::Ipv6Instance(absl::Status& status, const sockaddr_in6& address, bool v6only, + const SocketInterface* sock_interface) + : InstanceBase(Type::Ip, sockInterfaceOrDefault(sock_interface)) { + status = validateProtocolSupported(); + if (!status.ok()) { + return; + } + initHelper(address, v6only); +} + +absl::Status Ipv6Instance::validateProtocolSupported() { + static const bool supported = SocketInterfaceSingleton::get().ipFamilySupported(AF_INET6); + if (supported) { + return absl::OkStatus(); + } + return absl::FailedPreconditionError("IPv6 addresses are not supported on this machine"); +} + +void Ipv6Instance::initHelper(const sockaddr_in6& address, bool v6only) { + ip_.ipv6_.address_ = address; + ip_.friendly_address_ = ip_.ipv6_.makeFriendlyAddress(); + ip_.ipv6_.v6only_ = v6only; + friendly_name_ = fmt::format("[{}]:{}", ip_.friendly_address_, ip_.port()); +} + PipeInstance::PipeInstance(const sockaddr_un* address, socklen_t ss_len, mode_t mode, const SocketInterface* sock_interface) : InstanceBase(Type::Pipe, sockInterfaceOrDefault(sock_interface)) { @@ -243,18 +310,8 @@ PipeInstance::PipeInstance(const sockaddr_un* address, socklen_t ss_len, mode_t pipe_.abstract_namespace_ = true; pipe_.address_length_ = ss_len - offsetof(struct sockaddr_un, sun_path); } - pipe_.address_ = *address; - if (pipe_.abstract_namespace_) { - if (mode != 0) { - throw EnvoyException("Cannot set mode for Abstract AF_UNIX sockets"); - } - // Replace all null characters with '@' in friendly_name_. - friendly_name_ = friendlyNameFromAbstractPath( - absl::string_view(pipe_.address_.sun_path, pipe_.address_length_)); - } else { - friendly_name_ = address->sun_path; - } - pipe_.mode_ = mode; + absl::Status status = initHelper(address, mode); + throwOnError(status); } PipeInstance::PipeInstance(const std::string& pipe_path, mode_t mode, @@ -300,8 +357,40 @@ PipeInstance::PipeInstance(const std::string& pipe_path, mode_t mode, pipe_.mode_ = mode; } +PipeInstance::PipeInstance(absl::Status& error, const sockaddr_un* address, socklen_t ss_len, + mode_t mode, const SocketInterface* sock_interface) + : InstanceBase(Type::Pipe, sockInterfaceOrDefault(sock_interface)) { + if (address->sun_path[0] == '\0') { +#if !defined(__linux__) + error = absl::FailedPreconditionError("Abstract AF_UNIX sockets are only supported on linux."); + return; +#endif + RELEASE_ASSERT(static_cast(ss_len) >= offsetof(struct sockaddr_un, sun_path) + 1, + ""); + pipe_.abstract_namespace_ = true; + pipe_.address_length_ = ss_len - offsetof(struct sockaddr_un, sun_path); + } + error = initHelper(address, mode); +} + bool PipeInstance::operator==(const Instance& rhs) const { return asString() == rhs.asString(); } +absl::Status PipeInstance::initHelper(const sockaddr_un* address, mode_t mode) { + pipe_.address_ = *address; + if (pipe_.abstract_namespace_) { + if (mode != 0) { + return absl::FailedPreconditionError("Cannot set mode for Abstract AF_UNIX sockets"); + } + // Replace all null characters with '@' in friendly_name_. + friendly_name_ = friendlyNameFromAbstractPath( + absl::string_view(pipe_.address_.sun_path, pipe_.address_length_)); + } else { + friendly_name_ = address->sun_path; + } + pipe_.mode_ = mode; + return absl::OkStatus(); +} + EnvoyInternalInstance::EnvoyInternalInstance(const std::string& address_id, const SocketInterface* sock_interface) : InstanceBase(Type::EnvoyInternal, sockInterfaceOrDefault(sock_interface)), diff --git a/source/common/network/address_impl.h b/source/common/network/address_impl.h index 584b5384d140..2ade85fc8998 100644 --- a/source/common/network/address_impl.h +++ b/source/common/network/address_impl.h @@ -10,7 +10,8 @@ #include "envoy/network/address.h" #include "envoy/network/socket.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" +#include "source/common/common/statusor.h" namespace Envoy { namespace Network { @@ -25,8 +26,23 @@ namespace Address { * @param v6only disable IPv4-IPv6 mapping for IPv6 addresses? * @return InstanceConstSharedPtr the address. */ -InstanceConstSharedPtr addressFromSockAddr(const sockaddr_storage& ss, socklen_t len, - bool v6only = true); +StatusOr addressFromSockAddr(const sockaddr_storage& ss, socklen_t len, + bool v6only = true); +InstanceConstSharedPtr addressFromSockAddrOrThrow(const sockaddr_storage& ss, socklen_t len, + bool v6only = true); + +/** + * Convert an address in the form of the socket address struct defined by Posix, Linux, etc. into + * a Network::Address::Instance and return a pointer to it. Die on failure. + * @param ss a valid address with family AF_INET, AF_INET6 or AF_UNIX. + * @param len length of the address (e.g. from accept, getsockname or getpeername). If len > 0, + * it is used to validate the structure contents; else if len == 0, it is ignored. + * @param fd the file descriptor for the created address instance. + * @param v6only disable IPv4-IPv6 mapping for IPv6 addresses? + * @return InstanceConstSharedPtr the address. + */ +InstanceConstSharedPtr addressFromSockAddrOrDie(const sockaddr_storage& ss, socklen_t ss_len, + os_fd_t fd, bool v6only = true); /** * Base class for all address types. @@ -53,6 +69,22 @@ class InstanceBase : public Instance { const Type type_; }; +// Create an address instance. Upon failure, return an error status without throwing. +class InstanceFactory { +public: + template + static StatusOr createInstancePtr(Args&&... args) { + absl::Status status; + // Use new instead of make_shared here because the instance constructors are private and must be + // called directly here. + std::shared_ptr instance(new InstanceType(status, std::forward(args)...)); + if (!status.ok()) { + return status; + } + return instance; + } +}; + /** * Implementation of an IPv4 address. */ @@ -100,7 +132,20 @@ class Ipv4Instance : public InstanceBase { */ static std::string sockaddrToString(const sockaddr_in& addr); + // Validate that IPv4 is supported on this platform, raise an exception for the + // given address if not. + static absl::Status validateProtocolSupported(); + private: + /** + * Construct from an existing unix IPv4 socket address (IP v4 address and port). + * Store the status code in passed in parameter instead of throwing. + * It is called by the factory method and the partially constructed instance will be discarded + * upon error. + */ + explicit Ipv4Instance(absl::Status& error, const sockaddr_in* address, + const SocketInterface* sock_interface = nullptr); + struct Ipv4Helper : public Ipv4 { uint32_t address() const override { return address_.sin_addr.s_addr; } @@ -124,7 +169,10 @@ class Ipv4Instance : public InstanceBase { std::string friendly_address_; }; + void initHelper(const sockaddr_in* address); + IpHelper ip_; + friend class InstanceFactory; }; /** @@ -166,7 +214,19 @@ class Ipv6Instance : public InstanceBase { } socklen_t sockAddrLen() const override { return sizeof(sockaddr_in6); } + // Validate that IPv6 is supported on this platform + static absl::Status validateProtocolSupported(); + private: + /** + * Construct from an existing unix IPv6 socket address (IP v6 address and port). + * Store the status code in passed in parameter instead of throwing. + * It is called by the factory method and the partially constructed instance will be discarded + * upon error. + */ + Ipv6Instance(absl::Status& error, const sockaddr_in6& address, bool v6only = true, + const SocketInterface* sock_interface = nullptr); + struct Ipv6Helper : public Ipv6 { Ipv6Helper() { memset(&address_, 0, sizeof(address_)); } absl::uint128 address() const override; @@ -199,7 +259,10 @@ class Ipv6Instance : public InstanceBase { std::string friendly_address_; }; + void initHelper(const sockaddr_in6& address, bool v6only); + IpHelper ip_; + friend class InstanceFactory; }; /** @@ -219,6 +282,8 @@ class PipeInstance : public InstanceBase { explicit PipeInstance(const std::string& pipe_path, mode_t mode = 0, const SocketInterface* sock_interface = nullptr); + static absl::Status validateProtocolSupported() { return absl::OkStatus(); } + // Network::Address::Instance bool operator==(const Instance& rhs) const override; const Ip* ip() const override { return nullptr; } @@ -236,6 +301,15 @@ class PipeInstance : public InstanceBase { } private: + /** + * Construct from an existing unix address. + * Store the error status code in passed in parameter instead of throwing. + * It is called by the factory method and the partially constructed instance will be discarded + * upon error. + */ + PipeInstance(absl::Status& error, const sockaddr_un* address, socklen_t ss_len, mode_t mode = 0, + const SocketInterface* sock_interface = nullptr); + struct PipeHelper : public Pipe { bool abstractNamespace() const override { return abstract_namespace_; } @@ -248,7 +322,10 @@ class PipeInstance : public InstanceBase { mode_t mode_{0}; }; + absl::Status initHelper(const sockaddr_un* address, mode_t mode); + PipeHelper pipe_; + friend class InstanceFactory; }; class EnvoyInternalInstance : public InstanceBase { diff --git a/source/common/network/apple_dns_impl.cc b/source/common/network/apple_dns_impl.cc index 25a44ace0a66..f542c2424f7f 100644 --- a/source/common/network/apple_dns_impl.cc +++ b/source/common/network/apple_dns_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/apple_dns_impl.h" +#include "source/common/network/apple_dns_impl.h" #include @@ -11,10 +11,10 @@ #include "envoy/common/platform.h" #include "envoy/event/file_event.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "absl/strings/str_join.h" diff --git a/source/common/network/apple_dns_impl.h b/source/common/network/apple_dns_impl.h index 0ca2cd2517bc..d22bc2c7c87e 100644 --- a/source/common/network/apple_dns_impl.h +++ b/source/common/network/apple_dns_impl.h @@ -11,11 +11,11 @@ #include "envoy/event/timer.h" #include "envoy/network/dns.h" -#include "common/common/backoff_strategy.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/network/application_protocol.cc b/source/common/network/application_protocol.cc index 57d9bbb556ce..6794194ac90d 100644 --- a/source/common/network/application_protocol.cc +++ b/source/common/network/application_protocol.cc @@ -1,6 +1,6 @@ -#include "common/network/application_protocol.h" +#include "source/common/network/application_protocol.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Network { diff --git a/source/common/network/base_listener_impl.cc b/source/common/network/base_listener_impl.cc index bd524c792154..df953ecd29e3 100644 --- a/source/common/network/base_listener_impl.cc +++ b/source/common/network/base_listener_impl.cc @@ -1,14 +1,14 @@ -#include "common/network/base_listener_impl.h" +#include "source/common/network/base_listener_impl.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/file_event_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/file_event_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_impl.h" #include "event2/listener.h" diff --git a/source/common/network/base_listener_impl.h b/source/common/network/base_listener_impl.h index 2cf97dea86c4..62cebdbd4dd5 100644 --- a/source/common/network/base_listener_impl.h +++ b/source/common/network/base_listener_impl.h @@ -2,8 +2,8 @@ #include "envoy/network/listener.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/listen_socket_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/listen_socket_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/cidr_range.cc b/source/common/network/cidr_range.cc index 2ee249f265c1..cdbfe9fe1d60 100644 --- a/source/common/network/cidr_range.cc +++ b/source/common/network/cidr_range.cc @@ -1,4 +1,4 @@ -#include "common/network/cidr_range.h" +#include "source/common/network/cidr_range.h" #include #include @@ -9,12 +9,12 @@ #include "envoy/common/platform.h" #include "envoy/config/core/v3/address.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/cidr_range.h b/source/common/network/cidr_range.h index 9ec72f39156b..791f3de7b5d6 100644 --- a/source/common/network/cidr_range.h +++ b/source/common/network/cidr_range.h @@ -6,7 +6,7 @@ #include "envoy/config/core/v3/address.pb.h" #include "envoy/network/address.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Network { diff --git a/source/common/network/connection_balancer_impl.cc b/source/common/network/connection_balancer_impl.cc index 84aed4ef6405..309628073f19 100644 --- a/source/common/network/connection_balancer_impl.cc +++ b/source/common/network/connection_balancer_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/connection_balancer_impl.h" +#include "source/common/network/connection_balancer_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/connection_impl.cc b/source/common/network/connection_impl.cc index 2d964ac4c22a..9f37d4b5b70d 100644 --- a/source/common/network/connection_impl.cc +++ b/source/common/network/connection_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/connection_impl.h" +#include "source/common/network/connection_impl.h" #include #include @@ -12,15 +12,15 @@ #include "envoy/network/filter.h" #include "envoy/network/socket.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/scope_tracker.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/connection_impl.h b/source/common/network/connection_impl.h index 17021980febb..4e9f0044924c 100644 --- a/source/common/network/connection_impl.h +++ b/source/common/network/connection_impl.h @@ -9,10 +9,10 @@ #include "envoy/common/scope_tracker.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/watermark_buffer.h" -#include "common/event/libevent.h" -#include "common/network/connection_impl_base.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/event/libevent.h" +#include "source/common/network/connection_impl_base.h" +#include "source/common/stream_info/stream_info_impl.h" #include "absl/types/optional.h" diff --git a/source/common/network/connection_impl_base.cc b/source/common/network/connection_impl_base.cc index 22803ec56642..71a5fbb5e94a 100644 --- a/source/common/network/connection_impl_base.cc +++ b/source/common/network/connection_impl_base.cc @@ -1,4 +1,4 @@ -#include "common/network/connection_impl_base.h" +#include "source/common/network/connection_impl_base.h" namespace Envoy { namespace Network { diff --git a/source/common/network/connection_impl_base.h b/source/common/network/connection_impl_base.h index 5bb12eea5a7d..05a7eddee9f6 100644 --- a/source/common/network/connection_impl_base.h +++ b/source/common/network/connection_impl_base.h @@ -2,8 +2,8 @@ #include "envoy/event/dispatcher.h" -#include "common/common/logger.h" -#include "common/network/filter_manager_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/filter_manager_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/dns_impl.cc b/source/common/network/dns_impl.cc index c2b0411a9696..8d5edd28d6b1 100644 --- a/source/common/network/dns_impl.cc +++ b/source/common/network/dns_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/dns_impl.h" +#include "source/common/network/dns_impl.h" #include #include @@ -8,11 +8,11 @@ #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/thread.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "absl/strings/str_join.h" #include "ares.h" @@ -23,10 +23,10 @@ namespace Network { DnsResolverImpl::DnsResolverImpl( Event::Dispatcher& dispatcher, const std::vector& resolvers, - const bool use_tcp_for_dns_lookups) + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) : dispatcher_(dispatcher), timer_(dispatcher.createTimer([this] { onEventCallback(ARES_SOCKET_BAD, 0); })), - use_tcp_for_dns_lookups_(use_tcp_for_dns_lookups), + dns_resolver_options_(dns_resolver_options), resolvers_csv_(maybeBuildResolversCsv(resolvers)) { AresOptions options = defaultAresOptions(); initializeChannel(&options.options_, options.optmask_); @@ -66,11 +66,16 @@ absl::optional DnsResolverImpl::maybeBuildResolversCsv( DnsResolverImpl::AresOptions DnsResolverImpl::defaultAresOptions() { AresOptions options{}; - if (use_tcp_for_dns_lookups_) { + if (dns_resolver_options_.use_tcp_for_dns_lookups()) { options.optmask_ |= ARES_OPT_FLAGS; options.options_.flags |= ARES_FLAG_USEVC; } + if (dns_resolver_options_.no_default_search_domain()) { + options.optmask_ |= ARES_OPT_FLAGS; + options.options_.flags |= ARES_FLAG_NOSEARCH; + } + return options; } @@ -169,10 +174,12 @@ void DnsResolverImpl::PendingResolution::onAresGetAddrInfoCallback(int status, i if (completed_) { if (!cancelled_) { - // TODO(chaoqin-li1123): remove this exception catching by refactoring. - // We can't add a main thread assertion here because both this code is reused by dns filter - // and executed in both main thread and worker thread. Maybe split the code for filter and - // main thread. + // Use a raw try here because it is used in both main thread and filter. + // Can not convert to use status code as there may be unexpected exceptions in server fuzz + // tests, which must be handled. Potential exception may come from getAddressWithPort() or + // portFromTcpUrl(). + // TODO(chaoqin-li1123): remove try catch pattern here once we figure how to handle unexpected + // exception in fuzz tests. TRY_NEEDS_AUDIT { callback_(resolution_status, std::move(address_list)); } catch (const EnvoyException& e) { ENVOY_LOG(critical, "EnvoyException in c-ares callback: {}", e.what()); diff --git a/source/common/network/dns_impl.h b/source/common/network/dns_impl.h index ace150273f31..f58609ad674a 100644 --- a/source/common/network/dns_impl.h +++ b/source/common/network/dns_impl.h @@ -8,9 +8,9 @@ #include "envoy/event/file_event.h" #include "envoy/network/dns.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/common/utility.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" #include "absl/container/node_hash_map.h" #include "ares.h" @@ -28,7 +28,7 @@ class DnsResolverImpl : public DnsResolver, protected Logger::Loggable& resolvers, - const bool use_tcp_for_dns_lookups); + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options); ~DnsResolverImpl() override; // Network::DnsResolver @@ -106,7 +106,8 @@ class DnsResolverImpl : public DnsResolver, protected Logger::Loggable events_; const absl::optional resolvers_csv_; }; diff --git a/source/common/network/filter_manager_impl.cc b/source/common/network/filter_manager_impl.cc index 5bec16f5f75a..f5984f2db43c 100644 --- a/source/common/network/filter_manager_impl.cc +++ b/source/common/network/filter_manager_impl.cc @@ -1,10 +1,10 @@ -#include "common/network/filter_manager_impl.h" +#include "source/common/network/filter_manager_impl.h" #include #include "envoy/network/connection.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Network { diff --git a/source/common/network/filter_manager_impl.h b/source/common/network/filter_manager_impl.h index 0f10e6302a1f..87973160939e 100644 --- a/source/common/network/filter_manager_impl.h +++ b/source/common/network/filter_manager_impl.h @@ -7,7 +7,7 @@ #include "envoy/network/filter.h" #include "envoy/network/socket.h" -#include "common/common/linked_object.h" +#include "source/common/common/linked_object.h" namespace Envoy { namespace Network { diff --git a/source/common/network/filter_matcher.cc b/source/common/network/filter_matcher.cc index 3865d3e05d99..6e1410eab566 100644 --- a/source/common/network/filter_matcher.cc +++ b/source/common/network/filter_matcher.cc @@ -1,8 +1,8 @@ -#include "common/network/filter_matcher.h" +#include "source/common/network/filter_matcher.h" #include "envoy/network/filter.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/str_format.h" diff --git a/source/common/network/hash_policy.cc b/source/common/network/hash_policy.cc index 486be4772f3b..2baf9fe8d0e5 100644 --- a/source/common/network/hash_policy.cc +++ b/source/common/network/hash_policy.cc @@ -1,9 +1,9 @@ -#include "common/network/hash_policy.h" +#include "source/common/network/hash_policy.h" #include "envoy/common/exception.h" #include "envoy/type/v3/hash_policy.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Network { diff --git a/source/common/network/hash_policy.h b/source/common/network/hash_policy.h index b0c2c4894cc4..1b5d09489fcf 100644 --- a/source/common/network/hash_policy.h +++ b/source/common/network/hash_policy.h @@ -3,7 +3,7 @@ #include "envoy/network/hash_policy.h" #include "envoy/type/v3/hash_policy.pb.h" -#include "common/common/hash.h" +#include "source/common/common/hash.h" namespace Envoy { namespace Network { diff --git a/source/common/network/io_socket_error_impl.cc b/source/common/network/io_socket_error_impl.cc index 04a91c3d7962..8d664be8e1f4 100644 --- a/source/common/network/io_socket_error_impl.cc +++ b/source/common/network/io_socket_error_impl.cc @@ -1,9 +1,9 @@ -#include "common/network/io_socket_error_impl.h" +#include "source/common/network/io_socket_error_impl.h" #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/io_socket_error_impl.h b/source/common/network/io_socket_error_impl.h index 1b361a9a3e2f..bd4d80ce68e1 100644 --- a/source/common/network/io_socket_error_impl.h +++ b/source/common/network/io_socket_error_impl.h @@ -2,7 +2,7 @@ #include "envoy/api/io_error.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Network { diff --git a/source/common/network/io_socket_handle_impl.cc b/source/common/network/io_socket_handle_impl.cc index b8bd7f2ac1c9..8f2d2e0b5687 100644 --- a/source/common/network/io_socket_handle_impl.cc +++ b/source/common/network/io_socket_handle_impl.cc @@ -1,11 +1,11 @@ -#include "common/network/io_socket_handle_impl.h" +#include "source/common/network/io_socket_handle_impl.h" #include "envoy/buffer/buffer.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/utility.h" -#include "common/event/file_event_impl.h" -#include "common/network/address_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/utility.h" +#include "source/common/event/file_event_impl.h" +#include "source/common/network/address_impl.h" #include "absl/container/fixed_array.h" #include "absl/types/optional.h" @@ -275,26 +275,6 @@ Api::IoCallUint64Result IoSocketHandleImpl::sendmsg(const Buffer::RawSlice* slic } } -Address::InstanceConstSharedPtr getAddressFromSockAddrOrDie(const sockaddr_storage& ss, - socklen_t ss_len, os_fd_t fd) { - // TODO(chaoqin-li1123): remove exception catching and make Address::addressFromSockAddr return - // null on error. - TRY_NEEDS_AUDIT { - // Set v6only to false so that mapped-v6 address can be normalize to v4 - // address. Though dual stack may be disabled, it's still okay to assume the - // address is from a dual stack socket. This is because mapped-v6 address - // must come from a dual stack socket. An actual v6 address can come from - // both dual stack socket and v6 only socket. If |peer_addr| is an actual v6 - // address and the socket is actually v6 only, the returned address will be - // regarded as a v6 address from dual stack socket. However, this address is not going to be - // used to create socket. Wrong knowledge of dual stack support won't hurt. - return Address::addressFromSockAddr(ss, ss_len, /*v6only=*/false); - } - catch (const EnvoyException& e) { - PANIC(fmt::format("Invalid address for fd: {}, error: {}", fd, e.what())); - } -} - Address::InstanceConstSharedPtr maybeGetDstAddressFromHeader(const cmsghdr& cmsg, uint32_t self_port, os_fd_t fd) { if (cmsg.cmsg_type == IPV6_PKTINFO) { @@ -305,7 +285,7 @@ Address::InstanceConstSharedPtr maybeGetDstAddressFromHeader(const cmsghdr& cmsg ipv6_addr->sin6_family = AF_INET6; ipv6_addr->sin6_addr = info->ipi6_addr; ipv6_addr->sin6_port = htons(self_port); - return getAddressFromSockAddrOrDie(ss, sizeof(sockaddr_in6), fd); + return Address::addressFromSockAddrOrDie(ss, sizeof(sockaddr_in6), fd); } if (cmsg.cmsg_type == messageTypeContainsIP()) { @@ -315,7 +295,7 @@ Address::InstanceConstSharedPtr maybeGetDstAddressFromHeader(const cmsghdr& cmsg ipv4_addr->sin_family = AF_INET; ipv4_addr->sin_addr = addressFromMessage(cmsg); ipv4_addr->sin_port = htons(self_port); - return getAddressFromSockAddrOrDie(ss, sizeof(sockaddr_in), fd); + return Address::addressFromSockAddrOrDie(ss, sizeof(sockaddr_in), fd); } return nullptr; @@ -385,7 +365,7 @@ Api::IoCallUint64Result IoSocketHandleImpl::recvmsg(Buffer::RawSlice* slices, fmt::format("Incorrectly set control message length: {}", hdr.msg_controllen)); RELEASE_ASSERT(hdr.msg_namelen > 0, fmt::format("Unable to get remote address from recvmsg() for fd: {}", fd_)); - output.msg_[0].peer_address_ = getAddressFromSockAddrOrDie(peer_addr, hdr.msg_namelen, fd_); + output.msg_[0].peer_address_ = Address::addressFromSockAddrOrDie(peer_addr, hdr.msg_namelen, fd_); output.msg_[0].gso_size_ = 0; if (hdr.msg_controllen > 0) { @@ -492,7 +472,7 @@ Api::IoCallUint64Result IoSocketHandleImpl::recvmmsg(RawSliceArrays& slices, uin output.msg_[i].msg_len_ = mmsg_hdr[i].msg_len; // Get local and peer addresses for each packet. output.msg_[i].peer_address_ = - getAddressFromSockAddrOrDie(raw_addresses[i], hdr.msg_namelen, fd_); + Address::addressFromSockAddrOrDie(raw_addresses[i], hdr.msg_namelen, fd_); if (hdr.msg_controllen > 0) { struct cmsghdr* cmsg; for (cmsg = CMSG_FIRSTHDR(&hdr); cmsg != nullptr; cmsg = CMSG_NXTHDR(&hdr, cmsg)) { @@ -605,7 +585,7 @@ Address::InstanceConstSharedPtr IoSocketHandleImpl::localAddress() { throw EnvoyException(fmt::format("getsockname failed for '{}': ({}) {}", fd_, result.errno_, errorDetails(result.errno_))); } - return Address::addressFromSockAddr(ss, ss_len, socket_v6only_); + return Address::addressFromSockAddrOrThrow(ss, ss_len, socket_v6only_); } Address::InstanceConstSharedPtr IoSocketHandleImpl::peerAddress() { @@ -616,7 +596,7 @@ Address::InstanceConstSharedPtr IoSocketHandleImpl::peerAddress() { os_sys_calls.getpeername(fd_, reinterpret_cast(&ss), &ss_len); if (result.rc_ != 0) { throw EnvoyException( - fmt::format("getpeername failed for '{}': {}", fd_, errorDetails(result.errno_))); + fmt::format("getpeername failed for '{}': {}", errorDetails(result.errno_))); } if (ss_len == udsAddressLength() && ss.ss_family == AF_UNIX) { @@ -630,7 +610,7 @@ Address::InstanceConstSharedPtr IoSocketHandleImpl::peerAddress() { fmt::format("getsockname failed for '{}': {}", fd_, errorDetails(result.errno_))); } } - return Address::addressFromSockAddr(ss, ss_len); + return Address::addressFromSockAddrOrThrow(ss, ss_len, socket_v6only_); } void IoSocketHandleImpl::initializeFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, diff --git a/source/common/network/io_socket_handle_impl.h b/source/common/network/io_socket_handle_impl.h index 6b21e94c6927..398ab1f554f5 100644 --- a/source/common/network/io_socket_handle_impl.h +++ b/source/common/network/io_socket_handle_impl.h @@ -6,8 +6,8 @@ #include "envoy/event/dispatcher.h" #include "envoy/network/io_handle.h" -#include "common/common/logger.h" -#include "common/network/io_socket_error_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/io_socket_error_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/lc_trie.h b/source/common/network/lc_trie.h index 6069eab01eb0..db523fe980a5 100644 --- a/source/common/network/lc_trie.h +++ b/source/common/network/lc_trie.h @@ -8,11 +8,11 @@ #include "envoy/common/platform.h" #include "envoy/network/address.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/cidr_range.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/utility.h" #include "absl/container/node_hash_set.h" #include "absl/numeric/int128.h" diff --git a/source/common/network/listen_socket_impl.cc b/source/common/network/listen_socket_impl.cc index 674cf456bce0..4ed599d19b73 100644 --- a/source/common/network/listen_socket_impl.cc +++ b/source/common/network/listen_socket_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/listen_socket_impl.h" +#include "source/common/network/listen_socket_impl.h" #include @@ -9,11 +9,11 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { @@ -48,20 +48,16 @@ void ListenSocketImpl::setupSocket(const Network::Socket::OptionsSharedPtr& opti } } +// UDP listen socket desires io handle regardless bind_to_port is true or false. template <> -void NetworkListenSocket>::setPrebindSocketOptions() { -// On Windows, SO_REUSEADDR does not restrict subsequent bind calls when there is a listener as on -// Linux and later BSD socket stacks -#ifndef WIN32 - int on = 1; - auto status = setSocketOption(SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); - RELEASE_ASSERT(status.rc_ != -1, "failed to set SO_REUSEADDR socket option"); -#endif +NetworkListenSocket>::NetworkListenSocket( + const Address::InstanceConstSharedPtr& address, + const Network::Socket::OptionsSharedPtr& options, bool bind_to_port) + : ListenSocketImpl(Network::ioHandleForAddr(Socket::Type::Datagram, address), address) { + setPrebindSocketOptions(); + setupSocket(options, bind_to_port); } -template <> -void NetworkListenSocket>::setPrebindSocketOptions() {} - UdsListenSocket::UdsListenSocket(const Address::InstanceConstSharedPtr& address) : ListenSocketImpl(ioHandleForAddr(Socket::Type::Stream, address), address) { RELEASE_ASSERT(io_handle_->isOpen(), ""); diff --git a/source/common/network/listen_socket_impl.h b/source/common/network/listen_socket_impl.h index 663c372c6ee8..d42e8cadd683 100644 --- a/source/common/network/listen_socket_impl.h +++ b/source/common/network/listen_socket_impl.h @@ -10,9 +10,10 @@ #include "envoy/network/socket.h" #include "envoy/network/socket_interface.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/network/socket_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/socket_interface.h" namespace Envoy { namespace Network { @@ -25,7 +26,8 @@ class ListenSocketImpl : public SocketImpl { SocketPtr duplicate() override { // Using `new` to access a non-public constructor. return absl::WrapUnique( - new ListenSocketImpl(io_handle_->duplicate(), address_provider_->localAddress())); + new ListenSocketImpl(io_handle_ == nullptr ? nullptr : io_handle_->duplicate(), + address_provider_->localAddress())); } void setupSocket(const Network::Socket::OptionsSharedPtr& options, bool bind_to_port); @@ -50,11 +52,23 @@ template class NetworkListenSocket : public ListenSocketImpl { public: NetworkListenSocket(const Address::InstanceConstSharedPtr& address, const Network::Socket::OptionsSharedPtr& options, bool bind_to_port) - : ListenSocketImpl(Network::ioHandleForAddr(T::type, address), address) { - RELEASE_ASSERT(io_handle_->isOpen(), ""); - - setPrebindSocketOptions(); - + : ListenSocketImpl(bind_to_port ? Network::ioHandleForAddr(T::type, address) : nullptr, + address) { + // Prebind is applied if the socket is bind to port. + if (bind_to_port) { + RELEASE_ASSERT(io_handle_->isOpen(), ""); + setPrebindSocketOptions(); + } else { + // If the tcp listener does not bind to port, we test that the ip family is supported. + if (auto ip = address->ip(); ip != nullptr) { + RELEASE_ASSERT( + Network::SocketInterfaceSingleton::get().ipFamilySupported(ip->ipv4() ? AF_INET + : AF_INET6), + fmt::format( + "Creating listen socket address {} but the address familiy is not supported", + address->asStringView())); + } + } setupSocket(options, bind_to_port); } @@ -67,9 +81,30 @@ template class NetworkListenSocket : public ListenSocketImpl { Socket::Type socketType() const override { return T::type; } protected: - void setPrebindSocketOptions(); + void setPrebindSocketOptions() { + // On Windows, SO_REUSEADDR does not restrict subsequent bind calls when there is a listener as + // on Linux and later BSD socket stacks +#ifndef WIN32 + int on = 1; + auto status = setSocketOption(SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); + RELEASE_ASSERT(status.rc_ != -1, "failed to set SO_REUSEADDR socket option"); +#endif + } }; +template <> +inline void +NetworkListenSocket>::setPrebindSocketOptions() {} + +// UDP listen socket desires io handle regardless bind_to_port is true or false. +template <> +NetworkListenSocket>::NetworkListenSocket( + const Address::InstanceConstSharedPtr& address, + const Network::Socket::OptionsSharedPtr& options, bool bind_to_port); + +template class NetworkListenSocket>; +template class NetworkListenSocket>; + using TcpListenSocket = NetworkListenSocket>; using TcpListenSocketPtr = std::unique_ptr; diff --git a/source/common/network/proxy_protocol_filter_state.cc b/source/common/network/proxy_protocol_filter_state.cc index cae58c961253..37940bbad746 100644 --- a/source/common/network/proxy_protocol_filter_state.cc +++ b/source/common/network/proxy_protocol_filter_state.cc @@ -1,6 +1,6 @@ -#include "common/network/proxy_protocol_filter_state.h" +#include "source/common/network/proxy_protocol_filter_state.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Network { diff --git a/source/common/network/raw_buffer_socket.cc b/source/common/network/raw_buffer_socket.cc index 96f75a1c419b..ad72a2fb434d 100644 --- a/source/common/network/raw_buffer_socket.cc +++ b/source/common/network/raw_buffer_socket.cc @@ -1,9 +1,9 @@ -#include "common/network/raw_buffer_socket.h" +#include "source/common/network/raw_buffer_socket.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/http/headers.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Network { diff --git a/source/common/network/raw_buffer_socket.h b/source/common/network/raw_buffer_socket.h index 24e498ebf59a..06462d86f886 100644 --- a/source/common/network/raw_buffer_socket.h +++ b/source/common/network/raw_buffer_socket.h @@ -4,7 +4,7 @@ #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Network { diff --git a/source/common/network/resolver_impl.cc b/source/common/network/resolver_impl.cc index 66554c0d2367..069ff71208ee 100644 --- a/source/common/network/resolver_impl.cc +++ b/source/common/network/resolver_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/resolver_impl.h" +#include "source/common/network/resolver_impl.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/address.pb.h" @@ -6,9 +6,9 @@ #include "envoy/network/resolver.h" #include "envoy/registry/registry.h" -#include "common/config/well_known_names.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/resolver_impl.h b/source/common/network/resolver_impl.h index 0241a4fe5309..e6da88a4af50 100644 --- a/source/common/network/resolver_impl.h +++ b/source/common/network/resolver_impl.h @@ -5,7 +5,7 @@ #include "envoy/network/connection.h" #include "envoy/network/resolver.h" -#include "common/network/address_impl.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_impl.cc b/source/common/network/socket_impl.cc index 7a558ca05908..08505cb65b0a 100644 --- a/source/common/network/socket_impl.cc +++ b/source/common/network/socket_impl.cc @@ -1,10 +1,10 @@ -#include "common/network/socket_impl.h" +#include "source/common/network/socket_impl.h" #include "envoy/common/exception.h" #include "envoy/network/socket_interface.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_impl.h b/source/common/network/socket_impl.h index 756b96638d21..fd2765646f1c 100644 --- a/source/common/network/socket_impl.h +++ b/source/common/network/socket_impl.h @@ -2,8 +2,8 @@ #include "envoy/network/socket.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_interface.h b/source/common/network/socket_interface.h index 89ae1d9770de..d225040cd016 100644 --- a/source/common/network/socket_interface.h +++ b/source/common/network/socket_interface.h @@ -5,7 +5,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/bootstrap_extension_config.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/network/socket_interface_impl.cc b/source/common/network/socket_interface_impl.cc index 8a3802e36769..4847161321e5 100644 --- a/source/common/network/socket_interface_impl.cc +++ b/source/common/network/socket_interface_impl.cc @@ -1,12 +1,12 @@ -#include "common/network/socket_interface_impl.h" +#include "source/common/network/socket_interface_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/network/socket_interface/v3/default_socket_interface.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/network/io_socket_handle_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_interface_impl.h b/source/common/network/socket_interface_impl.h index ecc14e2e551b..ce3889230f85 100644 --- a/source/common/network/socket_interface_impl.h +++ b/source/common/network/socket_interface_impl.h @@ -2,7 +2,7 @@ #include "envoy/network/socket.h" -#include "common/network/socket_interface.h" +#include "source/common/network/socket_interface.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_option_factory.cc b/source/common/network/socket_option_factory.cc index 484f0f3999af..72b71d60fab0 100644 --- a/source/common/network/socket_option_factory.cc +++ b/source/common/network/socket_option_factory.cc @@ -1,11 +1,11 @@ -#include "common/network/socket_option_factory.h" +#include "source/common/network/socket_option_factory.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/common/fmt.h" -#include "common/network/addr_family_aware_socket_option_impl.h" -#include "common/network/socket_option_impl.h" -#include "common/network/win32_redirect_records_option_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/network/addr_family_aware_socket_option_impl.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/win32_redirect_records_option_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_option_factory.h b/source/common/network/socket_option_factory.h index 878a5fc0cd72..e40730167a1b 100644 --- a/source/common/network/socket_option_factory.h +++ b/source/common/network/socket_option_factory.h @@ -4,8 +4,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/socket.h" -#include "common/common/logger.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/source/common/network/socket_option_impl.cc b/source/common/network/socket_option_impl.cc index 7293fa483b2f..53d3bc8efd1f 100644 --- a/source/common/network/socket_option_impl.cc +++ b/source/common/network/socket_option_impl.cc @@ -1,12 +1,12 @@ -#include "common/network/socket_option_impl.h" +#include "source/common/network/socket_option_impl.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/socket_option_impl.h b/source/common/network/socket_option_impl.h index ce6ebb926579..4c47dde2c08a 100644 --- a/source/common/network/socket_option_impl.h +++ b/source/common/network/socket_option_impl.h @@ -5,8 +5,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/listen_socket.h" -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Network { diff --git a/source/common/network/tcp_listener_impl.cc b/source/common/network/tcp_listener_impl.cc index 38c77db31e44..8760e5f65eb8 100644 --- a/source/common/network/tcp_listener_impl.cc +++ b/source/common/network/tcp_listener_impl.cc @@ -1,18 +1,18 @@ -#include "common/network/tcp_listener_impl.h" +#include "source/common/network/tcp_listener_impl.h" #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/file_event_impl.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/file_event_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_handle_impl.h" namespace Envoy { namespace Network { @@ -42,6 +42,7 @@ bool TcpListenerImpl::rejectCxOverGlobalLimit() { } void TcpListenerImpl::onSocketEvent(short flags) { + ASSERT(bind_to_port_); ASSERT(flags & (Event::FileReadyType::Read)); // TODO(fcoras): Add limit on number of accepted calls per wakeup @@ -82,12 +83,13 @@ void TcpListenerImpl::onSocketEvent(short flags) { // Pass the 'v6only' parameter as true if the local_address is an IPv6 address. This has no // effect if the socket is a v4 socket, but for v6 sockets this will create an IPv4 remote // address if an IPv4 local_address was created from an IPv6 mapped IPv4 address. - const Address::InstanceConstSharedPtr& remote_address = + + const Address::InstanceConstSharedPtr remote_address = (remote_addr.ss_family == AF_UNIX) ? io_handle->peerAddress() - : Address::addressFromSockAddr(remote_addr, remote_addr_len, - local_address->ip()->version() == - Address::IpVersion::v6); + : Address::addressFromSockAddrOrThrow(remote_addr, remote_addr_len, + local_address->ip()->version() == + Address::IpVersion::v6); cb_.onAccept( std::make_unique(std::move(io_handle), local_address, remote_address)); @@ -95,6 +97,8 @@ void TcpListenerImpl::onSocketEvent(short flags) { } void TcpListenerImpl::setupServerSocket(Event::DispatcherImpl& dispatcher, Socket& socket) { + ASSERT(bind_to_port_); + socket.ioHandle().listen(backlog_size_); // Although onSocketEvent drains to completion, use level triggered mode to avoid potential @@ -114,15 +118,27 @@ TcpListenerImpl::TcpListenerImpl(Event::DispatcherImpl& dispatcher, Random::Rand SocketSharedPtr socket, TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size) : BaseListenerImpl(dispatcher, std::move(socket)), cb_(cb), backlog_size_(backlog_size), - random_(random), reject_fraction_(0.0) { + random_(random), bind_to_port_(bind_to_port), reject_fraction_(0.0) { if (bind_to_port) { setupServerSocket(dispatcher, *socket_); } } -void TcpListenerImpl::enable() { socket_->ioHandle().enableFileEvents(Event::FileReadyType::Read); } +void TcpListenerImpl::enable() { + if (bind_to_port_) { + socket_->ioHandle().enableFileEvents(Event::FileReadyType::Read); + } else { + FANCY_LOG(debug, "The listener cannot be enabled since it's not bind to port."); + } +} -void TcpListenerImpl::disable() { socket_->ioHandle().enableFileEvents(0); } +void TcpListenerImpl::disable() { + if (bind_to_port_) { + socket_->ioHandle().enableFileEvents(0); + } else { + FANCY_LOG(debug, "The listener cannot be disable since it's not bind to port."); + } +} void TcpListenerImpl::setRejectFraction(const UnitFloat reject_fraction) { reject_fraction_ = reject_fraction; diff --git a/source/common/network/tcp_listener_impl.h b/source/common/network/tcp_listener_impl.h index fd66ffc60dee..bf5826038c84 100644 --- a/source/common/network/tcp_listener_impl.h +++ b/source/common/network/tcp_listener_impl.h @@ -3,7 +3,7 @@ #include "envoy/common/random_generator.h" #include "envoy/runtime/runtime.h" -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" #include "absl/strings/string_view.h" #include "base_listener_impl.h" @@ -19,7 +19,11 @@ class TcpListenerImpl : public BaseListenerImpl { TcpListenerImpl(Event::DispatcherImpl& dispatcher, Random::RandomGenerator& random, SocketSharedPtr socket, TcpListenerCallbacks& cb, bool bind_to_port, uint32_t backlog_size); - ~TcpListenerImpl() override { socket_->ioHandle().resetFileEvents(); } + ~TcpListenerImpl() override { + if (bind_to_port_) { + socket_->ioHandle().resetFileEvents(); + } + } void disable() override; void enable() override; void setRejectFraction(UnitFloat reject_fraction) override; @@ -40,6 +44,7 @@ class TcpListenerImpl : public BaseListenerImpl { static bool rejectCxOverGlobalLimit(); Random::RandomGenerator& random_; + bool bind_to_port_; UnitFloat reject_fraction_; }; diff --git a/source/common/network/transport_socket_options_impl.cc b/source/common/network/transport_socket_options_impl.cc index 739bb3011d58..2950a918cd22 100644 --- a/source/common/network/transport_socket_options_impl.cc +++ b/source/common/network/transport_socket_options_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/transport_socket_options_impl.h" +#include "source/common/network/transport_socket_options_impl.h" #include #include @@ -6,12 +6,12 @@ #include #include -#include "common/common/scalar_to_byte_vector.h" -#include "common/common/utility.h" -#include "common/network/application_protocol.h" -#include "common/network/proxy_protocol_filter_state.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_subject_alt_names.h" +#include "source/common/common/scalar_to_byte_vector.h" +#include "source/common/common/utility.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/proxy_protocol_filter_state.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_subject_alt_names.h" namespace Envoy { namespace Network { diff --git a/source/common/network/udp_listener_impl.cc b/source/common/network/udp_listener_impl.cc index 5b5b98b34087..44179ec4b0e5 100644 --- a/source/common/network/udp_listener_impl.cc +++ b/source/common/network/udp_listener_impl.cc @@ -1,4 +1,4 @@ -#include "common/network/udp_listener_impl.h" +#include "source/common/network/udp_listener_impl.h" #include #include @@ -10,13 +10,13 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_error_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_error_impl.h" #include "absl/container/fixed_array.h" #include "event2/listener.h" @@ -75,7 +75,12 @@ void UdpListenerImpl::handleReadCallback() { const Api::IoErrorPtr result = Utility::readPacketsFromSocket( socket_->ioHandle(), *socket_->addressProvider().localAddress(), *this, time_source_, config_.prefer_gro_, packets_dropped_); - // TODO(mattklein123): Handle no error when we limit the number of packets read. + if (result == nullptr) { + // No error. The number of reads was limited by read rate. There are more packets to read. + // Register to read more in the next event loop. + socket_->ioHandle().activateFileEvents(Event::FileReadyType::Read); + return; + } if (result->getErrorCode() != Api::IoError::IoErrorCode::Again) { // TODO(mattklein123): When rate limited logging is implemented log this at error level // on a periodic basis. diff --git a/source/common/network/udp_listener_impl.h b/source/common/network/udp_listener_impl.h index aac7aa1c957d..e6bd28c82ba2 100644 --- a/source/common/network/udp_listener_impl.h +++ b/source/common/network/udp_listener_impl.h @@ -4,10 +4,10 @@ #include "envoy/common/time.h" -#include "common/buffer/buffer_impl.h" -#include "common/event/event_impl_base.h" -#include "common/event/file_event_impl.h" -#include "common/network/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/event/event_impl_base.h" +#include "source/common/event/file_event_impl.h" +#include "source/common/network/utility.h" #include "base_listener_impl.h" @@ -46,6 +46,9 @@ class UdpListenerImpl : public BaseListenerImpl, MonotonicTime receive_time) override; uint64_t maxDatagramSize() const override { return config_.max_rx_datagram_size_; } void onDatagramsDropped(uint32_t dropped) override { cb_.onDatagramsDropped(dropped); } + size_t numPacketsExpectedPerEventLoop() const override { + return cb_.numPacketsExpectedPerEventLoop(); + } protected: void handleWriteCallback(); diff --git a/source/common/network/udp_packet_writer_handler_impl.cc b/source/common/network/udp_packet_writer_handler_impl.cc index 27d499268e28..cb0e8991e0ae 100644 --- a/source/common/network/udp_packet_writer_handler_impl.cc +++ b/source/common/network/udp_packet_writer_handler_impl.cc @@ -1,7 +1,7 @@ -#include "common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { diff --git a/source/common/network/udp_packet_writer_handler_impl.h b/source/common/network/udp_packet_writer_handler_impl.h index 16182d79fb6c..7162195d8583 100644 --- a/source/common/network/udp_packet_writer_handler_impl.h +++ b/source/common/network/udp_packet_writer_handler_impl.h @@ -4,7 +4,7 @@ #include "envoy/network/socket.h" #include "envoy/network/udp_packet_writer_handler.h" -#include "common/network/io_socket_error_impl.h" +#include "source/common/network/io_socket_error_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/upstream_server_name.cc b/source/common/network/upstream_server_name.cc index d4bd93a94dc1..c6bc2559679e 100644 --- a/source/common/network/upstream_server_name.cc +++ b/source/common/network/upstream_server_name.cc @@ -1,6 +1,6 @@ -#include "common/network/upstream_server_name.h" +#include "source/common/network/upstream_server_name.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Network { diff --git a/source/common/network/upstream_socket_options_filter_state.cc b/source/common/network/upstream_socket_options_filter_state.cc index 9ab637f05a34..3ef562748234 100644 --- a/source/common/network/upstream_socket_options_filter_state.cc +++ b/source/common/network/upstream_socket_options_filter_state.cc @@ -1,6 +1,6 @@ -#include "common/network/upstream_socket_options_filter_state.h" +#include "source/common/network/upstream_socket_options_filter_state.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Network { diff --git a/source/common/network/upstream_subject_alt_names.cc b/source/common/network/upstream_subject_alt_names.cc index 341f47e454e2..df8aa9adb184 100644 --- a/source/common/network/upstream_subject_alt_names.cc +++ b/source/common/network/upstream_subject_alt_names.cc @@ -1,6 +1,6 @@ -#include "common/network/upstream_subject_alt_names.h" +#include "source/common/network/upstream_subject_alt_names.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Network { diff --git a/source/common/network/utility.cc b/source/common/network/utility.cc index d30b5770b63e..2ce1aca5d3c5 100644 --- a/source/common/network/utility.cc +++ b/source/common/network/utility.cc @@ -1,4 +1,4 @@ -#include "common/network/utility.h" +#include "source/common/network/utility.h" #include #include @@ -11,18 +11,20 @@ #include "envoy/common/exception.h" #include "envoy/common/platform.h" #include "envoy/config/core/v3/address.pb.h" +#include "envoy/network/address.h" #include "envoy/network/connection.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_error_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/container/fixed_array.h" #include "absl/strings/match.h" @@ -31,6 +33,13 @@ namespace Envoy { namespace Network { +Address::InstanceConstSharedPtr instanceOrNull(StatusOr address) { + if (address.ok()) { + return *address; + } + return nullptr; +} + Address::InstanceConstSharedPtr Utility::resolveUrl(const std::string& url) { if (urlIsTcpScheme(url)) { return parseInternetAddressAndPort(url.substr(TCP_SCHEME.size())); @@ -132,14 +141,15 @@ Address::InstanceConstSharedPtr Utility::parseInternetAddressNoThrow(const std:: if (inet_pton(AF_INET, ip_address.c_str(), &sa4.sin_addr) == 1) { sa4.sin_family = AF_INET; sa4.sin_port = htons(port); - return std::make_shared(&sa4); + return instanceOrNull(Address::InstanceFactory::createInstancePtr(&sa4)); } sockaddr_in6 sa6; memset(&sa6, 0, sizeof(sa6)); if (inet_pton(AF_INET6, ip_address.c_str(), &sa6.sin6_addr) == 1) { sa6.sin6_family = AF_INET6; sa6.sin6_port = htons(port); - return std::make_shared(sa6, v6only); + return instanceOrNull( + Address::InstanceFactory::createInstancePtr(sa6, v6only)); } return nullptr; } @@ -178,7 +188,8 @@ Utility::parseInternetAddressAndPortNoThrow(const std::string& ip_address, bool } sa6.sin6_family = AF_INET6; sa6.sin6_port = htons(port64); - return std::make_shared(sa6, v6only); + return instanceOrNull( + Address::InstanceFactory::createInstancePtr(sa6, v6only)); } // Treat it as an IPv4 address followed by a port. const auto pos = ip_address.rfind(':'); @@ -198,7 +209,7 @@ Utility::parseInternetAddressAndPortNoThrow(const std::string& ip_address, bool } sa4.sin_family = AF_INET; sa4.sin_port = htons(port64); - return std::make_shared(&sa4); + return instanceOrNull(Address::InstanceFactory::createInstancePtr(&sa4)); } Address::InstanceConstSharedPtr Utility::parseInternetAddressAndPort(const std::string& ip_address, @@ -246,7 +257,7 @@ Address::InstanceConstSharedPtr Utility::getLocalAddress(const Address::IpVersio (ifa->ifa_addr->sa_family == AF_INET6 && version == Address::IpVersion::v6)) { const struct sockaddr_storage* addr = reinterpret_cast(ifa->ifa_addr); - ret = Address::addressFromSockAddr( + ret = Address::addressFromSockAddrOrThrow( *addr, (version == Address::IpVersion::v4) ? sizeof(sockaddr_in) : sizeof(sockaddr_in6)); if (!isLoopbackAddress(*ret)) { break; @@ -404,7 +415,8 @@ Address::InstanceConstSharedPtr Utility::getOriginalDst(Socket& sock) { return nullptr; } - return Address::addressFromSockAddr(orig_addr, 0, true /* default for v6 constructor */); + return Address::addressFromSockAddrOrDie(orig_addr, 0, -1, true /* default for v6 constructor */); + #else // TODO(zuercher): determine if connection redirection is possible under macOS (c.f. pfctl and // divert), and whether it's possible to find the learn destination address. @@ -421,7 +433,7 @@ void Utility::parsePortRangeList(absl::string_view string, std::list& uint32_t min = 0; uint32_t max = 0; - if (s.find("-") != std::string::npos) { + if (s.find('-') != std::string::npos) { char dash = 0; ss >> min; ss >> dash; @@ -576,16 +588,16 @@ void passPayloadToProcessor(uint64_t bytes_read, Buffer::InstancePtr buffer, Api::IoCallUint64Result Utility::readFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, - MonotonicTime receive_time, bool prefer_gro, + MonotonicTime receive_time, bool use_gro, uint32_t* packets_dropped) { - if (prefer_gro && handle.supportsUdpGro()) { + if (use_gro) { Buffer::InstancePtr buffer = std::make_unique(); IoHandle::RecvMsgOutput output(1, packets_dropped); // TODO(yugant): Avoid allocating 24k for each read by getting memory from UdpPacketProcessor const uint64_t max_rx_datagram_size_with_gro = - NUM_DATAGRAMS_PER_GRO_RECEIVE * udp_packet_processor.maxDatagramSize(); + NUM_DATAGRAMS_PER_RECEIVE * udp_packet_processor.maxDatagramSize(); ENVOY_LOG_MISC(trace, "starting gro recvmsg with max={}", max_rx_datagram_size_with_gro); Api::IoCallUint64Result result = @@ -635,17 +647,17 @@ Api::IoCallUint64Result Utility::readFromSocket(IoHandle& handle, Buffer::ReservationSingleSlice reservation_; }; constexpr uint32_t num_slices_per_packet = 1u; - absl::InlinedVector buffers; - RawSliceArrays slices(NUM_DATAGRAMS_PER_MMSG_RECEIVE, + absl::InlinedVector buffers; + RawSliceArrays slices(NUM_DATAGRAMS_PER_RECEIVE, absl::FixedArray(num_slices_per_packet)); - for (uint32_t i = 0; i < NUM_DATAGRAMS_PER_MMSG_RECEIVE; i++) { + for (uint32_t i = 0; i < NUM_DATAGRAMS_PER_RECEIVE; i++) { buffers.push_back(max_rx_datagram_size); slices[i][0] = buffers[i].reservation_.slice(); } - IoHandle::RecvMsgOutput output(NUM_DATAGRAMS_PER_MMSG_RECEIVE, packets_dropped); - ENVOY_LOG_MISC(trace, "starting recvmmsg with packets={} max={}", - NUM_DATAGRAMS_PER_MMSG_RECEIVE, max_rx_datagram_size); + IoHandle::RecvMsgOutput output(NUM_DATAGRAMS_PER_RECEIVE, packets_dropped); + ENVOY_LOG_MISC(trace, "starting recvmmsg with packets={} max={}", NUM_DATAGRAMS_PER_RECEIVE, + max_rx_datagram_size); Api::IoCallUint64Result result = handle.recvmmsg(slices, local_address.ip()->port(), output); if (!result.ok()) { return result; @@ -696,11 +708,24 @@ Api::IoErrorPtr Utility::readPacketsFromSocket(IoHandle& handle, UdpPacketProcessor& udp_packet_processor, TimeSource& time_source, bool prefer_gro, uint32_t& packets_dropped) { + // Read at least one time, and attempt to read numPacketsExpectedPerEventLoop() packets unless + // this goes over MAX_NUM_PACKETS_PER_EVENT_LOOP. + size_t num_packets_to_read = std::min( + MAX_NUM_PACKETS_PER_EVENT_LOOP, udp_packet_processor.numPacketsExpectedPerEventLoop()); + const bool use_gro = prefer_gro && handle.supportsUdpGro(); + size_t num_reads = + use_gro ? (num_packets_to_read / NUM_DATAGRAMS_PER_RECEIVE) + : (handle.supportsMmsg() ? (num_packets_to_read / NUM_DATAGRAMS_PER_RECEIVE) + : num_packets_to_read); + // Make sure to read at least once. + num_reads = std::max(1, num_reads); + bool honor_read_limit = + Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit"); do { const uint32_t old_packets_dropped = packets_dropped; const MonotonicTime receive_time = time_source.monotonicTime(); Api::IoCallUint64Result result = Utility::readFromSocket( - handle, local_address, udp_packet_processor, receive_time, prefer_gro, &packets_dropped); + handle, local_address, udp_packet_processor, receive_time, use_gro, &packets_dropped); if (!result.ok()) { // No more to read or encountered a system error. @@ -723,6 +748,12 @@ Api::IoErrorPtr Utility::readPacketsFromSocket(IoHandle& handle, delta); udp_packet_processor.onDatagramsDropped(delta); } + if (honor_read_limit) { + --num_reads; + } + if (num_reads == 0) { + return std::move(result.err_); + } } while (true); } diff --git a/source/common/network/utility.h b/source/common/network/utility.h index 2e58c1d9606b..d042d130071f 100644 --- a/source/common/network/utility.h +++ b/source/common/network/utility.h @@ -61,11 +61,16 @@ class UdpPacketProcessor { * the size of datagrams received, they will be dropped. */ virtual uint64_t maxDatagramSize() const PURE; + + /** + * An estimated number of packets to read in each read event. + */ + virtual size_t numPacketsExpectedPerEventLoop() const PURE; }; static const uint64_t DEFAULT_UDP_MAX_DATAGRAM_SIZE = 1500; -static const uint64_t NUM_DATAGRAMS_PER_GRO_RECEIVE = 16; -static const uint64_t NUM_DATAGRAMS_PER_MMSG_RECEIVE = 16; +static const uint64_t NUM_DATAGRAMS_PER_RECEIVE = 16; +static const uint64_t MAX_NUM_PACKETS_PER_EVENT_LOOP = 6000; /** * Wrapper which resolves UDP socket proto config with defaults. @@ -362,18 +367,20 @@ class Utility { static Api::IoCallUint64Result readFromSocket(IoHandle& handle, const Address::Instance& local_address, UdpPacketProcessor& udp_packet_processor, - MonotonicTime receive_time, bool prefer_gro, + MonotonicTime receive_time, bool use_gro, uint32_t* packets_dropped); /** - * Read available packets from a given UDP socket and pass the packet to a given - * UdpPacketProcessor. + * Read some packets from a given UDP socket and pass the packet to a given + * UdpPacketProcessor. Read no more than MAX_NUM_PACKETS_PER_EVENT_LOOP packets. * @param handle is the UDP socket to read from. * @param local_address is the socket's local address used to populate port. * @param udp_packet_processor is the callback to receive the packets. * @param time_source is the time source used to generate the time stamp of the received packets. * @param prefer_gro supplies whether to use GRO if the OS supports it. * @param packets_dropped is the output parameter for number of packets dropped in kernel. + * Return the io error encountered or nullptr if no io error but read stopped + * because of MAX_NUM_PACKETS_PER_EVENT_LOOP. * * TODO(mattklein123): Allow the number of packets read to be limited for fairness. Currently * this function will always return an error, even if EAGAIN. In the future diff --git a/source/common/network/win32_redirect_records_option_impl.cc b/source/common/network/win32_redirect_records_option_impl.cc index a1dafb5ac845..2786e85df114 100644 --- a/source/common/network/win32_redirect_records_option_impl.cc +++ b/source/common/network/win32_redirect_records_option_impl.cc @@ -1,13 +1,13 @@ -#include "common/network/win32_redirect_records_option_impl.h" +#include "source/common/network/win32_redirect_records_option_impl.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/scalar_to_byte_vector.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/scalar_to_byte_vector.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Network { diff --git a/source/common/network/win32_redirect_records_option_impl.h b/source/common/network/win32_redirect_records_option_impl.h index febf71846f3a..3fbe5f6fc585 100644 --- a/source/common/network/win32_redirect_records_option_impl.h +++ b/source/common/network/win32_redirect_records_option_impl.h @@ -5,8 +5,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/listen_socket.h" -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Network { diff --git a/source/common/profiler/profiler.cc b/source/common/profiler/profiler.cc index b3ef32ca832b..fdf924475121 100644 --- a/source/common/profiler/profiler.cc +++ b/source/common/profiler/profiler.cc @@ -1,4 +1,4 @@ -#include "common/profiler/profiler.h" +#include "source/common/profiler/profiler.h" #include diff --git a/source/common/protobuf/BUILD b/source/common/protobuf/BUILD index d8f3c67a06c9..64bfefa6c003 100644 --- a/source/common/protobuf/BUILD +++ b/source/common/protobuf/BUILD @@ -32,8 +32,8 @@ envoy_cc_library( hdrs = ["message_validator_impl.h"], external_deps = ["protobuf"], deps = [ - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/stats:stats_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/stats:stats_interface", "//source/common/common:documentation_url_lib", "//source/common/common:hash_lib", "//source/common/common:logger_lib", @@ -62,9 +62,9 @@ envoy_cc_library( ":message_validator_lib", ":protobuf", ":well_known_lib", - "//include/envoy/api:api_interface", - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/api:api_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:assert_lib", "//source/common/common:documentation_url_lib", "//source/common/common:hash_lib", diff --git a/source/common/protobuf/message_validator_impl.cc b/source/common/protobuf/message_validator_impl.cc index c486f9d0d4ec..2d9d3dbb334c 100644 --- a/source/common/protobuf/message_validator_impl.cc +++ b/source/common/protobuf/message_validator_impl.cc @@ -1,10 +1,10 @@ -#include "common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/message_validator_impl.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/hash.h" -#include "common/common/macros.h" +#include "source/common/common/assert.h" +#include "source/common/common/hash.h" +#include "source/common/common/macros.h" #include "absl/strings/str_cat.h" diff --git a/source/common/protobuf/message_validator_impl.h b/source/common/protobuf/message_validator_impl.h index 54644f49b843..865fc7e8ee55 100644 --- a/source/common/protobuf/message_validator_impl.h +++ b/source/common/protobuf/message_validator_impl.h @@ -3,8 +3,8 @@ #include "envoy/protobuf/message_validator.h" #include "envoy/stats/stats.h" -#include "common/common/documentation_url.h" -#include "common/common/logger.h" +#include "source/common/common/documentation_url.h" +#include "source/common/common/logger.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/protobuf/utility.cc b/source/common/protobuf/utility.cc index 1dfed5a16171..543e8cf7a99f 100644 --- a/source/common/protobuf/utility.cc +++ b/source/common/protobuf/utility.cc @@ -1,4 +1,4 @@ -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include #include @@ -7,16 +7,16 @@ #include "envoy/protobuf/message_validator.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/assert.h" -#include "common/common/documentation_url.h" -#include "common/common/fmt.h" -#include "common/config/api_type_oracle.h" -#include "common/config/version_converter.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/visitor.h" -#include "common/protobuf/well_known.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/documentation_url.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_type_oracle.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/visitor.h" +#include "source/common/protobuf/well_known.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/match.h" #include "udpa/annotations/sensitive.pb.h" @@ -108,7 +108,9 @@ ProtobufWkt::Value parseYamlNode(const YAML::Node& node) { case YAML::NodeType::Map: { auto& struct_fields = *value.mutable_struct_value()->mutable_fields(); for (const auto& it : node) { - struct_fields[it.first.as()] = parseYamlNode(it.second); + if (it.first.Tag() != "!ignore") { + struct_fields[it.first.as()] = parseYamlNode(it.second); + } } break; } @@ -1056,4 +1058,43 @@ std::string TypeUtil::descriptorFullNameToTypeUrl(absl::string_view type) { return "type.googleapis.com/" + std::string(type); } +void StructUtil::update(ProtobufWkt::Struct& obj, const ProtobufWkt::Struct& with) { + auto& obj_fields = *obj.mutable_fields(); + + for (const auto& [key, val] : with.fields()) { + auto& obj_key = obj_fields[key]; + + // If the types are different, the last one wins. + const auto val_kind = val.kind_case(); + if (val_kind != obj_key.kind_case()) { + obj_key = val; + continue; + } + + // Otherwise, the strategy depends on the value kind. + switch (val.kind_case()) { + // For scalars, the last one wins. + case ProtobufWkt::Value::kNullValue: + case ProtobufWkt::Value::kNumberValue: + case ProtobufWkt::Value::kStringValue: + case ProtobufWkt::Value::kBoolValue: + obj_key = val; + break; + // If we got a structure, recursively update. + case ProtobufWkt::Value::kStructValue: + update(*obj_key.mutable_struct_value(), val.struct_value()); + break; + // For lists, append the new values. + case ProtobufWkt::Value::kListValue: { + auto& obj_key_vec = *obj_key.mutable_list_value()->mutable_values(); + const auto& vals = val.list_value().values(); + obj_key_vec.MergeFrom(vals); + break; + } + case ProtobufWkt::Value::KIND_NOT_SET: + break; + } + } +} + } // namespace Envoy diff --git a/source/common/protobuf/utility.h b/source/common/protobuf/utility.h index cacafc69238a..0ba43337a834 100644 --- a/source/common/protobuf/utility.h +++ b/source/common/protobuf/utility.h @@ -8,12 +8,12 @@ #include "envoy/runtime/runtime.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/hash.h" -#include "common/common/stl_helpers.h" -#include "common/common/utility.h" -#include "common/config/version_converter.h" -#include "common/protobuf/protobuf.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/hash.h" +#include "source/common/common/stl_helpers.h" +#include "source/common/common/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/singleton/const_singleton.h" #include "absl/strings/str_join.h" @@ -665,6 +665,25 @@ class TimestampUtil { ProtobufWkt::Timestamp& timestamp); }; +class StructUtil { +public: + /** + * Recursively updates in-place a protobuf structure with keys from another + * object. + * + * The merging strategy is the following. If a key from \p other does not + * exists, it's just copied into \p obj. If the key exists but has a + * different type, it is replaced by the new value. Otherwise: + * - for scalar values (null, string, number, boolean) are replaced with the new value + * - for lists: new values are added to the current list + * - for structures: recursively apply this scheme + * + * @param obj the object to update in-place + * @param with the object to update \p obj with + */ + static void update(ProtobufWkt::Struct& obj, const ProtobufWkt::Struct& with); +}; + } // namespace Envoy namespace std { diff --git a/source/common/protobuf/visitor.cc b/source/common/protobuf/visitor.cc index d978f964ff0f..ed6d0b6857d9 100644 --- a/source/common/protobuf/visitor.cc +++ b/source/common/protobuf/visitor.cc @@ -1,4 +1,4 @@ -#include "common/protobuf/visitor.h" +#include "source/common/protobuf/visitor.h" namespace Envoy { namespace ProtobufMessage { diff --git a/source/common/protobuf/visitor.h b/source/common/protobuf/visitor.h index 93ec07af93b7..129f5e52d474 100644 --- a/source/common/protobuf/visitor.h +++ b/source/common/protobuf/visitor.h @@ -1,6 +1,6 @@ #pragma once -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace ProtobufMessage { diff --git a/source/common/quic/BUILD b/source/common/quic/BUILD index ba0c0401ea00..435a1ac486b9 100644 --- a/source/common/quic/BUILD +++ b/source/common/quic/BUILD @@ -18,8 +18,8 @@ envoy_cc_library( external_deps = ["quiche_quic_platform"], tags = ["nofips"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", "@com_googlesource_quiche//:quic_core_alarm_lib", "@com_googlesource_quiche//:quic_core_clock_lib", ], @@ -51,6 +51,19 @@ envoy_cc_library( ], ) +envoy_cc_library( + name = "quic_stat_names_lib", + srcs = ["quic_stat_names.cc"], + hdrs = ["quic_stat_names.h"], + tags = ["nofips"], + deps = [ + "//envoy/stats:stats_interface", + "//source/common/stats:symbol_table_lib", + "@com_googlesource_quiche//:quic_core_error_codes_lib", + "@com_googlesource_quiche//:quic_core_types_lib", + ], +) + envoy_cc_library( name = "envoy_quic_proof_source_base_lib", srcs = ["envoy_quic_proof_source_base.cc"], @@ -78,7 +91,7 @@ envoy_cc_library( ":envoy_quic_utils_lib", ":quic_io_handle_wrapper_lib", ":quic_transport_socket_factory_lib", - "//include/envoy/ssl:tls_certificate_config_interface", + "//envoy/ssl:tls_certificate_config_interface", "//source/server:connection_handler_lib", "@com_googlesource_quiche//:quic_core_crypto_certificate_view_lib", ], @@ -141,8 +154,8 @@ envoy_cc_library( ":envoy_quic_utils_lib", ":quic_filter_manager_connection_lib", ":send_buffer_monitor_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:codec_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:codec_interface", "//source/common/http:codec_helper_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -162,9 +175,10 @@ envoy_cc_library( ":envoy_quic_server_session_lib", ":envoy_quic_session_cache_lib", ":envoy_quic_utils_lib", - "//include/envoy/http:codec_interface", - "//include/envoy/registry", + "//envoy/http:codec_interface", + "//envoy/registry", "//source/common/http/http3:quic_client_connection_factory_lib", + "//source/extensions/quic/crypto_stream:envoy_quic_crypto_client_stream_lib", "//source/extensions/transport_sockets/tls:ssl_socket_lib", "@com_googlesource_quiche//:quic_core_http_spdy_session_lib", ], @@ -179,8 +193,8 @@ envoy_cc_library( ":envoy_quic_client_session_lib", ":envoy_quic_server_session_lib", ":envoy_quic_utils_lib", - "//include/envoy/http:codec_interface", - "//include/envoy/registry", + "//envoy/http:codec_interface", + "//envoy/registry", "@com_googlesource_quiche//:quic_core_http_spdy_session_lib", ], ) @@ -194,8 +208,8 @@ envoy_cc_library( ":envoy_quic_simulated_watermark_buffer_lib", ":quic_network_connection_lib", ":send_buffer_monitor_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -219,11 +233,13 @@ envoy_cc_library( ], tags = ["nofips"], deps = [ + ":envoy_quic_crypto_stream_factory_lib", ":envoy_quic_proof_source_lib", ":envoy_quic_server_connection_lib", ":envoy_quic_stream_lib", ":envoy_quic_utils_lib", ":quic_filter_manager_connection_lib", + ":quic_stat_names_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", @@ -245,6 +261,7 @@ envoy_cc_library( tags = ["nofips"], deps = [ ":envoy_quic_client_connection_lib", + ":envoy_quic_crypto_stream_factory_lib", ":envoy_quic_stream_lib", ":envoy_quic_utils_lib", ":quic_filter_manager_connection_lib", @@ -262,7 +279,7 @@ envoy_cc_library( name = "quic_io_handle_wrapper_lib", hdrs = ["quic_io_handle_wrapper.h"], deps = [ - "//include/envoy/network:io_handle_interface", + "//envoy/network:io_handle_interface", "//source/common/network:io_socket_error_lib", ], ) @@ -273,7 +290,7 @@ envoy_cc_library( hdrs = ["quic_network_connection.h"], tags = ["nofips"], deps = [ - "//include/envoy/network:connection_interface", + "//envoy/network:connection_interface", "//source/common/network:listen_socket_lib", ], ) @@ -300,7 +317,7 @@ envoy_cc_library( deps = [ ":envoy_quic_packet_writer_lib", ":quic_network_connection_lib", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/network:socket_option_factory_lib", "//source/common/network:udp_packet_writer_handler_lib", "@com_googlesource_quiche//:quic_core_connection_lib", @@ -314,10 +331,12 @@ envoy_cc_library( hdrs = ["envoy_quic_dispatcher.h"], tags = ["nofips"], deps = [ + ":envoy_quic_crypto_stream_factory_lib", ":envoy_quic_proof_source_lib", ":envoy_quic_server_connection_lib", ":envoy_quic_server_session_lib", - "//include/envoy/network:listener_interface", + ":quic_stat_names_lib", + "//envoy/network:listener_interface", "//source/server:connection_handler_lib", "@com_googlesource_quiche//:quic_core_server_lib", "@com_googlesource_quiche//:quic_core_utils_lib", @@ -340,14 +359,17 @@ envoy_cc_library( ":envoy_quic_connection_helper_lib", ":envoy_quic_dispatcher_lib", ":envoy_quic_packet_writer_lib", + ":envoy_quic_proof_source_factory_interface", ":envoy_quic_proof_source_lib", ":envoy_quic_utils_lib", - "//include/envoy/network:listener_interface", + "//envoy/network:listener_interface", "//source/common/network:listener_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/server:connection_handler_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/quic/crypto_stream/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/quic/proof_source/v3:pkg_cc_proto", ], ) @@ -361,7 +383,7 @@ envoy_cc_library( ], tags = ["nofips"], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/network:address_lib", @@ -381,9 +403,9 @@ envoy_cc_library( hdrs = ["quic_transport_socket_factory.h"], tags = ["nofips"], deps = [ - "//include/envoy/network:transport_socket_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:context_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:context_config_interface", "//source/common/common:assert_lib", "//source/extensions/transport_sockets/tls:context_config_lib", "//source/extensions/transport_sockets/tls:ssl_socket_lib", @@ -405,6 +427,8 @@ envoy_cc_library( "//conditions:default": [ ":codec_lib", ":quic_transport_socket_factory_lib", + "//source/extensions/quic/crypto_stream:envoy_quic_crypto_server_stream_lib", + "//source/extensions/quic/proof_source:envoy_quic_proof_source_factory_impl_lib", ], }), ) @@ -432,7 +456,7 @@ envoy_cc_library( tags = ["nofips"], deps = [ ":envoy_quic_utils_lib", - "//include/envoy/network:udp_packet_writer_handler_interface", + "//envoy/network:udp_packet_writer_handler_interface", "//source/common/network:io_socket_error_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", @@ -449,3 +473,24 @@ envoy_cc_library( "@com_googlesource_quiche//:quic_core_session_lib", ], ) + +envoy_cc_library( + name = "envoy_quic_crypto_stream_factory_lib", + hdrs = ["envoy_quic_crypto_stream_factory.h"], + tags = ["nofips"], + deps = [ + "//envoy/config:typed_config_interface", + "@com_googlesource_quiche//:quic_core_http_spdy_session_lib", + ], +) + +envoy_cc_library( + name = "envoy_quic_proof_source_factory_interface", + hdrs = ["envoy_quic_proof_source_factory_interface.h"], + tags = ["nofips"], + deps = [ + "//envoy/config:typed_config_interface", + "//source/server:connection_handler_lib", + "@com_googlesource_quiche//:quic_core_crypto_proof_source_lib", + ], +) diff --git a/source/common/quic/active_quic_listener.cc b/source/common/quic/active_quic_listener.cc index ff1f8d2c6462..f8389c5a54b6 100644 --- a/source/common/quic/active_quic_listener.cc +++ b/source/common/quic/active_quic_listener.cc @@ -1,4 +1,4 @@ -#include "common/quic/active_quic_listener.h" +#include "source/common/quic/active_quic_listener.h" #include "envoy/network/exception.h" @@ -8,16 +8,20 @@ #include -#include "common/http/utility.h" -#include "common/network/socket_option_impl.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_dispatcher.h" -#include "common/quic/envoy_quic_packet_writer.h" -#include "common/quic/envoy_quic_proof_source.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/runtime/runtime_features.h" +#include "source/common/http/utility.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_dispatcher.h" +#include "source/common/quic/envoy_quic_packet_writer.h" +#include "source/common/quic/envoy_quic_proof_source.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/config/utility.h" +#include "source/common/quic/quic_network_connection.h" +#include "source/common/runtime/runtime_features.h" +#include "envoy/extensions/quic/crypto_stream/v3/crypto_stream.pb.h" +#include "envoy/extensions/quic/proof_source/v3/proof_source.pb.h" namespace Envoy { namespace Quic { @@ -26,17 +30,25 @@ ActiveQuicListener::ActiveQuicListener( uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::UdpConnectionHandler& parent, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, - bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled) + bool kernel_worker_routing, const envoy::config::core::v3::RuntimeFeatureFlag& enabled, + QuicStatNames& quic_stat_names, uint32_t packets_received_to_connection_count_ratio, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + EnvoyQuicProofSourceFactoryInterface& proof_source_factory) : ActiveQuicListener(worker_index, concurrency, dispatcher, parent, listener_config.listenSocketFactory().getListenSocket(), listener_config, - quic_config, std::move(options), kernel_worker_routing, enabled) {} + quic_config, std::move(options), kernel_worker_routing, enabled, + quic_stat_names, packets_received_to_connection_count_ratio, + crypto_server_stream_factory, proof_source_factory) {} ActiveQuicListener::ActiveQuicListener( uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::UdpConnectionHandler& parent, Network::SocketSharedPtr listen_socket, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, - const envoy::config::core::v3::RuntimeFeatureFlag& enabled) + const envoy::config::core::v3::RuntimeFeatureFlag& enabled, QuicStatNames& quic_stat_names, + uint32_t packets_to_read_to_connection_count_ratio, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + EnvoyQuicProofSourceFactoryInterface& proof_source_factory) : Server::ActiveUdpListenerBase( worker_index, concurrency, parent, *listen_socket, dispatcher.createUdpListener( @@ -44,7 +56,9 @@ ActiveQuicListener::ActiveQuicListener( listener_config.udpListenerConfig()->config().downstream_socket_config()), &listener_config), dispatcher_(dispatcher), version_manager_(quic::CurrentSupportedVersions()), - kernel_worker_routing_(kernel_worker_routing) { + kernel_worker_routing_(kernel_worker_routing), + packets_to_read_to_connection_count_ratio_(packets_to_read_to_connection_count_ratio), + crypto_server_stream_factory_(crypto_server_stream_factory) { // This flag fix a QUICHE issue which may crash Envoy during connection close. SetQuicReloadableFlag(quic_single_ack_in_packet2, true); // Do not include 32-byte per-entry overhead while counting header size. @@ -71,8 +85,8 @@ ActiveQuicListener::ActiveQuicListener( crypto_config_ = std::make_unique( absl::string_view(reinterpret_cast(random_seed_), sizeof(random_seed_)), quic::QuicRandom::GetInstance(), - std::make_unique(listen_socket_, listener_config.filterChainManager(), - stats_), + proof_source_factory.createQuicProofSource(listen_socket_, + listener_config.filterChainManager(), stats_), quic::KeyExchangeSource::Default()); auto connection_helper = std::make_unique(dispatcher_); crypto_config_->AddDefaultConfig(random, connection_helper->GetClock(), @@ -82,7 +96,8 @@ ActiveQuicListener::ActiveQuicListener( quic_dispatcher_ = std::make_unique( crypto_config_.get(), quic_config, &version_manager_, std::move(connection_helper), std::move(alarm_factory), quic::kQuicDefaultConnectionIdLength, parent, *config_, stats_, - per_worker_stats_, dispatcher, listen_socket_); + per_worker_stats_, dispatcher, listen_socket_, quic_stat_names, + crypto_server_stream_factory_); // Create udp_packet_writer Network::UdpPacketWriterPtr udp_packet_writer = @@ -215,9 +230,19 @@ uint32_t ActiveQuicListener::destination(const Network::UdpRecvData& data) const return connection_id_snippet % concurrency_; } +size_t ActiveQuicListener::numPacketsExpectedPerEventLoop() const { + // Expect each session to read packets_to_read_to_connection_count_ratio_ number of packets in + // this read event. + return quic_dispatcher_->NumSessions() * packets_to_read_to_connection_count_ratio_; +} + ActiveQuicListenerFactory::ActiveQuicListenerFactory( - const envoy::config::listener::v3::QuicProtocolOptions& config, uint32_t concurrency) - : concurrency_(concurrency), enabled_(config.enabled()) { + const envoy::config::listener::v3::QuicProtocolOptions& config, uint32_t concurrency, + QuicStatNames& quic_stat_names) + : concurrency_(concurrency), enabled_(config.enabled()), quic_stat_names_(quic_stat_names), + packets_to_read_to_connection_count_ratio_( + PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, packets_to_read_to_connection_count_ratio, + DEFAULT_PACKETS_TO_READ_PER_CONNECTION)) { uint64_t idle_network_timeout_ms = config.has_idle_timeout() ? DurationUtil::durationToMilliseconds(config.idle_timeout()) : 300000; @@ -234,6 +259,32 @@ ActiveQuicListenerFactory::ActiveQuicListenerFactory( quic_config_.SetMaxBidirectionalStreamsToSend(max_streams); quic_config_.SetMaxUnidirectionalStreamsToSend(max_streams); configQuicInitialFlowControlWindow(config.quic_protocol_options(), quic_config_); + + // Initialize crypto stream factory. + envoy::config::core::v3::TypedExtensionConfig crypto_stream_config; + if (!config.has_crypto_stream_config()) { + // If not specified, use the quic crypto stream created by QUICHE. + crypto_stream_config.set_name("envoy.quic.crypto_stream.server.quiche"); + envoy::extensions::quic::crypto_stream::v3::CryptoServerStreamConfig empty_crypto_stream_config; + crypto_stream_config.mutable_typed_config()->PackFrom(empty_crypto_stream_config); + } else { + crypto_stream_config = config.crypto_stream_config(); + } + crypto_server_stream_factory_ = + Config::Utility::getAndCheckFactory( + crypto_stream_config); + + // Initialize proof source factory. + envoy::config::core::v3::TypedExtensionConfig proof_source_config; + if (!config.has_proof_source_config()) { + proof_source_config.set_name("envoy.quic.proof_source.filter_chain"); + envoy::extensions::quic::proof_source::v3::ProofSourceConfig empty_proof_source_config; + proof_source_config.mutable_typed_config()->PackFrom(empty_proof_source_config); + } else { + proof_source_config = config.proof_source_config(); + } + proof_source_factory_ = Config::Utility::getAndCheckFactory( + proof_source_config); } Network::ConnectionHandler::ActiveUdpListenerPtr ActiveQuicListenerFactory::createActiveUdpListener( @@ -300,10 +351,12 @@ Network::ConnectionHandler::ActiveUdpListenerPtr ActiveQuicListenerFactory::crea } #endif - return std::make_unique(worker_index, concurrency_, disptacher, parent, - config, quic_config_, std::move(options), - kernel_worker_routing, enabled_); -} // namespace Quic + ASSERT(crypto_server_stream_factory_.has_value()); + return std::make_unique( + worker_index, concurrency_, disptacher, parent, config, quic_config_, std::move(options), + kernel_worker_routing, enabled_, quic_stat_names_, packets_to_read_to_connection_count_ratio_, + crypto_server_stream_factory_.value(), proof_source_factory_.value()); +} } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/active_quic_listener.h b/source/common/quic/active_quic_listener.h index fb3f1b78cf4c..39ff028a22fd 100644 --- a/source/common/quic/active_quic_listener.h +++ b/source/common/quic/active_quic_listener.h @@ -6,12 +6,12 @@ #include "envoy/network/socket.h" #include "envoy/runtime/runtime.h" -#include "common/protobuf/utility.h" -#include "common/quic/envoy_quic_dispatcher.h" -#include "common/runtime/runtime_protos.h" - -#include "server/active_udp_listener.h" -#include "server/connection_handler_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/quic/envoy_quic_dispatcher.h" +#include "source/common/quic/envoy_quic_proof_source_factory_interface.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/server/active_udp_listener.h" +#include "source/server/connection_handler_impl.h" namespace Envoy { namespace Quic { @@ -28,13 +28,21 @@ class ActiveQuicListener : public Envoy::Server::ActiveUdpListenerBase, Network::UdpConnectionHandler& parent, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, - const envoy::config::core::v3::RuntimeFeatureFlag& enabled); + const envoy::config::core::v3::RuntimeFeatureFlag& enabled, + QuicStatNames& quic_stat_names, + uint32_t packets_to_read_to_connection_count_ratio, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + EnvoyQuicProofSourceFactoryInterface& proof_source_factory); ActiveQuicListener(uint32_t worker_index, uint32_t concurrency, Event::Dispatcher& dispatcher, Network::UdpConnectionHandler& parent, Network::SocketSharedPtr listen_socket, Network::ListenerConfig& listener_config, const quic::QuicConfig& quic_config, Network::Socket::OptionsSharedPtr options, bool kernel_worker_routing, - const envoy::config::core::v3::RuntimeFeatureFlag& enabled); + const envoy::config::core::v3::RuntimeFeatureFlag& enabled, + QuicStatNames& quic_stat_names, + uint32_t packets_to_read_to_connection_count_ratio, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + EnvoyQuicProofSourceFactoryInterface& proof_source_factory); ~ActiveQuicListener() override; @@ -52,6 +60,7 @@ class ActiveQuicListener : public Envoy::Server::ActiveUdpListenerBase, Network::UdpPacketWriter& udpPacketWriter() override { return *udp_packet_writer_; } void onDataWorker(Network::UdpRecvData&& data) override; uint32_t destination(const Network::UdpRecvData& data) const override; + size_t numPacketsExpectedPerEventLoop() const override; // ActiveListenerImplBase void pauseListening() override; @@ -73,6 +82,8 @@ class ActiveQuicListener : public Envoy::Server::ActiveUdpListenerBase, // The number of runs of the event loop in which at least one CHLO was buffered. // TODO(ggreenway): Consider making this a published stat, or some variation of this information. uint64_t event_loops_with_buffered_chlo_for_test_{0}; + uint32_t packets_to_read_to_connection_count_ratio_; + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory_; }; using ActiveQuicListenerPtr = std::unique_ptr; @@ -82,7 +93,7 @@ class ActiveQuicListenerFactory : public Network::ActiveUdpListenerFactory, Logger::Loggable { public: ActiveQuicListenerFactory(const envoy::config::listener::v3::QuicProtocolOptions& config, - uint32_t concurrency); + uint32_t concurrency, QuicStatNames& quic_stat_names); // Network::ActiveUdpListenerFactory. Network::ConnectionHandler::ActiveUdpListenerPtr @@ -93,10 +104,16 @@ class ActiveQuicListenerFactory : public Network::ActiveUdpListenerFactory, private: friend class ActiveQuicListenerFactoryPeer; + absl::optional> + crypto_server_stream_factory_; + absl::optional> + proof_source_factory_; quic::QuicConfig quic_config_; const uint32_t concurrency_; absl::once_flag install_bpf_once_; envoy::config::core::v3::RuntimeFeatureFlag enabled_; + QuicStatNames& quic_stat_names_; + const uint32_t packets_to_read_to_connection_count_ratio_; }; } // namespace Quic diff --git a/source/common/quic/client_connection_factory_impl.cc b/source/common/quic/client_connection_factory_impl.cc index 829ea0ddc67e..e8af0afeb2d5 100644 --- a/source/common/quic/client_connection_factory_impl.cc +++ b/source/common/quic/client_connection_factory_impl.cc @@ -1,7 +1,7 @@ -#include "common/quic/client_connection_factory_impl.h" +#include "source/common/quic/client_connection_factory_impl.h" -#include "common/quic/envoy_quic_session_cache.h" -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/envoy_quic_session_cache.h" +#include "source/common/quic/quic_transport_socket_factory.h" namespace Envoy { namespace Quic { @@ -42,11 +42,13 @@ std::shared_ptr PersistentQuicInfoImpl::cryptoConf PersistentQuicInfoImpl::PersistentQuicInfoImpl( Event::Dispatcher& dispatcher, Network::TransportSocketFactory& transport_socket_factory, - TimeSource& time_source, Network::Address::InstanceConstSharedPtr server_addr) + TimeSource& time_source, Network::Address::InstanceConstSharedPtr server_addr, + const quic::QuicConfig& quic_config, uint32_t buffer_limit) : conn_helper_(dispatcher), alarm_factory_(dispatcher, *conn_helper_.GetClock()), server_id_{getConfig(transport_socket_factory).serverNameIndication(), static_cast(server_addr->ip()->port()), false}, - transport_socket_factory_(transport_socket_factory), time_source_(time_source) { + transport_socket_factory_(transport_socket_factory), time_source_(time_source), + quic_config_(quic_config), buffer_limit_(buffer_limit) { quiche::FlagRegistry::getInstance(); } @@ -69,12 +71,10 @@ createQuicNetworkConnection(Http::PersistentQuicInfo& info, Event::Dispatcher& d ASSERT(!info_impl->supported_versions_.empty()); // QUICHE client session always use the 1st version to start handshake. - // TODO(alyssawilk) pass in ClusterInfo::perConnectionBufferLimitBytes() for - // send_buffer_limit instead of using 0. auto ret = std::make_unique( info_impl->quic_config_, info_impl->supported_versions_, std::move(connection), info_impl->server_id_, std::move(config), &info_impl->push_promise_index_, dispatcher, - /*send_buffer_limit=*/0); + info_impl->buffer_limit_, info_impl->crypto_stream_factory_); return ret; } diff --git a/source/common/quic/client_connection_factory_impl.h b/source/common/quic/client_connection_factory_impl.h index ad8334589af3..269d4bb18073 100644 --- a/source/common/quic/client_connection_factory_impl.h +++ b/source/common/quic/client_connection_factory_impl.h @@ -1,13 +1,13 @@ #pragma once -#include "common/http/http3/quic_client_connection_factory.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_client_session.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_proof_verifier.h" -#include "common/quic/envoy_quic_utils.h" - -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/http/http3/quic_client_connection_factory.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_proof_verifier.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "quiche/quic/core/http/quic_client_push_promise_index.h" #include "quiche/quic/core/quic_utils.h" @@ -20,7 +20,8 @@ struct PersistentQuicInfoImpl : public Http::PersistentQuicInfo { PersistentQuicInfoImpl(Event::Dispatcher& dispatcher, Network::TransportSocketFactory& transport_socket_factory, TimeSource& time_source, - Network::Address::InstanceConstSharedPtr server_addr); + Network::Address::InstanceConstSharedPtr server_addr, + const quic::QuicConfig& quic_config, uint32_t buffer_limit); // Returns the most recent crypto config from transport_socket_factory_; std::shared_ptr cryptoConfig(); @@ -40,11 +41,14 @@ struct PersistentQuicInfoImpl : public Http::PersistentQuicInfo { // If client context changes, client config will be updated as well. std::shared_ptr client_config_; const quic::ParsedQuicVersionVector supported_versions_{quic::CurrentSupportedVersions()}; - // TODO(alyssawilk) actually set this up properly. quic::QuicConfig quic_config_; + // The cluster buffer limits. + const uint32_t buffer_limit_; // This arguably should not be shared across connections but as Envoy doesn't // support push promise it's really moot point. quic::QuicClientPushPromiseIndex push_promise_index_; + // Hard code with the default crypto stream as there's no pluggable crypto for upstream Envoy. + EnvoyQuicCryptoClientStreamFactoryImpl crypto_stream_factory_; }; std::unique_ptr diff --git a/source/common/quic/codec_impl.cc b/source/common/quic/codec_impl.cc index 6ec3c355e023..546ea7ee0c19 100644 --- a/source/common/quic/codec_impl.cc +++ b/source/common/quic/codec_impl.cc @@ -1,7 +1,7 @@ -#include "common/quic/codec_impl.h" +#include "source/common/quic/codec_impl.h" -#include "common/quic/envoy_quic_client_stream.h" -#include "common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/envoy_quic_client_stream.h" +#include "source/common/quic/envoy_quic_server_stream.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/codec_impl.h b/source/common/quic/codec_impl.h index 1dca7b65931a..7faed7d94136 100644 --- a/source/common/quic/codec_impl.h +++ b/source/common/quic/codec_impl.h @@ -3,10 +3,10 @@ #include "envoy/http/codec.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/quic/envoy_quic_client_session.h" -#include "common/quic/envoy_quic_server_session.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_server_session.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_alarm.cc b/source/common/quic/envoy_quic_alarm.cc index a5c123be556f..780a3cbfcf11 100644 --- a/source/common/quic/envoy_quic_alarm.cc +++ b/source/common/quic/envoy_quic_alarm.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_alarm.h" +#include "source/common/quic/envoy_quic_alarm.h" #include diff --git a/source/common/quic/envoy_quic_alarm.h b/source/common/quic/envoy_quic_alarm.h index ec56eafa6fff..fdbdc2031716 100644 --- a/source/common/quic/envoy_quic_alarm.h +++ b/source/common/quic/envoy_quic_alarm.h @@ -3,7 +3,7 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "quiche/quic/core/quic_alarm.h" #include "quiche/quic/core/quic_clock.h" diff --git a/source/common/quic/envoy_quic_alarm_factory.cc b/source/common/quic/envoy_quic_alarm_factory.cc index 8f285650ece2..865370c355da 100644 --- a/source/common/quic/envoy_quic_alarm_factory.cc +++ b/source/common/quic/envoy_quic_alarm_factory.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_alarm_factory.h b/source/common/quic/envoy_quic_alarm_factory.h index 8a185b0c6d23..ca491b2005ec 100644 --- a/source/common/quic/envoy_quic_alarm_factory.h +++ b/source/common/quic/envoy_quic_alarm_factory.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/non_copyable.h" -#include "common/quic/envoy_quic_alarm.h" +#include "source/common/common/non_copyable.h" +#include "source/common/quic/envoy_quic_alarm.h" #if defined(__GNUC__) #pragma GCC diagnostic push diff --git a/source/common/quic/envoy_quic_client_connection.cc b/source/common/quic/envoy_quic_client_connection.cc index c9046d45b73a..18221eb9bb35 100644 --- a/source/common/quic/envoy_quic_client_connection.cc +++ b/source/common/quic/envoy_quic_client_connection.cc @@ -1,14 +1,14 @@ -#include "common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/envoy_quic_client_connection.h" #include #include "envoy/config/core/v3/base.pb.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/quic/envoy_quic_packet_writer.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/quic/envoy_quic_packet_writer.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { @@ -74,7 +74,8 @@ uint64_t EnvoyQuicClientConnection::maxDatagramSize() const { return Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE; } -void EnvoyQuicClientConnection::setUpConnectionSocket() { +void EnvoyQuicClientConnection::setUpConnectionSocket(OptRef delegate) { + delegate_ = delegate; if (connectionSocket()->ioHandle().isOpen()) { connectionSocket()->ioHandle().initializeFileEvent( dispatcher_, [this](uint32_t events) -> void { onFileEvent(events); }, @@ -97,10 +98,19 @@ void EnvoyQuicClientConnection::switchConnectionSocket( Network::ConnectionSocketPtr&& connection_socket) { auto writer = std::make_unique( std::make_unique(connection_socket->ioHandle())); + quic::QuicSocketAddress self_address = + envoyIpAddressToQuicSocketAddress(connection_socket->addressProvider().localAddress()->ip()); + quic::QuicSocketAddress peer_address = + envoyIpAddressToQuicSocketAddress(connection_socket->addressProvider().remoteAddress()->ip()); + // The old socket is closed in this call. setConnectionSocket(std::move(connection_socket)); - setUpConnectionSocket(); - SetQuicPacketWriter(writer.release(), true); + setUpConnectionSocket(delegate_); + if (connection_migration_use_new_cid()) { + MigratePath(self_address, peer_address, writer.release(), true); + } else { + SetQuicPacketWriter(writer.release(), true); + } } void EnvoyQuicClientConnection::onFileEvent(uint32_t events) { @@ -119,7 +129,10 @@ void EnvoyQuicClientConnection::onFileEvent(uint32_t events) { Api::IoErrorPtr err = Network::Utility::readPacketsFromSocket( connectionSocket()->ioHandle(), *connectionSocket()->addressProvider().localAddress(), *this, dispatcher_.timeSource(), true, packets_dropped_); - // TODO(danzh): Handle no error when we limit the number of packets read. + if (err == nullptr) { + connectionSocket()->ioHandle().activateFileEvents(Event::FileReadyType::Read); + return; + } if (err->getErrorCode() != Api::IoError::IoErrorCode::Again) { ENVOY_CONN_LOG(error, "recvmsg result {}: {}", *this, static_cast(err->getErrorCode()), err->getErrorDetails()); diff --git a/source/common/quic/envoy_quic_client_connection.h b/source/common/quic/envoy_quic_client_connection.h index dc3587a3b05c..f0cc8db28aba 100644 --- a/source/common/quic/envoy_quic_client_connection.h +++ b/source/common/quic/envoy_quic_client_connection.h @@ -2,9 +2,9 @@ #include "envoy/event/dispatcher.h" -#include "common/network/utility.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_network_connection.h" +#include "source/common/network/utility.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_network_connection.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -21,6 +21,13 @@ namespace Envoy { namespace Quic { +class PacketsToReadDelegate { +public: + virtual ~PacketsToReadDelegate() = default; + + virtual size_t numPacketsExpectedPerEventLoop() PURE; +}; + // A client QuicConnection instance managing its own file events. class EnvoyQuicClientConnection : public quic::QuicConnection, public QuicNetworkConnection, @@ -53,9 +60,15 @@ class EnvoyQuicClientConnection : public quic::QuicConnection, void onDatagramsDropped(uint32_t) override { // TODO(mattklein123): Emit a stat for this. } + size_t numPacketsExpectedPerEventLoop() const override { + if (delegate_.has_value()) { + return delegate_.value().get().numPacketsExpectedPerEventLoop(); + } + return DEFAULT_PACKETS_TO_READ_PER_CONNECTION; + } // Register file event and apply socket options. - void setUpConnectionSocket(); + void setUpConnectionSocket(OptRef delegate); // Switch underlying socket with the given one. This is used in connection migration. void switchConnectionSocket(Network::ConnectionSocketPtr&& connection_socket); @@ -70,6 +83,7 @@ class EnvoyQuicClientConnection : public quic::QuicConnection, void onFileEvent(uint32_t events); + OptRef delegate_; uint32_t packets_dropped_{0}; Event::Dispatcher& dispatcher_; }; diff --git a/source/common/quic/envoy_quic_client_session.cc b/source/common/quic/envoy_quic_client_session.cc index 0763a5f00932..6525b085bca1 100644 --- a/source/common/quic/envoy_quic_client_session.cc +++ b/source/common/quic/envoy_quic_client_session.cc @@ -1,6 +1,6 @@ -#include "common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_client_session.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { @@ -10,12 +10,13 @@ EnvoyQuicClientSession::EnvoyQuicClientSession( std::unique_ptr connection, const quic::QuicServerId& server_id, std::shared_ptr crypto_config, quic::QuicClientPushPromiseIndex* push_promise_index, Event::Dispatcher& dispatcher, - uint32_t send_buffer_limit) + uint32_t send_buffer_limit, EnvoyQuicCryptoClientStreamFactoryInterface& crypto_stream_factory) : QuicFilterManagerConnectionImpl(*connection, connection->connection_id(), dispatcher, send_buffer_limit), quic::QuicSpdyClientSession(config, supported_versions, connection.release(), server_id, crypto_config.get(), push_promise_index), - host_name_(server_id.host()), crypto_config_(crypto_config) {} + host_name_(server_id.host()), crypto_config_(crypto_config), + crypto_stream_factory_(crypto_stream_factory) {} EnvoyQuicClientSession::~EnvoyQuicClientSession() { ASSERT(!connection()->connected()); @@ -25,7 +26,7 @@ EnvoyQuicClientSession::~EnvoyQuicClientSession() { absl::string_view EnvoyQuicClientSession::requestedServerName() const { return host_name_; } void EnvoyQuicClientSession::connect() { - dynamic_cast(network_connection_)->setUpConnectionSocket(); + dynamic_cast(network_connection_)->setUpConnectionSocket(*this); // Start version negotiation and crypto handshake during which the connection may fail if server // doesn't support the one and only supported version. CryptoConnect(); @@ -34,7 +35,7 @@ void EnvoyQuicClientSession::connect() { void EnvoyQuicClientSession::OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { quic::QuicSpdyClientSession::OnConnectionClosed(frame, source); - onConnectionCloseEvent(frame, source); + onConnectionCloseEvent(frame, source, version()); } void EnvoyQuicClientSession::Initialize() { @@ -129,5 +130,11 @@ size_t EnvoyQuicClientSession::WriteHeadersOnHeadersStream( precedence, ack_listener); } +std::unique_ptr EnvoyQuicClientSession::CreateQuicCryptoStream() { + return crypto_stream_factory_.createEnvoyQuicCryptoClientStream( + server_id(), this, crypto_config()->proof_verifier()->CreateDefaultContext(), crypto_config(), + this, /*has_application_state = */ version().UsesHttp3()); +} + } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/envoy_quic_client_session.h b/source/common/quic/envoy_quic_client_session.h index c4fe12ffd706..955dbe0ef40f 100644 --- a/source/common/quic/envoy_quic_client_session.h +++ b/source/common/quic/envoy_quic_client_session.h @@ -13,9 +13,10 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_client_stream.h" -#include "common/quic/envoy_quic_client_connection.h" -#include "common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/envoy_quic_client_stream.h" +#include "source/common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/envoy_quic_crypto_stream_factory.h" namespace Envoy { namespace Quic { @@ -27,7 +28,8 @@ namespace Quic { // move FilterManager interface to EnvoyQuicServerSession. class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, public quic::QuicSpdyClientSession, - public Network::ClientConnection { + public Network::ClientConnection, + public PacketsToReadDelegate { public: EnvoyQuicClientSession(const quic::QuicConfig& config, const quic::ParsedQuicVersionVector& supported_versions, @@ -35,7 +37,8 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, const quic::QuicServerId& server_id, std::shared_ptr crypto_config, quic::QuicClientPushPromiseIndex* push_promise_index, - Event::Dispatcher& dispatcher, uint32_t send_buffer_limit); + Event::Dispatcher& dispatcher, uint32_t send_buffer_limit, + EnvoyQuicCryptoClientStreamFactoryInterface& crypto_stream_factory); ~EnvoyQuicClientSession() override; @@ -69,6 +72,13 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, // quic::QuicSpdyClientSessionBase void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override; + // PacketsToReadDelegate + size_t numPacketsExpectedPerEventLoop() override { + // Do one round of reading per active stream, or to see if there's a new + // active stream. + return std::max(1, GetNumActiveStreams()) * Network::NUM_DATAGRAMS_PER_RECEIVE; + } + using quic::QuicSpdyClientSession::PerformActionOnActiveStreams; protected: @@ -77,6 +87,7 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, // quic::QuicSpdySession quic::QuicSpdyStream* CreateIncomingStream(quic::QuicStreamId id) override; quic::QuicSpdyStream* CreateIncomingStream(quic::PendingStream* pending) override; + std::unique_ptr CreateQuicCryptoStream() override; // QuicFilterManagerConnectionImpl bool hasDataToWrite() override; @@ -90,6 +101,7 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl, Http::ConnectionCallbacks* http_connection_callbacks_{nullptr}; const absl::string_view host_name_; std::shared_ptr crypto_config_; + EnvoyQuicCryptoClientStreamFactoryInterface& crypto_stream_factory_; }; } // namespace Quic diff --git a/source/common/quic/envoy_quic_client_stream.cc b/source/common/quic/envoy_quic_client_stream.cc index 6cb99fbc02d6..804a39934fd8 100644 --- a/source/common/quic/envoy_quic_client_stream.cc +++ b/source/common/quic/envoy_quic_client_stream.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_client_stream.h" +#include "source/common/quic/envoy_quic_client_stream.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -9,22 +9,22 @@ #include "quiche/quic/core/quic_session.h" #include "quiche/quic/core/http/quic_header_list.h" #include "quiche/spdy/core/spdy_header_block.h" -#include "common/quic/platform/quic_mem_slice_span_impl.h" +#include "source/common/quic/platform/quic_mem_slice_span_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_client_session.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/utility.h" -#include "common/common/enum_to_int.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Quic { @@ -58,7 +58,7 @@ Http::Status EnvoyQuicClientStream::encodeHeaders(const Http::RequestHeaderMap& bool end_stream) { // Required headers must be present. This can only happen by some erroneous processing after the // downstream codecs decode. - RETURN_IF_ERROR(Http::HeaderUtility::checkRequiredHeaders(headers)); + RETURN_IF_ERROR(Http::HeaderUtility::checkRequiredRequestHeaders(headers)); ENVOY_STREAM_LOG(debug, "encodeHeaders: (end_stream={}) {}.", *this, end_stream, headers); local_end_stream_ = end_stream; @@ -256,11 +256,15 @@ void EnvoyQuicClientStream::maybeDecodeTrailers() { } void EnvoyQuicClientStream::OnStreamReset(const quic::QuicRstStreamFrame& frame) { + ENVOY_STREAM_LOG(debug, "received reset code={}", *this, frame.error_code); + stats_.rx_reset_.inc(); quic::QuicSpdyClientStream::OnStreamReset(frame); runResetCallbacks(quicRstErrorToEnvoyRemoteResetReason(frame.error_code)); } void EnvoyQuicClientStream::Reset(quic::QuicRstStreamErrorCode error) { + ENVOY_STREAM_LOG(debug, "sending reset code={}", *this, error); + stats_.tx_reset_.inc(); // Upper layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(quicRstErrorToEnvoyLocalResetReason(error)); quic::QuicSpdyClientStream::Reset(error); @@ -282,7 +286,6 @@ void EnvoyQuicClientStream::OnClose() { // This is called in the scope of a watermark buffer updater. Clear the // buffer accounting afterwards so that the updater doesn't override the // result. - connection()->dispatcher().post([this] { clearWatermarkBuffer(); }); return; } clearWatermarkBuffer(); diff --git a/source/common/quic/envoy_quic_client_stream.h b/source/common/quic/envoy_quic_client_stream.h index a722accc6bfc..0e82d8622319 100644 --- a/source/common/quic/envoy_quic_client_stream.h +++ b/source/common/quic/envoy_quic_client_stream.h @@ -1,5 +1,7 @@ #pragma once +#include "envoy/buffer/buffer.h" + #if defined(__GNUC__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wunused-parameter" @@ -12,7 +14,7 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_stream.h" +#include "source/common/quic/envoy_quic_stream.h" namespace Envoy { namespace Quic { @@ -46,6 +48,10 @@ class EnvoyQuicClientStream : public quic::QuicSpdyClientStream, // Http::Stream void resetStream(Http::StreamResetReason reason) override; void setFlushTimeout(std::chrono::milliseconds) override {} + + void setAccount(Buffer::BufferMemoryAccountSharedPtr) override { + // TODO(kbaichoo): implement account tracking for QUIC. + } // quic::QuicSpdyStream void OnBodyAvailable() override; void OnStreamReset(const quic::QuicRstStreamFrame& frame) override; diff --git a/source/common/quic/envoy_quic_connection_helper.h b/source/common/quic/envoy_quic_connection_helper.h index 8772e1ef0ab1..a8d8ba2bbc94 100644 --- a/source/common/quic/envoy_quic_connection_helper.h +++ b/source/common/quic/envoy_quic_connection_helper.h @@ -15,7 +15,7 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/platform/envoy_quic_clock.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_crypto_stream_factory.h b/source/common/quic/envoy_quic_crypto_stream_factory.h new file mode 100644 index 000000000000..fd8151984ee2 --- /dev/null +++ b/source/common/quic/envoy_quic_crypto_stream_factory.h @@ -0,0 +1,53 @@ +#pragma once + +#include "envoy/common/optref.h" +#include "envoy/config/typed_config.h" +#include "envoy/network/transport_socket.h" + +#if defined(__GNUC__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-parameter" +#pragma GCC diagnostic ignored "-Winvalid-offsetof" +#endif + +#include "quiche/quic/core/quic_crypto_server_stream_base.h" +#include "quiche/quic/core/crypto/quic_crypto_server_config.h" +#include "quiche/quic/core/tls_server_handshaker.h" +#include "quiche/quic/core/quic_session.h" +#include "quiche/quic/core/quic_crypto_client_stream.h" + +#if defined(__GNUC__) +#pragma GCC diagnostic pop +#endif + +namespace Envoy { +namespace Quic { + +class EnvoyQuicCryptoServerStreamFactoryInterface : public Config::TypedFactory { +public: + std::string category() const override { return "envoy.quic.server.crypto_stream"; } + + // Return an Envoy specific quic crypto server stream object. + virtual std::unique_ptr createEnvoyQuicCryptoServerStream( + const quic::QuicCryptoServerConfig* crypto_config, + quic::QuicCompressedCertsCache* compressed_certs_cache, quic::QuicSession* session, + quic::QuicCryptoServerStreamBase::Helper* helper, + OptRef transport_socket_factory, + Event::Dispatcher& dispatcher) PURE; +}; + +class EnvoyQuicCryptoClientStreamFactoryInterface { +public: + virtual ~EnvoyQuicCryptoClientStreamFactoryInterface() = default; + + // Return an Envoy specific quic crypto client stream object. + virtual std::unique_ptr + createEnvoyQuicCryptoClientStream(const quic::QuicServerId& server_id, quic::QuicSession* session, + std::unique_ptr verify_context, + quic::QuicCryptoClientConfig* crypto_config, + quic::QuicCryptoClientStream::ProofHandler* proof_handler, + bool has_application_state) PURE; +}; + +} // namespace Quic +} // namespace Envoy diff --git a/source/common/quic/envoy_quic_dispatcher.cc b/source/common/quic/envoy_quic_dispatcher.cc index 4191e80d4d79..217e561e2b65 100644 --- a/source/common/quic/envoy_quic_dispatcher.cc +++ b/source/common/quic/envoy_quic_dispatcher.cc @@ -1,10 +1,14 @@ -#include "common/quic/envoy_quic_dispatcher.h" +#include "source/common/quic/envoy_quic_dispatcher.h" -#include "common/common/safe_memcpy.h" -#include "common/http/utility.h" -#include "common/quic/envoy_quic_server_connection.h" -#include "common/quic/envoy_quic_server_session.h" -#include "common/quic/envoy_quic_utils.h" +#include + +#include "envoy/common/optref.h" + +#include "source/common/common/safe_memcpy.h" +#include "source/common/http/utility.h" +#include "source/common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/envoy_quic_server_session.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { @@ -17,13 +21,15 @@ EnvoyQuicDispatcher::EnvoyQuicDispatcher( uint8_t expected_server_connection_id_length, Network::ConnectionHandler& connection_handler, Network::ListenerConfig& listener_config, Server::ListenerStats& listener_stats, Server::PerHandlerListenerStats& per_worker_stats, Event::Dispatcher& dispatcher, - Network::Socket& listen_socket) + Network::Socket& listen_socket, QuicStatNames& quic_stat_names, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory) : quic::QuicDispatcher(&quic_config, crypto_config, version_manager, std::move(helper), std::make_unique(), std::move(alarm_factory), expected_server_connection_id_length), connection_handler_(connection_handler), listener_config_(listener_config), listener_stats_(listener_stats), per_worker_stats_(per_worker_stats), dispatcher_(dispatcher), - listen_socket_(listen_socket) { + listen_socket_(listen_socket), quic_stat_names_(quic_stat_names), + crypto_server_stream_factory_(crypto_server_stream_factory) { // Set send buffer twice of max flow control window to ensure that stream send // buffer always takes all the data. // The max amount of data buffered is the per-stream high watermark + the max @@ -46,6 +52,8 @@ void EnvoyQuicDispatcher::OnConnectionClosed(quic::QuicConnectionId connection_i listener_stats_.downstream_cx_active_.dec(); per_worker_stats_.downstream_cx_active_.dec(); connection_handler_.decNumConnections(); + quic_stat_names_.chargeQuicConnectionCloseStats(listener_config_.listenerScope(), error, source, + /*is_upstream*/ false); } std::unique_ptr EnvoyQuicDispatcher::CreateQuicSession( @@ -64,7 +72,10 @@ std::unique_ptr EnvoyQuicDispatcher::CreateQuicSession( auto quic_session = std::make_unique( quic_config, quic::ParsedQuicVersionVector{version}, std::move(quic_connection), this, session_helper(), crypto_config(), compressed_certs_cache(), dispatcher_, - listener_config_.perConnectionBufferLimitBytes()); + listener_config_.perConnectionBufferLimitBytes(), quic_stat_names_, + listener_config_.listenerScope(), crypto_server_stream_factory_, + makeOptRefFromPtr(filter_chain == nullptr ? nullptr + : &filter_chain->transportSocketFactory())); if (filter_chain != nullptr) { const bool has_filter_initialized = listener_config_.filterChainFactory().createNetworkFilterChain( @@ -92,11 +103,7 @@ quic::QuicConnectionId EnvoyQuicDispatcher::ReplaceLongServerConnectionId( uint8_t expected_server_connection_id_length) const { quic::QuicConnectionId new_connection_id = quic::QuicDispatcher::ReplaceLongServerConnectionId( version, server_connection_id, expected_server_connection_id_length); - char* new_connection_id_data = new_connection_id.mutable_data(); - const char* server_connection_id_ptr = server_connection_id.data(); - auto* first_four_bytes = reinterpret_cast(server_connection_id_ptr); - // Override the first 4 bytes of the new CID to the original CID's first 4 bytes. - safeMemcpyUnsafeDst(new_connection_id_data, first_four_bytes); + adjustNewConnectionIdForRoutine(new_connection_id, server_connection_id); return new_connection_id; } diff --git a/source/common/quic/envoy_quic_dispatcher.h b/source/common/quic/envoy_quic_dispatcher.h index 987dd2b45065..0864a909f42f 100644 --- a/source/common/quic/envoy_quic_dispatcher.h +++ b/source/common/quic/envoy_quic_dispatcher.h @@ -17,8 +17,10 @@ #include #include "envoy/network/listener.h" -#include "server/connection_handler_impl.h" -#include "server/active_listener_base.h" +#include "source/server/connection_handler_impl.h" +#include "source/server/active_listener_base.h" +#include "source/common/quic/envoy_quic_crypto_stream_factory.h" +#include "source/common/quic/quic_stat_names.h" namespace Envoy { namespace Quic { @@ -43,17 +45,16 @@ class EnvoyQuicCryptoServerStreamHelper : public quic::QuicCryptoServerStreamBas class EnvoyQuicDispatcher : public quic::QuicDispatcher { public: - EnvoyQuicDispatcher(const quic::QuicCryptoServerConfig* crypto_config, - const quic::QuicConfig& quic_config, - quic::QuicVersionManager* version_manager, - std::unique_ptr helper, - std::unique_ptr alarm_factory, - uint8_t expected_server_connection_id_length, - Network::ConnectionHandler& connection_handler, - Network::ListenerConfig& listener_config, - Server::ListenerStats& listener_stats, - Server::PerHandlerListenerStats& per_worker_stats, - Event::Dispatcher& dispatcher, Network::Socket& listen_socket); + EnvoyQuicDispatcher( + const quic::QuicCryptoServerConfig* crypto_config, const quic::QuicConfig& quic_config, + quic::QuicVersionManager* version_manager, + std::unique_ptr helper, + std::unique_ptr alarm_factory, + uint8_t expected_server_connection_id_length, Network::ConnectionHandler& connection_handler, + Network::ListenerConfig& listener_config, Server::ListenerStats& listener_stats, + Server::PerHandlerListenerStats& per_worker_stats, Event::Dispatcher& dispatcher, + Network::Socket& listen_socket, QuicStatNames& quic_stat_names, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory); void OnConnectionClosed(quic::QuicConnectionId connection_id, quic::QuicErrorCode error, const std::string& error_details, @@ -81,6 +82,8 @@ class EnvoyQuicDispatcher : public quic::QuicDispatcher { Server::PerHandlerListenerStats& per_worker_stats_; Event::Dispatcher& dispatcher_; Network::Socket& listen_socket_; + QuicStatNames& quic_stat_names_; + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory_; }; } // namespace Quic diff --git a/source/common/quic/envoy_quic_packet_writer.cc b/source/common/quic/envoy_quic_packet_writer.cc index 9c125b6c3b77..5ee3b5da3a57 100644 --- a/source/common/quic/envoy_quic_packet_writer.cc +++ b/source/common/quic/envoy_quic_packet_writer.cc @@ -1,8 +1,8 @@ -#include "common/quic/envoy_quic_packet_writer.h" +#include "source/common/quic/envoy_quic_packet_writer.h" #include -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_proof_source.cc b/source/common/quic/envoy_quic_proof_source.cc index e1b7673596d7..c9ee45eb1200 100644 --- a/source/common/quic/envoy_quic_proof_source.cc +++ b/source/common/quic/envoy_quic_proof_source.cc @@ -1,11 +1,11 @@ -#include "common/quic/envoy_quic_proof_source.h" +#include "source/common/quic/envoy_quic_proof_source.h" #include #include "envoy/ssl/tls_certificate_config.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_io_handle_wrapper.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_io_handle_wrapper.h" #include "openssl/bytestring.h" #include "quiche/quic/core/crypto/certificate_view.h" diff --git a/source/common/quic/envoy_quic_proof_source.h b/source/common/quic/envoy_quic_proof_source.h index 97c2120870b7..fcf388c60914 100644 --- a/source/common/quic/envoy_quic_proof_source.h +++ b/source/common/quic/envoy_quic_proof_source.h @@ -1,10 +1,9 @@ #pragma once -#include "common/quic/envoy_quic_proof_source_base.h" -#include "common/quic/quic_transport_socket_factory.h" - -#include "server/active_listener_base.h" -#include "server/connection_handler_impl.h" +#include "source/common/quic/envoy_quic_proof_source_base.h" +#include "source/common/quic/quic_transport_socket_factory.h" +#include "source/server/active_listener_base.h" +#include "source/server/connection_handler_impl.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_proof_source_base.cc b/source/common/quic/envoy_quic_proof_source_base.cc index 79cfa0c3171f..f6adb247d95e 100644 --- a/source/common/quic/envoy_quic_proof_source_base.cc +++ b/source/common/quic/envoy_quic_proof_source_base.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_proof_source_base.h" +#include "source/common/quic/envoy_quic_proof_source_base.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -11,7 +11,7 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_proof_source_base.h b/source/common/quic/envoy_quic_proof_source_base.h index 22de52a0ce5e..f963edec26e5 100644 --- a/source/common/quic/envoy_quic_proof_source_base.h +++ b/source/common/quic/envoy_quic_proof_source_base.h @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/str_cat.h" @@ -23,7 +23,7 @@ #include "openssl/ssl.h" #include "envoy/network/filter.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_proof_source_factory_interface.h b/source/common/quic/envoy_quic_proof_source_factory_interface.h new file mode 100644 index 000000000000..a6f69a176158 --- /dev/null +++ b/source/common/quic/envoy_quic_proof_source_factory_interface.h @@ -0,0 +1,38 @@ +#pragma once + +#include "envoy/config/typed_config.h" + +#if defined(__GNUC__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wunused-parameter" +#pragma GCC diagnostic ignored "-Winvalid-offsetof" +#endif + +#include "quiche/quic/core/crypto/proof_source.h" + +#if defined(__GNUC__) +#pragma GCC diagnostic pop +#endif + +#include "envoy/network/socket.h" +#include "envoy/network/filter.h" +#include "source/server/active_listener_base.h" + +namespace Envoy { +namespace Quic { + +// A factory interface to provide quic::ProofSource. +class EnvoyQuicProofSourceFactoryInterface : public Config::TypedFactory { +public: + ~EnvoyQuicProofSourceFactoryInterface() override = default; + + std::string category() const override { return "envoy.quic.proof_source"; } + + virtual std::unique_ptr + createQuicProofSource(Network::Socket& listen_socket, + Network::FilterChainManager& filter_chain_manager, + Server::ListenerStats& listener_stats) PURE; +}; + +} // namespace Quic +} // namespace Envoy diff --git a/source/common/quic/envoy_quic_proof_verifier.cc b/source/common/quic/envoy_quic_proof_verifier.cc index 2e79eeb7ef7c..2a4b80c76e1a 100644 --- a/source/common/quic/envoy_quic_proof_verifier.cc +++ b/source/common/quic/envoy_quic_proof_verifier.cc @@ -1,8 +1,7 @@ -#include "common/quic/envoy_quic_proof_verifier.h" +#include "source/common/quic/envoy_quic_proof_verifier.h" -#include "common/quic/envoy_quic_utils.h" - -#include "extensions/transport_sockets/tls/cert_validator/default_validator.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/extensions/transport_sockets/tls/cert_validator/default_validator.h" #include "quiche/quic/core/crypto/certificate_view.h" diff --git a/source/common/quic/envoy_quic_proof_verifier.h b/source/common/quic/envoy_quic_proof_verifier.h index f12d570848f0..6574ab434bd0 100644 --- a/source/common/quic/envoy_quic_proof_verifier.h +++ b/source/common/quic/envoy_quic_proof_verifier.h @@ -1,8 +1,7 @@ #pragma once -#include "common/quic/envoy_quic_proof_verifier_base.h" - -#include "extensions/transport_sockets/tls/context_impl.h" +#include "source/common/quic/envoy_quic_proof_verifier_base.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" namespace Envoy { namespace Quic { @@ -12,7 +11,9 @@ namespace Quic { class EnvoyQuicProofVerifier : public EnvoyQuicProofVerifierBase { public: EnvoyQuicProofVerifier(Envoy::Ssl::ClientContextSharedPtr&& context) - : context_(std::move(context)) {} + : context_(std::move(context)) { + ASSERT(context_.get()); + } // EnvoyQuicProofVerifierBase quic::QuicAsyncStatus diff --git a/source/common/quic/envoy_quic_proof_verifier_base.cc b/source/common/quic/envoy_quic_proof_verifier_base.cc index cc880404bcfb..7f791b0c3f10 100644 --- a/source/common/quic/envoy_quic_proof_verifier_base.cc +++ b/source/common/quic/envoy_quic_proof_verifier_base.cc @@ -1,6 +1,6 @@ -#include "common/quic/envoy_quic_proof_verifier_base.h" +#include "source/common/quic/envoy_quic_proof_verifier_base.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" #include "openssl/ssl.h" #include "quiche/quic/core/crypto/certificate_view.h" diff --git a/source/common/quic/envoy_quic_proof_verifier_base.h b/source/common/quic/envoy_quic_proof_verifier_base.h index f45736c7d19a..e3835b917dda 100644 --- a/source/common/quic/envoy_quic_proof_verifier_base.h +++ b/source/common/quic/envoy_quic_proof_verifier_base.h @@ -14,7 +14,7 @@ #pragma GCC diagnostic pop #endif -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_server_connection.cc b/source/common/quic/envoy_quic_server_connection.cc index f2bc90257dd8..f241e7ec17da 100644 --- a/source/common/quic/envoy_quic_server_connection.cc +++ b/source/common/quic/envoy_quic_server_connection.cc @@ -1,8 +1,8 @@ -#include "common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/envoy_quic_server_connection.h" -#include "common/network/listen_socket_impl.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_io_handle_wrapper.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_io_handle_wrapper.h" namespace Envoy { namespace Quic { @@ -35,5 +35,19 @@ bool EnvoyQuicServerConnection::OnPacketHeader(const quic::QuicPacketHeader& hea return true; } +std::unique_ptr +EnvoyQuicServerConnection::MakeSelfIssuedConnectionIdManager() { + return std::make_unique( + quic::kMinNumOfActiveConnectionIds, connection_id(), clock(), alarm_factory(), this); +} + +quic::QuicConnectionId EnvoyQuicSelfIssuedConnectionIdManager::GenerateNewConnectionId( + const quic::QuicConnectionId& old_connection_id) const { + quic::QuicConnectionId new_connection_id = + quic::QuicSelfIssuedConnectionIdManager::GenerateNewConnectionId(old_connection_id); + adjustNewConnectionIdForRoutine(new_connection_id, old_connection_id); + return new_connection_id; +} + } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/envoy_quic_server_connection.h b/source/common/quic/envoy_quic_server_connection.h index 04c1a4b8f80d..707deb412ec9 100644 --- a/source/common/quic/envoy_quic_server_connection.h +++ b/source/common/quic/envoy_quic_server_connection.h @@ -2,10 +2,9 @@ #include "envoy/network/listener.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_network_connection.h" - -#include "server/connection_handler_impl.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_network_connection.h" +#include "source/server/connection_handler_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -36,6 +35,22 @@ class EnvoyQuicServerConnection : public quic::QuicConnection, public QuicNetwor // QuicNetworkConnection // Overridden to set connection_socket_ with initialized self address and retrieve filter chain. bool OnPacketHeader(const quic::QuicPacketHeader& header) override; + + // quic::QuicConnection + // Overridden to provide a CID manager which issues CIDs compatible with the existing BPF routing. + std::unique_ptr + MakeSelfIssuedConnectionIdManager() override; +}; + +// An implementation that issues connection IDs with stable first 4 types. +class EnvoyQuicSelfIssuedConnectionIdManager : public quic::QuicSelfIssuedConnectionIdManager { +public: + using QuicSelfIssuedConnectionIdManager::QuicSelfIssuedConnectionIdManager; + + // quic::QuicSelfIssuedConnectionIdManager + // Overridden to return a new CID with the same first 4 bytes. + quic::QuicConnectionId + GenerateNewConnectionId(const quic::QuicConnectionId& old_connection_id) const override; }; } // namespace Quic diff --git a/source/common/quic/envoy_quic_server_session.cc b/source/common/quic/envoy_quic_server_session.cc index 44208d4fb3f3..ca373f22547a 100644 --- a/source/common/quic/envoy_quic_server_session.cc +++ b/source/common/quic/envoy_quic_server_session.cc @@ -1,10 +1,10 @@ -#include "common/quic/envoy_quic_server_session.h" +#include "source/common/quic/envoy_quic_server_session.h" #include -#include "common/common/assert.h" -#include "common/quic/envoy_quic_proof_source.h" -#include "common/quic/envoy_quic_server_stream.h" +#include "source/common/common/assert.h" +#include "source/common/quic/envoy_quic_proof_source.h" +#include "source/common/quic/envoy_quic_server_stream.h" namespace Envoy { namespace Quic { @@ -14,12 +14,16 @@ EnvoyQuicServerSession::EnvoyQuicServerSession( std::unique_ptr connection, quic::QuicSession::Visitor* visitor, quic::QuicCryptoServerStream::Helper* helper, const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache, Event::Dispatcher& dispatcher, - uint32_t send_buffer_limit) + uint32_t send_buffer_limit, QuicStatNames& quic_stat_names, Stats::Scope& listener_scope, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + OptRef transport_socket_factory) : quic::QuicServerSessionBase(config, supported_versions, connection.get(), visitor, helper, crypto_config, compressed_certs_cache), QuicFilterManagerConnectionImpl(*connection, connection->connection_id(), dispatcher, send_buffer_limit), - quic_connection_(std::move(connection)) {} + quic_connection_(std::move(connection)), quic_stat_names_(quic_stat_names), + listener_scope_(listener_scope), crypto_server_stream_factory_(crypto_server_stream_factory), + transport_socket_factory_(transport_socket_factory) {} EnvoyQuicServerSession::~EnvoyQuicServerSession() { ASSERT(!quic_connection_->connected()); @@ -34,7 +38,9 @@ std::unique_ptr EnvoyQuicServerSession::CreateQuicCryptoServerStream( const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache) { - return CreateCryptoServerStream(crypto_config, compressed_certs_cache, this, stream_helper()); + return crypto_server_stream_factory_.createEnvoyQuicCryptoServerStream( + crypto_config, compressed_certs_cache, this, stream_helper(), transport_socket_factory_, + dispatcher()); } quic::QuicSpdyStream* EnvoyQuicServerSession::CreateIncomingStream(quic::QuicStreamId id) { @@ -82,7 +88,7 @@ void EnvoyQuicServerSession::setUpRequestDecoder(EnvoyQuicServerStream& stream) void EnvoyQuicServerSession::OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { quic::QuicServerSessionBase::OnConnectionClosed(frame, source); - onConnectionCloseEvent(frame, source); + onConnectionCloseEvent(frame, source, version()); } void EnvoyQuicServerSession::Initialize() { @@ -143,5 +149,19 @@ size_t EnvoyQuicServerSession::WriteHeadersOnHeadersStream( precedence, ack_listener); } +void EnvoyQuicServerSession::MaybeSendRstStreamFrame(quic::QuicStreamId id, + quic::QuicRstStreamErrorCode error, + quic::QuicStreamOffset bytes_written) { + QuicServerSessionBase::MaybeSendRstStreamFrame(id, error, bytes_written); + quic_stat_names_.chargeQuicResetStreamErrorStats(listener_scope_, error, /*from_self*/ true, + /*is_upstream*/ false); +} + +void EnvoyQuicServerSession::OnRstStream(const quic::QuicRstStreamFrame& frame) { + QuicServerSessionBase::OnRstStream(frame); + quic_stat_names_.chargeQuicResetStreamErrorStats(listener_scope_, frame.error_code, + /*from_self*/ false, /*is_upstream*/ false); +} + } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/envoy_quic_server_session.h b/source/common/quic/envoy_quic_server_session.h index b186cc3b2b53..9e6bedb7aac2 100644 --- a/source/common/quic/envoy_quic_server_session.h +++ b/source/common/quic/envoy_quic_server_session.h @@ -19,10 +19,12 @@ #include -#include "common/quic/send_buffer_monitor.h" -#include "common/quic/quic_filter_manager_connection_impl.h" -#include "common/quic/envoy_quic_server_connection.h" -#include "common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/send_buffer_monitor.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/envoy_quic_crypto_stream_factory.h" +#include "source/common/quic/quic_stat_names.h" namespace Envoy { namespace Quic { @@ -41,7 +43,10 @@ class EnvoyQuicServerSession : public quic::QuicServerSessionBase, quic::QuicCryptoServerStreamBase::Helper* helper, const quic::QuicCryptoServerConfig* crypto_config, quic::QuicCompressedCertsCache* compressed_certs_cache, - Event::Dispatcher& dispatcher, uint32_t send_buffer_limit); + Event::Dispatcher& dispatcher, uint32_t send_buffer_limit, + QuicStatNames& quic_stat_names, Stats::Scope& listener_scope, + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory, + OptRef transport_socket_factory); ~EnvoyQuicServerSession() override; @@ -62,6 +67,9 @@ class EnvoyQuicServerSession : public quic::QuicServerSessionBase, void Initialize() override; void OnCanWrite() override; void OnTlsHandshakeComplete() override; + void MaybeSendRstStreamFrame(quic::QuicStreamId id, quic::QuicRstStreamErrorCode error, + quic::QuicStreamOffset bytes_written) override; + void OnRstStream(const quic::QuicRstStreamFrame& frame) override; // quic::QuicSpdySession void SetDefaultEncryptionLevel(quic::EncryptionLevel level) override; size_t WriteHeadersOnHeadersStream( @@ -106,6 +114,12 @@ class EnvoyQuicServerSession : public quic::QuicServerSessionBase, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action_; + + QuicStatNames& quic_stat_names_; + Stats::Scope& listener_scope_; + + EnvoyQuicCryptoServerStreamFactoryInterface& crypto_server_stream_factory_; + OptRef transport_socket_factory_; }; } // namespace Quic diff --git a/source/common/quic/envoy_quic_server_stream.cc b/source/common/quic/envoy_quic_server_stream.cc index 0c90cf66f6c9..17857e1c7ba8 100644 --- a/source/common/quic/envoy_quic_server_stream.cc +++ b/source/common/quic/envoy_quic_server_stream.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/envoy_quic_server_stream.h" #include #include @@ -14,19 +14,19 @@ #include "quiche/quic/core/http/quic_header_list.h" #include "quiche/quic/core/quic_session.h" #include "quiche/spdy/core/spdy_header_block.h" -#include "common/quic/platform/quic_mem_slice_span_impl.h" +#include "source/common/quic/platform/quic_mem_slice_span_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/envoy_quic_server_session.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_server_session.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/header_map_impl.h" -#include "common/common/assert.h" -#include "common/http/header_utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_utility.h" namespace Envoy { namespace Quic { @@ -266,11 +266,15 @@ bool EnvoyQuicServerStream::OnStopSending(quic::QuicRstStreamErrorCode error) { } void EnvoyQuicServerStream::OnStreamReset(const quic::QuicRstStreamFrame& frame) { + ENVOY_STREAM_LOG(debug, "received reset code={}", *this, frame.error_code); + stats_.rx_reset_.inc(); quic::QuicSpdyServerStreamBase::OnStreamReset(frame); runResetCallbacks(quicRstErrorToEnvoyRemoteResetReason(frame.error_code)); } void EnvoyQuicServerStream::Reset(quic::QuicRstStreamErrorCode error) { + ENVOY_STREAM_LOG(debug, "sending reset code={}", *this, error); + stats_.tx_reset_.inc(); // Upper layers expect calling resetStream() to immediately raise reset callbacks. runResetCallbacks(quicRstErrorToEnvoyLocalResetReason(error)); quic::QuicSpdyServerStreamBase::Reset(error); @@ -291,7 +295,6 @@ void EnvoyQuicServerStream::OnConnectionClosed(quic::QuicErrorCode error, void EnvoyQuicServerStream::OnClose() { quic::QuicSpdyServerStreamBase::OnClose(); if (isDoingWatermarkAccounting()) { - connection()->dispatcher().post([this] { clearWatermarkBuffer(); }); return; } clearWatermarkBuffer(); diff --git a/source/common/quic/envoy_quic_server_stream.h b/source/common/quic/envoy_quic_server_stream.h index f86857cc800d..e0b98e835fda 100644 --- a/source/common/quic/envoy_quic_server_stream.h +++ b/source/common/quic/envoy_quic_server_stream.h @@ -12,7 +12,7 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_stream.h" +#include "source/common/quic/envoy_quic_stream.h" namespace Envoy { namespace Quic { @@ -54,6 +54,10 @@ class EnvoyQuicServerStream : public quic::QuicSpdyServerStreamBase, void setFlushTimeout(std::chrono::milliseconds) override { // TODO(mattklein123): Actually implement this for HTTP/3 similar to HTTP/2. } + + void setAccount(Buffer::BufferMemoryAccountSharedPtr) override { + // TODO(kbaichoo): implement account tracking for QUIC. + } // quic::QuicSpdyStream void OnBodyAvailable() override; bool OnStopSending(quic::QuicRstStreamErrorCode error) override; diff --git a/source/common/quic/envoy_quic_session_cache.cc b/source/common/quic/envoy_quic_session_cache.cc index 7404f132f153..b6ce80f7717c 100644 --- a/source/common/quic/envoy_quic_session_cache.cc +++ b/source/common/quic/envoy_quic_session_cache.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_session_cache.h" +#include "source/common/quic/envoy_quic_session_cache.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_simulated_watermark_buffer.h b/source/common/quic/envoy_quic_simulated_watermark_buffer.h index 50c46f015276..e4dbdcb187ed 100644 --- a/source/common/quic/envoy_quic_simulated_watermark_buffer.h +++ b/source/common/quic/envoy_quic_simulated_watermark_buffer.h @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "spdlog/spdlog.h" diff --git a/source/common/quic/envoy_quic_stream.h b/source/common/quic/envoy_quic_stream.h index 56e744d56d80..f28cae4cf011 100644 --- a/source/common/quic/envoy_quic_stream.h +++ b/source/common/quic/envoy_quic_stream.h @@ -4,11 +4,11 @@ #include "envoy/event/dispatcher.h" #include "envoy/http/codec.h" -#include "common/http/codec_helper.h" -#include "common/quic/envoy_quic_simulated_watermark_buffer.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_filter_manager_connection_impl.h" -#include "common/quic/send_buffer_monitor.h" +#include "source/common/http/codec_helper.h" +#include "source/common/quic/envoy_quic_simulated_watermark_buffer.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/send_buffer_monitor.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/envoy_quic_utils.cc b/source/common/quic/envoy_quic_utils.cc index 2f9682b31a20..769f8cf08649 100644 --- a/source/common/quic/envoy_quic_utils.cc +++ b/source/common/quic/envoy_quic_utils.cc @@ -1,13 +1,13 @@ -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" #include #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/http/utility.h" -#include "common/network/socket_option_factory.h" -#include "common/network/utility.h" +#include "source/common/http/utility.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Quic { @@ -17,12 +17,12 @@ namespace Quic { Network::Address::InstanceConstSharedPtr quicAddressToEnvoyAddressInstance(const quic::QuicSocketAddress& quic_address) { return quic_address.IsInitialized() - ? Network::Address::addressFromSockAddr(quic_address.generic_address(), - quic_address.host().address_family() == - quic::IpAddressFamily::IP_V4 - ? sizeof(sockaddr_in) - : sizeof(sockaddr_in6), - false) + ? Network::Address::addressFromSockAddrOrDie(quic_address.generic_address(), + quic_address.host().address_family() == + quic::IpAddressFamily::IP_V4 + ? sizeof(sockaddr_in) + : sizeof(sockaddr_in6), + -1, false) : nullptr; } @@ -267,5 +267,14 @@ void configQuicInitialFlowControlWindow(const envoy::config::core::v3::QuicProto static_cast(session_flow_control_window_to_send))); } +void adjustNewConnectionIdForRoutine(quic::QuicConnectionId& new_connection_id, + const quic::QuicConnectionId& old_connection_id) { + char* new_connection_id_data = new_connection_id.mutable_data(); + const char* old_connection_id_ptr = old_connection_id.data(); + auto* first_four_bytes = reinterpret_cast(old_connection_id_ptr); + // Override the first 4 bytes of the new CID to the original CID's first 4 bytes. + safeMemcpyUnsafeDst(new_connection_id_data, first_four_bytes); +} + } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/envoy_quic_utils.h b/source/common/quic/envoy_quic_utils.h index 2625e7acc0e0..434fd939572c 100644 --- a/source/common/quic/envoy_quic_utils.h +++ b/source/common/quic/envoy_quic_utils.h @@ -4,11 +4,11 @@ #include "envoy/config/listener/v3/quic_config.pb.h" #include "envoy/http/codec.h" -#include "common/common/assert.h" -#include "common/http/header_map_impl.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/quic/quic_io_handle_wrapper.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/quic/quic_io_handle_wrapper.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -27,7 +27,7 @@ #include "quiche/quic/core/quic_error_codes.h" #include "quiche/quic/platform/api/quic_ip_address.h" #include "quiche/quic/platform/api/quic_socket_address.h" -#include "common/http/header_utility.h" +#include "source/common/http/header_utility.h" #include "openssl/ssl.h" @@ -168,5 +168,10 @@ createServerConnectionSocket(Network::IoHandle& io_handle, void configQuicInitialFlowControlWindow(const envoy::config::core::v3::QuicProtocolOptions& config, quic::QuicConfig& quic_config); +// Modify new_connection_id according to given old_connection_id to make sure packets with the new +// one can be routed to the same listener. +void adjustNewConnectionIdForRoutine(quic::QuicConnectionId& new_connection_id, + const quic::QuicConnectionId& old_connection_id); + } // namespace Quic } // namespace Envoy diff --git a/source/common/quic/platform/BUILD b/source/common/quic/platform/BUILD index 0d9edee9c233..13e879f96eae 100644 --- a/source/common/quic/platform/BUILD +++ b/source/common/quic/platform/BUILD @@ -117,7 +117,6 @@ envoy_cc_library( "quic_iovec_impl.h", "quic_map_util_impl.h", "quic_mem_slice_impl.h", - "quic_prefetch_impl.h", "quic_reference_counted_impl.h", "quic_server_stats_impl.h", "quic_stack_trace_impl.h", @@ -137,7 +136,7 @@ envoy_cc_library( deps = [ ":quiche_flags_impl_lib", ":string_utils_lib", - "//include/envoy/api:io_error_interface", + "//envoy/api:io_error_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/server:backtrace_lib", @@ -189,7 +188,7 @@ envoy_cc_library( tags = ["nofips"], visibility = ["//visibility:public"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "@com_googlesource_quiche//:quic_core_types_lib", "@com_googlesource_quiche//:quic_platform_base", ], @@ -233,7 +232,7 @@ envoy_cc_library( tags = ["nofips"], visibility = ["//visibility:public"], deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "@com_googlesource_quiche//:quic_core_clock_lib", ], ) @@ -243,7 +242,6 @@ envoy_cc_library( hdrs = [ "quiche_flag_utils_impl.h", "quiche_logging_impl.h", - "quiche_text_utils_impl.h", ], external_deps = [ "abseil_hash", diff --git a/source/common/quic/platform/envoy_quic_clock.cc b/source/common/quic/platform/envoy_quic_clock.cc index 498171670620..450caa59f028 100644 --- a/source/common/quic/platform/envoy_quic_clock.cc +++ b/source/common/quic/platform/envoy_quic_clock.cc @@ -1,4 +1,4 @@ -#include "common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/platform/envoy_quic_clock.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/platform/http2_bug_tracker_impl.h b/source/common/quic/platform/http2_bug_tracker_impl.h index f36c334ec88a..b8f5a8693039 100644 --- a/source/common/quic/platform/http2_bug_tracker_impl.h +++ b/source/common/quic/platform/http2_bug_tracker_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_bug_tracker_impl.h" +#include "source/common/quic/platform/quic_bug_tracker_impl.h" #define HTTP2_BUG_IMPL QUIC_BUG_IMPL #define HTTP2_BUG_IF_IMPL QUIC_BUG_IF_IMPL diff --git a/source/common/quic/platform/http2_flags_impl.h b/source/common/quic/platform/http2_flags_impl.h index f209c3ec8b7a..27e2b8448a55 100644 --- a/source/common/quic/platform/http2_flags_impl.h +++ b/source/common/quic/platform/http2_flags_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/flags_impl.h" +#include "source/common/quic/platform/flags_impl.h" #define GetHttp2ReloadableFlagImpl(flag) quiche::FLAGS_quic_reloadable_flag_##flag->value() diff --git a/source/common/quic/platform/http2_logging_impl.h b/source/common/quic/platform/http2_logging_impl.h index 8633db83ce51..5ef754f7aea8 100644 --- a/source/common/quic/platform/http2_logging_impl.h +++ b/source/common/quic/platform/http2_logging_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" #define HTTP2_LOG_IMPL(severity) QUICHE_LOG_IMPL(severity) diff --git a/source/common/quic/platform/http2_macros_impl.h b/source/common/quic/platform/http2_macros_impl.h index 984f58885b5c..1484e360601d 100644 --- a/source/common/quic/platform/http2_macros_impl.h +++ b/source/common/quic/platform/http2_macros_impl.h @@ -8,7 +8,7 @@ #include -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" #include "absl/base/macros.h" diff --git a/source/common/quic/platform/http2_string_utils_impl.h b/source/common/quic/platform/http2_string_utils_impl.h index 4bd33e99c400..38c75a57a394 100644 --- a/source/common/quic/platform/http2_string_utils_impl.h +++ b/source/common/quic/platform/http2_string_utils_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/string_utils.h" +#include "source/common/quic/platform/string_utils.h" #include "absl/strings/escaping.h" #include "absl/strings/str_cat.h" diff --git a/source/common/quic/platform/quic_containers_impl.h b/source/common/quic/platform/quic_containers_impl.h index e445d7b4c0a8..061fe114695d 100644 --- a/source/common/quic/platform/quic_containers_impl.h +++ b/source/common/quic/platform/quic_containers_impl.h @@ -12,7 +12,7 @@ #include "absl/container/inlined_vector.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" -#include "quiche/common/simple_linked_hash_map.h" +#include "quiche/common/quiche_linked_hash_map.h" #include "quiche/quic/platform/api/quic_flags.h" // NOLINT(namespace-envoy) @@ -36,7 +36,7 @@ template using QuicHashSetImpl = absl::flat_hash_s template using QuicUnorderedSetImpl = absl::node_hash_set; template -using QuicLinkedHashMapImpl = quiche::SimpleLinkedHashMap; +using QuicLinkedHashMapImpl = quiche::QuicheLinkedHashMap; template using QuicSmallMapImpl = absl::flat_hash_map; diff --git a/source/common/quic/platform/quic_file_utils_impl.cc b/source/common/quic/platform/quic_file_utils_impl.cc index 4112785357eb..9c909c801643 100644 --- a/source/common/quic/platform/quic_file_utils_impl.cc +++ b/source/common/quic/platform/quic_file_utils_impl.cc @@ -4,10 +4,10 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_file_utils_impl.h" +#include "source/common/quic/platform/quic_file_utils_impl.h" -#include "common/filesystem/directory.h" -#include "common/filesystem/filesystem_impl.h" +#include "source/common/filesystem/directory.h" +#include "source/common/filesystem/filesystem_impl.h" #include "absl/strings/str_cat.h" diff --git a/source/common/quic/platform/quic_flags_impl.h b/source/common/quic/platform/quic_flags_impl.h index aa433b5b83f4..1fd7e6cfad75 100644 --- a/source/common/quic/platform/quic_flags_impl.h +++ b/source/common/quic/platform/quic_flags_impl.h @@ -9,7 +9,7 @@ #include #include -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/quic/platform/quiche_flags_impl.h" // Not wired into command-line parsing. #define DEFINE_QUIC_COMMAND_LINE_FLAG_IMPL(type, flag, value, help) \ diff --git a/source/common/quic/platform/quic_hostname_utils_impl.cc b/source/common/quic/platform/quic_hostname_utils_impl.cc index bc7d64c5c2f8..1afe7b411eda 100644 --- a/source/common/quic/platform/quic_hostname_utils_impl.cc +++ b/source/common/quic/platform/quic_hostname_utils_impl.cc @@ -4,11 +4,11 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_hostname_utils_impl.h" +#include "source/common/quic/platform/quic_hostname_utils_impl.h" #include -#include "common/http/utility.h" +#include "source/common/http/utility.h" #include "absl/strings/ascii.h" #include "absl/strings/str_cat.h" diff --git a/source/common/quic/platform/quic_logging_impl.cc b/source/common/quic/platform/quic_logging_impl.cc index 08eb9699f1d7..00920beb7262 100644 --- a/source/common/quic/platform/quic_logging_impl.cc +++ b/source/common/quic/platform/quic_logging_impl.cc @@ -4,12 +4,12 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" #include #include -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace quic { diff --git a/source/common/quic/platform/quic_logging_impl.h b/source/common/quic/platform/quic_logging_impl.h index e08595f4e903..f5dc65dd7c43 100644 --- a/source/common/quic/platform/quic_logging_impl.h +++ b/source/common/quic/platform/quic_logging_impl.h @@ -12,9 +12,9 @@ #include #include -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/common/stl_helpers.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/common/stl_helpers.h" #include "absl/base/optimization.h" #include "absl/synchronization/mutex.h" diff --git a/source/common/quic/platform/quic_mem_slice_impl.cc b/source/common/quic/platform/quic_mem_slice_impl.cc index 164419b681f3..3744ae0597e4 100644 --- a/source/common/quic/platform/quic_mem_slice_impl.cc +++ b/source/common/quic/platform/quic_mem_slice_impl.cc @@ -4,11 +4,11 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_mem_slice_impl.h" +#include "source/common/quic/platform/quic_mem_slice_impl.h" #include "envoy/buffer/buffer.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace quic { diff --git a/source/common/quic/platform/quic_mem_slice_impl.h b/source/common/quic/platform/quic_mem_slice_impl.h index 9882b2afad80..c6e90cba507a 100644 --- a/source/common/quic/platform/quic_mem_slice_impl.h +++ b/source/common/quic/platform/quic_mem_slice_impl.h @@ -10,7 +10,7 @@ #include #include -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "quiche/quic/core/quic_buffer_allocator.h" diff --git a/source/common/quic/platform/quic_mem_slice_span_impl.cc b/source/common/quic/platform/quic_mem_slice_span_impl.cc index e7ac9d86f837..89a7357d3743 100644 --- a/source/common/quic/platform/quic_mem_slice_span_impl.cc +++ b/source/common/quic/platform/quic_mem_slice_span_impl.cc @@ -4,7 +4,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_mem_slice_span_impl.h" +#include "source/common/quic/platform/quic_mem_slice_span_impl.h" #include "quiche/quic/platform/api/quic_mem_slice.h" diff --git a/source/common/quic/platform/quic_mem_slice_storage_impl.cc b/source/common/quic/platform/quic_mem_slice_storage_impl.cc index d4d7767f6587..0f90210eb992 100644 --- a/source/common/quic/platform/quic_mem_slice_storage_impl.cc +++ b/source/common/quic/platform/quic_mem_slice_storage_impl.cc @@ -4,7 +4,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_mem_slice_storage_impl.h" +#include "source/common/quic/platform/quic_mem_slice_storage_impl.h" #include diff --git a/source/common/quic/platform/quic_mem_slice_storage_impl.h b/source/common/quic/platform/quic_mem_slice_storage_impl.h index c7a5e17e187c..437e9be46736 100644 --- a/source/common/quic/platform/quic_mem_slice_storage_impl.h +++ b/source/common/quic/platform/quic_mem_slice_storage_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "quiche/quic/core/quic_buffer_allocator.h" #include "quiche/quic/platform/api/quic_iovec.h" diff --git a/source/common/quic/platform/quic_pcc_sender_impl.h b/source/common/quic/platform/quic_pcc_sender_impl.h index 1e0f2bcbaf8b..de6ac4ed2a75 100644 --- a/source/common/quic/platform/quic_pcc_sender_impl.h +++ b/source/common/quic/platform/quic_pcc_sender_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "quiche/quic/core/quic_types.h" diff --git a/source/common/quic/platform/quic_prefetch_impl.h b/source/common/quic/platform/quic_prefetch_impl.h deleted file mode 100644 index 1e4499b955ad..000000000000 --- a/source/common/quic/platform/quic_prefetch_impl.h +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once - -// NOLINT(namespace-envoy) - -// This file is part of the QUICHE platform implementation, and is not to be -// consumed or referenced directly by other Envoy code. It serves purely as a -// porting layer for QUICHE. - -namespace quic { - -#if defined(__GNUC__) -// See __builtin_prefetch in: -// https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html. -inline void QuicPrefetchT0Impl(const void* addr) { __builtin_prefetch(addr, 0, 3); } -#else -inline void QuicPrefetchT0Impl(const void*) {} -#endif - -} // namespace quic diff --git a/source/common/quic/platform/quic_stack_trace_impl.h b/source/common/quic/platform/quic_stack_trace_impl.h index ec06b6299d65..c154796513d9 100644 --- a/source/common/quic/platform/quic_stack_trace_impl.h +++ b/source/common/quic/platform/quic_stack_trace_impl.h @@ -9,7 +9,7 @@ #include #include -#include "server/backtrace.h" +#include "source/server/backtrace.h" namespace quic { diff --git a/source/common/quic/platform/quiche_bug_tracker_impl.h b/source/common/quic/platform/quiche_bug_tracker_impl.h index 3a13f66c7db8..0d4f8aa884ac 100644 --- a/source/common/quic/platform/quiche_bug_tracker_impl.h +++ b/source/common/quic/platform/quiche_bug_tracker_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" // TODO(wub): Implement exponential back off to avoid performance problems due // to excessive QUIC_BUG. diff --git a/source/common/quic/platform/quiche_flags_impl.cc b/source/common/quic/platform/quiche_flags_impl.cc index 5f937e3b7339..a251af757b08 100644 --- a/source/common/quic/platform/quiche_flags_impl.cc +++ b/source/common/quic/platform/quiche_flags_impl.cc @@ -4,11 +4,11 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/quic/platform/quiche_flags_impl.h" #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/ascii.h" #include "absl/strings/match.h" diff --git a/source/common/quic/platform/quiche_logging_impl.h b/source/common/quic/platform/quiche_logging_impl.h index 4b7e662d2f01..08dc8f84c7bb 100644 --- a/source/common/quic/platform/quiche_logging_impl.h +++ b/source/common/quic/platform/quiche_logging_impl.h @@ -6,4 +6,4 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" diff --git a/source/common/quic/platform/quiche_text_utils_impl.h b/source/common/quic/platform/quiche_text_utils_impl.h deleted file mode 100644 index aed6d4f5c6b5..000000000000 --- a/source/common/quic/platform/quiche_text_utils_impl.h +++ /dev/null @@ -1,64 +0,0 @@ -#pragma once - -#include "common/common/base64.h" -#include "common/quic/platform/string_utils.h" - -#include "absl/strings/ascii.h" -#include "absl/strings/escaping.h" -#include "absl/strings/match.h" -#include "absl/strings/numbers.h" -#include "absl/strings/str_cat.h" -#include "absl/strings/str_format.h" -#include "absl/strings/str_split.h" -#include "absl/types/optional.h" - -// NOLINT(namespace-envoy) - -// This file is part of the QUICHE platform implementation, and is not to be -// consumed or referenced directly by other Envoy code. It serves purely as a -// porting layer for QUICHE. - -namespace quiche { - -class QuicheTextUtilsImpl { -public: - // NOLINTNEXTLINE(readability-identifier-naming) - static std::string ToLower(absl::string_view data) { return absl::AsciiStrToLower(data); } - - // NOLINTNEXTLINE(readability-identifier-naming) - static void RemoveLeadingAndTrailingWhitespace(absl::string_view* data) { - *data = absl::StripAsciiWhitespace(*data); - } - - // NOLINTNEXTLINE(readability-identifier-naming) - static std::string Hex(uint32_t v) { return absl::StrCat(absl::Hex(v)); } - - // NOLINTNEXTLINE(readability-identifier-naming) - static void Base64Encode(const uint8_t* data, size_t data_len, std::string* output) { - *output = - Envoy::Base64::encode(reinterpret_cast(data), data_len, /*add_padding=*/false); - } - - // NOLINTNEXTLINE(readability-identifier-naming) - static absl::optional Base64Decode(absl::string_view input) { - return Envoy::Base64::decodeWithoutPadding(input); - } - - // NOLINTNEXTLINE(readability-identifier-naming) - static std::string Uint64ToString(uint64_t in) { return absl::StrCat(in); } - - // NOLINTNEXTLINE(readability-identifier-naming) - static std::string HexDump(absl::string_view binary_data) { return quiche::HexDump(binary_data); } - - // NOLINTNEXTLINE(readability-identifier-naming) - static bool ContainsUpperCase(absl::string_view data) { - return std::any_of(data.begin(), data.end(), absl::ascii_isupper); - } - - // NOLINTNEXTLINE(readability-identifier-naming) - static bool IsAllDigits(absl::string_view data) { - return std::all_of(data.begin(), data.end(), absl::ascii_isdigit); - } -}; - -} // namespace quiche diff --git a/source/common/quic/platform/quiche_time_utils_impl.cc b/source/common/quic/platform/quiche_time_utils_impl.cc index 4453985b3f2f..91fda404f847 100644 --- a/source/common/quic/platform/quiche_time_utils_impl.cc +++ b/source/common/quic/platform/quiche_time_utils_impl.cc @@ -4,7 +4,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quiche_time_utils_impl.h" +#include "source/common/quic/platform/quiche_time_utils_impl.h" namespace quiche { diff --git a/source/common/quic/platform/spdy_bug_tracker_impl.h b/source/common/quic/platform/spdy_bug_tracker_impl.h index 708d388648ef..29990935d94f 100644 --- a/source/common/quic/platform/spdy_bug_tracker_impl.h +++ b/source/common/quic/platform/spdy_bug_tracker_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quiche_bug_tracker_impl.h" +#include "source/common/quic/platform/quiche_bug_tracker_impl.h" #define SPDY_BUG_IMPL QUICHE_BUG_IMPL #define SPDY_BUG_IF_IMPL QUICHE_BUG_IF_IMPL diff --git a/source/common/quic/platform/spdy_containers_impl.h b/source/common/quic/platform/spdy_containers_impl.h index e73f52bfc798..676127f066c9 100644 --- a/source/common/quic/platform/spdy_containers_impl.h +++ b/source/common/quic/platform/spdy_containers_impl.h @@ -10,12 +10,12 @@ #include "absl/container/flat_hash_set.h" #include "absl/container/inlined_vector.h" #include "absl/hash/hash.h" -#include "quiche/common/simple_linked_hash_map.h" +#include "quiche/common/quiche_linked_hash_map.h" namespace spdy { template -using SpdyLinkedHashMapImpl = quiche::SimpleLinkedHashMap; +using SpdyLinkedHashMapImpl = quiche::QuicheLinkedHashMap; template using SpdySmallMapImpl = absl::flat_hash_map; diff --git a/source/common/quic/platform/spdy_flags_impl.h b/source/common/quic/platform/spdy_flags_impl.h index 697cee197329..701aff548c1e 100644 --- a/source/common/quic/platform/spdy_flags_impl.h +++ b/source/common/quic/platform/spdy_flags_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/flags_impl.h" +#include "source/common/quic/platform/flags_impl.h" #define GetSpdyReloadableFlagImpl(flag) quiche::FLAGS_quic_reloadable_flag_##flag->value() diff --git a/source/common/quic/platform/spdy_logging_impl.h b/source/common/quic/platform/spdy_logging_impl.h index a2b6f6ff0a5a..b572688364ca 100644 --- a/source/common/quic/platform/spdy_logging_impl.h +++ b/source/common/quic/platform/spdy_logging_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" #define SPDY_LOG_IMPL(severity) QUICHE_LOG_IMPL(severity) diff --git a/source/common/quic/platform/spdy_string_utils_impl.h b/source/common/quic/platform/spdy_string_utils_impl.h index 1e876f0e16bf..e62fdb3f73aa 100644 --- a/source/common/quic/platform/spdy_string_utils_impl.h +++ b/source/common/quic/platform/spdy_string_utils_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/string_utils.h" +#include "source/common/quic/platform/string_utils.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" diff --git a/source/common/quic/platform/string_utils.cc b/source/common/quic/platform/string_utils.cc index 788cd0a4742e..5353033aee51 100644 --- a/source/common/quic/platform/string_utils.cc +++ b/source/common/quic/platform/string_utils.cc @@ -1,4 +1,4 @@ -#include "common/quic/platform/string_utils.h" +#include "source/common/quic/platform/string_utils.h" // NOLINT(namespace-envoy) // @@ -13,7 +13,7 @@ #include "absl/strings/ascii.h" #include "absl/strings/escaping.h" #include "absl/strings/str_format.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace quiche { diff --git a/source/common/quic/quic_filter_manager_connection_impl.cc b/source/common/quic/quic_filter_manager_connection_impl.cc index e47c27080d1d..1532078e2e50 100644 --- a/source/common/quic/quic_filter_manager_connection_impl.cc +++ b/source/common/quic/quic_filter_manager_connection_impl.cc @@ -1,4 +1,4 @@ -#include "common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" #include #include @@ -158,7 +158,8 @@ void QuicFilterManagerConnectionImpl::maybeApplyDelayClosePolicy() { } void QuicFilterManagerConnectionImpl::onConnectionCloseEvent( - const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source) { + const quic::QuicConnectionCloseFrame& frame, quic::ConnectionCloseSource source, + const quic::ParsedQuicVersion& version) { transport_failure_reason_ = absl::StrCat(quic::QuicErrorCodeToString(frame.quic_error_code), " with details: ", frame.error_details); if (network_connection_ != nullptr) { @@ -169,6 +170,33 @@ void QuicFilterManagerConnectionImpl::onConnectionCloseEvent( ASSERT(network_connection_ != nullptr); network_connection_ = nullptr; } + + if (!codec_stats_.has_value()) { + // The connection was closed before it could be used. Stats are not recorded. + return; + } + switch (version.transport_version) { + case quic::QUIC_VERSION_43: + codec_stats_->quic_version_43_.inc(); + return; + case quic::QUIC_VERSION_46: + codec_stats_->quic_version_46_.inc(); + return; + case quic::QUIC_VERSION_50: + codec_stats_->quic_version_50_.inc(); + return; + case quic::QUIC_VERSION_51: + codec_stats_->quic_version_51_.inc(); + return; + case quic::QUIC_VERSION_IETF_DRAFT_29: + codec_stats_->quic_version_h3_29_.inc(); + return; + case quic::QUIC_VERSION_IETF_RFC_V1: + codec_stats_->quic_version_rfc_v1_.inc(); + return; + default: + return; + } } void QuicFilterManagerConnectionImpl::closeConnectionImmediately() { diff --git a/source/common/quic/quic_filter_manager_connection_impl.h b/source/common/quic/quic_filter_manager_connection_impl.h index 7922810e362c..e1a96ea42b90 100644 --- a/source/common/quic/quic_filter_manager_connection_impl.h +++ b/source/common/quic/quic_filter_manager_connection_impl.h @@ -17,14 +17,14 @@ #pragma GCC diagnostic pop #endif -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/http/http3/codec_stats.h" -#include "common/network/connection_impl_base.h" -#include "common/quic/quic_network_connection.h" -#include "common/quic/envoy_quic_simulated_watermark_buffer.h" -#include "common/quic/send_buffer_monitor.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/http/http3/codec_stats.h" +#include "source/common/network/connection_impl_base.h" +#include "source/common/quic/quic_network_connection.h" +#include "source/common/quic/envoy_quic_simulated_watermark_buffer.h" +#include "source/common/quic/send_buffer_monitor.h" +#include "source/common/stream_info/stream_info_impl.h" namespace Envoy { @@ -32,6 +32,8 @@ class TestPauseFilterForQuic; namespace Quic { +class QuicNetworkConnectionTest; + // Act as a Network::Connection to HCM and a FilterManager to FilterFactoryCb. class QuicFilterManagerConnectionImpl : public Network::ConnectionImplBase, public SendBufferMonitor { @@ -135,13 +137,10 @@ class QuicFilterManagerConnectionImpl : public Network::ConnectionImplBase, uint32_t bytesToSend() { return bytes_to_send_; } void setHttp3Options(const envoy::config::core::v3::Http3ProtocolOptions& http3_options) { - http3_options_ = - std::reference_wrapper(http3_options); + http3_options_ = http3_options; } - void setCodecStats(Http::Http3::CodecStats& stats) { - codec_stats_ = std::reference_wrapper(stats); - } + void setCodecStats(Http::Http3::CodecStats& stats) { codec_stats_ = stats; } uint32_t maxIncomingHeadersCount() { return max_headers_count_; } @@ -152,7 +151,8 @@ class QuicFilterManagerConnectionImpl : public Network::ConnectionImplBase, protected: // Propagate connection close to network_connection_callbacks_. void onConnectionCloseEvent(const quic::QuicConnectionCloseFrame& frame, - quic::ConnectionCloseSource source); + quic::ConnectionCloseSource source, + const quic::ParsedQuicVersion& version); void closeConnectionImmediately() override; @@ -164,13 +164,13 @@ class QuicFilterManagerConnectionImpl : public Network::ConnectionImplBase, QuicNetworkConnection* network_connection_{nullptr}; - absl::optional> codec_stats_; - absl::optional> - http3_options_; + OptRef codec_stats_; + OptRef http3_options_; bool initialized_{false}; private: friend class Envoy::TestPauseFilterForQuic; + friend class Envoy::Quic::QuicNetworkConnectionTest; // Called when aggregated buffered bytes across all the streams exceeds high watermark. void onSendBufferHighWatermark(); diff --git a/source/common/quic/quic_io_handle_wrapper.h b/source/common/quic/quic_io_handle_wrapper.h index cdc4eb3719ea..15247bb4184c 100644 --- a/source/common/quic/quic_io_handle_wrapper.h +++ b/source/common/quic/quic_io_handle_wrapper.h @@ -5,7 +5,7 @@ #include "envoy/network/io_handle.h" -#include "common/network/io_socket_error_impl.h" +#include "source/common/network/io_socket_error_impl.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/quic_network_connection.cc b/source/common/quic/quic_network_connection.cc index 577178c9cc32..bc22c6efaa67 100644 --- a/source/common/quic/quic_network_connection.cc +++ b/source/common/quic/quic_network_connection.cc @@ -1,4 +1,4 @@ -#include "common/quic/quic_network_connection.h" +#include "source/common/quic/quic_network_connection.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/quic_network_connection.h b/source/common/quic/quic_network_connection.h index 66c51a7d5215..ae122304c353 100644 --- a/source/common/quic/quic_network_connection.h +++ b/source/common/quic/quic_network_connection.h @@ -4,11 +4,14 @@ #include "envoy/network/connection.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Quic { +// Read ~32k bytes per connection by default, which is about the same as TCP. +static const uint32_t DEFAULT_PACKETS_TO_READ_PER_CONNECTION = 32u; + // A base class of both the client and server connections which keeps stats and // connection socket. class QuicNetworkConnection : protected Logger::Loggable { diff --git a/source/common/quic/quic_stat_names.cc b/source/common/quic/quic_stat_names.cc new file mode 100644 index 000000000000..760d40c4c265 --- /dev/null +++ b/source/common/quic/quic_stat_names.cc @@ -0,0 +1,80 @@ +#include "source/common/quic/quic_stat_names.h" + +namespace Envoy { +namespace Quic { + +// TODO(renjietang): Currently these stats are only available in downstream. Wire it up to upstream +// QUIC also. +QuicStatNames::QuicStatNames(Stats::SymbolTable& symbol_table) + : stat_name_pool_(symbol_table), symbol_table_(symbol_table), + http3_prefix_(stat_name_pool_.add("http3")), downstream_(stat_name_pool_.add("downstream")), + upstream_(stat_name_pool_.add("upstream")), from_self_(stat_name_pool_.add("tx")), + from_peer_(stat_name_pool_.add("rx")) { + // Preallocate most used counters + // Most popular in client initiated connection close. + connectionCloseStatName(quic::QUIC_NETWORK_IDLE_TIMEOUT); + // Most popular in server initiated connection close. + connectionCloseStatName(quic::QUIC_SILENT_IDLE_TIMEOUT); + // Most popular in client initiated stream reset. + resetStreamErrorStatName(quic::QUIC_STREAM_CANCELLED); + // Most popular in server initiated stream reset. + resetStreamErrorStatName(quic::QUIC_STREAM_STREAM_CREATION_ERROR); +} + +void QuicStatNames::incCounter(Stats::Scope& scope, const Stats::StatNameVec& names) { + Stats::SymbolTable::StoragePtr stat_name_storage = symbol_table_.join(names); + scope.counterFromStatName(Stats::StatName(stat_name_storage.get())).inc(); +} + +void QuicStatNames::chargeQuicConnectionCloseStats(Stats::Scope& scope, + quic::QuicErrorCode error_code, + quic::ConnectionCloseSource source, + bool is_upstream) { + ASSERT(&symbol_table_ == &scope.symbolTable()); + + if (error_code > quic::QUIC_LAST_ERROR) { + error_code = quic::QUIC_LAST_ERROR; + } + + const Stats::StatName connection_close = connectionCloseStatName(error_code); + incCounter(scope, {http3_prefix_, (is_upstream ? upstream_ : downstream_), + (source == quic::ConnectionCloseSource::FROM_SELF ? from_self_ : from_peer_), + connection_close}); +} + +void QuicStatNames::chargeQuicResetStreamErrorStats(Stats::Scope& scope, + quic::QuicRstStreamErrorCode error_code, + bool from_self, bool is_upstream) { + ASSERT(&symbol_table_ == &scope.symbolTable()); + + if (error_code > quic::QUIC_STREAM_LAST_ERROR) { + error_code = quic::QUIC_STREAM_LAST_ERROR; + } + + const Stats::StatName stream_error = resetStreamErrorStatName(error_code); + incCounter(scope, {http3_prefix_, (is_upstream ? upstream_ : downstream_), + (from_self ? from_self_ : from_peer_), stream_error}); +} + +Stats::StatName QuicStatNames::connectionCloseStatName(quic::QuicErrorCode error_code) { + ASSERT(error_code <= quic::QUIC_LAST_ERROR); + + return Stats::StatName( + connection_error_stat_names_.get(error_code, [this, error_code]() -> const uint8_t* { + return stat_name_pool_.addReturningStorage( + absl::StrCat("quic_connection_close_error_code_", QuicErrorCodeToString(error_code))); + })); +} + +Stats::StatName QuicStatNames::resetStreamErrorStatName(quic::QuicRstStreamErrorCode error_code) { + ASSERT(error_code <= quic::QUIC_STREAM_LAST_ERROR); + + return Stats::StatName( + reset_stream_error_stat_names_.get(error_code, [this, error_code]() -> const uint8_t* { + return stat_name_pool_.addReturningStorage(absl::StrCat( + "quic_reset_stream_error_code_", QuicRstStreamErrorCodeToString(error_code))); + })); +} + +} // namespace Quic +} // namespace Envoy diff --git a/source/common/quic/quic_stat_names.h b/source/common/quic/quic_stat_names.h new file mode 100644 index 000000000000..2e0acbe2de82 --- /dev/null +++ b/source/common/quic/quic_stat_names.h @@ -0,0 +1,50 @@ +#pragma once + +#include "envoy/stats/scope.h" + +#include "source/common/common/thread.h" +#include "source/common/stats/symbol_table_impl.h" + +#include "quiche/quic/core/quic_error_codes.h" +#include "quiche/quic/core/quic_types.h" + +namespace Envoy { +namespace Quic { + +class QuicStatNames { +public: + // This class holds lazily symbolized stat names and is responsible for charging them. + explicit QuicStatNames(Stats::SymbolTable& symbol_table); + + void chargeQuicConnectionCloseStats(Stats::Scope& scope, quic::QuicErrorCode error_code, + quic::ConnectionCloseSource source, bool is_upstream); + + void chargeQuicResetStreamErrorStats(Stats::Scope& scope, quic::QuicRstStreamErrorCode error_code, + bool from_self, bool is_upstream); + +private: + // Find the actual counter in |scope| and increment it. + // An example counter name: "http3.downstream.tx.quic_connection_close_error_code_QUIC_NO_ERROR". + void incCounter(Stats::Scope& scope, const Stats::StatNameVec& names); + + Stats::StatName connectionCloseStatName(quic::QuicErrorCode error_code); + + Stats::StatName resetStreamErrorStatName(quic::QuicRstStreamErrorCode error_code); + + Stats::StatNamePool stat_name_pool_; + Stats::SymbolTable& symbol_table_; + const Stats::StatName http3_prefix_; + const Stats::StatName downstream_; + const Stats::StatName upstream_; + const Stats::StatName from_self_; + const Stats::StatName from_peer_; + Thread::AtomicPtrArray + connection_error_stat_names_; + Thread::AtomicPtrArray + reset_stream_error_stat_names_; +}; + +} // namespace Quic +} // namespace Envoy diff --git a/source/common/quic/quic_transport_socket_factory.cc b/source/common/quic/quic_transport_socket_factory.cc index 5be0794ba5ec..452b4f45d7c6 100644 --- a/source/common/quic/quic_transport_socket_factory.cc +++ b/source/common/quic/quic_transport_socket_factory.cc @@ -1,8 +1,8 @@ -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/quic_transport_socket_factory.h" #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.validate.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/quic_transport_socket_factory.h b/source/common/quic/quic_transport_socket_factory.h index 9fad6a0b256d..53fede86f811 100644 --- a/source/common/quic/quic_transport_socket_factory.h +++ b/source/common/quic/quic_transport_socket_factory.h @@ -5,9 +5,8 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_config.h" -#include "common/common/assert.h" - -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/common/assert.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" namespace Envoy { namespace Quic { diff --git a/source/common/quic/send_buffer_monitor.cc b/source/common/quic/send_buffer_monitor.cc index 476481b344da..5a9426db9670 100644 --- a/source/common/quic/send_buffer_monitor.cc +++ b/source/common/quic/send_buffer_monitor.cc @@ -1,4 +1,4 @@ -#include "common/quic/send_buffer_monitor.h" +#include "source/common/quic/send_buffer_monitor.h" namespace Envoy { namespace Quic { @@ -21,7 +21,9 @@ SendBufferMonitor::ScopedWatermarkBufferUpdater::~ScopedWatermarkBufferUpdater() ASSERT(static_cast(quic_stream_) != static_cast(send_buffer_monitor_)); return; } - uint64_t new_buffered_bytes = quic_stream_->BufferedDataBytes(); + // If quic_stream_ is done writing, regards all buffered bytes, if there is any, as drained. + uint64_t new_buffered_bytes = + quic_stream_->write_side_closed() ? 0u : quic_stream_->BufferedDataBytes(); send_buffer_monitor_->is_doing_watermark_accounting_ = false; send_buffer_monitor_->updateBytesBuffered(old_buffered_bytes_, new_buffered_bytes); } diff --git a/source/common/quic/udp_gso_batch_writer.cc b/source/common/quic/udp_gso_batch_writer.cc index 8f46df35f2ea..2c5404858354 100644 --- a/source/common/quic/udp_gso_batch_writer.cc +++ b/source/common/quic/udp_gso_batch_writer.cc @@ -1,7 +1,7 @@ -#include "common/quic/udp_gso_batch_writer.h" +#include "source/common/quic/udp_gso_batch_writer.h" -#include "common/network/io_socket_error_impl.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/common/quic/envoy_quic_utils.h" namespace Envoy { namespace Quic { @@ -54,13 +54,14 @@ UdpGsoBatchWriter::writePacket(const Buffer::Instance& buffer, const Network::Ad // Convert received parameters to relevant forms quic::QuicSocketAddress peer_addr = envoyIpAddressToQuicSocketAddress(peer_address.ip()); quic::QuicSocketAddress self_addr = envoyIpAddressToQuicSocketAddress(local_ip); - size_t payload_len = static_cast(buffer.length()); + ASSERT(buffer.getRawSlices().size() == 1); + size_t payload_len = static_cast(buffer.frontSlice().len_); // TODO(yugant): Currently we do not use PerPacketOptions with Quic, we may want to // specify this parameter here at a later stage. - quic::WriteResult quic_result = - WritePacket(buffer.toString().c_str(), payload_len, self_addr.host(), peer_addr, - /*quic::PerPacketOptions=*/nullptr); + quic::WriteResult quic_result = WritePacket(static_cast(buffer.frontSlice().mem_), + payload_len, self_addr.host(), peer_addr, + /*quic::PerPacketOptions=*/nullptr); updateUdpGsoBatchWriterStats(quic_result); return convertQuicWriteResult(quic_result, payload_len); diff --git a/source/common/quic/udp_gso_batch_writer.h b/source/common/quic/udp_gso_batch_writer.h index 700d061bd514..367f248bd7b4 100644 --- a/source/common/quic/udp_gso_batch_writer.h +++ b/source/common/quic/udp_gso_batch_writer.h @@ -28,8 +28,8 @@ #include "envoy/network/udp_packet_writer_handler.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_protos.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_protos.h" namespace Envoy { namespace Quic { diff --git a/source/common/router/BUILD b/source/common/router/BUILD index beccd55248f8..524bd27213f1 100644 --- a/source/common/router/BUILD +++ b/source/common/router/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["metadatamatchcriteria_impl.cc"], hdrs = ["metadatamatchcriteria_impl.h"], deps = [ - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", ], ) @@ -22,7 +22,7 @@ envoy_cc_library( srcs = ["tls_context_match_criteria_impl.cc"], hdrs = ["tls_context_match_criteria_impl.h"], deps = [ - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", ], ) @@ -41,13 +41,13 @@ envoy_cc_library( ":retry_state_lib", ":router_ratelimit_lib", ":tls_context_match_criteria_lib", - "//include/envoy/config:typed_metadata_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/router:router_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:filter_config_interface", # TODO(rodaine): break dependency on server - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/config:typed_metadata_interface", + "//envoy/http:header_map_interface", + "//envoy/router:router_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:filter_config_interface", # TODO(rodaine): break dependency on server + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:hash_lib", @@ -63,7 +63,6 @@ envoy_cc_library( "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/tracing:http_tracer_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", @@ -77,8 +76,8 @@ envoy_cc_library( srcs = ["config_utility.cc"], hdrs = ["config_utility.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/upstream:resource_manager_interface", + "//envoy/http:codes_interface", + "//envoy/upstream:resource_manager_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:matchers_lib", @@ -96,9 +95,9 @@ envoy_cc_library( srcs = ["context_impl.cc"], hdrs = ["context_impl.h"], deps = [ - "//include/envoy/router:context_interface", - "//include/envoy/router:router_interface", - "//include/envoy/stats:stats_macros", + "//envoy/router:context_interface", + "//envoy/router:router_interface", + "//envoy/stats:stats_macros", ], ) @@ -107,8 +106,8 @@ envoy_cc_library( srcs = ["debug_config.cc"], hdrs = ["debug_config.h"], deps = [ - "//include/envoy/http:header_map_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/http:header_map_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/common:macros", ], ) @@ -119,9 +118,9 @@ envoy_cc_library( hdrs = ["route_config_update_receiver_impl.h"], deps = [ ":config_lib", - "//include/envoy/router:rds_interface", - "//include/envoy/router:route_config_update_info_interface", - "//include/envoy/server:factory_context_interface", + "//envoy/router:rds_interface", + "//envoy/router:route_config_update_info_interface", + "//envoy/server:factory_context_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/protobuf:utility_lib", @@ -136,14 +135,14 @@ envoy_cc_library( hdrs = ["vhds.h"], deps = [ ":config_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/router:rds_interface", - "//include/envoy/router:route_config_provider_manager_interface", - "//include/envoy/router:route_config_update_info_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/config:subscription_interface", + "//envoy/http:codes_interface", + "//envoy/local_info:local_info_interface", + "//envoy/router:rds_interface", + "//envoy/router:route_config_provider_manager_interface", + "//envoy/router:route_config_update_info_interface", + "//envoy/singleton:instance_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:api_version_lib", @@ -165,15 +164,15 @@ envoy_cc_library( hdrs = ["rds_impl.h"], deps = [ ":config_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/router:rds_interface", - "//include/envoy/router:route_config_provider_manager_interface", - "//include/envoy/router:route_config_update_info_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/config:subscription_interface", + "//envoy/http:codes_interface", + "//envoy/local_info:local_info_interface", + "//envoy/router:rds_interface", + "//envoy/router:route_config_provider_manager_interface", + "//envoy/router:route_config_update_info_interface", + "//envoy/server:admin_interface", + "//envoy/singleton:instance_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:callback_impl_lib", "//source/common/common:cleanup_lib", @@ -207,9 +206,9 @@ envoy_cc_library( ], deps = [ ":config_lib", - "//include/envoy/router:rds_interface", - "//include/envoy/router:scopes_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/router:rds_interface", + "//envoy/router:scopes_interface", + "//envoy/thread_local:thread_local_interface", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", ], @@ -222,10 +221,10 @@ envoy_cc_library( deps = [ ":rds_lib", ":scoped_config_lib", - "//include/envoy/config:config_provider_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/router:route_config_provider_manager_interface", - "//include/envoy/stats:stats_interface", + "//envoy/config:config_provider_interface", + "//envoy/config:subscription_interface", + "//envoy/router:route_config_provider_manager_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:cleanup_lib", "//source/common/common:minimal_logger_lib", @@ -252,12 +251,12 @@ envoy_cc_library( hdrs = ["retry_state_impl.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/event:timer_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/router:router_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:timer_interface", + "//envoy/http:codec_interface", + "//envoy/http:header_map_interface", + "//envoy/router:router_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:backoff_lib", "//source/common/common:utility_lib", @@ -286,21 +285,21 @@ envoy_cc_library( ":debug_config_lib", ":header_parser_lib", ":retry_state_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/grpc:status", - "//include/envoy/http:codec_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/router:shadow_writer_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/grpc:status", + "//envoy/http:codec_interface", + "//envoy/http:codes_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:filter_interface", + "//envoy/local_info:local_info_interface", + "//envoy/router:shadow_writer_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/access_log:access_log_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", @@ -338,9 +337,9 @@ envoy_cc_library( hdrs = ["router_ratelimit.h"], deps = [ ":config_utility_lib", - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/router:router_interface", - "//include/envoy/router:router_ratelimit_interface", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/router:router_interface", + "//envoy/router:router_ratelimit_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:metadata_lib", @@ -357,8 +356,8 @@ envoy_cc_library( srcs = ["shadow_writer_impl.cc"], hdrs = ["shadow_writer_impl.h"], deps = [ - "//include/envoy/router:shadow_writer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/router:shadow_writer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/http:headers_lib", ], @@ -370,7 +369,7 @@ envoy_cc_library( hdrs = ["header_parser.h"], deps = [ ":header_formatter_lib", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", @@ -384,9 +383,9 @@ envoy_cc_library( hdrs = ["header_formatter.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/router:string_accessor_interface", - "//include/envoy/stream_info:filter_state_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/router:string_accessor_interface", + "//envoy/stream_info:filter_state_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", "//source/common/config:metadata_lib", @@ -401,9 +400,9 @@ envoy_cc_library( srcs = ["reset_header_parser.cc"], hdrs = ["reset_header_parser.h"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/router:router_interface", + "//envoy/common:time_interface", + "//envoy/http:header_map_interface", + "//envoy/router:router_interface", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/route/v3:pkg_cc_proto", @@ -414,7 +413,7 @@ envoy_cc_library( name = "string_accessor_lib", hdrs = ["string_accessor_impl.h"], deps = [ - "//include/envoy/router:string_accessor_interface", + "//envoy/router:string_accessor_interface", ], ) @@ -423,6 +422,6 @@ envoy_cc_library( srcs = ["delegating_route_impl.cc"], hdrs = ["delegating_route_impl.h"], deps = [ - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", ], ) diff --git a/source/common/router/config_impl.cc b/source/common/router/config_impl.cc index 8c5ba9b1c67a..325b77ef4c0b 100644 --- a/source/common/router/config_impl.cc +++ b/source/common/router/config_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/config_impl.h" +#include "source/common/router/config_impl.h" #include #include @@ -18,28 +18,26 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/hash.h" -#include "common/common/logger.h" -#include "common/common/regex.h" -#include "common/common/utility.h" -#include "common/config/metadata.h" -#include "common/config/utility.h" -#include "common/config/well_known_names.h" -#include "common/http/headers.h" -#include "common/http/path_utility.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/router/reset_header_parser.h" -#include "common/router/retry_state_impl.h" -#include "common/runtime/runtime_features.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/http/common/utility.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hash.h" +#include "source/common/common/logger.h" +#include "source/common/common/regex.h" +#include "source/common/common/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/config/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/headers.h" +#include "source/common/http/path_utility.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/reset_header_parser.h" +#include "source/common/router/retry_state_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/http/common/utility.h" #include "absl/strings/match.h" @@ -224,16 +222,6 @@ CorsPolicyImpl::CorsPolicyImpl(const envoy::config::route::v3::CorsPolicy& confi legacy_enabled_(config.has_hidden_envoy_deprecated_enabled() ? config.hidden_envoy_deprecated_enabled().value() : true) { - for (const auto& origin : config.hidden_envoy_deprecated_allow_origin()) { - envoy::type::matcher::v3::StringMatcher matcher_config; - matcher_config.set_exact(origin); - allow_origins_.push_back(std::make_unique(matcher_config)); - } - for (const auto& regex : config.hidden_envoy_deprecated_allow_origin_regex()) { - envoy::type::matcher::v3::StringMatcher matcher_config; - matcher_config.set_hidden_envoy_deprecated_regex(regex); - allow_origins_.push_back(std::make_unique(matcher_config)); - } for (const auto& string_match : config.allow_origin_string_match()) { allow_origins_.push_back(std::make_unique(string_match)); } @@ -626,24 +614,29 @@ void RouteEntryImplBase::finalizeResponseHeaders(Http::ResponseHeaderMap& header } Http::HeaderTransforms -RouteEntryImplBase::responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const { +RouteEntryImplBase::responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting) const { Http::HeaderTransforms transforms; if (!vhost_.globalRouteConfig().mostSpecificHeaderMutationsWins()) { // Append user-specified request headers from most to least specific: route-level headers, // virtual host level headers and finally global connection manager level headers. - mergeTransforms(transforms, response_headers_parser_->getHeaderTransforms(stream_info)); - mergeTransforms(transforms, vhost_.responseHeaderParser().getHeaderTransforms(stream_info)); - mergeTransforms( - transforms, - vhost_.globalRouteConfig().responseHeaderParser().getHeaderTransforms(stream_info)); + mergeTransforms(transforms, + response_headers_parser_->getHeaderTransforms(stream_info, do_formatting)); + mergeTransforms(transforms, + vhost_.responseHeaderParser().getHeaderTransforms(stream_info, do_formatting)); + mergeTransforms(transforms, + vhost_.globalRouteConfig().responseHeaderParser().getHeaderTransforms( + stream_info, do_formatting)); } else { // Most specific mutations (route-level) take precedence by being applied // last: if a header is specified at all levels, the last one applied wins. - mergeTransforms( - transforms, - vhost_.globalRouteConfig().responseHeaderParser().getHeaderTransforms(stream_info)); - mergeTransforms(transforms, vhost_.responseHeaderParser().getHeaderTransforms(stream_info)); - mergeTransforms(transforms, response_headers_parser_->getHeaderTransforms(stream_info)); + mergeTransforms(transforms, + vhost_.globalRouteConfig().responseHeaderParser().getHeaderTransforms( + stream_info, do_formatting)); + mergeTransforms(transforms, + vhost_.responseHeaderParser().getHeaderTransforms(stream_info, do_formatting)); + mergeTransforms(transforms, + response_headers_parser_->getHeaderTransforms(stream_info, do_formatting)); } return transforms; } @@ -752,7 +745,7 @@ absl::string_view RouteEntryImplBase::processRequestHost(const Http::RequestHead host_end += 1; // advance to : } } else { - host_end = request_host.rfind(":"); + host_end = request_host.rfind(':'); } if (host_end != absl::string_view::npos) { @@ -840,8 +833,7 @@ std::multimap RouteEntryImplBase::parseOpaqueConfig(const envoy::config::route::v3::Route& route) { std::multimap ret; if (route.has_metadata()) { - auto filter_metadata = route.metadata().filter_metadata().find( - Extensions::HttpFilters::HttpFilterNames::get().Router); + auto filter_metadata = route.metadata().filter_metadata().find("envoy.filters.http.router"); if (filter_metadata == route.metadata().filter_metadata().end()) { // TODO(zuercher): simply return `ret` when deprecated filter names are removed. filter_metadata = route.metadata().filter_metadata().find(DEPRECATED_ROUTER_NAME); @@ -850,8 +842,7 @@ RouteEntryImplBase::parseOpaqueConfig(const envoy::config::route::v3::Route& rou } Extensions::Common::Utility::ExtensionNameUtil::checkDeprecatedExtensionName( - "http filter", DEPRECATED_ROUTER_NAME, - Extensions::HttpFilters::HttpFilterNames::get().Router); + "http filter", DEPRECATED_ROUTER_NAME, "envoy.filters.http.router"); } for (const auto& it : filter_metadata->second.fields()) { if (it.second.kind_case() == ProtobufWkt::Value::kStringValue) { @@ -1047,9 +1038,10 @@ RouteEntryImplBase::WeightedClusterEntry::WeightedClusterEntry( } Http::HeaderTransforms RouteEntryImplBase::WeightedClusterEntry::responseHeaderTransforms( - const StreamInfo::StreamInfo& stream_info) const { - auto transforms = response_headers_parser_->getHeaderTransforms(stream_info); - mergeTransforms(transforms, DynamicRouteEntry::responseHeaderTransforms(stream_info)); + const StreamInfo::StreamInfo& stream_info, bool do_formatting) const { + auto transforms = response_headers_parser_->getHeaderTransforms(stream_info, do_formatting); + mergeTransforms(transforms, + DynamicRouteEntry::responseHeaderTransforms(stream_info, do_formatting)); return transforms; } @@ -1123,19 +1115,11 @@ RegexRouteEntryImpl::RegexRouteEntryImpl( const OptionalHttpFilters& optional_http_filters, Server::Configuration::ServerFactoryContext& factory_context, ProtobufMessage::ValidationVisitor& validator) - : RouteEntryImplBase(vhost, route, optional_http_filters, factory_context, validator) { - // TODO(yangminzhu): Use PathMatcher once hidden_envoy_deprecated_regex is removed. - if (route.match().path_specifier_case() == - envoy::config::route::v3::RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex) { - regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( - route.match().hidden_envoy_deprecated_regex()); - regex_str_ = route.match().hidden_envoy_deprecated_regex(); - } else { - ASSERT(route.match().path_specifier_case() == - envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); - regex_ = Regex::Utility::parseRegex(route.match().safe_regex()); - regex_str_ = route.match().safe_regex().regex(); - } + : RouteEntryImplBase(vhost, route, optional_http_filters, factory_context, validator), + regex_str_(route.match().safe_regex().regex()), + path_matcher_(Matchers::PathMatcher::createSafeRegex(route.match().safe_regex())) { + ASSERT(route.match().path_specifier_case() == + envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); } void RegexRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, @@ -1143,7 +1127,7 @@ void RegexRouteEntryImpl::rewritePathHeader(Http::RequestHeaderMap& headers, const absl::string_view path = Http::PathUtil::removeQueryAndFragment(headers.getPathValue()); // TODO(yuval-k): This ASSERT can happen if the path was changed by a filter without clearing the // route cache. We should consider if ASSERT-ing is the desired behavior in this case. - ASSERT(regex_->match(path)); + ASSERT(path_matcher_->match(path)); finalizePathHeader(headers, path, insert_envoy_original_path); } @@ -1158,7 +1142,7 @@ RouteConstSharedPtr RegexRouteEntryImpl::matches(const Http::RequestHeaderMap& h uint64_t random_value) const { if (RouteEntryImplBase::matchRoute(headers, stream_info, random_value)) { const absl::string_view path = Http::PathUtil::removeQueryAndFragment(headers.getPathValue()); - if (regex_->match(path)) { + if (path_matcher_->match(path)) { return clusterEntry(headers, random_value); } } @@ -1298,30 +1282,12 @@ VirtualHostImpl::VirtualClusterEntry::VirtualClusterEntry( : StatNameProvider(virtual_cluster.name(), scope.symbolTable()), VirtualClusterBase(stat_name_storage_.statName(), scope.scopeFromStatName(stat_name_storage_.statName()), stat_names) { - if (virtual_cluster.hidden_envoy_deprecated_pattern().empty() == - virtual_cluster.headers().empty()) { - throw EnvoyException("virtual clusters must define either 'pattern' or 'headers'"); + if (virtual_cluster.headers().empty()) { + throw EnvoyException("virtual clusters must define 'headers'"); } - if (!virtual_cluster.hidden_envoy_deprecated_pattern().empty()) { - envoy::config::route::v3::HeaderMatcher matcher_config; - matcher_config.set_name(Http::Headers::get().Path.get()); - matcher_config.set_hidden_envoy_deprecated_regex_match( - virtual_cluster.hidden_envoy_deprecated_pattern()); - headers_.push_back(std::make_unique(matcher_config)); - } else { - ASSERT(!virtual_cluster.headers().empty()); - headers_ = Http::HeaderUtility::buildHeaderDataVector(virtual_cluster.headers()); - } - - if (virtual_cluster.hidden_envoy_deprecated_method() != - envoy::config::core::v3::METHOD_UNSPECIFIED) { - envoy::config::route::v3::HeaderMatcher matcher_config; - matcher_config.set_name(Http::Headers::get().Method.get()); - matcher_config.set_exact_match(envoy::config::core::v3::RequestMethod_Name( - virtual_cluster.hidden_envoy_deprecated_method())); - headers_.push_back(std::make_unique(matcher_config)); - } + ASSERT(!virtual_cluster.headers().empty()); + headers_ = Http::HeaderUtility::buildHeaderDataVector(virtual_cluster.headers()); } const Config& VirtualHostImpl::routeConfig() const { return global_route_config_; } diff --git a/source/common/router/config_impl.h b/source/common/router/config_impl.h index 7f9abd11c02f..e367683e092e 100644 --- a/source/common/router/config_impl.h +++ b/source/common/router/config_impl.h @@ -19,17 +19,17 @@ #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/matchers.h" -#include "common/config/metadata.h" -#include "common/http/hash_policy.h" -#include "common/http/header_utility.h" -#include "common/router/config_utility.h" -#include "common/router/header_formatter.h" -#include "common/router/header_parser.h" -#include "common/router/metadatamatchcriteria_impl.h" -#include "common/router/router_ratelimit.h" -#include "common/router/tls_context_match_criteria_impl.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/matchers.h" +#include "source/common/config/metadata.h" +#include "source/common/http/hash_policy.h" +#include "source/common/http/header_utility.h" +#include "source/common/router/config_utility.h" +#include "source/common/router/header_formatter.h" +#include "source/common/router/header_parser.h" +#include "source/common/router/metadatamatchcriteria_impl.h" +#include "source/common/router/router_ratelimit.h" +#include "source/common/router/tls_context_match_criteria_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" @@ -106,7 +106,8 @@ class SslRedirector : public DirectResponseEntry { // Router::DirectResponseEntry void finalizeResponseHeaders(Http::ResponseHeaderMap&, const StreamInfo::StreamInfo&) const override {} - Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo&) const override { + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo&, + bool) const override { return {}; } std::string newPath(const Http::RequestHeaderMap& headers) const override; @@ -512,8 +513,8 @@ class RouteEntryImplBase : public RouteEntry, bool insert_envoy_original_path) const override; void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const override; - Http::HeaderTransforms - responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const override; + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const override; const Http::HashPolicy* hashPolicy() const override { return hash_policy_.get(); } const HedgePolicy& hedgePolicy() const override { return hedge_policy_; } @@ -647,9 +648,9 @@ class RouteEntryImplBase : public RouteEntry, const StreamInfo::StreamInfo& stream_info) const override { return parent_->finalizeResponseHeaders(headers, stream_info); } - Http::HeaderTransforms - responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const override { - return parent_->responseHeaderTransforms(stream_info); + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const override { + return parent_->responseHeaderTransforms(stream_info, do_formatting); } const CorsPolicy* corsPolicy() const override { return parent_->corsPolicy(); } @@ -777,8 +778,8 @@ class RouteEntryImplBase : public RouteEntry, response_headers_parser_->evaluateHeaders(headers, stream_info); DynamicRouteEntry::finalizeResponseHeaders(headers, stream_info); } - Http::HeaderTransforms - responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const override; + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const override; const RouteSpecificFilterConfig* perFilterConfig(const std::string& name) const override; @@ -978,8 +979,8 @@ class RegexRouteEntryImpl : public RouteEntryImplBase { currentUrlPathAfterRewrite(const Http::RequestHeaderMap& headers) const override; private: - Regex::CompiledMatcherPtr regex_; - std::string regex_str_; + const std::string regex_str_; + const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** diff --git a/source/common/router/config_utility.cc b/source/common/router/config_utility.cc index 78d27ff32197..f94d6b68a19e 100644 --- a/source/common/router/config_utility.cc +++ b/source/common/router/config_utility.cc @@ -1,4 +1,4 @@ -#include "common/router/config_utility.h" +#include "source/common/router/config_utility.h" #include #include @@ -7,8 +7,8 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/assert.h" -#include "common/common/regex.h" +#include "source/common/common/assert.h" +#include "source/common/common/regex.h" namespace Envoy { namespace Router { @@ -33,12 +33,7 @@ maybeCreateStringMatcher(const envoy::config::route::v3::QueryParameterMatcher& } envoy::type::matcher::v3::StringMatcher matcher_config; - if (config.has_hidden_envoy_deprecated_regex() ? config.hidden_envoy_deprecated_regex().value() - : false) { - matcher_config.set_hidden_envoy_deprecated_regex(config.hidden_envoy_deprecated_value()); - } else { - matcher_config.set_exact(config.hidden_envoy_deprecated_value()); - } + matcher_config.set_exact(config.hidden_envoy_deprecated_value()); return Matchers::StringMatcherImpl(matcher_config); } } diff --git a/source/common/router/config_utility.h b/source/common/router/config_utility.h index 5f9513103af9..3c8167c2faa3 100644 --- a/source/common/router/config_utility.h +++ b/source/common/router/config_utility.h @@ -9,12 +9,12 @@ #include "envoy/http/codes.h" #include "envoy/upstream/resource_manager.h" -#include "common/common/empty_string.h" -#include "common/common/matchers.h" -#include "common/common/utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/matchers.h" +#include "source/common/common/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" #include "absl/types/optional.h" diff --git a/source/common/router/context_impl.cc b/source/common/router/context_impl.cc index dd9cfc22c035..2a2df3b234e3 100644 --- a/source/common/router/context_impl.cc +++ b/source/common/router/context_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/context_impl.h" +#include "source/common/router/context_impl.h" namespace Envoy { namespace Router { diff --git a/source/common/router/debug_config.cc b/source/common/router/debug_config.cc index 8ec9cb59687e..4b6d4f3b5cb4 100644 --- a/source/common/router/debug_config.cc +++ b/source/common/router/debug_config.cc @@ -1,6 +1,6 @@ -#include "common/router/debug_config.h" +#include "source/common/router/debug_config.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Router { diff --git a/source/common/router/delegating_route_impl.cc b/source/common/router/delegating_route_impl.cc index af4c61304c69..935a648e9cbe 100644 --- a/source/common/router/delegating_route_impl.cc +++ b/source/common/router/delegating_route_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/delegating_route_impl.h" +#include "source/common/router/delegating_route_impl.h" namespace Envoy { namespace Router { @@ -25,8 +25,9 @@ void DelegatingRouteEntry::finalizeResponseHeaders( } Http::HeaderTransforms -DelegatingRouteEntry::responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const { - return base_route_->routeEntry()->responseHeaderTransforms(stream_info); +DelegatingRouteEntry::responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting) const { + return base_route_->routeEntry()->responseHeaderTransforms(stream_info, do_formatting); } const std::string& DelegatingRouteEntry::clusterName() const { diff --git a/source/common/router/delegating_route_impl.h b/source/common/router/delegating_route_impl.h index ebe791c37c75..53721b394c53 100644 --- a/source/common/router/delegating_route_impl.h +++ b/source/common/router/delegating_route_impl.h @@ -46,8 +46,8 @@ class DelegatingRouteEntry : public Router::RouteEntry { // Router::ResponseEntry void finalizeResponseHeaders(Http::ResponseHeaderMap& headers, const StreamInfo::StreamInfo& stream_info) const override; - Http::HeaderTransforms - responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const override; + Http::HeaderTransforms responseHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const override; // Router::RouteEntry const std::string& clusterName() const override; diff --git a/source/common/router/header_formatter.cc b/source/common/router/header_formatter.cc index aa464deab783..80482fc17b3b 100644 --- a/source/common/router/header_formatter.cc +++ b/source/common/router/header_formatter.cc @@ -1,18 +1,18 @@ -#include "common/router/header_formatter.h" +#include "source/common/router/header_formatter.h" #include #include "envoy/router/string_accessor.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/common/utility.h" -#include "common/config/metadata.h" -#include "common/formatter/substitution_formatter.h" -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" -#include "common/stream_info/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/stream_info/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" diff --git a/source/common/router/header_parser.cc b/source/common/router/header_parser.cc index e05460bfb0c1..81a947571444 100644 --- a/source/common/router/header_parser.cc +++ b/source/common/router/header_parser.cc @@ -1,4 +1,4 @@ -#include "common/router/header_parser.h" +#include "source/common/router/header_parser.h" #include #include @@ -6,10 +6,10 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/common/assert.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_replace.h" @@ -296,17 +296,25 @@ void HeaderParser::evaluateHeaders(Http::HeaderMap& headers, } } -Http::HeaderTransforms -HeaderParser::getHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const { +Http::HeaderTransforms HeaderParser::getHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting) const { Http::HeaderTransforms transforms; for (const auto& [key, entry] : headers_to_add_) { - const std::string value = entry.formatter_->format(stream_info); - if (!value.empty()) { + if (do_formatting) { + const std::string value = entry.formatter_->format(stream_info); + if (!value.empty()) { + if (entry.formatter_->append()) { + transforms.headers_to_append.push_back({key, value}); + } else { + transforms.headers_to_overwrite.push_back({key, value}); + } + } + } else { if (entry.formatter_->append()) { - transforms.headers_to_append.push_back({key, value}); + transforms.headers_to_append.push_back({key, entry.original_value_}); } else { - transforms.headers_to_overwrite.push_back({key, value}); + transforms.headers_to_overwrite.push_back({key, entry.original_value_}); } } } diff --git a/source/common/router/header_parser.h b/source/common/router/header_parser.h index 8e4d5548fce0..2cf52bdef09d 100644 --- a/source/common/router/header_parser.h +++ b/source/common/router/header_parser.h @@ -7,8 +7,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/header_map.h" -#include "common/protobuf/protobuf.h" -#include "common/router/header_formatter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/router/header_formatter.h" namespace Envoy { namespace Router { @@ -55,8 +55,11 @@ class HeaderParser { * Same as evaluateHeaders, but returns the modifications that would have been made rather than * modifying an existing HeaderMap. * @param stream_info contains additional information about the request. + * @param do_formatting whether or not to evaluate configured transformations; if false, returns + * original values instead. */ - Http::HeaderTransforms getHeaderTransforms(const StreamInfo::StreamInfo& stream_info) const; + Http::HeaderTransforms getHeaderTransforms(const StreamInfo::StreamInfo& stream_info, + bool do_formatting = true) const; protected: HeaderParser() = default; diff --git a/source/common/router/metadatamatchcriteria_impl.cc b/source/common/router/metadatamatchcriteria_impl.cc index 88cfa4b229fd..bcfbc733c6d1 100644 --- a/source/common/router/metadatamatchcriteria_impl.cc +++ b/source/common/router/metadatamatchcriteria_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/metadatamatchcriteria_impl.h" +#include "source/common/router/metadatamatchcriteria_impl.h" namespace Envoy { namespace Router { diff --git a/source/common/router/rds_impl.cc b/source/common/router/rds_impl.cc index cc9c20e2d30e..d9a712217775 100644 --- a/source/common/router/rds_impl.cc +++ b/source/common/router/rds_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/rds_impl.h" +#include "source/common/router/rds_impl.h" #include #include @@ -11,14 +11,14 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/api_version.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_version.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Router { @@ -88,7 +88,8 @@ RdsRouteConfigSubscription::RdsRouteConfigSubscription( fmt::format("RdsRouteConfigSubscription local-init-target {}", route_config_name_), [this]() { subscription_->start({route_config_name_}); }), local_init_manager_(fmt::format("RDS local-init-manager {}", route_config_name_)), - stat_prefix_(stat_prefix), stats_({ALL_RDS_STATS(POOL_COUNTER(*scope_))}), + stat_prefix_(stat_prefix), + stats_({ALL_RDS_STATS(POOL_COUNTER(*scope_), POOL_GAUGE(*scope_))}), route_config_provider_manager_(route_config_provider_manager), manager_identifier_(manager_identifier), optional_http_filters_(optional_http_filters) { const auto resource_name = getResourceName(); @@ -131,6 +132,7 @@ void RdsRouteConfigSubscription::onConfigUpdate( std::unique_ptr resume_rds; if (config_update_info_->onRdsUpdate(route_config, version_info)) { stats_.config_reload_.inc(); + stats_.config_reload_time_ms_.set(DateUtil::nowToMilliseconds(factory_context_.timeSource())); if (config_update_info_->protobufConfiguration().has_vhds() && config_update_info_->vhdsConfigurationChanged()) { ENVOY_LOG( diff --git a/source/common/router/rds_impl.h b/source/common/router/rds_impl.h index 22182e48d416..9e79763fc1dd 100644 --- a/source/common/router/rds_impl.h +++ b/source/common/router/rds_impl.h @@ -24,15 +24,15 @@ #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/callback_impl.h" -#include "common/common/cleanup.h" -#include "common/common/logger.h" -#include "common/init/manager_impl.h" -#include "common/init/target_impl.h" -#include "common/init/watcher_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/route_config_update_receiver_impl.h" -#include "common/router/vhds.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/target_impl.h" +#include "source/common/init/watcher_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/route_config_update_receiver_impl.h" +#include "source/common/router/vhds.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" @@ -97,15 +97,16 @@ class StaticRouteConfigProviderImpl : public RouteConfigProvider { /** * All RDS stats. @see stats_macros.h */ -#define ALL_RDS_STATS(COUNTER) \ +#define ALL_RDS_STATS(COUNTER, GAUGE) \ COUNTER(config_reload) \ - COUNTER(update_empty) + COUNTER(update_empty) \ + GAUGE(config_reload_time_ms, NeverImport) /** * Struct definition for all RDS stats. @see stats_macros.h */ struct RdsStats { - ALL_RDS_STATS(GENERATE_COUNTER_STRUCT) + ALL_RDS_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) }; class RdsRouteConfigProviderImpl; diff --git a/source/common/router/reset_header_parser.cc b/source/common/router/reset_header_parser.cc index f2a7f1581f94..db73f9f4de3e 100644 --- a/source/common/router/reset_header_parser.cc +++ b/source/common/router/reset_header_parser.cc @@ -1,8 +1,8 @@ -#include "common/router/reset_header_parser.h" +#include "source/common/router/reset_header_parser.h" #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/numbers.h" diff --git a/source/common/router/reset_header_parser.h b/source/common/router/reset_header_parser.h index 776486d339b1..75f1b26d61cd 100644 --- a/source/common/router/reset_header_parser.h +++ b/source/common/router/reset_header_parser.h @@ -9,7 +9,7 @@ #include "envoy/http/header_map.h" #include "envoy/router/router.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/source/common/router/retry_state_impl.cc b/source/common/router/retry_state_impl.cc index e39275c5c274..0b7d86b2c2e7 100644 --- a/source/common/router/retry_state_impl.cc +++ b/source/common/router/retry_state_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/retry_state_impl.h" +#include "source/common/router/retry_state_impl.h" #include #include @@ -7,12 +7,12 @@ #include "envoy/config/route/v3/route_components.pb.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/headers.h" -#include "common/http/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Router { diff --git a/source/common/router/retry_state_impl.h b/source/common/router/retry_state_impl.h index 8931b5bf3751..affa6f9fa0eb 100644 --- a/source/common/router/retry_state_impl.h +++ b/source/common/router/retry_state_impl.h @@ -11,8 +11,8 @@ #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" -#include "common/common/backoff_strategy.h" -#include "common/http/header_utility.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/http/header_utility.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/source/common/router/route_config_update_receiver_impl.cc b/source/common/router/route_config_update_receiver_impl.cc index b3226de02800..61d451ce6291 100644 --- a/source/common/router/route_config_update_receiver_impl.cc +++ b/source/common/router/route_config_update_receiver_impl.cc @@ -1,15 +1,15 @@ -#include "common/router/route_config_update_receiver_impl.h" +#include "source/common/router/route_config_update_receiver_impl.h" #include #include "envoy/config/route/v3/route.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/thread.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Router { diff --git a/source/common/router/route_config_update_receiver_impl.h b/source/common/router/route_config_update_receiver_impl.h index 4f77bd34156b..fc07c9f9e3f9 100644 --- a/source/common/router/route_config_update_receiver_impl.h +++ b/source/common/router/route_config_update_receiver_impl.h @@ -9,9 +9,9 @@ #include "envoy/server/factory_context.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/logger.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Router { diff --git a/source/common/router/router.cc b/source/common/router/router.cc index ec67fdbd87b0..259e105a1af9 100644 --- a/source/common/router/router.cc +++ b/source/common/router/router.cc @@ -1,4 +1,4 @@ -#include "common/router/router.h" +#include "source/common/router/router.h" #include #include @@ -15,34 +15,32 @@ #include "envoy/upstream/health_check_host_monitor.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/network/application_protocol.h" -#include "common/network/socket_option_factory.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_socket_options_filter_state.h" -#include "common/network/upstream_subject_alt_names.h" -#include "common/router/config_impl.h" -#include "common/router/debug_config.h" -#include "common/router/retry_state_impl.h" -#include "common/router/upstream_request.h" -#include "common/runtime/runtime_features.h" -#include "common/stream_info/uint32_accessor_impl.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_socket_options_filter_state.h" +#include "source/common/network/upstream_subject_alt_names.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/debug_config.h" +#include "source/common/router/retry_state_impl.h" +#include "source/common/router/upstream_request.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stream_info/uint32_accessor_impl.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Router { @@ -299,6 +297,8 @@ void Filter::chargeUpstreamCode(uint64_t response_status_code, const bool is_canary = (upstream_canary_header && upstream_canary_header->value() == "true") || (upstream_host ? upstream_host->canary() : false); const bool internal_request = Http::HeaderUtility::isEnvoyInternalRequest(*downstream_headers_); + const bool exclude_http_code_stats = + grpc_request_ && config_.suppress_grpc_request_failure_code_stats_; Stats::StatName upstream_zone = upstreamZone(upstream_host); Http::CodeStats::ResponseStatInfo info{config_.scope_, @@ -314,7 +314,7 @@ void Filter::chargeUpstreamCode(uint64_t response_status_code, is_canary}; Http::CodeStats& code_stats = httpContext().codeStats(); - code_stats.chargeResponseStat(info); + code_stats.chargeResponseStat(info, exclude_http_code_stats); if (alt_stat_prefix_ != nullptr) { Http::CodeStats::ResponseStatInfo alt_info{config_.scope_, @@ -327,7 +327,7 @@ void Filter::chargeUpstreamCode(uint64_t response_status_code, config_.zone_name_, upstream_zone, is_canary}; - code_stats.chargeResponseStat(alt_info); + code_stats.chargeResponseStat(alt_info, exclude_http_code_stats); } if (dropped) { @@ -1144,6 +1144,8 @@ Filter::streamResetReasonToResponseFlag(Http::StreamResetReason reset_reason) { return StreamInfo::ResponseFlag::UpstreamRemoteReset; case Http::StreamResetReason::ProtocolError: return StreamInfo::ResponseFlag::UpstreamProtocolError; + case Http::StreamResetReason::OverloadManager: + return StreamInfo::ResponseFlag::OverloadManager; } NOT_REACHED_GCOVR_EXCL_LINE; diff --git a/source/common/router/router.h b/source/common/router/router.h index e0ba5d4bae99..df71f4007d13 100644 --- a/source/common/router/router.h +++ b/source/common/router/router.h @@ -19,21 +19,21 @@ #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" -#include "common/access_log/access_log_impl.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/cleanup.h" -#include "common/common/hash.h" -#include "common/common/hex.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/config/well_known_names.h" -#include "common/http/utility.h" -#include "common/router/config_impl.h" -#include "common/router/context_impl.h" -#include "common/router/upstream_request.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/hash.h" +#include "source/common/common/hex.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/utility.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/context_impl.h" +#include "source/common/router/upstream_request.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/upstream/load_balancer_impl.h" namespace Envoy { namespace Router { @@ -168,7 +168,7 @@ class FilterConfig { Stats::Scope& scope, Upstream::ClusterManager& cm, Runtime::Loader& runtime, Random::RandomGenerator& random, ShadowWriterPtr&& shadow_writer, bool emit_dynamic_stats, bool start_child_span, bool suppress_envoy_headers, - bool respect_expected_rq_timeout, + bool respect_expected_rq_timeout, bool suppress_grpc_request_failure_code_stats, const Protobuf::RepeatedPtrField& strict_check_headers, TimeSource& time_source, Http::Context& http_context, Router::Context& router_context) @@ -176,9 +176,10 @@ class FilterConfig { stats_(router_context.statNames(), scope, stat_prefix), emit_dynamic_stats_(emit_dynamic_stats), start_child_span_(start_child_span), suppress_envoy_headers_(suppress_envoy_headers), - respect_expected_rq_timeout_(respect_expected_rq_timeout), http_context_(http_context), - zone_name_(local_info_.zoneStatName()), shadow_writer_(std::move(shadow_writer)), - time_source_(time_source) { + respect_expected_rq_timeout_(respect_expected_rq_timeout), + suppress_grpc_request_failure_code_stats_(suppress_grpc_request_failure_code_stats), + http_context_(http_context), zone_name_(local_info_.zoneStatName()), + shadow_writer_(std::move(shadow_writer)), time_source_(time_source) { if (!strict_check_headers.empty()) { strict_check_headers_ = std::make_unique(); for (const auto& header : strict_check_headers) { @@ -190,12 +191,13 @@ class FilterConfig { FilterConfig(Stats::StatName stat_prefix, Server::Configuration::FactoryContext& context, ShadowWriterPtr&& shadow_writer, const envoy::extensions::filters::http::router::v3::Router& config) - : FilterConfig(stat_prefix, context.localInfo(), context.scope(), context.clusterManager(), - context.runtime(), context.api().randomGenerator(), std::move(shadow_writer), - PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, dynamic_stats, true), - config.start_child_span(), config.suppress_envoy_headers(), - config.respect_expected_rq_timeout(), config.strict_check_headers(), - context.api().timeSource(), context.httpContext(), context.routerContext()) { + : FilterConfig( + stat_prefix, context.localInfo(), context.scope(), context.clusterManager(), + context.runtime(), context.api().randomGenerator(), std::move(shadow_writer), + PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, dynamic_stats, true), config.start_child_span(), + config.suppress_envoy_headers(), config.respect_expected_rq_timeout(), + config.suppress_grpc_request_failure_code_stats(), config.strict_check_headers(), + context.api().timeSource(), context.httpContext(), context.routerContext()) { for (const auto& upstream_log : config.upstream_log()) { upstream_logs_.push_back(AccessLog::AccessLogFactory::fromProto(upstream_log, context)); } @@ -216,6 +218,7 @@ class FilterConfig { const bool start_child_span_; const bool suppress_envoy_headers_; const bool respect_expected_rq_timeout_; + const bool suppress_grpc_request_failure_code_stats_; // TODO(xyu-stripe): Make this a bitset to keep cluster memory footprint down. HeaderVectorPtr strict_check_headers_; std::list upstream_logs_; diff --git a/source/common/router/router_ratelimit.cc b/source/common/router/router_ratelimit.cc index 6a194da1df9f..d7fe0b081ac5 100644 --- a/source/common/router/router_ratelimit.cc +++ b/source/common/router/router_ratelimit.cc @@ -1,4 +1,4 @@ -#include "common/router/router_ratelimit.h" +#include "source/common/router/router_ratelimit.h" #include #include @@ -8,11 +8,11 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/config/metadata.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/metadata.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Router { diff --git a/source/common/router/router_ratelimit.h b/source/common/router/router_ratelimit.h index b7d592f32974..d4acc92ae48d 100644 --- a/source/common/router/router_ratelimit.h +++ b/source/common/router/router_ratelimit.h @@ -11,8 +11,8 @@ #include "envoy/router/router.h" #include "envoy/router/router_ratelimit.h" -#include "common/config/metadata.h" -#include "common/http/header_utility.h" +#include "source/common/config/metadata.h" +#include "source/common/http/header_utility.h" #include "absl/types/optional.h" diff --git a/source/common/router/scoped_config_impl.cc b/source/common/router/scoped_config_impl.cc index 4c379e1b7a33..6aafffaf5ce2 100644 --- a/source/common/router/scoped_config_impl.cc +++ b/source/common/router/scoped_config_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/scoped_config_impl.h" +#include "source/common/router/scoped_config_impl.h" #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" diff --git a/source/common/router/scoped_config_impl.h b/source/common/router/scoped_config_impl.h index 17c6847de79d..e1783da59255 100644 --- a/source/common/router/scoped_config_impl.h +++ b/source/common/router/scoped_config_impl.h @@ -10,9 +10,9 @@ #include "envoy/router/scopes.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/hash.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" +#include "source/common/common/hash.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" #include "absl/numeric/int128.h" #include "absl/strings/str_format.h" diff --git a/source/common/router/scoped_rds.cc b/source/common/router/scoped_rds.cc index 1e7e6d584972..fe005aa16953 100644 --- a/source/common/router/scoped_rds.cc +++ b/source/common/router/scoped_rds.cc @@ -1,4 +1,4 @@ -#include "common/router/scoped_rds.h" +#include "source/common/router/scoped_rds.h" #include @@ -9,18 +9,18 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/config/api_version.h" -#include "common/config/resource_name.h" -#include "common/config/version_converter.h" -#include "common/config/xds_resource.h" -#include "common/init/manager_impl.h" -#include "common/init/watcher_impl.h" -#include "common/router/rds_impl.h" -#include "common/router/scoped_config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/config/resource_name.h" +#include "source/common/config/version_converter.h" +#include "source/common/config/xds_resource.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/watcher_impl.h" +#include "source/common/router/rds_impl.h" +#include "source/common/router/scoped_config_impl.h" #include "absl/strings/str_join.h" @@ -393,6 +393,7 @@ void ScopedRdsConfigSubscription::onConfigUpdate( } stats_.all_scopes_.set(scoped_route_map_.size()); stats_.config_reload_.inc(); + stats_.config_reload_time_ms_.set(DateUtil::nowToMilliseconds(factory_context_.timeSource())); } void ScopedRdsConfigSubscription::onRdsConfigUpdate(const std::string& scope_name, diff --git a/source/common/router/scoped_rds.h b/source/common/router/scoped_rds.h index 12fde395b134..65898e81bda3 100644 --- a/source/common/router/scoped_rds.h +++ b/source/common/router/scoped_rds.h @@ -13,11 +13,11 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/config_provider_impl.h" -#include "common/config/subscription_base.h" -#include "common/init/manager_impl.h" -#include "common/router/rds_impl.h" -#include "common/router/scoped_config_impl.h" +#include "source/common/config/config_provider_impl.h" +#include "source/common/config/subscription_base.h" +#include "source/common/init/manager_impl.h" +#include "source/common/router/rds_impl.h" +#include "source/common/router/scoped_config_impl.h" namespace Envoy { namespace Router { @@ -86,6 +86,7 @@ class InlineScopedRoutesConfigProvider : public Envoy::Config::ImmutableConfigPr COUNTER(config_reload) \ COUNTER(update_empty) \ GAUGE(all_scopes, Accumulate) \ + GAUGE(config_reload_time_ms, NeverImport) \ GAUGE(on_demand_scopes, Accumulate) \ GAUGE(active_scopes, Accumulate) diff --git a/source/common/router/shadow_writer_impl.cc b/source/common/router/shadow_writer_impl.cc index 89da4c9ef85b..d07447a13aba 100644 --- a/source/common/router/shadow_writer_impl.cc +++ b/source/common/router/shadow_writer_impl.cc @@ -1,10 +1,10 @@ -#include "common/router/shadow_writer_impl.h" +#include "source/common/router/shadow_writer_impl.h" #include #include -#include "common/common/assert.h" -#include "common/http/headers.h" +#include "source/common/common/assert.h" +#include "source/common/http/headers.h" #include "absl/strings/str_join.h" diff --git a/source/common/router/tls_context_match_criteria_impl.cc b/source/common/router/tls_context_match_criteria_impl.cc index ee1436972027..128fe5e00e6b 100644 --- a/source/common/router/tls_context_match_criteria_impl.cc +++ b/source/common/router/tls_context_match_criteria_impl.cc @@ -1,4 +1,4 @@ -#include "common/router/tls_context_match_criteria_impl.h" +#include "source/common/router/tls_context_match_criteria_impl.h" #include "envoy/config/route/v3/route_components.pb.h" diff --git a/source/common/router/upstream_request.cc b/source/common/router/upstream_request.cc index 3213f156aa81..4a81e24d5835 100644 --- a/source/common/router/upstream_request.cc +++ b/source/common/router/upstream_request.cc @@ -1,4 +1,4 @@ -#include "common/router/upstream_request.h" +#include "source/common/router/upstream_request.h" #include #include @@ -15,30 +15,28 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/network/application_protocol.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_subject_alt_names.h" -#include "common/router/config_impl.h" -#include "common/router/debug_config.h" -#include "common/router/router.h" -#include "common/stream_info/uint32_accessor_impl.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_subject_alt_names.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/debug_config.h" +#include "source/common/router/router.h" +#include "source/common/stream_info/uint32_accessor_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" namespace Envoy { namespace Router { @@ -94,6 +92,20 @@ UpstreamRequest::~UpstreamRequest() { FilterUtility::percentageOfTimeout(response_time, parent_.timeout().per_try_timeout_)); } + // Ditto for request/response size histograms. + Upstream::ClusterRequestResponseSizeStatsOptRef req_resp_stats_opt = + parent_.cluster()->requestResponseSizeStats(); + if (req_resp_stats_opt.has_value()) { + auto& req_resp_stats = req_resp_stats_opt->get(); + req_resp_stats.upstream_rq_headers_size_.recordValue(parent_.downstreamHeaders()->byteSize()); + req_resp_stats.upstream_rq_body_size_.recordValue(stream_info_.bytesSent()); + + if (response_headers_size_.has_value()) { + req_resp_stats.upstream_rs_headers_size_.recordValue(response_headers_size_.value()); + req_resp_stats.upstream_rs_body_size_.recordValue(stream_info_.bytesReceived()); + } + } + stream_info_.setUpstreamTiming(upstream_timing_); stream_info_.onRequestComplete(); for (const auto& upstream_log : parent_.config().upstream_logs_) { @@ -112,12 +124,15 @@ void UpstreamRequest::decode100ContinueHeaders(Http::ResponseHeaderMapPtr&& head ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); ASSERT(100 == Http::Utility::getResponseStatus(*headers)); + addResponseHeadersSize(headers->byteSize()); parent_.onUpstream100ContinueHeaders(std::move(headers), *this); } void UpstreamRequest::decodeHeaders(Http::ResponseHeaderMapPtr&& headers, bool end_stream) { ScopeTrackerScopeState scope(&parent_.callbacks()->scope(), parent_.callbacks()->dispatcher()); + addResponseHeadersSize(headers->byteSize()); + // We drop 1xx other than 101 on the floor; 101 upgrade headers need to be passed to the client as // part of the final response. 100-continue headers are handled in onUpstream100ContinueHeaders. // @@ -371,6 +386,9 @@ void UpstreamRequest::onPoolReady( ENVOY_STREAM_LOG(debug, "pool ready", *parent_.callbacks()); upstream_ = std::move(upstream); + // Have the upstream use the account of the downstream. + upstream_->setAccount(parent_.callbacks()->account()); + if (parent_.requestVcluster()) { // The cluster increases its upstream_rq_total_ counter right before firing this onPoolReady // callback. Hence, the upstream request increases the virtual cluster's upstream_rq_total_ stat @@ -446,8 +464,8 @@ void UpstreamRequest::onPoolReady( // erroneously remove required headers. stream_info_.setResponseFlag(StreamInfo::ResponseFlag::DownstreamProtocolError); const std::string details = - absl::StrCat(StreamInfo::ResponseCodeDetails::get().FilterRemovedRequiredHeaders, "{", - status.message(), "}"); + absl::StrCat(StreamInfo::ResponseCodeDetails::get().FilterRemovedRequiredRequestHeaders, + "{", status.message(), "}"); parent_.callbacks()->sendLocalReply(Http::Code::ServiceUnavailable, status.message(), nullptr, absl::nullopt, details); return; diff --git a/source/common/router/upstream_request.h b/source/common/router/upstream_request.h index 5c0bb6480bc8..8776089fe043 100644 --- a/source/common/router/upstream_request.h +++ b/source/common/router/upstream_request.h @@ -13,14 +13,14 @@ #include "envoy/stats/scope.h" #include "envoy/tcp/conn_pool.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/cleanup.h" -#include "common/common/hash.h" -#include "common/common/hex.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/config/well_known_names.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/hash.h" +#include "source/common/common/hex.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/config/well_known_names.h" +#include "source/common/stream_info/stream_info_impl.h" namespace Envoy { namespace Router { @@ -127,6 +127,9 @@ class UpstreamRequest : public Logger::Loggable, return encode_complete_ && !buffered_request_body_ && !encode_trailers_ && downstream_metadata_map_vector_.empty(); } + void addResponseHeadersSize(uint64_t size) { + response_headers_size_ = response_headers_size_.value_or(0) + size; + } RouterFilterInterface& parent_; std::unique_ptr conn_pool_; @@ -141,6 +144,9 @@ class UpstreamRequest : public Logger::Loggable, StreamInfo::StreamInfoImpl stream_info_; StreamInfo::UpstreamTiming upstream_timing_; const MonotonicTime start_time_; + // This is wrapped in an optional, since we want to avoid computing zero size headers when in + // reality we just didn't get a response back. + absl::optional response_headers_size_{}; // Copies of upstream headers/trailers. These are only set if upstream // access logging is configured. Http::ResponseHeaderMapPtr upstream_headers_; diff --git a/source/common/router/vhds.cc b/source/common/router/vhds.cc index 572a835344f5..b291b9af14f5 100644 --- a/source/common/router/vhds.cc +++ b/source/common/router/vhds.cc @@ -1,4 +1,4 @@ -#include "common/router/vhds.h" +#include "source/common/router/vhds.h" #include #include @@ -10,12 +10,12 @@ #include "envoy/config/subscription.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/api_version.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_version.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Router { diff --git a/source/common/router/vhds.h b/source/common/router/vhds.h index 2e38433c454b..099b00ff322d 100644 --- a/source/common/router/vhds.h +++ b/source/common/router/vhds.h @@ -18,10 +18,10 @@ #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/logger.h" -#include "common/config/subscription_base.h" -#include "common/init/target_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/common/logger.h" +#include "source/common/config/subscription_base.h" +#include "source/common/init/target_impl.h" +#include "source/common/protobuf/utility.h" #include "absl/container/node_hash_set.h" diff --git a/source/common/runtime/BUILD b/source/common/runtime/BUILD index 6b2f326d2cb6..ce7a517e9a4a 100644 --- a/source/common/runtime/BUILD +++ b/source/common/runtime/BUILD @@ -21,7 +21,7 @@ envoy_cc_library( # AVOID ADDING TO THESE DEPENDENCIES IF POSSIBLE # Any code using runtime guards depends on this library, and the more dependencies there are, # the harder it is to runtime-guard without dependency loops. - "//include/envoy/runtime:runtime_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:hash_lib", "//source/common/singleton:const_singleton", ], @@ -33,7 +33,7 @@ envoy_cc_library( "runtime_protos.h", ], deps = [ - "//include/envoy/runtime:runtime_interface", + "//envoy/runtime:runtime_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", @@ -51,14 +51,14 @@ envoy_cc_library( deps = [ ":runtime_features_lib", ":runtime_protos_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", + "//envoy/init:manager_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", diff --git a/source/common/runtime/runtime_features.cc b/source/common/runtime/runtime_features.cc index 0f8995fdb3f1..546fc4e8eda9 100644 --- a/source/common/runtime/runtime_features.cc +++ b/source/common/runtime/runtime_features.cc @@ -1,4 +1,4 @@ -#include "common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/match.h" @@ -70,12 +70,14 @@ constexpr const char* runtime_features[] = { "envoy.reloadable_features.hash_multiple_header_values", "envoy.reloadable_features.health_check.graceful_goaway_handling", "envoy.reloadable_features.health_check.immediate_failure_exclude_from_cluster", + "envoy.reloadable_features.http2_consume_stream_refused_errors", + "envoy.reloadable_features.http2_skip_encoding_empty_trailers", "envoy.reloadable_features.http_transport_failure_reason_in_body", "envoy.reloadable_features.http_upstream_wait_connect_response", - "envoy.reloadable_features.http2_skip_encoding_empty_trailers", "envoy.reloadable_features.improved_stream_limit_handling", "envoy.reloadable_features.internal_redirects_with_body", "envoy.reloadable_features.new_tcp_connection_pool", + "envoy.reloadable_features.no_chunked_encoding_header_for_304", "envoy.reloadable_features.prefer_quic_kernel_bpf_packet_routing", "envoy.reloadable_features.preserve_downstream_scheme", "envoy.reloadable_features.remove_forked_chromium_url", @@ -86,6 +88,8 @@ constexpr const char* runtime_features[] = { "envoy.reloadable_features.strip_port_from_connect", "envoy.reloadable_features.treat_host_like_authority", "envoy.reloadable_features.treat_upstream_connect_timeout_as_connect_failure", + "envoy.reloadable_features.udp_per_event_loop_read_limit", + "envoy.reloadable_features.unquote_log_string_values", "envoy.reloadable_features.upstream_host_weight_change_causes_rebuild", "envoy.reloadable_features.use_observable_cluster_name", "envoy.reloadable_features.vhds_heartbeats", @@ -110,6 +114,8 @@ constexpr const char* disabled_runtime_features[] = { "envoy.reloadable_features.remove_legacy_json", // Sentinel and test flag. "envoy.reloadable_features.test_feature_false", + // TODO(kbaichoo): Remove when this is no longer test only. + "envoy.test_only.per_stream_buffer_accounting", // Allows the use of ExtensionWithMatcher to wrap a HTTP filter with a match tree. "envoy.reloadable_features.experimental_matching_api", }; diff --git a/source/common/runtime/runtime_features.h b/source/common/runtime/runtime_features.h index 4760d218504c..deebe3a65c53 100644 --- a/source/common/runtime/runtime_features.h +++ b/source/common/runtime/runtime_features.h @@ -4,7 +4,7 @@ #include "envoy/runtime/runtime.h" -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/runtime/runtime_impl.cc b/source/common/runtime/runtime_impl.cc index e41a19217f9c..85a7fc91ecec 100644 --- a/source/common/runtime/runtime_impl.cc +++ b/source/common/runtime/runtime_impl.cc @@ -1,4 +1,4 @@ -#include "common/runtime/runtime_impl.h" +#include "source/common/runtime/runtime_impl.h" #include #include @@ -12,15 +12,15 @@ #include "envoy/type/v3/percent.pb.h" #include "envoy/type/v3/percent.pb.validate.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/api_version.h" -#include "common/filesystem/directory.h" -#include "common/grpc/common.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/filesystem/directory.h" +#include "source/common/grpc/common.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" @@ -28,7 +28,7 @@ #include "absl/strings/numbers.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/quic/platform/quiche_flags_impl.h" #endif namespace Envoy { diff --git a/source/common/runtime/runtime_impl.h b/source/common/runtime/runtime_impl.h index 3d9937636967..cd42d479383d 100644 --- a/source/common/runtime/runtime_impl.h +++ b/source/common/runtime/runtime_impl.h @@ -21,13 +21,13 @@ #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/config/subscription_base.h" -#include "common/init/manager_impl.h" -#include "common/init/target_impl.h" -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/config/subscription_base.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/target_impl.h" +#include "source/common/singleton/threadsafe_singleton.h" #include "absl/container/node_hash_map.h" #include "spdlog/spdlog.h" diff --git a/source/common/runtime/runtime_protos.h b/source/common/runtime/runtime_protos.h index b9d7d2550e9f..a17f61519d67 100644 --- a/source/common/runtime/runtime_protos.h +++ b/source/common/runtime/runtime_protos.h @@ -6,12 +6,11 @@ #include "envoy/runtime/runtime.h" #include "envoy/type/v3/percent.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Runtime { -// TODO(WeavingGao): use for #16392 // Helper class for runtime-derived uint32. class UInt32 : Logger::Loggable { public: diff --git a/source/common/secret/BUILD b/source/common/secret/BUILD index 84defb7ef88b..4dc783bc83e3 100644 --- a/source/common/secret/BUILD +++ b/source/common/secret/BUILD @@ -15,8 +15,8 @@ envoy_cc_library( deps = [ ":sds_api_lib", ":secret_provider_impl_lib", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/server:transport_socket_config_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:version_converter_lib", @@ -32,7 +32,7 @@ envoy_cc_library( srcs = ["secret_provider_impl.cc"], hdrs = ["secret_provider_impl.h"], deps = [ - "//include/envoy/secret:secret_provider_interface", + "//envoy/secret:secret_provider_interface", "//source/common/ssl:certificate_validation_context_config_impl_lib", "//source/common/ssl:tls_certificate_config_impl_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", @@ -44,15 +44,15 @@ envoy_cc_library( srcs = ["sds_api.cc"], hdrs = ["sds_api.h"], deps = [ - "//include/envoy/config:subscription_factory_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/secret:secret_provider_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/stats:stats_interface", + "//envoy/config:subscription_factory_interface", + "//envoy/config:subscription_interface", + "//envoy/event:dispatcher_interface", + "//envoy/init:manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/runtime:runtime_interface", + "//envoy/secret:secret_provider_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/stats:stats_interface", "//source/common/common:callback_impl_lib", "//source/common/common:cleanup_lib", "//source/common/config:api_version_lib", diff --git a/source/common/secret/sds_api.cc b/source/common/secret/sds_api.cc index 0c9323c4f7f3..03dba0ccfe55 100644 --- a/source/common/secret/sds_api.cc +++ b/source/common/secret/sds_api.cc @@ -1,13 +1,13 @@ -#include "common/secret/sds_api.h" +#include "source/common/secret/sds_api.h" #include "envoy/api/v2/auth/cert.pb.h" #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/config/api_version.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/config/api_version.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Secret { diff --git a/source/common/secret/sds_api.h b/source/common/secret/sds_api.h index 74edb0fb857d..a29cfdace2cc 100644 --- a/source/common/secret/sds_api.h +++ b/source/common/secret/sds_api.h @@ -19,14 +19,14 @@ #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/callback_impl.h" -#include "common/common/cleanup.h" -#include "common/config/subscription_base.h" -#include "common/config/utility.h" -#include "common/config/watched_directory.h" -#include "common/init/target_impl.h" -#include "common/ssl/certificate_validation_context_config_impl.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/cleanup.h" +#include "source/common/config/subscription_base.h" +#include "source/common/config/utility.h" +#include "source/common/config/watched_directory.h" +#include "source/common/init/target_impl.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { diff --git a/source/common/secret/secret_manager_impl.cc b/source/common/secret/secret_manager_impl.cc index f99a1205caa0..0d583128c6c4 100644 --- a/source/common/secret/secret_manager_impl.cc +++ b/source/common/secret/secret_manager_impl.cc @@ -1,4 +1,4 @@ -#include "common/secret/secret_manager_impl.h" +#include "source/common/secret/secret_manager_impl.h" #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/common/exception.h" @@ -6,14 +6,14 @@ #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/config/version_converter.h" -#include "common/protobuf/utility.h" -#include "common/secret/sds_api.h" -#include "common/secret/secret_provider_impl.h" -#include "common/ssl/certificate_validation_context_config_impl.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/utility.h" +#include "source/common/secret/sds_api.h" +#include "source/common/secret/secret_provider_impl.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { diff --git a/source/common/secret/secret_manager_impl.h b/source/common/secret/secret_manager_impl.h index a3045a87b4da..66ca9e443581 100644 --- a/source/common/secret/secret_manager_impl.h +++ b/source/common/secret/secret_manager_impl.h @@ -8,8 +8,8 @@ #include "envoy/ssl/certificate_validation_context_config.h" #include "envoy/ssl/tls_certificate_config.h" -#include "common/common/logger.h" -#include "common/secret/sds_api.h" +#include "source/common/common/logger.h" +#include "source/common/secret/sds_api.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/secret/secret_provider_impl.cc b/source/common/secret/secret_provider_impl.cc index 0513c2180a41..6aed80d0107c 100644 --- a/source/common/secret/secret_provider_impl.cc +++ b/source/common/secret/secret_provider_impl.cc @@ -1,10 +1,10 @@ -#include "common/secret/secret_provider_impl.h" +#include "source/common/secret/secret_provider_impl.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/common/assert.h" -#include "common/ssl/certificate_validation_context_config_impl.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Secret { diff --git a/source/common/shared_pool/BUILD b/source/common/shared_pool/BUILD index 1d55c9ec99a0..9ed361337a47 100644 --- a/source/common/shared_pool/BUILD +++ b/source/common/shared_pool/BUILD @@ -14,8 +14,8 @@ envoy_cc_library( "shared_pool.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/singleton:instance_interface", + "//envoy/event:dispatcher_interface", + "//envoy/singleton:instance_interface", "//source/common/common:assert_lib", "//source/common/common:non_copyable", "//source/common/common:thread_synchronizer_lib", diff --git a/source/common/shared_pool/shared_pool.h b/source/common/shared_pool/shared_pool.h index d7119d17140f..2e1f2309507a 100644 --- a/source/common/shared_pool/shared_pool.h +++ b/source/common/shared_pool/shared_pool.h @@ -8,9 +8,9 @@ #include "envoy/event/dispatcher.h" #include "envoy/singleton/instance.h" -#include "common/common/assert.h" -#include "common/common/non_copyable.h" -#include "common/common/thread_synchronizer.h" +#include "source/common/common/assert.h" +#include "source/common/common/non_copyable.h" +#include "source/common/common/thread_synchronizer.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/signal/BUILD b/source/common/signal/BUILD index 893f2fa78454..9c825d1d9928 100644 --- a/source/common/signal/BUILD +++ b/source/common/signal/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( hdrs = ["fatal_error_handler.h"], deps = [ ":fatal_action_lib", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/common:macros", ], ) @@ -37,7 +37,7 @@ envoy_cc_library( name = "fatal_action_lib", hdrs = ["fatal_action.h"], deps = [ - "//include/envoy/server:fatal_action_interface", - "//include/envoy/thread:thread_interface", + "//envoy/server:fatal_action_interface", + "//envoy/thread:thread_interface", ], ) diff --git a/source/common/signal/fatal_error_handler.cc b/source/common/signal/fatal_error_handler.cc index 627c352415b1..baf1ea267b57 100644 --- a/source/common/signal/fatal_error_handler.cc +++ b/source/common/signal/fatal_error_handler.cc @@ -1,13 +1,13 @@ -#include "common/signal/fatal_error_handler.h" +#include "source/common/signal/fatal_error_handler.h" #include #include #include "envoy/event/dispatcher.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/signal/fatal_action.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/signal/fatal_action.h" #include "absl/base/attributes.h" #include "absl/synchronization/mutex.h" diff --git a/source/common/signal/fatal_error_handler.h b/source/common/signal/fatal_error_handler.h index d7d25013432d..afcb152f9d63 100644 --- a/source/common/signal/fatal_error_handler.h +++ b/source/common/signal/fatal_error_handler.h @@ -4,7 +4,7 @@ #include "envoy/common/pure.h" -#include "common/signal/fatal_action.h" +#include "source/common/signal/fatal_action.h" namespace Envoy { diff --git a/source/common/signal/signal_action.cc b/source/common/signal/signal_action.cc index dea90f1cc1f4..aec06302ef8f 100644 --- a/source/common/signal/signal_action.cc +++ b/source/common/signal/signal_action.cc @@ -1,12 +1,12 @@ -#include "common/signal/signal_action.h" +#include "source/common/signal/signal_action.h" #include #include -#include "common/common/assert.h" -#include "common/signal/fatal_action.h" -#include "common/version/version.h" +#include "source/common/common/assert.h" +#include "source/common/signal/fatal_action.h" +#include "source/common/version/version.h" namespace Envoy { diff --git a/source/common/signal/signal_action.h b/source/common/signal/signal_action.h index ffabf9cc3cde..79bc2ab30c76 100644 --- a/source/common/signal/signal_action.h +++ b/source/common/signal/signal_action.h @@ -6,10 +6,9 @@ #include #include -#include "common/common/non_copyable.h" -#include "common/signal/fatal_error_handler.h" - -#include "server/backtrace.h" +#include "source/common/common/non_copyable.h" +#include "source/common/signal/fatal_error_handler.h" +#include "source/server/backtrace.h" namespace Envoy { diff --git a/source/common/singleton/BUILD b/source/common/singleton/BUILD index 06d67beae1b5..728c2ed78213 100644 --- a/source/common/singleton/BUILD +++ b/source/common/singleton/BUILD @@ -18,8 +18,8 @@ envoy_cc_library( srcs = ["manager_impl.cc"], hdrs = ["manager_impl.h"], deps = [ - "//include/envoy/registry", - "//include/envoy/singleton:manager_interface", + "//envoy/registry", + "//envoy/singleton:manager_interface", "//source/common/common:assert_lib", "//source/common/common:non_copyable", "//source/common/common:thread_lib", diff --git a/source/common/singleton/manager_impl.cc b/source/common/singleton/manager_impl.cc index e90d3b000c63..cca7ac2bc6b8 100644 --- a/source/common/singleton/manager_impl.cc +++ b/source/common/singleton/manager_impl.cc @@ -1,9 +1,9 @@ -#include "common/singleton/manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" namespace Envoy { namespace Singleton { diff --git a/source/common/singleton/manager_impl.h b/source/common/singleton/manager_impl.h index e6eb8cb9af97..32de2d112750 100644 --- a/source/common/singleton/manager_impl.h +++ b/source/common/singleton/manager_impl.h @@ -3,7 +3,7 @@ #include "envoy/singleton/manager.h" #include "envoy/thread/thread.h" -#include "common/common/non_copyable.h" +#include "source/common/common/non_copyable.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/singleton/threadsafe_singleton.h b/source/common/singleton/threadsafe_singleton.h index 5b55dc0af517..f88ae9ed161a 100644 --- a/source/common/singleton/threadsafe_singleton.h +++ b/source/common/singleton/threadsafe_singleton.h @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/base/call_once.h" @@ -67,14 +67,14 @@ template class InjectableSingleton { static void clear() { loader_ = nullptr; } protected: - static T* loader_; + static std::atomic loader_; }; -template T* InjectableSingleton::loader_ = nullptr; +template std::atomic InjectableSingleton::loader_ = nullptr; template class ScopedInjectableLoader { public: - ScopedInjectableLoader(std::unique_ptr&& instance) { + explicit ScopedInjectableLoader(std::unique_ptr&& instance) { instance_ = std::move(instance); InjectableSingleton::initialize(instance_.get()); } @@ -84,4 +84,24 @@ template class ScopedInjectableLoader { std::unique_ptr instance_; }; +// This class saves the singleton object and restore the original singleton at destroy. This class +// is not thread safe. It can be used in single thread test. +template +class StackedScopedInjectableLoader : + // To access the protected loader_. + protected InjectableSingleton { +public: + explicit StackedScopedInjectableLoader(std::unique_ptr&& instance) { + original_loader_ = InjectableSingleton::getExisting(); + InjectableSingleton::clear(); + instance_ = std::move(instance); + InjectableSingleton::initialize(instance_.get()); + } + ~StackedScopedInjectableLoader() { InjectableSingleton::loader_ = original_loader_; } + +private: + std::unique_ptr instance_; + T* original_loader_; +}; + } // namespace Envoy diff --git a/source/common/ssl/BUILD b/source/common/ssl/BUILD index c02d221dd528..714c426b930f 100644 --- a/source/common/ssl/BUILD +++ b/source/common/ssl/BUILD @@ -13,9 +13,9 @@ envoy_cc_library( srcs = ["tls_certificate_config_impl.cc"], hdrs = ["tls_certificate_config_impl.h"], deps = [ - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:tls_certificate_config_interface", - "//include/envoy/ssl/private_key:private_key_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:tls_certificate_config_interface", + "//envoy/ssl/private_key:private_key_interface", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", @@ -28,8 +28,8 @@ envoy_cc_library( hdrs = ["certificate_validation_context_config_impl.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/ssl:certificate_validation_context_config_interface", + "//envoy/api:api_interface", + "//envoy/ssl:certificate_validation_context_config_interface", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", diff --git a/source/common/ssl/certificate_validation_context_config_impl.cc b/source/common/ssl/certificate_validation_context_config_impl.cc index 8198290b6ab8..40dc20f6ef3a 100644 --- a/source/common/ssl/certificate_validation_context_config_impl.cc +++ b/source/common/ssl/certificate_validation_context_config_impl.cc @@ -1,11 +1,11 @@ -#include "common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/config/datasource.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/config/datasource.h" namespace Envoy { namespace Ssl { @@ -22,9 +22,6 @@ CertificateValidationContextConfigImpl::CertificateValidationContextConfigImpl( certificate_revocation_list_path_( Config::DataSource::getPath(config.crl()) .value_or(certificate_revocation_list_.empty() ? EMPTY_STRING : INLINE_STRING)), - verify_subject_alt_name_list_( - config.hidden_envoy_deprecated_verify_subject_alt_name().begin(), - config.hidden_envoy_deprecated_verify_subject_alt_name().end()), subject_alt_name_matchers_(config.match_subject_alt_names().begin(), config.match_subject_alt_names().end()), verify_certificate_hash_list_(config.verify_certificate_hash().begin(), @@ -44,7 +41,7 @@ CertificateValidationContextConfigImpl::CertificateValidationContextConfigImpl( throw EnvoyException(fmt::format("Failed to load CRL from {} without trusted CA", certificateRevocationListPath())); } - if (!subject_alt_name_matchers_.empty() || !verify_subject_alt_name_list_.empty()) { + if (!subject_alt_name_matchers_.empty()) { throw EnvoyException("SAN-based verification of peer certificates without " "trusted CA is insecure and not allowed"); } diff --git a/source/common/ssl/certificate_validation_context_config_impl.h b/source/common/ssl/certificate_validation_context_config_impl.h index 56765baa7434..7cf045a35184 100644 --- a/source/common/ssl/certificate_validation_context_config_impl.h +++ b/source/common/ssl/certificate_validation_context_config_impl.h @@ -24,9 +24,6 @@ class CertificateValidationContextConfigImpl : public CertificateValidationConte const std::string& certificateRevocationListPath() const final { return certificate_revocation_list_path_; } - const std::vector& verifySubjectAltNameList() const override { - return verify_subject_alt_name_list_; - } const std::vector& subjectAltNameMatchers() const override { return subject_alt_name_matchers_; @@ -56,7 +53,6 @@ class CertificateValidationContextConfigImpl : public CertificateValidationConte const std::string ca_cert_path_; const std::string certificate_revocation_list_; const std::string certificate_revocation_list_path_; - const std::vector verify_subject_alt_name_list_; const std::vector subject_alt_name_matchers_; const std::vector verify_certificate_hash_list_; const std::vector verify_certificate_spki_list_; diff --git a/source/common/ssl/tls_certificate_config_impl.cc b/source/common/ssl/tls_certificate_config_impl.cc index 7a4d4f64ed2a..1c5073d1ff1e 100644 --- a/source/common/ssl/tls_certificate_config_impl.cc +++ b/source/common/ssl/tls_certificate_config_impl.cc @@ -1,12 +1,12 @@ -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" #include "envoy/common/exception.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/server/transport_socket_config.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/config/datasource.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/config/datasource.h" namespace Envoy { namespace Ssl { diff --git a/source/common/stats/BUILD b/source/common/stats/BUILD index 4e1d1dc29e69..8391ecfd2c4d 100644 --- a/source/common/stats/BUILD +++ b/source/common/stats/BUILD @@ -54,7 +54,7 @@ envoy_cc_library( ":stats_lib", ":store_impl_lib", ":tag_utility_lib", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/stats:allocator_lib", ], ) @@ -65,7 +65,7 @@ envoy_cc_library( hdrs = ["metric_impl.h"], deps = [ ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", ], ) @@ -76,8 +76,8 @@ envoy_cc_library( hdrs = ["tag_utility.h"], deps = [ ":symbol_table_lib", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:symbol_table_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:symbol_table_interface", ], ) @@ -87,7 +87,7 @@ envoy_cc_library( deps = [ ":metric_impl_lib", ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) @@ -97,7 +97,7 @@ envoy_cc_library( deps = [ ":metric_impl_lib", ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) @@ -107,7 +107,7 @@ envoy_cc_library( deps = [ ":metric_impl_lib", ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) @@ -125,7 +125,7 @@ envoy_cc_library( hdrs = ["store_impl.h"], deps = [ ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) @@ -136,7 +136,7 @@ envoy_cc_library( deps = [ ":symbol_table_lib", ":utility_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) @@ -146,7 +146,7 @@ envoy_cc_library( hdrs = ["stat_merger.h"], deps = [ ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/protobuf", ], ) @@ -159,9 +159,9 @@ envoy_cc_library( ":symbol_table_lib", ":tag_extractor_lib", ":utility_lib", - "//include/envoy/common:time_interface", - "//include/envoy/server:options_interface", - "//include/envoy/stats:stats_interface", + "//envoy/common:time_interface", + "//envoy/server:options_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "//source/common/common:non_copyable", @@ -180,7 +180,7 @@ envoy_cc_library( external_deps = ["abseil_base"], deps = [ ":recent_lookups_lib", - "//include/envoy/stats:symbol_table_interface", + "//envoy/stats:symbol_table_interface", "//source/common/common:assert_lib", "//source/common/common:mem_block_builder_lib", "//source/common/common:minimal_logger_lib", @@ -194,7 +194,7 @@ envoy_cc_library( srcs = ["tag_extractor_impl.cc"], hdrs = ["tag_extractor_impl.h"], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:perf_annotation_lib", "//source/common/common:regex_lib", @@ -210,7 +210,7 @@ envoy_cc_library( ":symbol_table_lib", ":tag_extractor_lib", ":utility_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/common:perf_annotation_lib", "//source/common/config:well_known_names", "//source/common/protobuf", @@ -223,7 +223,7 @@ envoy_cc_library( srcs = ["stats_matcher_impl.cc"], hdrs = ["stats_matcher_impl.h"], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/common:matchers_lib", "//source/common/protobuf", "@envoy_api//envoy/config/metrics/v3:pkg_cc_proto", @@ -245,7 +245,7 @@ envoy_cc_library( ":stats_matcher_lib", ":tag_producer_lib", ":tag_utility_lib", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/thread_local:thread_local_interface", ], ) @@ -254,9 +254,9 @@ envoy_cc_library( srcs = ["timespan_impl.cc"], hdrs = ["timespan_impl.h"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/common:time_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", "//source/common/common:assert_lib", ], ) @@ -267,6 +267,6 @@ envoy_cc_library( hdrs = ["utility.h"], deps = [ ":symbol_table_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", ], ) diff --git a/source/common/stats/allocator_impl.cc b/source/common/stats/allocator_impl.cc index 63e3159a842e..3c64b6ba4951 100644 --- a/source/common/stats/allocator_impl.cc +++ b/source/common/stats/allocator_impl.cc @@ -1,19 +1,19 @@ -#include "common/stats/allocator_impl.h" +#include "source/common/stats/allocator_impl.h" #include #include "envoy/stats/stats.h" #include "envoy/stats/symbol_table.h" -#include "common/common/hash.h" -#include "common/common/lock_guard.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/common/thread_annotations.h" -#include "common/common/utility.h" -#include "common/stats/metric_impl.h" -#include "common/stats/stat_merger.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/hash.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/common/thread_annotations.h" +#include "source/common/common/utility.h" +#include "source/common/stats/metric_impl.h" +#include "source/common/stats/stat_merger.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/stats/allocator_impl.h b/source/common/stats/allocator_impl.h index 469484866f18..db656e2e4013 100644 --- a/source/common/stats/allocator_impl.h +++ b/source/common/stats/allocator_impl.h @@ -6,8 +6,8 @@ #include "envoy/stats/stats.h" #include "envoy/stats/symbol_table.h" -#include "common/common/thread_synchronizer.h" -#include "common/stats/metric_impl.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/common/stats/metric_impl.h" #include "absl/container/flat_hash_set.h" #include "absl/strings/string_view.h" diff --git a/source/common/stats/histogram_impl.cc b/source/common/stats/histogram_impl.cc index a2b866dc112d..cac590339318 100644 --- a/source/common/stats/histogram_impl.cc +++ b/source/common/stats/histogram_impl.cc @@ -1,9 +1,9 @@ -#include "common/stats/histogram_impl.h" +#include "source/common/stats/histogram_impl.h" #include #include -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "absl/strings/str_join.h" diff --git a/source/common/stats/histogram_impl.h b/source/common/stats/histogram_impl.h index 67c2d7d17066..4090434f46ed 100644 --- a/source/common/stats/histogram_impl.h +++ b/source/common/stats/histogram_impl.h @@ -8,9 +8,9 @@ #include "envoy/stats/stats.h" #include "envoy/stats/store.h" -#include "common/common/matchers.h" -#include "common/common/non_copyable.h" -#include "common/stats/metric_impl.h" +#include "source/common/common/matchers.h" +#include "source/common/common/non_copyable.h" +#include "source/common/stats/metric_impl.h" #include "circllhist.h" diff --git a/source/common/stats/isolated_store_impl.cc b/source/common/stats/isolated_store_impl.cc index ab419e6ecae1..47cf0b3fc5c0 100644 --- a/source/common/stats/isolated_store_impl.cc +++ b/source/common/stats/isolated_store_impl.cc @@ -1,13 +1,13 @@ -#include "common/stats/isolated_store_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include #include #include -#include "common/common/utility.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/scope_prefixer.h" -#include "common/stats/utility.h" +#include "source/common/common/utility.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/scope_prefixer.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/isolated_store_impl.h b/source/common/stats/isolated_store_impl.h index 669f115d623a..f0f924ebda54 100644 --- a/source/common/stats/isolated_store_impl.h +++ b/source/common/stats/isolated_store_impl.h @@ -7,14 +7,14 @@ #include "envoy/stats/stats.h" #include "envoy/stats/store.h" -#include "common/common/utility.h" -#include "common/stats/allocator_impl.h" -#include "common/stats/null_counter.h" -#include "common/stats/null_gauge.h" -#include "common/stats/store_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/tag_utility.h" -#include "common/stats/utility.h" +#include "source/common/common/utility.h" +#include "source/common/stats/allocator_impl.h" +#include "source/common/stats/null_counter.h" +#include "source/common/stats/null_gauge.h" +#include "source/common/stats/store_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/tag_utility.h" +#include "source/common/stats/utility.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/stats/metric_impl.cc b/source/common/stats/metric_impl.cc index 12801e90fafe..7a43ce886e3e 100644 --- a/source/common/stats/metric_impl.cc +++ b/source/common/stats/metric_impl.cc @@ -1,8 +1,8 @@ -#include "common/stats/metric_impl.h" +#include "source/common/stats/metric_impl.h" #include "envoy/stats/tag.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/metric_impl.h b/source/common/stats/metric_impl.h index 52b577230fd3..e188f1abe794 100644 --- a/source/common/stats/metric_impl.h +++ b/source/common/stats/metric_impl.h @@ -7,8 +7,8 @@ #include "envoy/stats/stats.h" #include "envoy/stats/tag.h" -#include "common/common/assert.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/assert.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/null_counter.h b/source/common/stats/null_counter.h index 61e86d16b644..074349125a3f 100644 --- a/source/common/stats/null_counter.h +++ b/source/common/stats/null_counter.h @@ -2,7 +2,7 @@ #include "envoy/stats/stats.h" -#include "common/stats/metric_impl.h" +#include "source/common/stats/metric_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/null_gauge.h b/source/common/stats/null_gauge.h index bbd8b2e50735..2c12f923aeda 100644 --- a/source/common/stats/null_gauge.h +++ b/source/common/stats/null_gauge.h @@ -2,7 +2,7 @@ #include "envoy/stats/stats.h" -#include "common/stats/metric_impl.h" +#include "source/common/stats/metric_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/null_text_readout.h b/source/common/stats/null_text_readout.h index da6c0976abf7..4cb01d74c9a8 100644 --- a/source/common/stats/null_text_readout.h +++ b/source/common/stats/null_text_readout.h @@ -2,7 +2,7 @@ #include "envoy/stats/stats.h" -#include "common/stats/metric_impl.h" +#include "source/common/stats/metric_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/recent_lookups.cc b/source/common/stats/recent_lookups.cc index 994441cccb02..243208b88ba9 100644 --- a/source/common/stats/recent_lookups.cc +++ b/source/common/stats/recent_lookups.cc @@ -1,6 +1,6 @@ -#include "common/stats/recent_lookups.h" +#include "source/common/stats/recent_lookups.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/scope_prefixer.cc b/source/common/stats/scope_prefixer.cc index 0bdfe9935466..cbe4c3b1c45e 100644 --- a/source/common/stats/scope_prefixer.cc +++ b/source/common/stats/scope_prefixer.cc @@ -1,9 +1,9 @@ -#include "common/stats/scope_prefixer.h" +#include "source/common/stats/scope_prefixer.h" #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/scope_prefixer.h b/source/common/stats/scope_prefixer.h index 5f64c0814965..4e1301d356e1 100644 --- a/source/common/stats/scope_prefixer.h +++ b/source/common/stats/scope_prefixer.h @@ -2,7 +2,7 @@ #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/stat_merger.cc b/source/common/stats/stat_merger.cc index 870866a2615e..8b772483d8cb 100644 --- a/source/common/stats/stat_merger.cc +++ b/source/common/stats/stat_merger.cc @@ -1,4 +1,4 @@ -#include "common/stats/stat_merger.h" +#include "source/common/stats/stat_merger.h" #include diff --git a/source/common/stats/stat_merger.h b/source/common/stats/stat_merger.h index 6dbf01d25aa3..3a9fb6c3093f 100644 --- a/source/common/stats/stat_merger.h +++ b/source/common/stats/stat_merger.h @@ -2,8 +2,8 @@ #include "envoy/stats/store.h" -#include "common/protobuf/protobuf.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/stats/stats_matcher_impl.cc b/source/common/stats/stats_matcher_impl.cc index 3a5793bb651e..01b0049771f0 100644 --- a/source/common/stats/stats_matcher_impl.cc +++ b/source/common/stats/stats_matcher_impl.cc @@ -1,11 +1,11 @@ -#include "common/stats/stats_matcher_impl.h" +#include "source/common/stats/stats_matcher_impl.h" #include #include #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/stats_matcher_impl.h b/source/common/stats/stats_matcher_impl.h index a47b2a7b9f25..de8ece9a02da 100644 --- a/source/common/stats/stats_matcher_impl.h +++ b/source/common/stats/stats_matcher_impl.h @@ -5,8 +5,8 @@ #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/stats/stats_matcher.h" -#include "common/common/matchers.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/matchers.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/string_view.h" diff --git a/source/common/stats/store_impl.h b/source/common/stats/store_impl.h index e4a83f751437..e4de8fe918b2 100644 --- a/source/common/stats/store_impl.h +++ b/source/common/stats/store_impl.h @@ -3,7 +3,7 @@ #include "envoy/stats/stats.h" #include "envoy/stats/store.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/symbol_table_impl.cc b/source/common/stats/symbol_table_impl.cc index 22529eadab7e..a60fa31d9b42 100644 --- a/source/common/stats/symbol_table_impl.cc +++ b/source/common/stats/symbol_table_impl.cc @@ -1,13 +1,13 @@ -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include #include #include #include -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" #include "absl/strings/str_cat.h" diff --git a/source/common/stats/symbol_table_impl.h b/source/common/stats/symbol_table_impl.h index 96db24124a6b..cee896e649fa 100644 --- a/source/common/stats/symbol_table_impl.h +++ b/source/common/stats/symbol_table_impl.h @@ -10,14 +10,14 @@ #include "envoy/common/exception.h" #include "envoy/stats/symbol_table.h" -#include "common/common/assert.h" -#include "common/common/hash.h" -#include "common/common/lock_guard.h" -#include "common/common/mem_block_builder.h" -#include "common/common/non_copyable.h" -#include "common/common/thread.h" -#include "common/common/utility.h" -#include "common/stats/recent_lookups.h" +#include "source/common/common/assert.h" +#include "source/common/common/hash.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/mem_block_builder.h" +#include "source/common/common/non_copyable.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/stats/recent_lookups.h" #include "absl/container/fixed_array.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/stats/tag_extractor_impl.cc b/source/common/stats/tag_extractor_impl.cc index 337de441f456..752bcf73af61 100644 --- a/source/common/stats/tag_extractor_impl.cc +++ b/source/common/stats/tag_extractor_impl.cc @@ -1,14 +1,14 @@ -#include "common/stats/tag_extractor_impl.h" +#include "source/common/stats/tag_extractor_impl.h" #include #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/perf_annotation.h" -#include "common/common/regex.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/perf_annotation.h" +#include "source/common/common/regex.h" #include "absl/strings/ascii.h" #include "absl/strings/match.h" @@ -136,7 +136,7 @@ bool TagExtractorStdRegexImpl::extractTag(TagExtractionContext& context, std::ve TagExtractorRe2Impl::TagExtractorRe2Impl(absl::string_view name, absl::string_view regex, absl::string_view substr) - : TagExtractorImplBase(name, regex, substr), regex_(regex) {} + : TagExtractorImplBase(name, regex, substr), regex_(std::string(regex)) {} bool TagExtractorRe2Impl::extractTag(TagExtractionContext& context, std::vector& tags, IntervalSet& remove_characters) const { @@ -186,7 +186,7 @@ TagExtractorTokensImpl::TagExtractorTokensImpl(absl::string_view name, absl::str if (!tokens_.empty()) { const absl::string_view first = tokens_[0]; if (first != "$" && first != "*" && first != "**") { - prefix_ = first; + prefix_ = std::string(first); } } } @@ -236,7 +236,7 @@ bool TagExtractorTokensImpl::extractTag(TagExtractionContext& context, std::vect } else if (start > 0) { --start; // Remove the dot prior to the lat token, e.g. ".ef" } - addTag(tags) = tag_value; + addTag(tags) = std::string(tag_value); remove_characters.insert(start, end); PERF_RECORD(perf, "tokens-match", name_); diff --git a/source/common/stats/tag_extractor_impl.h b/source/common/stats/tag_extractor_impl.h index a6ea3d7bb779..2da63cd173f6 100644 --- a/source/common/stats/tag_extractor_impl.h +++ b/source/common/stats/tag_extractor_impl.h @@ -10,7 +10,7 @@ #include "envoy/stats/tag_extractor.h" -#include "common/common/regex.h" +#include "source/common/common/regex.h" #include "absl/strings/string_view.h" #include "re2/re2.h" diff --git a/source/common/stats/tag_producer_impl.cc b/source/common/stats/tag_producer_impl.cc index 81843def060f..85384e7eb2ec 100644 --- a/source/common/stats/tag_producer_impl.cc +++ b/source/common/stats/tag_producer_impl.cc @@ -1,12 +1,12 @@ -#include "common/stats/tag_producer_impl.h" +#include "source/common/stats/tag_producer_impl.h" #include #include "envoy/common/exception.h" #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/common/utility.h" -#include "common/stats/tag_extractor_impl.h" +#include "source/common/common/utility.h" +#include "source/common/stats/tag_extractor_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/tag_producer_impl.h b/source/common/stats/tag_producer_impl.h index 093d4021389b..ff5dc3d34fb1 100644 --- a/source/common/stats/tag_producer_impl.h +++ b/source/common/stats/tag_producer_impl.h @@ -10,10 +10,10 @@ #include "envoy/stats/tag_extractor.h" #include "envoy/stats/tag_producer.h" -#include "common/common/hash.h" -#include "common/common/utility.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/hash.h" +#include "source/common/common/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_set.h" diff --git a/source/common/stats/tag_utility.cc b/source/common/stats/tag_utility.cc index 7710277fd5ba..b73ff3d81fe2 100644 --- a/source/common/stats/tag_utility.cc +++ b/source/common/stats/tag_utility.cc @@ -1,6 +1,6 @@ -#include "common/stats/tag_utility.h" +#include "source/common/stats/tag_utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/tag_utility.h b/source/common/stats/tag_utility.h index 0aeacbaf53ae..b3e56e7737b3 100644 --- a/source/common/stats/tag_utility.h +++ b/source/common/stats/tag_utility.h @@ -3,7 +3,7 @@ #include "envoy/stats/symbol_table.h" #include "envoy/stats/tag.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/thread_local_store.cc b/source/common/stats/thread_local_store.cc index 46aed025cc23..de7b0c061a19 100644 --- a/source/common/stats/thread_local_store.cc +++ b/source/common/stats/thread_local_store.cc @@ -1,4 +1,4 @@ -#include "common/stats/thread_local_store.h" +#include "source/common/stats/thread_local_store.h" #include #include @@ -11,11 +11,11 @@ #include "envoy/stats/sink.h" #include "envoy/stats/stats.h" -#include "common/common/lock_guard.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/stats_matcher_impl.h" -#include "common/stats/tag_producer_impl.h" -#include "common/stats/tag_utility.h" +#include "source/common/common/lock_guard.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/stats_matcher_impl.h" +#include "source/common/stats/tag_producer_impl.h" +#include "source/common/stats/tag_utility.h" #include "absl/strings/str_join.h" @@ -43,6 +43,9 @@ ThreadLocalStoreImpl::~ThreadLocalStoreImpl() { ASSERT(shutting_down_ || !threading_ever_initialized_); default_scope_.reset(); ASSERT(scopes_.empty()); + ASSERT(scopes_to_cleanup_.empty()); + ASSERT(central_cache_entries_to_cleanup_.empty()); + ASSERT(histograms_to_cleanup_.empty()); } void ThreadLocalStoreImpl::setHistogramSettings(HistogramSettingsConstPtr&& histogram_settings) { @@ -194,11 +197,23 @@ void ThreadLocalStoreImpl::initializeThreading(Event::Dispatcher& main_thread_di tls_cache_ = ThreadLocal::TypedSlot::makeUnique(tls); tls_cache_->set( [](Event::Dispatcher&) -> std::shared_ptr { return std::make_shared(); }); + tls_ = tls; } void ThreadLocalStoreImpl::shutdownThreading() { // This will block both future cache fills as well as cache flushes. shutting_down_ = true; + ASSERT(!tls_.has_value() || tls_->isShutdown()); + + // We can't call runOnAllThreads here as global threading has already been shutdown. It is okay + // to simply clear the scopes and central cache entries here as they will be cleaned up during + // thread local data cleanup in InstanceImpl::shutdownThread(). + { + Thread::LockGuard lock(lock_); + scopes_to_cleanup_.clear(); + central_cache_entries_to_cleanup_.clear(); + } + Thread::LockGuard lock(hist_mutex_); for (ParentHistogramImpl* histogram : histogram_set_) { histogram->setShuttingDown(true); @@ -261,22 +276,29 @@ void ThreadLocalStoreImpl::releaseScopeCrossThread(ScopeImpl* scope) { // // Since this is called from ScopeImpl's destructor, we must bump the // ref-count of the central-cache by copying to a local scoped pointer, and - // keep that reference alive until all the TLS caches are clear. - CentralCacheEntrySharedPtr central_cache = scope->central_cache_; + // keep that reference alive until all the TLS caches are clear. This is done by keeping a + // separate vector of shared_ptrs which will be destructed once all threads have completed. // This can happen from any thread. We post() back to the main thread which will initiate the // cache flush operation. if (!shutting_down_ && main_thread_dispatcher_) { - const uint64_t scope_id = scope->scope_id_; + // Clear scopes in a batch. It's possible that many different scopes will be deleted at + // the same time, before the main thread gets a chance to run cleanScopesFromCaches. If a new + // scope is deleted before that post runs, we add it to our list of scopes to clear, and there + // is no need to issue another post. This greatly reduces the overhead when there are tens of + // thousands of scopes to clear in a short period. i.e.: VHDS updates with tens of thousands of + // VirtualHosts. + bool need_post = scopes_to_cleanup_.empty(); + scopes_to_cleanup_.push_back(scope->scope_id_); + central_cache_entries_to_cleanup_.push_back(scope->central_cache_); lock.release(); - // TODO(jmarantz): consider batching all the scope IDs that should be - // cleared from TLS caches to reduce bursts of runOnAllThreads on a large - // config update. See the pattern below used for histograms. - main_thread_dispatcher_->post([this, central_cache, scope_id]() { - sync_.syncPoint(MainDispatcherCleanupSync); - clearScopeFromCaches(scope_id, central_cache); - }); + if (need_post) { + main_thread_dispatcher_->post([this]() { + sync_.syncPoint(MainDispatcherCleanupSync); + clearScopesFromCaches(); + }); + } } } @@ -284,8 +306,20 @@ void ThreadLocalStoreImpl::releaseHistogramCrossThread(uint64_t histogram_id) { // This can happen from any thread. We post() back to the main thread which will initiate the // cache flush operation. if (!shutting_down_ && main_thread_dispatcher_) { - main_thread_dispatcher_->post( - [this, histogram_id]() { clearHistogramFromCaches(histogram_id); }); + // It's possible that many different histograms will be deleted at the same + // time, before the main thread gets a chance to run + // clearHistogramsFromCaches. If a new histogram is deleted before that + // post runs, we add it to our list of histograms to clear, and there's no + // need to issue another post. + bool need_post = false; + { + Thread::LockGuard lock(hist_mutex_); + need_post = histograms_to_cleanup_.empty(); + histograms_to_cleanup_.push_back(histogram_id); + } + if (need_post) { + main_thread_dispatcher_->post([this]() { clearHistogramsFromCaches(); }); + } } } @@ -294,39 +328,62 @@ ThreadLocalStoreImpl::TlsCache::insertScope(uint64_t scope_id) { return scope_cache_[scope_id]; } -void ThreadLocalStoreImpl::TlsCache::eraseScope(uint64_t scope_id) { scope_cache_.erase(scope_id); } -void ThreadLocalStoreImpl::TlsCache::eraseHistogram(uint64_t histogram_id) { +void ThreadLocalStoreImpl::TlsCache::eraseScopes(const std::vector& scope_ids) { + for (uint64_t scope_id : scope_ids) { + scope_cache_.erase(scope_id); + } +} + +void ThreadLocalStoreImpl::TlsCache::eraseHistograms(const std::vector& histograms) { // This is called for every histogram in every thread, even though the // histogram may not have been cached in each thread yet. So we don't // want to check whether the erase() call erased anything. - tls_histogram_cache_.erase(histogram_id); + for (uint64_t histogram_id : histograms) { + tls_histogram_cache_.erase(histogram_id); + } } -void ThreadLocalStoreImpl::clearScopeFromCaches(uint64_t scope_id, - CentralCacheEntrySharedPtr central_cache) { +void ThreadLocalStoreImpl::clearScopesFromCaches() { // If we are shutting down we no longer perform cache flushes as workers may be shutting down // at the same time. if (!shutting_down_) { // Perform a cache flush on all threads. + + // Capture all the pending scope ids in a local, clearing the list held in + // this. Once this occurs, if a new scope is deleted, a new post will be + // required. + auto scope_ids = std::make_shared>(); + // Capture all the central cache entries for scopes we're deleting. These will be freed after + // all threads have completed. + auto central_caches = std::make_shared>(); + { + Thread::LockGuard lock(lock_); + *scope_ids = std::move(scopes_to_cleanup_); + scopes_to_cleanup_.clear(); + *central_caches = std::move(central_cache_entries_to_cleanup_); + central_cache_entries_to_cleanup_.clear(); + } + tls_cache_->runOnAllThreads( - [scope_id](OptRef tls_cache) { tls_cache->eraseScope(scope_id); }, - [central_cache]() { /* Holds onto central_cache until all tls caches are clear */ }); + [scope_ids](OptRef tls_cache) { tls_cache->eraseScopes(*scope_ids); }, + [central_caches]() { /* Holds onto central_caches until all tls caches are clear */ }); } } -void ThreadLocalStoreImpl::clearHistogramFromCaches(uint64_t histogram_id) { +void ThreadLocalStoreImpl::clearHistogramsFromCaches() { // If we are shutting down we no longer perform cache flushes as workers may be shutting down // at the same time. if (!shutting_down_) { - // Perform a cache flush on all threads. - // - // TODO(jmarantz): If this cross-thread posting proves to be a performance - // bottleneck, - // https://gist.github.com/jmarantz/838cb6de7e74c0970ea6b63eded0139a - // contains a patch that will implement batching together to clear multiple - // histograms. + // Move the histograms pending cleanup into a local variable. Future histogram deletions will be + // batched until the next time this function is called. + auto histograms = std::make_shared>(); + { + Thread::LockGuard lock(hist_mutex_); + histograms->swap(histograms_to_cleanup_); + } + tls_cache_->runOnAllThreads( - [histogram_id](OptRef tls_cache) { tls_cache->eraseHistogram(histogram_id); }); + [histograms](OptRef tls_cache) { tls_cache->eraseHistograms(*histograms); }); } } diff --git a/source/common/stats/thread_local_store.h b/source/common/stats/thread_local_store.h index 946a84ed874c..ecc359841bce 100644 --- a/source/common/stats/thread_local_store.h +++ b/source/common/stats/thread_local_store.h @@ -10,15 +10,15 @@ #include "envoy/stats/tag.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/hash.h" -#include "common/common/thread_synchronizer.h" -#include "common/stats/allocator_impl.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/null_counter.h" -#include "common/stats/null_gauge.h" -#include "common/stats/null_text_readout.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/common/hash.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/common/stats/allocator_impl.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/null_counter.h" +#include "source/common/stats/null_gauge.h" +#include "source/common/stats/null_text_readout.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" #include "absl/container/flat_hash_map.h" #include "absl/container/flat_hash_set.h" @@ -445,8 +445,8 @@ class ThreadLocalStoreImpl : Logger::Loggable, public StoreRo struct TlsCache : public ThreadLocal::ThreadLocalObject { TlsCacheEntry& insertScope(uint64_t scope_id); - void eraseScope(uint64_t scope_id); - void eraseHistogram(uint64_t histogram); + void eraseScopes(const std::vector& scope_ids); + void eraseHistograms(const std::vector& histograms); // The TLS scope cache is keyed by scope ID. This is used to avoid complex circular references // during scope destruction. An ID is required vs. using the address of the scope pointer @@ -472,8 +472,8 @@ class ThreadLocalStoreImpl : Logger::Loggable, public StoreRo } std::string getTagsForName(const std::string& name, TagVector& tags) const; - void clearScopeFromCaches(uint64_t scope_id, CentralCacheEntrySharedPtr central_cache); - void clearHistogramFromCaches(uint64_t histogram_id); + void clearScopesFromCaches(); + void clearHistogramsFromCaches(); void releaseScopeCrossThread(ScopeImpl* scope); void mergeInternal(PostMergeCb merge_cb); bool rejects(StatName name) const; @@ -499,6 +499,7 @@ class ThreadLocalStoreImpl : Logger::Loggable, public StoreRo std::atomic shutting_down_{}; std::atomic merge_in_progress_{}; AllocatorImpl heap_allocator_; + OptRef tls_; NullCounterImpl null_counter_; NullGaugeImpl null_gauge_; @@ -526,6 +527,19 @@ class ThreadLocalStoreImpl : Logger::Loggable, public StoreRo std::vector deleted_gauges_ ABSL_GUARDED_BY(lock_); std::vector deleted_histograms_ ABSL_GUARDED_BY(lock_); std::vector deleted_text_readouts_ ABSL_GUARDED_BY(lock_); + + // Scope IDs and central cache entries that are queued for cross-scope release. + // Because there can be a large number of scopes, all of which are released at once, + // (e.g. when a scope is deleted), it is more efficient to batch their cleanup, + // which would otherwise entail a post() per scope per thread. + std::vector scopes_to_cleanup_ ABSL_GUARDED_BY(lock_); + std::vector central_cache_entries_to_cleanup_ ABSL_GUARDED_BY(lock_); + + // Histograms IDs that are queued for cross-scope release. Because there + // can be a large number of histograms, all of which are released at once, + // (e.g. when a scope is deleted), it is likely more efficient to batch their + // cleanup, which would otherwise entail a post() per histogram per thread. + std::vector histograms_to_cleanup_ ABSL_GUARDED_BY(hist_mutex_); }; using ThreadLocalStoreImplPtr = std::unique_ptr; diff --git a/source/common/stats/timespan_impl.cc b/source/common/stats/timespan_impl.cc index 4c6317238926..33875c0656a4 100644 --- a/source/common/stats/timespan_impl.cc +++ b/source/common/stats/timespan_impl.cc @@ -1,7 +1,7 @@ -#include "common/stats/timespan_impl.h" +#include "source/common/stats/timespan_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" namespace Envoy { namespace Stats { diff --git a/source/common/stats/utility.cc b/source/common/stats/utility.cc index d6b8917f826d..a4e5574713e2 100644 --- a/source/common/stats/utility.cc +++ b/source/common/stats/utility.cc @@ -1,4 +1,4 @@ -#include "common/stats/utility.h" +#include "source/common/stats/utility.h" #include #include diff --git a/source/common/stats/utility.h b/source/common/stats/utility.h index 926aace1004d..2ef817b61c17 100644 --- a/source/common/stats/utility.h +++ b/source/common/stats/utility.h @@ -5,8 +5,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" -#include "common/common/thread.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/thread.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" diff --git a/source/common/stream_info/BUILD b/source/common/stream_info/BUILD index 9096e23a71cb..8ed41ec32710 100644 --- a/source/common/stream_info/BUILD +++ b/source/common/stream_info/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( hdrs = ["stream_info_impl.h"], deps = [ ":filter_state_lib", - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/common:assert_lib", "//source/common/common:dump_state_utils", "//source/common/network:socket_lib", @@ -27,7 +27,7 @@ envoy_cc_library( srcs = ["filter_state_impl.cc"], hdrs = ["filter_state_impl.h"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -37,8 +37,8 @@ envoy_cc_library( hdrs = ["utility.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/common:time_interface", + "//envoy/stream_info:stream_info_interface", ], ) @@ -46,6 +46,6 @@ envoy_cc_library( name = "uint32_accessor_lib", hdrs = ["uint32_accessor_impl.h"], deps = [ - "//include/envoy/stream_info:uint32_accessor_interface", + "//envoy/stream_info:uint32_accessor_interface", ], ) diff --git a/source/common/stream_info/filter_state_impl.cc b/source/common/stream_info/filter_state_impl.cc index d873587abfcf..d5a42eb75c18 100644 --- a/source/common/stream_info/filter_state_impl.cc +++ b/source/common/stream_info/filter_state_impl.cc @@ -1,4 +1,4 @@ -#include "common/stream_info/filter_state_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "envoy/common/exception.h" diff --git a/source/common/stream_info/stream_info_impl.h b/source/common/stream_info/stream_info_impl.h index 9e64932af177..633178d2c361 100644 --- a/source/common/stream_info/stream_info_impl.h +++ b/source/common/stream_info/stream_info_impl.h @@ -11,11 +11,11 @@ #include "envoy/stream_info/stream_info.h" #include "envoy/tracing/trace_reason.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/common/macros.h" -#include "common/network/socket_impl.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/macros.h" +#include "source/common/network/socket_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "absl/strings/str_replace.h" @@ -285,7 +285,7 @@ struct StreamInfoImpl : public StreamInfo { absl::optional connectionID() const override { return connection_id_; } void setFilterChainName(absl::string_view filter_chain_name) override { - filter_chain_name_ = filter_chain_name; + filter_chain_name_ = std::string(filter_chain_name); } const std::string& filterChainName() const override { return filter_chain_name_; } diff --git a/source/common/stream_info/utility.cc b/source/common/stream_info/utility.cc index e09708fc46cf..bda068767290 100644 --- a/source/common/stream_info/utility.cc +++ b/source/common/stream_info/utility.cc @@ -1,4 +1,4 @@ -#include "common/stream_info/utility.h" +#include "source/common/stream_info/utility.h" #include @@ -21,7 +21,7 @@ const std::string ResponseFlagUtils::toShortString(const StreamInfo& stream_info } absl::flat_hash_map ResponseFlagUtils::getFlagMap() { - static_assert(ResponseFlag::LastFlag == 0x1000000, + static_assert(ResponseFlag::LastFlag == 0x2000000, "A flag has been added. Add the new flag to ALL_RESPONSE_STRING_FLAGS."); absl::flat_hash_map res; for (auto [str, flag] : ResponseFlagUtils::ALL_RESPONSE_STRING_FLAGS) { diff --git a/source/common/stream_info/utility.h b/source/common/stream_info/utility.h index 9e946af38098..f6c39b8bd25a 100644 --- a/source/common/stream_info/utility.h +++ b/source/common/stream_info/utility.h @@ -44,6 +44,7 @@ class ResponseFlagUtils { constexpr static absl::string_view DURATION_TIMEOUT = "DT"; constexpr static absl::string_view UPSTREAM_PROTOCOL_ERROR = "UPE"; constexpr static absl::string_view NO_CLUSTER_FOUND = "NC"; + constexpr static absl::string_view OVERLOAD_MANAGER = "OM"; static constexpr std::array ALL_RESPONSE_STRING_FLAGS{ FlagStringAndEnum{FAILED_LOCAL_HEALTH_CHECK, ResponseFlag::FailedLocalHealthCheck}, @@ -74,6 +75,7 @@ class ResponseFlagUtils { FlagStringAndEnum{DURATION_TIMEOUT, ResponseFlag::DurationTimeout}, FlagStringAndEnum{UPSTREAM_PROTOCOL_ERROR, ResponseFlag::UpstreamProtocolError}, FlagStringAndEnum{NO_CLUSTER_FOUND, ResponseFlag::NoClusterFound}, + FlagStringAndEnum{OVERLOAD_MANAGER, ResponseFlag::OverloadManager}, }; private: diff --git a/source/common/tcp/BUILD b/source/common/tcp/BUILD index 9a4234e77bb8..82bcdfbf6a6f 100644 --- a/source/common/tcp/BUILD +++ b/source/common/tcp/BUILD @@ -20,14 +20,14 @@ envoy_cc_library( ], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:connection_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:linked_object", "//source/common/common:utility_lib", "//source/common/http:conn_pool_base_lib", diff --git a/source/common/tcp/conn_pool.cc b/source/common/tcp/conn_pool.cc index f26d82c4a4d9..dd0ae46994ff 100644 --- a/source/common/tcp/conn_pool.cc +++ b/source/common/tcp/conn_pool.cc @@ -1,4 +1,4 @@ -#include "common/tcp/conn_pool.h" +#include "source/common/tcp/conn_pool.h" #include @@ -6,8 +6,8 @@ #include "envoy/event/timer.h" #include "envoy/upstream/upstream.h" -#include "common/stats/timespan_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Tcp { diff --git a/source/common/tcp/conn_pool.h b/source/common/tcp/conn_pool.h index 9f204ad3c965..c8dea852f572 100644 --- a/source/common/tcp/conn_pool.h +++ b/source/common/tcp/conn_pool.h @@ -11,10 +11,10 @@ #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/upstream.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/http/conn_pool_base.h" -#include "common/network/filter_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/http/conn_pool_base.h" +#include "source/common/network/filter_impl.h" namespace Envoy { namespace Tcp { @@ -204,10 +204,10 @@ class ConnPoolImpl : public Envoy::ConnectionPool::ConnPoolImplBase, } void onPoolFailure(const Upstream::HostDescriptionConstSharedPtr& host_description, - absl::string_view, ConnectionPool::PoolFailureReason reason, + absl::string_view failure_reason, ConnectionPool::PoolFailureReason reason, Envoy::ConnectionPool::AttachContext& context) override { auto* callbacks = typedContext(context).callbacks_; - callbacks->onPoolFailure(reason, host_description); + callbacks->onPoolFailure(reason, failure_reason, host_description); } // These two functions exist for testing parity between old and new Tcp Connection Pools. diff --git a/source/common/tcp/original_conn_pool.cc b/source/common/tcp/original_conn_pool.cc index b34c31280f89..3820feeebf30 100644 --- a/source/common/tcp/original_conn_pool.cc +++ b/source/common/tcp/original_conn_pool.cc @@ -1,4 +1,4 @@ -#include "common/tcp/original_conn_pool.h" +#include "source/common/tcp/original_conn_pool.h" #include @@ -6,8 +6,8 @@ #include "envoy/event/timer.h" #include "envoy/upstream/upstream.h" -#include "common/stats/timespan_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Tcp { @@ -128,7 +128,7 @@ OriginalConnPoolImpl::newConnection(ConnectionPool::Callbacks& callbacks) { return pending_requests_.front().get(); } else { ENVOY_LOG(debug, "max pending requests overflow"); - callbacks.onPoolFailure(ConnectionPool::PoolFailureReason::Overflow, nullptr); + callbacks.onPoolFailure(ConnectionPool::PoolFailureReason::Overflow, "", nullptr); host_->cluster().stats().upstream_rq_pending_overflow_.inc(); return nullptr; } @@ -184,7 +184,7 @@ void OriginalConnPoolImpl::onConnectionEvent(ActiveConn& conn, Network::Connecti PendingRequestPtr request = pending_requests_to_purge.front()->removeFromList(pending_requests_to_purge); host_->cluster().stats().upstream_rq_pending_failure_eject_.inc(); - request->callbacks_.onPoolFailure(reason, conn.real_host_description_); + request->callbacks_.onPoolFailure(reason, "", conn.real_host_description_); } } diff --git a/source/common/tcp/original_conn_pool.h b/source/common/tcp/original_conn_pool.h index b10b6b0b8d41..d6b021bcf3e2 100644 --- a/source/common/tcp/original_conn_pool.h +++ b/source/common/tcp/original_conn_pool.h @@ -12,9 +12,9 @@ #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/upstream.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/network/filter_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/network/filter_impl.h" namespace Envoy { namespace Tcp { diff --git a/source/common/tcp_proxy/BUILD b/source/common/tcp_proxy/BUILD index 1e80c6506d71..bd2a496c4eef 100644 --- a/source/common/tcp_proxy/BUILD +++ b/source/common/tcp_proxy/BUILD @@ -17,10 +17,10 @@ envoy_cc_library( "upstream.h", ], deps = [ - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/tcp:upstream_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:load_balancer_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/tcp:upstream_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:load_balancer_interface", "//source/common/http:codec_client_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", @@ -39,22 +39,22 @@ envoy_cc_library( ], deps = [ ":upstream_lib", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common:time_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/router:router_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/stats:timespan_interface", - "//include/envoy/stream_info:filter_state_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/tcp:upstream_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/access_log:access_log_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common:time_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/router:router_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", + "//envoy/stats:timespan_interface", + "//envoy/stream_info:filter_state_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/tcp:upstream_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/access_log:access_log_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", diff --git a/source/common/tcp_proxy/tcp_proxy.cc b/source/common/tcp_proxy/tcp_proxy.cc index fb76f6a942c7..37f71070dd9d 100644 --- a/source/common/tcp_proxy/tcp_proxy.cc +++ b/source/common/tcp_proxy/tcp_proxy.cc @@ -1,4 +1,4 @@ -#include "common/tcp_proxy/tcp_proxy.h" +#include "source/common/tcp_proxy/tcp_proxy.h" #include #include @@ -13,22 +13,22 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/access_log/access_log_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/config/well_known_names.h" -#include "common/network/application_protocol.h" -#include "common/network/proxy_protocol_filter_state.h" -#include "common/network/socket_option_factory.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_socket_options_filter_state.h" -#include "common/router/metadatamatchcriteria_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/proxy_protocol_filter_state.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_socket_options_filter_state.h" +#include "source/common/router/metadatamatchcriteria_impl.h" namespace Envoy { namespace TcpProxy { diff --git a/source/common/tcp_proxy/tcp_proxy.h b/source/common/tcp_proxy/tcp_proxy.h index 6579995d1340..e51d3e7ffbcd 100644 --- a/source/common/tcp_proxy/tcp_proxy.h +++ b/source/common/tcp_proxy/tcp_proxy.h @@ -20,14 +20,14 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/logger.h" -#include "common/network/cidr_range.h" -#include "common/network/filter_impl.h" -#include "common/network/hash_policy.h" -#include "common/network/utility.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/tcp_proxy/upstream.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/filter_impl.h" +#include "source/common/network/hash_policy.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/tcp_proxy/upstream.h" +#include "source/common/upstream/load_balancer_impl.h" #include "absl/container/node_hash_map.h" diff --git a/source/common/tcp_proxy/upstream.cc b/source/common/tcp_proxy/upstream.cc index fc0335775afd..c20d818b3632 100644 --- a/source/common/tcp_proxy/upstream.cc +++ b/source/common/tcp_proxy/upstream.cc @@ -1,13 +1,13 @@ -#include "common/tcp_proxy/upstream.h" +#include "source/common/tcp_proxy/upstream.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/codec_client.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace TcpProxy { @@ -150,7 +150,7 @@ TcpConnPool::TcpConnPool(Upstream::ThreadLocalCluster& thread_local_cluster, Upstream::LoadBalancerContext* context, Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks) : upstream_callbacks_(upstream_callbacks) { - conn_pool_ = thread_local_cluster.tcpConnPool(Upstream::ResourcePriority::Default, context); + conn_pool_data_ = thread_local_cluster.tcpConnPool(Upstream::ResourcePriority::Default, context); } TcpConnPool::~TcpConnPool() { @@ -165,14 +165,14 @@ void TcpConnPool::newStream(GenericConnectionPoolCallbacks& callbacks) { // valid connection handle. If newConnection fails inline it may result in attempting to // select a new host, and a recursive call to initializeUpstreamConnection. In this case the // first call to newConnection will return null and the inner call will persist. - Tcp::ConnectionPool::Cancellable* handle = conn_pool_->newConnection(*this); + Tcp::ConnectionPool::Cancellable* handle = conn_pool_data_.value().newConnection(*this); if (handle) { ASSERT(upstream_handle_ == nullptr); upstream_handle_ = handle; } } -void TcpConnPool::onPoolFailure(ConnectionPool::PoolFailureReason reason, +void TcpConnPool::onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view, Upstream::HostDescriptionConstSharedPtr host) { upstream_handle_ = nullptr; callbacks_->onGenericPoolFailure(reason, host); @@ -193,10 +193,10 @@ void TcpConnPool::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data HttpConnPool::HttpConnPool(Upstream::ThreadLocalCluster& thread_local_cluster, Upstream::LoadBalancerContext* context, const TunnelingConfig& config, Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks, - Http::CodecClient::Type type) + Http::CodecType type) : config_(config), type_(type), upstream_callbacks_(upstream_callbacks) { - conn_pool_ = thread_local_cluster.httpConnPool(Upstream::ResourcePriority::Default, absl::nullopt, - context); + conn_pool_data_ = thread_local_cluster.httpConnPool(Upstream::ResourcePriority::Default, + absl::nullopt, context); } HttpConnPool::~HttpConnPool() { @@ -209,13 +209,13 @@ HttpConnPool::~HttpConnPool() { void HttpConnPool::newStream(GenericConnectionPoolCallbacks& callbacks) { callbacks_ = &callbacks; - if (type_ == Http::CodecClient::Type::HTTP1) { + if (type_ == Http::CodecType::HTTP1) { upstream_ = std::make_unique(upstream_callbacks_, config_); } else { upstream_ = std::make_unique(upstream_callbacks_, config_); } Tcp::ConnectionPool::Cancellable* handle = - conn_pool_->newStream(upstream_->responseDecoder(), *this); + conn_pool_data_.value().newStream(upstream_->responseDecoder(), *this); if (handle != nullptr) { upstream_handle_ = handle; } diff --git a/source/common/tcp_proxy/upstream.h b/source/common/tcp_proxy/upstream.h index bdf31648b034..3f2bfd9c6778 100644 --- a/source/common/tcp_proxy/upstream.h +++ b/source/common/tcp_proxy/upstream.h @@ -5,11 +5,12 @@ #include "envoy/tcp/conn_pool.h" #include "envoy/tcp/upstream.h" #include "envoy/upstream/load_balancer.h" +#include "envoy/upstream/thread_local_cluster.h" #include "envoy/upstream/upstream.h" -#include "common/common/dump_state_utils.h" -#include "common/http/codec_client.h" -#include "common/router/header_parser.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/http/codec_client.h" +#include "source/common/router/header_parser.h" namespace Envoy { namespace TcpProxy { @@ -21,19 +22,20 @@ class TcpConnPool : public GenericConnPool, public Tcp::ConnectionPool::Callback Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks); ~TcpConnPool() override; - bool valid() const { return conn_pool_ != nullptr; } + bool valid() const { return conn_pool_data_.has_value(); } // GenericConnPool void newStream(GenericConnectionPoolCallbacks& callbacks) override; // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) override; private: - Tcp::ConnectionPool::Instance* conn_pool_{}; + absl::optional conn_pool_data_{}; Tcp::ConnectionPool::Cancellable* upstream_handle_{}; GenericConnectionPoolCallbacks* callbacks_{}; Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks_; @@ -48,12 +50,11 @@ class HttpConnPool : public GenericConnPool, public Http::ConnectionPool::Callba HttpConnPool(Upstream::ThreadLocalCluster& thread_local_cluster, Upstream::LoadBalancerContext* context, const TunnelingConfig& config, - Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks, - Http::CodecClient::Type type); + Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks, Http::CodecType type); ~HttpConnPool() override; // HTTP/3 upstreams are not supported at the moment. - bool valid() const { return conn_pool_ != nullptr && type_ <= Http::CodecClient::Type::HTTP2; } + bool valid() const { return conn_pool_data_.has_value() && type_ <= Http::CodecType::HTTP2; } // GenericConnPool void newStream(GenericConnectionPoolCallbacks& callbacks) override; @@ -97,8 +98,8 @@ class HttpConnPool : public GenericConnPool, public Http::ConnectionPool::Callba const Network::Address::InstanceConstSharedPtr& local_address, Ssl::ConnectionInfoConstSharedPtr ssl_info); const TunnelingConfig config_; - Http::CodecClient::Type type_; - Http::ConnectionPool::Instance* conn_pool_{}; + Http::CodecType type_; + absl::optional conn_pool_data_{}; Http::ConnectionPool::Cancellable* upstream_handle_{}; GenericConnectionPoolCallbacks* callbacks_{}; Tcp::ConnectionPool::UpstreamCallbacks& upstream_callbacks_; diff --git a/source/common/thread/BUILD b/source/common/thread/BUILD index 6f79301e8676..45ffdec2aa14 100644 --- a/source/common/thread/BUILD +++ b/source/common/thread/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["terminate_thread.cc"], hdrs = ["terminate_thread.h"], deps = [ - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", "//source/common/common:minimal_logger_lib", ], ) diff --git a/source/common/thread/terminate_thread.cc b/source/common/thread/terminate_thread.cc index 435d704e6d24..8ddb9f20edf9 100644 --- a/source/common/thread/terminate_thread.cc +++ b/source/common/thread/terminate_thread.cc @@ -1,10 +1,10 @@ -#include "common/thread/terminate_thread.h" +#include "source/common/thread/terminate_thread.h" #include #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Thread { diff --git a/source/common/thread_local/BUILD b/source/common/thread_local/BUILD index 3892298e00d6..3e1697e39785 100644 --- a/source/common/thread_local/BUILD +++ b/source/common/thread_local/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( srcs = ["thread_local_impl.cc"], hdrs = ["thread_local_impl.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:stl_helpers", diff --git a/source/common/thread_local/thread_local_impl.cc b/source/common/thread_local/thread_local_impl.cc index 9bf485419745..baeade40f0c2 100644 --- a/source/common/thread_local/thread_local_impl.cc +++ b/source/common/thread_local/thread_local_impl.cc @@ -1,4 +1,4 @@ -#include "common/thread_local/thread_local_impl.h" +#include "source/common/thread_local/thread_local_impl.h" #include #include @@ -7,8 +7,8 @@ #include "envoy/event/dispatcher.h" -#include "common/common/assert.h" -#include "common/common/stl_helpers.h" +#include "source/common/common/assert.h" +#include "source/common/common/stl_helpers.h" namespace Envoy { namespace ThreadLocal { diff --git a/source/common/thread_local/thread_local_impl.h b/source/common/thread_local/thread_local_impl.h index db9cd63e1023..f7825b66e151 100644 --- a/source/common/thread_local/thread_local_impl.h +++ b/source/common/thread_local/thread_local_impl.h @@ -8,8 +8,8 @@ #include "envoy/thread_local/thread_local.h" -#include "common/common/logger.h" -#include "common/common/non_copyable.h" +#include "source/common/common/logger.h" +#include "source/common/common/non_copyable.h" namespace Envoy { namespace ThreadLocal { @@ -28,6 +28,7 @@ class InstanceImpl : Logger::Loggable, public NonCopyable, pub void shutdownGlobalThreading() override; void shutdownThread() override; Event::Dispatcher& dispatcher() override; + bool isShutdown() const override { return shutdown_; } private: // On destruction returns the slot index to the deferred delete queue (detaches it). This allows diff --git a/source/common/tracing/BUILD b/source/common/tracing/BUILD index 8dce4bdd7b64..93b6a596fa97 100644 --- a/source/common/tracing/BUILD +++ b/source/common/tracing/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( "null_span_impl.h", ], deps = [ - "//include/envoy/tracing:trace_driver_interface", + "//envoy/tracing:trace_driver_interface", "//source/common/common:empty_string", ], ) @@ -40,12 +40,12 @@ envoy_cc_library( deps = [ ":common_values_lib", ":null_span_lib", - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/local_info:local_info_interface", + "//envoy/runtime:runtime_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/common:base64_lib", "//source/common/common:macros", @@ -73,7 +73,7 @@ envoy_cc_library( "tracer_config_impl.h", ], deps = [ - "//include/envoy/server:tracer_config_interface", + "//envoy/server:tracer_config_interface", ], ) @@ -86,9 +86,9 @@ envoy_cc_library( "http_tracer_manager_impl.h", ], deps = [ - "//include/envoy/server:tracer_config_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/tracing:http_tracer_manager_interface", + "//envoy/server:tracer_config_interface", + "//envoy/singleton:instance_interface", + "//envoy/tracing:http_tracer_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/tracing:http_tracer_lib", diff --git a/source/common/tracing/common_values.h b/source/common/tracing/common_values.h index 41cb3947772f..8595c959fced 100644 --- a/source/common/tracing/common_values.h +++ b/source/common/tracing/common_values.h @@ -2,7 +2,7 @@ #include -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Tracing { diff --git a/source/common/tracing/http_tracer_impl.cc b/source/common/tracing/http_tracer_impl.cc index df9d29b4a72a..12aeace932b8 100644 --- a/source/common/tracing/http_tracer_impl.cc +++ b/source/common/tracing/http_tracer_impl.cc @@ -1,4 +1,4 @@ -#include "common/tracing/http_tracer_impl.h" +#include "source/common/tracing/http_tracer_impl.h" #include @@ -8,18 +8,18 @@ #include "envoy/type/metadata/v3/metadata.pb.h" #include "envoy/type/tracing/v3/custom_tag.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/formatter/substitution_formatter.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/utility.h" #include "absl/strings/str_cat.h" diff --git a/source/common/tracing/http_tracer_impl.h b/source/common/tracing/http_tracer_impl.h index 4c3b733ab090..6bd0b8e6b667 100644 --- a/source/common/tracing/http_tracer_impl.h +++ b/source/common/tracing/http_tracer_impl.h @@ -13,11 +13,11 @@ #include "envoy/type/tracing/v3/custom_tag.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/config/metadata.h" -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" -#include "common/tracing/common_values.h" -#include "common/tracing/null_span_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/tracing/common_values.h" +#include "source/common/tracing/null_span_impl.h" namespace Envoy { namespace Tracing { diff --git a/source/common/tracing/http_tracer_manager_impl.cc b/source/common/tracing/http_tracer_manager_impl.cc index e25f5d99ba2d..e746ff89d666 100644 --- a/source/common/tracing/http_tracer_manager_impl.cc +++ b/source/common/tracing/http_tracer_manager_impl.cc @@ -1,6 +1,6 @@ -#include "common/tracing/http_tracer_manager_impl.h" +#include "source/common/tracing/http_tracer_manager_impl.h" -#include "common/config/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Tracing { diff --git a/source/common/tracing/http_tracer_manager_impl.h b/source/common/tracing/http_tracer_manager_impl.h index a4fb18bcbf13..2080e56d0077 100644 --- a/source/common/tracing/http_tracer_manager_impl.h +++ b/source/common/tracing/http_tracer_manager_impl.h @@ -4,8 +4,8 @@ #include "envoy/singleton/instance.h" #include "envoy/tracing/http_tracer_manager.h" -#include "common/common/logger.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Tracing { diff --git a/source/common/tracing/null_span_impl.h b/source/common/tracing/null_span_impl.h index 18677818dfca..653147ffd88f 100644 --- a/source/common/tracing/null_span_impl.h +++ b/source/common/tracing/null_span_impl.h @@ -2,7 +2,7 @@ #include "envoy/tracing/trace_driver.h" -#include "common/common/empty_string.h" +#include "source/common/common/empty_string.h" namespace Envoy { namespace Tracing { diff --git a/source/common/upstream/BUILD b/source/common/upstream/BUILD index e8b369399374..901d530d882d 100644 --- a/source/common/upstream/BUILD +++ b/source/common/upstream/BUILD @@ -14,9 +14,9 @@ envoy_cc_library( srcs = ["cds_api_helper.cc"], hdrs = ["cds_api_helper.h"], deps = [ - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:resource_name_lib", "//source/common/protobuf", @@ -31,10 +31,10 @@ envoy_cc_library( hdrs = ["cds_api_impl.h"], deps = [ ":cds_api_helper_lib", - "//include/envoy/config:subscription_interface", - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/config:subscription_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/stats:stats_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:subscription_base_interface", "//source/common/grpc:common_lib", @@ -54,16 +54,16 @@ envoy_cc_library( ":load_stats_reporter_lib", ":ring_hash_lb_lib", ":subset_lb_lib", - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/router:context_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:codes_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:dns_interface", + "//envoy/router:context_interface", + "//envoy/runtime:runtime_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:cleanup_lib", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", @@ -102,7 +102,7 @@ envoy_cc_library( srcs = ["cluster_update_tracker.cc"], hdrs = ["cluster_update_tracker.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", ], ) @@ -110,9 +110,9 @@ envoy_cc_library( name = "conn_pool_map", hdrs = ["conn_pool_map.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/upstream:resource_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:dispatcher_interface", + "//envoy/upstream:resource_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:debug_recursion_checker_lib", ], ) @@ -130,9 +130,9 @@ envoy_cc_library( hdrs = ["priority_conn_pool_map.h"], deps = [ ":conn_pool_map", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/upstream:resource_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:dispatcher_interface", + "//envoy/upstream:resource_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:debug_recursion_checker_lib", ], ) @@ -157,7 +157,7 @@ envoy_cc_library( srcs = ["health_checker_base_impl.cc"], hdrs = ["health_checker_base_impl.h"], deps = [ - "//include/envoy/upstream:health_checker_interface", + "//envoy/upstream:health_checker_interface", "//source/common/router:router_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", @@ -178,7 +178,7 @@ envoy_cc_library( "@envoy_api//envoy/data/core/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", # TODO(dio): Remove dependency to server. - "//include/envoy/server:health_checker_config_interface", + "//envoy/server:health_checker_config_interface", "//source/common/grpc:codec_lib", "//source/common/http:codec_client_lib", "//source/common/upstream:host_utility_lib", @@ -189,7 +189,7 @@ envoy_cc_library( name = "host_utility_lib", srcs = ["host_utility.cc"], hdrs = ["host_utility.h"], - deps = ["//include/envoy/upstream:upstream_interface"], + deps = ["//envoy/upstream:upstream_interface"], ) envoy_cc_library( @@ -198,11 +198,11 @@ envoy_cc_library( hdrs = ["load_balancer_impl.h"], deps = [ ":edf_scheduler_lib", - "//include/envoy/common:random_generator_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/common:random_generator_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_protos_lib", @@ -215,9 +215,9 @@ envoy_cc_library( srcs = ["load_stats_reporter.cc"], hdrs = ["load_stats_reporter.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/stats:stats_macros", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", "//source/common/config:version_converter_lib", "//source/common/grpc:async_client_lib", @@ -243,14 +243,14 @@ envoy_cc_library( ":health_checker_lib", ":locality_endpoint_lib", ":upstream_includes", - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/stats:stats_macros", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:backoff_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", @@ -286,14 +286,13 @@ envoy_cc_library( ":cluster_factory_lib", ":logical_host_lib", ":upstream_includes", - "//include/envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_factory_interface", "//source/common/common:empty_string", "//source/common/config:utility_lib", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", - "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", @@ -307,12 +306,11 @@ envoy_cc_library( deps = [ ":cluster_factory_lib", ":upstream_includes", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/upstream:cluster_factory_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/upstream:cluster_factory_interface", "//source/common/common:empty_string", "//source/common/network:address_lib", "//source/common/network:utility_lib", - "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", @@ -324,12 +322,12 @@ envoy_cc_library( srcs = ["outlier_detection_impl.cc"], hdrs = ["outlier_detection_impl.h"], deps = [ - "//include/envoy/access_log:access_log_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:outlier_detection_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/access_log:access_log_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:outlier_detection_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/http:codes_lib", @@ -343,9 +341,9 @@ envoy_cc_library( name = "resource_manager_lib", hdrs = ["resource_manager_impl.h"], deps = [ - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:resource_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:resource_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:basic_resource_lib", ], @@ -397,13 +395,13 @@ envoy_cc_library( deps = [ ":cluster_factory_lib", ":upstream_includes", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_factory_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:locality_lib", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_factory_interface", + "//envoy/config:subscription_interface", + "//envoy/local_info:local_info_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:locality_lib", "//source/common/config:api_version_lib", "//source/common/config:decoded_resource_lib", "//source/common/config:metadata_lib", @@ -415,7 +413,6 @@ envoy_cc_library( "//source/common/network:resolver_lib", "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", - "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/api/v2:pkg_cc_proto", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -433,8 +430,8 @@ envoy_cc_library( ":maglev_lb_lib", ":ring_hash_lb_lib", ":upstream_lib", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:load_balancer_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:load_balancer_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:metadata_lib", @@ -461,12 +458,12 @@ envoy_cc_library( "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/upstream:health_checker_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:dns_interface", + "//envoy/network:listen_socket_interface", + "//envoy/ssl:context_interface", + "//envoy/upstream:health_checker_interface", "//source/common/common:enum_to_int", "//source/common/common:thread_lib", "//source/common/common:utility_lib", @@ -535,19 +532,19 @@ envoy_cc_library( ":load_balancer_lib", ":outlier_detection_lib", ":resource_manager_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:health_checker_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:locality_lib", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:timer_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:dns_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:filter_config_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:health_checker_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:locality_lib", + "//envoy/upstream:upstream_interface", "//source/common/common:callback_impl_lib", "//source/common/common:enum_to_int", "//source/common/common:minimal_logger_lib", @@ -575,12 +572,12 @@ envoy_cc_library( ":cluster_factory_includes", ":health_checker_lib", ":upstream_includes", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/upstream:health_checker_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:dns_interface", + "//envoy/network:listen_socket_interface", + "//envoy/ssl:context_interface", + "//envoy/upstream:health_checker_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/http:utility_lib", @@ -590,7 +587,6 @@ envoy_cc_library( "//source/common/network:utility_lib", "//source/common/protobuf", "//source/common/protobuf:utility_lib", - "//source/extensions/clusters:well_known_names", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], @@ -604,19 +600,19 @@ envoy_cc_library( ":outlier_detection_lib", ":resource_manager_lib", ":upstream_includes", - "//include/envoy/event:timer_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:health_checker_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:locality_lib", - "//include/envoy/upstream:upstream_interface", + "//envoy/event:timer_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:dns_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:health_checker_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:locality_lib", + "//envoy/upstream:upstream_interface", "//source/common/common:callback_impl_lib", "//source/common/common:enum_to_int", "//source/common/common:minimal_logger_lib", @@ -626,7 +622,6 @@ envoy_cc_library( "//source/common/config:well_known_names", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", - "//source/extensions/clusters:well_known_names", "//source/server:transport_socket_config_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", ], diff --git a/source/common/upstream/cds_api_helper.cc b/source/common/upstream/cds_api_helper.cc index a5a860078f08..c75b1526d2f0 100644 --- a/source/common/upstream/cds_api_helper.cc +++ b/source/common/upstream/cds_api_helper.cc @@ -1,12 +1,12 @@ -#include "common/upstream/cds_api_helper.h" +#include "source/common/upstream/cds_api_helper.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/grpc_mux.h" -#include "common/common/fmt.h" -#include "common/config/resource_name.h" +#include "source/common/common/fmt.h" +#include "source/common/config/resource_name.h" #include "absl/container/flat_hash_set.h" diff --git a/source/common/upstream/cds_api_helper.h b/source/common/upstream/cds_api_helper.h index a7a91c4ebe46..17384a6fb602 100644 --- a/source/common/upstream/cds_api_helper.h +++ b/source/common/upstream/cds_api_helper.h @@ -6,8 +6,8 @@ #include "envoy/config/subscription.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/cds_api_impl.cc b/source/common/upstream/cds_api_impl.cc index e442c72b613a..3c9d8ab46b6d 100644 --- a/source/common/upstream/cds_api_impl.cc +++ b/source/common/upstream/cds_api_impl.cc @@ -1,7 +1,7 @@ -#include "common/upstream/cds_api_impl.h" +#include "source/common/upstream/cds_api_impl.h" -#include "common/common/assert.h" -#include "common/grpc/common.h" +#include "source/common/common/assert.h" +#include "source/common/grpc/common.h" #include "absl/strings/str_join.h" diff --git a/source/common/upstream/cds_api_impl.h b/source/common/upstream/cds_api_impl.h index ef88890b5886..63ca584eb06d 100644 --- a/source/common/upstream/cds_api_impl.h +++ b/source/common/upstream/cds_api_impl.h @@ -12,9 +12,9 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" -#include "common/config/subscription_base.h" -#include "common/protobuf/protobuf.h" -#include "common/upstream/cds_api_helper.h" +#include "source/common/config/subscription_base.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/upstream/cds_api_helper.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc index b9c21a75429a..ab599bd092b6 100644 --- a/source/common/upstream/cluster_factory_impl.cc +++ b/source/common/upstream/cluster_factory_impl.cc @@ -1,15 +1,14 @@ -#include "common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/server/options.h" -#include "common/http/utility.h" -#include "common/network/address_impl.h" -#include "common/network/resolver_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/upstream/health_checker_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/server/transport_socket_config_impl.h" namespace Envoy { namespace Upstream { @@ -38,19 +37,19 @@ std::pair ClusterFactoryImplBase:: if (!cluster.has_cluster_type()) { switch (cluster.type()) { case envoy::config::cluster::v3::Cluster::STATIC: - cluster_type = Extensions::Clusters::ClusterTypes::get().Static; + cluster_type = "envoy.cluster.static"; break; case envoy::config::cluster::v3::Cluster::STRICT_DNS: - cluster_type = Extensions::Clusters::ClusterTypes::get().StrictDns; + cluster_type = "envoy.cluster.strict_dns"; break; case envoy::config::cluster::v3::Cluster::LOGICAL_DNS: - cluster_type = Extensions::Clusters::ClusterTypes::get().LogicalDns; + cluster_type = "envoy.cluster.logical_dns"; break; case envoy::config::cluster::v3::Cluster::ORIGINAL_DST: - cluster_type = Extensions::Clusters::ClusterTypes::get().OriginalDst; + cluster_type = "envoy.cluster.original_dst"; break; case envoy::config::cluster::v3::Cluster::EDS: - cluster_type = Extensions::Clusters::ClusterTypes::get().Eds; + cluster_type = "envoy.cluster.eds"; break; default: NOT_REACHED_GCOVR_EXCL_LINE; @@ -89,15 +88,32 @@ ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Clus // where 'dns_resolvers' is specified, we have per-cluster DNS // resolvers that are created here but ownership resides with // StrictDnsClusterImpl/LogicalDnsCluster. - if (!cluster.dns_resolvers().empty()) { - const auto& resolver_addrs = cluster.dns_resolvers(); + if ((cluster.has_dns_resolution_config() && + !cluster.dns_resolution_config().resolvers().empty()) || + !cluster.dns_resolvers().empty()) { + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; std::vector resolvers; - resolvers.reserve(resolver_addrs.size()); - for (const auto& resolver_addr : resolver_addrs) { - resolvers.push_back(Network::Address::resolveProtoAddress(resolver_addr)); + Protobuf::RepeatedPtrField resolver_addrs; + if (cluster.has_dns_resolution_config()) { + dns_resolver_options.CopyFrom(cluster.dns_resolution_config().dns_resolver_options()); + resolver_addrs.CopyFrom(cluster.dns_resolution_config().resolvers()); + } else { + /* if `cluster.dns_resolution_config` is not set. */ + // Field bool `use_tcp_for_dns_lookups` will be deprecated in future. To be backward + // compatible utilize cluster.use_tcp_for_dns_lookups(). + dns_resolver_options.set_use_tcp_for_dns_lookups(cluster.use_tcp_for_dns_lookups()); + // Field repeated Address `dns_resolvers` will be deprecated in future. To be backward + // compatible utilize cluster.dns_resolvers(). + resolver_addrs.CopyFrom(cluster.dns_resolvers()); + } + + if (!resolver_addrs.empty()) { + resolvers.reserve(resolver_addrs.size()); + for (const auto& resolver_addr : resolver_addrs) { + resolvers.push_back(Network::Address::resolveProtoAddress(resolver_addr)); + } } - const bool use_tcp_for_dns_lookups = cluster.use_tcp_for_dns_lookups(); - return context.dispatcher().createDnsResolver(resolvers, use_tcp_for_dns_lookups); + return context.dispatcher().createDnsResolver(resolvers, dns_resolver_options); } return context.dnsResolver(); diff --git a/source/common/upstream/cluster_factory_impl.h b/source/common/upstream/cluster_factory_impl.h index 5a3e8b49cdcf..acae527f5726 100644 --- a/source/common/upstream/cluster_factory_impl.h +++ b/source/common/upstream/cluster_factory_impl.h @@ -30,21 +30,19 @@ #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" -#include "common/common/callback_impl.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/config/metadata.h" -#include "common/config/utility.h" -#include "common/config/well_known_names.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/stats/isolated_store_impl.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/outlier_detection_impl.h" -#include "common/upstream/resource_manager_impl.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/clusters/well_known_names.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/config/metadata.h" +#include "source/common/config/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/outlier_detection_impl.h" +#include "source/common/upstream/resource_manager_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/cluster_manager_impl.cc b/source/common/upstream/cluster_manager_impl.cc index 05e18092e933..4ffb69b48f54 100644 --- a/source/common/upstream/cluster_manager_impl.cc +++ b/source/common/upstream/cluster_manager_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/cluster_manager_impl.h" +#include "source/common/upstream/cluster_manager_impl.h" #include #include @@ -17,37 +17,37 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/new_grpc_mux_impl.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/config/xds_resource.h" -#include "common/grpc/async_client_manager_impl.h" -#include "common/http/async_client_impl.h" -#include "common/http/http1/conn_pool.h" -#include "common/http/http2/conn_pool.h" -#include "common/http/mixed_conn_pool.h" -#include "common/network/resolver_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/router/shadow_writer_impl.h" -#include "common/runtime/runtime_features.h" -#include "common/tcp/conn_pool.h" -#include "common/tcp/original_conn_pool.h" -#include "common/upstream/cds_api_impl.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/maglev_lb.h" -#include "common/upstream/original_dst_cluster.h" -#include "common/upstream/priority_conn_pool_map_impl.h" -#include "common/upstream/ring_hash_lb.h" -#include "common/upstream/subset_lb.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/new_grpc_mux_impl.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/config/xds_resource.h" +#include "source/common/grpc/async_client_manager_impl.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/http/http1/conn_pool.h" +#include "source/common/http/http2/conn_pool.h" +#include "source/common/http/mixed_conn_pool.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/shadow_writer_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/tcp/conn_pool.h" +#include "source/common/tcp/original_conn_pool.h" +#include "source/common/upstream/cds_api_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/maglev_lb.h" +#include "source/common/upstream/original_dst_cluster.h" +#include "source/common/upstream/priority_conn_pool_map_impl.h" +#include "source/common/upstream/ring_hash_lb.h" +#include "source/common/upstream/subset_lb.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/http/conn_pool_grid.h" -#include "common/http/http3/conn_pool.h" +#include "source/common/http/conn_pool_grid.h" +#include "source/common/http/http3/conn_pool.h" #endif namespace Envoy { @@ -905,41 +905,45 @@ void ClusterManagerImpl::maybePreconnect( } } -Http::ConnectionPool::Instance* +absl::optional ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::httpConnPool( ResourcePriority priority, absl::optional protocol, LoadBalancerContext* context) { // Select a host and create a connection pool for it if it does not already exist. - auto ret = connPool(priority, protocol, context, false); - - // Now see if another host should be preconnected. - // httpConnPool is called immediately before a call for newStream. newStream doesn't - // have the load balancer context needed to make selection decisions so preconnecting must be - // performed here in anticipation of the new stream. - // TODO(alyssawilk) refactor to have one function call and return a pair, so this invariant is - // code-enforced. - maybePreconnect(*this, parent_.cluster_manager_state_, [this, &priority, &protocol, &context]() { - return connPool(priority, protocol, context, true); - }); - return ret; + auto pool = connPool(priority, protocol, context, false); + if (pool == nullptr) { + return absl::nullopt; + } + + HttpPoolData data( + [this, priority, protocol, context]() -> void { + // Now that a new stream is being established, attempt to preconnect. + maybePreconnect(*this, parent_.cluster_manager_state_, + [this, &priority, &protocol, &context]() { + return connPool(priority, protocol, context, true); + }); + }, + pool); + return data; } -Tcp::ConnectionPool::Instance* +absl::optional ClusterManagerImpl::ThreadLocalClusterManagerImpl::ClusterEntry::tcpConnPool( ResourcePriority priority, LoadBalancerContext* context) { // Select a host and create a connection pool for it if it does not already exist. - auto ret = tcpConnPool(priority, context, false); - - // tcpConnPool is called immediately before a call for newConnection. newConnection - // doesn't have the load balancer context needed to make selection decisions so preconnecting must - // be performed here in anticipation of the new connection. - // TODO(alyssawilk) refactor to have one function call and return a pair, so this invariant is - // code-enforced. - // Now see if another host should be preconnected. - maybePreconnect(*this, parent_.cluster_manager_state_, - [this, &priority, &context]() { return tcpConnPool(priority, context, true); }); - - return ret; + auto pool = tcpConnPool(priority, context, false); + if (pool == nullptr) { + return absl::nullopt; + } + + TcpPoolData data( + [this, priority, context]() -> void { + maybePreconnect(*this, parent_.cluster_manager_state_, [this, &priority, &context]() { + return tcpConnPool(priority, context, true); + }); + }, + pool); + return data; } void ClusterManagerImpl::postThreadLocalDrainConnections(const Cluster& cluster, diff --git a/source/common/upstream/cluster_manager_impl.h b/source/common/upstream/cluster_manager_impl.h index 5034a261c107..18073d43a00d 100644 --- a/source/common/upstream/cluster_manager_impl.h +++ b/source/common/upstream/cluster_manager_impl.h @@ -26,15 +26,15 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/cleanup.h" -#include "common/config/grpc_mux_impl.h" -#include "common/config/subscription_factory_impl.h" -#include "common/http/alternate_protocols_cache_impl.h" -#include "common/http/alternate_protocols_cache_manager_impl.h" -#include "common/http/async_client_impl.h" -#include "common/upstream/load_stats_reporter.h" -#include "common/upstream/priority_conn_pool_map.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/cleanup.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/config/subscription_factory_impl.h" +#include "source/common/http/alternate_protocols_cache_impl.h" +#include "source/common/http/alternate_protocols_cache_manager_impl.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/upstream/load_stats_reporter.h" +#include "source/common/upstream/priority_conn_pool_map.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -413,11 +413,11 @@ class ClusterManagerImpl : public ClusterManager, Logger::Loggable downstream_protocol, - LoadBalancerContext* context) override; - Tcp::ConnectionPool::Instance* tcpConnPool(ResourcePriority priority, - LoadBalancerContext* context) override; + absl::optional httpConnPool(ResourcePriority priority, + absl::optional downstream_protocol, + LoadBalancerContext* context) override; + absl::optional tcpConnPool(ResourcePriority priority, + LoadBalancerContext* context) override; Host::CreateConnectionData tcpConn(LoadBalancerContext* context) override; Http::AsyncClient& httpAsyncClient() override; diff --git a/source/common/upstream/cluster_update_tracker.cc b/source/common/upstream/cluster_update_tracker.cc index 5a591f177469..15eefc0d2ca5 100644 --- a/source/common/upstream/cluster_update_tracker.cc +++ b/source/common/upstream/cluster_update_tracker.cc @@ -1,4 +1,4 @@ -#include "common/upstream/cluster_update_tracker.h" +#include "source/common/upstream/cluster_update_tracker.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/conn_pool_map.h b/source/common/upstream/conn_pool_map.h index 041f619e0bfa..0b5f61cb6eaf 100644 --- a/source/common/upstream/conn_pool_map.h +++ b/source/common/upstream/conn_pool_map.h @@ -7,7 +7,7 @@ #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/debug_recursion_checker.h" +#include "source/common/common/debug_recursion_checker.h" #include "absl/container/flat_hash_map.h" #include "absl/types/optional.h" diff --git a/source/common/upstream/conn_pool_map_impl.h b/source/common/upstream/conn_pool_map_impl.h index c0daca8ef37a..b183f9d438bb 100644 --- a/source/common/upstream/conn_pool_map_impl.h +++ b/source/common/upstream/conn_pool_map_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/upstream/conn_pool_map.h" +#include "source/common/upstream/conn_pool_map.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/edf_scheduler.h b/source/common/upstream/edf_scheduler.h index 2f91d0e5cbed..eaac9f08857a 100644 --- a/source/common/upstream/edf_scheduler.h +++ b/source/common/upstream/edf_scheduler.h @@ -3,7 +3,7 @@ #include #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/eds.cc b/source/common/upstream/eds.cc index 57fe03e3de32..c8ea0bb33348 100644 --- a/source/common/upstream/eds.cc +++ b/source/common/upstream/eds.cc @@ -1,4 +1,4 @@ -#include "common/upstream/eds.h" +#include "source/common/upstream/eds.h" #include "envoy/api/v2/endpoint.pb.h" #include "envoy/common/exception.h" @@ -6,11 +6,11 @@ #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/config/api_version.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/version_converter.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/version_converter.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/eds.h b/source/common/upstream/eds.h index 224f0984e420..45469661df79 100644 --- a/source/common/upstream/eds.h +++ b/source/common/upstream/eds.h @@ -15,11 +15,9 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/locality.h" -#include "common/config/subscription_base.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/clusters/well_known_names.h" +#include "source/common/config/subscription_base.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -89,7 +87,7 @@ using EdsClusterImplSharedPtr = std::shared_ptr; class EdsClusterFactory : public ClusterFactoryImplBase { public: - EdsClusterFactory() : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().Eds) {} + EdsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.eds") {} private: std::pair createClusterImpl( diff --git a/source/common/upstream/health_checker_base_impl.cc b/source/common/upstream/health_checker_base_impl.cc index c396402a118c..b82058cf2aad 100644 --- a/source/common/upstream/health_checker_base_impl.cc +++ b/source/common/upstream/health_checker_base_impl.cc @@ -1,12 +1,12 @@ -#include "common/upstream/health_checker_base_impl.h" +#include "source/common/upstream/health_checker_base_impl.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/stats/scope.h" -#include "common/network/utility.h" -#include "common/router/router.h" +#include "source/common/network/utility.h" +#include "source/common/router/router.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/health_checker_base_impl.h b/source/common/upstream/health_checker_base_impl.h index 4053cd3f623d..5081aac7351d 100644 --- a/source/common/upstream/health_checker_base_impl.h +++ b/source/common/upstream/health_checker_base_impl.h @@ -11,9 +11,9 @@ #include "envoy/type/matcher/string.pb.h" #include "envoy/upstream/health_checker.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/network/transport_socket_options_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/network/transport_socket_options_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/health_checker_impl.cc b/source/common/upstream/health_checker_impl.cc index 7b64ed5fda85..2859e5876758 100644 --- a/source/common/upstream/health_checker_impl.cc +++ b/source/common/upstream/health_checker_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/health_checker_impl.h" +#include "source/common/upstream/health_checker_impl.h" #include @@ -8,21 +8,21 @@ #include "envoy/type/v3/http.pb.h" #include "envoy/type/v3/range.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/macros.h" -#include "common/config/utility.h" -#include "common/config/well_known_names.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/network/address_impl.h" -#include "common/network/socket_impl.h" -#include "common/network/utility.h" -#include "common/router/router.h" -#include "common/runtime/runtime_features.h" -#include "common/upstream/host_utility.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/macros.h" +#include "source/common/config/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/router/router.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/upstream/host_utility.h" #include "absl/strings/match.h" #include "absl/strings/str_cat.h" @@ -197,13 +197,13 @@ bool HttpHealthCheckerImpl::HttpStatusChecker::inRange(uint64_t http_status) con return false; } -Http::Protocol codecClientTypeToProtocol(Http::CodecClient::Type codec_client_type) { +Http::Protocol codecClientTypeToProtocol(Http::CodecType codec_client_type) { switch (codec_client_type) { - case Http::CodecClient::Type::HTTP1: + case Http::CodecType::HTTP1: return Http::Protocol::Http11; - case Http::CodecClient::Type::HTTP2: + case Http::CodecType::HTTP2: return Http::Protocol::Http2; - case Http::CodecClient::Type::HTTP3: + case Http::CodecType::HTTP3: return Http::Protocol::Http3; default: NOT_REACHED_GCOVR_EXCL_LINE; @@ -422,15 +422,15 @@ void HttpHealthCheckerImpl::HttpActiveHealthCheckSession::onTimeout() { } } -Http::CodecClient::Type +Http::CodecType HttpHealthCheckerImpl::codecClientType(const envoy::type::v3::CodecClientType& type) { switch (type) { case envoy::type::v3::HTTP3: - return Http::CodecClient::Type::HTTP3; + return Http::CodecType::HTTP3; case envoy::type::v3::HTTP2: - return Http::CodecClient::Type::HTTP2; + return Http::CodecType::HTTP2; case envoy::type::v3::HTTP1: - return Http::CodecClient::Type::HTTP1; + return Http::CodecType::HTTP1; default: NOT_REACHED_GCOVR_EXCL_LINE; } @@ -892,8 +892,8 @@ void GrpcHealthCheckerImpl::GrpcActiveHealthCheckSession::logHealthCheckStatus( Http::CodecClientPtr ProdGrpcHealthCheckerImpl::createCodecClient(Upstream::Host::CreateConnectionData& data) { return std::make_unique( - Http::CodecClient::Type::HTTP2, std::move(data.connection_), data.host_description_, - dispatcher_, random_generator_); + Http::CodecType::HTTP2, std::move(data.connection_), data.host_description_, dispatcher_, + random_generator_); } std::ostream& operator<<(std::ostream& out, HealthState state) { diff --git a/source/common/upstream/health_checker_impl.h b/source/common/upstream/health_checker_impl.h index a156c77f9847..ec3b615ea5ab 100644 --- a/source/common/upstream/health_checker_impl.h +++ b/source/common/upstream/health_checker_impl.h @@ -10,13 +10,13 @@ #include "envoy/type/v3/http.pb.h" #include "envoy/type/v3/range.pb.h" -#include "common/common/dump_state_utils.h" -#include "common/common/logger.h" -#include "common/grpc/codec.h" -#include "common/http/codec_client.h" -#include "common/router/header_parser.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/upstream/health_checker_base_impl.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/codec.h" +#include "source/common/http/codec_client.h" +#include "source/common/router/header_parser.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/upstream/health_checker_base_impl.h" #include "src/proto/grpc/health/v1/health.pb.h" @@ -159,7 +159,7 @@ class HttpHealthCheckerImpl : public HealthCheckerImplBase { return envoy::data::core::v3::HTTP; } - Http::CodecClient::Type codecClientType(const envoy::type::v3::CodecClientType& type); + Http::CodecType codecClientType(const envoy::type::v3::CodecClientType& type); const std::string path_; const std::string host_value_; @@ -168,7 +168,7 @@ class HttpHealthCheckerImpl : public HealthCheckerImplBase { const HttpStatusChecker http_status_checker_; protected: - const Http::CodecClient::Type codec_client_type_; + const Http::CodecType codec_client_type_; Random::RandomGenerator& random_generator_; }; diff --git a/source/common/upstream/health_discovery_service.cc b/source/common/upstream/health_discovery_service.cc index 01a171c3ef1d..c9f5a5864958 100644 --- a/source/common/upstream/health_discovery_service.cc +++ b/source/common/upstream/health_discovery_service.cc @@ -1,4 +1,4 @@ -#include "common/upstream/health_discovery_service.h" +#include "source/common/upstream/health_discovery_service.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/address.pb.h" @@ -9,11 +9,11 @@ #include "envoy/service/health/v3/hds.pb.validate.h" #include "envoy/stats/scope.h" -#include "common/config/version_converter.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/health_discovery_service.h b/source/common/upstream/health_discovery_service.h index e943efe63fe4..dd9b37722ee4 100644 --- a/source/common/upstream/health_discovery_service.h +++ b/source/common/upstream/health_discovery_service.h @@ -11,17 +11,16 @@ #include "envoy/stats/stats_macros.h" #include "envoy/upstream/upstream.h" -#include "common/common/backoff_strategy.h" -#include "common/common/logger.h" -#include "common/common/macros.h" -#include "common/config/utility.h" -#include "common/grpc/async_client_impl.h" -#include "common/network/resolver_impl.h" -#include "common/upstream/health_checker_impl.h" -#include "common/upstream/locality_endpoint.h" -#include "common/upstream/upstream_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/common/upstream/locality_endpoint.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/server/transport_socket_config_impl.h" #include "absl/container/flat_hash_map.h" diff --git a/source/common/upstream/host_utility.cc b/source/common/upstream/host_utility.cc index 10df4ae94029..7a09ee9dc029 100644 --- a/source/common/upstream/host_utility.cc +++ b/source/common/upstream/host_utility.cc @@ -1,4 +1,4 @@ -#include "common/upstream/host_utility.h" +#include "source/common/upstream/host_utility.h" #include diff --git a/source/common/upstream/load_balancer_impl.cc b/source/common/upstream/load_balancer_impl.cc index 6278a4ab39dc..47db0423169e 100644 --- a/source/common/upstream/load_balancer_impl.cc +++ b/source/common/upstream/load_balancer_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/load_balancer_impl.h" +#include "source/common/upstream/load_balancer_impl.h" #include #include @@ -9,8 +9,8 @@ #include "envoy/runtime/runtime.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/utility.h" #include "absl/container/fixed_array.h" diff --git a/source/common/upstream/load_balancer_impl.h b/source/common/upstream/load_balancer_impl.h index db9f815dce0e..330fc14be3d5 100644 --- a/source/common/upstream/load_balancer_impl.h +++ b/source/common/upstream/load_balancer_impl.h @@ -14,9 +14,9 @@ #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_protos.h" -#include "common/upstream/edf_scheduler.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/common/upstream/edf_scheduler.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/load_stats_reporter.cc b/source/common/upstream/load_stats_reporter.cc index 9edf4e318a27..3b3f1bd06d08 100644 --- a/source/common/upstream/load_stats_reporter.cc +++ b/source/common/upstream/load_stats_reporter.cc @@ -1,10 +1,10 @@ -#include "common/upstream/load_stats_reporter.h" +#include "source/common/upstream/load_stats_reporter.h" #include "envoy/service/load_stats/v3/lrs.pb.h" #include "envoy/stats/scope.h" -#include "common/config/version_converter.h" -#include "common/protobuf/protobuf.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/load_stats_reporter.h b/source/common/upstream/load_stats_reporter.h index d656ad0cf6e3..97302ad1223f 100644 --- a/source/common/upstream/load_stats_reporter.h +++ b/source/common/upstream/load_stats_reporter.h @@ -6,9 +6,9 @@ #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/grpc/async_client_impl.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/grpc/typed_async_client.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/locality_endpoint.h b/source/common/upstream/locality_endpoint.h index a928cbde3ad0..295110bf1e0f 100644 --- a/source/common/upstream/locality_endpoint.h +++ b/source/common/upstream/locality_endpoint.h @@ -3,7 +3,7 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/logical_dns_cluster.cc b/source/common/upstream/logical_dns_cluster.cc index c0a3433f49f9..5176573e3ab4 100644 --- a/source/common/upstream/logical_dns_cluster.cc +++ b/source/common/upstream/logical_dns_cluster.cc @@ -1,4 +1,4 @@ -#include "common/upstream/logical_dns_cluster.h" +#include "source/common/upstream/logical_dns_cluster.h" #include #include @@ -12,12 +12,12 @@ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/stats/scope.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Upstream { @@ -57,10 +57,7 @@ LogicalDnsCluster::LogicalDnsCluster( resolve_timer_( factory_context.dispatcher().createTimer([this]() -> void { startResolve(); })), local_info_(factory_context.localInfo()), - load_assignment_( - cluster.has_load_assignment() - ? convertPriority(cluster.load_assignment()) - : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())) { + load_assignment_(convertPriority(cluster.load_assignment())) { failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy( cluster, dns_refresh_rate_ms_.count(), factory_context.api().randomGenerator()); diff --git a/source/common/upstream/logical_dns_cluster.h b/source/common/upstream/logical_dns_cluster.h index c0503cd891fd..b2d13cbc9b51 100644 --- a/source/common/upstream/logical_dns_cluster.h +++ b/source/common/upstream/logical_dns_cluster.h @@ -10,12 +10,10 @@ #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" -#include "common/common/empty_string.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/logical_host.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/clusters/well_known_names.h" +#include "source/common/common/empty_string.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/logical_host.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -80,8 +78,7 @@ class LogicalDnsCluster : public ClusterImplBase { class LogicalDnsClusterFactory : public ClusterFactoryImplBase { public: - LogicalDnsClusterFactory() - : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().LogicalDns) {} + LogicalDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.logical_dns") {} private: std::pair createClusterImpl( diff --git a/source/common/upstream/logical_host.cc b/source/common/upstream/logical_host.cc index 302b125cc18e..6fe30a349893 100644 --- a/source/common/upstream/logical_host.cc +++ b/source/common/upstream/logical_host.cc @@ -1,4 +1,4 @@ -#include "common/upstream/logical_host.h" +#include "source/common/upstream/logical_host.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/logical_host.h b/source/common/upstream/logical_host.h index ae2efb3ebb45..5f7f6bf8889b 100644 --- a/source/common/upstream/logical_host.h +++ b/source/common/upstream/logical_host.h @@ -4,7 +4,7 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -95,6 +95,9 @@ class RealHostDescription : public HostDescription { } const std::string& hostname() const override { return logical_host_->hostname(); } Network::Address::InstanceConstSharedPtr address() const override { return address_; } + const std::vector& addressList() const override { + return logical_host_->addressList(); + } const envoy::config::core::v3::Locality& locality() const override { return logical_host_->locality(); } diff --git a/source/common/upstream/maglev_lb.cc b/source/common/upstream/maglev_lb.cc index bf542bf78879..7617853725d0 100644 --- a/source/common/upstream/maglev_lb.cc +++ b/source/common/upstream/maglev_lb.cc @@ -1,4 +1,4 @@ -#include "common/upstream/maglev_lb.h" +#include "source/common/upstream/maglev_lb.h" #include "envoy/config/cluster/v3/cluster.pb.h" diff --git a/source/common/upstream/maglev_lb.h b/source/common/upstream/maglev_lb.h index 3f80b842d474..d2c4ed58109b 100644 --- a/source/common/upstream/maglev_lb.h +++ b/source/common/upstream/maglev_lb.h @@ -5,8 +5,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/upstream/thread_aware_lb_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/thread_aware_lb_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/original_dst_cluster.cc b/source/common/upstream/original_dst_cluster.cc index 22313edebe5d..27f6f7887de9 100644 --- a/source/common/upstream/original_dst_cluster.cc +++ b/source/common/upstream/original_dst_cluster.cc @@ -1,4 +1,4 @@ -#include "common/upstream/original_dst_cluster.h" +#include "source/common/upstream/original_dst_cluster.h" #include #include @@ -11,11 +11,11 @@ #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/stats/scope.h" -#include "common/http/headers.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/http/headers.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Upstream { @@ -119,9 +119,8 @@ OriginalDstCluster::OriginalDstCluster( ? info_->lbOriginalDstConfig().value().use_http_header() : false), host_map_(std::make_shared()) { - // TODO(dio): Remove hosts check once the hosts field is removed. - if (config.has_load_assignment() || !config.hidden_envoy_deprecated_hosts().empty()) { - throw EnvoyException("ORIGINAL_DST clusters must have no load assignment or hosts configured"); + if (config.has_load_assignment()) { + throw EnvoyException("ORIGINAL_DST clusters must have no load assignment configured"); } cleanup_timer_->enableTimer(cleanup_interval_ms_); } diff --git a/source/common/upstream/original_dst_cluster.h b/source/common/upstream/original_dst_cluster.h index 0e1a3d992e7a..2ee8eceac501 100644 --- a/source/common/upstream/original_dst_cluster.h +++ b/source/common/upstream/original_dst_cluster.h @@ -10,12 +10,10 @@ #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/clusters/well_known_names.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -120,8 +118,7 @@ using OriginalDstClusterSharedPtr = std::shared_ptr; class OriginalDstClusterFactory : public ClusterFactoryImplBase { public: - OriginalDstClusterFactory() - : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().OriginalDst) {} + OriginalDstClusterFactory() : ClusterFactoryImplBase("envoy.cluster.original_dst") {} private: std::pair createClusterImpl( diff --git a/source/common/upstream/outlier_detection_impl.cc b/source/common/upstream/outlier_detection_impl.cc index 4532c6c43ca8..bbf52ae4bc61 100644 --- a/source/common/upstream/outlier_detection_impl.cc +++ b/source/common/upstream/outlier_detection_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/outlier_detection_impl.h" +#include "source/common/upstream/outlier_detection_impl.h" #include #include @@ -12,12 +12,12 @@ #include "envoy/event/dispatcher.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/http/codes.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/http/codes.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/priority_conn_pool_map.h b/source/common/upstream/priority_conn_pool_map.h index 92b17174170d..18ce2c52eb95 100644 --- a/source/common/upstream/priority_conn_pool_map.h +++ b/source/common/upstream/priority_conn_pool_map.h @@ -4,7 +4,7 @@ #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" -#include "common/upstream/conn_pool_map.h" +#include "source/common/upstream/conn_pool_map.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/priority_conn_pool_map_impl.h b/source/common/upstream/priority_conn_pool_map_impl.h index 8ece04d0272e..b1cb6f8c54d1 100644 --- a/source/common/upstream/priority_conn_pool_map_impl.h +++ b/source/common/upstream/priority_conn_pool_map_impl.h @@ -1,7 +1,7 @@ #pragma once -#include "common/upstream/conn_pool_map_impl.h" -#include "common/upstream/priority_conn_pool_map.h" +#include "source/common/upstream/conn_pool_map_impl.h" +#include "source/common/upstream/priority_conn_pool_map.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/resource_manager_impl.h b/source/common/upstream/resource_manager_impl.h index 4cbf371daf1d..1609273568d2 100644 --- a/source/common/upstream/resource_manager_impl.h +++ b/source/common/upstream/resource_manager_impl.h @@ -10,8 +10,8 @@ #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/basic_resource_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/basic_resource_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/ring_hash_lb.cc b/source/common/upstream/ring_hash_lb.cc index bbdcec520def..567ea6b300d0 100644 --- a/source/common/upstream/ring_hash_lb.cc +++ b/source/common/upstream/ring_hash_lb.cc @@ -1,4 +1,4 @@ -#include "common/upstream/ring_hash_lb.h" +#include "source/common/upstream/ring_hash_lb.h" #include #include @@ -7,8 +7,8 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/common/assert.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/upstream/load_balancer_impl.h" #include "absl/container/inlined_vector.h" #include "absl/strings/string_view.h" diff --git a/source/common/upstream/ring_hash_lb.h b/source/common/upstream/ring_hash_lb.h index 2f6dc03ab563..3369a7ba635a 100644 --- a/source/common/upstream/ring_hash_lb.h +++ b/source/common/upstream/ring_hash_lb.h @@ -7,8 +7,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" -#include "common/upstream/thread_aware_lb_impl.h" +#include "source/common/common/logger.h" +#include "source/common/upstream/thread_aware_lb_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/static_cluster.cc b/source/common/upstream/static_cluster.cc index 12fa3999b552..a8741f7a8f59 100644 --- a/source/common/upstream/static_cluster.cc +++ b/source/common/upstream/static_cluster.cc @@ -1,4 +1,4 @@ -#include "common/upstream/static_cluster.h" +#include "source/common/upstream/static_cluster.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" @@ -15,12 +15,8 @@ StaticClusterImpl::StaticClusterImpl( factory_context.dispatcher().timeSource()), priority_state_manager_( new PriorityStateManager(*this, factory_context.localInfo(), nullptr)) { - // TODO(dio): Use by-reference when cluster.hosts() is removed. - const envoy::config::endpoint::v3::ClusterLoadAssignment cluster_load_assignment( - cluster.has_load_assignment() - ? cluster.load_assignment() - : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())); - + const envoy::config::endpoint::v3::ClusterLoadAssignment& cluster_load_assignment = + cluster.load_assignment(); overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT( cluster_load_assignment.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor); diff --git a/source/common/upstream/static_cluster.h b/source/common/upstream/static_cluster.h index b5de7b76b8dd..a6c710ac6aec 100644 --- a/source/common/upstream/static_cluster.h +++ b/source/common/upstream/static_cluster.h @@ -2,8 +2,8 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -34,8 +34,7 @@ class StaticClusterImpl : public ClusterImplBase { */ class StaticClusterFactory : public ClusterFactoryImplBase { public: - StaticClusterFactory() - : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().Static) {} + StaticClusterFactory() : ClusterFactoryImplBase("envoy.cluster.static") {} private: std::pair createClusterImpl( diff --git a/source/common/upstream/strict_dns_cluster.cc b/source/common/upstream/strict_dns_cluster.cc index 726070b6389b..6663f63cd9e5 100644 --- a/source/common/upstream/strict_dns_cluster.cc +++ b/source/common/upstream/strict_dns_cluster.cc @@ -1,4 +1,4 @@ -#include "common/upstream/strict_dns_cluster.h" +#include "source/common/upstream/strict_dns_cluster.h" #include "envoy/common/exception.h" #include "envoy/config/cluster/v3/cluster.pb.h" @@ -15,11 +15,8 @@ StrictDnsClusterImpl::StrictDnsClusterImpl( Stats::ScopePtr&& stats_scope, bool added_via_api) : BaseDynamicClusterImpl(cluster, runtime, factory_context, std::move(stats_scope), added_via_api, factory_context.dispatcher().timeSource()), - load_assignment_{ - cluster.has_load_assignment() - ? cluster.load_assignment() - : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())}, - local_info_(factory_context.localInfo()), dns_resolver_(dns_resolver), + load_assignment_(cluster.load_assignment()), local_info_(factory_context.localInfo()), + dns_resolver_(dns_resolver), dns_refresh_rate_ms_( std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000))), respect_dns_ttl_(cluster.respect_dns_ttl()) { diff --git a/source/common/upstream/strict_dns_cluster.h b/source/common/upstream/strict_dns_cluster.h index 6895c411a5fb..6be3a83f436e 100644 --- a/source/common/upstream/strict_dns_cluster.h +++ b/source/common/upstream/strict_dns_cluster.h @@ -3,8 +3,8 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Upstream { @@ -70,8 +70,7 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl { */ class StrictDnsClusterFactory : public ClusterFactoryImplBase { public: - StrictDnsClusterFactory() - : ClusterFactoryImplBase(Extensions::Clusters::ClusterTypes::get().StrictDns) {} + StrictDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.strict_dns") {} private: std::pair createClusterImpl( diff --git a/source/common/upstream/subset_lb.cc b/source/common/upstream/subset_lb.cc index 65fc2d241c6a..95cbf16af8cb 100644 --- a/source/common/upstream/subset_lb.cc +++ b/source/common/upstream/subset_lb.cc @@ -1,4 +1,4 @@ -#include "common/upstream/subset_lb.h" +#include "source/common/upstream/subset_lb.h" #include @@ -6,13 +6,13 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/runtime/runtime.h" -#include "common/common/assert.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/utility.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/maglev_lb.h" -#include "common/upstream/ring_hash_lb.h" +#include "source/common/common/assert.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/maglev_lb.h" +#include "source/common/upstream/ring_hash_lb.h" #include "absl/container/node_hash_set.h" diff --git a/source/common/upstream/subset_lb.h b/source/common/upstream/subset_lb.h index 87b08ae115b8..c84c572d78ba 100644 --- a/source/common/upstream/subset_lb.h +++ b/source/common/upstream/subset_lb.h @@ -10,10 +10,10 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/load_balancer.h" -#include "common/common/macros.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/upstream_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" diff --git a/source/common/upstream/thread_aware_lb_impl.cc b/source/common/upstream/thread_aware_lb_impl.cc index 1a4141fb85c8..888f63a3789f 100644 --- a/source/common/upstream/thread_aware_lb_impl.cc +++ b/source/common/upstream/thread_aware_lb_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/thread_aware_lb_impl.h" +#include "source/common/upstream/thread_aware_lb_impl.h" #include #include diff --git a/source/common/upstream/thread_aware_lb_impl.h b/source/common/upstream/thread_aware_lb_impl.h index 97895e8e2d85..38c04e99b501 100644 --- a/source/common/upstream/thread_aware_lb_impl.h +++ b/source/common/upstream/thread_aware_lb_impl.h @@ -3,10 +3,10 @@ #include "envoy/common/callback.h" #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/common/logger.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/upstream/load_balancer_impl.h" #include "absl/strings/string_view.h" #include "absl/synchronization/mutex.h" diff --git a/source/common/upstream/transport_socket_match_impl.cc b/source/common/upstream/transport_socket_match_impl.cc index 7d425dd4a53c..57e8f140a94b 100644 --- a/source/common/upstream/transport_socket_match_impl.cc +++ b/source/common/upstream/transport_socket_match_impl.cc @@ -1,10 +1,10 @@ -#include "common/upstream/transport_socket_match_impl.h" +#include "source/common/upstream/transport_socket_match_impl.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/server/transport_socket_config.h" -#include "common/config/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/transport_socket_match_impl.h b/source/common/upstream/transport_socket_match_impl.h index f3fb2ab173e4..83ffb41774c9 100644 --- a/source/common/upstream/transport_socket_match_impl.h +++ b/source/common/upstream/transport_socket_match_impl.h @@ -11,10 +11,10 @@ #include "envoy/upstream/host_description.h" #include "envoy/upstream/upstream.h" -#include "common/common/logger.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/logger.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Upstream { diff --git a/source/common/upstream/upstream_impl.cc b/source/common/upstream/upstream_impl.cc index a4dbd0eeb21a..d710972e0031 100644 --- a/source/common/upstream/upstream_impl.cc +++ b/source/common/upstream/upstream_impl.cc @@ -1,4 +1,4 @@ -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/upstream_impl.h" #include #include @@ -28,30 +28,28 @@ #include "envoy/upstream/health_checker.h" #include "envoy/upstream/upstream.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/utility.h" -#include "common/network/address_impl.h" -#include "common/network/resolver_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/router/config_utility.h" -#include "common/runtime/runtime_features.h" -#include "common/runtime/runtime_impl.h" -#include "common/upstream/eds.h" -#include "common/upstream/health_checker_impl.h" -#include "common/upstream/logical_dns_cluster.h" -#include "common/upstream/original_dst_cluster.h" - -#include "server/transport_socket_config_impl.h" - -#include "extensions/filters/network/common/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/upstream/eds.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/common/upstream/logical_dns_cluster.h" +#include "source/common/upstream/original_dst_cluster.h" +#include "source/extensions/filters/network/common/utility.h" +#include "source/server/transport_socket_config_impl.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_cat.h" diff --git a/source/common/upstream/upstream_impl.h b/source/common/upstream/upstream_impl.h index 18c8d8ce832d..6d62a26b6be6 100644 --- a/source/common/upstream/upstream_impl.h +++ b/source/common/upstream/upstream_impl.h @@ -37,27 +37,25 @@ #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" -#include "common/common/callback_impl.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/http3/codec_stats.h" -#include "common/init/manager_impl.h" -#include "common/network/utility.h" -#include "common/shared_pool/shared_pool.h" -#include "common/stats/isolated_store_impl.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/outlier_detection_impl.h" -#include "common/upstream/resource_manager_impl.h" -#include "common/upstream/transport_socket_match_impl.h" - -#include "server/transport_socket_config_impl.h" - -#include "extensions/upstreams/http/config.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/http3/codec_stats.h" +#include "source/common/init/manager_impl.h" +#include "source/common/network/utility.h" +#include "source/common/shared_pool/shared_pool.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/outlier_detection_impl.h" +#include "source/common/upstream/resource_manager_impl.h" +#include "source/common/upstream/transport_socket_match_impl.h" +#include "source/extensions/upstreams/http/config.h" +#include "source/server/transport_socket_config_impl.h" #include "absl/container/node_hash_set.h" #include "absl/synchronization/mutex.h" @@ -132,6 +130,9 @@ class HostDescriptionImpl : virtual public HostDescription, const std::string& hostnameForHealthChecks() const override { return health_checks_hostname_; } const std::string& hostname() const override { return hostname_; } Network::Address::InstanceConstSharedPtr address() const override { return address_; } + const std::vector& addressList() const override { + return address_list_; + } Network::Address::InstanceConstSharedPtr healthCheckAddress() const override { return health_check_address_; } @@ -166,6 +167,7 @@ class HostDescriptionImpl : virtual public HostDescription, const std::string hostname_; const std::string health_checks_hostname_; Network::Address::InstanceConstSharedPtr address_; + std::vector address_list_; Network::Address::InstanceConstSharedPtr health_check_address_; std::atomic canary_; mutable absl::Mutex metadata_mutex_; diff --git a/source/common/version/api_version.h b/source/common/version/api_version.h index 10681596c44e..38e36a20f0f5 100644 --- a/source/common/version/api_version.h +++ b/source/common/version/api_version.h @@ -1,10 +1,10 @@ #pragma once -#include "common/version/api_version_struct.h" +#include "source/common/version/api_version_struct.h" // Defines the ApiVersion current version (Envoy::api_version), and oldest // version (Envoy::oldest_api_version). -#include "common/version/api_version_number.h" +#include "source/common/version/api_version_number.h" namespace Envoy { diff --git a/source/common/version/version.cc b/source/common/version/version.cc index f1d80c8e19e4..1d0b3ff7d05b 100644 --- a/source/common/version/version.cc +++ b/source/common/version/version.cc @@ -1,12 +1,12 @@ -#include "common/version/version.h" +#include "source/common/version/version.h" #include #include #include -#include "common/common/fmt.h" -#include "common/common/macros.h" -#include "common/protobuf/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/utility.h" #include "absl/strings/numbers.h" #include "absl/strings/str_split.h" diff --git a/source/common/version/version.h b/source/common/version/version.h index 345ef2714c06..a1ed1a5e2d20 100644 --- a/source/common/version/version.h +++ b/source/common/version/version.h @@ -4,8 +4,8 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/singleton/const_singleton.h" -#include "common/version/version_number.h" +#include "source/common/singleton/const_singleton.h" +#include "source/common/version/version_number.h" namespace Envoy { diff --git a/source/common/watchdog/BUILD b/source/common/watchdog/BUILD index db6b6162ba75..21fbfd3302ce 100644 --- a/source/common/watchdog/BUILD +++ b/source/common/watchdog/BUILD @@ -13,9 +13,9 @@ envoy_cc_library( srcs = ["abort_action.cc"], hdrs = ["abort_action.h"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/server:guarddog_config_interface", - "//include/envoy/thread:thread_interface", + "//envoy/common:time_interface", + "//envoy/server:guarddog_config_interface", + "//envoy/thread:thread_interface", "//source/common/common:assert_lib", "//source/common/protobuf:utility_lib", "//source/common/thread:terminate_thread_lib", @@ -29,7 +29,7 @@ envoy_cc_library( hdrs = ["abort_action_config.h"], deps = [ ":abort_action_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf", "//source/common/protobuf:message_validator_lib", diff --git a/source/common/watchdog/abort_action.cc b/source/common/watchdog/abort_action.cc index d629b0bce70e..daa405fdda24 100644 --- a/source/common/watchdog/abort_action.cc +++ b/source/common/watchdog/abort_action.cc @@ -1,12 +1,12 @@ -#include "common/watchdog/abort_action.h" +#include "source/common/watchdog/abort_action.h" #include "envoy/thread/thread.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/protobuf/utility.h" -#include "common/thread/terminate_thread.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/utility.h" +#include "source/common/thread/terminate_thread.h" namespace Envoy { namespace Watchdog { diff --git a/source/common/watchdog/abort_action_config.cc b/source/common/watchdog/abort_action_config.cc index 916864386ace..ad775743598a 100644 --- a/source/common/watchdog/abort_action_config.cc +++ b/source/common/watchdog/abort_action_config.cc @@ -1,10 +1,10 @@ -#include "common/watchdog/abort_action_config.h" +#include "source/common/watchdog/abort_action_config.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/watchdog/abort_action.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/watchdog/abort_action.h" namespace Envoy { namespace Watchdog { diff --git a/source/common/watchdog/abort_action_config.h b/source/common/watchdog/abort_action_config.h index 27f65ea16b60..54f2169bf15f 100644 --- a/source/common/watchdog/abort_action_config.h +++ b/source/common/watchdog/abort_action_config.h @@ -3,7 +3,7 @@ #include "envoy/server/guarddog_config.h" #include "envoy/watchdog/v3alpha/abort_action.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Watchdog { diff --git a/source/docs/http3_upstream.md b/source/docs/http3_upstream.md index bd36afaa9640..456998e949ab 100644 --- a/source/docs/http3_upstream.md +++ b/source/docs/http3_upstream.md @@ -42,6 +42,12 @@ sent to the mixed pool, and whichever succeeds first will be passed back up to t Specific Envoy configuration is required in order to enable the previously described components. +#### Alternate Protocols Cache Filter + +The Alternate Protocols Cache Filter must be enabled in order for alt-svc headers to be parsed +and stored in the cache, and the `alternate_protocols_cache_options` field must be specified +in the filter config. + #### Auto Cluster Pool The "Auto" must be enabled via the Upstream `HttpProtocolOptions` message. The @@ -50,4 +56,5 @@ all three protocols: HTTP/1, HTTP/2 and HTTP/3. #### Alternate Protocols Cache Options -In addition, the `alternate_protocols_cache_options` field must be specified. +In addition, the `alternate_protocols_cache_options` field must be specified in +`upstream_protocol_options` and the value must match that in the filter config. diff --git a/source/docs/response_header_transforms.md b/source/docs/response_header_transforms.md index 33390129ebc7..0d0ca01116b1 100644 --- a/source/docs/response_header_transforms.md +++ b/source/docs/response_header_transforms.md @@ -26,3 +26,6 @@ Http::FilterHeadersStatus MyFilter::decodeHeaders( "local_reply"); } ``` + +If you want to retrieve the original values rather than the formatted ones, pass +`/*do_formatting=*/false` as the second argument to `responseHeaderTransforms`. diff --git a/source/exe/BUILD b/source/exe/BUILD index f7ac0c912ff5..f3fb551eb83a 100644 --- a/source/exe/BUILD +++ b/source/exe/BUILD @@ -111,7 +111,7 @@ envoy_cc_library( ":envoy_common_with_core_extensions_lib", ":platform_impl_lib", ":process_wide_lib", - "//include/envoy/server:platform_interface", + "//envoy/server:platform_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:compiler_requirements_lib", "//source/common/common:perf_annotation_lib", @@ -151,7 +151,7 @@ envoy_cc_library( name = "platform_header_lib", hdrs = ["platform_impl.h"], deps = [ - "//include/envoy/server:platform_interface", + "//envoy/server:platform_interface", ], ) @@ -203,6 +203,7 @@ envoy_cc_library( ], "//conditions:default": [], }), + include_prefix = "source/exe", strip_include_prefix = select({ "//bazel:windows_x86_64": "win32", "//conditions:default": "", diff --git a/source/exe/linux/platform_impl.cc b/source/exe/linux/platform_impl.cc index 60e2ae80914a..a1c04243eb77 100644 --- a/source/exe/linux/platform_impl.cc +++ b/source/exe/linux/platform_impl.cc @@ -4,10 +4,9 @@ #include -#include "common/common/thread_impl.h" -#include "common/filesystem/filesystem_impl.h" - -#include "exe/platform_impl.h" +#include "source/common/common/thread_impl.h" +#include "source/common/filesystem/filesystem_impl.h" +#include "source/exe/platform_impl.h" namespace Envoy { diff --git a/source/exe/main.cc b/source/exe/main.cc index 0737d3e1d22e..d1c1ba8d40a9 100644 --- a/source/exe/main.cc +++ b/source/exe/main.cc @@ -1,7 +1,7 @@ -#include "exe/main_common.h" +#include "source/exe/main_common.h" #ifdef WIN32 -#include "exe/service_base.h" +#include "source/exe/service_base.h" #endif // NOLINT(namespace-envoy) diff --git a/source/exe/main_common.cc b/source/exe/main_common.cc index 2051c22b0a51..2db8fca337e3 100644 --- a/source/exe/main_common.cc +++ b/source/exe/main_common.cc @@ -1,4 +1,4 @@ -#include "exe/main_common.h" +#include "source/exe/main_common.h" #include #include @@ -7,26 +7,24 @@ #include "envoy/config/listener/v3/listener.pb.h" -#include "common/common/compiler_requirements.h" -#include "common/common/logger.h" -#include "common/common/perf_annotation.h" -#include "common/network/utility.h" -#include "common/stats/thread_local_store.h" - -#include "exe/platform_impl.h" - -#include "server/config_validation/server.h" -#include "server/drain_manager_impl.h" -#include "server/hot_restart_nop_impl.h" -#include "server/listener_hooks.h" -#include "server/options_impl.h" -#include "server/server.h" +#include "source/common/common/compiler_requirements.h" +#include "source/common/common/logger.h" +#include "source/common/common/perf_annotation.h" +#include "source/common/network/utility.h" +#include "source/common/stats/thread_local_store.h" +#include "source/exe/platform_impl.h" +#include "source/server/config_validation/server.h" +#include "source/server/drain_manager_impl.h" +#include "source/server/hot_restart_nop_impl.h" +#include "source/server/listener_hooks.h" +#include "source/server/options_impl.h" +#include "source/server/server.h" #include "absl/debugging/symbolize.h" #include "absl/strings/str_split.h" #ifdef ENVOY_HOT_RESTART -#include "server/hot_restart_impl.h" +#include "source/server/hot_restart_impl.h" #endif namespace Envoy { diff --git a/source/exe/main_common.h b/source/exe/main_common.h index 60ef44d42997..d61ecdac4ee0 100644 --- a/source/exe/main_common.h +++ b/source/exe/main_common.h @@ -4,22 +4,20 @@ #include "envoy/runtime/runtime.h" #include "envoy/server/platform.h" -#include "common/common/thread.h" -#include "common/event/real_time_system.h" -#include "common/grpc/google_grpc_context.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/thread_local/thread_local_impl.h" - -#include "exe/process_wide.h" - -#include "server/listener_hooks.h" -#include "server/options_impl.h" -#include "server/server.h" +#include "source/common/common/thread.h" +#include "source/common/event/real_time_system.h" +#include "source/common/grpc/google_grpc_context.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/thread_local/thread_local_impl.h" +#include "source/exe/process_wide.h" +#include "source/server/listener_hooks.h" +#include "source/server/options_impl.h" +#include "source/server/server.h" #ifdef ENVOY_HANDLE_SIGNALS -#include "common/signal/signal_action.h" -#include "exe/terminate_handler.h" +#include "source/common/signal/signal_action.h" +#include "source/exe/terminate_handler.h" #endif namespace Envoy { diff --git a/source/exe/posix/platform_impl.cc b/source/exe/posix/platform_impl.cc index 730280c4bd96..391d3be940ae 100644 --- a/source/exe/posix/platform_impl.cc +++ b/source/exe/posix/platform_impl.cc @@ -1,7 +1,6 @@ -#include "common/common/thread_impl.h" -#include "common/filesystem/filesystem_impl.h" - -#include "exe/platform_impl.h" +#include "source/common/common/thread_impl.h" +#include "source/common/filesystem/filesystem_impl.h" +#include "source/exe/platform_impl.h" namespace Envoy { diff --git a/source/exe/process_wide.cc b/source/exe/process_wide.cc index 219921c081bb..48512525bc5f 100644 --- a/source/exe/process_wide.cc +++ b/source/exe/process_wide.cc @@ -1,10 +1,9 @@ -#include "exe/process_wide.h" +#include "source/exe/process_wide.h" -#include "common/common/assert.h" -#include "common/event/libevent.h" -#include "common/http/http2/nghttp2.h" - -#include "server/proto_descriptors.h" +#include "source/common/common/assert.h" +#include "source/common/event/libevent.h" +#include "source/common/http/http2/nghttp2.h" +#include "source/server/proto_descriptors.h" #include "ares.h" diff --git a/source/exe/terminate_handler.cc b/source/exe/terminate_handler.cc index 262ebbfbf0b6..74c68e2076f2 100644 --- a/source/exe/terminate_handler.cc +++ b/source/exe/terminate_handler.cc @@ -1,10 +1,9 @@ -#include "exe/terminate_handler.h" +#include "source/exe/terminate_handler.h" #include -#include "common/common/logger.h" - -#include "server/backtrace.h" +#include "source/common/common/logger.h" +#include "source/server/backtrace.h" namespace Envoy { diff --git a/source/exe/terminate_handler.h b/source/exe/terminate_handler.h index e862031af651..62ddfe587673 100644 --- a/source/exe/terminate_handler.h +++ b/source/exe/terminate_handler.h @@ -2,8 +2,8 @@ #include -#include "common/common/logger.h" -#include "common/common/non_copyable.h" +#include "source/common/common/logger.h" +#include "source/common/common/non_copyable.h" namespace Envoy { diff --git a/source/exe/win32/platform_impl.cc b/source/exe/win32/platform_impl.cc index 4b10bece2bbf..8b788a60e586 100644 --- a/source/exe/win32/platform_impl.cc +++ b/source/exe/win32/platform_impl.cc @@ -1,13 +1,12 @@ #include #include -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/thread_impl.h" -#include "common/event/signal_impl.h" -#include "common/filesystem/filesystem_impl.h" - -#include "exe/platform_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread_impl.h" +#include "source/common/event/signal_impl.h" +#include "source/common/filesystem/filesystem_impl.h" +#include "source/exe/platform_impl.h" namespace Envoy { diff --git a/source/exe/win32/service_base.cc b/source/exe/win32/service_base.cc index e5e3298c667a..0c226a8acf63 100644 --- a/source/exe/win32/service_base.cc +++ b/source/exe/win32/service_base.cc @@ -1,13 +1,12 @@ #include #include -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/thread.h" -#include "common/event/signal_impl.h" - -#include "exe/main_common.h" -#include "exe/service_base.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread.h" +#include "source/common/event/signal_impl.h" +#include "source/exe/main_common.h" +#include "source/exe/service_base.h" #include "absl/debugging/symbolize.h" diff --git a/source/exe/win32/service_base.h b/source/exe/win32/service_base.h index ed48c2ac7430..14bd8498ddd7 100644 --- a/source/exe/win32/service_base.h +++ b/source/exe/win32/service_base.h @@ -9,9 +9,8 @@ #include "envoy/event/signal.h" -#include "common/common/win32/event_logger_impl.h" - -#include "exe/service_status.h" +#include "source/common/common/win32/event_logger_impl.h" +#include "source/exe/service_status.h" namespace Envoy { class ServiceBase { diff --git a/source/extensions/BUILD b/source/extensions/BUILD index 779d1695d3b7..5d4f6c8a9b74 100644 --- a/source/extensions/BUILD +++ b/source/extensions/BUILD @@ -1 +1,6 @@ licenses(["notice"]) # Apache 2 + +exports_files([ + "extensions_metadata.yaml", + "extensions_build_config.bzl", +]) diff --git a/source/extensions/access_loggers/BUILD b/source/extensions/access_loggers/BUILD index 40a5e79b39d3..90e061ad8da3 100644 --- a/source/extensions/access_loggers/BUILD +++ b/source/extensions/access_loggers/BUILD @@ -1,19 +1,8 @@ load( "//bazel:envoy_build_system.bzl", - "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/access_loggers/common/BUILD b/source/extensions/access_loggers/common/BUILD index 669f7149cd2a..d7968b6e0560 100644 --- a/source/extensions/access_loggers/common/BUILD +++ b/source/extensions/access_loggers/common/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( srcs = ["access_log_base.cc"], hdrs = ["access_log_base.h"], deps = [ - "//include/envoy/access_log:access_log_interface", + "//envoy/access_log:access_log_interface", "//source/common/access_log:access_log_lib", "//source/common/http:header_map_lib", "//source/common/singleton:const_singleton", @@ -49,11 +49,11 @@ envoy_cc_library( name = "grpc_access_logger", hdrs = ["grpc_access_logger.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/singleton:instance_interface", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/grpc:typed_async_client_lib", "//source/common/protobuf:utility_lib", diff --git a/source/extensions/access_loggers/common/access_log_base.cc b/source/extensions/access_loggers/common/access_log_base.cc index 0323013d6350..f5ed7675f85f 100644 --- a/source/extensions/access_loggers/common/access_log_base.cc +++ b/source/extensions/access_loggers/common/access_log_base.cc @@ -1,7 +1,7 @@ -#include "extensions/access_loggers/common/access_log_base.h" +#include "source/extensions/access_loggers/common/access_log_base.h" -#include "common/http/header_map_impl.h" -#include "common/singleton/const_singleton.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/common/access_log_base.h b/source/extensions/access_loggers/common/access_log_base.h index 4fc1aae87d6c..5ae041c72951 100644 --- a/source/extensions/access_loggers/common/access_log_base.h +++ b/source/extensions/access_loggers/common/access_log_base.h @@ -8,8 +8,8 @@ #include "envoy/runtime/runtime.h" #include "envoy/server/access_log_config.h" -#include "common/http/header_utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/http/header_utility.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/common/file_access_log_impl.cc b/source/extensions/access_loggers/common/file_access_log_impl.cc index 37f2698057dc..9b074362e55a 100644 --- a/source/extensions/access_loggers/common/file_access_log_impl.cc +++ b/source/extensions/access_loggers/common/file_access_log_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/common/file_access_log_impl.h b/source/extensions/access_loggers/common/file_access_log_impl.h index b44b2999582f..6a4f0daf7df9 100644 --- a/source/extensions/access_loggers/common/file_access_log_impl.h +++ b/source/extensions/access_loggers/common/file_access_log_impl.h @@ -1,8 +1,7 @@ #pragma once -#include "common/formatter/substitution_formatter.h" - -#include "extensions/access_loggers/common/access_log_base.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/extensions/access_loggers/common/access_log_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/common/grpc_access_logger.h b/source/extensions/access_loggers/common/grpc_access_logger.h index 9fa38a4491b4..91e634d499b0 100644 --- a/source/extensions/access_loggers/common/grpc_access_logger.h +++ b/source/extensions/access_loggers/common/grpc_access_logger.h @@ -9,9 +9,9 @@ #include "envoy/stats/scope.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/assert.h" -#include "common/grpc/typed_async_client.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/common/protobuf/utility.h" #include "absl/container/flat_hash_map.h" #include "absl/types/optional.h" diff --git a/source/extensions/access_loggers/common/stream_access_log_common_impl.h b/source/extensions/access_loggers/common/stream_access_log_common_impl.h index feec726dc834..d93904645eb3 100644 --- a/source/extensions/access_loggers/common/stream_access_log_common_impl.h +++ b/source/extensions/access_loggers/common/stream_access_log_common_impl.h @@ -2,10 +2,9 @@ #include "envoy/server/access_log_config.h" -#include "common/formatter/substitution_format_string.h" -#include "common/formatter/substitution_formatter.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" namespace Envoy { namespace Extensions { @@ -19,8 +18,8 @@ createStreamAccessLogInstance(const Protobuf::Message& config, AccessLog::Filter MessageUtil::downcastAndValidate(config, context.messageValidationVisitor()); Formatter::FormatterPtr formatter; if (fal_config.access_log_format_case() == T::AccessLogFormatCase::kLogFormat) { - formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), - context.api()); + formatter = + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context); } else if (fal_config.access_log_format_case() == T::AccessLogFormatCase::ACCESS_LOG_FORMAT_NOT_SET) { formatter = Formatter::SubstitutionFormatUtils::defaultSubstitutionFormatter(); diff --git a/source/extensions/access_loggers/file/BUILD b/source/extensions/access_loggers/file/BUILD index 4fc1a97c8bfb..b0f1c2df0ea6 100644 --- a/source/extensions/access_loggers/file/BUILD +++ b/source/extensions/access_loggers/file/BUILD @@ -15,18 +15,15 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.access_loggers", # TODO(#9953) determine if this is core or should be cleaned up. extra_visibility = [ "//test:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:config_provider_lib", "//source/common/formatter:substitution_format_string_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/common:file_access_log_lib", "@envoy_api//envoy/extensions/access_loggers/file/v3:pkg_cc_proto", ], diff --git a/source/extensions/access_loggers/file/config.cc b/source/extensions/access_loggers/file/config.cc index 5eaacb5a37e1..2f8f138fcdd7 100644 --- a/source/extensions/access_loggers/file/config.cc +++ b/source/extensions/access_loggers/file/config.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/file/config.h" +#include "source/extensions/access_loggers/file/config.h" #include @@ -7,14 +7,12 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" -#include "common/config/utility.h" -#include "common/formatter/substitution_format_string.h" -#include "common/formatter/substitution_formatter.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/common/logger.h" +#include "source/common/config/utility.h" +#include "source/common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" namespace Envoy { namespace Extensions { @@ -36,8 +34,7 @@ AccessLog::InstanceSharedPtr FileAccessLogFactory::createAccessLogInstance( } else { envoy::config::core::v3::SubstitutionFormatString sff_config; sff_config.mutable_text_format_source()->set_inline_string(fal_config.format()); - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context.api()); + formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); } break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kJsonFormat: @@ -48,13 +45,12 @@ AccessLog::InstanceSharedPtr FileAccessLogFactory::createAccessLogInstance( kTypedJsonFormat: { envoy::config::core::v3::SubstitutionFormatString sff_config; *sff_config.mutable_json_format() = fal_config.typed_json_format(); - formatter = - Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context.api()); + formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(sff_config, context); break; } case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase::kLogFormat: - formatter = Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), - context.api()); + formatter = + Formatter::SubstitutionFormatStringUtils::fromProtoConfig(fal_config.log_format(), context); break; case envoy::extensions::access_loggers::file::v3::FileAccessLog::AccessLogFormatCase:: ACCESS_LOG_FORMAT_NOT_SET: @@ -72,7 +68,7 @@ ProtobufTypes::MessagePtr FileAccessLogFactory::createEmptyConfigProto() { new envoy::extensions::access_loggers::file::v3::FileAccessLog()}; } -std::string FileAccessLogFactory::name() const { return AccessLogNames::get().File; } +std::string FileAccessLogFactory::name() const { return "envoy.access_loggers.file"; } /** * Static registration for the file access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/grpc/BUILD b/source/extensions/access_loggers/grpc/BUILD index ebffc533ba20..1174056f7b79 100644 --- a/source/extensions/access_loggers/grpc/BUILD +++ b/source/extensions/access_loggers/grpc/BUILD @@ -18,9 +18,9 @@ envoy_cc_library( hdrs = ["config_utils.h"], deps = [ ":grpc_access_log_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//include/envoy/singleton:instance_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", + "//envoy/singleton:instance_interface", ], ) @@ -29,10 +29,10 @@ envoy_cc_library( srcs = ["grpc_access_log_impl.cc"], hdrs = ["grpc_access_log_impl.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/config:utility_lib", "//source/common/grpc:typed_async_client_lib", "//source/extensions/access_loggers/common:grpc_access_logger", @@ -47,7 +47,7 @@ envoy_cc_library( srcs = ["grpc_access_log_utils.cc"], hdrs = ["grpc_access_log_utils.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/network:utility_lib", "//source/common/stream_info:stream_info_lib", "//source/common/stream_info:utility_lib", @@ -97,20 +97,17 @@ envoy_cc_extension( name = "http_config", srcs = ["http_config.cc"], hdrs = ["http_config.h"], - category = "envoy.access_loggers", # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ ":config_utils", - "//include/envoy/server:access_log_config_interface", + "//envoy/server:access_log_config_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/grpc:grpc_access_log_proto_descriptors_lib", "//source/extensions/access_loggers/grpc:http_grpc_access_log_lib", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", @@ -121,20 +118,17 @@ envoy_cc_extension( name = "tcp_config", srcs = ["tcp_config.cc"], hdrs = ["tcp_config.h"], - category = "envoy.access_loggers", # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ ":config_utils", - "//include/envoy/server:access_log_config_interface", + "//envoy/server:access_log_config_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/grpc:grpc_access_log_proto_descriptors_lib", "//source/extensions/access_loggers/grpc:tcp_grpc_access_log_lib", "@envoy_api//envoy/extensions/access_loggers/grpc/v3:pkg_cc_proto", diff --git a/source/extensions/access_loggers/grpc/config_utils.cc b/source/extensions/access_loggers/grpc/config_utils.cc index b09bf2735bcf..0010109617cd 100644 --- a/source/extensions/access_loggers/grpc/config_utils.cc +++ b/source/extensions/access_loggers/grpc/config_utils.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/grpc/config_utils.h" +#include "source/extensions/access_loggers/grpc/config_utils.h" #include "envoy/singleton/manager.h" diff --git a/source/extensions/access_loggers/grpc/config_utils.h b/source/extensions/access_loggers/grpc/config_utils.h index 7d7e5082f848..561d941784a2 100644 --- a/source/extensions/access_loggers/grpc/config_utils.h +++ b/source/extensions/access_loggers/grpc/config_utils.h @@ -2,7 +2,7 @@ #include "envoy/server/filter_config.h" -#include "extensions/access_loggers/grpc/grpc_access_log_impl.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/grpc_access_log_impl.cc b/source/extensions/access_loggers/grpc/grpc_access_log_impl.cc index 8543e533a1a1..3c14627c3c96 100644 --- a/source/extensions/access_loggers/grpc/grpc_access_log_impl.cc +++ b/source/extensions/access_loggers/grpc/grpc_access_log_impl.cc @@ -1,12 +1,12 @@ -#include "extensions/access_loggers/grpc/grpc_access_log_impl.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_impl.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/local_info/local_info.h" -#include "common/config/utility.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/typed_async_client.h" const char GRPC_LOG_STATS_PREFIX[] = "access_logs.grpc_access_log."; diff --git a/source/extensions/access_loggers/grpc/grpc_access_log_impl.h b/source/extensions/access_loggers/grpc/grpc_access_log_impl.h index 0ab9628deb81..5aef1e3edcf9 100644 --- a/source/extensions/access_loggers/grpc/grpc_access_log_impl.h +++ b/source/extensions/access_loggers/grpc/grpc_access_log_impl.h @@ -10,7 +10,7 @@ #include "envoy/service/accesslog/v3/als.pb.h" #include "envoy/thread_local/thread_local.h" -#include "extensions/access_loggers/common/grpc_access_logger.h" +#include "source/extensions/access_loggers/common/grpc_access_logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.cc b/source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.cc index 67dd0585bc55..e9346911355a 100644 --- a/source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.cc +++ b/source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.cc @@ -1,8 +1,8 @@ -#include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/grpc_access_log_utils.cc b/source/extensions/access_loggers/grpc/grpc_access_log_utils.cc index 84784c34ada8..845412359782 100644 --- a/source/extensions/access_loggers/grpc/grpc_access_log_utils.cc +++ b/source/extensions/access_loggers/grpc/grpc_access_log_utils.cc @@ -1,10 +1,10 @@ -#include "extensions/access_loggers/grpc/grpc_access_log_utils.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_utils.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/upstream/upstream.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { @@ -37,7 +37,7 @@ void Utility::responseFlagsToAccessLogResponseFlags( envoy::data::accesslog::v3::AccessLogCommon& common_access_log, const StreamInfo::StreamInfo& stream_info) { - static_assert(StreamInfo::ResponseFlag::LastFlag == 0x1000000, + static_assert(StreamInfo::ResponseFlag::LastFlag == 0x2000000, "A flag has been added. Fix this code."); if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::FailedLocalHealthCheck)) { @@ -140,6 +140,10 @@ void Utility::responseFlagsToAccessLogResponseFlags( if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::NoClusterFound)) { common_access_log.mutable_response_flags()->set_no_cluster_found(true); } + + if (stream_info.hasResponseFlag(StreamInfo::ResponseFlag::OverloadManager)) { + common_access_log.mutable_response_flags()->set_overload_manager(true); + } } void Utility::extractCommonAccessLogProperties( diff --git a/source/extensions/access_loggers/grpc/http_config.cc b/source/extensions/access_loggers/grpc/http_config.cc index ae3ca564dc4f..4d333f6d91fd 100644 --- a/source/extensions/access_loggers/grpc/http_config.cc +++ b/source/extensions/access_loggers/grpc/http_config.cc @@ -1,19 +1,17 @@ -#include "extensions/access_loggers/grpc/http_config.h" +#include "source/extensions/access_loggers/grpc/http_config.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/grpc/async_client_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/grpc/config_utils.h" -#include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" -#include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/grpc/config_utils.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" +#include "source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h" namespace Envoy { namespace Extensions { @@ -38,7 +36,7 @@ ProtobufTypes::MessagePtr HttpGrpcAccessLogFactory::createEmptyConfigProto() { return std::make_unique(); } -std::string HttpGrpcAccessLogFactory::name() const { return AccessLogNames::get().HttpGrpc; } +std::string HttpGrpcAccessLogFactory::name() const { return "envoy.access_loggers.http_grpc"; } /** * Static registration for the HTTP gRPC access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.cc b/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.cc index 64d3a283d13b..cb37f1315efd 100644 --- a/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.cc +++ b/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.cc @@ -1,16 +1,15 @@ -#include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" +#include "source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/http/headers.h" -#include "common/network/utility.h" -#include "common/stream_info/utility.h" - -#include "extensions/access_loggers/grpc/grpc_access_log_utils.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/http/headers.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/utility.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h b/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h index fcae58bd5f10..d403596f8dec 100644 --- a/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h +++ b/source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h @@ -10,10 +10,9 @@ #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" -#include "common/grpc/typed_async_client.h" - -#include "extensions/access_loggers/common/access_log_base.h" -#include "extensions/access_loggers/grpc/grpc_access_log_impl.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/extensions/access_loggers/common/access_log_base.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/tcp_config.cc b/source/extensions/access_loggers/grpc/tcp_config.cc index e93d6989c9bf..185a76e934d8 100644 --- a/source/extensions/access_loggers/grpc/tcp_config.cc +++ b/source/extensions/access_loggers/grpc/tcp_config.cc @@ -1,19 +1,17 @@ -#include "extensions/access_loggers/grpc/tcp_config.h" +#include "source/extensions/access_loggers/grpc/tcp_config.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/grpc/async_client_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/grpc/config_utils.h" -#include "extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" -#include "extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/grpc/config_utils.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_proto_descriptors.h" +#include "source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" namespace Envoy { namespace Extensions { @@ -38,7 +36,7 @@ ProtobufTypes::MessagePtr TcpGrpcAccessLogFactory::createEmptyConfigProto() { return std::make_unique(); } -std::string TcpGrpcAccessLogFactory::name() const { return AccessLogNames::get().TcpGrpc; } +std::string TcpGrpcAccessLogFactory::name() const { return "envoy.access_loggers.tcp_grpc"; } /** * Static registration for the TCP gRPC access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.cc b/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.cc index 85c2b258cbb9..c475f134a7b6 100644 --- a/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.cc +++ b/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.cc @@ -1,14 +1,13 @@ -#include "extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" +#include "source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h" #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/network/utility.h" -#include "common/stream_info/utility.h" - -#include "extensions/access_loggers/grpc/grpc_access_log_utils.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/utility.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h b/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h index cf424bb92a3d..fba13f16d6c6 100644 --- a/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h +++ b/source/extensions/access_loggers/grpc/tcp_grpc_access_log_impl.h @@ -9,10 +9,9 @@ #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" -#include "common/grpc/typed_async_client.h" - -#include "extensions/access_loggers/common/access_log_base.h" -#include "extensions/access_loggers/grpc/grpc_access_log_impl.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/extensions/access_loggers/common/access_log_base.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/open_telemetry/BUILD b/source/extensions/access_loggers/open_telemetry/BUILD index 0c4c07a03696..c500ee1aea1f 100644 --- a/source/extensions/access_loggers/open_telemetry/BUILD +++ b/source/extensions/access_loggers/open_telemetry/BUILD @@ -14,10 +14,10 @@ envoy_cc_library( srcs = ["grpc_access_log_impl.cc"], hdrs = ["grpc_access_log_impl.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/local_info:local_info_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/config:utility_lib", "//source/common/grpc:typed_async_client_lib", "//source/common/protobuf", @@ -34,8 +34,8 @@ envoy_cc_library( hdrs = ["access_log_impl.h"], deps = [ ":grpc_access_log_lib", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/protobuf:message_validator_interface", + "//envoy/access_log:access_log_interface", + "//envoy/protobuf:message_validator_interface", "//source/common/formatter:substitution_formatter_lib", "//source/common/protobuf:utility_lib", "//source/extensions/access_loggers/common:access_log_base", @@ -61,19 +61,16 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.access_loggers", # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/server:access_log_config_interface", + "//envoy/server:access_log_config_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/open_telemetry:access_log_lib", "//source/extensions/access_loggers/open_telemetry:access_log_proto_descriptors_lib", "//source/extensions/access_loggers/open_telemetry:grpc_access_log_lib", diff --git a/source/extensions/access_loggers/open_telemetry/access_log_impl.cc b/source/extensions/access_loggers/open_telemetry/access_log_impl.cc index ea4920151fba..f3376483ad31 100644 --- a/source/extensions/access_loggers/open_telemetry/access_log_impl.cc +++ b/source/extensions/access_loggers/open_telemetry/access_log_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/open_telemetry/access_log_impl.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_impl.h" #include @@ -7,14 +7,14 @@ #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/open_telemetry/v3alpha/logs_service.pb.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/formatter/substitution_formatter.h" -#include "common/http/headers.h" -#include "common/network/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/utility.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/http/headers.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/utility.h" #include "opentelemetry/proto/collector/logs/v1/logs_service.pb.h" #include "opentelemetry/proto/common/v1/common.pb.h" diff --git a/source/extensions/access_loggers/open_telemetry/access_log_impl.h b/source/extensions/access_loggers/open_telemetry/access_log_impl.h index aa9fb20eac5d..1bd6b34804c8 100644 --- a/source/extensions/access_loggers/open_telemetry/access_log_impl.h +++ b/source/extensions/access_loggers/open_telemetry/access_log_impl.h @@ -11,11 +11,10 @@ #include "envoy/singleton/instance.h" #include "envoy/thread_local/thread_local.h" -#include "common/formatter/substitution_formatter.h" -#include "common/grpc/typed_async_client.h" - -#include "extensions/access_loggers/common/access_log_base.h" -#include "extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/extensions/access_loggers/common/access_log_base.h" +#include "source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" #include "opentelemetry/proto/collector/logs/v1/logs_service.pb.h" #include "opentelemetry/proto/common/v1/common.pb.h" diff --git a/source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.cc b/source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.cc index 892aa74b0c96..aa8ba51c7757 100644 --- a/source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.cc +++ b/source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.cc @@ -1,8 +1,8 @@ -#include "extensions/access_loggers/open_telemetry/access_log_proto_descriptors.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/open_telemetry/config.cc b/source/extensions/access_loggers/open_telemetry/config.cc index dd1bd6a8ea4d..2b0f02f3acd2 100644 --- a/source/extensions/access_loggers/open_telemetry/config.cc +++ b/source/extensions/access_loggers/open_telemetry/config.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/open_telemetry/config.h" +#include "source/extensions/access_loggers/open_telemetry/config.h" #include "envoy/extensions/access_loggers/open_telemetry/v3alpha/logs_service.pb.h" #include "envoy/extensions/access_loggers/open_telemetry/v3alpha/logs_service.pb.validate.h" @@ -6,14 +6,12 @@ #include "envoy/server/access_log_config.h" #include "envoy/server/filter_config.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/grpc/async_client_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/open_telemetry/access_log_impl.h" -#include "extensions/access_loggers/open_telemetry/access_log_proto_descriptors.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_impl.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_proto_descriptors.h" namespace Envoy { namespace Extensions { @@ -53,7 +51,7 @@ ProtobufTypes::MessagePtr AccessLogFactory::createEmptyConfigProto() { envoy::extensions::access_loggers::open_telemetry::v3alpha::OpenTelemetryAccessLogConfig>(); } -std::string AccessLogFactory::name() const { return AccessLogNames::get().OpenTelemetry; } +std::string AccessLogFactory::name() const { return "envoy.access_loggers.open_telemetry"; } /** * Static registration for the OpenTelemetry (gRPC) access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.cc b/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.cc index 535d7023ff74..909caf38aa3d 100644 --- a/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.cc +++ b/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.cc @@ -1,12 +1,12 @@ -#include "extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" +#include "source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/extensions/access_loggers/open_telemetry/v3alpha/logs_service.pb.h" #include "envoy/grpc/async_client_manager.h" #include "envoy/local_info/local_info.h" -#include "common/config/utility.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/typed_async_client.h" #include "opentelemetry/proto/collector/logs/v1/logs_service.pb.h" #include "opentelemetry/proto/common/v1/common.pb.h" diff --git a/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h b/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h index 006cc9691ed0..4273b1a42001 100644 --- a/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h +++ b/source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h @@ -8,9 +8,8 @@ #include "envoy/local_info/local_info.h" #include "envoy/thread_local/thread_local.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/grpc_access_logger.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/grpc_access_logger.h" #include "opentelemetry/proto/collector/logs/v1/logs_service.pb.h" #include "opentelemetry/proto/common/v1/common.pb.h" diff --git a/source/extensions/access_loggers/stream/BUILD b/source/extensions/access_loggers/stream/BUILD index a35d7ba9cece..2b006910ca15 100644 --- a/source/extensions/access_loggers/stream/BUILD +++ b/source/extensions/access_loggers/stream/BUILD @@ -12,17 +12,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.access_loggers", extra_visibility = [ "//test:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:config_provider_lib", "//source/common/formatter:substitution_format_string_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/common:file_access_log_lib", "//source/extensions/access_loggers/common:stream_access_log_common_impl_lib", "@envoy_api//envoy/extensions/access_loggers/stream/v3:pkg_cc_proto", diff --git a/source/extensions/access_loggers/stream/config.cc b/source/extensions/access_loggers/stream/config.cc index 5fce7ea8cc3e..9482d510f92f 100644 --- a/source/extensions/access_loggers/stream/config.cc +++ b/source/extensions/access_loggers/stream/config.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/stream/config.h" +#include "source/extensions/access_loggers/stream/config.h" #include @@ -7,15 +7,13 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" -#include "common/config/utility.h" -#include "common/formatter/substitution_format_string.h" -#include "common/formatter/substitution_formatter.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" -#include "extensions/access_loggers/common/stream_access_log_common_impl.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/common/logger.h" +#include "source/common/config/utility.h" +#include "source/common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" +#include "source/extensions/access_loggers/common/stream_access_log_common_impl.h" namespace Envoy { namespace Extensions { @@ -35,7 +33,7 @@ ProtobufTypes::MessagePtr StdoutAccessLogFactory::createEmptyConfigProto() { new envoy::extensions::access_loggers::stream::v3::StdoutAccessLog()}; } -std::string StdoutAccessLogFactory::name() const { return AccessLogNames::get().Stdout; } +std::string StdoutAccessLogFactory::name() const { return "envoy.access_loggers.stdout"; } /** * Static registration for the file access log. @see RegisterFactory. @@ -56,7 +54,7 @@ ProtobufTypes::MessagePtr StderrAccessLogFactory::createEmptyConfigProto() { new envoy::extensions::access_loggers::stream::v3::StderrAccessLog()}; } -std::string StderrAccessLogFactory::name() const { return AccessLogNames::get().Stderr; } +std::string StderrAccessLogFactory::name() const { return "envoy.access_loggers.stderr"; } /** * Static registration for the `stderr` access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/wasm/BUILD b/source/extensions/access_loggers/wasm/BUILD index 0ed93bef9607..3ea6a5ba7c0f 100644 --- a/source/extensions/access_loggers/wasm/BUILD +++ b/source/extensions/access_loggers/wasm/BUILD @@ -15,9 +15,8 @@ envoy_cc_library( name = "wasm_access_log_lib", hdrs = ["wasm_access_log_impl.h"], deps = [ - "//include/envoy/access_log:access_log_interface", + "//envoy/access_log:access_log_interface", "//source/common/http:header_map_lib", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/common/wasm:wasm_lib", ], ) @@ -26,16 +25,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.access_loggers", - security_posture = "unknown", - status = "alpha", deps = [ ":wasm_access_log_lib", - "//include/envoy/registry", - "//include/envoy/server:access_log_config_interface", + "//envoy/registry", + "//envoy/server:access_log_config_interface", "//source/common/config:datasource_lib", "//source/common/protobuf", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/common/wasm:wasm_lib", "@envoy_api//envoy/extensions/access_loggers/wasm/v3:pkg_cc_proto", ], diff --git a/source/extensions/access_loggers/wasm/config.cc b/source/extensions/access_loggers/wasm/config.cc index d6ba35aba1c9..0c8fb063abb0 100644 --- a/source/extensions/access_loggers/wasm/config.cc +++ b/source/extensions/access_loggers/wasm/config.cc @@ -1,15 +1,13 @@ -#include "extensions/access_loggers/wasm/config.h" +#include "source/extensions/access_loggers/wasm/config.h" #include "envoy/extensions/access_loggers/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/wasm/wasm_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" -#include "extensions/common/wasm/wasm.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/wasm/wasm_access_log_impl.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { @@ -55,7 +53,7 @@ ProtobufTypes::MessagePtr WasmAccessLogFactory::createEmptyConfigProto() { new envoy::extensions::access_loggers::wasm::v3::WasmAccessLog()}; } -std::string WasmAccessLogFactory::name() const { return AccessLogNames::get().Wasm; } +std::string WasmAccessLogFactory::name() const { return "envoy.access_loggers.wasm"; } /** * Static registration for the wasm access log. @see RegisterFactory. diff --git a/source/extensions/access_loggers/wasm/config.h b/source/extensions/access_loggers/wasm/config.h index 2a8062fb34c7..9806fe66d36e 100644 --- a/source/extensions/access_loggers/wasm/config.h +++ b/source/extensions/access_loggers/wasm/config.h @@ -2,7 +2,7 @@ #include "envoy/server/access_log_config.h" -#include "common/config/datasource.h" +#include "source/common/config/datasource.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/wasm/wasm_access_log_impl.h b/source/extensions/access_loggers/wasm/wasm_access_log_impl.h index 94910ef56712..ec7fb29797de 100644 --- a/source/extensions/access_loggers/wasm/wasm_access_log_impl.h +++ b/source/extensions/access_loggers/wasm/wasm_access_log_impl.h @@ -2,10 +2,8 @@ #include "envoy/access_log/access_log.h" -#include "common/common/logger.h" - -#include "extensions/access_loggers/well_known_names.h" -#include "extensions/common/wasm/wasm.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/access_loggers/well_known_names.h b/source/extensions/access_loggers/well_known_names.h deleted file mode 100644 index e3b7a375c8e2..000000000000 --- a/source/extensions/access_loggers/well_known_names.h +++ /dev/null @@ -1,37 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace AccessLoggers { - -/** - * Well-known access logger names. - * NOTE: New access loggers should use the well known name: envoy.access_loggers.name. - */ -class AccessLogNameValues { -public: - // File access log - const std::string File = "envoy.access_loggers.file"; - // HTTP gRPC access log - const std::string HttpGrpc = "envoy.access_loggers.http_grpc"; - // Standard error access log - const std::string Stderr = "envoy.access_loggers.stderr"; - // Standard output access log - const std::string Stdout = "envoy.access_loggers.stdout"; - // TCP gRPC access log - const std::string TcpGrpc = "envoy.access_loggers.tcp_grpc"; - // OpenTelemetry gRPC access log - const std::string OpenTelemetry = "envoy.access_loggers.open_telemetry"; - // WASM access log - const std::string Wasm = "envoy.access_loggers.wasm"; -}; - -using AccessLogNames = ConstSingleton; - -} // namespace AccessLoggers -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/bootstrap/wasm/BUILD b/source/extensions/bootstrap/wasm/BUILD index fe58c86f94c0..913e72fc5431 100644 --- a/source/extensions/bootstrap/wasm/BUILD +++ b/source/extensions/bootstrap/wasm/BUILD @@ -16,20 +16,16 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.bootstrap", - security_posture = "unknown", - status = "alpha", deps = [ - "//include/envoy/registry", - "//include/envoy/server:bootstrap_extension_config_interface", - "//include/envoy/server:factory_context_interface", - "//include/envoy/server:instance_interface", + "//envoy/registry", + "//envoy/server:bootstrap_extension_config_interface", + "//envoy/server:factory_context_interface", + "//envoy/server:instance_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/common/protobuf:utility_lib", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/bootstrap/wasm/config.cc b/source/extensions/bootstrap/wasm/config.cc index 3a2b0d488601..ae8e733d57d6 100644 --- a/source/extensions/bootstrap/wasm/config.cc +++ b/source/extensions/bootstrap/wasm/config.cc @@ -1,13 +1,12 @@ -#include "extensions/bootstrap/wasm/config.h" +#include "source/extensions/bootstrap/wasm/config.h" #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" -#include "common/protobuf/utility.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/bootstrap/wasm/config.h b/source/extensions/bootstrap/wasm/config.h index 9d09a7905b2d..db415cb14f14 100644 --- a/source/extensions/bootstrap/wasm/config.h +++ b/source/extensions/bootstrap/wasm/config.h @@ -7,9 +7,8 @@ #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/clusters/BUILD b/source/extensions/clusters/BUILD index 46709ec0c238..90e061ad8da3 100644 --- a/source/extensions/clusters/BUILD +++ b/source/extensions/clusters/BUILD @@ -1,20 +1,8 @@ load( "//bazel:envoy_build_system.bzl", - "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/config:well_known_names", - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/clusters/aggregate/BUILD b/source/extensions/clusters/aggregate/BUILD index 473f140b30da..8a640940b7c7 100644 --- a/source/extensions/clusters/aggregate/BUILD +++ b/source/extensions/clusters/aggregate/BUILD @@ -15,12 +15,9 @@ envoy_cc_extension( "cluster.h", "lb_context.h", ], - category = "envoy.clusters", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:upstream_includes", - "//source/extensions/clusters:well_known_names", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/clusters/aggregate/v3:pkg_cc_proto", ], diff --git a/source/extensions/clusters/aggregate/cluster.cc b/source/extensions/clusters/aggregate/cluster.cc index ac4eee088594..c7f21b5abdbd 100644 --- a/source/extensions/clusters/aggregate/cluster.cc +++ b/source/extensions/clusters/aggregate/cluster.cc @@ -1,11 +1,11 @@ -#include "extensions/clusters/aggregate/cluster.h" +#include "source/extensions/clusters/aggregate/cluster.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/clusters/aggregate/cluster.h b/source/extensions/clusters/aggregate/cluster.h index 373897944b6c..031a3fe2b63d 100644 --- a/source/extensions/clusters/aggregate/cluster.h +++ b/source/extensions/clusters/aggregate/cluster.h @@ -8,11 +8,10 @@ #include "envoy/thread_local/thread_local_object.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/common/logger.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/clusters/aggregate/lb_context.h" +#include "source/common/common/logger.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/clusters/aggregate/lb_context.h" namespace Envoy { namespace Extensions { @@ -160,8 +159,7 @@ struct AggregateThreadAwareLoadBalancer : public Upstream::ThreadAwareLoadBalanc class ClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::extensions::clusters::aggregate::v3::ClusterConfig> { public: - ClusterFactory() - : ConfigurableClusterFactoryBase(Extensions::Clusters::ClusterTypes::get().Aggregate) {} + ClusterFactory() : ConfigurableClusterFactoryBase("envoy.clusters.aggregate") {} private: std::pair diff --git a/source/extensions/clusters/aggregate/lb_context.h b/source/extensions/clusters/aggregate/lb_context.h index 08aae97f51e7..8add803c63c2 100644 --- a/source/extensions/clusters/aggregate/lb_context.h +++ b/source/extensions/clusters/aggregate/lb_context.h @@ -1,7 +1,7 @@ #pragma once -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/clusters/dynamic_forward_proxy/BUILD b/source/extensions/clusters/dynamic_forward_proxy/BUILD index 3a6fdf9f1080..44da3c9be55d 100644 --- a/source/extensions/clusters/dynamic_forward_proxy/BUILD +++ b/source/extensions/clusters/dynamic_forward_proxy/BUILD @@ -12,13 +12,10 @@ envoy_cc_extension( name = "cluster", srcs = ["cluster.cc"], hdrs = ["cluster.h"], - category = "envoy.clusters", - security_posture = "robust_to_untrusted_downstream", deps = [ "//source/common/network:transport_socket_options_lib", "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:logical_host_lib", - "//source/extensions/clusters:well_known_names", "//source/extensions/common/dynamic_forward_proxy:dns_cache_interface", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", diff --git a/source/extensions/clusters/dynamic_forward_proxy/cluster.cc b/source/extensions/clusters/dynamic_forward_proxy/cluster.cc index 39712337ecb3..6650a021ebaf 100644 --- a/source/extensions/clusters/dynamic_forward_proxy/cluster.cc +++ b/source/extensions/clusters/dynamic_forward_proxy/cluster.cc @@ -1,12 +1,11 @@ -#include "extensions/clusters/dynamic_forward_proxy/cluster.h" +#include "source/extensions/clusters/dynamic_forward_proxy/cluster.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.validate.h" -#include "common/network/transport_socket_options_impl.h" - -#include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" namespace Envoy { namespace Extensions { @@ -30,14 +29,8 @@ Cluster::Cluster( // support these parameters dynamically in the future. This is not an exhaustive list of // parameters that don't make sense but should be the most obvious ones that a user might set // in error. - if (!cluster.hidden_envoy_deprecated_tls_context().sni().empty() || - !cluster.hidden_envoy_deprecated_tls_context() - .common_tls_context() - .validation_context() - .hidden_envoy_deprecated_verify_subject_alt_name() - .empty()) { - throw EnvoyException( - "dynamic_forward_proxy cluster cannot configure 'sni' or 'verify_subject_alt_name'"); + if (!cluster.hidden_envoy_deprecated_tls_context().sni().empty()) { + throw EnvoyException("dynamic_forward_proxy cluster cannot configure 'sni'"); } } diff --git a/source/extensions/clusters/dynamic_forward_proxy/cluster.h b/source/extensions/clusters/dynamic_forward_proxy/cluster.h index 309da4ed4407..dcd1e235607f 100644 --- a/source/extensions/clusters/dynamic_forward_proxy/cluster.h +++ b/source/extensions/clusters/dynamic_forward_proxy/cluster.h @@ -5,11 +5,9 @@ #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.validate.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/logical_host.h" - -#include "extensions/clusters/well_known_names.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/logical_host.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { @@ -115,9 +113,7 @@ class Cluster : public Upstream::BaseDynamicClusterImpl, class ClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::extensions::clusters::dynamic_forward_proxy::v3::ClusterConfig> { public: - ClusterFactory() - : ConfigurableClusterFactoryBase( - Extensions::Clusters::ClusterTypes::get().DynamicForwardProxy) {} + ClusterFactory() : ConfigurableClusterFactoryBase("envoy.clusters.dynamic_forward_proxy") {} private: std::pair diff --git a/source/extensions/clusters/redis/BUILD b/source/extensions/clusters/redis/BUILD index 54577e1483e3..464da0ef8bfb 100644 --- a/source/extensions/clusters/redis/BUILD +++ b/source/extensions/clusters/redis/BUILD @@ -25,11 +25,10 @@ envoy_cc_library( ], deps = [ ":crc16_lib", - "//include/envoy/upstream:thread_local_cluster_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:thread_local_cluster_interface", + "//envoy/upstream:upstream_interface", "//source/common/upstream:upstream_includes", "//source/common/upstream:upstream_lib", - "//source/extensions/clusters:well_known_names", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:codec_interface", "//source/extensions/filters/network/common/redis:supported_commands_lib", @@ -42,16 +41,14 @@ envoy_cc_extension( "redis_cluster.cc", "redis_cluster.h", ], - category = "envoy.clusters", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ "redis_cluster_lb", - "//include/envoy/api:api_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/api:api_interface", + "//envoy/http:codec_interface", + "//envoy/singleton:manager_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/config:datasource_lib", "//source/common/config:metadata_lib", "//source/common/event:dispatcher_lib", @@ -61,7 +58,6 @@ envoy_cc_extension( "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:upstream_includes", "//source/common/upstream:upstream_lib", - "//source/extensions/clusters:well_known_names", "//source/extensions/common/redis:cluster_refresh_manager_lib", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:client_lib", diff --git a/source/extensions/clusters/redis/redis_cluster.cc b/source/extensions/clusters/redis/redis_cluster.cc index 822eab1166be..18a0a79fda21 100644 --- a/source/extensions/clusters/redis/redis_cluster.cc +++ b/source/extensions/clusters/redis/redis_cluster.cc @@ -39,12 +39,9 @@ RedisCluster::RedisCluster( host_degraded_refresh_threshold_(redis_cluster.host_degraded_refresh_threshold()), dispatcher_(factory_context.dispatcher()), dns_resolver_(std::move(dns_resolver)), dns_lookup_family_(Upstream::getDnsLookupFamilyFromCluster(cluster)), - load_assignment_( - cluster.has_load_assignment() - ? cluster.load_assignment() - : Config::Utility::translateClusterHosts(cluster.hidden_envoy_deprecated_hosts())), - local_info_(factory_context.localInfo()), random_(api.randomGenerator()), - redis_discovery_session_(*this, redis_client_factory), lb_factory_(std::move(lb_factory)), + load_assignment_(cluster.load_assignment()), local_info_(factory_context.localInfo()), + random_(api.randomGenerator()), redis_discovery_session_(*this, redis_client_factory), + lb_factory_(std::move(lb_factory)), auth_username_( NetworkFilters::RedisProxy::ProtocolOptionsConfigImpl::authUsername(info(), api)), auth_password_( @@ -385,8 +382,7 @@ RedisClusterFactory::createClusterWithConfig( Upstream::ClusterFactoryContext& context, Envoy::Server::Configuration::TransportSocketFactoryContextImpl& socket_factory_context, Envoy::Stats::ScopePtr&& stats_scope) { - if (!cluster.has_cluster_type() || - cluster.cluster_type().name() != Extensions::Clusters::ClusterTypes::get().Redis) { + if (!cluster.has_cluster_type() || cluster.cluster_type().name() != "envoy.clusters.redis") { throw EnvoyException("Redis cluster can only created with redis cluster type."); } // TODO(hyang): This is needed to migrate existing cluster, disallow using other lb_policy diff --git a/source/extensions/clusters/redis/redis_cluster.h b/source/extensions/clusters/redis/redis_cluster.h index 49af6d50d1be..96161c3514b1 100644 --- a/source/extensions/clusters/redis/redis_cluster.h +++ b/source/extensions/clusters/redis/redis_cluster.h @@ -40,32 +40,28 @@ #include "envoy/upstream/locality.h" #include "envoy/upstream/upstream.h" -#include "common/common/callback_impl.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/config/datasource.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/stats/isolated_store_impl.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/outlier_detection_impl.h" -#include "common/upstream/resource_manager_impl.h" -#include "common/upstream/upstream_impl.h" - +#include "source/common/common/callback_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/config/datasource.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/outlier_detection_impl.h" +#include "source/common/upstream/resource_manager_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/redis_cluster_lb.h" - -#include "server/transport_socket_config_impl.h" - -#include "extensions/clusters/well_known_names.h" -#include "extensions/common/redis/cluster_refresh_manager_impl.h" -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/codec.h" -#include "extensions/filters/network/common/redis/utility.h" -#include "extensions/filters/network/redis_proxy/config.h" +#include "source/extensions/common/redis/cluster_refresh_manager_impl.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/common/redis/utility.h" +#include "source/extensions/filters/network/redis_proxy/config.h" +#include "source/server/transport_socket_config_impl.h" namespace Envoy { namespace Extensions { @@ -292,8 +288,7 @@ class RedisCluster : public Upstream::BaseDynamicClusterImpl { class RedisClusterFactory : public Upstream::ConfigurableClusterFactoryBase< envoy::extensions::clusters::redis::v3::RedisClusterConfig> { public: - RedisClusterFactory() - : ConfigurableClusterFactoryBase(Extensions::Clusters::ClusterTypes::get().Redis) {} + RedisClusterFactory() : ConfigurableClusterFactoryBase("envoy.clusters.redis") {} private: friend class RedisClusterTest; diff --git a/source/extensions/clusters/redis/redis_cluster_lb.h b/source/extensions/clusters/redis/redis_cluster_lb.h index 7ca27407d161..4ac9f565e0b5 100644 --- a/source/extensions/clusters/redis/redis_cluster_lb.h +++ b/source/extensions/clusters/redis/redis_cluster_lb.h @@ -7,16 +7,13 @@ #include "envoy/upstream/load_balancer.h" #include "envoy/upstream/upstream.h" -#include "common/network/address_impl.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" - +#include "source/common/network/address_impl.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/crc16.h" - -#include "extensions/clusters/well_known_names.h" -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/codec.h" -#include "extensions/filters/network/common/redis/supported_commands.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" #include "absl/container/btree_map.h" #include "absl/synchronization/mutex.h" diff --git a/source/extensions/clusters/well_known_names.h b/source/extensions/clusters/well_known_names.h deleted file mode 100644 index a387cf32c735..000000000000 --- a/source/extensions/clusters/well_known_names.h +++ /dev/null @@ -1,48 +0,0 @@ -#pragma once - -#include "common/config/well_known_names.h" - -namespace Envoy { -namespace Extensions { -namespace Clusters { - -/** - * Well-known cluster types, this supersede the service discovery types - */ -class ClusterTypeValues { -public: - // Static clusters (cluster that have a fixed number of hosts with resolved IP addresses). - const std::string Static = "envoy.cluster.static"; - - // Strict DNS (cluster that periodic DNS resolution and updates the host member set if the DNS - // members change). - const std::string StrictDns = "envoy.cluster.strict_dns"; - - // Logical DNS (cluster that creates a single logical host that wraps an async DNS resolver). - const std::string LogicalDns = "envoy.cluster.logical_dns"; - - // Endpoint Discovery Service (dynamic cluster that reads host information from the Endpoint - // Discovery Service). - const std::string Eds = "envoy.cluster.eds"; - - // Original destination (dynamic cluster that automatically adds hosts as needed based on the - // original destination address of the downstream connection). - const std::string OriginalDst = "envoy.cluster.original_dst"; - - // Redis cluster (cluster that reads host information using the redis cluster protocol). - const std::string Redis = "envoy.clusters.redis"; - - // Dynamic forward proxy cluster. This cluster is designed to work directly with the - // dynamic forward proxy HTTP filter. - const std::string DynamicForwardProxy = "envoy.clusters.dynamic_forward_proxy"; - - // Aggregate cluster which may contain different types of clusters. It allows load balance between - // different type of clusters. - const std::string Aggregate = "envoy.clusters.aggregate"; -}; - -using ClusterTypes = ConstSingleton; - -} // namespace Clusters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/common/BUILD b/source/extensions/common/BUILD index 50e003b97561..70c9f76e7af4 100644 --- a/source/extensions/common/BUILD +++ b/source/extensions/common/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( # Legacy. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ - "//include/envoy/runtime:runtime_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:documentation_url_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", diff --git a/source/extensions/common/aws/BUILD b/source/extensions/common/aws/BUILD index 621d60806d54..2f79649e36a0 100644 --- a/source/extensions/common/aws/BUILD +++ b/source/extensions/common/aws/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "signer_interface", hdrs = ["signer.h"], deps = [ - "//include/envoy/http:message_interface", + "//envoy/http:message_interface", ], ) @@ -48,7 +48,7 @@ envoy_cc_library( external_deps = ["abseil_time"], deps = [ ":credentials_provider_interface", - "//include/envoy/api:api_interface", + "//envoy/api:api_interface", "//source/common/common:logger_lib", "//source/common/common:thread_lib", "//source/common/http:utility_lib", diff --git a/source/extensions/common/aws/credentials_provider_impl.cc b/source/extensions/common/aws/credentials_provider_impl.cc index aa367a07d019..4dd5bfed47ae 100644 --- a/source/extensions/common/aws/credentials_provider_impl.cc +++ b/source/extensions/common/aws/credentials_provider_impl.cc @@ -1,10 +1,10 @@ -#include "extensions/common/aws/credentials_provider_impl.h" +#include "source/extensions/common/aws/credentials_provider_impl.h" #include "envoy/common/exception.h" -#include "common/common/lock_guard.h" -#include "common/http/utility.h" -#include "common/json/json_loader.h" +#include "source/common/common/lock_guard.h" +#include "source/common/http/utility.h" +#include "source/common/json/json_loader.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/aws/credentials_provider_impl.h b/source/extensions/common/aws/credentials_provider_impl.h index e493ebdb74dd..b15637282aa8 100644 --- a/source/extensions/common/aws/credentials_provider_impl.h +++ b/source/extensions/common/aws/credentials_provider_impl.h @@ -5,10 +5,9 @@ #include "envoy/api/api.h" #include "envoy/event/timer.h" -#include "common/common/logger.h" -#include "common/common/thread.h" - -#include "extensions/common/aws/credentials_provider.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/extensions/common/aws/credentials_provider.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/common/aws/region_provider_impl.cc b/source/extensions/common/aws/region_provider_impl.cc index 3943f45ba2cc..0914c46ced41 100644 --- a/source/extensions/common/aws/region_provider_impl.cc +++ b/source/extensions/common/aws/region_provider_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/common/aws/region_provider_impl.h" +#include "source/extensions/common/aws/region_provider_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/aws/region_provider_impl.h b/source/extensions/common/aws/region_provider_impl.h index 9e45823d4465..b4f08af15737 100644 --- a/source/extensions/common/aws/region_provider_impl.h +++ b/source/extensions/common/aws/region_provider_impl.h @@ -1,8 +1,7 @@ #pragma once -#include "common/common/logger.h" - -#include "extensions/common/aws/region_provider.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/aws/region_provider.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/aws/signer_impl.cc b/source/extensions/common/aws/signer_impl.cc index a328610e2804..368285c91fb0 100644 --- a/source/extensions/common/aws/signer_impl.cc +++ b/source/extensions/common/aws/signer_impl.cc @@ -1,14 +1,13 @@ -#include "extensions/common/aws/signer_impl.h" +#include "source/extensions/common/aws/signer_impl.h" #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" -#include "common/http/headers.h" - -#include "extensions/common/aws/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/headers.h" +#include "source/extensions/common/aws/utility.h" #include "absl/strings/str_join.h" diff --git a/source/extensions/common/aws/signer_impl.h b/source/extensions/common/aws/signer_impl.h index b1b5ad3c550d..301ead3e40ee 100644 --- a/source/extensions/common/aws/signer_impl.h +++ b/source/extensions/common/aws/signer_impl.h @@ -1,11 +1,10 @@ #pragma once -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/common/aws/credentials_provider.h" -#include "extensions/common/aws/signer.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/common/aws/credentials_provider.h" +#include "source/extensions/common/aws/signer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/aws/utility.cc b/source/extensions/common/aws/utility.cc index 794051e0d67a..497e37f40962 100644 --- a/source/extensions/common/aws/utility.cc +++ b/source/extensions/common/aws/utility.cc @@ -1,7 +1,7 @@ -#include "extensions/common/aws/utility.h" +#include "source/extensions/common/aws/utility.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" #include "absl/strings/str_join.h" #include "curl/curl.h" diff --git a/source/extensions/common/aws/utility.h b/source/extensions/common/aws/utility.h index 5aba489ce707..79f9b937b895 100644 --- a/source/extensions/common/aws/utility.h +++ b/source/extensions/common/aws/utility.h @@ -1,6 +1,6 @@ #pragma once -#include "common/http/headers.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/crypto/BUILD b/source/extensions/common/crypto/BUILD index d33b7986b519..1896816e5e96 100644 --- a/source/extensions/common/crypto/BUILD +++ b/source/extensions/common/crypto/BUILD @@ -18,7 +18,6 @@ envoy_cc_extension( "crypto_impl.h", "utility_impl.h", ], - category = "DELIBERATELY_OMITTED", external_deps = [ "ssl", ], @@ -27,10 +26,8 @@ envoy_cc_extension( "//test/common/config:__subpackages__", "//test/common/crypto:__subpackages__", ], - security_posture = "unknown", - undocumented = True, deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/crypto:utility_lib", ], diff --git a/source/extensions/common/crypto/crypto_impl.cc b/source/extensions/common/crypto/crypto_impl.cc index b5abbf8b858a..e26682cbf648 100644 --- a/source/extensions/common/crypto/crypto_impl.cc +++ b/source/extensions/common/crypto/crypto_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/common/crypto/crypto_impl.h" +#include "source/extensions/common/crypto/crypto_impl.h" namespace Envoy { namespace Common { diff --git a/source/extensions/common/crypto/utility_impl.cc b/source/extensions/common/crypto/utility_impl.cc index b8c1b151ef54..7319bfca3676 100644 --- a/source/extensions/common/crypto/utility_impl.cc +++ b/source/extensions/common/crypto/utility_impl.cc @@ -1,8 +1,7 @@ -#include "extensions/common/crypto/utility_impl.h" +#include "source/extensions/common/crypto/utility_impl.h" -#include "common/common/assert.h" - -#include "extensions/common/crypto/crypto_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/common/crypto/crypto_impl.h" #include "absl/container/fixed_array.h" #include "absl/strings/ascii.h" diff --git a/source/extensions/common/crypto/utility_impl.h b/source/extensions/common/crypto/utility_impl.h index 1b5b107a4738..3f18ac436be5 100644 --- a/source/extensions/common/crypto/utility_impl.h +++ b/source/extensions/common/crypto/utility_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/crypto/utility.h" +#include "source/common/crypto/utility.h" #include "openssl/bytestring.h" #include "openssl/hmac.h" diff --git a/source/extensions/common/dynamic_forward_proxy/BUILD b/source/extensions/common/dynamic_forward_proxy/BUILD index 19d613869618..1fa99cbecef2 100644 --- a/source/extensions/common/dynamic_forward_proxy/BUILD +++ b/source/extensions/common/dynamic_forward_proxy/BUILD @@ -12,12 +12,12 @@ envoy_cc_library( name = "dns_cache_interface", hdrs = ["dns_cache.h"], deps = [ - "//include/envoy/common:backoff_strategy_interface", - "//include/envoy/common:random_generator_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:resource_manager_interface", + "//envoy/common:backoff_strategy_interface", + "//envoy/common:random_generator_interface", + "//envoy/event:dispatcher_interface", + "//envoy/singleton:manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:resource_manager_interface", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) @@ -40,10 +40,11 @@ envoy_cc_library( deps = [ ":dns_cache_interface", ":dns_cache_resource_manager", - "//include/envoy/network:dns_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/network:dns_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:cleanup_lib", "//source/common/config:utility_lib", + "//source/common/network:resolver_lib", "//source/common/network:utility_lib", "//source/common/upstream:upstream_lib", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", @@ -56,8 +57,8 @@ envoy_cc_library( hdrs = ["dns_cache_resource_manager.h"], deps = [ ":dns_cache_interface", - "//include/envoy/common:resource_interface", - "//include/envoy/stats:stats_interface", + "//envoy/common:resource_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/common:basic_resource_lib", "//source/common/runtime:runtime_lib", diff --git a/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.cc b/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.cc index c2f6cd82a858..312c920c27bb 100644 --- a/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.cc +++ b/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.cc @@ -1,13 +1,14 @@ -#include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" -#include "common/config/utility.h" -#include "common/http/utility.h" -#include "common/network/utility.h" +#include "source/common/config/utility.h" +#include "source/common/http/utility.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/utility.h" // TODO(mattklein123): Move DNS family helpers to a smaller include. -#include "common/upstream/upstream_impl.h" +#include "source/common/upstream/upstream_impl.h" namespace Envoy { namespace Extensions { @@ -20,8 +21,8 @@ DnsCacheImpl::DnsCacheImpl( const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config) : main_thread_dispatcher_(main_thread_dispatcher), dns_lookup_family_(Upstream::getDnsLookupFamilyFromEnum(config.dns_lookup_family())), - resolver_(main_thread_dispatcher.createDnsResolver({}, config.use_tcp_for_dns_lookups())), - tls_slot_(tls), scope_(root_scope.createScope(fmt::format("dns_cache.{}.", config.name()))), + resolver_(selectDnsResolver(config, main_thread_dispatcher)), tls_slot_(tls), + scope_(root_scope.createScope(fmt::format("dns_cache.{}.", config.name()))), stats_(generateDnsCacheStats(*scope_)), resource_manager_(*scope_, loader, config.name(), config.dns_cache_circuit_breaker()), refresh_interval_(PROTOBUF_GET_MS_OR_DEFAULT(config, dns_refresh_rate, 60000)), @@ -32,6 +33,25 @@ DnsCacheImpl::DnsCacheImpl( host_ttl_(PROTOBUF_GET_MS_OR_DEFAULT(config, host_ttl, 300000)), max_hosts_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, max_hosts, 1024)) { tls_slot_.set([&](Event::Dispatcher&) { return std::make_shared(*this); }); + + if (static_cast(config.preresolve_hostnames().size()) > max_hosts_) { + throw EnvoyException(fmt::format( + "DNS Cache [{}] configured with preresolve_hostnames={} larger than max_hosts={}", + config.name(), config.preresolve_hostnames().size(), max_hosts_)); + } + + // Preresolved hostnames are resolved without a read lock on primary hosts because it is done + // during object construction. + for (const auto& hostname : config.preresolve_hostnames()) { + // No need to get a resolution handle on this resolution as the only outcome needed is for the + // cache to load an entry. Further if this particular resolution fails all the is lost is the + // potential optimization of having the entry be preresolved the first time a true consumer of + // this DNS cache asks for it. + main_thread_dispatcher_.post( + [this, host = hostname.address(), default_port = hostname.port_value()]() { + startCacheLoad(host, default_port); + }); + } } DnsCacheImpl::~DnsCacheImpl() { @@ -46,6 +66,29 @@ DnsCacheImpl::~DnsCacheImpl() { } } +Network::DnsResolverSharedPtr DnsCacheImpl::selectDnsResolver( + const envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig& config, + Event::Dispatcher& main_thread_dispatcher) { + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + std::vector resolvers; + if (config.has_dns_resolution_config()) { + dns_resolver_options.CopyFrom(config.dns_resolution_config().dns_resolver_options()); + if (!config.dns_resolution_config().resolvers().empty()) { + const auto& resolver_addrs = config.dns_resolution_config().resolvers(); + resolvers.reserve(resolver_addrs.size()); + for (const auto& resolver_addr : resolver_addrs) { + resolvers.push_back(Network::Address::resolveProtoAddress(resolver_addr)); + } + } + } else { + // Field bool `use_tcp_for_dns_lookups` will be deprecated in future. To be backward + // compatible utilize config.use_tcp_for_dns_lookups() if `config.dns_resolution_config` + // is not set. + dns_resolver_options.set_use_tcp_for_dns_lookups(config.use_tcp_for_dns_lookups()); + } + return main_thread_dispatcher.createDnsResolver(resolvers, dns_resolver_options); +} + DnsCacheStats DnsCacheImpl::generateDnsCacheStats(Stats::Scope& scope) { return {ALL_DNS_CACHE_STATS(POOL_COUNTER(scope), POOL_GAUGE(scope))}; } diff --git a/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h b/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h index c076c7940411..1e668c9847f2 100644 --- a/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h +++ b/source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h @@ -6,10 +6,9 @@ #include "envoy/network/dns.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/cleanup.h" - -#include "extensions/common/dynamic_forward_proxy/dns_cache.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" +#include "source/common/common/cleanup.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" #include "absl/container/flat_hash_map.h" @@ -46,6 +45,9 @@ class DnsCacheImpl : public DnsCache, Logger::Loggable #include "envoy/buffer/buffer.h" #include "envoy/network/address.h" -#include "common/network/address_impl.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/redis/BUILD b/source/extensions/common/redis/BUILD index f7427e61ad2e..36e05034f57f 100644 --- a/source/extensions/common/redis/BUILD +++ b/source/extensions/common/redis/BUILD @@ -25,9 +25,9 @@ envoy_cc_library( hdrs = ["cluster_refresh_manager_impl.h"], deps = [ ":cluster_refresh_manager_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/singleton:manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:lock_guard_lib", "//source/common/common:thread_annotations", "//source/common/common:thread_lib", diff --git a/source/extensions/common/redis/cluster_refresh_manager_impl.cc b/source/extensions/common/redis/cluster_refresh_manager_impl.cc index c3caa96d9eec..bc22bace274c 100644 --- a/source/extensions/common/redis/cluster_refresh_manager_impl.cc +++ b/source/extensions/common/redis/cluster_refresh_manager_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/common/redis/cluster_refresh_manager_impl.h" +#include "source/extensions/common/redis/cluster_refresh_manager_impl.h" #include "envoy/singleton/manager.h" diff --git a/source/extensions/common/redis/cluster_refresh_manager_impl.h b/source/extensions/common/redis/cluster_refresh_manager_impl.h index a62db60327f1..94bbfc315db6 100644 --- a/source/extensions/common/redis/cluster_refresh_manager_impl.h +++ b/source/extensions/common/redis/cluster_refresh_manager_impl.h @@ -8,10 +8,9 @@ #include "envoy/singleton/instance.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" - -#include "extensions/common/redis/cluster_refresh_manager.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/extensions/common/redis/cluster_refresh_manager.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/sqlutils/sqlutils.cc b/source/extensions/common/sqlutils/sqlutils.cc index 64b5438111be..1c9a30d6e502 100644 --- a/source/extensions/common/sqlutils/sqlutils.cc +++ b/source/extensions/common/sqlutils/sqlutils.cc @@ -1,4 +1,4 @@ -#include "extensions/common/sqlutils/sqlutils.h" +#include "source/extensions/common/sqlutils/sqlutils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/sqlutils/sqlutils.h b/source/extensions/common/sqlutils/sqlutils.h index 659025893027..4c62f2a5e91d 100644 --- a/source/extensions/common/sqlutils/sqlutils.h +++ b/source/extensions/common/sqlutils/sqlutils.h @@ -1,6 +1,6 @@ #pragma once -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "include/sqlparser/SQLParser.h" diff --git a/source/extensions/common/tap/BUILD b/source/extensions/common/tap/BUILD index e127bf3aaa19..c70943346fb7 100644 --- a/source/extensions/common/tap/BUILD +++ b/source/extensions/common/tap/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "tap_interface", hdrs = ["tap.h"], deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/extensions/common/matcher:matcher_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/data/tap/v3:pkg_cc_proto", @@ -39,8 +39,8 @@ envoy_cc_library( hdrs = ["admin.h"], deps = [ ":tap_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/singleton:manager_interface", + "//envoy/server:admin_interface", + "//envoy/singleton:manager_interface", "//source/common/buffer:buffer_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", @@ -53,7 +53,7 @@ envoy_cc_library( srcs = ["extension_config_base.cc"], hdrs = ["extension_config_base.h"], deps = [ - "//include/envoy/thread_local:thread_local_interface", + "//envoy/thread_local:thread_local_interface", "//source/extensions/common/tap:admin", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/common/tap/v3:pkg_cc_proto", diff --git a/source/extensions/common/tap/admin.cc b/source/extensions/common/tap/admin.cc index ee52d24b0c17..8c674cb141f6 100644 --- a/source/extensions/common/tap/admin.cc +++ b/source/extensions/common/tap/admin.cc @@ -1,13 +1,13 @@ -#include "extensions/common/tap/admin.h" +#include "source/extensions/common/tap/admin.h" #include "envoy/admin/v3/tap.pb.h" #include "envoy/admin/v3/tap.pb.validate.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/tap/admin.h b/source/extensions/common/tap/admin.h index 90feda4946e9..39d002a52caf 100644 --- a/source/extensions/common/tap/admin.h +++ b/source/extensions/common/tap/admin.h @@ -3,7 +3,7 @@ #include "envoy/server/admin.h" #include "envoy/singleton/manager.h" -#include "extensions/common/tap/tap.h" +#include "source/extensions/common/tap/tap.h" #include "absl/container/node_hash_set.h" diff --git a/source/extensions/common/tap/extension_config_base.cc b/source/extensions/common/tap/extension_config_base.cc index 04a6fb73d20b..66173ebbee21 100644 --- a/source/extensions/common/tap/extension_config_base.cc +++ b/source/extensions/common/tap/extension_config_base.cc @@ -1,4 +1,4 @@ -#include "extensions/common/tap/extension_config_base.h" +#include "source/extensions/common/tap/extension_config_base.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/common/tap/v3/common.pb.h" diff --git a/source/extensions/common/tap/extension_config_base.h b/source/extensions/common/tap/extension_config_base.h index 7e0e00625dd9..ff8f87646a6c 100644 --- a/source/extensions/common/tap/extension_config_base.h +++ b/source/extensions/common/tap/extension_config_base.h @@ -4,8 +4,8 @@ #include "envoy/extensions/common/tap/v3/common.pb.h" #include "envoy/thread_local/thread_local.h" -#include "extensions/common/tap/admin.h" -#include "extensions/common/tap/tap.h" +#include "source/extensions/common/tap/admin.h" +#include "source/extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/tap/tap.h b/source/extensions/common/tap/tap.h index 972ebef3a813..83b521ce8043 100644 --- a/source/extensions/common/tap/tap.h +++ b/source/extensions/common/tap/tap.h @@ -5,7 +5,7 @@ #include "envoy/data/tap/v3/wrapper.pb.h" #include "envoy/http/header_map.h" -#include "extensions/common/matcher/matcher.h" +#include "source/extensions/common/matcher/matcher.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/common/tap/tap_config_base.cc b/source/extensions/common/tap/tap_config_base.cc index 5e7d77a1a15a..b1f9785c6588 100644 --- a/source/extensions/common/tap/tap_config_base.cc +++ b/source/extensions/common/tap/tap_config_base.cc @@ -1,15 +1,14 @@ -#include "extensions/common/tap/tap_config_base.h" +#include "source/extensions/common/tap/tap_config_base.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/version_converter.h" -#include "common/protobuf/utility.h" - -#include "extensions/common/matcher/matcher.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/common/matcher/matcher.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/common/tap/tap_config_base.h b/source/extensions/common/tap/tap_config_base.h index a0aeb9967fc3..94685339fba0 100644 --- a/source/extensions/common/tap/tap_config_base.h +++ b/source/extensions/common/tap/tap_config_base.h @@ -7,8 +7,8 @@ #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" -#include "extensions/common/matcher/matcher.h" -#include "extensions/common/tap/tap.h" +#include "source/extensions/common/matcher/matcher.h" +#include "source/extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/utility.h b/source/extensions/common/utility.h index 378223c912cd..7b326227222e 100644 --- a/source/extensions/common/utility.h +++ b/source/extensions/common/utility.h @@ -3,9 +3,9 @@ #include "envoy/common/exception.h" #include "envoy/runtime/runtime.h" -#include "common/common/documentation_url.h" -#include "common/common/logger.h" -#include "common/common/utility.h" +#include "source/common/common/documentation_url.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/wasm/BUILD b/source/extensions/common/wasm/BUILD index 08d456d74ad4..5dce26660605 100644 --- a/source/extensions/common/wasm/BUILD +++ b/source/extensions/common/wasm/BUILD @@ -8,21 +8,13 @@ licenses(["notice"]) # Apache 2 envoy_extension_package() -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) - envoy_cc_library( name = "wasm_runtime_factory_interface", hdrs = [ "wasm_runtime_factory.h", ], deps = [ - "@proxy_wasm_cpp_host//:include", + "@proxy_wasm_cpp_host//:wasm_vm_headers", ], ) @@ -38,12 +30,11 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - ":well_known_names", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/server:lifecycle_notifier_interface", - "//include/envoy/thread_local:thread_local_object", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/server:lifecycle_notifier_interface", + "//envoy/thread_local:thread_local_object", + "//envoy/upstream:cluster_manager_interface", "//source/common/config:datasource_lib", "//source/common/protobuf:utility_lib", "//source/common/singleton:const_singleton", @@ -51,10 +42,9 @@ envoy_cc_library( "//source/common/version:version_includes", "//source/extensions/filters/common/expr:cel_state_lib", "//source/extensions/filters/common/expr:evaluator_lib", - "//source/extensions/filters/http:well_known_names", "@com_google_cel_cpp//eval/public:activation", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", - "@proxy_wasm_cpp_host//:include", + "@proxy_wasm_cpp_host//:headers", "@proxy_wasm_cpp_sdk//:common_lib", ], ) @@ -81,7 +71,8 @@ envoy_cc_library( ":wasm_runtime_factory_interface", "//external:abseil_base", "//external:abseil_node_hash_map", - "//include/envoy/server:lifecycle_notifier_interface", + "//external:zlib", + "//envoy/server:lifecycle_notifier_interface", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/common:safe_memcpy_lib", @@ -101,7 +92,7 @@ envoy_cc_library( "@com_google_cel_cpp//eval/public:cel_value", "@com_google_cel_cpp//eval/public:value_export_util", "@envoy_api//envoy/extensions/wasm/v3:pkg_cc_proto", - "@proxy_wasm_cpp_host//:common_lib", + "@proxy_wasm_cpp_host//:base_lib", "@proxy_wasm_cpp_host//:null_lib", ] + select( { diff --git a/source/extensions/common/wasm/context.cc b/source/extensions/common/wasm/context.cc index 2f42f921fdd4..4591f9d2a177 100644 --- a/source/extensions/common/wasm/context.cc +++ b/source/extensions/common/wasm/context.cc @@ -15,21 +15,19 @@ #include "envoy/stats/sink.h" #include "envoy/thread_local/thread_local.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/common/safe_memcpy.h" -#include "common/http/header_map_impl.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/common/wasm/plugin.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/common/wasm/well_known_names.h" -#include "extensions/filters/common/expr/context.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/common/wasm/plugin.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/common/expr/context.h" #include "absl/base/casts.h" #include "absl/container/flat_hash_map.h" @@ -119,21 +117,21 @@ WasmResult Buffer::copyTo(WasmBase* wasm, size_t start, size_t length, uint64_t return proxy_wasm::BufferBase::copyTo(wasm, start, length, ptr_ptr, size_ptr); } -WasmResult Buffer::copyFrom(size_t start, size_t length, absl::string_view data) { +WasmResult Buffer::copyFrom(size_t start, size_t length, std::string_view data) { if (buffer_instance_) { if (start == 0) { if (length == 0) { - buffer_instance_->prepend(data); + buffer_instance_->prepend(toAbslStringView(data)); return WasmResult::Ok; } else if (length >= buffer_instance_->length()) { buffer_instance_->drain(buffer_instance_->length()); - buffer_instance_->add(data); + buffer_instance_->add(toAbslStringView(data)); return WasmResult::Ok; } else { return WasmResult::BadArgument; } } else if (start >= buffer_instance_->length()) { - buffer_instance_->add(data); + buffer_instance_->add(toAbslStringView(data)); return WasmResult::Ok; } else { return WasmResult::BadArgument; @@ -158,7 +156,7 @@ Plugin* Context::plugin() const { return static_cast(plugin_.get()); } Context* Context::rootContext() const { return static_cast(root_context()); } Upstream::ClusterManager& Context::clusterManager() const { return wasm()->clusterManager(); } -void Context::error(absl::string_view message) { ENVOY_LOG(trace, message); } +void Context::error(std::string_view message) { ENVOY_LOG(trace, message); } uint64_t Context::getCurrentTimeNanoseconds() { return std::chrono::duration_cast( @@ -566,9 +564,9 @@ Context::findValue(absl::string_view name, Protobuf::Arena* arena, bool last) co } break; case PropertyToken::PLUGIN_ROOT_ID: - return CelValue::CreateStringView(root_id()); + return CelValue::CreateStringView(toAbslStringView(root_id())); case PropertyToken::PLUGIN_VM_ID: - return CelValue::CreateStringView(wasm()->vm_id()); + return CelValue::CreateStringView(toAbslStringView(wasm()->vm_id())); case PropertyToken::FILTER_STATE: return Protobuf::Arena::Create(arena, info->filterState()) @@ -577,7 +575,7 @@ Context::findValue(absl::string_view name, Protobuf::Arena* arena, bool last) co return {}; } -WasmResult Context::getProperty(absl::string_view path, std::string* result) { +WasmResult Context::getProperty(std::string_view path, std::string* result) { using google::api::expr::runtime::CelValue; bool first = true; @@ -600,14 +598,14 @@ WasmResult Context::getProperty(absl::string_view path, std::string* result) { if (first) { // top-level identifier first = false; - auto top_value = findValue(part, &arena, start >= path.size()); + auto top_value = findValue(toAbslStringView(part), &arena, start >= path.size()); if (!top_value.has_value()) { return WasmResult::NotFound; } value = top_value.value(); } else if (value.IsMap()) { auto& map = *value.MapOrDie(); - auto field = map[CelValue::CreateStringView(part)]; + auto field = map[CelValue::CreateStringView(toAbslStringView(part))]; if (!field.has_value()) { return WasmResult::NotFound; } @@ -640,7 +638,7 @@ WasmResult Context::getProperty(absl::string_view path, std::string* result) { } else if (value.IsList()) { auto& list = *value.ListOrDie(); int idx = 0; - if (!absl::SimpleAtoi(part, &idx)) { + if (!absl::SimpleAtoi(toAbslStringView(part), &idx)) { return WasmResult::NotFound; } if (idx < 0 || idx >= list.size()) { @@ -721,8 +719,8 @@ const Http::HeaderMap* Context::getConstMap(WasmHeaderMapType type) { NOT_REACHED_GCOVR_EXCL_LINE; } -WasmResult Context::addHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view value) { +WasmResult Context::addHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view value) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; @@ -735,8 +733,8 @@ WasmResult Context::addHeaderMapValue(WasmHeaderMapType type, absl::string_view return WasmResult::Ok; } -WasmResult Context::getHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view* value) { +WasmResult Context::getHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view* value) { auto map = getConstMap(type); if (!map) { if (access_log_phase_) { @@ -763,7 +761,7 @@ WasmResult Context::getHeaderMapValue(WasmHeaderMapType type, absl::string_view } // TODO(kyessenov, PiotrSikora): This needs to either return a concatenated list of values, or // the ABI needs to be changed to return multiple values. This is a potential security issue. - *value = entry[0]->value().getStringView(); + *value = toStdStringView(entry[0]->value().getStringView()); return WasmResult::Ok; } @@ -774,7 +772,8 @@ Pairs headerMapToPairs(const Http::HeaderMap* map) { Pairs pairs; pairs.reserve(map->size()); map->iterate([&pairs](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { - pairs.push_back(std::make_pair(header.key().getStringView(), header.value().getStringView())); + pairs.push_back(std::make_pair(toStdStringView(header.key().getStringView()), + toStdStringView(header.value().getStringView()))); return Http::HeaderMap::Iterate::Continue; }); return pairs; @@ -809,7 +808,7 @@ WasmResult Context::setHeaderMapPairs(WasmHeaderMapType type, const Pairs& pairs return WasmResult::Ok; } -WasmResult Context::removeHeaderMapValue(WasmHeaderMapType type, absl::string_view key) { +WasmResult Context::removeHeaderMapValue(WasmHeaderMapType type, std::string_view key) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; @@ -822,14 +821,14 @@ WasmResult Context::removeHeaderMapValue(WasmHeaderMapType type, absl::string_vi return WasmResult::Ok; } -WasmResult Context::replaceHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view value) { +WasmResult Context::replaceHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view value) { auto map = getMap(type); if (!map) { return WasmResult::BadArgument; } const Http::LowerCaseString lower_key{std::string(key)}; - map->setCopy(lower_key, value); + map->setCopy(lower_key, toAbslStringView(value)); if (type == WasmHeaderMapType::RequestHeaders) { decoder_callbacks_->clearRouteCache(); } @@ -887,8 +886,8 @@ BufferInterface* Context::getBuffer(WasmBufferType type) { response = rootContext()->http_call_response_; if (response) { auto& body = (*response)->body(); - return buffer_.set(absl::string_view(static_cast(body.linearize(body.length())), - body.length())); + return buffer_.set( + std::string_view(static_cast(body.linearize(body.length())), body.length())); } return nullptr; case WasmBufferType::GrpcReceiveBuffer: @@ -928,8 +927,8 @@ uint32_t Context::nextHttpCallToken() { } // Async call via HTTP -WasmResult Context::httpCall(absl::string_view cluster, const Pairs& request_headers, - absl::string_view request_body, const Pairs& request_trailers, +WasmResult Context::httpCall(std::string_view cluster, const Pairs& request_headers, + std::string_view request_body, const Pairs& request_trailers, int timeout_milliseconds, uint32_t* token_ptr) { if (timeout_milliseconds < 0) { return WasmResult::BadArgument; @@ -950,7 +949,7 @@ WasmResult Context::httpCall(absl::string_view cluster, const Pairs& request_hea } if (!request_body.empty()) { - message->body().add(request_body); + message->body().add(toAbslStringView(request_body)); message->headers().setContentLength(request_body.size()); } @@ -1001,9 +1000,9 @@ uint32_t Context::nextGrpcCallToken() { return token; } -WasmResult Context::grpcCall(absl::string_view grpc_service, absl::string_view service_name, - absl::string_view method_name, const Pairs& initial_metadata, - absl::string_view request, std::chrono::milliseconds timeout, +WasmResult Context::grpcCall(std::string_view grpc_service, std::string_view service_name, + std::string_view method_name, const Pairs& initial_metadata, + std::string_view request, std::chrono::milliseconds timeout, uint32_t* token_ptr) { GrpcService service_proto; if (!service_proto.ParseFromArray(grpc_service.data(), grpc_service.size())) { @@ -1039,9 +1038,10 @@ WasmResult Context::grpcCall(absl::string_view grpc_service, absl::string_view s hash_policy.Add()->mutable_header()->set_header_name(Http::Headers::get().Host.get()); options.setHashPolicy(hash_policy); - auto grpc_request = grpc_client->sendRaw(service_name, method_name, - std::make_unique<::Envoy::Buffer::OwnedImpl>(request), - handler, Tracing::NullSpan::instance(), options); + auto grpc_request = + grpc_client->sendRaw(toAbslStringView(service_name), toAbslStringView(method_name), + std::make_unique<::Envoy::Buffer::OwnedImpl>(toAbslStringView(request)), + handler, Tracing::NullSpan::instance(), options); if (!grpc_request) { grpc_call_request_.erase(token); return WasmResult::InternalFailure; @@ -1072,8 +1072,8 @@ uint32_t Context::nextGrpcStreamToken() { return token; } -WasmResult Context::grpcStream(absl::string_view grpc_service, absl::string_view service_name, - absl::string_view method_name, const Pairs& initial_metadata, +WasmResult Context::grpcStream(std::string_view grpc_service, std::string_view service_name, + std::string_view method_name, const Pairs& initial_metadata, uint32_t* token_ptr) { GrpcService service_proto; if (!service_proto.ParseFromArray(grpc_service.data(), grpc_service.size())) { @@ -1108,7 +1108,8 @@ WasmResult Context::grpcStream(absl::string_view grpc_service, absl::string_view hash_policy.Add()->mutable_header()->set_header_name(Http::Headers::get().Host.get()); options.setHashPolicy(hash_policy); - auto grpc_stream = grpc_client->startRaw(service_name, method_name, handler, options); + auto grpc_stream = grpc_client->startRaw(toAbslStringView(service_name), + toAbslStringView(method_name), handler, options); if (!grpc_stream) { grpc_stream_.erase(token); return WasmResult::InternalFailure; @@ -1124,7 +1125,7 @@ WasmResult Context::grpcStream(absl::string_view grpc_service, absl::string_view void Context::onGrpcCreateInitialMetadata(uint32_t /* token */, Http::RequestHeaderMap& initial_metadata) { if (grpc_initial_metadata_) { - initial_metadata = std::move(*grpc_initial_metadata_); + Http::HeaderMapImpl::copyFrom(initial_metadata, *grpc_initial_metadata_); grpc_initial_metadata_.reset(); } } @@ -1171,18 +1172,18 @@ const Network::Connection* Context::getConnection() const { return nullptr; } -WasmResult Context::setProperty(absl::string_view path, absl::string_view value) { +WasmResult Context::setProperty(std::string_view path, std::string_view value) { auto* stream_info = getRequestStreamInfo(); if (!stream_info) { return WasmResult::NotFound; } std::string key; - absl::StrAppend(&key, CelStateKeyPrefix, path); + absl::StrAppend(&key, CelStateKeyPrefix, toAbslStringView(path)); CelState* state; if (stream_info->filterState()->hasData(key)) { state = &stream_info->filterState()->getDataMutable(key); } else { - const auto& it = rootContext()->state_prototypes_.find(path); + const auto& it = rootContext()->state_prototypes_.find(toAbslStringView(path)); const CelStatePrototype& prototype = it == rootContext()->state_prototypes_.end() ? Filters::Common::Expr::DefaultCelStatePrototype::get() @@ -1193,24 +1194,24 @@ WasmResult Context::setProperty(absl::string_view path, absl::string_view value) StreamInfo::FilterState::StateType::Mutable, prototype.life_span_); } - if (!state->setValue(value)) { + if (!state->setValue(toAbslStringView(value))) { return WasmResult::BadArgument; } return WasmResult::Ok; } WasmResult -Context::declareProperty(absl::string_view path, +Context::declareProperty(std::string_view path, Filters::Common::Expr::CelStatePrototypeConstPtr state_prototype) { // Do not delete existing schema since it can be referenced by state objects. - if (state_prototypes_.find(path) == state_prototypes_.end()) { - state_prototypes_[path] = std::move(state_prototype); + if (state_prototypes_.find(toAbslStringView(path)) == state_prototypes_.end()) { + state_prototypes_[toAbslStringView(path)] = std::move(state_prototype); return WasmResult::Ok; } return WasmResult::BadArgument; } -WasmResult Context::log(uint32_t level, absl::string_view message) { +WasmResult Context::log(uint32_t level, std::string_view message) { switch (static_cast(level)) { case spdlog::level::trace: ENVOY_LOG(trace, "wasm log{}: {}", log_prefix(), message); @@ -1244,7 +1245,7 @@ uint32_t Context::getLogLevel() { // // Calls into the Wasm code. // -bool Context::validateConfiguration(absl::string_view configuration, +bool Context::validateConfiguration(std::string_view configuration, const std::shared_ptr& plugin_base) { auto plugin = std::static_pointer_cast(plugin_base); if (!wasm()->validate_configuration_) { @@ -1259,7 +1260,7 @@ bool Context::validateConfiguration(absl::string_view configuration, return result; } -absl::string_view Context::getConfiguration() { +std::string_view Context::getConfiguration() { if (temp_plugin_) { return temp_plugin_->plugin_configuration_; } else { @@ -1267,8 +1268,8 @@ absl::string_view Context::getConfiguration() { } }; -std::pair Context::getStatus() { - return std::make_pair(status_code_, status_message_); +std::pair Context::getStatus() { + return std::make_pair(status_code_, toStdStringView(status_message_)); } void Context::onGrpcReceiveInitialMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata) { @@ -1283,14 +1284,14 @@ void Context::onGrpcReceiveTrailingMetadataWrapper(uint32_t token, Http::HeaderM grpc_receive_trailing_metadata_ = nullptr; } -WasmResult Context::defineMetric(uint32_t metric_type, absl::string_view name, +WasmResult Context::defineMetric(uint32_t metric_type, std::string_view name, uint32_t* metric_id_ptr) { if (metric_type > static_cast(MetricType::Max)) { return WasmResult::BadArgument; } auto type = static_cast(metric_type); // TODO: Consider rethinking the scoping policy as it does not help in this case. - Stats::StatNameManagedStorage storage(name, wasm()->scope_->symbolTable()); + Stats::StatNameManagedStorage storage(toAbslStringView(name), wasm()->scope_->symbolTable()); Stats::StatName stat_name = storage.statName(); if (type == MetricType::Counter) { auto id = wasm()->nextCounterMetricId(); @@ -1657,9 +1658,9 @@ void Context::failStream(WasmStreamType stream_type) { } } -WasmResult Context::sendLocalResponse(uint32_t response_code, absl::string_view body_text, +WasmResult Context::sendLocalResponse(uint32_t response_code, std::string_view body_text, Pairs additional_headers, uint32_t grpc_status, - absl::string_view details) { + std::string_view details) { // "additional_headers" is a collection of string_views. These will no longer // be valid when "modify_headers" is finally called below, so we must // make copies of all the headers. @@ -1879,7 +1880,7 @@ void Context::onGrpcReceiveWrapper(uint32_t token, ::Envoy::Buffer::InstancePtr } void Context::onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& status, - const absl::string_view message) { + const std::string_view message) { if (proxy_wasm::current_context_ != nullptr) { // We are in a reentrant call, so defer. wasm()->addAfterVmCallAction([this, token, status, message = std::string(message)] { @@ -1889,7 +1890,7 @@ void Context::onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& } if (wasm()->on_grpc_close_) { status_code_ = static_cast(status); - status_message_ = message; + status_message_ = toAbslStringView(message); onGrpcClose(token, status_code_); status_message_ = ""; } @@ -1905,7 +1906,7 @@ void Context::onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& } } -WasmResult Context::grpcSend(uint32_t token, absl::string_view message, bool end_stream) { +WasmResult Context::grpcSend(uint32_t token, std::string_view message, bool end_stream) { if (isGrpcCallToken(token)) { return WasmResult::BadArgument; } diff --git a/source/extensions/common/wasm/context.h b/source/extensions/common/wasm/context.h index 1a7455f938e0..a834be202a5a 100644 --- a/source/extensions/common/wasm/context.h +++ b/source/extensions/common/wasm/context.h @@ -11,12 +11,11 @@ #include "envoy/stats/sink.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/logger.h" - -#include "extensions/common/wasm/plugin.h" -#include "extensions/filters/common/expr/cel_state.h" -#include "extensions/filters/common/expr/evaluator.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/wasm/plugin.h" +#include "source/extensions/filters/common/expr/cel_state.h" +#include "source/extensions/filters/common/expr/evaluator.h" #include "eval/public/activation.h" #include "include/proxy-wasm/wasm.h" @@ -67,7 +66,7 @@ class Buffer : public proxy_wasm::BufferBase { size_t size() const override; WasmResult copyTo(WasmBase* wasm, size_t start, size_t length, uint64_t ptr_ptr, uint64_t size_ptr) const override; - WasmResult copyFrom(size_t start, size_t length, absl::string_view data) override; + WasmResult copyFrom(size_t start, size_t length, std::string_view data) override; // proxy_wasm::BufferBase void clear() override { @@ -75,7 +74,7 @@ class Buffer : public proxy_wasm::BufferBase { const_buffer_instance_ = nullptr; buffer_instance_ = nullptr; } - Buffer* set(absl::string_view data) { + Buffer* set(std::string_view data) { return static_cast(proxy_wasm::BufferBase::set(data)); } Buffer* set(std::unique_ptr owned_data, uint32_t owned_data_size) { @@ -123,7 +122,7 @@ class Context : public proxy_wasm::ContextBase, Upstream::ClusterManager& clusterManager() const; // proxy_wasm::ContextBase - void error(absl::string_view message) override; + void error(std::string_view message) override; // Retrieves the stream info associated with the request (a.k.a active stream). // It selects a value based on the following order: encoder callback, decoder @@ -142,7 +141,7 @@ class Context : public proxy_wasm::ContextBase, // // VM level down-calls into the Wasm code on Context(id == 0). // - virtual bool validateConfiguration(absl::string_view configuration, + virtual bool validateConfiguration(std::string_view configuration, const std::shared_ptr& plugin); // deprecated // AccessLog::Instance @@ -195,25 +194,25 @@ class Context : public proxy_wasm::ContextBase, // proxy_wasm::ContextBase // General - WasmResult log(uint32_t level, absl::string_view message) override; + WasmResult log(uint32_t level, std::string_view message) override; uint64_t getCurrentTimeNanoseconds() override; uint64_t getMonotonicTimeNanoseconds() override; - absl::string_view getConfiguration() override; - std::pair getStatus() override; + std::string_view getConfiguration() override; + std::pair getStatus() override; // State accessors - WasmResult getProperty(absl::string_view path, std::string* result) override; - WasmResult setProperty(absl::string_view path, absl::string_view value) override; - WasmResult declareProperty(absl::string_view path, + WasmResult getProperty(std::string_view path, std::string* result) override; + WasmResult setProperty(std::string_view path, std::string_view value) override; + WasmResult declareProperty(std::string_view path, Filters::Common::Expr::CelStatePrototypeConstPtr state_prototype); // Continue WasmResult continueStream(WasmStreamType stream_type) override; WasmResult closeStream(WasmStreamType stream_type) override; void failStream(WasmStreamType stream_type) override; - WasmResult sendLocalResponse(uint32_t response_code, absl::string_view body_text, + WasmResult sendLocalResponse(uint32_t response_code, std::string_view body_text, Pairs additional_headers, uint32_t grpc_status, - absl::string_view details) override; + std::string_view details) override; void clearRouteCache() override { if (decoder_callbacks_) { decoder_callbacks_->clearRouteCache(); @@ -221,16 +220,16 @@ class Context : public proxy_wasm::ContextBase, } // Header/Trailer/Metadata Maps - WasmResult addHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view value) override; - WasmResult getHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view* value) override; + WasmResult addHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view value) override; + WasmResult getHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view* value) override; WasmResult getHeaderMapPairs(WasmHeaderMapType type, Pairs* result) override; WasmResult setHeaderMapPairs(WasmHeaderMapType type, const Pairs& pairs) override; - WasmResult removeHeaderMapValue(WasmHeaderMapType type, absl::string_view key) override; - WasmResult replaceHeaderMapValue(WasmHeaderMapType type, absl::string_view key, - absl::string_view value) override; + WasmResult removeHeaderMapValue(WasmHeaderMapType type, std::string_view key) override; + WasmResult replaceHeaderMapValue(WasmHeaderMapType type, std::string_view key, + std::string_view value) override; WasmResult getHeaderMapSize(WasmHeaderMapType type, uint32_t* size) override; @@ -240,28 +239,28 @@ class Context : public proxy_wasm::ContextBase, bool endOfStream(WasmStreamType /* stream_type */) override { return end_of_stream_; } // HTTP - WasmResult httpCall(absl::string_view cluster, const Pairs& request_headers, - absl::string_view request_body, const Pairs& request_trailers, + WasmResult httpCall(std::string_view cluster, const Pairs& request_headers, + std::string_view request_body, const Pairs& request_trailers, int timeout_millisconds, uint32_t* token_ptr) override; // Stats/Metrics - WasmResult defineMetric(uint32_t type, absl::string_view name, uint32_t* metric_id_ptr) override; + WasmResult defineMetric(uint32_t type, std::string_view name, uint32_t* metric_id_ptr) override; WasmResult incrementMetric(uint32_t metric_id, int64_t offset) override; WasmResult recordMetric(uint32_t metric_id, uint64_t value) override; WasmResult getMetric(uint32_t metric_id, uint64_t* value_ptr) override; // gRPC - WasmResult grpcCall(absl::string_view grpc_service, absl::string_view service_name, - absl::string_view method_name, const Pairs& initial_metadata, - absl::string_view request, std::chrono::milliseconds timeout, + WasmResult grpcCall(std::string_view grpc_service, std::string_view service_name, + std::string_view method_name, const Pairs& initial_metadata, + std::string_view request, std::chrono::milliseconds timeout, uint32_t* token_ptr) override; - WasmResult grpcStream(absl::string_view grpc_service, absl::string_view service_name, - absl::string_view method_name, const Pairs& initial_metadat, + WasmResult grpcStream(std::string_view grpc_service, std::string_view service_name, + std::string_view method_name, const Pairs& initial_metadat, uint32_t* token_ptr) override; WasmResult grpcClose(uint32_t token) override; WasmResult grpcCancel(uint32_t token) override; - WasmResult grpcSend(uint32_t token, absl::string_view message, bool end_stream) override; + WasmResult grpcSend(uint32_t token, std::string_view message, bool end_stream) override; // Envoy specific ABI void onResolveDns(uint32_t token, Envoy::Network::DnsResolver::ResolutionStatus status, @@ -354,7 +353,9 @@ class Context : public proxy_wasm::ContextBase, struct GrpcStreamClientHandler : public Grpc::RawAsyncStreamCallbacks { // Grpc::AsyncStreamCallbacks - void onCreateInitialMetadata(Http::RequestHeaderMap&) override {} + void onCreateInitialMetadata(Http::RequestHeaderMap& initial_metadata) override { + context_->onGrpcCreateInitialMetadata(token_, initial_metadata); + } void onReceiveInitialMetadata(Http::ResponseHeaderMapPtr&& metadata) override { context_->onGrpcReceiveInitialMetadataWrapper(token_, std::move(metadata)); } @@ -386,7 +387,7 @@ class Context : public proxy_wasm::ContextBase, void onGrpcReceiveWrapper(uint32_t token, ::Envoy::Buffer::InstancePtr response); void onGrpcReceiveTrailingMetadataWrapper(uint32_t token, Http::HeaderMapPtr&& metadata); void onGrpcCloseWrapper(uint32_t token, const Grpc::Status::GrpcStatus& status, - const absl::string_view message); + const std::string_view message); bool isGrpcStreamToken(uint32_t token) { return (token & 1) == 0; } bool isGrpcCallToken(uint32_t token) { return (token & 1) == 1; } diff --git a/source/extensions/common/wasm/ext/envoy_null_plugin.h b/source/extensions/common/wasm/ext/envoy_null_plugin.h index 1463e00e1ef5..49544355f462 100644 --- a/source/extensions/common/wasm/ext/envoy_null_plugin.h +++ b/source/extensions/common/wasm/ext/envoy_null_plugin.h @@ -26,7 +26,7 @@ proxy_wasm::Word resolve_dns(void* raw_context, proxy_wasm::Word dns_address, namespace proxy_wasm { namespace null_plugin { -#include "extensions/common/wasm/ext/envoy_proxy_wasm_api.h" +#include "source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h" using GrpcService = envoy::config::core::v3::GrpcService; using namespace proxy_wasm::null_plugin; diff --git a/source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h b/source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h index f6415b3fd2fa..dd74afa29140 100644 --- a/source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h +++ b/source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h @@ -17,7 +17,7 @@ namespace null_plugin { #include "proxy_wasm_api.h" #undef _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ #define _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ 1 -#include "extensions/common/wasm/ext/envoy_proxy_wasm_api.h" +#include "source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h" #undef _THE_FOLLOWING_INCLUDE_MUST_COME_AFTER_THOSE_ABOVE_ } // namespace null_plugin diff --git a/source/extensions/common/wasm/foreign.cc b/source/extensions/common/wasm/foreign.cc index 2d59dcc43e1f..3f153461e96c 100644 --- a/source/extensions/common/wasm/foreign.cc +++ b/source/extensions/common/wasm/foreign.cc @@ -1,8 +1,6 @@ -#include "common/common/logger.h" - +#include "source/common/common/logger.h" #include "source/extensions/common/wasm/ext/declare_property.pb.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm.h" #if defined(WASM_USE_CEL_PARSER) #include "eval/public/builtin_func_registrar.h" @@ -28,7 +26,7 @@ template WasmForeignFunction createFromClass() { RegisterForeignFunction registerCompressForeignFunction( "compress", - [](WasmBase&, absl::string_view arguments, + [](WasmBase&, std::string_view arguments, const std::function& alloc_result) -> WasmResult { unsigned long dest_len = compressBound(arguments.size()); std::unique_ptr b(new unsigned char[dest_len]); @@ -43,7 +41,7 @@ RegisterForeignFunction registerCompressForeignFunction( RegisterForeignFunction registerUncompressForeignFunction( "uncompress", - [](WasmBase&, absl::string_view arguments, + [](WasmBase&, std::string_view arguments, const std::function& alloc_result) -> WasmResult { unsigned long dest_len = arguments.size() * 2 + 2; // output estimate. while (true) { @@ -120,7 +118,7 @@ class CreateExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = - [self](WasmBase&, absl::string_view expr, + [self](WasmBase&, std::string_view expr, const std::function& alloc_result) -> WasmResult { auto parse_status = google::api::expr::parser::Parse(std::string(expr)); if (!parse_status.ok()) { @@ -157,7 +155,7 @@ class EvaluateExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { WasmForeignFunction f = - [self](WasmBase&, absl::string_view argument, + [self](WasmBase&, std::string_view argument, const std::function& alloc_result) -> WasmResult { auto& expr_context = getOrCreateContext(proxy_wasm::current_context_->root_context()); if (argument.size() != sizeof(uint32_t)) { @@ -199,7 +197,7 @@ RegisterForeignFunction class DeleteExpressionFactory : public ExpressionFactory { public: WasmForeignFunction create(std::shared_ptr self) const { - WasmForeignFunction f = [self](WasmBase&, absl::string_view argument, + WasmForeignFunction f = [self](WasmBase&, std::string_view argument, const std::function&) -> WasmResult { auto& expr_context = getOrCreateContext(proxy_wasm::current_context_->root_context()); if (argument.size() != sizeof(uint32_t)) { @@ -222,7 +220,7 @@ RegisterForeignFunction class DeclarePropertyFactory { public: WasmForeignFunction create(std::shared_ptr self) const { - WasmForeignFunction f = [self](WasmBase&, absl::string_view arguments, + WasmForeignFunction f = [self](WasmBase&, std::string_view arguments, const std::function&) -> WasmResult { envoy::source::extensions::common::wasm::DeclarePropertyArguments args; if (args.ParseFromArray(arguments.data(), arguments.size())) { diff --git a/source/extensions/common/wasm/plugin.cc b/source/extensions/common/wasm/plugin.cc index b01ac0324f53..ae1628981e87 100644 --- a/source/extensions/common/wasm/plugin.cc +++ b/source/extensions/common/wasm/plugin.cc @@ -1,9 +1,7 @@ -#include "extensions/common/wasm/plugin.h" +#include "source/extensions/common/wasm/plugin.h" #include "envoy/common/exception.h" -#include "extensions/common/wasm/well_known_names.h" - #include "include/proxy-wasm/wasm.h" namespace Envoy { @@ -24,8 +22,7 @@ WasmConfig::WasmConfig(const envoy::extensions::wasm::v3::PluginConfig& config) // since it directly accesses Envoy's env vars and we should not modify Envoy's env vars here. // TODO(mathetake): Once proxy_get_map_values(type::EnvironmentVariables, ..) call is supported, // then remove this restriction. - if (config.vm_config().runtime() == WasmRuntimeNames::get().Null && - !envs.key_values().empty()) { + if (config.vm_config().runtime() == "envoy.wasm.runtime.null" && !envs.key_values().empty()) { throw EnvoyException("envoy.extensions.wasm.v3.VmConfig.EnvironmentVariables.key_values must " "not be set for NullVm."); } diff --git a/source/extensions/common/wasm/plugin.h b/source/extensions/common/wasm/plugin.h index 1e053e607ffd..1ce986defee5 100644 --- a/source/extensions/common/wasm/plugin.h +++ b/source/extensions/common/wasm/plugin.h @@ -5,8 +5,8 @@ #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/local_info/local_info.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "include/proxy-wasm/wasm.h" @@ -27,7 +27,7 @@ class WasmConfig { EnvironmentVariableMap& environmentVariables() { return envs_; } private: - const envoy::extensions::wasm::v3::PluginConfig& config_; + const envoy::extensions::wasm::v3::PluginConfig config_; proxy_wasm::AllowedCapabilitiesMap allowed_capabilities_{}; EnvironmentVariableMap envs_; }; diff --git a/source/extensions/common/wasm/wasm.cc b/source/extensions/common/wasm/wasm.cc index c037c988c28a..8bef9b885485 100644 --- a/source/extensions/common/wasm/wasm.cc +++ b/source/extensions/common/wasm/wasm.cc @@ -1,14 +1,13 @@ -#include "extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm.h" #include #include #include "envoy/event/deferred_deletable.h" -#include "common/common/logger.h" - -#include "extensions/common/wasm/plugin.h" -#include "extensions/common/wasm/wasm_extension.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/wasm/plugin.h" +#include "source/extensions/common/wasm/wasm_extension.h" #include "absl/strings/str_cat.h" @@ -88,10 +87,10 @@ void Wasm::initializeLifecycle(Server::ServerLifecycleNotifier& lifecycle_notifi Wasm::Wasm(WasmConfig& config, absl::string_view vm_key, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher) - : WasmBase(createWasmVm(config.config().vm_config().runtime()), - config.config().vm_config().vm_id(), - MessageUtil::anyToBytes(config.config().vm_config().configuration()), vm_key, - config.environmentVariables(), config.allowedCapabilities()), + : WasmBase( + createWasmVm(config.config().vm_config().runtime()), config.config().vm_config().vm_id(), + MessageUtil::anyToBytes(config.config().vm_config().configuration()), + toStdStringView(vm_key), config.environmentVariables(), config.allowedCapabilities()), scope_(scope), cluster_manager_(cluster_manager), dispatcher_(dispatcher), time_source_(dispatcher.timeSource()), wasm_stats_(WasmStats{ALL_WASM_STATS( @@ -106,8 +105,9 @@ Wasm::Wasm(WasmConfig& config, absl::string_view vm_key, const Stats::ScopeShare Wasm::Wasm(WasmHandleSharedPtr base_wasm_handle, Event::Dispatcher& dispatcher) : WasmBase(base_wasm_handle, [&base_wasm_handle]() { - return createWasmVm(absl::StrCat("envoy.wasm.runtime.", - base_wasm_handle->wasm()->wasm_vm()->runtime())); + return createWasmVm(absl::StrCat( + "envoy.wasm.runtime.", + toAbslStringView(base_wasm_handle->wasm()->wasm_vm()->runtime()))); }), scope_(getWasm(base_wasm_handle)->scope_), cluster_manager_(getWasm(base_wasm_handle)->clusterManager()), dispatcher_(dispatcher), @@ -116,7 +116,7 @@ Wasm::Wasm(WasmHandleSharedPtr base_wasm_handle, Event::Dispatcher& dispatcher) ENVOY_LOG(debug, "Thread-Local Wasm created {} now active", active_wasms); } -void Wasm::error(absl::string_view message) { ENVOY_LOG(error, "Wasm VM failed {}", message); } +void Wasm::error(std::string_view message) { ENVOY_LOG(error, "Wasm VM failed {}", message); } void Wasm::setTimerPeriod(uint32_t context_id, std::chrono::milliseconds new_period) { auto& period = timer_period_[context_id]; @@ -187,7 +187,8 @@ Word resolve_dns(void* raw_context, Word dns_address_ptr, Word dns_address_size, root_context->onResolveDns(token, status, std::move(response)); }; if (!context->wasm()->dnsResolver()) { - context->wasm()->dnsResolver() = context->wasm()->dispatcher().createDnsResolver({}, false); + context->wasm()->dnsResolver() = context->wasm()->dispatcher().createDnsResolver( + {}, envoy::config::core::v3::DnsResolverOptions()); } context->wasm()->dnsResolver()->resolve(std::string(address.value()), Network::DnsLookupFamily::Auto, callback); @@ -387,8 +388,9 @@ bool createWasm(const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scop auto config = plugin->wasmConfig(); proxy_wasm::WasmHandleFactory proxy_wasm_factory = [&config, scope, &cluster_manager, &dispatcher, &lifecycle_notifier, - wasm_factory](absl::string_view vm_key) -> WasmHandleBaseSharedPtr { - return wasm_factory(config, scope, cluster_manager, dispatcher, lifecycle_notifier, vm_key); + wasm_factory](std::string_view vm_key) -> WasmHandleBaseSharedPtr { + return wasm_factory(config, scope, cluster_manager, dispatcher, lifecycle_notifier, + toAbslStringView(vm_key)); }; auto wasm = proxy_wasm::createWasm( vm_key, code, plugin, proxy_wasm_factory, diff --git a/source/extensions/common/wasm/wasm.h b/source/extensions/common/wasm/wasm.h index a02c1b4c627c..b696268ae5b7 100644 --- a/source/extensions/common/wasm/wasm.h +++ b/source/extensions/common/wasm/wasm.h @@ -14,17 +14,15 @@ #include "envoy/thread_local/thread_local_object.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/config/datasource.h" -#include "common/stats/symbol_table_impl.h" -#include "common/version/version.h" - -#include "extensions/common/wasm/context.h" -#include "extensions/common/wasm/plugin.h" -#include "extensions/common/wasm/wasm_extension.h" -#include "extensions/common/wasm/wasm_vm.h" -#include "extensions/common/wasm/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/config/datasource.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/version/version.h" +#include "source/extensions/common/wasm/context.h" +#include "source/extensions/common/wasm/plugin.h" +#include "source/extensions/common/wasm/wasm_extension.h" +#include "source/extensions/common/wasm/wasm_vm.h" #include "include/proxy-wasm/exports.h" #include "include/proxy-wasm/wasm.h" @@ -63,7 +61,7 @@ class Wasm : public WasmBase, Logger::Loggable { Network::DnsResolverSharedPtr& dnsResolver() { return dns_resolver_; } // WasmBase - void error(absl::string_view message) override; + void error(std::string_view message) override; proxy_wasm::CallOnThreadFunction callOnThreadFunction() override; ContextBase* createContext(const std::shared_ptr& plugin) override; ContextBase* createRootContext(const std::shared_ptr& plugin) override; diff --git a/source/extensions/common/wasm/wasm_extension.cc b/source/extensions/common/wasm/wasm_extension.cc index 44b3b0776cd4..376c7cd3cb59 100644 --- a/source/extensions/common/wasm/wasm_extension.cc +++ b/source/extensions/common/wasm/wasm_extension.cc @@ -1,8 +1,8 @@ -#include "extensions/common/wasm/wasm_extension.h" +#include "source/extensions/common/wasm/wasm_extension.h" -#include "extensions/common/wasm/context.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/common/wasm/wasm_vm.h" +#include "source/extensions/common/wasm/context.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm_vm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/wasm/wasm_extension.h b/source/extensions/common/wasm/wasm_extension.h index 706eb4f78c02..d365fec05246 100644 --- a/source/extensions/common/wasm/wasm_extension.h +++ b/source/extensions/common/wasm/wasm_extension.h @@ -7,11 +7,10 @@ #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/common/wasm/context.h" -#include "extensions/common/wasm/plugin.h" +#include "source/common/common/logger.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/common/wasm/context.h" +#include "source/extensions/common/wasm/plugin.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/common/wasm/wasm_vm.cc b/source/extensions/common/wasm/wasm_vm.cc index c8d3fb618e45..51e1e3af52ae 100644 --- a/source/extensions/common/wasm/wasm_vm.cc +++ b/source/extensions/common/wasm/wasm_vm.cc @@ -1,13 +1,12 @@ -#include "extensions/common/wasm/wasm_vm.h" +#include "source/extensions/common/wasm/wasm_vm.h" #include #include -#include "extensions/common/wasm/context.h" -#include "extensions/common/wasm/ext/envoy_null_vm_wasm_api.h" -#include "extensions/common/wasm/wasm_extension.h" -#include "extensions/common/wasm/wasm_runtime_factory.h" -#include "extensions/common/wasm/well_known_names.h" +#include "source/extensions/common/wasm/context.h" +#include "source/extensions/common/wasm/ext/envoy_null_vm_wasm_api.h" +#include "source/extensions/common/wasm/wasm_extension.h" +#include "source/extensions/common/wasm/wasm_runtime_factory.h" #include "include/proxy-wasm/null_plugin.h" @@ -36,10 +35,10 @@ proxy_wasm::LogLevel EnvoyWasmVmIntegration::getLogLevel() { } } -void EnvoyWasmVmIntegration::error(absl::string_view message) { ENVOY_LOG(error, message); } -void EnvoyWasmVmIntegration::trace(absl::string_view message) { ENVOY_LOG(trace, message); } +void EnvoyWasmVmIntegration::error(std::string_view message) { ENVOY_LOG(error, message); } +void EnvoyWasmVmIntegration::trace(std::string_view message) { ENVOY_LOG(trace, message); } -bool EnvoyWasmVmIntegration::getNullVmFunction(absl::string_view function_name, bool returns_word, +bool EnvoyWasmVmIntegration::getNullVmFunction(std::string_view function_name, bool returns_word, int number_of_arguments, proxy_wasm::NullPlugin* plugin, void* ptr_to_function_return) { diff --git a/source/extensions/common/wasm/wasm_vm.h b/source/extensions/common/wasm/wasm_vm.h index 668f8a60f36b..a4a6a1f1be03 100644 --- a/source/extensions/common/wasm/wasm_vm.h +++ b/source/extensions/common/wasm/wasm_vm.h @@ -6,7 +6,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/strings/str_cat.h" #include "include/proxy-wasm/wasm_vm.h" @@ -23,12 +23,11 @@ class EnvoyWasmVmIntegration : public proxy_wasm::WasmVmIntegration, public: // proxy_wasm::WasmVmIntegration proxy_wasm::WasmVmIntegration* clone() override { return new EnvoyWasmVmIntegration(); } - bool getNullVmFunction(absl::string_view function_name, bool returns_word, - int number_of_arguments, proxy_wasm::NullPlugin* plugin, - void* ptr_to_function_return) override; + bool getNullVmFunction(std::string_view function_name, bool returns_word, int number_of_arguments, + proxy_wasm::NullPlugin* plugin, void* ptr_to_function_return) override; proxy_wasm::LogLevel getLogLevel() override; - void error(absl::string_view message) override; - void trace(absl::string_view message) override; + void error(std::string_view message) override; + void trace(std::string_view message) override; }; // Exceptions for issues with the WebAssembly code. diff --git a/source/extensions/common/wasm/well_known_names.h b/source/extensions/common/wasm/well_known_names.h deleted file mode 100644 index 3904868bba88..000000000000 --- a/source/extensions/common/wasm/well_known_names.h +++ /dev/null @@ -1,37 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace Common { -namespace Wasm { - -/** - * Well-known wasm runtime names. - * NOTE: New wasm runtimes should use the well known name: envoy.wasm.runtime.name. - */ -class WasmRuntimeValues { -public: - // Wasmtime (https://github.com/bytecodealliance/wasmtime). - const std::string Wasmtime = "envoy.wasm.runtime.wasmtime"; - // WAVM (https://github.com/WAVM/WAVM) Wasm VM. - const std::string Wavm = "envoy.wasm.runtime.wavm"; - // Null sandbox: modules must be compiled into envoy and registered name is given in the - // DataSource.inline_string. - const std::string Null = "envoy.wasm.runtime.null"; - // V8-based (https://v8.dev) WebAssembly runtime. - const std::string V8 = "envoy.wasm.runtime.v8"; - - // Filter state name - const std::string FilterState = "envoy.wasm"; -}; - -using WasmRuntimeNames = ConstSingleton; - -} // namespace Wasm -} // namespace Common -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/compression/brotli/common/base.cc b/source/extensions/compression/brotli/common/base.cc index 12a9a944c8fd..fd364124962c 100644 --- a/source/extensions/compression/brotli/common/base.cc +++ b/source/extensions/compression/brotli/common/base.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/brotli/common/base.h" +#include "source/extensions/compression/brotli/common/base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/brotli/compressor/BUILD b/source/extensions/compression/brotli/compressor/BUILD index cee2e36945f5..c8e6e3a8a424 100644 --- a/source/extensions/compression/brotli/compressor/BUILD +++ b/source/extensions/compression/brotli/compressor/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( hdrs = ["brotli_compressor_impl.h"], external_deps = ["brotlienc"], deps = [ - "//include/envoy/compression/compressor:compressor_interface", + "//envoy/compression/compressor:compressor_interface", "//source/common/buffer:buffer_lib", "//source/extensions/compression/brotli/common:brotli_base_lib", ], @@ -25,8 +25,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.compression.compressor", - security_posture = "robust_to_untrusted_downstream", deps = [ ":compressor_lib", "//source/common/http:headers_lib", diff --git a/source/extensions/compression/brotli/compressor/brotli_compressor_impl.cc b/source/extensions/compression/brotli/compressor/brotli_compressor_impl.cc index 4b4366fbe3af..94b389cbefb6 100644 --- a/source/extensions/compression/brotli/compressor/brotli_compressor_impl.cc +++ b/source/extensions/compression/brotli/compressor/brotli_compressor_impl.cc @@ -1,6 +1,6 @@ -#include "extensions/compression/brotli/compressor/brotli_compressor_impl.h" +#include "source/extensions/compression/brotli/compressor/brotli_compressor_impl.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/brotli/compressor/brotli_compressor_impl.h b/source/extensions/compression/brotli/compressor/brotli_compressor_impl.h index ff153e81b6ad..a30603865261 100644 --- a/source/extensions/compression/brotli/compressor/brotli_compressor_impl.h +++ b/source/extensions/compression/brotli/compressor/brotli_compressor_impl.h @@ -2,7 +2,7 @@ #include "envoy/compression/compressor/compressor.h" -#include "extensions/compression/brotli/common/base.h" +#include "source/extensions/compression/brotli/common/base.h" #include "brotli/encode.h" diff --git a/source/extensions/compression/brotli/compressor/config.cc b/source/extensions/compression/brotli/compressor/config.cc index 4ca5f639f1a0..0f5559aa5c6f 100644 --- a/source/extensions/compression/brotli/compressor/config.cc +++ b/source/extensions/compression/brotli/compressor/config.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/brotli/compressor/config.h" +#include "source/extensions/compression/brotli/compressor/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/brotli/compressor/config.h b/source/extensions/compression/brotli/compressor/config.h index 704667642133..9cd3d8bc869e 100644 --- a/source/extensions/compression/brotli/compressor/config.h +++ b/source/extensions/compression/brotli/compressor/config.h @@ -4,10 +4,9 @@ #include "envoy/extensions/compression/brotli/compressor/v3/brotli.pb.h" #include "envoy/extensions/compression/brotli/compressor/v3/brotli.pb.validate.h" -#include "common/http/headers.h" - -#include "extensions/compression/brotli/compressor/brotli_compressor_impl.h" -#include "extensions/compression/common/compressor/factory_base.h" +#include "source/common/http/headers.h" +#include "source/extensions/compression/brotli/compressor/brotli_compressor_impl.h" +#include "source/extensions/compression/common/compressor/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/brotli/decompressor/BUILD b/source/extensions/compression/brotli/decompressor/BUILD index 3667300a8392..252eb0e072ac 100644 --- a/source/extensions/compression/brotli/decompressor/BUILD +++ b/source/extensions/compression/brotli/decompressor/BUILD @@ -15,9 +15,9 @@ envoy_cc_library( hdrs = ["brotli_decompressor_impl.h"], external_deps = ["brotlidec"], deps = [ - "//include/envoy/compression/decompressor:decompressor_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/compression/decompressor:decompressor_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/extensions/compression/brotli/common:brotli_base_lib", ], @@ -27,8 +27,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.compression.decompressor", - security_posture = "robust_to_untrusted_downstream", deps = [ ":decompressor_lib", "//source/common/http:headers_lib", diff --git a/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.cc b/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.cc index 634c832b8033..adc2dbb9c731 100644 --- a/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.cc +++ b/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" +#include "source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" #include diff --git a/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h b/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h index 26472903410f..f55f6a7c545a 100644 --- a/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h +++ b/source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h @@ -4,7 +4,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "extensions/compression/brotli/common/base.h" +#include "source/extensions/compression/brotli/common/base.h" #include "brotli/decode.h" diff --git a/source/extensions/compression/brotli/decompressor/config.cc b/source/extensions/compression/brotli/decompressor/config.cc index 63ae34cd2f99..f8b21e1a7a10 100644 --- a/source/extensions/compression/brotli/decompressor/config.cc +++ b/source/extensions/compression/brotli/decompressor/config.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/brotli/decompressor/config.h" +#include "source/extensions/compression/brotli/decompressor/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/brotli/decompressor/config.h b/source/extensions/compression/brotli/decompressor/config.h index 111e9b5ebe77..632a11d91cde 100644 --- a/source/extensions/compression/brotli/decompressor/config.h +++ b/source/extensions/compression/brotli/decompressor/config.h @@ -4,10 +4,9 @@ #include "envoy/extensions/compression/brotli/decompressor/v3/brotli.pb.h" #include "envoy/extensions/compression/brotli/decompressor/v3/brotli.pb.validate.h" -#include "common/http/headers.h" - -#include "extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" -#include "extensions/compression/common/decompressor/factory_base.h" +#include "source/common/http/headers.h" +#include "source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" +#include "source/extensions/compression/common/decompressor/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/common/compressor/BUILD b/source/extensions/compression/common/compressor/BUILD index db3d5c88ae16..3756d2ae341f 100644 --- a/source/extensions/compression/common/compressor/BUILD +++ b/source/extensions/compression/common/compressor/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "compressor_factory_base_lib", hdrs = ["factory_base.h"], deps = [ - "//include/envoy/compression/compressor:compressor_config_interface", - "//include/envoy/compression/compressor:compressor_factory_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/compression/compressor:compressor_config_interface", + "//envoy/compression/compressor:compressor_factory_interface", + "//envoy/server:filter_config_interface", ], ) diff --git a/source/extensions/compression/common/decompressor/BUILD b/source/extensions/compression/common/decompressor/BUILD index 0d69c90a8acd..da1d737174d4 100644 --- a/source/extensions/compression/common/decompressor/BUILD +++ b/source/extensions/compression/common/decompressor/BUILD @@ -12,6 +12,6 @@ envoy_cc_library( name = "decompressor_factory_base_lib", hdrs = ["factory_base.h"], deps = [ - "//include/envoy/compression/decompressor:decompressor_config_interface", + "//envoy/compression/decompressor:decompressor_config_interface", ], ) diff --git a/source/extensions/compression/gzip/common/base.cc b/source/extensions/compression/gzip/common/base.cc index b3843c1aec1f..0e956c182606 100644 --- a/source/extensions/compression/gzip/common/base.cc +++ b/source/extensions/compression/gzip/common/base.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/gzip/common/base.h" +#include "source/extensions/compression/gzip/common/base.h" namespace Envoy { namespace Zlib { diff --git a/source/extensions/compression/gzip/compressor/BUILD b/source/extensions/compression/gzip/compressor/BUILD index 39a7e7c6e9d7..c138afe6ac74 100644 --- a/source/extensions/compression/gzip/compressor/BUILD +++ b/source/extensions/compression/gzip/compressor/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( hdrs = ["zlib_compressor_impl.h"], external_deps = ["zlib"], deps = [ - "//include/envoy/compression/compressor:compressor_interface", + "//envoy/compression/compressor:compressor_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/extensions/compression/gzip/common:zlib_base_lib", @@ -26,13 +26,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.compression.compressor", - security_posture = "robust_to_untrusted_downstream", deps = [ ":compressor_lib", "//source/common/http:headers_lib", "//source/extensions/compression/common/compressor:compressor_factory_base_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/compression/gzip/compressor/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/compression/gzip/compressor/config.cc b/source/extensions/compression/gzip/compressor/config.cc index 0971a9a90586..4b4b07251709 100644 --- a/source/extensions/compression/gzip/compressor/config.cc +++ b/source/extensions/compression/gzip/compressor/config.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/gzip/compressor/config.h" +#include "source/extensions/compression/gzip/compressor/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/gzip/compressor/config.h b/source/extensions/compression/gzip/compressor/config.h index 2fcee31020b3..5e6a42c28171 100644 --- a/source/extensions/compression/gzip/compressor/config.h +++ b/source/extensions/compression/gzip/compressor/config.h @@ -4,11 +4,9 @@ #include "envoy/extensions/compression/gzip/compressor/v3/gzip.pb.h" #include "envoy/extensions/compression/gzip/compressor/v3/gzip.pb.validate.h" -#include "common/http/headers.h" - -#include "extensions/compression/common/compressor/factory_base.h" -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/headers.h" +#include "source/extensions/compression/common/compressor/factory_base.h" +#include "source/extensions/compression/gzip/compressor/zlib_compressor_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/gzip/compressor/zlib_compressor_impl.cc b/source/extensions/compression/gzip/compressor/zlib_compressor_impl.cc index 432c36e97015..9cde79fadacf 100644 --- a/source/extensions/compression/gzip/compressor/zlib_compressor_impl.cc +++ b/source/extensions/compression/gzip/compressor/zlib_compressor_impl.cc @@ -1,10 +1,10 @@ -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" +#include "source/extensions/compression/gzip/compressor/zlib_compressor_impl.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/compression/gzip/compressor/zlib_compressor_impl.h b/source/extensions/compression/gzip/compressor/zlib_compressor_impl.h index deddf3aac37a..0bb86a46ec91 100644 --- a/source/extensions/compression/gzip/compressor/zlib_compressor_impl.h +++ b/source/extensions/compression/gzip/compressor/zlib_compressor_impl.h @@ -2,7 +2,7 @@ #include "envoy/compression/compressor/compressor.h" -#include "extensions/compression/gzip/common/base.h" +#include "source/extensions/compression/gzip/common/base.h" #include "zlib.h" diff --git a/source/extensions/compression/gzip/decompressor/BUILD b/source/extensions/compression/gzip/decompressor/BUILD index 0a1d8766031b..13939fdcbf2c 100644 --- a/source/extensions/compression/gzip/decompressor/BUILD +++ b/source/extensions/compression/gzip/decompressor/BUILD @@ -15,9 +15,9 @@ envoy_cc_library( hdrs = ["zlib_decompressor_impl.h"], external_deps = ["zlib"], deps = [ - "//include/envoy/compression/decompressor:decompressor_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/compression/decompressor:decompressor_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -29,8 +29,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.compression.decompressor", - security_posture = "robust_to_untrusted_downstream", deps = [ ":zlib_decompressor_impl_lib", "//source/common/http:headers_lib", diff --git a/source/extensions/compression/gzip/decompressor/config.cc b/source/extensions/compression/gzip/decompressor/config.cc index 66ea8d0a6494..d7b5dbbff076 100644 --- a/source/extensions/compression/gzip/decompressor/config.cc +++ b/source/extensions/compression/gzip/decompressor/config.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/gzip/decompressor/config.h" +#include "source/extensions/compression/gzip/decompressor/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/gzip/decompressor/config.h b/source/extensions/compression/gzip/decompressor/config.h index 34c9ca11bf57..4394ae66a1cd 100644 --- a/source/extensions/compression/gzip/decompressor/config.h +++ b/source/extensions/compression/gzip/decompressor/config.h @@ -4,10 +4,9 @@ #include "envoy/extensions/compression/gzip/decompressor/v3/gzip.pb.h" #include "envoy/extensions/compression/gzip/decompressor/v3/gzip.pb.validate.h" -#include "common/http/headers.h" - -#include "extensions/compression/common/decompressor/factory_base.h" -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" +#include "source/common/http/headers.h" +#include "source/extensions/compression/common/decompressor/factory_base.h" +#include "source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.cc b/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.cc index 9066af8f0426..966730c23880 100644 --- a/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.cc +++ b/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" +#include "source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" #include @@ -6,7 +6,7 @@ #include "envoy/common/exception.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h b/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h index ec20b8c8dbca..78bfb1147b38 100644 --- a/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h +++ b/source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h @@ -4,9 +4,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/compression/gzip/common/base.h" +#include "source/common/common/logger.h" +#include "source/extensions/compression/gzip/common/base.h" #include "zlib.h" diff --git a/source/extensions/extensions_build_config.bzl b/source/extensions/extensions_build_config.bzl index ee8ab2a61b71..bfe74f721c12 100644 --- a/source/extensions/extensions_build_config.bzl +++ b/source/extensions/extensions_build_config.bzl @@ -65,8 +65,10 @@ EXTENSIONS = { "envoy.filters.http.adaptive_concurrency": "//source/extensions/filters/http/adaptive_concurrency:config", "envoy.filters.http.admission_control": "//source/extensions/filters/http/admission_control:config", + "envoy.filters.http.alternate_protocols_cache": "//source/extensions/filters/http/alternate_protocols_cache:config", "envoy.filters.http.aws_lambda": "//source/extensions/filters/http/aws_lambda:config", "envoy.filters.http.aws_request_signing": "//source/extensions/filters/http/aws_request_signing:config", + "envoy.filters.http.bandwidth_limit": "//source/extensions/filters/http/bandwidth_limit:config", "envoy.filters.http.buffer": "//source/extensions/filters/http/buffer:config", "envoy.filters.http.cache": "//source/extensions/filters/http/cache:config", "envoy.filters.http.cdn_loop": "//source/extensions/filters/http/cdn_loop:config", @@ -85,7 +87,6 @@ EXTENSIONS = { "envoy.filters.http.grpc_json_transcoder": "//source/extensions/filters/http/grpc_json_transcoder:config", "envoy.filters.http.grpc_stats": "//source/extensions/filters/http/grpc_stats:config", "envoy.filters.http.grpc_web": "//source/extensions/filters/http/grpc_web:config", - "envoy.filters.http.gzip": "//source/extensions/filters/http/gzip:config", "envoy.filters.http.header_to_metadata": "//source/extensions/filters/http/header_to_metadata:config", "envoy.filters.http.health_check": "//source/extensions/filters/http/health_check:config", "envoy.filters.http.ip_tagging": "//source/extensions/filters/http/ip_tagging:config", @@ -100,6 +101,7 @@ EXTENSIONS = { "envoy.filters.http.ratelimit": "//source/extensions/filters/http/ratelimit:config", "envoy.filters.http.rbac": "//source/extensions/filters/http/rbac:config", "envoy.filters.http.router": "//source/extensions/filters/http/router:config", + "envoy.filters.http.set_metadata": "//source/extensions/filters/http/set_metadata:config", "envoy.filters.http.squash": "//source/extensions/filters/http/squash:config", "envoy.filters.http.tap": "//source/extensions/filters/http/tap:config", "envoy.filters.http.wasm": "//source/extensions/filters/http/wasm:config", @@ -123,6 +125,7 @@ EXTENSIONS = { # "envoy.filters.network.client_ssl_auth": "//source/extensions/filters/network/client_ssl_auth:config", + "envoy.filters.network.connection_limit": "//source/extensions/filters/network/connection_limit:config", "envoy.filters.network.direct_response": "//source/extensions/filters/network/direct_response:config", "envoy.filters.network.dubbo_proxy": "//source/extensions/filters/network/dubbo_proxy:config", "envoy.filters.network.echo": "//source/extensions/filters/network/echo:config", @@ -163,6 +166,7 @@ EXTENSIONS = { # "envoy.stat_sinks.dog_statsd": "//source/extensions/stat_sinks/dog_statsd:config", + "envoy.stat_sinks.graphite_statsd": "//source/extensions/stat_sinks/graphite_statsd:config", "envoy.stat_sinks.hystrix": "//source/extensions/stat_sinks/hystrix:config", "envoy.stat_sinks.metrics_service": "//source/extensions/stat_sinks/metrics_service:config", "envoy.stat_sinks.statsd": "//source/extensions/stat_sinks/statsd:config", @@ -243,6 +247,7 @@ EXTENSIONS = { "envoy.wasm.runtime.null": "//source/extensions/wasm_runtime/null:config", "envoy.wasm.runtime.v8": "//source/extensions/wasm_runtime/v8:config", + "envoy.wasm.runtime.wamr": "//source/extensions/wasm_runtime/wamr:config", "envoy.wasm.runtime.wavm": "//source/extensions/wasm_runtime/wavm:config", "envoy.wasm.runtime.wasmtime": "//source/extensions/wasm_runtime/wasmtime:config", @@ -277,6 +282,18 @@ EXTENSIONS = { "envoy.http.original_ip_detection.custom_header": "//source/extensions/http/original_ip_detection/custom_header:config", "envoy.http.original_ip_detection.xff": "//source/extensions/http/original_ip_detection/xff:config", + # + # Quic extensions + # + + "envoy.quic.crypto_stream.server.quiche": "//source/extensions/quic/crypto_stream:envoy_quic_default_crypto_server_stream", + "envoy.quic.proof_source.filter_chain": "//source/extensions/quic/proof_source:envoy_quic_default_proof_source", + + # + # Formatter + # + + "envoy.formatter.req_without_query": "//source/extensions/formatter/req_without_query:config", } # These can be changed to ["//visibility:public"], for downstream builds which diff --git a/source/extensions/extensions_metadata.yaml b/source/extensions/extensions_metadata.yaml new file mode 100644 index 000000000000..261b50d1d3c9 --- /dev/null +++ b/source/extensions/extensions_metadata.yaml @@ -0,0 +1,711 @@ +envoy.access_loggers.file: + categories: + - envoy.access_loggers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.access_loggers.http_grpc: + categories: + - envoy.access_loggers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.access_loggers.open_telemetry: + categories: + - envoy.access_loggers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.access_loggers.stream: + categories: + - envoy.access_loggers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.access_loggers.tcp_grpc: + categories: + - envoy.access_loggers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.access_loggers.wasm: + categories: + - envoy.access_loggers + security_posture: unknown + status: alpha +envoy.bootstrap.wasm: + categories: + - envoy.bootstrap + security_posture: unknown + status: alpha +envoy.cache.simple_http_cache: + categories: + - envoy.filters.http.cache + security_posture: robust_to_untrusted_downstream_and_upstream + status: wip +envoy.clusters.aggregate: + categories: + - envoy.clusters + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.clusters.dynamic_forward_proxy: + categories: + - envoy.clusters + security_posture: robust_to_untrusted_downstream + status: stable +envoy.clusters.redis: + categories: + - envoy.clusters + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.compression.brotli.compressor: + categories: + - envoy.compression.compressor + security_posture: robust_to_untrusted_downstream + status: stable +envoy.compression.brotli.decompressor: + categories: + - envoy.compression.decompressor + security_posture: robust_to_untrusted_downstream + status: stable +envoy.compression.gzip.compressor: + categories: + - envoy.compression.compressor + security_posture: robust_to_untrusted_downstream + status: stable +envoy.compression.gzip.decompressor: + categories: + - envoy.compression.decompressor + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.adaptive_concurrency: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.admission_control: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.alternate_protocols_cache: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.aws_lambda: + categories: + - envoy.filters.http + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.http.aws_request_signing: + categories: + - envoy.filters.http + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.http.bandwidth_limit: + categories: + - envoy.filters.http + security_posture: unknown + status: stable +envoy.filters.http.buffer: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.cache: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream_and_upstream + status: wip +envoy.filters.http.cdn_loop: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.composite: + categories: + - envoy.filters.http + security_posture: unknown + status: stable +envoy.filters.http.compressor: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.cors: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.csrf: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.decompressor: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.filters.http.dynamic_forward_proxy: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.dynamo: + categories: + - envoy.filters.http + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.http.ext_authz: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.ext_proc: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.fault: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.grpc_http1_bridge: + categories: + - envoy.filters.http + security_posture: unknown + status: stable +envoy.filters.http.grpc_http1_reverse_bridge: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.grpc_json_transcoder: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.grpc_stats: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.http.grpc_web: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.header_to_metadata: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.health_check: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.ip_tagging: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.jwt_authn: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.filters.http.kill_request: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.local_ratelimit: + categories: + - envoy.filters.http + security_posture: unknown + status: stable +envoy.filters.http.lua: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.oauth2: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.filters.http.on_demand: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.original_src: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.filters.http.ratelimit: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.rbac: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.router: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.http.set_metadata: + categories: + - envoy.filters.http + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.filters.http.squash: + categories: + - envoy.filters.http + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.http.tap: + categories: + - envoy.filters.http + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.http.wasm: + categories: + - envoy.filters.http + security_posture: unknown + status: alpha +envoy.filters.listener.http_inspector: + categories: + - envoy.filters.listener + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.listener.original_dst: + categories: + - envoy.filters.listener + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.listener.original_src: + categories: + - envoy.filters.listener + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.filters.listener.proxy_protocol: + categories: + - envoy.filters.listener + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.listener.tls_inspector: + categories: + - envoy.filters.listener + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.client_ssl_auth: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.connection_limit: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.filters.network.direct_response: + categories: + - envoy.filters.network + security_posture: unknown + status: stable +envoy.filters.network.dubbo_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.network.echo: + categories: + - envoy.filters.network + security_posture: unknown + status: stable +envoy.filters.network.ext_authz: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.http_connection_manager: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.kafka_broker: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: wip +envoy.filters.network.local_ratelimit: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.mongo_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.network.mysql_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.network.postgres_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.network.ratelimit: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.rbac: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.redis_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.network.rocketmq_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.network.sni_cluster: + categories: + - envoy.filters.network + security_posture: unknown + status: stable +envoy.filters.network.sni_dynamic_forward_proxy: + categories: + - envoy.filters.network + security_posture: unknown + status: alpha +envoy.filters.network.tcp_proxy: + categories: + - envoy.filters.network + security_posture: robust_to_untrusted_downstream + status: stable +envoy.filters.network.thrift_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.network.wasm: + categories: + - envoy.filters.network + security_posture: unknown + status: alpha +envoy.filters.network.zookeeper_proxy: + categories: + - envoy.filters.network + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.thrift.ratelimit: + categories: + - envoy.thrift_proxy.filters + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.filters.thrift.router: + categories: + - envoy.thrift_proxy.filters + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.filters.udp_listener.dns_filter: + categories: + - envoy.filters.udp_listener + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.filters.udp_listener.udp_proxy: + categories: + - envoy.filters.udp_listener + security_posture: robust_to_untrusted_downstream + status: stable +envoy.formatter.req_without_query: + categories: + - envoy.formatter + security_posture: robust_to_untrusted_downstream_and_upstream + status: alpha +envoy.grpc_credentials.aws_iam: + categories: + - envoy.grpc_credentials + security_posture: data_plane_agnostic + status: alpha +envoy.grpc_credentials.file_based_metadata: + categories: + - envoy.grpc_credentials + security_posture: data_plane_agnostic + status: alpha +envoy.health_checkers.redis: + categories: + - envoy.health_checkers + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.http.original_ip_detection.custom_header: + categories: + - envoy.http.original_ip_detection + security_posture: robust_to_untrusted_downstream + status: stable +envoy.http.original_ip_detection.xff: + categories: + - envoy.http.original_ip_detection + security_posture: robust_to_untrusted_downstream + status: stable +envoy.http.stateful_header_formatters.preserve_case: + categories: + - envoy.http.stateful_header_formatters + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.internal_redirect_predicates.allow_listed_routes: + categories: + - envoy.internal_redirect_predicates + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.internal_redirect_predicates.previous_routes: + categories: + - envoy.internal_redirect_predicates + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.internal_redirect_predicates.safe_cross_scheme: + categories: + - envoy.internal_redirect_predicates + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.io_socket.user_space: + categories: + - envoy.io_socket + security_posture: unknown + status: wip + undocumented: true +envoy.matching.common_inputs.environment_variable: + categories: + - envoy.matching.common_inputs + security_posture: robust_to_untrusted_downstream + status: stable +envoy.matching.input_matchers.consistent_hashing: + categories: + - envoy.matching.input_matchers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.quic.proof_source.filter_chain: + categories: + - envoy.quic.proof_source + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.quic.crypto_stream.server.quiche: + categories: + - envoy.quic.server.crypto_stream + security_posture: robust_to_untrusted_downstream + status: alpha +envoy.rate_limit_descriptors.expr: + categories: + - envoy.rate_limit_descriptors + security_posture: unknown + status: stable +envoy.request_id.uuid: + categories: + - envoy.request_id + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.resource_monitors.fixed_heap: + categories: + - envoy.resource_monitors + security_posture: data_plane_agnostic + status: alpha +envoy.resource_monitors.injected_resource: + categories: + - envoy.resource_monitors + security_posture: data_plane_agnostic + status: alpha +envoy.retry_host_predicates.omit_canary_hosts: + categories: + - envoy.retry_host_predicates + security_posture: robust_to_untrusted_downstream + status: stable +envoy.retry_host_predicates.omit_host_metadata: + categories: + - envoy.retry_host_predicates + security_posture: robust_to_untrusted_downstream + status: stable +envoy.retry_host_predicates.previous_hosts: + categories: + - envoy.retry_host_predicates + security_posture: robust_to_untrusted_downstream + status: stable +envoy.retry_priorities.previous_priorities: + categories: + - envoy.retry_priorities + security_posture: robust_to_untrusted_downstream + status: stable +envoy.stat_sinks.dog_statsd: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: stable +envoy.stat_sinks.graphite_statsd: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: alpha +envoy.stat_sinks.hystrix: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: stable +envoy.stat_sinks.metrics_service: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: stable +envoy.stat_sinks.statsd: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: stable +envoy.stat_sinks.wasm: + categories: + - envoy.stats_sinks + security_posture: data_plane_agnostic + status: alpha +envoy.tls.cert_validator.spiffe: + categories: + - envoy.tls.cert_validator + security_posture: unknown + status: wip +envoy.tracers.datadog: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.tracers.dynamic_ot: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.tracers.lightstep: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.tracers.opencensus: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.tracers.skywalking: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: wip +envoy.tracers.xray: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.tracers.zipkin: + categories: + - envoy.tracers + security_posture: robust_to_untrusted_downstream + status: stable +envoy.transport_sockets.alts: + categories: + - envoy.transport_sockets.downstream + - envoy.transport_sockets.upstream + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.transport_sockets.raw_buffer: + categories: + - envoy.transport_sockets.downstream + - envoy.transport_sockets.upstream + security_posture: requires_trusted_downstream_and_upstream + status: stable +envoy.transport_sockets.starttls: + categories: + - envoy.transport_sockets.downstream + - envoy.transport_sockets.upstream + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.transport_sockets.tap: + categories: + - envoy.transport_sockets.downstream + - envoy.transport_sockets.upstream + security_posture: requires_trusted_downstream_and_upstream + status: alpha +envoy.transport_sockets.tls: + categories: + - envoy.transport_sockets.downstream + - envoy.transport_sockets.upstream + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.transport_sockets.upstream_proxy_protocol: + categories: + - envoy.transport_sockets.upstream + security_posture: robust_to_untrusted_downstream_and_upstream + status: stable +envoy.upstreams.http.generic: + categories: + - envoy.upstreams + security_posture: robust_to_untrusted_downstream + status: stable +envoy.upstreams.http.http: + categories: + - envoy.upstreams + security_posture: robust_to_untrusted_downstream + status: stable +envoy.upstreams.http.http_protocol_options: + categories: + - envoy.upstreams + security_posture: robust_to_untrusted_downstream + status: stable +envoy.upstreams.http.tcp: + categories: + - envoy.upstreams + security_posture: robust_to_untrusted_downstream + status: stable +envoy.upstreams.tcp.generic: + categories: + - envoy.upstreams + security_posture: robust_to_untrusted_downstream + status: stable +envoy.wasm.runtime.null: + categories: + - envoy.wasm.runtime + security_posture: unknown + status: alpha +envoy.wasm.runtime.v8: + categories: + - envoy.wasm.runtime + security_posture: unknown + status: alpha +envoy.wasm.runtime.wamr: + categories: + - envoy.wasm.runtime + security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes". + status: alpha +envoy.wasm.runtime.wasmtime: + categories: + - envoy.wasm.runtime + security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes". + status: alpha +envoy.wasm.runtime.wavm: + categories: + - envoy.wasm.runtime + security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes". + status: alpha +envoy.watchdog.profile_action: + categories: + - envoy.guarddog_actions + security_posture: data_plane_agnostic + status: alpha diff --git a/source/extensions/filters/common/expr/BUILD b/source/extensions/filters/common/expr/BUILD index 70fe78aad022..dc146b13b9a6 100644 --- a/source/extensions/filters/common/expr/BUILD +++ b/source/extensions/filters/common/expr/BUILD @@ -50,7 +50,7 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/protobuf", "//source/common/singleton:const_singleton", "@com_github_google_flatbuffers//:flatbuffers", diff --git a/source/extensions/filters/common/expr/cel_state.cc b/source/extensions/filters/common/expr/cel_state.cc index 72774378162f..7a25144b80ed 100644 --- a/source/extensions/filters/common/expr/cel_state.cc +++ b/source/extensions/filters/common/expr/cel_state.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/expr/cel_state.h" +#include "source/extensions/filters/common/expr/cel_state.h" #include "eval/public/structs/cel_proto_wrapper.h" #include "flatbuffers/reflection.h" diff --git a/source/extensions/filters/common/expr/cel_state.h b/source/extensions/filters/common/expr/cel_state.h index 703a271a0860..6c4659dcc53b 100644 --- a/source/extensions/filters/common/expr/cel_state.h +++ b/source/extensions/filters/common/expr/cel_state.h @@ -4,8 +4,8 @@ #include "envoy/stream_info/filter_state.h" -#include "common/protobuf/protobuf.h" -#include "common/singleton/const_singleton.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/singleton/const_singleton.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/common/expr/context.cc b/source/extensions/filters/common/expr/context.cc index a0d6213ec4bb..66603460003c 100644 --- a/source/extensions/filters/common/expr/context.cc +++ b/source/extensions/filters/common/expr/context.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/common/expr/context.h" +#include "source/extensions/filters/common/expr/context.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" - -#include "extensions/filters/common/expr/cel_state.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/common/expr/cel_state.h" #include "absl/strings/numbers.h" #include "absl/time/time.h" diff --git a/source/extensions/filters/common/expr/context.h b/source/extensions/filters/common/expr/context.h index ad6fcb972160..2f3f2539c98c 100644 --- a/source/extensions/filters/common/expr/context.h +++ b/source/extensions/filters/common/expr/context.h @@ -3,9 +3,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/stream_info/stream_info.h" -#include "common/grpc/status.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" +#include "source/common/grpc/status.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" #include "eval/public/cel_value.h" #include "eval/public/cel_value_producer.h" diff --git a/source/extensions/filters/common/expr/evaluator.cc b/source/extensions/filters/common/expr/evaluator.cc index 4a7ed3c9fc4c..3c5e04dd5955 100644 --- a/source/extensions/filters/common/expr/evaluator.cc +++ b/source/extensions/filters/common/expr/evaluator.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/expr/evaluator.h" +#include "source/extensions/filters/common/expr/evaluator.h" #include "envoy/common/exception.h" diff --git a/source/extensions/filters/common/expr/evaluator.h b/source/extensions/filters/common/expr/evaluator.h index 32ee98572f35..2e00d620f9e8 100644 --- a/source/extensions/filters/common/expr/evaluator.h +++ b/source/extensions/filters/common/expr/evaluator.h @@ -2,10 +2,9 @@ #include "envoy/stream_info/stream_info.h" -#include "common/http/headers.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/common/expr/context.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/common/expr/context.h" #include "eval/public/cel_expression.h" #include "eval/public/cel_value.h" diff --git a/source/extensions/filters/common/ext_authz/BUILD b/source/extensions/filters/common/ext_authz/BUILD index fdd81e0081d8..fe5d536b437f 100644 --- a/source/extensions/filters/common/ext_authz/BUILD +++ b/source/extensions/filters/common/ext_authz/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "ext_authz_interface", hdrs = ["ext_authz.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/http:codes_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/http:headers_lib", "//source/common/tracing:http_tracer_lib", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", @@ -27,15 +27,15 @@ envoy_cc_library( deps = [ ":check_request_utils_lib", ":ext_authz_interface", - "//include/envoy/grpc:async_client_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:protocol_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/http:protocol_interface", + "//envoy/network:address_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "//source/common/grpc:typed_async_client_lib", @@ -57,7 +57,7 @@ envoy_cc_library( deps = [ ":check_request_utils_lib", ":ext_authz_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:matchers_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:async_client_lib", @@ -76,10 +76,10 @@ envoy_cc_library( hdrs = ["check_request_utils.h"], deps = [ ":ext_authz_interface", - "//include/envoy/grpc:async_client_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/auth/v3:pkg_cc_proto", diff --git a/source/extensions/filters/common/ext_authz/check_request_utils.cc b/source/extensions/filters/common/ext_authz/check_request_utils.cc index e77dd8e0b32b..f389dea8201d 100644 --- a/source/extensions/filters/common/ext_authz/check_request_utils.cc +++ b/source/extensions/filters/common/ext_authz/check_request_utils.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/ext_authz/check_request_utils.h" +#include "source/extensions/filters/common/ext_authz/check_request_utils.h" #include #include @@ -10,18 +10,17 @@ #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/ssl/connection.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/grpc/async_client_impl.h" -#include "common/http/codes.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/common/ext_authz/ext_authz.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/http/codes.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" #include "absl/strings/str_cat.h" diff --git a/source/extensions/filters/common/ext_authz/check_request_utils.h b/source/extensions/filters/common/ext_authz/check_request_utils.h index f0272d674166..cb47e4e05737 100644 --- a/source/extensions/filters/common/ext_authz/check_request_utils.h +++ b/source/extensions/filters/common/ext_authz/check_request_utils.h @@ -19,8 +19,8 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/async_client_impl.h" -#include "common/singleton/const_singleton.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ext_authz/ext_authz.h b/source/extensions/filters/common/ext_authz/ext_authz.h index 0d89e5803161..3d06846ed112 100644 --- a/source/extensions/filters/common/ext_authz/ext_authz.h +++ b/source/extensions/filters/common/ext_authz/ext_authz.h @@ -11,8 +11,8 @@ #include "envoy/stream_info/stream_info.h" #include "envoy/tracing/http_tracer.h" -#include "common/http/headers.h" -#include "common/singleton/const_singleton.h" +#include "source/common/http/headers.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.cc b/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.cc index ee6027ca0ad9..2902b954ff22 100644 --- a/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.cc +++ b/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.cc @@ -1,14 +1,14 @@ -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" -#include "common/common/assert.h" -#include "common/grpc/async_client_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h b/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h index e9e7edfb4635..4dc841eedd7a 100644 --- a/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h +++ b/source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h @@ -20,10 +20,9 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" -#include "common/grpc/typed_async_client.h" - -#include "extensions/filters/common/ext_authz/check_request_utils.h" -#include "extensions/filters/common/ext_authz/ext_authz.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/extensions/filters/common/ext_authz/check_request_utils.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ext_authz/ext_authz_http_impl.cc b/source/extensions/filters/common/ext_authz/ext_authz_http_impl.cc index 11da8bc4f7dd..f80b3022080a 100644 --- a/source/extensions/filters/common/ext_authz/ext_authz_http_impl.cc +++ b/source/extensions/filters/common/ext_authz/ext_authz_http_impl.cc @@ -1,16 +1,16 @@ -#include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_http_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/matchers.h" -#include "common/http/async_client_impl.h" -#include "common/http/codes.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/matchers.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/http/codes.h" +#include "source/common/runtime/runtime_features.h" #include "absl/strings/str_cat.h" diff --git a/source/extensions/filters/common/ext_authz/ext_authz_http_impl.h b/source/extensions/filters/common/ext_authz/ext_authz_http_impl.h index f2e6e5726973..ab13c2b494fa 100644 --- a/source/extensions/filters/common/ext_authz/ext_authz_http_impl.h +++ b/source/extensions/filters/common/ext_authz/ext_authz_http_impl.h @@ -7,11 +7,10 @@ #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/router/header_parser.h" - -#include "extensions/filters/common/ext_authz/ext_authz.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/router/header_parser.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/fault/BUILD b/source/extensions/filters/common/fault/BUILD index bf05af548e01..a8a2e84e58e8 100644 --- a/source/extensions/filters/common/fault/BUILD +++ b/source/extensions/filters/common/fault/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( srcs = ["fault_config.cc"], hdrs = ["fault_config.h"], deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/http:codes_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", diff --git a/source/extensions/filters/common/fault/fault_config.cc b/source/extensions/filters/common/fault/fault_config.cc index db7f6028152c..2f263e9f9346 100644 --- a/source/extensions/filters/common/fault/fault_config.cc +++ b/source/extensions/filters/common/fault/fault_config.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/common/fault/fault_config.h" +#include "source/extensions/filters/common/fault/fault_config.h" #include "envoy/extensions/filters/common/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/fault/fault_config.h b/source/extensions/filters/common/fault/fault_config.h index eca8c7918aee..486b7ac0d8fd 100644 --- a/source/extensions/filters/common/fault/fault_config.h +++ b/source/extensions/filters/common/fault/fault_config.h @@ -6,9 +6,9 @@ #include "envoy/http/header_map.h" #include "envoy/type/v3/percent.pb.h" -#include "common/http/codes.h" -#include "common/http/headers.h" -#include "common/singleton/const_singleton.h" +#include "source/common/http/codes.h" +#include "source/common/http/headers.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/local_ratelimit/BUILD b/source/extensions/filters/common/local_ratelimit/BUILD index 0234c335c3e6..2e6af5b6dacc 100644 --- a/source/extensions/filters/common/local_ratelimit/BUILD +++ b/source/extensions/filters/common/local_ratelimit/BUILD @@ -13,9 +13,9 @@ envoy_cc_library( srcs = ["local_ratelimit_impl.cc"], hdrs = ["local_ratelimit_impl.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/ratelimit:ratelimit_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/ratelimit:ratelimit_interface", "//source/common/common:thread_synchronizer_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/common/ratelimit/v3:pkg_cc_proto", diff --git a/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.cc b/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.cc index ab3100e50391..1acd3049456c 100644 --- a/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.cc +++ b/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" +#include "source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h b/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h index 953fb612daf8..ab8f4e3a5ea5 100644 --- a/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h +++ b/source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h @@ -7,8 +7,8 @@ #include "envoy/extensions/common/ratelimit/v3/ratelimit.pb.h" #include "envoy/ratelimit/ratelimit.h" -#include "common/common/thread_synchronizer.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { @@ -45,7 +45,7 @@ class LocalRateLimiterImpl { } }; struct LocalDescriptorHash { - using is_transparent = void; // NOLINT(readability-identifier-naming)t + using is_transparent = void; // NOLINT(readability-identifier-naming) size_t operator()(const RateLimit::LocalDescriptor& d) const { return absl::Hash>()(d.entries_); } diff --git a/source/extensions/filters/common/lua/BUILD b/source/extensions/filters/common/lua/BUILD index 78894e43b475..ede969dfc1d2 100644 --- a/source/extensions/filters/common/lua/BUILD +++ b/source/extensions/filters/common/lua/BUILD @@ -27,7 +27,7 @@ envoy_cc_library( srcs = ["lua.cc"], hdrs = ["lua.h"], deps = [ - "//include/envoy/thread_local:thread_local_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:assert_lib", "//source/common/common:lock_guard_lib", "//source/common/common:thread_lib", @@ -45,7 +45,7 @@ envoy_cc_library( hdrs = ["wrappers.h"], deps = [ ":lua_lib", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:hex_lib", "//source/common/protobuf", ], diff --git a/source/extensions/filters/common/lua/lua.cc b/source/extensions/filters/common/lua/lua.cc index e5daf3221639..d399510368bd 100644 --- a/source/extensions/filters/common/lua/lua.cc +++ b/source/extensions/filters/common/lua/lua.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/common/lua/lua.h" +#include "source/extensions/filters/common/lua/lua.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/lua/lua.h b/source/extensions/filters/common/lua/lua.h index d911316eb82b..54bdcabe33bc 100644 --- a/source/extensions/filters/common/lua/lua.h +++ b/source/extensions/filters/common/lua/lua.h @@ -7,9 +7,9 @@ #include "envoy/common/exception.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/assert.h" -#include "common/common/c_smart_ptr.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/common/logger.h" #include "lua.hpp" diff --git a/source/extensions/filters/common/lua/wrappers.cc b/source/extensions/filters/common/lua/wrappers.cc index 8c26d9e10bec..cb148e18bcfe 100644 --- a/source/extensions/filters/common/lua/wrappers.cc +++ b/source/extensions/filters/common/lua/wrappers.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/common/lua/wrappers.h" +#include "source/extensions/filters/common/lua/wrappers.h" #include #include -#include "common/common/assert.h" -#include "common/common/hex.h" +#include "source/common/common/assert.h" +#include "source/common/common/hex.h" #include "absl/time/time.h" diff --git a/source/extensions/filters/common/lua/wrappers.h b/source/extensions/filters/common/lua/wrappers.h index 2b0f39970c74..344467d39ff2 100644 --- a/source/extensions/filters/common/lua/wrappers.h +++ b/source/extensions/filters/common/lua/wrappers.h @@ -2,9 +2,8 @@ #include "envoy/buffer/buffer.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/common/lua/lua.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/common/lua/lua.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/original_src/BUILD b/source/extensions/filters/common/original_src/BUILD index 0c4b4832e2e3..a8422fdc3d33 100644 --- a/source/extensions/filters/common/original_src/BUILD +++ b/source/extensions/filters/common/original_src/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( srcs = ["original_src_socket_option.cc"], hdrs = ["original_src_socket_option.h"], deps = [ - "//include/envoy/network:listen_socket_interface", + "//envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/network:address_lib", @@ -30,7 +30,7 @@ envoy_cc_library( hdrs = ["socket_option_factory.h"], deps = [ ":original_src_socket_option_lib", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:listen_socket_interface", "//source/common/network:address_lib", "//source/common/network:socket_option_factory_lib", "//source/common/network:utility_lib", diff --git a/source/extensions/filters/common/original_src/original_src_socket_option.cc b/source/extensions/filters/common/original_src/original_src_socket_option.cc index 4bdbdd4ea7f8..0942ffd113d8 100644 --- a/source/extensions/filters/common/original_src/original_src_socket_option.cc +++ b/source/extensions/filters/common/original_src/original_src_socket_option.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/common/original_src/original_src_socket_option.h" +#include "source/extensions/filters/common/original_src/original_src_socket_option.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/original_src/socket_option_factory.cc b/source/extensions/filters/common/original_src/socket_option_factory.cc index cf84b9d26596..47f429cce8ca 100644 --- a/source/extensions/filters/common/original_src/socket_option_factory.cc +++ b/source/extensions/filters/common/original_src/socket_option_factory.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/common/original_src/socket_option_factory.h" +#include "source/extensions/filters/common/original_src/socket_option_factory.h" -#include "common/network/socket_option_factory.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/original_src/original_src_socket_option.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/original_src/original_src_socket_option.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ratelimit/BUILD b/source/extensions/filters/common/ratelimit/BUILD index 4bf0b36b1e5d..0f4978d7025f 100644 --- a/source/extensions/filters/common/ratelimit/BUILD +++ b/source/extensions/filters/common/ratelimit/BUILD @@ -14,11 +14,11 @@ envoy_cc_library( hdrs = ["ratelimit_impl.h"], deps = [ ":ratelimit_client_interface", - "//include/envoy/grpc:async_client_interface", - "//include/envoy/grpc:async_client_manager_interface", - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_manager_interface", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/server:filter_config_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/grpc:typed_async_client_lib", @@ -35,9 +35,9 @@ envoy_cc_library( hdrs = ["ratelimit.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/singleton:manager_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/singleton:manager_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/stats:symbol_table_lib", "@envoy_api//envoy/service/ratelimit/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/common/ratelimit/ratelimit_impl.cc b/source/extensions/filters/common/ratelimit/ratelimit_impl.cc index 055d2e8cdd55..37378240d5c3 100644 --- a/source/extensions/filters/common/ratelimit/ratelimit_impl.cc +++ b/source/extensions/filters/common/ratelimit/ratelimit_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" #include #include @@ -9,9 +9,9 @@ #include "envoy/extensions/common/ratelimit/v3/ratelimit.pb.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ratelimit/ratelimit_impl.h b/source/extensions/filters/common/ratelimit/ratelimit_impl.h index 4386102a21ca..7ff0f1a7a825 100644 --- a/source/extensions/filters/common/ratelimit/ratelimit_impl.h +++ b/source/extensions/filters/common/ratelimit/ratelimit_impl.h @@ -15,11 +15,10 @@ #include "envoy/tracing/http_tracer.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/grpc/typed_async_client.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/common/ratelimit/ratelimit.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/ratelimit/stat_names.h b/source/extensions/filters/common/ratelimit/stat_names.h index 33dd13a188b3..45161fe43d44 100644 --- a/source/extensions/filters/common/ratelimit/stat_names.h +++ b/source/extensions/filters/common/ratelimit/stat_names.h @@ -1,6 +1,6 @@ #pragma once -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/rbac/BUILD b/source/extensions/filters/common/rbac/BUILD index 14c649ca4340..5d8e3712c0e2 100644 --- a/source/extensions/filters/common/rbac/BUILD +++ b/source/extensions/filters/common/rbac/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( hdrs = ["utility.h"], deps = [ ":engine_lib", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/singleton:const_singleton", ], ) @@ -25,8 +25,8 @@ envoy_cc_library( hdrs = ["matchers.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", @@ -43,9 +43,9 @@ envoy_cc_library( name = "engine_interface", hdrs = ["engine.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", ], ) diff --git a/source/extensions/filters/common/rbac/engine_impl.cc b/source/extensions/filters/common/rbac/engine_impl.cc index dc2a6ba79222..dbac3dee1135 100644 --- a/source/extensions/filters/common/rbac/engine_impl.cc +++ b/source/extensions/filters/common/rbac/engine_impl.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/common/rbac/engine_impl.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" #include "envoy/config/rbac/v3/rbac.pb.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/rbac/engine_impl.h b/source/extensions/filters/common/rbac/engine_impl.h index 0aacfb41f8e1..237d4fd79868 100644 --- a/source/extensions/filters/common/rbac/engine_impl.h +++ b/source/extensions/filters/common/rbac/engine_impl.h @@ -2,8 +2,8 @@ #include "envoy/config/rbac/v3/rbac.pb.h" -#include "extensions/filters/common/rbac/engine.h" -#include "extensions/filters/common/rbac/matchers.h" +#include "source/extensions/filters/common/rbac/engine.h" +#include "source/extensions/filters/common/rbac/matchers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/rbac/matchers.cc b/source/extensions/filters/common/rbac/matchers.cc index eac3c3d20576..25d8e2de63b5 100644 --- a/source/extensions/filters/common/rbac/matchers.cc +++ b/source/extensions/filters/common/rbac/matchers.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/common/rbac/matchers.h" +#include "source/extensions/filters/common/rbac/matchers.h" #include "envoy/config/rbac/v3/rbac.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/rbac/matchers.h b/source/extensions/filters/common/rbac/matchers.h index a73bcf373266..472b4a2c9c17 100644 --- a/source/extensions/filters/common/rbac/matchers.h +++ b/source/extensions/filters/common/rbac/matchers.h @@ -10,11 +10,10 @@ #include "envoy/type/matcher/v3/path.pb.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/matchers.h" -#include "common/http/header_utility.h" -#include "common/network/cidr_range.h" - -#include "extensions/filters/common/expr/evaluator.h" +#include "source/common/common/matchers.h" +#include "source/common/http/header_utility.h" +#include "source/common/network/cidr_range.h" +#include "source/extensions/filters/common/expr/evaluator.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/common/rbac/utility.cc b/source/extensions/filters/common/rbac/utility.cc index 8273e9659c20..3e2697745cfa 100644 --- a/source/extensions/filters/common/rbac/utility.cc +++ b/source/extensions/filters/common/rbac/utility.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/rbac/utility.h" +#include "source/extensions/filters/common/rbac/utility.h" #include diff --git a/source/extensions/filters/common/rbac/utility.h b/source/extensions/filters/common/rbac/utility.h index 91f8711f2210..f4acc822a36f 100644 --- a/source/extensions/filters/common/rbac/utility.h +++ b/source/extensions/filters/common/rbac/utility.h @@ -2,10 +2,9 @@ #include "envoy/stats/stats_macros.h" -#include "common/common/fmt.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/common/rbac/engine_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/adaptive_concurrency/BUILD b/source/extensions/filters/http/adaptive_concurrency/BUILD index 7662d09bc1fd..95bafcf6002d 100644 --- a/source/extensions/filters/http/adaptive_concurrency/BUILD +++ b/source/extensions/filters/http/adaptive_concurrency/BUILD @@ -18,8 +18,7 @@ envoy_cc_library( srcs = ["adaptive_concurrency_filter.cc"], hdrs = ["adaptive_concurrency_filter.h"], deps = [ - "//include/envoy/http:filter_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/http:filter_interface", "//source/extensions/filters/http/adaptive_concurrency/controller:controller_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/adaptive_concurrency/v3:pkg_cc_proto", @@ -30,12 +29,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/adaptive_concurrency:adaptive_concurrency_filter_lib", "//source/extensions/filters/http/adaptive_concurrency/controller:controller_lib", "//source/extensions/filters/http/common:factory_base_lib", diff --git a/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.cc b/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.cc index 1b2d7400f771..bb6d2b338232 100644 --- a/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.cc +++ b/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" +#include "source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" #include #include @@ -7,11 +7,9 @@ #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" -#include "common/common/assert.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h b/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h index 7424e1d3bdba..4b426a732217 100644 --- a/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h +++ b/source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h @@ -11,11 +11,10 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/cleanup.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/cleanup.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/adaptive_concurrency/config.cc b/source/extensions/filters/http/adaptive_concurrency/config.cc index 45783f034de1..5abc39bf6fd9 100644 --- a/source/extensions/filters/http/adaptive_concurrency/config.cc +++ b/source/extensions/filters/http/adaptive_concurrency/config.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/http/adaptive_concurrency/config.h" +#include "source/extensions/filters/http/adaptive_concurrency/config.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" -#include "extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" +#include "source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/adaptive_concurrency/config.h b/source/extensions/filters/http/adaptive_concurrency/config.h index da9733579cf9..8f8cb5224129 100644 --- a/source/extensions/filters/http/adaptive_concurrency/config.h +++ b/source/extensions/filters/http/adaptive_concurrency/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class AdaptiveConcurrencyFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency> { public: - AdaptiveConcurrencyFilterFactory() : FactoryBase(HttpFilterNames::get().AdaptiveConcurrency) {} + AdaptiveConcurrencyFilterFactory() : FactoryBase("envoy.filters.http.adaptive_concurrency") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::adaptive_concurrency::v3::AdaptiveConcurrency& diff --git a/source/extensions/filters/http/adaptive_concurrency/controller/BUILD b/source/extensions/filters/http/adaptive_concurrency/controller/BUILD index 67e85c133f4d..60cb03dd31d2 100644 --- a/source/extensions/filters/http/adaptive_concurrency/controller/BUILD +++ b/source/extensions/filters/http/adaptive_concurrency/controller/BUILD @@ -23,7 +23,7 @@ envoy_cc_library( "libcircllhist", ], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/common:thread_synchronizer_lib", "//source/common/event:dispatcher_lib", "//source/common/protobuf", diff --git a/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.cc b/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.cc index aa9bc226d74f..c00112da2ede 100644 --- a/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.cc +++ b/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" #include #include @@ -9,11 +9,10 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/stats.h" -#include "common/common/cleanup.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" +#include "source/common/common/cleanup.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "absl/synchronization/mutex.h" diff --git a/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h b/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h index 0309aaa0c6ea..1764f4aec6cb 100644 --- a/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h +++ b/source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h @@ -10,9 +10,8 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/stats_macros.h" -#include "common/common/thread_synchronizer.h" - -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "absl/base/thread_annotations.h" #include "absl/strings/numbers.h" diff --git a/source/extensions/filters/http/admission_control/BUILD b/source/extensions/filters/http/admission_control/BUILD index 9bfd7c450536..5192e11d74f9 100644 --- a/source/extensions/filters/http/admission_control/BUILD +++ b/source/extensions/filters/http/admission_control/BUILD @@ -1,6 +1,7 @@ load( "//bazel:envoy_build_system.bzl", "envoy_cc_extension", + "envoy_cc_library", "envoy_extension_package", ) @@ -11,7 +12,7 @@ licenses(["notice"]) # Apache 2 envoy_extension_package() -envoy_cc_extension( +envoy_cc_library( name = "admission_control_filter_lib", srcs = [ "admission_control.cc", @@ -21,16 +22,13 @@ envoy_cc_extension( "admission_control.h", "thread_local_controller.h", ], - category = "envoy.filters.http", - security_posture = "unknown", deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/thread_local:thread_local_object", + "//envoy/http:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/thread_local:thread_local_object", "//source/common/common:cleanup_lib", "//source/common/http:codes_lib", "//source/common/runtime:runtime_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/admission_control/evaluators:response_evaluator_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/admission_control/v3alpha:pkg_cc_proto", @@ -41,13 +39,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:enum_to_int", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/admission_control:admission_control_filter_lib", "//source/extensions/filters/http/admission_control/evaluators:response_evaluator_lib", "//source/extensions/filters/http/common:factory_base_lib", diff --git a/source/extensions/filters/http/admission_control/admission_control.cc b/source/extensions/filters/http/admission_control/admission_control.cc index 9329e10ab351..3ceee04889ec 100644 --- a/source/extensions/filters/http/admission_control/admission_control.cc +++ b/source/extensions/filters/http/admission_control/admission_control.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/admission_control/admission_control.h" +#include "source/extensions/filters/http/admission_control/admission_control.h" #include #include @@ -12,15 +12,13 @@ #include "envoy/runtime/runtime.h" #include "envoy/server/filter_config.h" -#include "common/common/cleanup.h" -#include "common/common/enum_to_int.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" namespace Envoy { namespace Extensions { @@ -31,6 +29,8 @@ using GrpcStatus = Grpc::Status::GrpcStatus; static constexpr double defaultAggression = 1.0; static constexpr double defaultSuccessRateThreshold = 95.0; +static constexpr uint32_t defaultRpsThreshold = 0; +static constexpr double defaultMaxRejectionProbability = 80.0; AdmissionControlFilterConfig::AdmissionControlFilterConfig( const AdmissionControlProto& proto_config, Runtime::Loader& runtime, @@ -45,6 +45,13 @@ AdmissionControlFilterConfig::AdmissionControlFilterConfig( sr_threshold_(proto_config.has_sr_threshold() ? std::make_unique( proto_config.sr_threshold(), runtime) : nullptr), + rps_threshold_(proto_config.has_rps_threshold() + ? std::make_unique(proto_config.rps_threshold(), runtime) + : nullptr), + max_rejection_probability_(proto_config.has_max_rejection_probability() + ? std::make_unique( + proto_config.max_rejection_probability(), runtime) + : nullptr), response_evaluator_(std::move(response_evaluator)) {} double AdmissionControlFilterConfig::aggression() const { @@ -56,6 +63,16 @@ double AdmissionControlFilterConfig::successRateThreshold() const { return std::min(pct, 100.0) / 100.0; } +uint32_t AdmissionControlFilterConfig::rpsThreshold() const { + return rps_threshold_ ? rps_threshold_->value() : defaultRpsThreshold; +} + +double AdmissionControlFilterConfig::maxRejectionProbability() const { + const double ret = max_rejection_probability_ ? max_rejection_probability_->value() + : defaultMaxRejectionProbability; + return ret / 100.0; +} + AdmissionControlFilter::AdmissionControlFilter(AdmissionControlFilterConfigSharedPtr config, const std::string& stats_prefix) : config_(std::move(config)), stats_(generateStats(config_->scope(), stats_prefix)), @@ -68,6 +85,11 @@ Http::FilterHeadersStatus AdmissionControlFilter::decodeHeaders(Http::RequestHea return Http::FilterHeadersStatus::Continue; } + if (config_->getController().averageRps() < config_->rpsThreshold()) { + ENVOY_LOG(debug, "Current rps: {} is below rps_threshold: {}, continue"); + return Http::FilterHeadersStatus::Continue; + } + if (shouldRejectRequest()) { // We do not want to sample requests that we are rejecting, since this taints the measurements // that should be describing the upstreams. In addition, if we were to record the requests @@ -148,6 +170,7 @@ bool AdmissionControlFilter::shouldRejectRequest() const { if (aggression != 1.0) { probability = std::pow(probability, 1.0 / aggression); } + probability = std::min(probability, config_->maxRejectionProbability()); // Choosing an accuracy of 4 significant figures for the probability. static constexpr uint64_t accuracy = 1e4; diff --git a/source/extensions/filters/http/admission_control/admission_control.h b/source/extensions/filters/http/admission_control/admission_control.h index 7b4e83de80c7..4d921eddbc10 100644 --- a/source/extensions/filters/http/admission_control/admission_control.h +++ b/source/extensions/filters/http/admission_control/admission_control.h @@ -14,16 +14,15 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/cleanup.h" -#include "common/common/logger.h" -#include "common/grpc/common.h" -#include "common/grpc/status.h" -#include "common/http/codes.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" -#include "extensions/filters/http/admission_control/thread_local_controller.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/status.h" +#include "source/common/http/codes.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/http/admission_control/evaluators/response_evaluator.h" +#include "source/extensions/filters/http/admission_control/thread_local_controller.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { @@ -66,6 +65,8 @@ class AdmissionControlFilterConfig { Stats::Scope& scope() const { return scope_; } double aggression() const; double successRateThreshold() const; + uint32_t rpsThreshold() const; + double maxRejectionProbability() const; ResponseEvaluator& responseEvaluator() const { return *response_evaluator_; } private: @@ -75,6 +76,8 @@ class AdmissionControlFilterConfig { Runtime::FeatureFlag admission_control_feature_; std::unique_ptr aggression_; std::unique_ptr sr_threshold_; + std::unique_ptr rps_threshold_; + std::unique_ptr max_rejection_probability_; std::shared_ptr response_evaluator_; }; diff --git a/source/extensions/filters/http/admission_control/config.cc b/source/extensions/filters/http/admission_control/config.cc index 27b7f9f1eb25..e28e0445b643 100644 --- a/source/extensions/filters/http/admission_control/config.cc +++ b/source/extensions/filters/http/admission_control/config.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/http/admission_control/config.h" +#include "source/extensions/filters/http/admission_control/config.h" #include "envoy/common/exception.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/enum_to_int.h" - -#include "extensions/filters/http/admission_control/admission_control.h" -#include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" -#include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" +#include "source/common/common/enum_to_int.h" +#include "source/extensions/filters/http/admission_control/admission_control.h" +#include "source/extensions/filters/http/admission_control/evaluators/response_evaluator.h" +#include "source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/admission_control/config.h b/source/extensions/filters/http/admission_control/config.h index 8abe84eafefc..e25289f6e76b 100644 --- a/source/extensions/filters/http/admission_control/config.h +++ b/source/extensions/filters/http/admission_control/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class AdmissionControlFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl> { public: - AdmissionControlFilterFactory() : FactoryBase(HttpFilterNames::get().AdmissionControl) {} + AdmissionControlFilterFactory() : FactoryBase("envoy.filters.http.admission_control") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::admission_control::v3alpha::AdmissionControl& diff --git a/source/extensions/filters/http/admission_control/evaluators/BUILD b/source/extensions/filters/http/admission_control/evaluators/BUILD index c5c72ee2db5c..cddd0f2f0a43 100644 --- a/source/extensions/filters/http/admission_control/evaluators/BUILD +++ b/source/extensions/filters/http/admission_control/evaluators/BUILD @@ -19,7 +19,7 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/grpc:status", + "//envoy/grpc:status", "//source/common/common:enum_to_int", "@envoy_api//envoy/extensions/filters/http/admission_control/v3alpha:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.cc b/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.cc index 6771bfba9a7b..5a7ae7fc915c 100644 --- a/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.cc +++ b/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" +#include "source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" #include #include "envoy/common/exception.h" #include "envoy/grpc/status.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h b/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h index 511d54408f42..551975ead881 100644 --- a/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h +++ b/source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h @@ -5,7 +5,7 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" -#include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" +#include "source/extensions/filters/http/admission_control/evaluators/response_evaluator.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/admission_control/thread_local_controller.cc b/source/extensions/filters/http/admission_control/thread_local_controller.cc index 30f0aac40061..61ea10dc3f9d 100644 --- a/source/extensions/filters/http/admission_control/thread_local_controller.cc +++ b/source/extensions/filters/http/admission_control/thread_local_controller.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/admission_control/thread_local_controller.h" +#include "source/extensions/filters/http/admission_control/thread_local_controller.h" #include @@ -17,6 +17,15 @@ ThreadLocalControllerImpl::ThreadLocalControllerImpl(TimeSource& time_source, std::chrono::seconds sampling_window) : time_source_(time_source), sampling_window_(sampling_window) {} +uint32_t ThreadLocalControllerImpl::averageRps() const { + if (historical_data_.empty() || global_data_.requests == 0) { + return 0; + } + using std::chrono::seconds; + seconds secs = std::max(seconds(1), std::chrono::duration_cast(ageOfOldestSample())); + return global_data_.requests / secs.count(); +} + void ThreadLocalControllerImpl::maybeUpdateHistoricalData() { // Purge stale samples. while (!historical_data_.empty() && ageOfOldestSample() >= sampling_window_) { diff --git a/source/extensions/filters/http/admission_control/thread_local_controller.h b/source/extensions/filters/http/admission_control/thread_local_controller.h index fde56131ecd8..4c536ba1dd55 100644 --- a/source/extensions/filters/http/admission_control/thread_local_controller.h +++ b/source/extensions/filters/http/admission_control/thread_local_controller.h @@ -37,6 +37,9 @@ class ThreadLocalController { // Returns the current number of requests and how many of them are successful. virtual RequestData requestCounts() PURE; + + // return the average RPS across the sampling window + virtual uint32_t averageRps() const PURE; }; /** @@ -63,6 +66,8 @@ class ThreadLocalControllerImpl : public ThreadLocalController, return global_data_; } + uint32_t averageRps() const override; + private: void recordRequest(bool success); diff --git a/source/extensions/filters/http/alternate_protocols_cache/BUILD b/source/extensions/filters/http/alternate_protocols_cache/BUILD new file mode 100644 index 000000000000..cb516768fadb --- /dev/null +++ b/source/extensions/filters/http/alternate_protocols_cache/BUILD @@ -0,0 +1,41 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +envoy_extension_package() + +envoy_cc_library( + name = "filter_lib", + srcs = ["filter.cc"], + hdrs = ["filter.h"], + deps = [ + "//envoy/http:filter_interface", + "//source/common/http:alternate_protocols_cache", + "//source/common/http:headers_lib", + "//source/extensions/filters/http/common:pass_through_filter_lib", + "@com_googlesource_quiche//:spdy_core_alt_svc_wire_format_lib", + "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + ":filter_lib", + "//envoy/registry", + "//envoy/server:filter_config_interface", + "//source/common/http:alternate_protocols_cache", + "//source/extensions/filters/http:well_known_names", + "//source/extensions/filters/http/common:factory_base_lib", + "@envoy_api//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg_cc_proto", + ], +) diff --git a/source/extensions/filters/http/alternate_protocols_cache/config.cc b/source/extensions/filters/http/alternate_protocols_cache/config.cc new file mode 100644 index 000000000000..61327b29b1d9 --- /dev/null +++ b/source/extensions/filters/http/alternate_protocols_cache/config.cc @@ -0,0 +1,36 @@ +#include "source/extensions/filters/http/alternate_protocols_cache/config.h" + +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.h" +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.validate.h" + +#include "source/common/http/alternate_protocols_cache_manager_impl.h" +#include "source/extensions/filters/http/alternate_protocols_cache/filter.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace AlternateProtocolsCache { + +Http::FilterFactoryCb AlternateProtocolsCacheFilterFactory::createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig& + proto_config, + const std::string&, Server::Configuration::FactoryContext& context) { + Http::AlternateProtocolsCacheManagerFactoryImpl alternate_protocol_cache_manager_factory( + context.singletonManager(), context.dispatcher().timeSource(), context.threadLocal()); + FilterConfigSharedPtr filter_config(std::make_shared( + proto_config, alternate_protocol_cache_manager_factory, context.dispatcher().timeSource())); + return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { + callbacks.addStreamEncoderFilter(std::make_shared(filter_config)); + }; +} + +/** + * Static registration for the alternate protocols cache filter. @see RegisterFactory. + */ +REGISTER_FACTORY(AlternateProtocolsCacheFilterFactory, + Server::Configuration::NamedHttpFilterConfigFactory); + +} // namespace AlternateProtocolsCache +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/alternate_protocols_cache/config.h b/source/extensions/filters/http/alternate_protocols_cache/config.h new file mode 100644 index 000000000000..2e4a4283133a --- /dev/null +++ b/source/extensions/filters/http/alternate_protocols_cache/config.h @@ -0,0 +1,36 @@ +#pragma once + +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.h" +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.validate.h" + +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/well_known_names.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace AlternateProtocolsCache { + +/** + * Config registration for the alternate protocols cache filter. + */ +class AlternateProtocolsCacheFilterFactory + : public Common::FactoryBase< + envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig> { +public: + AlternateProtocolsCacheFilterFactory() + : FactoryBase(HttpFilterNames::get().AlternateProtocolsCache) {} + +private: + Http::FilterFactoryCb createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig& + proto_config, + const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; +}; + +DECLARE_FACTORY(AlternateProtocolsCacheFilterFactory); + +} // namespace AlternateProtocolsCache +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/alternate_protocols_cache/filter.cc b/source/extensions/filters/http/alternate_protocols_cache/filter.cc new file mode 100644 index 000000000000..75cc99c9fb32 --- /dev/null +++ b/source/extensions/filters/http/alternate_protocols_cache/filter.cc @@ -0,0 +1,80 @@ +#include "source/extensions/filters/http/alternate_protocols_cache/filter.h" + +#include "envoy/common/time.h" +#include "envoy/config/cluster/v3/cluster.pb.h" +#include "envoy/config/core/v3/base.pb.h" +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.h" + +#include "source/common/http/headers.h" + +#include "quiche/spdy/core/spdy_alt_svc_wire_format.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace AlternateProtocolsCache { + +using CustomClusterType = envoy::config::cluster::v3::Cluster::CustomClusterType; + +FilterConfig::FilterConfig( + const envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig& + proto_config, + Http::AlternateProtocolsCacheManagerFactory& alternate_protocol_cache_manager_factory, + TimeSource& time_source) + : alternate_protocol_cache_manager_(alternate_protocol_cache_manager_factory.get()), + proto_config_(proto_config), time_source_(time_source) {} + +Http::AlternateProtocolsCacheSharedPtr FilterConfig::getAlternateProtocolCache() { + return proto_config_.has_alternate_protocols_cache_options() + ? alternate_protocol_cache_manager_->getCache( + proto_config_.alternate_protocols_cache_options()) + : nullptr; +} + +void Filter::onDestroy() {} + +Filter::Filter(const FilterConfigSharedPtr& config) + : cache_(config->getAlternateProtocolCache()), time_source_(config->timeSource()) {} + +Http::FilterHeadersStatus Filter::encodeHeaders(Http::ResponseHeaderMap& headers, bool) { + if (!cache_) { + return Http::FilterHeadersStatus::Continue; + } + const auto alt_svc = headers.get(Http::CustomHeaders::get().AltSvc); + if (alt_svc.empty()) { + return Http::FilterHeadersStatus::Continue; + } + std::vector protocols; + for (size_t i = 0; i < alt_svc.size(); ++i) { + spdy::SpdyAltSvcWireFormat::AlternativeServiceVector altsvc_vector; + if (!spdy::SpdyAltSvcWireFormat::ParseHeaderFieldValue(alt_svc[i]->value().getStringView(), + &altsvc_vector)) { + ENVOY_LOG(trace, "Invalid Alt-Svc header received: '{}'", + alt_svc[i]->value().getStringView()); + return Http::FilterHeadersStatus::Continue; + } + for (const auto& alt_svc : altsvc_vector) { + MonotonicTime expiration = + time_source_.monotonicTime() + std::chrono::seconds(alt_svc.max_age); + Http::AlternateProtocolsCache::AlternateProtocol protocol(alt_svc.protocol_id, alt_svc.host, + alt_svc.port, expiration); + protocols.push_back(protocol); + } + } + // The upstream host is used here, instead of the :authority request header because + // Envoy routes request to upstream hosts not to origin servers directly. This choice would + // allow HTTP/3 to be used on a per-upstream host basis, even for origins which are load + // balanced across them. + Upstream::HostDescriptionConstSharedPtr host = encoder_callbacks_->streamInfo().upstreamHost(); + const uint32_t port = host->address()->ip()->port(); + const std::string& hostname = host->hostname(); + Http::AlternateProtocolsCache::Origin origin(Http::Headers::get().SchemeValues.Https, hostname, + port); + cache_->setAlternatives(origin, protocols); + return Http::FilterHeadersStatus::Continue; +} + +} // namespace AlternateProtocolsCache +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/alternate_protocols_cache/filter.h b/source/extensions/filters/http/alternate_protocols_cache/filter.h new file mode 100644 index 000000000000..a77d30f672a1 --- /dev/null +++ b/source/extensions/filters/http/alternate_protocols_cache/filter.h @@ -0,0 +1,59 @@ +#pragma once + +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.h" +#include "envoy/upstream/cluster_manager.h" + +#include "source/common/http/alternate_protocols_cache_manager_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace AlternateProtocolsCache { + +/** + * Configuration for the alternate protocol cache filter. + */ +class FilterConfig { +public: + FilterConfig( + const envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig& + proto_config, + Http::AlternateProtocolsCacheManagerFactory& alternate_protocol_cache_manager_factory, + TimeSource& time_source); + + // Returns the alternate protocols cache for the current thread. + Http::AlternateProtocolsCacheSharedPtr getAlternateProtocolCache(); + + TimeSource& timeSource() { return time_source_; } + +private: + const Http::AlternateProtocolsCacheManagerSharedPtr alternate_protocol_cache_manager_; + envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig proto_config_; + TimeSource& time_source_; +}; + +using FilterConfigSharedPtr = std::shared_ptr; + +/** + * Alternate protocol cache filter which parses the alt-svc response header and updates + * the cache accordingly. + */ +class Filter : public Http::PassThroughEncoderFilter, Logger::Loggable { +public: + explicit Filter(const FilterConfigSharedPtr& config); + + // Http::PassThroughEncoderFilter + Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& header, + bool end_stream) override; + void onDestroy() override; + +private: + const Http::AlternateProtocolsCacheSharedPtr cache_; + TimeSource& time_source_; +}; + +} // namespace AlternateProtocolsCache +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/aws_lambda/BUILD b/source/extensions/filters/http/aws_lambda/BUILD index 1001ba3d87cb..b372c5109300 100644 --- a/source/extensions/filters/http/aws_lambda/BUILD +++ b/source/extensions/filters/http/aws_lambda/BUILD @@ -24,11 +24,10 @@ envoy_cc_library( hdrs = ["aws_lambda_filter.h"], deps = [ ":request_response_cc_proto", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/common:base64_lib", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", ], ) @@ -37,13 +36,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":aws_lambda_filter_lib", - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/aws_lambda/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/aws_lambda/aws_lambda_filter.cc b/source/extensions/filters/http/aws_lambda/aws_lambda_filter.cc index 6a908ff117e4..fb8a24de2fa9 100644 --- a/source/extensions/filters/http/aws_lambda/aws_lambda_filter.cc +++ b/source/extensions/filters/http/aws_lambda/aws_lambda_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" +#include "source/extensions/filters/http/aws_lambda/aws_lambda_filter.h" #include #include @@ -8,21 +8,18 @@ #include "envoy/http/header_map.h" #include "envoy/upstream/upstream.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/base64.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/singleton/const_singleton.h" - +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/const_singleton.h" #include "source/extensions/filters/http/aws_lambda/request_response.pb.validate.h" -#include "extensions/filters/http/well_known_names.h" - #include "absl/strings/numbers.h" #include "absl/strings/string_view.h" @@ -120,12 +117,8 @@ Filter::Filter(const FilterSettings& settings, const FilterStats& stats, : settings_(settings), stats_(stats), sigv4_signer_(sigv4_signer) {} absl::optional Filter::getRouteSpecificSettings() const { - if (!decoder_callbacks_->route() || !decoder_callbacks_->route()->routeEntry()) { - return absl::nullopt; - } - const auto* route_entry = decoder_callbacks_->route()->routeEntry(); - const auto* settings = route_entry->mostSpecificPerFilterConfigTyped( - HttpFilterNames::get().AwsLambda); + const auto* settings = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.aws_lambda", decoder_callbacks_->route()); if (!settings) { return absl::nullopt; } @@ -333,6 +326,10 @@ void Filter::dejsonizeResponse(Http::ResponseHeaderMap& headers, const Buffer::I return; } + // Use JSON as the default content-type. If the response headers have a different content-type + // set, that will be used instead. + headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); + for (auto&& kv : json_resp.headers()) { // ignore H2 pseudo-headers (if any) if (kv.first[0] == ':') { @@ -348,7 +345,6 @@ void Filter::dejsonizeResponse(Http::ResponseHeaderMap& headers, const Buffer::I if (json_resp.status_code() != 0) { headers.setStatus(json_resp.status_code()); } - headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); if (!json_resp.body().empty()) { if (json_resp.is_base64_encoded()) { body.add(Base64::decode(json_resp.body())); diff --git a/source/extensions/filters/http/aws_lambda/aws_lambda_filter.h b/source/extensions/filters/http/aws_lambda/aws_lambda_filter.h index 82bfdaf85cf2..be3d03d3a24c 100644 --- a/source/extensions/filters/http/aws_lambda/aws_lambda_filter.h +++ b/source/extensions/filters/http/aws_lambda/aws_lambda_filter.h @@ -5,10 +5,9 @@ #include "envoy/http/filter.h" #include "envoy/stats/scope.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/common/aws/signer.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/common/aws/signer.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/aws_lambda/config.cc b/source/extensions/filters/http/aws_lambda/config.cc index c784020da619..a538f07847dd 100644 --- a/source/extensions/filters/http/aws_lambda/config.cc +++ b/source/extensions/filters/http/aws_lambda/config.cc @@ -1,16 +1,15 @@ -#include "extensions/filters/http/aws_lambda/config.h" +#include "source/extensions/filters/http/aws_lambda/config.h" #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/fmt.h" - -#include "extensions/common/aws/credentials_provider_impl.h" -#include "extensions/common/aws/signer_impl.h" -#include "extensions/common/aws/utility.h" -#include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" +#include "source/common/common/fmt.h" +#include "source/extensions/common/aws/credentials_provider_impl.h" +#include "source/extensions/common/aws/signer_impl.h" +#include "source/extensions/common/aws/utility.h" +#include "source/extensions/filters/http/aws_lambda/aws_lambda_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/aws_lambda/config.h b/source/extensions/filters/http/aws_lambda/config.h index fbdfb26ff9e7..d135f0fe2e3c 100644 --- a/source/extensions/filters/http/aws_lambda/config.h +++ b/source/extensions/filters/http/aws_lambda/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.h" #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -15,7 +14,7 @@ class AwsLambdaFilterFactory : public Common::FactoryBase { public: - AwsLambdaFilterFactory() : FactoryBase(HttpFilterNames::get().AwsLambda) {} + AwsLambdaFilterFactory() : FactoryBase("envoy.filters.http.aws_lambda") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/aws_request_signing/BUILD b/source/extensions/filters/http/aws_request_signing/BUILD index f0222a4b954b..fd1ecabed322 100644 --- a/source/extensions/filters/http/aws_request_signing/BUILD +++ b/source/extensions/filters/http/aws_request_signing/BUILD @@ -17,7 +17,7 @@ envoy_cc_library( srcs = ["aws_request_signing_filter.cc"], hdrs = ["aws_request_signing_filter.h"], deps = [ - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", @@ -29,15 +29,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":aws_request_signing_filter_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/common/aws:credentials_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/aws_request_signing/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.cc b/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.cc index 4a9fb083345d..94b1c6add1a6 100644 --- a/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.cc +++ b/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" +#include "source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h b/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h index 2903ec489853..2ae73277d995 100644 --- a/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h +++ b/source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h @@ -5,8 +5,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "extensions/common/aws/signer.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/common/aws/signer.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/aws_request_signing/config.cc b/source/extensions/filters/http/aws_request_signing/config.cc index 11396f39e052..02408ec90a09 100644 --- a/source/extensions/filters/http/aws_request_signing/config.cc +++ b/source/extensions/filters/http/aws_request_signing/config.cc @@ -1,13 +1,13 @@ -#include "extensions/filters/http/aws_request_signing/config.h" +#include "source/extensions/filters/http/aws_request_signing/config.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/common/aws/credentials_provider_impl.h" -#include "extensions/common/aws/signer_impl.h" -#include "extensions/common/aws/utility.h" -#include "extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" +#include "source/extensions/common/aws/credentials_provider_impl.h" +#include "source/extensions/common/aws/signer_impl.h" +#include "source/extensions/common/aws/utility.h" +#include "source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/aws_request_signing/config.h b/source/extensions/filters/http/aws_request_signing/config.h index 21128e3d755a..55214c6afdbb 100644 --- a/source/extensions/filters/http/aws_request_signing/config.h +++ b/source/extensions/filters/http/aws_request_signing/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class AwsRequestSigningFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::aws_request_signing::v3::AwsRequestSigning> { public: - AwsRequestSigningFilterFactory() : FactoryBase(HttpFilterNames::get().AwsRequestSigning) {} + AwsRequestSigningFilterFactory() : FactoryBase("envoy.filters.http.aws_request_signing") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/bandwidth_limit/BUILD b/source/extensions/filters/http/bandwidth_limit/BUILD new file mode 100644 index 000000000000..3f3b5e3f7273 --- /dev/null +++ b/source/extensions/filters/http/bandwidth_limit/BUILD @@ -0,0 +1,46 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +# Local Bandwidthlimit HTTP L7 filter +# Public docs: docs/root/configuration/http_filters/bandwidth_limit_filter.rst + +envoy_extension_package() + +envoy_cc_library( + name = "bandwidth_limit_lib", + srcs = ["bandwidth_limit.cc"], + hdrs = ["bandwidth_limit.h"], + deps = [ + "//envoy/http:codes_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_macros", + "//source/common/common:shared_token_bucket_impl_lib", + "//source/common/common:utility_lib", + "//source/common/http:header_utility_lib", + "//source/common/http:headers_lib", + "//source/common/router:header_parser_lib", + "//source/common/runtime:runtime_lib", + "//source/common/stats:timespan_lib", + "//source/extensions/filters/http/common:stream_rate_limiter_lib", + "@envoy_api//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + ":bandwidth_limit_lib", + "//envoy/http:filter_interface", + "//source/common/protobuf:utility_lib", + "//source/extensions/filters/http/common:factory_base_lib", + "@envoy_api//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg_cc_proto", + ], +) diff --git a/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.cc b/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.cc new file mode 100644 index 000000000000..6d831d6de890 --- /dev/null +++ b/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.cc @@ -0,0 +1,202 @@ +#include "source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h" + +#include +#include + +#include "envoy/http/codes.h" + +#include "source/common/http/utility.h" +#include "source/common/stats/timespan_impl.h" + +using envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit; +using Envoy::Extensions::HttpFilters::Common::StreamRateLimiter; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +FilterConfig::FilterConfig(const BandwidthLimit& config, Stats::Scope& scope, + Runtime::Loader& runtime, TimeSource& time_source, bool per_route) + : runtime_(runtime), time_source_(time_source), enable_mode_(config.enable_mode()), + limit_kbps_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, limit_kbps, 0)), + fill_interval_(std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT( + config, fill_interval, StreamRateLimiter::DefaultFillInterval.count()))), + enabled_(config.runtime_enabled(), runtime), + stats_(generateStats(config.stat_prefix(), scope)) { + if (per_route && !config.has_limit_kbps()) { + throw EnvoyException("bandwidthlimitfilter: limit must be set for per route filter config"); + } + + // The token bucket is configured with a max token count of the number of + // bytes per second, and refills at the same rate, so that we have a per + // second limit which refills gradually in 1/fill_interval increments. + token_bucket_ = std::make_shared( + StreamRateLimiter::kiloBytesToBytes(limit_kbps_), time_source, + StreamRateLimiter::kiloBytesToBytes(limit_kbps_)); +} + +BandwidthLimitStats FilterConfig::generateStats(const std::string& prefix, Stats::Scope& scope) { + const std::string final_prefix = prefix + ".http_bandwidth_limit"; + return {ALL_BANDWIDTH_LIMIT_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), + POOL_GAUGE_PREFIX(scope, final_prefix), + POOL_HISTOGRAM_PREFIX(scope, final_prefix))}; +} + +// BandwidthLimiter members + +Http::FilterHeadersStatus BandwidthLimiter::decodeHeaders(Http::RequestHeaderMap&, bool) { + const auto& config = getConfig(); + + if (config.enabled() && (config.enableMode() & BandwidthLimit::REQUEST)) { + config.stats().request_enabled_.inc(); + request_limiter_ = std::make_unique( + config.limit(), decoder_callbacks_->decoderBufferLimit(), + [this] { decoder_callbacks_->onDecoderFilterAboveWriteBufferHighWatermark(); }, + [this] { decoder_callbacks_->onDecoderFilterBelowWriteBufferLowWatermark(); }, + [this](Buffer::Instance& data, bool end_stream) { + if (end_stream) { + updateStatsOnDecodeFinish(); + } + decoder_callbacks_->injectDecodedDataToFilterChain(data, end_stream); + }, + [this] { + updateStatsOnDecodeFinish(); + decoder_callbacks_->continueDecoding(); + }, + [config](uint64_t len) { config.stats().request_allowed_size_.set(len); }, + const_cast(&config)->timeSource(), decoder_callbacks_->dispatcher(), + decoder_callbacks_->scope(), config.tokenBucket(), config.fillInterval()); + } + + return Http::FilterHeadersStatus::Continue; +} + +Http::FilterDataStatus BandwidthLimiter::decodeData(Buffer::Instance& data, bool end_stream) { + if (request_limiter_ != nullptr) { + const auto& config = getConfig(); + + if (!request_latency_) { + request_latency_ = std::make_unique( + config.stats().request_transfer_duration_, + const_cast(&config)->timeSource()); + config.stats().request_pending_.inc(); + } + config.stats().request_incoming_size_.set(data.length()); + + request_limiter_->writeData(data, end_stream); + return Http::FilterDataStatus::StopIterationNoBuffer; + } + ENVOY_LOG(debug, "BandwidthLimiter : request_limiter not set."); + return Http::FilterDataStatus::Continue; +} + +Http::FilterTrailersStatus BandwidthLimiter::decodeTrailers(Http::RequestTrailerMap&) { + if (request_limiter_ != nullptr) { + if (request_limiter_->onTrailers()) { + return Http::FilterTrailersStatus::StopIteration; + } else { + updateStatsOnDecodeFinish(); + return Http::FilterTrailersStatus::Continue; + } + } + return Http::FilterTrailersStatus::Continue; +} + +Http::FilterHeadersStatus BandwidthLimiter::encodeHeaders(Http::ResponseHeaderMap&, bool) { + auto& config = getConfig(); + + if (config.enabled() && (config.enableMode() & BandwidthLimit::RESPONSE)) { + config.stats().response_enabled_.inc(); + + response_limiter_ = std::make_unique( + config.limit(), encoder_callbacks_->encoderBufferLimit(), + [this] { encoder_callbacks_->onEncoderFilterAboveWriteBufferHighWatermark(); }, + [this] { encoder_callbacks_->onEncoderFilterBelowWriteBufferLowWatermark(); }, + [this](Buffer::Instance& data, bool end_stream) { + if (end_stream) { + updateStatsOnEncodeFinish(); + } + encoder_callbacks_->injectEncodedDataToFilterChain(data, end_stream); + }, + [this] { + updateStatsOnEncodeFinish(); + encoder_callbacks_->continueEncoding(); + }, + [config](uint64_t len) { config.stats().response_allowed_size_.set(len); }, + const_cast(&config)->timeSource(), encoder_callbacks_->dispatcher(), + encoder_callbacks_->scope(), config.tokenBucket(), config.fillInterval()); + } + + return Http::FilterHeadersStatus::Continue; +} + +Http::FilterDataStatus BandwidthLimiter::encodeData(Buffer::Instance& data, bool end_stream) { + if (response_limiter_ != nullptr) { + const auto& config = getConfig(); + + if (!response_latency_) { + response_latency_ = std::make_unique( + config.stats().response_transfer_duration_, + const_cast(&config)->timeSource()); + config.stats().response_pending_.inc(); + } + config.stats().response_incoming_size_.set(data.length()); + + response_limiter_->writeData(data, end_stream); + return Http::FilterDataStatus::StopIterationNoBuffer; + } + ENVOY_LOG(debug, "BandwidthLimiter : response_limiter not set"); + return Http::FilterDataStatus::Continue; +} + +Http::FilterTrailersStatus BandwidthLimiter::encodeTrailers(Http::ResponseTrailerMap&) { + if (response_limiter_ != nullptr) { + if (response_limiter_->onTrailers()) { + return Http::FilterTrailersStatus::StopIteration; + } else { + updateStatsOnEncodeFinish(); + return Http::FilterTrailersStatus::Continue; + } + } + return Http::FilterTrailersStatus::Continue; +} + +void BandwidthLimiter::updateStatsOnDecodeFinish() { + if (request_latency_) { + request_latency_->complete(); + request_latency_.reset(); + getConfig().stats().request_pending_.dec(); + } +} + +void BandwidthLimiter::updateStatsOnEncodeFinish() { + if (response_latency_) { + response_latency_->complete(); + response_latency_.reset(); + getConfig().stats().response_pending_.dec(); + } +} + +const FilterConfig& BandwidthLimiter::getConfig() const { + const auto* config = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.bandwidth_limit", decoder_callbacks_->route()); + if (config) { + return *config; + } + return *config_; +} + +void BandwidthLimiter::onDestroy() { + if (request_limiter_ != nullptr) { + request_limiter_->destroy(); + } + if (response_limiter_ != nullptr) { + response_limiter_->destroy(); + } +} + +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h b/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h new file mode 100644 index 000000000000..f5bac4642642 --- /dev/null +++ b/source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h @@ -0,0 +1,150 @@ +#pragma once + +#include +#include +#include +#include + +#include "envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.pb.h" +#include "envoy/http/filter.h" +#include "envoy/runtime/runtime.h" +#include "envoy/stats/scope.h" +#include "envoy/stats/stats_macros.h" +#include "envoy/stats/timespan.h" + +#include "source/common/common/assert.h" +#include "source/common/common/shared_token_bucket_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/header_parser.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/http/common/stream_rate_limiter.h" + +#include "absl/synchronization/mutex.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +/** + * All bandwidth limit stats. @see stats_macros.h + */ +#define ALL_BANDWIDTH_LIMIT_STATS(COUNTER, GAUGE, HISTOGRAM) \ + COUNTER(request_enabled) \ + COUNTER(response_enabled) \ + GAUGE(request_pending, Accumulate) \ + GAUGE(response_pending, Accumulate) \ + GAUGE(request_incoming_size, Accumulate) \ + GAUGE(response_incoming_size, Accumulate) \ + GAUGE(request_allowed_size, Accumulate) \ + GAUGE(response_allowed_size, Accumulate) \ + HISTOGRAM(request_transfer_duration, Milliseconds) \ + HISTOGRAM(response_transfer_duration, Milliseconds) + +/** + * Struct definition for all bandwidth limit stats. @see stats_macros.h + */ +struct BandwidthLimitStats { + ALL_BANDWIDTH_LIMIT_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT, + GENERATE_HISTOGRAM_STRUCT) +}; + +/** + * Configuration for the HTTP bandwidth limit filter. + */ +class FilterConfig : public ::Envoy::Router::RouteSpecificFilterConfig { +public: + using EnableMode = + envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit_EnableMode; + + FilterConfig( + const envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit& config, + Stats::Scope& scope, Runtime::Loader& runtime, TimeSource& time_source, + bool per_route = false); + ~FilterConfig() override = default; + Runtime::Loader& runtime() { return runtime_; } + BandwidthLimitStats& stats() const { return stats_; } + TimeSource& timeSource() { return time_source_; } + // Must call enabled() before calling limit(). + uint64_t limit() const { return limit_kbps_; } + bool enabled() const { return enabled_.enabled(); } + EnableMode enableMode() const { return enable_mode_; }; + const std::shared_ptr tokenBucket() const { return token_bucket_; } + std::chrono::milliseconds fillInterval() const { return fill_interval_; } + +private: + friend class FilterTest; + + static BandwidthLimitStats generateStats(const std::string& prefix, Stats::Scope& scope); + + Runtime::Loader& runtime_; + TimeSource& time_source_; + const EnableMode enable_mode_; + const uint64_t limit_kbps_; + const std::chrono::milliseconds fill_interval_; + const Runtime::FeatureFlag enabled_; + mutable BandwidthLimitStats stats_; + // Filter chain's shared token bucket + std::shared_ptr token_bucket_; +}; + +using FilterConfigSharedPtr = std::shared_ptr; + +/** + * HTTP bandwidth limit filter. Depending on the route configuration, this + * filter calls consults with local token bucket before allowing further filter + * iteration. + */ +class BandwidthLimiter : public Http::StreamFilter, Logger::Loggable { +public: + BandwidthLimiter(FilterConfigSharedPtr config) : config_(config) {} + + // Http::StreamDecoderFilter + Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap&, bool) override; + Http::FilterDataStatus decodeData(Buffer::Instance& data, bool end_stream) override; + Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap& trailers) override; + + void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override { + decoder_callbacks_ = &callbacks; + } + + // Http::StreamEncoderFilter + Http::FilterHeadersStatus encode100ContinueHeaders(Http::ResponseHeaderMap&) override { + return Http::FilterHeadersStatus::Continue; + } + + Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap&, bool) override; + Http::FilterDataStatus encodeData(Buffer::Instance& data, bool end_stream) override; + Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; + + Http::FilterMetadataStatus encodeMetadata(Http::MetadataMap&) override { + return Http::FilterMetadataStatus::Continue; + } + + void setEncoderFilterCallbacks(Http::StreamEncoderFilterCallbacks& callbacks) override { + encoder_callbacks_ = &callbacks; + } + + // Http::StreamFilterBase + void onDestroy() override; + +private: + friend class FilterTest; + const FilterConfig& getConfig() const; + + void updateStatsOnDecodeFinish(); + void updateStatsOnEncodeFinish(); + + Http::StreamDecoderFilterCallbacks* decoder_callbacks_{}; + Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; + FilterConfigSharedPtr config_; + std::unique_ptr request_limiter_; + std::unique_ptr response_limiter_; + Stats::TimespanPtr request_latency_; + Stats::TimespanPtr response_latency_; +}; + +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/bandwidth_limit/config.cc b/source/extensions/filters/http/bandwidth_limit/config.cc new file mode 100644 index 000000000000..95b62c134175 --- /dev/null +++ b/source/extensions/filters/http/bandwidth_limit/config.cc @@ -0,0 +1,42 @@ +#include "source/extensions/filters/http/bandwidth_limit/config.h" + +#include + +#include "envoy/registry/registry.h" + +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +Http::FilterFactoryCb BandwidthLimitFilterConfig::createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit& proto_config, + const std::string&, Server::Configuration::FactoryContext& context) { + FilterConfigSharedPtr filter_config = std::make_shared( + proto_config, context.scope(), context.runtime(), context.timeSource()); + return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { + callbacks.addStreamFilter(std::make_shared(filter_config)); + }; +} + +Router::RouteSpecificFilterConfigConstSharedPtr +BandwidthLimitFilterConfig::createRouteSpecificFilterConfigTyped( + const envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit& proto_config, + Server::Configuration::ServerFactoryContext& context, ProtobufMessage::ValidationVisitor&) { + return std::make_shared(proto_config, context.scope(), context.runtime(), + context.timeSource(), true); +} + +/** + * Static registration for the bandwidth limit filter. @see RegisterFactory. + */ +REGISTER_FACTORY(BandwidthLimitFilterConfig, + Server::Configuration::NamedHttpFilterConfigFactory){"envoy.bandwidth_limit"}; + +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/bandwidth_limit/config.h b/source/extensions/filters/http/bandwidth_limit/config.h new file mode 100644 index 000000000000..b29a3ac2320b --- /dev/null +++ b/source/extensions/filters/http/bandwidth_limit/config.h @@ -0,0 +1,37 @@ +#pragma once + +#include "envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.pb.h" +#include "envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.pb.validate.h" + +#include "source/extensions/filters/http/common/factory_base.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +/** + * Config registration for the bandwidth limit filter. @see NamedHttpFilterConfigFactory. + */ +class BandwidthLimitFilterConfig + : public Common::FactoryBase< + envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit> { +public: + BandwidthLimitFilterConfig() : FactoryBase("envoy.filters.http.bandwidth_limit") {} + +private: + Http::FilterFactoryCb createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit& + proto_config, + const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; + + Router::RouteSpecificFilterConfigConstSharedPtr createRouteSpecificFilterConfigTyped( + const envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit& + proto_config, + Server::Configuration::ServerFactoryContext&, ProtobufMessage::ValidationVisitor&) override; +}; + +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/buffer/BUILD b/source/extensions/filters/http/buffer/BUILD index c38b84635d66..dc9174999883 100644 --- a/source/extensions/filters/http/buffer/BUILD +++ b/source/extensions/filters/http/buffer/BUILD @@ -17,9 +17,9 @@ envoy_cc_library( srcs = ["buffer_filter.cc"], hdrs = ["buffer_filter.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", @@ -28,7 +28,6 @@ envoy_cc_library( "//source/common/http:headers_lib", "//source/common/http:utility_lib", "//source/common/runtime:runtime_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/buffer/v3:pkg_cc_proto", ], ) @@ -37,13 +36,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", # Legacy test use. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/buffer:buffer_filter_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/buffer/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/buffer/buffer_filter.cc b/source/extensions/filters/http/buffer/buffer_filter.cc index eeb4c81304fa..87169ef1b071 100644 --- a/source/extensions/filters/http/buffer/buffer_filter.cc +++ b/source/extensions/filters/http/buffer/buffer_filter.cc @@ -1,18 +1,16 @@ -#include "extensions/filters/http/buffer/buffer_filter.h" +#include "source/extensions/filters/http/buffer/buffer_filter.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/http/codes.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_impl.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_impl.h" namespace Envoy { namespace Extensions { @@ -42,17 +40,10 @@ BufferFilter::BufferFilter(BufferFilterConfigSharedPtr config) void BufferFilter::initConfig() { ASSERT(!config_initialized_); config_initialized_ = true; - settings_ = config_->settings(); - if (!callbacks_->route() || !callbacks_->route()->routeEntry()) { - return; - } - - const std::string& name = HttpFilterNames::get().Buffer; - const auto* entry = callbacks_->route()->routeEntry(); - const auto* route_local = entry->mostSpecificPerFilterConfigTyped(name); - + const auto* route_local = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.buffer", callbacks_->route()); settings_ = route_local ? route_local : settings_; } diff --git a/source/extensions/filters/http/buffer/buffer_filter.h b/source/extensions/filters/http/buffer/buffer_filter.h index bc0750374a64..c8296063c8c5 100644 --- a/source/extensions/filters/http/buffer/buffer_filter.h +++ b/source/extensions/filters/http/buffer/buffer_filter.h @@ -8,7 +8,7 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/http/filter.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/buffer/config.cc b/source/extensions/filters/http/buffer/config.cc index 23c18ed50c7d..dcd9c6b9d7dd 100644 --- a/source/extensions/filters/http/buffer/config.cc +++ b/source/extensions/filters/http/buffer/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/buffer/config.h" +#include "source/extensions/filters/http/buffer/config.h" #include #include @@ -8,7 +8,7 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/buffer/buffer_filter.h" +#include "source/extensions/filters/http/buffer/buffer_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/buffer/config.h b/source/extensions/filters/http/buffer/config.h index e31cd5dbf75b..a762d65edc45 100644 --- a/source/extensions/filters/http/buffer/config.h +++ b/source/extensions/filters/http/buffer/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class BufferFilterFactory : public Common::FactoryBase { public: - BufferFilterFactory() : FactoryBase(HttpFilterNames::get().Buffer) {} + BufferFilterFactory() : FactoryBase("envoy.filters.http.buffer") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/cache/BUILD b/source/extensions/filters/http/cache/BUILD index 0023acfeefbe..1b04b15b7ca1 100644 --- a/source/extensions/filters/http/cache/BUILD +++ b/source/extensions/filters/http/cache/BUILD @@ -57,11 +57,11 @@ envoy_cc_library( ":cache_custom_headers", ":cache_headers_utils_lib", ":key_cc_proto", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/common:time_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:header_map_interface", + "//envoy/buffer:buffer_interface", + "//envoy/common:time_interface", + "//envoy/config:typed_config_interface", + "//envoy/http:codes_interface", + "//envoy/http:header_map_interface", "//source/common/common:assert_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", @@ -77,8 +77,8 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":cache_custom_headers", - "//include/envoy/common:time_interface", - "//include/envoy/http:header_map_interface", + "//envoy/common:time_interface", + "//envoy/http:header_map_interface", "//source/common/common:matchers_lib", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", @@ -101,12 +101,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream_and_upstream", - status = "wip", deps = [ ":cache_filter_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/cache/v3alpha:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/cache/cache_custom_headers.cc b/source/extensions/filters/http/cache/cache_custom_headers.cc index 119100fc9e9d..507ae5c39870 100644 --- a/source/extensions/filters/http/cache/cache_custom_headers.cc +++ b/source/extensions/filters/http/cache/cache_custom_headers.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cache/cache_custom_headers.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/cache_custom_headers.h b/source/extensions/filters/http/cache/cache_custom_headers.h index 61a094b45257..dd5d2694fea3 100644 --- a/source/extensions/filters/http/cache/cache_custom_headers.h +++ b/source/extensions/filters/http/cache/cache_custom_headers.h @@ -2,7 +2,7 @@ #include "envoy/http/header_map.h" -#include "common/http/headers.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/cache_filter.cc b/source/extensions/filters/http/cache/cache_filter.cc index 8eea39694faf..768fd0ae5b99 100644 --- a/source/extensions/filters/http/cache/cache_filter.cc +++ b/source/extensions/filters/http/cache/cache_filter.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/cache/cache_filter.h" +#include "source/extensions/filters/http/cache/cache_filter.h" #include "envoy/http/header_map.h" -#include "common/common/enum_to_int.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/cache/cache_custom_headers.h" -#include "extensions/filters/http/cache/cacheability_utils.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" +#include "source/extensions/filters/http/cache/cacheability_utils.h" #include "absl/memory/memory.h" #include "absl/strings/str_cat.h" diff --git a/source/extensions/filters/http/cache/cache_filter.h b/source/extensions/filters/http/cache/cache_filter.h index 360c91fa816c..5560298f7356 100644 --- a/source/extensions/filters/http/cache/cache_filter.h +++ b/source/extensions/filters/http/cache/cache_filter.h @@ -7,11 +7,10 @@ #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" -#include "common/common/logger.h" - -#include "extensions/filters/http/cache/cache_headers_utils.h" -#include "extensions/filters/http/cache/http_cache.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" +#include "source/extensions/filters/http/cache/http_cache.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/cache_headers_utils.cc b/source/extensions/filters/http/cache/cache_headers_utils.cc index 9577d7876532..73a9c5b5625a 100644 --- a/source/extensions/filters/http/cache/cache_headers_utils.cc +++ b/source/extensions/filters/http/cache/cache_headers_utils.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cache/cache_headers_utils.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" #include #include @@ -6,10 +6,9 @@ #include "envoy/http/header_map.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" - -#include "extensions/filters/http/cache/cache_custom_headers.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" #include "absl/algorithm/container.h" #include "absl/strings/ascii.h" diff --git a/source/extensions/filters/http/cache/cache_headers_utils.h b/source/extensions/filters/http/cache/cache_headers_utils.h index aec5c78e4bcf..5c170452a969 100644 --- a/source/extensions/filters/http/cache/cache_headers_utils.h +++ b/source/extensions/filters/http/cache/cache_headers_utils.h @@ -4,11 +4,11 @@ #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/http/header_map.h" -#include "common/common/matchers.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/matchers.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/cache/cacheability_utils.cc b/source/extensions/filters/http/cache/cacheability_utils.cc index a4c0d8a0c673..20fe9107ebfe 100644 --- a/source/extensions/filters/http/cache/cacheability_utils.cc +++ b/source/extensions/filters/http/cache/cacheability_utils.cc @@ -1,11 +1,10 @@ -#include "extensions/filters/http/cache/cacheability_utils.h" +#include "source/extensions/filters/http/cache/cacheability_utils.h" #include "envoy/http/header_map.h" -#include "common/common/macros.h" -#include "common/common/utility.h" - -#include "extensions/filters/http/cache/cache_custom_headers.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/cacheability_utils.h b/source/extensions/filters/http/cache/cacheability_utils.h index d968c3261cf0..00f5cfd8bfdf 100644 --- a/source/extensions/filters/http/cache/cacheability_utils.h +++ b/source/extensions/filters/http/cache/cacheability_utils.h @@ -1,9 +1,8 @@ #pragma once -#include "common/common/utility.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/cache/cache_headers_utils.h" +#include "source/common/common/utility.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/config.cc b/source/extensions/filters/http/cache/config.cc index 86277189a789..f1d713e8d1c1 100644 --- a/source/extensions/filters/http/cache/config.cc +++ b/source/extensions/filters/http/cache/config.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/http/cache/config.h" +#include "source/extensions/filters/http/cache/config.h" -#include "extensions/filters/http/cache/cache_filter.h" +#include "source/extensions/filters/http/cache/cache_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/config.h b/source/extensions/filters/http/cache/config.h index 656a1d68ca95..341a054344d5 100644 --- a/source/extensions/filters/http/cache/config.h +++ b/source/extensions/filters/http/cache/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -14,7 +13,7 @@ namespace Cache { class CacheFilterFactory : public Common::FactoryBase { public: - CacheFilterFactory() : FactoryBase(HttpFilterNames::get().Cache) {} + CacheFilterFactory() : FactoryBase("envoy.filters.http.cache") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/cache/http_cache.cc b/source/extensions/filters/http/cache/http_cache.cc index 2229252407d4..2fef083676bf 100644 --- a/source/extensions/filters/http/cache/http_cache.cc +++ b/source/extensions/filters/http/cache/http_cache.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cache/http_cache.h" +#include "source/extensions/filters/http/cache/http_cache.h" #include #include @@ -7,12 +7,11 @@ #include "envoy/http/codes.h" #include "envoy/http/header_map.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/cache/cache_custom_headers.h" -#include "extensions/filters/http/cache/cache_headers_utils.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/cache/http_cache.h b/source/extensions/filters/http/cache/http_cache.h index efde461d146a..ebd6c888ec97 100644 --- a/source/extensions/filters/http/cache/http_cache.h +++ b/source/extensions/filters/http/cache/http_cache.h @@ -10,13 +10,11 @@ #include "envoy/extensions/filters/http/cache/v3alpha/cache.pb.h" #include "envoy/http/header_map.h" -#include "common/common/assert.h" -#include "common/common/logger.h" - +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" #include "source/extensions/filters/http/cache/key.pb.h" -#include "extensions/filters/http/cache/cache_headers_utils.h" - #include "absl/strings/string_view.h" namespace Envoy { diff --git a/source/extensions/filters/http/cache/simple_http_cache/BUILD b/source/extensions/filters/http/cache/simple_http_cache/BUILD index a9a500e1f9b8..5b25659f64b0 100644 --- a/source/extensions/filters/http/cache/simple_http_cache/BUILD +++ b/source/extensions/filters/http/cache/simple_http_cache/BUILD @@ -14,12 +14,9 @@ envoy_cc_extension( name = "config", srcs = ["simple_http_cache.cc"], hdrs = ["simple_http_cache.h"], - category = "envoy.filters.http.cache", - security_posture = "robust_to_untrusted_downstream_and_upstream", - status = "wip", deps = [ - "//include/envoy/registry", - "//include/envoy/runtime:runtime_interface", + "//envoy/registry", + "//envoy/runtime:runtime_interface", "//source/common/buffer:buffer_lib", "//source/common/common:macros", "//source/common/http:header_map_lib", diff --git a/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.cc b/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.cc index 7a7f3170504e..c39b136be876 100644 --- a/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.cc +++ b/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" +#include "source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" #include "envoy/extensions/cache/simple_http_cache/v3alpha/config.pb.h" #include "envoy/registry/registry.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/header_map_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h b/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h index 03ee72e51e61..0cb45d7b5870 100644 --- a/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h +++ b/source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h @@ -1,8 +1,7 @@ #pragma once -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/cache/http_cache.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/cache/http_cache.h" #include "absl/base/thread_annotations.h" #include "absl/container/flat_hash_map.h" diff --git a/source/extensions/filters/http/cdn_loop/BUILD b/source/extensions/filters/http/cdn_loop/BUILD index 291f20b3a725..1d7d680bf80b 100644 --- a/source/extensions/filters/http/cdn_loop/BUILD +++ b/source/extensions/filters/http/cdn_loop/BUILD @@ -15,9 +15,9 @@ envoy_cc_library( hdrs = ["filter.h"], deps = [ ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", "//source/common/common:statusor_lib", "//source/common/http:headers_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", @@ -45,17 +45,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ ":filter_lib", ":parser_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:factory_context_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:factory_context_interface", "//source/common/common:statusor_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/cdn_loop/v3alpha:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/cdn_loop/config.cc b/source/extensions/filters/http/cdn_loop/config.cc index 0b16b3c81958..93c3d155a8ad 100644 --- a/source/extensions/filters/http/cdn_loop/config.cc +++ b/source/extensions/filters/http/cdn_loop/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cdn_loop/config.h" +#include "source/extensions/filters/http/cdn_loop/config.h" #include @@ -8,10 +8,9 @@ #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" -#include "common/common/statusor.h" - -#include "extensions/filters/http/cdn_loop/filter.h" -#include "extensions/filters/http/cdn_loop/parser.h" +#include "source/common/common/statusor.h" +#include "source/extensions/filters/http/cdn_loop/filter.h" +#include "source/extensions/filters/http/cdn_loop/parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cdn_loop/config.h b/source/extensions/filters/http/cdn_loop/config.h index 1e03a123649f..5d9fea5bd1fe 100644 --- a/source/extensions/filters/http/cdn_loop/config.h +++ b/source/extensions/filters/http/cdn_loop/config.h @@ -7,8 +7,7 @@ #include "envoy/http/filter.h" #include "envoy/server/factory_context.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -19,7 +18,7 @@ class CdnLoopFilterFactory : public Common::FactoryBase< envoy::extensions::filters::http::cdn_loop::v3alpha::CdnLoopConfig> { public: - CdnLoopFilterFactory() : FactoryBase(HttpFilterNames::get().CdnLoop) {} + CdnLoopFilterFactory() : FactoryBase("envoy.filters.http.cdn_loop") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/cdn_loop/filter.cc b/source/extensions/filters/http/cdn_loop/filter.cc index 38158011502e..544ad53dcaa7 100644 --- a/source/extensions/filters/http/cdn_loop/filter.cc +++ b/source/extensions/filters/http/cdn_loop/filter.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/cdn_loop/filter.h" +#include "source/extensions/filters/http/cdn_loop/filter.h" #include "envoy/http/codes.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" -#include "common/common/statusor.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/cdn_loop/utils.h" +#include "source/common/common/statusor.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/cdn_loop/utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cdn_loop/filter.h b/source/extensions/filters/http/cdn_loop/filter.h index 77216b798d50..d65fa5c17004 100644 --- a/source/extensions/filters/http/cdn_loop/filter.h +++ b/source/extensions/filters/http/cdn_loop/filter.h @@ -5,7 +5,7 @@ #include "envoy/http/filter.h" #include "envoy/http/header_map.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cdn_loop/parser.cc b/source/extensions/filters/http/cdn_loop/parser.cc index 6f37ac5eb3fa..db002350d6fb 100644 --- a/source/extensions/filters/http/cdn_loop/parser.cc +++ b/source/extensions/filters/http/cdn_loop/parser.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/http/cdn_loop/parser.h" +#include "source/extensions/filters/http/cdn_loop/parser.h" -#include "common/common/statusor.h" +#include "source/common/common/statusor.h" #include "absl/status/status.h" #include "absl/strings/str_format.h" diff --git a/source/extensions/filters/http/cdn_loop/parser.h b/source/extensions/filters/http/cdn_loop/parser.h index 5b9aad5175b2..625b4b454b39 100644 --- a/source/extensions/filters/http/cdn_loop/parser.h +++ b/source/extensions/filters/http/cdn_loop/parser.h @@ -2,7 +2,7 @@ #include -#include "common/common/statusor.h" +#include "source/common/common/statusor.h" #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/cdn_loop/utils.cc b/source/extensions/filters/http/cdn_loop/utils.cc index e7c478509910..e2fffa92f298 100644 --- a/source/extensions/filters/http/cdn_loop/utils.cc +++ b/source/extensions/filters/http/cdn_loop/utils.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/http/cdn_loop/utils.h" +#include "source/extensions/filters/http/cdn_loop/utils.h" #include -#include "common/common/statusor.h" - -#include "extensions/filters/http/cdn_loop/parser.h" +#include "source/common/common/statusor.h" +#include "source/extensions/filters/http/cdn_loop/parser.h" #include "absl/status/status.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/cdn_loop/utils.h b/source/extensions/filters/http/cdn_loop/utils.h index ba486edadc16..c2813b424e65 100644 --- a/source/extensions/filters/http/cdn_loop/utils.h +++ b/source/extensions/filters/http/cdn_loop/utils.h @@ -1,6 +1,6 @@ #pragma once -#include "common/common/statusor.h" +#include "source/common/common/statusor.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/common/BUILD b/source/extensions/filters/http/common/BUILD index d9a7558fb38e..b8cffa1c6366 100644 --- a/source/extensions/filters/http/common/BUILD +++ b/source/extensions/filters/http/common/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( # A thin shim used by test and prod filters. visibility = ["//visibility:public"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", ], ) @@ -23,7 +23,7 @@ envoy_cc_library( hdrs = ["factory_base.h"], visibility = ["//visibility:public"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", ], ) @@ -35,7 +35,7 @@ envoy_cc_library( "jwt_verify_lib", ], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/http:utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], @@ -50,10 +50,9 @@ envoy_cc_library( "//test:__subpackages__", ], deps = [ - "//include/envoy/runtime:runtime_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:macros", "//source/extensions/common:utility_lib", - "//source/extensions/filters/http:well_known_names", ], ) @@ -62,9 +61,9 @@ envoy_cc_library( srcs = ["stream_rate_limiter.cc"], hdrs = ["stream_rate_limiter.h"], deps = [ - "//include/envoy/common:token_bucket_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/common:token_bucket_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", diff --git a/source/extensions/filters/http/common/compressor/BUILD b/source/extensions/filters/http/common/compressor/BUILD deleted file mode 100644 index ec0648006b5c..000000000000 --- a/source/extensions/filters/http/common/compressor/BUILD +++ /dev/null @@ -1,28 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_extension_package() - -# TODO(rojkov): move this library to source/extensions/filters/http/compressor/. -envoy_cc_library( - name = "compressor_lib", - srcs = ["compressor.cc"], - hdrs = ["compressor.h"], - deps = [ - "//include/envoy/compression/compressor:compressor_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/stream_info:filter_state_interface", - "//source/common/buffer:buffer_lib", - "//source/common/http:header_map_lib", - "//source/common/http:utility_lib", - "//source/common/protobuf", - "//source/common/runtime:runtime_lib", - "//source/extensions/filters/http/common:pass_through_filter_lib", - "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", - ], -) diff --git a/source/extensions/filters/http/common/compressor/compressor.cc b/source/extensions/filters/http/common/compressor/compressor.cc deleted file mode 100644 index 7f9f5fe8e0a0..000000000000 --- a/source/extensions/filters/http/common/compressor/compressor.cc +++ /dev/null @@ -1,590 +0,0 @@ -#include "extensions/filters/http/common/compressor/compressor.h" - -#include "common/buffer/buffer_impl.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Common { -namespace Compressors { - -namespace { - -Http::RegisterCustomInlineHeader - accept_encoding_handle(Http::CustomHeaders::get().AcceptEncoding); -Http::RegisterCustomInlineHeader - cache_control_handle(Http::CustomHeaders::get().CacheControl); -Http::RegisterCustomInlineHeader - etag_handle(Http::CustomHeaders::get().Etag); -Http::RegisterCustomInlineHeader - vary_handle(Http::CustomHeaders::get().Vary); - -Http::RegisterCustomInlineHeader - request_content_encoding_handle(Http::CustomHeaders::get().ContentEncoding); -Http::RegisterCustomInlineHeader - response_content_encoding_handle(Http::CustomHeaders::get().ContentEncoding); - -// Default minimum length of an upstream response that allows compression. -const uint64_t DefaultMinimumContentLength = 30; - -// Default content types will be used if any is provided by the user. -const std::vector& defaultContentEncoding() { - CONSTRUCT_ON_FIRST_USE( - std::vector, - {"text/html", "text/plain", "text/css", "application/javascript", "application/x-javascript", - "text/javascript", "text/x-javascript", "text/ecmascript", "text/js", "text/jscript", - "text/x-js", "application/ecmascript", "application/x-json", "application/xml", - "application/json", "image/svg+xml", "text/xml", "application/xhtml+xml"}); -} - -// List of CompressorFilterConfig objects registered for a stream. -struct CompressorRegistry : public StreamInfo::FilterState::Object { - std::list filter_configs_; -}; - -// Key to per stream CompressorRegistry objects. -const std::string& compressorRegistryKey() { CONSTRUCT_ON_FIRST_USE(std::string, "compressors"); } - -void compressAndUpdateStats(const Compression::Compressor::CompressorPtr& compressor, - const CompressorStats& stats, Buffer::Instance& data, bool end_stream) { - ASSERT(compressor != nullptr); - stats.total_uncompressed_bytes_.add(data.length()); - compressor->compress(data, end_stream ? Envoy::Compression::Compressor::State::Finish - : Envoy::Compression::Compressor::State::Flush); - stats.total_compressed_bytes_.add(data.length()); -} - -} // namespace - -CompressorFilterConfig::DirectionConfig::DirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig& - proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) - : compression_enabled_(proto_config.enabled(), runtime), - min_content_length_{contentLengthUint(proto_config.min_content_length().value())}, - content_type_values_(contentTypeSet(proto_config.content_type())), stats_{generateStats( - stats_prefix, scope)} { -} - -CompressorFilterConfig::CompressorFilterConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& compressor, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, - const std::string& content_encoding) - : request_direction_config_(compressor, stats_prefix, scope, runtime), - response_direction_config_(compressor, stats_prefix, scope, runtime), - content_encoding_(content_encoding) {} - -StringUtil::CaseUnorderedSet CompressorFilterConfig::DirectionConfig::contentTypeSet( - const Protobuf::RepeatedPtrField& types) { - const auto& default_content_encodings = defaultContentEncoding(); - return types.empty() ? StringUtil::CaseUnorderedSet(default_content_encodings.begin(), - default_content_encodings.end()) - : StringUtil::CaseUnorderedSet(types.cbegin(), types.cend()); -} - -uint32_t CompressorFilterConfig::DirectionConfig::contentLengthUint(Protobuf::uint32 length) { - return length > 0 ? length : DefaultMinimumContentLength; -} - -CompressorFilterConfig::RequestDirectionConfig::RequestDirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) - : DirectionConfig(proto_config.request_direction_config().common_config(), - stats_prefix + "request.", scope, runtime), - is_set_{proto_config.has_request_direction_config()} {} - -CompressorFilterConfig::ResponseDirectionConfig::ResponseDirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) - : DirectionConfig(commonConfig(proto_config), - proto_config.has_response_direction_config() ? stats_prefix + "response." - : stats_prefix, - scope, runtime), - disable_on_etag_header_( - proto_config.has_response_direction_config() - ? proto_config.response_direction_config().disable_on_etag_header() - : proto_config.disable_on_etag_header()), - remove_accept_encoding_header_( - proto_config.has_response_direction_config() - ? proto_config.response_direction_config().remove_accept_encoding_header() - : proto_config.remove_accept_encoding_header()), - response_stats_{generateResponseStats(stats_prefix, scope)} {} - -const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig -CompressorFilterConfig::ResponseDirectionConfig::commonConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config) { - if (proto_config.has_response_direction_config()) { - return proto_config.response_direction_config().common_config(); - } - envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig config = {}; - if (proto_config.has_content_length()) { - config.set_allocated_min_content_length( - // According to - // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage - // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. - new Protobuf::UInt32Value(proto_config.content_length())); - } - // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) - for (const std::string& ctype : proto_config.content_type()) { - config.add_content_type(ctype); - } - config.set_allocated_enabled( - // According to - // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage - // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. - new envoy::config::core::v3::RuntimeFeatureFlag(proto_config.runtime_enabled())); - // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) - return config; -} - -CompressorFilter::CompressorFilter(const CompressorFilterConfigSharedPtr config) - : config_(std::move(config)) {} - -Http::FilterHeadersStatus CompressorFilter::decodeHeaders(Http::RequestHeaderMap& headers, - bool end_stream) { - const Http::HeaderEntry* accept_encoding = headers.getInline(accept_encoding_handle.handle()); - if (accept_encoding != nullptr) { - // Capture the value of the "Accept-Encoding" request header to use it later when making - // decision on compressing the corresponding HTTP response. - accept_encoding_ = std::make_unique(accept_encoding->value().getStringView()); - } - - const auto& response_config = config_->responseDirectionConfig(); - if (response_config.compressionEnabled() && response_config.removeAcceptEncodingHeader()) { - headers.removeInline(accept_encoding_handle.handle()); - } - - const auto& request_config = config_->requestDirectionConfig(); - const bool is_not_upgrade = - !Http::Utility::isUpgrade(headers) || - !Runtime::runtimeFeatureEnabled( - "envoy.reloadable_features.enable_compression_without_content_length_header"); - - if (!end_stream && request_config.compressionEnabled() && is_not_upgrade && - request_config.isMinimumContentLength(headers) && - request_config.isContentTypeAllowed(headers) && - !headers.getInline(request_content_encoding_handle.handle()) && - isTransferEncodingAllowed(headers)) { - headers.removeContentLength(); - headers.setInline(request_content_encoding_handle.handle(), config_->contentEncoding()); - request_config.stats().compressed_.inc(); - request_compressor_ = config_->makeCompressor(); - } else { - request_config.stats().not_compressed_.inc(); - } - - return Http::FilterHeadersStatus::Continue; -} - -Http::FilterDataStatus CompressorFilter::decodeData(Buffer::Instance& data, bool end_stream) { - if (request_compressor_ != nullptr) { - compressAndUpdateStats(request_compressor_, config_->requestDirectionConfig().stats(), data, - end_stream); - } - return Http::FilterDataStatus::Continue; -} - -Http::FilterTrailersStatus CompressorFilter::decodeTrailers(Http::RequestTrailerMap&) { - if (request_compressor_ != nullptr) { - Buffer::OwnedImpl empty_buffer; - // The presence of trailers means the stream is ended, but decodeData() - // is never called with end_stream=true, thus let the compression library know - // that the stream is ended. - compressAndUpdateStats(request_compressor_, config_->requestDirectionConfig().stats(), - empty_buffer, true); - decoder_callbacks_->addDecodedData(empty_buffer, true); - } - return Http::FilterTrailersStatus::Continue; -} - -void CompressorFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { - decoder_callbacks_ = &callbacks; - - absl::string_view key = compressorRegistryKey(); - // To properly handle the cases where the decision on instantiating a compressor depends on - // the presence of other compression filters in the chain the filters need to be aware of each - // other. This is achieved by exploiting per-request data objects StreamInfo::FilterState: upon - // setting up a CompressorFilter, the new instance registers itself in the filter state. Then in - // the method isAcceptEncodingAllowed() the first filter is making a decision which encoder needs - // to be used for a request, with e.g. "Accept-Encoding: deflate;q=0.75, gzip;q=0.5", and caches - // it in the state. All other compression filters in the sequence use the cached decision. - const StreamInfo::FilterStateSharedPtr& filter_state = callbacks.streamInfo().filterState(); - if (filter_state->hasData(key)) { - CompressorRegistry& registry = filter_state->getDataMutable(key); - registry.filter_configs_.push_back(config_); - } else { - auto registry_ptr = std::make_unique(); - registry_ptr->filter_configs_.push_back(config_); - filter_state->setData(key, std::move(registry_ptr), - StreamInfo::FilterState::StateType::Mutable); - } -} - -Http::FilterHeadersStatus CompressorFilter::encodeHeaders(Http::ResponseHeaderMap& headers, - bool end_stream) { - const auto& config = config_->responseDirectionConfig(); - const bool isEnabledAndContentLengthBigEnough = - config.compressionEnabled() && config.isMinimumContentLength(headers); - const bool is_not_upgrade = - !Http::Utility::isUpgrade(headers) || - !Runtime::runtimeFeatureEnabled( - "envoy.reloadable_features.enable_compression_without_content_length_header"); - - const bool isCompressible = isEnabledAndContentLengthBigEnough && is_not_upgrade && - config.isContentTypeAllowed(headers) && - !hasCacheControlNoTransform(headers) && isEtagAllowed(headers) && - !headers.getInline(response_content_encoding_handle.handle()); - if (!end_stream && isEnabledAndContentLengthBigEnough && isAcceptEncodingAllowed(headers) && - isCompressible && isTransferEncodingAllowed(headers)) { - sanitizeEtagHeader(headers); - headers.removeContentLength(); - headers.setInline(response_content_encoding_handle.handle(), config_->contentEncoding()); - config.stats().compressed_.inc(); - // Finally instantiate the compressor. - response_compressor_ = config_->makeCompressor(); - } else { - config.stats().not_compressed_.inc(); - } - - // Even if we decided not to compress due to incompatible Accept-Encoding value, - // the Vary header would need to be inserted to let a caching proxy in front of Envoy - // know that the requested resource still can be served with compression applied. - if (isCompressible) { - insertVaryHeader(headers); - } - - return Http::FilterHeadersStatus::Continue; -} - -Http::FilterDataStatus CompressorFilter::encodeData(Buffer::Instance& data, bool end_stream) { - if (response_compressor_ != nullptr) { - compressAndUpdateStats(response_compressor_, config_->responseDirectionConfig().stats(), data, - end_stream); - } - return Http::FilterDataStatus::Continue; -} - -Http::FilterTrailersStatus CompressorFilter::encodeTrailers(Http::ResponseTrailerMap&) { - if (response_compressor_ != nullptr) { - Buffer::OwnedImpl empty_buffer; - // The presence of trailers means the stream is ended, but encodeData() - // is never called with end_stream=true, thus let the compression library know - // that the stream is ended. - compressAndUpdateStats(response_compressor_, config_->responseDirectionConfig().stats(), - empty_buffer, true); - encoder_callbacks_->addEncodedData(empty_buffer, true); - } - return Http::FilterTrailersStatus::Continue; -} - -bool CompressorFilter::hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const { - const Http::HeaderEntry* cache_control = headers.getInline(cache_control_handle.handle()); - if (cache_control) { - return StringUtil::caseFindToken(cache_control->value().getStringView(), ",", - Http::CustomHeaders::get().CacheControlValues.NoTransform); - } - - return false; -} - -// This function makes decision on which encoding to use for the response body and is -// supposed to be called only once per request even if there are multiple compressor -// filters in the chain. To make a decision the function needs to know what's the -// request's Accept-Encoding, the response's Content-Type and the list of compressor -// filters in the current chain. -// TODO(rojkov): add an explicit fuzzer for chooseEncoding(). -std::unique_ptr -CompressorFilter::chooseEncoding(const Http::ResponseHeaderMap& headers) const { - using EncPair = std::pair; // pair of {encoding, q_value} - std::vector pairs; - absl::string_view content_type_value; - - const Http::HeaderEntry* content_type = headers.ContentType(); - if (content_type != nullptr) { - content_type_value = - StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); - } - - // Find all compressors enabled for the filter chain. - std::map allowed_compressors; - uint32_t registration_count{0}; - for (const auto& filter_config : - decoder_callbacks_->streamInfo() - .filterState() - ->getDataReadOnly(compressorRegistryKey()) - .filter_configs_) { - // A compressor filter may be limited to compress certain Content-Types. If the response's - // content type doesn't match the list of content types this filter is enabled for then - // it must be excluded from the decision process. - // For example, there are two compressor filters in the chain e.g. "gzip" and "deflate". - // "gzip" is configured to compress only "text/html" and "deflate" is configured to compress - // only "application/javascript". Then comes a request with Accept-Encoding header - // "gzip;q=1,deflate;q=.5". The corresponding response content type is "application/javascript". - // If "gzip" is not excluded from the decision process then it will take precedence over - // "deflate" and the resulting response won't be compressed at all. - if (!content_type_value.empty() && - !filter_config->responseDirectionConfig().contentTypeValues().empty()) { - auto iter = - filter_config->responseDirectionConfig().contentTypeValues().find(content_type_value); - if (iter == filter_config->responseDirectionConfig().contentTypeValues().end()) { - // Skip adding this filter to the list of allowed compressors. - continue; - } - } - - // There could be many compressors registered for the same content encoding, e.g. consider a - // case when there are two gzip filters using different compression levels for different content - // sizes. In such case we ignore duplicates (or different filters for the same encoding) - // registered last. - auto enc = allowed_compressors.find(filter_config->contentEncoding()); - if (enc == allowed_compressors.end()) { - allowed_compressors.insert({filter_config->contentEncoding(), registration_count}); - ++registration_count; - } - } - - // Find all encodings accepted by the user agent and adjust the list of allowed compressors. - for (const auto& token : StringUtil::splitToken(*accept_encoding_, ",", false /* keep_empty */)) { - EncPair pair = - std::make_pair(StringUtil::trim(StringUtil::cropRight(token, ";")), static_cast(1)); - const auto params = StringUtil::cropLeft(token, ";"); - if (params != token) { - const auto q_value = StringUtil::cropLeft(params, "="); - if (q_value != params && - absl::EqualsIgnoreCase("q", StringUtil::trim(StringUtil::cropRight(params, "=")))) { - auto result = absl::SimpleAtof(StringUtil::trim(q_value), &pair.second); - if (!result) { - // Skip not parseable q-value. - continue; - } - } - } - - pairs.push_back(pair); - - if (!pair.second) { - // Disallow compressors with "q=0". - // The reason why we add encodings to "pairs" even with "q=0" is that "pairs" contains - // client's expectations and "allowed_compressors" is what Envoy can handle. Consider - // the cases of "Accept-Encoding: gzip;q=0, deflate, *" and "Accept-Encoding: deflate, *" - // whereas the proxy has only "gzip" configured. If we just exclude the encodings with "q=0" - // from "pairs" then upon noticing "*" we don't know if "gzip" is acceptable by the client. - allowed_compressors.erase(std::string(pair.first)); - } - } - - if (pairs.empty() || allowed_compressors.empty()) { - // If there's no intersection between accepted encodings and the ones provided by the allowed - // compressors, then only the "identity" encoding is acceptable. - return std::make_unique( - Http::CustomHeaders::get().AcceptEncodingValues.Identity, - CompressorFilter::EncodingDecision::HeaderStat::NotValid); - } - - // Find intersection of encodings accepted by the user agent and provided - // by the allowed compressors and choose the one with the highest q-value. - EncPair choice{Http::CustomHeaders::get().AcceptEncodingValues.Identity, static_cast(0)}; - for (const auto& pair : pairs) { - if ((pair.second > choice.second) && - (allowed_compressors.count(std::string(pair.first)) || - pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity || - pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard)) { - choice = pair; - } - } - - if (!choice.second) { - // The value of "Accept-Encoding" must be invalid as we ended up with zero q-value. - return std::make_unique( - Http::CustomHeaders::get().AcceptEncodingValues.Identity, - CompressorFilter::EncodingDecision::HeaderStat::NotValid); - } - - // The "identity" encoding (no compression) is always available. - if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity) { - return std::make_unique( - Http::CustomHeaders::get().AcceptEncodingValues.Identity, - CompressorFilter::EncodingDecision::HeaderStat::Identity); - } - - // If wildcard is given then use which ever compressor is registered first. - if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard) { - auto first_registered = std::min_element( - allowed_compressors.begin(), allowed_compressors.end(), - [](const std::pair& a, - const std::pair& b) -> bool { return a.second < b.second; }); - return std::make_unique( - first_registered->first, CompressorFilter::EncodingDecision::HeaderStat::Wildcard); - } - - return std::make_unique( - std::string(choice.first), CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor); -} - -// Check if this filter was chosen to compress. Also update the filter's stat counters related to -// the Accept-Encoding header. -bool CompressorFilter::shouldCompress(const CompressorFilter::EncodingDecision& decision) const { - const bool should_compress = - absl::EqualsIgnoreCase(config_->contentEncoding(), decision.encoding()); - const ResponseCompressorStats& stats = config_->responseDirectionConfig().responseStats(); - - switch (decision.stat()) { - case CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor: - if (should_compress) { - stats.header_compressor_used_.inc(); - // TODO(rojkov): Remove this increment when the gzip-specific stat is gone. - if (absl::EqualsIgnoreCase("gzip", config_->contentEncoding())) { - stats.header_gzip_.inc(); - } - } else { - // Some other compressor filter in the same chain compressed the response body, - // but not this filter. - stats.header_compressor_overshadowed_.inc(); - } - break; - case CompressorFilter::EncodingDecision::HeaderStat::Identity: - stats.header_identity_.inc(); - break; - case CompressorFilter::EncodingDecision::HeaderStat::Wildcard: - stats.header_wildcard_.inc(); - break; - default: - stats.header_not_valid_.inc(); - break; - } - - return should_compress; -} - -bool CompressorFilter::isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const { - if (accept_encoding_ == nullptr) { - config_->responseDirectionConfig().responseStats().no_accept_header_.inc(); - return false; - } - - const absl::string_view encoding_decision_key{"encoding_decision"}; - - // Check if we have already cached our decision on encoding. - const StreamInfo::FilterStateSharedPtr& filter_state = - decoder_callbacks_->streamInfo().filterState(); - if (filter_state->hasData(encoding_decision_key)) { - const CompressorFilter::EncodingDecision& decision = - filter_state->getDataReadOnly(encoding_decision_key); - return shouldCompress(decision); - } - - // No cached decision found, so decide now. - std::unique_ptr decision = chooseEncoding(headers); - bool result = shouldCompress(*decision); - filter_state->setData(encoding_decision_key, std::move(decision), - StreamInfo::FilterState::StateType::ReadOnly); - return result; -} - -bool CompressorFilterConfig::DirectionConfig::isContentTypeAllowed( - const Http::RequestOrResponseHeaderMap& headers) const { - const Http::HeaderEntry* content_type = headers.ContentType(); - if (content_type != nullptr && !content_type_values_.empty()) { - const absl::string_view value = - StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); - return content_type_values_.find(value) != content_type_values_.end(); - } - - return true; -} - -bool CompressorFilter::isEtagAllowed(Http::ResponseHeaderMap& headers) const { - const bool is_etag_allowed = !(config_->responseDirectionConfig().disableOnEtagHeader() && - headers.getInline(etag_handle.handle())); - if (!is_etag_allowed) { - config_->responseDirectionConfig().responseStats().not_compressed_etag_.inc(); - } - return is_etag_allowed; -} - -bool CompressorFilterConfig::DirectionConfig::isMinimumContentLength( - const Http::RequestOrResponseHeaderMap& headers) const { - const Http::HeaderEntry* content_length = headers.ContentLength(); - if (content_length != nullptr) { - uint64_t length; - const bool is_minimum_content_length = - absl::SimpleAtoi(content_length->value().getStringView(), &length) && - length >= min_content_length_; - if (!is_minimum_content_length) { - stats_.content_length_too_small_.inc(); - } - return is_minimum_content_length; - } - if (Runtime::runtimeFeatureEnabled( - "envoy.reloadable_features.enable_compression_without_content_length_header")) { - // return true to ignore the minimum length configuration if no content-length header is present - return true; - } - return StringUtil::caseFindToken(headers.getTransferEncodingValue(), ",", - Http::Headers::get().TransferEncodingValues.Chunked); -} - -bool CompressorFilter::isTransferEncodingAllowed(Http::RequestOrResponseHeaderMap& headers) const { - const Http::HeaderEntry* transfer_encoding = headers.TransferEncoding(); - if (transfer_encoding != nullptr) { - for (absl::string_view header_value : - StringUtil::splitToken(transfer_encoding->value().getStringView(), ",", true)) { - const auto trimmed_value = StringUtil::trim(header_value); - // Check if the message is already compressed with any compression encoding - // known to Envoy. - if (absl::EqualsIgnoreCase(trimmed_value, Http::Headers::get().TransferEncodingValues.Gzip) || - absl::EqualsIgnoreCase(trimmed_value, - Http::Headers::get().TransferEncodingValues.Brotli) || - absl::EqualsIgnoreCase(trimmed_value, - Http::Headers::get().TransferEncodingValues.Deflate) || - absl::EqualsIgnoreCase(trimmed_value, - Http::Headers::get().TransferEncodingValues.Compress) || - // or with a custom non-standard compression provided by an external - // compression library. - absl::EqualsIgnoreCase(trimmed_value, config_->contentEncoding())) { - return false; - } - } - } - - return true; -} - -void CompressorFilter::insertVaryHeader(Http::ResponseHeaderMap& headers) { - const Http::HeaderEntry* vary = headers.getInline(vary_handle.handle()); - if (vary != nullptr) { - if (!StringUtil::findToken(vary->value().getStringView(), ",", - Http::CustomHeaders::get().VaryValues.AcceptEncoding, true)) { - std::string new_header; - absl::StrAppend(&new_header, vary->value().getStringView(), ", ", - Http::CustomHeaders::get().VaryValues.AcceptEncoding); - headers.setInline(vary_handle.handle(), new_header); - } - } else { - headers.setReferenceInline(vary_handle.handle(), - Http::CustomHeaders::get().VaryValues.AcceptEncoding); - } -} - -// TODO(gsagula): It seems that every proxy has a different opinion how to handle Etag. Some -// discussions around this topic have been going on for over a decade, e.g., -// https://bz.apache.org/bugzilla/show_bug.cgi?id=45023 -// This design attempts to stay more on the safe side by preserving weak etags and removing -// the strong ones when disable_on_etag_header is false. Envoy does NOT re-write entity tags. -void CompressorFilter::sanitizeEtagHeader(Http::ResponseHeaderMap& headers) { - const Http::HeaderEntry* etag = headers.getInline(etag_handle.handle()); - if (etag != nullptr) { - absl::string_view value(etag->value().getStringView()); - if (value.length() > 2 && !((value[0] == 'w' || value[0] == 'W') && value[1] == '/')) { - headers.removeInline(etag_handle.handle()); - } - } -} - -} // namespace Compressors -} // namespace Common -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/common/compressor/compressor.h b/source/extensions/filters/http/common/compressor/compressor.h deleted file mode 100644 index c18cc1aaccf9..000000000000 --- a/source/extensions/filters/http/common/compressor/compressor.h +++ /dev/null @@ -1,221 +0,0 @@ -#pragma once - -#include "envoy/compression/compressor/compressor.h" -#include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" -#include "envoy/stats/scope.h" -#include "envoy/stats/stats_macros.h" -#include "envoy/stream_info/filter_state.h" - -#include "common/protobuf/protobuf.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/http/common/pass_through_filter.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Common { -namespace Compressors { - -/** - * Compressor filter stats common for responses and requests. @see stats_macros.h - * "total_uncompressed_bytes" only includes bytes from requests or responses that were marked for - * compression. If the request (or response) was not marked for compression, the filter increments - * "not_compressed", but does not add to "total_uncompressed_bytes". This way, the user can - * measure the memory performance of the compression. - */ -#define COMMON_COMPRESSOR_STATS(COUNTER) \ - COUNTER(compressed) \ - COUNTER(not_compressed) \ - COUNTER(total_uncompressed_bytes) \ - COUNTER(total_compressed_bytes) \ - COUNTER(content_length_too_small) - -/** - * Compressor filter stats specific to responses only. @see stats_macros.h - * "header_compressor_used" is a number of requests whose Accept-Encoding header explicitly stated - * that the response body should be compressed with the encoding provided by this filter instance. - * - * "header_compressor_overshadowed" is a number of requests skipped by this filter instance because - * they were handled by another filter in the same filter chain. - * - * "header_gzip" is specific to the gzip filter and is deprecated since it duplicates - * "header_compressor_used". - */ -#define RESPONSE_COMPRESSOR_STATS(COUNTER) \ - COUNTER(no_accept_header) \ - COUNTER(header_identity) \ - COUNTER(header_gzip) \ - COUNTER(header_compressor_used) \ - COUNTER(header_compressor_overshadowed) \ - COUNTER(header_wildcard) \ - COUNTER(header_not_valid) \ - COUNTER(not_compressed_etag) - -/** - * Struct definitions for compressor stats. @see stats_macros.h - */ -struct CompressorStats { - COMMON_COMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) -}; -struct ResponseCompressorStats { - RESPONSE_COMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) -}; - -// TODO(rojkov): merge this class with Compressor::CompressorFilterConfig when the filter -// `envoy.filters.http.gzip` is fully deprecated and dropped. -class CompressorFilterConfig { -public: - class DirectionConfig { - public: - DirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig& - proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); - - virtual ~DirectionConfig() = default; - - virtual bool compressionEnabled() const PURE; - - const CompressorStats& stats() const { return stats_; } - const StringUtil::CaseUnorderedSet& contentTypeValues() const { return content_type_values_; } - uint32_t minimumLength() const { return min_content_length_; } - bool isMinimumContentLength(const Http::RequestOrResponseHeaderMap& headers) const; - bool isContentTypeAllowed(const Http::RequestOrResponseHeaderMap& headers) const; - - protected: - const Runtime::FeatureFlag compression_enabled_; - - private: - static CompressorStats generateStats(const std::string& prefix, Stats::Scope& scope) { - return CompressorStats{COMMON_COMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; - } - - static uint32_t contentLengthUint(Protobuf::uint32 length); - - static StringUtil::CaseUnorderedSet - contentTypeSet(const Protobuf::RepeatedPtrField& types); - - const uint32_t min_content_length_; - const StringUtil::CaseUnorderedSet content_type_values_; - const CompressorStats stats_; - }; - - class RequestDirectionConfig : public DirectionConfig { - public: - RequestDirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); - - bool compressionEnabled() const override { return is_set_ && compression_enabled_.enabled(); } - - private: - const bool is_set_; - }; - - class ResponseDirectionConfig : public DirectionConfig { - public: - ResponseDirectionConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); - - bool compressionEnabled() const override { return compression_enabled_.enabled(); } - const ResponseCompressorStats& responseStats() const { return response_stats_; } - bool disableOnEtagHeader() const { return disable_on_etag_header_; } - bool removeAcceptEncodingHeader() const { return remove_accept_encoding_header_; } - - private: - static ResponseCompressorStats generateResponseStats(const std::string& prefix, - Stats::Scope& scope) { - return ResponseCompressorStats{RESPONSE_COMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; - } - - // TODO(rojkov): delete this translation function once the deprecated fields - // are removed from envoy::extensions::filters::http::compressor::v3::Compressor. - static const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig - commonConfig(const envoy::extensions::filters::http::compressor::v3::Compressor&); - - const bool disable_on_etag_header_; - const bool remove_accept_encoding_header_; - const ResponseCompressorStats response_stats_; - }; - - CompressorFilterConfig() = delete; - virtual ~CompressorFilterConfig() = default; - - virtual Envoy::Compression::Compressor::CompressorPtr makeCompressor() PURE; - - const std::string contentEncoding() const { return content_encoding_; }; - const RequestDirectionConfig& requestDirectionConfig() { return request_direction_config_; } - const ResponseDirectionConfig& responseDirectionConfig() { return response_direction_config_; } - -protected: - CompressorFilterConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& compressor, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, - const std::string& content_encoding); - -private: - const RequestDirectionConfig request_direction_config_; - const ResponseDirectionConfig response_direction_config_; - - const std::string content_encoding_; -}; -using CompressorFilterConfigSharedPtr = std::shared_ptr; - -/** - * A filter that compresses data dispatched from the upstream upon client request. - */ -class CompressorFilter : public Http::PassThroughFilter { -public: - explicit CompressorFilter(const CompressorFilterConfigSharedPtr config); - - // Http::StreamDecoderFilter - Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, - bool end_stream) override; - Http::FilterDataStatus decodeData(Buffer::Instance& buffer, bool end_stream) override; - void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; - Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; - - // Http::StreamEncoderFilter - Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, - bool end_stream) override; - Http::FilterDataStatus encodeData(Buffer::Instance& buffer, bool end_stream) override; - Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; - -private: - bool hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const; - bool isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const; - bool isEtagAllowed(Http::ResponseHeaderMap& headers) const; - bool isTransferEncodingAllowed(Http::RequestOrResponseHeaderMap& headers) const; - - void sanitizeEtagHeader(Http::ResponseHeaderMap& headers); - void insertVaryHeader(Http::ResponseHeaderMap& headers); - - class EncodingDecision : public StreamInfo::FilterState::Object { - public: - enum class HeaderStat { NotValid, Identity, Wildcard, ValidCompressor }; - EncodingDecision(const std::string& encoding, const HeaderStat stat) - : encoding_(encoding), stat_(stat) {} - const std::string& encoding() const { return encoding_; } - HeaderStat stat() const { return stat_; } - - private: - const std::string encoding_; - const HeaderStat stat_; - }; - - std::unique_ptr chooseEncoding(const Http::ResponseHeaderMap& headers) const; - bool shouldCompress(const EncodingDecision& decision) const; - - Envoy::Compression::Compressor::CompressorPtr response_compressor_; - Envoy::Compression::Compressor::CompressorPtr request_compressor_; - const CompressorFilterConfigSharedPtr config_; - std::unique_ptr accept_encoding_; -}; - -} // namespace Compressors -} // namespace Common -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/common/jwks_fetcher.cc b/source/extensions/filters/http/common/jwks_fetcher.cc index 5aadb8c94bdf..b5f0048b1021 100644 --- a/source/extensions/filters/http/common/jwks_fetcher.cc +++ b/source/extensions/filters/http/common/jwks_fetcher.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/common/jwks_fetcher.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" #include "envoy/config/core/v3/http_uri.pb.h" -#include "common/common/enum_to_int.h" -#include "common/http/headers.h" -#include "common/http/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" #include "jwt_verify_lib/status.h" diff --git a/source/extensions/filters/http/common/stream_rate_limiter.cc b/source/extensions/filters/http/common/stream_rate_limiter.cc index c5d39a28769f..6763adbeb241 100644 --- a/source/extensions/filters/http/common/stream_rate_limiter.cc +++ b/source/extensions/filters/http/common/stream_rate_limiter.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/http/common/stream_rate_limiter.h" +#include "source/extensions/filters/http/common/stream_rate_limiter.h" #include #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" -#include "common/common/assert.h" -#include "common/common/token_bucket_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/token_bucket_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/common/stream_rate_limiter.h b/source/extensions/filters/http/common/stream_rate_limiter.h index 406791497155..b8aed9ac8a72 100644 --- a/source/extensions/filters/http/common/stream_rate_limiter.h +++ b/source/extensions/filters/http/common/stream_rate_limiter.h @@ -8,7 +8,7 @@ #include "envoy/event/timer.h" #include "envoy/runtime/runtime.h" -#include "common/buffer/watermark_buffer.h" +#include "source/common/buffer/watermark_buffer.h" namespace Envoy { diff --git a/source/extensions/filters/http/common/utility.h b/source/extensions/filters/http/common/utility.h index b119e2db12b5..b9de816ccfd0 100644 --- a/source/extensions/filters/http/common/utility.h +++ b/source/extensions/filters/http/common/utility.h @@ -1,9 +1,7 @@ #pragma once -#include "common/common/macros.h" - -#include "extensions/common/utility.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/macros.h" +#include "source/extensions/common/utility.h" namespace Envoy { namespace Extensions { @@ -46,22 +44,22 @@ class FilterNameUtil { CONSTRUCT_ON_FIRST_USE( DeprecatedNameMap, { - {"envoy.buffer", HttpFilters::HttpFilterNames::get().Buffer}, - {"envoy.cors", HttpFilters::HttpFilterNames::get().Cors}, - {"envoy.csrf", HttpFilters::HttpFilterNames::get().Csrf}, - {"envoy.ext_authz", HttpFilters::HttpFilterNames::get().ExtAuthorization}, - {"envoy.fault", HttpFilters::HttpFilterNames::get().Fault}, - {"envoy.grpc_http1_bridge", HttpFilters::HttpFilterNames::get().GrpcHttp1Bridge}, - {"envoy.grpc_json_transcoder", HttpFilters::HttpFilterNames::get().GrpcJsonTranscoder}, - {"envoy.grpc_web", HttpFilters::HttpFilterNames::get().GrpcWeb}, - {"envoy.gzip", HttpFilters::HttpFilterNames::get().EnvoyGzip}, - {"envoy.health_check", HttpFilters::HttpFilterNames::get().HealthCheck}, - {"envoy.http_dynamic_filter", HttpFilters::HttpFilterNames::get().Dynamo}, - {"envoy.ip_tagging", HttpFilters::HttpFilterNames::get().IpTagging}, - {"envoy.lua", HttpFilters::HttpFilterNames::get().Lua}, - {"envoy.rate_limit", HttpFilters::HttpFilterNames::get().RateLimit}, - {"envoy.router", HttpFilters::HttpFilterNames::get().Router}, - {"envoy.squash", HttpFilters::HttpFilterNames::get().Squash}, + {"envoy.buffer", "envoy.filters.http.buffer"}, + {"envoy.cors", "envoy.filters.http.cors"}, + {"envoy.csrf", "envoy.filters.http.csrf"}, + {"envoy.ext_authz", "envoy.filters.http.ext_authz"}, + {"envoy.fault", "envoy.filters.http.fault"}, + {"envoy.grpc_http1_bridge", "envoy.filters.http.grpc_http1_bridge"}, + {"envoy.grpc_json_transcoder", "envoy.filters.http.grpc_json_transcoder"}, + {"envoy.grpc_web", "envoy.filters.http.grpc_web"}, + {"envoy.gzip", "envoy.filters.http.gzip"}, + {"envoy.health_check", "envoy.filters.http.health_check"}, + {"envoy.http_dynamic_filter", "envoy.filters.http.dynamo"}, + {"envoy.ip_tagging", "envoy.filters.http.ip_tagging"}, + {"envoy.lua", "envoy.filters.http.lua"}, + {"envoy.rate_limit", "envoy.filters.http.ratelimit"}, + {"envoy.router", "envoy.filters.http.router"}, + {"envoy.squash", "envoy.filters.http.squash"}, }); } }; diff --git a/source/extensions/filters/http/composite/BUILD b/source/extensions/filters/http/composite/BUILD index 0d1493808765..e2f0946aa6aa 100644 --- a/source/extensions/filters/http/composite/BUILD +++ b/source/extensions/filters/http/composite/BUILD @@ -33,7 +33,7 @@ envoy_cc_library( ], deps = [ ":action_lib", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/matcher:matcher_lib", @@ -45,12 +45,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/composite:filter_lib", "@envoy_api//envoy/extensions/filters/http/composite/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/composite/action.cc b/source/extensions/filters/http/composite/action.cc index 97aef4c0952d..14935fa819db 100644 --- a/source/extensions/filters/http/composite/action.cc +++ b/source/extensions/filters/http/composite/action.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/composite/action.h" +#include "source/extensions/filters/http/composite/action.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/composite/action.h b/source/extensions/filters/http/composite/action.h index a10988f34681..1d2b822e7994 100644 --- a/source/extensions/filters/http/composite/action.h +++ b/source/extensions/filters/http/composite/action.h @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/composite/v3/composite.pb.validate.h" -#include "common/matcher/matcher.h" +#include "source/common/matcher/matcher.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/composite/config.cc b/source/extensions/filters/http/composite/config.cc index 3d640a119a0f..4d399813a264 100644 --- a/source/extensions/filters/http/composite/config.cc +++ b/source/extensions/filters/http/composite/config.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/http/composite/config.h" +#include "source/extensions/filters/http/composite/config.h" #include "envoy/common/exception.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/composite/filter.h" +#include "source/extensions/filters/http/composite/filter.h" namespace Envoy { namespace Extensions { @@ -19,7 +19,9 @@ Http::FilterFactoryCb CompositeFilterFactory::createFilterFactoryFromProtoTyped( ALL_COMPOSITE_FILTER_STATS(POOL_COUNTER_PREFIX(factory_context.scope(), prefix))}); return [stats](Http::FilterChainFactoryCallbacks& callbacks) -> void { - callbacks.addStreamFilter(std::make_shared(*stats)); + auto filter = std::make_shared(*stats); + callbacks.addStreamFilter(filter); + callbacks.addAccessLogHandler(filter); }; } diff --git a/source/extensions/filters/http/composite/config.h b/source/extensions/filters/http/composite/config.h index a5fe8ed5536d..3eba788b03ae 100644 --- a/source/extensions/filters/http/composite/config.h +++ b/source/extensions/filters/http/composite/config.h @@ -7,11 +7,9 @@ #include "envoy/type/matcher/v3/http_inputs.pb.h" #include "envoy/type/matcher/v3/http_inputs.pb.validate.h" -#include "common/matcher/matcher.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/matcher/matcher.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -24,7 +22,7 @@ namespace Composite { class CompositeFilterFactory : public Common::FactoryBase { public: - CompositeFilterFactory() : FactoryBase(HttpFilterNames::get().Composite) {} + CompositeFilterFactory() : FactoryBase("envoy.filters.http.composite") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::composite::v3::Composite& proto_config, diff --git a/source/extensions/filters/http/composite/factory_wrapper.cc b/source/extensions/filters/http/composite/factory_wrapper.cc index 41215b1d2c6e..fbcbf040dd5d 100644 --- a/source/extensions/filters/http/composite/factory_wrapper.cc +++ b/source/extensions/filters/http/composite/factory_wrapper.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/http/composite/factory_wrapper.h" +#include "source/extensions/filters/http/composite/factory_wrapper.h" -#include "extensions/filters/http/composite/filter.h" +#include "source/extensions/filters/http/composite/filter.h" namespace Envoy { namespace Extensions { @@ -55,9 +55,8 @@ void FactoryCallbacksWrapper::addStreamFilter(Http::StreamFilterSharedPtr, "cannot delegate to stream filter that instantiates a match tree")); } -void FactoryCallbacksWrapper::addAccessLogHandler(AccessLog::InstanceSharedPtr) { - errors_.push_back( - absl::InvalidArgumentError("cannot delegate to filter that adds an access log handler")); +void FactoryCallbacksWrapper::addAccessLogHandler(AccessLog::InstanceSharedPtr access_log) { + access_loggers_.push_back(std::move(access_log)); } } // namespace Composite } // namespace HttpFilters diff --git a/source/extensions/filters/http/composite/factory_wrapper.h b/source/extensions/filters/http/composite/factory_wrapper.h index 9b7707289e40..c436f52165e2 100644 --- a/source/extensions/filters/http/composite/factory_wrapper.h +++ b/source/extensions/filters/http/composite/factory_wrapper.h @@ -33,6 +33,7 @@ struct FactoryCallbacksWrapper : public Http::FilterChainFactoryCallbacks { absl::variant; absl::optional filter_to_inject_; + std::vector access_loggers_; std::vector errors_; }; } // namespace Composite diff --git a/source/extensions/filters/http/composite/filter.cc b/source/extensions/filters/http/composite/filter.cc index d04ba6d43062..33a3f8b46bd5 100644 --- a/source/extensions/filters/http/composite/filter.cc +++ b/source/extensions/filters/http/composite/filter.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/composite/filter.h" +#include "source/extensions/filters/http/composite/filter.h" #include "envoy/http/filter.h" -#include "common/common/stl_helpers.h" +#include "source/common/common/stl_helpers.h" namespace Envoy { namespace Extensions { @@ -104,6 +104,10 @@ void Filter::onMatchCallback(const Matcher::Action& action) { delegated_filter_->setDecoderFilterCallbacks(*decoder_callbacks_); delegated_filter_->setEncoderFilterCallbacks(*encoder_callbacks_); + + // Size should be small, so a copy should be fine. + access_loggers_.insert(access_loggers_.end(), wrapper.access_loggers_.begin(), + wrapper.access_loggers_.end()); } // TODO(snowp): Make it possible for onMatchCallback to fail the stream by issuing a local reply, diff --git a/source/extensions/filters/http/composite/filter.h b/source/extensions/filters/http/composite/filter.h index c46696f42a11..2df7b4bc952a 100644 --- a/source/extensions/filters/http/composite/filter.h +++ b/source/extensions/filters/http/composite/filter.h @@ -4,9 +4,9 @@ #include "envoy/http/header_map.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" -#include "extensions/filters/http/composite/action.h" -#include "extensions/filters/http/composite/factory_wrapper.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/composite/action.h" +#include "source/extensions/filters/http/composite/factory_wrapper.h" #include "absl/types/variant.h" @@ -25,7 +25,9 @@ struct FilterStats { ALL_COMPOSITE_FILTER_STATS(GENERATE_COUNTER_STRUCT) }; -class Filter : public Http::StreamFilter, Logger::Loggable { +class Filter : public Http::StreamFilter, + public AccessLog::Instance, + Logger::Loggable { public: explicit Filter(FilterStats& stats) : decoded_headers_(false), stats_(stats) {} @@ -63,6 +65,16 @@ class Filter : public Http::StreamFilter, Logger::Loggable { void onMatchCallback(const Matcher::Action& action) override; + // AccessLog::Instance + void log(const Http::RequestHeaderMap* request_headers, + const Http::ResponseHeaderMap* response_headers, + const Http::ResponseTrailerMap* response_trailers, + const StreamInfo::StreamInfo& stream_info) override { + for (const auto& log : access_loggers_) { + log->log(request_headers, response_headers, response_trailers, stream_info); + } + } + private: friend FactoryCallbacksWrapper; @@ -108,6 +120,7 @@ class Filter : public Http::StreamFilter, Logger::Loggable { Http::StreamEncoderFilterSharedPtr encoder_filter_; Http::StreamDecoderFilterSharedPtr decoder_filter_; }; + std::vector access_loggers_; Http::StreamFilterSharedPtr delegated_filter_; Http::StreamEncoderFilterCallbacks* encoder_callbacks_{}; diff --git a/source/extensions/filters/http/compressor/BUILD b/source/extensions/filters/http/compressor/BUILD index cec12558d4a9..b1e998f12918 100644 --- a/source/extensions/filters/http/compressor/BUILD +++ b/source/extensions/filters/http/compressor/BUILD @@ -17,8 +17,10 @@ envoy_cc_library( srcs = ["compressor_filter.cc"], hdrs = ["compressor_filter.h"], deps = [ - "//include/envoy/compression/compressor:compressor_factory_interface", - "//source/extensions/filters/http/common/compressor:compressor_lib", + "//envoy/compression/compressor:compressor_factory_interface", + "//envoy/stats:stats_macros", + "//source/common/runtime:runtime_lib", + "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", ], ) @@ -27,13 +29,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ ":compressor_filter_lib", - "//include/envoy/compression/compressor:compressor_config_interface", + "//envoy/compression/compressor:compressor_config_interface", "//source/common/config:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/compressor/compressor_filter.cc b/source/extensions/filters/http/compressor/compressor_filter.cc index 24e974e012e5..20462186cc1c 100644 --- a/source/extensions/filters/http/compressor/compressor_filter.cc +++ b/source/extensions/filters/http/compressor/compressor_filter.cc @@ -1,25 +1,591 @@ -#include "extensions/filters/http/compressor/compressor_filter.h" +#include "source/extensions/filters/http/compressor/compressor_filter.h" + +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { +namespace { + +Http::RegisterCustomInlineHeader + accept_encoding_handle(Http::CustomHeaders::get().AcceptEncoding); +Http::RegisterCustomInlineHeader + cache_control_handle(Http::CustomHeaders::get().CacheControl); +Http::RegisterCustomInlineHeader + etag_handle(Http::CustomHeaders::get().Etag); +Http::RegisterCustomInlineHeader + vary_handle(Http::CustomHeaders::get().Vary); + +Http::RegisterCustomInlineHeader + request_content_encoding_handle(Http::CustomHeaders::get().ContentEncoding); +Http::RegisterCustomInlineHeader + response_content_encoding_handle(Http::CustomHeaders::get().ContentEncoding); + +// Default minimum length of an upstream response that allows compression. +const uint64_t DefaultMinimumContentLength = 30; + +// Default content types will be used if any is provided by the user. +const std::vector& defaultContentEncoding() { + CONSTRUCT_ON_FIRST_USE( + std::vector, + {"text/html", "text/plain", "text/css", "application/javascript", "application/x-javascript", + "text/javascript", "text/x-javascript", "text/ecmascript", "text/js", "text/jscript", + "text/x-js", "application/ecmascript", "application/x-json", "application/xml", + "application/json", "image/svg+xml", "text/xml", "application/xhtml+xml"}); +} + +// List of CompressorFilterConfig objects registered for a stream. +struct CompressorRegistry : public StreamInfo::FilterState::Object { + std::list filter_configs_; +}; + +// Key to per stream CompressorRegistry objects. +const std::string& compressorRegistryKey() { CONSTRUCT_ON_FIRST_USE(std::string, "compressors"); } + +void compressAndUpdateStats(const Compression::Compressor::CompressorPtr& compressor, + const CompressorStats& stats, Buffer::Instance& data, bool end_stream) { + ASSERT(compressor != nullptr); + stats.total_uncompressed_bytes_.add(data.length()); + compressor->compress(data, end_stream ? Envoy::Compression::Compressor::State::Finish + : Envoy::Compression::Compressor::State::Flush); + stats.total_compressed_bytes_.add(data.length()); +} + +} // namespace + +CompressorFilterConfig::DirectionConfig::DirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig& + proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) + : compression_enabled_(proto_config.enabled(), runtime), + min_content_length_{contentLengthUint(proto_config.min_content_length().value())}, + content_type_values_(contentTypeSet(proto_config.content_type())), stats_{generateStats( + stats_prefix, scope)} { +} + CompressorFilterConfig::CompressorFilterConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& generic_compressor, + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Compression::Compressor::CompressorFactoryPtr compressor_factory) - : Common::Compressors::CompressorFilterConfig( - generic_compressor, - stats_prefix + "compressor." + generic_compressor.compressor_library().name() + "." + - compressor_factory->statsPrefix(), - scope, runtime, compressor_factory->contentEncoding()), + : common_stats_prefix_(fmt::format("{}compressor.{}.{}", stats_prefix, + proto_config.compressor_library().name(), + compressor_factory->statsPrefix())), + request_direction_config_(proto_config, common_stats_prefix_, scope, runtime), + response_direction_config_(proto_config, common_stats_prefix_, scope, runtime), + content_encoding_(compressor_factory->contentEncoding()), compressor_factory_(std::move(compressor_factory)) {} +StringUtil::CaseUnorderedSet CompressorFilterConfig::DirectionConfig::contentTypeSet( + const Protobuf::RepeatedPtrField& types) { + const auto& default_content_encodings = defaultContentEncoding(); + return types.empty() ? StringUtil::CaseUnorderedSet(default_content_encodings.begin(), + default_content_encodings.end()) + : StringUtil::CaseUnorderedSet(types.cbegin(), types.cend()); +} + +uint32_t CompressorFilterConfig::DirectionConfig::contentLengthUint(Protobuf::uint32 length) { + return length > 0 ? length : DefaultMinimumContentLength; +} + +CompressorFilterConfig::RequestDirectionConfig::RequestDirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) + : DirectionConfig(proto_config.request_direction_config().common_config(), + stats_prefix + "request.", scope, runtime), + is_set_{proto_config.has_request_direction_config()} {} + +CompressorFilterConfig::ResponseDirectionConfig::ResponseDirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime) + : DirectionConfig(commonConfig(proto_config), + proto_config.has_response_direction_config() ? stats_prefix + "response." + : stats_prefix, + scope, runtime), + disable_on_etag_header_( + proto_config.has_response_direction_config() + ? proto_config.response_direction_config().disable_on_etag_header() + : proto_config.disable_on_etag_header()), + remove_accept_encoding_header_( + proto_config.has_response_direction_config() + ? proto_config.response_direction_config().remove_accept_encoding_header() + : proto_config.remove_accept_encoding_header()), + response_stats_{generateResponseStats(stats_prefix, scope)} {} + +const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig +CompressorFilterConfig::ResponseDirectionConfig::commonConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config) { + if (proto_config.has_response_direction_config()) { + return proto_config.response_direction_config().common_config(); + } + envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig config = {}; + if (proto_config.has_content_length()) { + config.set_allocated_min_content_length( + // According to + // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage + // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. + new Protobuf::UInt32Value(proto_config.content_length())); + } + // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) + for (const std::string& ctype : proto_config.content_type()) { + config.add_content_type(ctype); + } + config.set_allocated_enabled( + // According to + // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage + // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. + new envoy::config::core::v3::RuntimeFeatureFlag(proto_config.runtime_enabled())); + // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) + return config; +} + Envoy::Compression::Compressor::CompressorPtr CompressorFilterConfig::makeCompressor() { return compressor_factory_->createCompressor(); } +CompressorFilter::CompressorFilter(const CompressorFilterConfigSharedPtr config) + : config_(std::move(config)) {} + +Http::FilterHeadersStatus CompressorFilter::decodeHeaders(Http::RequestHeaderMap& headers, + bool end_stream) { + const Http::HeaderEntry* accept_encoding = headers.getInline(accept_encoding_handle.handle()); + if (accept_encoding != nullptr) { + // Capture the value of the "Accept-Encoding" request header to use it later when making + // decision on compressing the corresponding HTTP response. + accept_encoding_ = std::make_unique(accept_encoding->value().getStringView()); + } + + const auto& response_config = config_->responseDirectionConfig(); + if (response_config.compressionEnabled() && response_config.removeAcceptEncodingHeader()) { + headers.removeInline(accept_encoding_handle.handle()); + } + + const auto& request_config = config_->requestDirectionConfig(); + const bool is_not_upgrade = + !Http::Utility::isUpgrade(headers) || + !Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.enable_compression_without_content_length_header"); + + if (!end_stream && request_config.compressionEnabled() && is_not_upgrade && + request_config.isMinimumContentLength(headers) && + request_config.isContentTypeAllowed(headers) && + !headers.getInline(request_content_encoding_handle.handle()) && + isTransferEncodingAllowed(headers)) { + headers.removeContentLength(); + headers.setInline(request_content_encoding_handle.handle(), config_->contentEncoding()); + request_config.stats().compressed_.inc(); + request_compressor_ = config_->makeCompressor(); + } else { + request_config.stats().not_compressed_.inc(); + } + + return Http::FilterHeadersStatus::Continue; +} + +Http::FilterDataStatus CompressorFilter::decodeData(Buffer::Instance& data, bool end_stream) { + if (request_compressor_ != nullptr) { + compressAndUpdateStats(request_compressor_, config_->requestDirectionConfig().stats(), data, + end_stream); + } + return Http::FilterDataStatus::Continue; +} + +Http::FilterTrailersStatus CompressorFilter::decodeTrailers(Http::RequestTrailerMap&) { + if (request_compressor_ != nullptr) { + Buffer::OwnedImpl empty_buffer; + // The presence of trailers means the stream is ended, but decodeData() + // is never called with end_stream=true, thus let the compression library know + // that the stream is ended. + compressAndUpdateStats(request_compressor_, config_->requestDirectionConfig().stats(), + empty_buffer, true); + decoder_callbacks_->addDecodedData(empty_buffer, true); + } + return Http::FilterTrailersStatus::Continue; +} + +void CompressorFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { + decoder_callbacks_ = &callbacks; + + absl::string_view key = compressorRegistryKey(); + // To properly handle the cases where the decision on instantiating a compressor depends on + // the presence of other compression filters in the chain the filters need to be aware of each + // other. This is achieved by exploiting per-request data objects StreamInfo::FilterState: upon + // setting up a CompressorFilter, the new instance registers itself in the filter state. Then in + // the method isAcceptEncodingAllowed() the first filter is making a decision which encoder needs + // to be used for a request, with e.g. "Accept-Encoding: deflate;q=0.75, gzip;q=0.5", and caches + // it in the state. All other compression filters in the sequence use the cached decision. + const StreamInfo::FilterStateSharedPtr& filter_state = callbacks.streamInfo().filterState(); + if (filter_state->hasData(key)) { + CompressorRegistry& registry = filter_state->getDataMutable(key); + registry.filter_configs_.push_back(config_); + } else { + auto registry_ptr = std::make_unique(); + registry_ptr->filter_configs_.push_back(config_); + filter_state->setData(key, std::move(registry_ptr), + StreamInfo::FilterState::StateType::Mutable); + } +} + +Http::FilterHeadersStatus CompressorFilter::encodeHeaders(Http::ResponseHeaderMap& headers, + bool end_stream) { + const auto& config = config_->responseDirectionConfig(); + const bool isEnabledAndContentLengthBigEnough = + config.compressionEnabled() && config.isMinimumContentLength(headers); + const bool is_not_upgrade = + !Http::Utility::isUpgrade(headers) || + !Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.enable_compression_without_content_length_header"); + + const bool isCompressible = isEnabledAndContentLengthBigEnough && is_not_upgrade && + config.isContentTypeAllowed(headers) && + !hasCacheControlNoTransform(headers) && isEtagAllowed(headers) && + !headers.getInline(response_content_encoding_handle.handle()); + if (!end_stream && isEnabledAndContentLengthBigEnough && isAcceptEncodingAllowed(headers) && + isCompressible && isTransferEncodingAllowed(headers)) { + sanitizeEtagHeader(headers); + headers.removeContentLength(); + headers.setInline(response_content_encoding_handle.handle(), config_->contentEncoding()); + config.stats().compressed_.inc(); + // Finally instantiate the compressor. + response_compressor_ = config_->makeCompressor(); + } else { + config.stats().not_compressed_.inc(); + } + + // Even if we decided not to compress due to incompatible Accept-Encoding value, + // the Vary header would need to be inserted to let a caching proxy in front of Envoy + // know that the requested resource still can be served with compression applied. + if (isCompressible) { + insertVaryHeader(headers); + } + + return Http::FilterHeadersStatus::Continue; +} + +Http::FilterDataStatus CompressorFilter::encodeData(Buffer::Instance& data, bool end_stream) { + if (response_compressor_ != nullptr) { + compressAndUpdateStats(response_compressor_, config_->responseDirectionConfig().stats(), data, + end_stream); + } + return Http::FilterDataStatus::Continue; +} + +Http::FilterTrailersStatus CompressorFilter::encodeTrailers(Http::ResponseTrailerMap&) { + if (response_compressor_ != nullptr) { + Buffer::OwnedImpl empty_buffer; + // The presence of trailers means the stream is ended, but encodeData() + // is never called with end_stream=true, thus let the compression library know + // that the stream is ended. + compressAndUpdateStats(response_compressor_, config_->responseDirectionConfig().stats(), + empty_buffer, true); + encoder_callbacks_->addEncodedData(empty_buffer, true); + } + return Http::FilterTrailersStatus::Continue; +} + +bool CompressorFilter::hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const { + const Http::HeaderEntry* cache_control = headers.getInline(cache_control_handle.handle()); + if (cache_control) { + return StringUtil::caseFindToken(cache_control->value().getStringView(), ",", + Http::CustomHeaders::get().CacheControlValues.NoTransform); + } + + return false; +} + +// This function makes decision on which encoding to use for the response body and is +// supposed to be called only once per request even if there are multiple compressor +// filters in the chain. To make a decision the function needs to know what's the +// request's Accept-Encoding, the response's Content-Type and the list of compressor +// filters in the current chain. +// TODO(rojkov): add an explicit fuzzer for chooseEncoding(). +std::unique_ptr +CompressorFilter::chooseEncoding(const Http::ResponseHeaderMap& headers) const { + using EncPair = std::pair; // pair of {encoding, q_value} + std::vector pairs; + absl::string_view content_type_value; + + const Http::HeaderEntry* content_type = headers.ContentType(); + if (content_type != nullptr) { + content_type_value = + StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); + } + + // Find all compressors enabled for the filter chain. + std::map allowed_compressors; + uint32_t registration_count{0}; + for (const auto& filter_config : + decoder_callbacks_->streamInfo() + .filterState() + ->getDataReadOnly(compressorRegistryKey()) + .filter_configs_) { + // A compressor filter may be limited to compress certain Content-Types. If the response's + // content type doesn't match the list of content types this filter is enabled for then + // it must be excluded from the decision process. + // For example, there are two compressor filters in the chain e.g. "gzip" and "deflate". + // "gzip" is configured to compress only "text/html" and "deflate" is configured to compress + // only "application/javascript". Then comes a request with Accept-Encoding header + // "gzip;q=1,deflate;q=.5". The corresponding response content type is "application/javascript". + // If "gzip" is not excluded from the decision process then it will take precedence over + // "deflate" and the resulting response won't be compressed at all. + if (!content_type_value.empty() && + !filter_config->responseDirectionConfig().contentTypeValues().empty()) { + auto iter = + filter_config->responseDirectionConfig().contentTypeValues().find(content_type_value); + if (iter == filter_config->responseDirectionConfig().contentTypeValues().end()) { + // Skip adding this filter to the list of allowed compressors. + continue; + } + } + + // There could be many compressors registered for the same content encoding, e.g. consider a + // case when there are two gzip filters using different compression levels for different content + // sizes. In such case we ignore duplicates (or different filters for the same encoding) + // registered last. + auto enc = allowed_compressors.find(filter_config->contentEncoding()); + if (enc == allowed_compressors.end()) { + allowed_compressors.insert({filter_config->contentEncoding(), registration_count}); + ++registration_count; + } + } + + // Find all encodings accepted by the user agent and adjust the list of allowed compressors. + for (const auto& token : StringUtil::splitToken(*accept_encoding_, ",", false /* keep_empty */)) { + EncPair pair = + std::make_pair(StringUtil::trim(StringUtil::cropRight(token, ";")), static_cast(1)); + const auto params = StringUtil::cropLeft(token, ";"); + if (params != token) { + const auto q_value = StringUtil::cropLeft(params, "="); + if (q_value != params && + absl::EqualsIgnoreCase("q", StringUtil::trim(StringUtil::cropRight(params, "=")))) { + auto result = absl::SimpleAtof(StringUtil::trim(q_value), &pair.second); + if (!result) { + // Skip not parseable q-value. + continue; + } + } + } + + pairs.push_back(pair); + + if (!pair.second) { + // Disallow compressors with "q=0". + // The reason why we add encodings to "pairs" even with "q=0" is that "pairs" contains + // client's expectations and "allowed_compressors" is what Envoy can handle. Consider + // the cases of "Accept-Encoding: gzip;q=0, deflate, *" and "Accept-Encoding: deflate, *" + // whereas the proxy has only "gzip" configured. If we just exclude the encodings with "q=0" + // from "pairs" then upon noticing "*" we don't know if "gzip" is acceptable by the client. + allowed_compressors.erase(std::string(pair.first)); + } + } + + if (pairs.empty() || allowed_compressors.empty()) { + // If there's no intersection between accepted encodings and the ones provided by the allowed + // compressors, then only the "identity" encoding is acceptable. + return std::make_unique( + Http::CustomHeaders::get().AcceptEncodingValues.Identity, + CompressorFilter::EncodingDecision::HeaderStat::NotValid); + } + + // Find intersection of encodings accepted by the user agent and provided + // by the allowed compressors and choose the one with the highest q-value. + EncPair choice{Http::CustomHeaders::get().AcceptEncodingValues.Identity, static_cast(0)}; + for (const auto& pair : pairs) { + if ((pair.second > choice.second) && + (allowed_compressors.count(std::string(pair.first)) || + pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity || + pair.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard)) { + choice = pair; + } + } + + if (!choice.second) { + // The value of "Accept-Encoding" must be invalid as we ended up with zero q-value. + return std::make_unique( + Http::CustomHeaders::get().AcceptEncodingValues.Identity, + CompressorFilter::EncodingDecision::HeaderStat::NotValid); + } + + // The "identity" encoding (no compression) is always available. + if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Identity) { + return std::make_unique( + Http::CustomHeaders::get().AcceptEncodingValues.Identity, + CompressorFilter::EncodingDecision::HeaderStat::Identity); + } + + // If wildcard is given then use which ever compressor is registered first. + if (choice.first == Http::CustomHeaders::get().AcceptEncodingValues.Wildcard) { + auto first_registered = std::min_element( + allowed_compressors.begin(), allowed_compressors.end(), + [](const std::pair& a, + const std::pair& b) -> bool { return a.second < b.second; }); + return std::make_unique( + first_registered->first, CompressorFilter::EncodingDecision::HeaderStat::Wildcard); + } + + return std::make_unique( + std::string(choice.first), CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor); +} + +// Check if this filter was chosen to compress. Also update the filter's stat counters related to +// the Accept-Encoding header. +bool CompressorFilter::shouldCompress(const CompressorFilter::EncodingDecision& decision) const { + const bool should_compress = + absl::EqualsIgnoreCase(config_->contentEncoding(), decision.encoding()); + const ResponseCompressorStats& stats = config_->responseDirectionConfig().responseStats(); + + switch (decision.stat()) { + case CompressorFilter::EncodingDecision::HeaderStat::ValidCompressor: + if (should_compress) { + stats.header_compressor_used_.inc(); + } else { + // Some other compressor filter in the same chain compressed the response body, + // but not this filter. + stats.header_compressor_overshadowed_.inc(); + } + break; + case CompressorFilter::EncodingDecision::HeaderStat::Identity: + stats.header_identity_.inc(); + break; + case CompressorFilter::EncodingDecision::HeaderStat::Wildcard: + stats.header_wildcard_.inc(); + break; + default: + stats.header_not_valid_.inc(); + break; + } + + return should_compress; +} + +bool CompressorFilter::isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const { + if (accept_encoding_ == nullptr) { + config_->responseDirectionConfig().responseStats().no_accept_header_.inc(); + return false; + } + + const absl::string_view encoding_decision_key{"encoding_decision"}; + + // Check if we have already cached our decision on encoding. + const StreamInfo::FilterStateSharedPtr& filter_state = + decoder_callbacks_->streamInfo().filterState(); + if (filter_state->hasData(encoding_decision_key)) { + const CompressorFilter::EncodingDecision& decision = + filter_state->getDataReadOnly(encoding_decision_key); + return shouldCompress(decision); + } + + // No cached decision found, so decide now. + std::unique_ptr decision = chooseEncoding(headers); + bool result = shouldCompress(*decision); + filter_state->setData(encoding_decision_key, std::move(decision), + StreamInfo::FilterState::StateType::ReadOnly); + return result; +} + +bool CompressorFilterConfig::DirectionConfig::isContentTypeAllowed( + const Http::RequestOrResponseHeaderMap& headers) const { + const Http::HeaderEntry* content_type = headers.ContentType(); + if (content_type != nullptr && !content_type_values_.empty()) { + const absl::string_view value = + StringUtil::trim(StringUtil::cropRight(content_type->value().getStringView(), ";")); + return content_type_values_.find(value) != content_type_values_.end(); + } + + return true; +} + +bool CompressorFilter::isEtagAllowed(Http::ResponseHeaderMap& headers) const { + const bool is_etag_allowed = !(config_->responseDirectionConfig().disableOnEtagHeader() && + headers.getInline(etag_handle.handle())); + if (!is_etag_allowed) { + config_->responseDirectionConfig().responseStats().not_compressed_etag_.inc(); + } + return is_etag_allowed; +} + +bool CompressorFilterConfig::DirectionConfig::isMinimumContentLength( + const Http::RequestOrResponseHeaderMap& headers) const { + const Http::HeaderEntry* content_length = headers.ContentLength(); + if (content_length != nullptr) { + uint64_t length; + const bool is_minimum_content_length = + absl::SimpleAtoi(content_length->value().getStringView(), &length) && + length >= min_content_length_; + if (!is_minimum_content_length) { + stats_.content_length_too_small_.inc(); + } + return is_minimum_content_length; + } + if (Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.enable_compression_without_content_length_header")) { + // return true to ignore the minimum length configuration if no content-length header is present + return true; + } + return StringUtil::caseFindToken(headers.getTransferEncodingValue(), ",", + Http::Headers::get().TransferEncodingValues.Chunked); +} + +bool CompressorFilter::isTransferEncodingAllowed(Http::RequestOrResponseHeaderMap& headers) const { + const Http::HeaderEntry* transfer_encoding = headers.TransferEncoding(); + if (transfer_encoding != nullptr) { + for (absl::string_view header_value : + StringUtil::splitToken(transfer_encoding->value().getStringView(), ",", true)) { + const auto trimmed_value = StringUtil::trim(header_value); + // Check if the message is already compressed with any compression encoding + // known to Envoy. + if (absl::EqualsIgnoreCase(trimmed_value, Http::Headers::get().TransferEncodingValues.Gzip) || + absl::EqualsIgnoreCase(trimmed_value, + Http::Headers::get().TransferEncodingValues.Brotli) || + absl::EqualsIgnoreCase(trimmed_value, + Http::Headers::get().TransferEncodingValues.Deflate) || + absl::EqualsIgnoreCase(trimmed_value, + Http::Headers::get().TransferEncodingValues.Compress) || + // or with a custom non-standard compression provided by an external + // compression library. + absl::EqualsIgnoreCase(trimmed_value, config_->contentEncoding())) { + return false; + } + } + } + + return true; +} + +void CompressorFilter::insertVaryHeader(Http::ResponseHeaderMap& headers) { + const Http::HeaderEntry* vary = headers.getInline(vary_handle.handle()); + if (vary != nullptr) { + if (!StringUtil::findToken(vary->value().getStringView(), ",", + Http::CustomHeaders::get().VaryValues.AcceptEncoding, true)) { + std::string new_header; + absl::StrAppend(&new_header, vary->value().getStringView(), ", ", + Http::CustomHeaders::get().VaryValues.AcceptEncoding); + headers.setInline(vary_handle.handle(), new_header); + } + } else { + headers.setReferenceInline(vary_handle.handle(), + Http::CustomHeaders::get().VaryValues.AcceptEncoding); + } +} + +// TODO(gsagula): It seems that every proxy has a different opinion how to handle Etag. Some +// discussions around this topic have been going on for over a decade, e.g., +// https://bz.apache.org/bugzilla/show_bug.cgi?id=45023 +// This design attempts to stay more on the safe side by preserving weak etags and removing +// the strong ones when disable_on_etag_header is false. Envoy does NOT re-write entity tags. +void CompressorFilter::sanitizeEtagHeader(Http::ResponseHeaderMap& headers) { + const Http::HeaderEntry* etag = headers.getInline(etag_handle.handle()); + if (etag != nullptr) { + absl::string_view value(etag->value().getStringView()); + if (value.length() > 2 && !((value[0] == 'w' || value[0] == 'W') && value[1] == '/')) { + headers.removeInline(etag_handle.handle()); + } + } +} + } // namespace Compressor } // namespace HttpFilters } // namespace Extensions diff --git a/source/extensions/filters/http/compressor/compressor_filter.h b/source/extensions/filters/http/compressor/compressor_filter.h index 8d7347847f79..02a025a2ad56 100644 --- a/source/extensions/filters/http/compressor/compressor_filter.h +++ b/source/extensions/filters/http/compressor/compressor_filter.h @@ -2,32 +2,212 @@ #include "envoy/compression/compressor/factory.h" #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" +#include "envoy/stats/stats_macros.h" -#include "extensions/filters/http/common/compressor/compressor.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace Compressor { +/** + * Compressor filter stats common for responses and requests. @see stats_macros.h + * "total_uncompressed_bytes" only includes bytes from requests or responses that were marked for + * compression. If the request (or response) was not marked for compression, the filter increments + * "not_compressed", but does not add to "total_uncompressed_bytes". This way, the user can + * measure the memory performance of the compression. + */ +#define COMMON_COMPRESSOR_STATS(COUNTER) \ + COUNTER(compressed) \ + COUNTER(not_compressed) \ + COUNTER(total_uncompressed_bytes) \ + COUNTER(total_compressed_bytes) \ + COUNTER(content_length_too_small) + +/** + * Compressor filter stats specific to responses only. @see stats_macros.h + * "header_compressor_used" is a number of requests whose Accept-Encoding header explicitly stated + * that the response body should be compressed with the encoding provided by this filter instance. + * + * "header_compressor_overshadowed" is a number of requests skipped by this filter instance because + * they were handled by another filter in the same filter chain. + * + * "header_gzip" is specific to the gzip filter and is deprecated since it duplicates + * "header_compressor_used". + */ +#define RESPONSE_COMPRESSOR_STATS(COUNTER) \ + COUNTER(no_accept_header) \ + COUNTER(header_identity) \ + COUNTER(header_compressor_used) \ + COUNTER(header_compressor_overshadowed) \ + COUNTER(header_wildcard) \ + COUNTER(header_not_valid) \ + COUNTER(not_compressed_etag) + +/** + * Struct definitions for compressor stats. @see stats_macros.h + */ +struct CompressorStats { + COMMON_COMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) +}; +struct ResponseCompressorStats { + RESPONSE_COMPRESSOR_STATS(GENERATE_COUNTER_STRUCT) +}; + /** * Configuration for the compressor filter. */ -class CompressorFilterConfig : public Common::Compressors::CompressorFilterConfig { - // TODO(rojkov): move functionality of Common::Compressors::CompressorFilterConfig - // to this class when `envoy.filters.http.gzip` is fully deprecated and dropped. +class CompressorFilterConfig { public: + class DirectionConfig { + public: + DirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig& + proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); + + virtual ~DirectionConfig() = default; + + virtual bool compressionEnabled() const PURE; + + const CompressorStats& stats() const { return stats_; } + const StringUtil::CaseUnorderedSet& contentTypeValues() const { return content_type_values_; } + uint32_t minimumLength() const { return min_content_length_; } + bool isMinimumContentLength(const Http::RequestOrResponseHeaderMap& headers) const; + bool isContentTypeAllowed(const Http::RequestOrResponseHeaderMap& headers) const; + + protected: + const Runtime::FeatureFlag compression_enabled_; + + private: + static CompressorStats generateStats(const std::string& prefix, Stats::Scope& scope) { + return CompressorStats{COMMON_COMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; + } + + static uint32_t contentLengthUint(Protobuf::uint32 length); + + static StringUtil::CaseUnorderedSet + contentTypeSet(const Protobuf::RepeatedPtrField& types); + + const uint32_t min_content_length_; + const StringUtil::CaseUnorderedSet content_type_values_; + const CompressorStats stats_; + }; + + class RequestDirectionConfig : public DirectionConfig { + public: + RequestDirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); + + bool compressionEnabled() const override { return is_set_ && compression_enabled_.enabled(); } + + private: + const bool is_set_; + }; + + class ResponseDirectionConfig : public DirectionConfig { + public: + ResponseDirectionConfig( + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, + const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); + + bool compressionEnabled() const override { return compression_enabled_.enabled(); } + const ResponseCompressorStats& responseStats() const { return response_stats_; } + bool disableOnEtagHeader() const { return disable_on_etag_header_; } + bool removeAcceptEncodingHeader() const { return remove_accept_encoding_header_; } + + private: + static ResponseCompressorStats generateResponseStats(const std::string& prefix, + Stats::Scope& scope) { + return ResponseCompressorStats{RESPONSE_COMPRESSOR_STATS(POOL_COUNTER_PREFIX(scope, prefix))}; + } + + // TODO(rojkov): delete this translation function once the deprecated fields + // are removed from envoy::extensions::filters::http::compressor::v3::Compressor. + static const envoy::extensions::filters::http::compressor::v3::Compressor::CommonDirectionConfig + commonConfig(const envoy::extensions::filters::http::compressor::v3::Compressor&); + + const bool disable_on_etag_header_; + const bool remove_accept_encoding_header_; + const ResponseCompressorStats response_stats_; + }; + CompressorFilterConfig() = delete; CompressorFilterConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& genereic_compressor, + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, Envoy::Compression::Compressor::CompressorFactoryPtr compressor_factory); - Envoy::Compression::Compressor::CompressorPtr makeCompressor() override; + Envoy::Compression::Compressor::CompressorPtr makeCompressor(); + + const std::string contentEncoding() const { return content_encoding_; }; + const RequestDirectionConfig& requestDirectionConfig() { return request_direction_config_; } + const ResponseDirectionConfig& responseDirectionConfig() { return response_direction_config_; } private: + const std::string common_stats_prefix_; + const RequestDirectionConfig request_direction_config_; + const ResponseDirectionConfig response_direction_config_; + + const std::string content_encoding_; const Envoy::Compression::Compressor::CompressorFactoryPtr compressor_factory_; }; +using CompressorFilterConfigSharedPtr = std::shared_ptr; + +/** + * A filter that compresses data dispatched from the upstream upon client request. + */ +class CompressorFilter : public Http::PassThroughFilter { +public: + explicit CompressorFilter(const CompressorFilterConfigSharedPtr config); + + // Http::StreamDecoderFilter + Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, + bool end_stream) override; + Http::FilterDataStatus decodeData(Buffer::Instance& buffer, bool end_stream) override; + void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) override; + Http::FilterTrailersStatus decodeTrailers(Http::RequestTrailerMap&) override; + + // Http::StreamEncoderFilter + Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, + bool end_stream) override; + Http::FilterDataStatus encodeData(Buffer::Instance& buffer, bool end_stream) override; + Http::FilterTrailersStatus encodeTrailers(Http::ResponseTrailerMap&) override; + +private: + bool hasCacheControlNoTransform(Http::ResponseHeaderMap& headers) const; + bool isAcceptEncodingAllowed(const Http::ResponseHeaderMap& headers) const; + bool isEtagAllowed(Http::ResponseHeaderMap& headers) const; + bool isTransferEncodingAllowed(Http::RequestOrResponseHeaderMap& headers) const; + + void sanitizeEtagHeader(Http::ResponseHeaderMap& headers); + void insertVaryHeader(Http::ResponseHeaderMap& headers); + + class EncodingDecision : public StreamInfo::FilterState::Object { + public: + enum class HeaderStat { NotValid, Identity, Wildcard, ValidCompressor }; + EncodingDecision(const std::string& encoding, const HeaderStat stat) + : encoding_(encoding), stat_(stat) {} + const std::string& encoding() const { return encoding_; } + HeaderStat stat() const { return stat_; } + + private: + const std::string encoding_; + const HeaderStat stat_; + }; + + std::unique_ptr chooseEncoding(const Http::ResponseHeaderMap& headers) const; + bool shouldCompress(const EncodingDecision& decision) const; + + Envoy::Compression::Compressor::CompressorPtr response_compressor_; + Envoy::Compression::Compressor::CompressorPtr request_compressor_; + const CompressorFilterConfigSharedPtr config_; + std::unique_ptr accept_encoding_; +}; } // namespace Compressor } // namespace HttpFilters diff --git a/source/extensions/filters/http/compressor/config.cc b/source/extensions/filters/http/compressor/config.cc index aff3ca5afe4c..dc36698c45d1 100644 --- a/source/extensions/filters/http/compressor/config.cc +++ b/source/extensions/filters/http/compressor/config.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/http/compressor/config.h" +#include "source/extensions/filters/http/compressor/config.h" #include "envoy/compression/compressor/config.h" -#include "common/config/utility.h" - -#include "extensions/filters/http/compressor/compressor_filter.h" +#include "source/common/config/utility.h" +#include "source/extensions/filters/http/compressor/compressor_filter.h" namespace Envoy { namespace Extensions { @@ -14,11 +13,6 @@ namespace Compressor { Http::FilterFactoryCb CompressorFilterFactory::createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { - // TODO(rojkov): instead of throwing an exception make the Compressor.compressor_library field - // required when the Gzip HTTP-filter is fully deprecated and removed. - if (!proto_config.has_compressor_library()) { - throw EnvoyException("Compressor filter doesn't have compressor_library defined"); - } const std::string type{TypeUtil::typeUrlToDescriptorFullName( proto_config.compressor_library().typed_config().type_url())}; Compression::Compressor::NamedCompressorLibraryConfigFactory* const config_factory = @@ -33,11 +27,11 @@ Http::FilterFactoryCb CompressorFilterFactory::createFilterFactoryFromProtoTyped *config_factory); Compression::Compressor::CompressorFactoryPtr compressor_factory = config_factory->createCompressorFactoryFromProto(*message, context); - Common::Compressors::CompressorFilterConfigSharedPtr config = + CompressorFilterConfigSharedPtr config = std::make_shared(proto_config, stats_prefix, context.scope(), context.runtime(), std::move(compressor_factory)); return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { - callbacks.addStreamFilter(std::make_shared(config)); + callbacks.addStreamFilter(std::make_shared(config)); }; } diff --git a/source/extensions/filters/http/compressor/config.h b/source/extensions/filters/http/compressor/config.h index 50127769f3b4..abf02a065113 100644 --- a/source/extensions/filters/http/compressor/config.h +++ b/source/extensions/filters/http/compressor/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" #include "envoy/extensions/filters/http/compressor/v3/compressor.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,11 +16,11 @@ namespace Compressor { class CompressorFilterFactory : public Common::FactoryBase { public: - CompressorFilterFactory() : FactoryBase(HttpFilterNames::get().Compressor) {} + CompressorFilterFactory() : FactoryBase("envoy.filters.http.compressor") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( - const envoy::extensions::filters::http::compressor::v3::Compressor& config, + const envoy::extensions::filters::http::compressor::v3::Compressor& proto_config, const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; }; diff --git a/source/extensions/filters/http/cors/BUILD b/source/extensions/filters/http/cors/BUILD index 719af988af59..618d84a50f7c 100644 --- a/source/extensions/filters/http/cors/BUILD +++ b/source/extensions/filters/http/cors/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["cors_filter.cc"], hdrs = ["cors_filter.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", @@ -31,16 +31,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - # TODO(#9953) clean up. - extra_visibility = [ - "//test/integration:__subpackages__", - ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/cors:cors_filter_lib", "@envoy_api//envoy/extensions/filters/http/cors/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/cors/config.cc b/source/extensions/filters/http/cors/config.cc index 4a97416e714c..22fbc4daa75e 100644 --- a/source/extensions/filters/http/cors/config.cc +++ b/source/extensions/filters/http/cors/config.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/cors/config.h" +#include "source/extensions/filters/http/cors/config.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/cors/cors_filter.h" +#include "source/extensions/filters/http/cors/cors_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cors/config.h b/source/extensions/filters/http/cors/config.h index 96acf31a33a2..e8a9a986aa66 100644 --- a/source/extensions/filters/http/cors/config.h +++ b/source/extensions/filters/http/cors/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/cors/v3/cors.pb.h" #include "envoy/extensions/filters/http/cors/v3/cors.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Cors { class CorsFilterFactory : public Common::FactoryBase { public: - CorsFilterFactory() : FactoryBase(HttpFilterNames::get().Cors) {} + CorsFilterFactory() : FactoryBase("envoy.filters.http.cors") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::cors::v3::Cors& proto_config, diff --git a/source/extensions/filters/http/cors/cors_filter.cc b/source/extensions/filters/http/cors/cors_filter.cc index e936b16c8f24..c7314a437a58 100644 --- a/source/extensions/filters/http/cors/cors_filter.cc +++ b/source/extensions/filters/http/cors/cors_filter.cc @@ -1,13 +1,13 @@ -#include "extensions/filters/http/cors/cors_filter.h" +#include "source/extensions/filters/http/cors/cors_filter.h" #include "envoy/http/codes.h" #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/cors/cors_filter.h b/source/extensions/filters/http/cors/cors_filter.h index 6603469055a7..5bcef49783f0 100644 --- a/source/extensions/filters/http/cors/cors_filter.h +++ b/source/extensions/filters/http/cors/cors_filter.h @@ -4,7 +4,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/csrf/BUILD b/source/extensions/filters/http/csrf/BUILD index 9b5af4e5a878..62b356910693 100644 --- a/source/extensions/filters/http/csrf/BUILD +++ b/source/extensions/filters/http/csrf/BUILD @@ -17,13 +17,12 @@ envoy_cc_library( srcs = ["csrf_filter.cc"], hdrs = ["csrf_filter.h"], deps = [ - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:matchers_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/http:utility_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/csrf/v3:pkg_cc_proto", ], @@ -33,11 +32,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/csrf:csrf_filter_lib", "@envoy_api//envoy/extensions/filters/http/csrf/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/csrf/config.cc b/source/extensions/filters/http/csrf/config.cc index 34e1fbd92f74..7a455c3c5e89 100644 --- a/source/extensions/filters/http/csrf/config.cc +++ b/source/extensions/filters/http/csrf/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/csrf/config.h" +#include "source/extensions/filters/http/csrf/config.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/csrf/csrf_filter.h" +#include "source/extensions/filters/http/csrf/csrf_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/csrf/config.h b/source/extensions/filters/http/csrf/config.h index c480bc1ca475..8ff72af990ac 100644 --- a/source/extensions/filters/http/csrf/config.h +++ b/source/extensions/filters/http/csrf/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Csrf { class CsrfFilterFactory : public Common::FactoryBase { public: - CsrfFilterFactory() : FactoryBase(HttpFilterNames::get().Csrf) {} + CsrfFilterFactory() : FactoryBase("envoy.filters.http.csrf") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/csrf/csrf_filter.cc b/source/extensions/filters/http/csrf/csrf_filter.cc index 01fe2f38127a..ed721842260c 100644 --- a/source/extensions/filters/http/csrf/csrf_filter.cc +++ b/source/extensions/filters/http/csrf/csrf_filter.cc @@ -1,14 +1,12 @@ -#include "extensions/filters/http/csrf/csrf_filter.h" +#include "source/extensions/filters/http/csrf/csrf_filter.h" #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/stats/scope.h" -#include "common/common/empty_string.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Extensions { @@ -128,7 +126,7 @@ Http::FilterHeadersStatus CsrfFilter::decodeHeaders(Http::RequestHeaderMap& head } void CsrfFilter::determinePolicy() { - const std::string& name = Extensions::HttpFilters::HttpFilterNames::get().Csrf; + const std::string& name = "envoy.filters.http.csrf"; const CsrfPolicy* policy = Http::Utility::resolveMostSpecificPerFilterConfig(name, callbacks_->route()); if (policy != nullptr) { diff --git a/source/extensions/filters/http/csrf/csrf_filter.h b/source/extensions/filters/http/csrf/csrf_filter.h index 69e88ff858b0..5697cf99f59e 100644 --- a/source/extensions/filters/http/csrf/csrf_filter.h +++ b/source/extensions/filters/http/csrf/csrf_filter.h @@ -6,8 +6,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/matchers.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/matchers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/decompressor/BUILD b/source/extensions/filters/http/decompressor/BUILD index fb69254e476b..0e85a3267d38 100644 --- a/source/extensions/filters/http/decompressor/BUILD +++ b/source/extensions/filters/http/decompressor/BUILD @@ -17,9 +17,9 @@ envoy_cc_library( srcs = ["decompressor_filter.cc"], hdrs = ["decompressor_filter.h"], deps = [ - "//include/envoy/compression/decompressor:decompressor_config_interface", - "//include/envoy/compression/decompressor:decompressor_interface", - "//include/envoy/http:filter_interface", + "//envoy/compression/decompressor:decompressor_config_interface", + "//envoy/compression/decompressor:decompressor_interface", + "//envoy/http:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:macros", "//source/common/http:headers_lib", @@ -33,13 +33,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":decompressor_filter_lib", - "//include/envoy/compression/decompressor:decompressor_config_interface", + "//envoy/compression/decompressor:decompressor_config_interface", "//source/common/config:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/decompressor/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/decompressor/config.cc b/source/extensions/filters/http/decompressor/config.cc index 988f76c75859..e15257c7d2e3 100644 --- a/source/extensions/filters/http/decompressor/config.cc +++ b/source/extensions/filters/http/decompressor/config.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/http/decompressor/config.h" +#include "source/extensions/filters/http/decompressor/config.h" #include "envoy/compression/decompressor/config.h" -#include "common/config/utility.h" - -#include "extensions/filters/http/decompressor/decompressor_filter.h" +#include "source/common/config/utility.h" +#include "source/extensions/filters/http/decompressor/decompressor_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/decompressor/config.h b/source/extensions/filters/http/decompressor/config.h index cdcef94a180e..6c3bdd5c2278 100644 --- a/source/extensions/filters/http/decompressor/config.h +++ b/source/extensions/filters/http/decompressor/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.h" #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Decompressor { class DecompressorFilterFactory : public Common::FactoryBase { public: - DecompressorFilterFactory() : FactoryBase(HttpFilterNames::get().Decompressor) {} + DecompressorFilterFactory() : FactoryBase("envoy.filters.http.decompressor") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/decompressor/decompressor_filter.cc b/source/extensions/filters/http/decompressor/decompressor_filter.cc index c30c5b1a9360..d632c356004b 100644 --- a/source/extensions/filters/http/decompressor/decompressor_filter.cc +++ b/source/extensions/filters/http/decompressor/decompressor_filter.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/decompressor/decompressor_filter.h" +#include "source/extensions/filters/http/decompressor/decompressor_filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/common/macros.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/decompressor/decompressor_filter.h b/source/extensions/filters/http/decompressor/decompressor_filter.h index 601d170fe136..5f13e6b3b13d 100644 --- a/source/extensions/filters/http/decompressor/decompressor_filter.h +++ b/source/extensions/filters/http/decompressor/decompressor_filter.h @@ -5,11 +5,10 @@ #include "envoy/extensions/filters/http/decompressor/v3/decompressor.pb.h" #include "envoy/http/filter.h" -#include "common/common/macros.h" -#include "common/http/headers.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/macros.h" +#include "source/common/http/headers.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamic_forward_proxy/BUILD b/source/extensions/filters/http/dynamic_forward_proxy/BUILD index 5b0768fe9d2d..ef0a6fb5c67a 100644 --- a/source/extensions/filters/http/dynamic_forward_proxy/BUILD +++ b/source/extensions/filters/http/dynamic_forward_proxy/BUILD @@ -14,10 +14,9 @@ envoy_cc_library( srcs = ["proxy_filter.cc"], hdrs = ["proxy_filter.h"], deps = [ - "//include/envoy/http:filter_interface", - "//source/extensions/clusters:well_known_names", + "//envoy/http:filter_interface", + "//source/common/http:header_utility_lib", "//source/extensions/common/dynamic_forward_proxy:dns_cache_interface", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -29,13 +28,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/dynamic_forward_proxy:proxy_filter_lib", "@envoy_api//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/dynamic_forward_proxy/config.cc b/source/extensions/filters/http/dynamic_forward_proxy/config.cc index 1907801bfa1d..eb7dd21633a9 100644 --- a/source/extensions/filters/http/dynamic_forward_proxy/config.cc +++ b/source/extensions/filters/http/dynamic_forward_proxy/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/dynamic_forward_proxy/config.h" +#include "source/extensions/filters/http/dynamic_forward_proxy/config.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.validate.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" -#include "extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" +#include "source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamic_forward_proxy/config.h b/source/extensions/filters/http/dynamic_forward_proxy/config.h index 26fb6d0e1311..fe723ad0f537 100644 --- a/source/extensions/filters/http/dynamic_forward_proxy/config.h +++ b/source/extensions/filters/http/dynamic_forward_proxy/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -19,7 +18,7 @@ class DynamicForwardProxyFilterFactory envoy::extensions::filters::http::dynamic_forward_proxy::v3::FilterConfig, envoy::extensions::filters::http::dynamic_forward_proxy::v3::PerRouteConfig> { public: - DynamicForwardProxyFilterFactory() : FactoryBase(HttpFilterNames::get().DynamicForwardProxy) {} + DynamicForwardProxyFilterFactory() : FactoryBase("envoy.filters.http.dynamic_forward_proxy") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc b/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc index 09856fa4f23e..9c90194f265c 100644 --- a/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc +++ b/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" +#include "source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h" #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" -#include "extensions/clusters/well_known_names.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/utility.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { @@ -64,8 +63,7 @@ Http::FilterHeadersStatus ProxyFilter::decodeHeaders(Http::RequestHeaderMap& hea if (!cluster_type) { return Http::FilterHeadersStatus::Continue; } - if (cluster_type->name() != - Envoy::Extensions::Clusters::ClusterTypes::get().DynamicForwardProxy) { + if (cluster_type->name() != "envoy.clusters.dynamic_forward_proxy") { return Http::FilterHeadersStatus::Continue; } @@ -87,8 +85,9 @@ Http::FilterHeadersStatus ProxyFilter::decodeHeaders(Http::RequestHeaderMap& hea } // Check for per route filter config. - const auto* config = route_entry->mostSpecificPerFilterConfigTyped( - HttpFilterNames::get().DynamicForwardProxy); + const auto* config = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.dynamic_forward_proxy", route); + if (config != nullptr) { const auto& host_rewrite = config->hostRewrite(); if (!host_rewrite.empty()) { diff --git a/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h b/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h index e4dccab63694..d97e3efeed54 100644 --- a/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h +++ b/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamo/BUILD b/source/extensions/filters/http/dynamo/BUILD index 4854329af55c..0e5f5d473ae6 100644 --- a/source/extensions/filters/http/dynamo/BUILD +++ b/source/extensions/filters/http/dynamo/BUILD @@ -19,8 +19,8 @@ envoy_cc_library( deps = [ ":dynamo_request_parser_lib", ":dynamo_stats_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/http:filter_interface", + "//envoy/runtime:runtime_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:exception_lib", @@ -32,7 +32,7 @@ envoy_cc_library( srcs = ["dynamo_request_parser.cc"], hdrs = ["dynamo_request_parser.h"], deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/common:utility_lib", "//source/common/json:json_loader_lib", ], @@ -42,13 +42,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":dynamo_filter_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/dynamo/v3:pkg_cc_proto", ], @@ -60,7 +57,7 @@ envoy_cc_library( hdrs = ["dynamo_stats.h"], deps = [ ":dynamo_request_parser_lib", - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], diff --git a/source/extensions/filters/http/dynamo/config.cc b/source/extensions/filters/http/dynamo/config.cc index 128999520fc4..0850dc9b7083 100644 --- a/source/extensions/filters/http/dynamo/config.cc +++ b/source/extensions/filters/http/dynamo/config.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/http/dynamo/config.h" +#include "source/extensions/filters/http/dynamo/config.h" #include #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/dynamo/dynamo_filter.h" -#include "extensions/filters/http/dynamo/dynamo_stats.h" +#include "source/extensions/filters/http/dynamo/dynamo_filter.h" +#include "source/extensions/filters/http/dynamo/dynamo_stats.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamo/config.h b/source/extensions/filters/http/dynamo/config.h index 551438e67454..6ede72334371 100644 --- a/source/extensions/filters/http/dynamo/config.h +++ b/source/extensions/filters/http/dynamo/config.h @@ -6,8 +6,7 @@ #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -20,7 +19,7 @@ namespace Dynamo { class DynamoFilterConfig : public Common::FactoryBase { public: - DynamoFilterConfig() : FactoryBase(HttpFilterNames::get().Dynamo) {} + DynamoFilterConfig() : FactoryBase("envoy.filters.http.dynamo") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/dynamo/dynamo_filter.cc b/source/extensions/filters/http/dynamo/dynamo_filter.cc index 4be293580b8b..bb41e4dd9a5e 100644 --- a/source/extensions/filters/http/dynamo/dynamo_filter.cc +++ b/source/extensions/filters/http/dynamo/dynamo_filter.cc @@ -1,20 +1,19 @@ -#include "extensions/filters/http/dynamo/dynamo_filter.h" +#include "source/extensions/filters/http/dynamo/dynamo_filter.h" #include #include #include #include -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/http/codes.h" -#include "common/http/exception.h" -#include "common/http/utility.h" -#include "common/json/json_loader.h" - -#include "extensions/filters/http/dynamo/dynamo_request_parser.h" -#include "extensions/filters/http/dynamo/dynamo_stats.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/http/codes.h" +#include "source/common/http/exception.h" +#include "source/common/http/utility.h" +#include "source/common/json/json_loader.h" +#include "source/extensions/filters/http/dynamo/dynamo_request_parser.h" +#include "source/extensions/filters/http/dynamo/dynamo_stats.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/filters/http/dynamo/dynamo_filter.h b/source/extensions/filters/http/dynamo/dynamo_filter.h index d341c801cad6..c7249f7fcdd5 100644 --- a/source/extensions/filters/http/dynamo/dynamo_filter.h +++ b/source/extensions/filters/http/dynamo/dynamo_filter.h @@ -7,10 +7,9 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" -#include "common/json/json_loader.h" - -#include "extensions/filters/http/dynamo/dynamo_request_parser.h" -#include "extensions/filters/http/dynamo/dynamo_stats.h" +#include "source/common/json/json_loader.h" +#include "source/extensions/filters/http/dynamo/dynamo_request_parser.h" +#include "source/extensions/filters/http/dynamo/dynamo_stats.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamo/dynamo_request_parser.cc b/source/extensions/filters/http/dynamo/dynamo_request_parser.cc index 6fd0a1d42a84..e0d29327f03b 100644 --- a/source/extensions/filters/http/dynamo/dynamo_request_parser.cc +++ b/source/extensions/filters/http/dynamo/dynamo_request_parser.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/http/dynamo/dynamo_request_parser.h" +#include "source/extensions/filters/http/dynamo/dynamo_request_parser.h" #include #include #include #include -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "absl/strings/match.h" diff --git a/source/extensions/filters/http/dynamo/dynamo_request_parser.h b/source/extensions/filters/http/dynamo/dynamo_request_parser.h index 931d0a4835f8..39e8fcbb31ec 100644 --- a/source/extensions/filters/http/dynamo/dynamo_request_parser.h +++ b/source/extensions/filters/http/dynamo/dynamo_request_parser.h @@ -6,7 +6,7 @@ #include "envoy/http/header_map.h" -#include "common/json/json_loader.h" +#include "source/common/json/json_loader.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamo/dynamo_stats.cc b/source/extensions/filters/http/dynamo/dynamo_stats.cc index 06f3770a688e..ba0e5d935538 100644 --- a/source/extensions/filters/http/dynamo/dynamo_stats.cc +++ b/source/extensions/filters/http/dynamo/dynamo_stats.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/dynamo/dynamo_stats.h" +#include "source/extensions/filters/http/dynamo/dynamo_stats.h" #include #include #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/http/dynamo/dynamo_request_parser.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/http/dynamo/dynamo_request_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/dynamo/dynamo_stats.h b/source/extensions/filters/http/dynamo/dynamo_stats.h index 48399e4f4d23..78bd72c72803 100644 --- a/source/extensions/filters/http/dynamo/dynamo_stats.h +++ b/source/extensions/filters/http/dynamo/dynamo_stats.h @@ -5,8 +5,8 @@ #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_authz/BUILD b/source/extensions/filters/http/ext_authz/BUILD index 766e09774d1e..77f98b776db5 100644 --- a/source/extensions/filters/http/ext_authz/BUILD +++ b/source/extensions/filters/http/ext_authz/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["ext_authz.cc"], hdrs = ["ext_authz.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/stats:stats_macros", + "//envoy/http:codes_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -40,17 +40,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ ":ext_authz", - "//include/envoy/registry", - "//include/envoy/stats:stats_macros", + "//envoy/registry", + "//envoy/stats:stats_macros", "//source/common/config:utility_lib", "//source/common/grpc:google_async_client_cache", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ext_authz:ext_authz_http_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/ext_authz/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/ext_authz/config.cc b/source/extensions/filters/http/ext_authz/config.cc index c99894009d9a..9370b6c3c843 100644 --- a/source/extensions/filters/http/ext_authz/config.cc +++ b/source/extensions/filters/http/ext_authz/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/ext_authz/config.h" +#include "source/extensions/filters/http/ext_authz/config.h" #include #include @@ -8,13 +8,12 @@ #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/grpc/google_async_client_cache.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" -#include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" -#include "extensions/filters/http/ext_authz/ext_authz.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/google_async_client_cache.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_http_impl.h" +#include "source/extensions/filters/http/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_authz/config.h b/source/extensions/filters/http/ext_authz/config.h index 600c572f0507..a5cddfb6a12c 100644 --- a/source/extensions/filters/http/ext_authz/config.h +++ b/source/extensions/filters/http/ext_authz/config.h @@ -3,9 +3,8 @@ #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.validate.h" -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -20,7 +19,7 @@ class ExtAuthzFilterConfig envoy::extensions::filters::http::ext_authz::v3::ExtAuthz, envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute> { public: - ExtAuthzFilterConfig() : FactoryBase(HttpFilterNames::get().ExtAuthorization) {} + ExtAuthzFilterConfig() : FactoryBase("envoy.filters.http.ext_authz") {} private: static constexpr uint64_t DefaultTimeout = 200; diff --git a/source/extensions/filters/http/ext_authz/ext_authz.cc b/source/extensions/filters/http/ext_authz/ext_authz.cc index 97ca3d778206..815ab88669df 100644 --- a/source/extensions/filters/http/ext_authz/ext_authz.cc +++ b/source/extensions/filters/http/ext_authz/ext_authz.cc @@ -1,14 +1,12 @@ -#include "extensions/filters/http/ext_authz/ext_authz.h" +#include "source/extensions/filters/http/ext_authz/ext_authz.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/matchers.h" -#include "common/http/utility.h" -#include "common/router/config_impl.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/matchers.h" +#include "source/common/http/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Extensions { @@ -41,7 +39,7 @@ void Filter::initiateCall(const Http::RequestHeaderMap& headers, auto&& maybe_merged_per_route_config = Http::Utility::getMergedPerFilterConfig( - HttpFilterNames::get().ExtAuthorization, route, + "envoy.filters.http.ext_authz", route, [](FilterConfigPerRoute& cfg_base, const FilterConfigPerRoute& cfg) { cfg_base.merge(cfg); }); @@ -209,7 +207,7 @@ void Filter::onComplete(Filters::Common::ExtAuthz::ResponsePtr&& response) { Stats::StatName empty_stat_name; if (!response->dynamic_metadata.fields().empty()) { - decoder_callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().ExtAuthorization, + decoder_callbacks_->streamInfo().setDynamicMetadata("envoy.filters.http.ext_authz", response->dynamic_metadata); } @@ -299,7 +297,7 @@ void Filter::onComplete(Filters::Common::ExtAuthz::ResponsePtr&& response) { empty_stat_name, empty_stat_name, false}; - config_->httpContext().codeStats().chargeResponseStat(info); + config_->httpContext().codeStats().chargeResponseStat(info, false); } decoder_callbacks_->sendLocalReply( @@ -382,7 +380,7 @@ Filter::PerRouteFlags Filter::getPerRouteFlags(const Router::RouteConstSharedPtr const auto* specific_per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( - HttpFilterNames::get().ExtAuthorization, route); + "envoy.filters.http.ext_authz", route); if (specific_per_route_config != nullptr) { return PerRouteFlags{specific_per_route_config->disabled(), specific_per_route_config->disableRequestBodyBuffering()}; diff --git a/source/extensions/filters/http/ext_authz/ext_authz.h b/source/extensions/filters/http/ext_authz/ext_authz.h index 9b1aca32f97a..4ebde4770380 100644 --- a/source/extensions/filters/http/ext_authz/ext_authz.h +++ b/source/extensions/filters/http/ext_authz/ext_authz.h @@ -13,16 +13,15 @@ #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/common/ext_authz/ext_authz.h" -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" -#include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_http_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/BUILD b/source/extensions/filters/http/ext_proc/BUILD index 1a0dbe8a05a5..e49813400fb6 100644 --- a/source/extensions/filters/http/ext_proc/BUILD +++ b/source/extensions/filters/http/ext_proc/BUILD @@ -22,10 +22,10 @@ envoy_cc_library( deps = [ ":client_interface", ":mutation_utils_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/stats:stats_macros", + "//envoy/event:timer_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@com_google_absl//absl/strings:str_format", @@ -38,13 +38,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ ":client_lib", ":ext_proc", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/ext_proc/v3alpha:pkg_cc_proto", ], @@ -54,7 +50,7 @@ envoy_cc_library( name = "client_interface", hdrs = ["client.h"], deps = [ - "//include/envoy/grpc:status", + "//envoy/grpc:status", "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_proto", ], ) @@ -64,8 +60,8 @@ envoy_cc_library( srcs = ["mutation_utils.cc"], hdrs = ["mutation_utils.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/http:header_map_interface", + "//envoy/buffer:buffer_interface", + "//envoy/http:header_map_interface", "//source/common/http:header_utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_proto", @@ -78,9 +74,9 @@ envoy_cc_library( hdrs = ["client_impl.h"], deps = [ ":client_interface", - "//include/envoy/grpc:async_client_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/stats:stats_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/grpc:typed_async_client_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_proto", diff --git a/source/extensions/filters/http/ext_proc/client_impl.cc b/source/extensions/filters/http/ext_proc/client_impl.cc index d5e2f0a5a0ae..ca18cffcc0b6 100644 --- a/source/extensions/filters/http/ext_proc/client_impl.cc +++ b/source/extensions/filters/http/ext_proc/client_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/ext_proc/client_impl.h" +#include "source/extensions/filters/http/ext_proc/client_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/client_impl.h b/source/extensions/filters/http/ext_proc/client_impl.h index dc2973ef109c..fdce71ed1a17 100644 --- a/source/extensions/filters/http/ext_proc/client_impl.h +++ b/source/extensions/filters/http/ext_proc/client_impl.h @@ -8,9 +8,8 @@ #include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" #include "envoy/stats/scope.h" -#include "common/grpc/typed_async_client.h" - -#include "extensions/filters/http/ext_proc/client.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/extensions/filters/http/ext_proc/client.h" using envoy::service::ext_proc::v3alpha::ProcessingRequest; using envoy::service::ext_proc::v3alpha::ProcessingResponse; diff --git a/source/extensions/filters/http/ext_proc/config.cc b/source/extensions/filters/http/ext_proc/config.cc index 117f8f6eca6e..221ebac44a96 100644 --- a/source/extensions/filters/http/ext_proc/config.cc +++ b/source/extensions/filters/http/ext_proc/config.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/http/ext_proc/config.h" +#include "source/extensions/filters/http/ext_proc/config.h" #include -#include "extensions/filters/http/ext_proc/client_impl.h" -#include "extensions/filters/http/ext_proc/ext_proc.h" +#include "source/extensions/filters/http/ext_proc/client_impl.h" +#include "source/extensions/filters/http/ext_proc/ext_proc.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/config.h b/source/extensions/filters/http/ext_proc/config.h index a3626a249e7a..71e7fa83753a 100644 --- a/source/extensions/filters/http/ext_proc/config.h +++ b/source/extensions/filters/http/ext_proc/config.h @@ -5,8 +5,7 @@ #include "envoy/extensions/filters/http/ext_proc/v3alpha/ext_proc.pb.h" #include "envoy/extensions/filters/http/ext_proc/v3alpha/ext_proc.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class ExternalProcessingFilterConfig envoy::extensions::filters::http::ext_proc::v3alpha::ExternalProcessor> { public: - ExternalProcessingFilterConfig() : FactoryBase(HttpFilterNames::get().ExternalProcessing) {} + ExternalProcessingFilterConfig() : FactoryBase("envoy.filters.http.ext_proc") {} private: static constexpr uint64_t kDefaultMessageTimeoutMs = 200; diff --git a/source/extensions/filters/http/ext_proc/ext_proc.cc b/source/extensions/filters/http/ext_proc/ext_proc.cc index 3467dfd01fd2..2e55d836ac4f 100644 --- a/source/extensions/filters/http/ext_proc/ext_proc.cc +++ b/source/extensions/filters/http/ext_proc/ext_proc.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/http/ext_proc/ext_proc.h" +#include "source/extensions/filters/http/ext_proc/ext_proc.h" -#include "extensions/filters/http/ext_proc/mutation_utils.h" +#include "source/extensions/filters/http/ext_proc/mutation_utils.h" #include "absl/strings/str_format.h" diff --git a/source/extensions/filters/http/ext_proc/ext_proc.h b/source/extensions/filters/http/ext_proc/ext_proc.h index 0ccb23162113..a3754db99aba 100644 --- a/source/extensions/filters/http/ext_proc/ext_proc.h +++ b/source/extensions/filters/http/ext_proc/ext_proc.h @@ -12,11 +12,10 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/filters/http/common/pass_through_filter.h" -#include "extensions/filters/http/ext_proc/client.h" -#include "extensions/filters/http/ext_proc/processor_state.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/ext_proc/client.h" +#include "source/extensions/filters/http/ext_proc/processor_state.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/mutation_utils.cc b/source/extensions/filters/http/ext_proc/mutation_utils.cc index e0a5602030a2..8fa43ade130d 100644 --- a/source/extensions/filters/http/ext_proc/mutation_utils.cc +++ b/source/extensions/filters/http/ext_proc/mutation_utils.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/ext_proc/mutation_utils.h" +#include "source/extensions/filters/http/ext_proc/mutation_utils.h" #include "envoy/http/header_map.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/protobuf/utility.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/mutation_utils.h b/source/extensions/filters/http/ext_proc/mutation_utils.h index cb700019c5a7..14b28cf306e7 100644 --- a/source/extensions/filters/http/ext_proc/mutation_utils.h +++ b/source/extensions/filters/http/ext_proc/mutation_utils.h @@ -4,7 +4,7 @@ #include "envoy/http/header_map.h" #include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/processor_state.cc b/source/extensions/filters/http/ext_proc/processor_state.cc index f02faf3e267a..5fd79fa82d2f 100644 --- a/source/extensions/filters/http/ext_proc/processor_state.cc +++ b/source/extensions/filters/http/ext_proc/processor_state.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/http/ext_proc/processor_state.h" +#include "source/extensions/filters/http/ext_proc/processor_state.h" -#include "common/buffer/buffer_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/ext_proc/ext_proc.h" -#include "extensions/filters/http/ext_proc/mutation_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/ext_proc/ext_proc.h" +#include "source/extensions/filters/http/ext_proc/mutation_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ext_proc/processor_state.h b/source/extensions/filters/http/ext_proc/processor_state.h index fc3914c66c1d..5a22c0ba26f9 100644 --- a/source/extensions/filters/http/ext_proc/processor_state.h +++ b/source/extensions/filters/http/ext_proc/processor_state.h @@ -7,7 +7,7 @@ #include "envoy/http/header_map.h" #include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/fault/BUILD b/source/extensions/filters/http/fault/BUILD index db2a5a61ed97..08f464a0c64c 100644 --- a/source/extensions/filters/http/fault/BUILD +++ b/source/extensions/filters/http/fault/BUILD @@ -17,13 +17,13 @@ envoy_cc_library( srcs = ["fault_filter.cc"], hdrs = ["fault_filter.h"], deps = [ - "//include/envoy/event:timer_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/event:timer_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -35,7 +35,6 @@ envoy_cc_library( "//source/common/protobuf:utility_lib", "//source/common/stats:utility_lib", "//source/extensions/filters/common/fault:fault_config_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:stream_rate_limiter_lib", "@envoy_api//envoy/extensions/filters/http/fault/v3:pkg_cc_proto", "@envoy_api//envoy/type/v3:pkg_cc_proto", @@ -46,11 +45,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/fault:fault_filter_lib", "@envoy_api//envoy/extensions/filters/http/fault/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/fault/config.cc b/source/extensions/filters/http/fault/config.cc index 3810eaddfdb4..a4b20fa04665 100644 --- a/source/extensions/filters/http/fault/config.cc +++ b/source/extensions/filters/http/fault/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/fault/config.h" +#include "source/extensions/filters/http/fault/config.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/fault/fault_filter.h" +#include "source/extensions/filters/http/fault/fault_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/fault/config.h b/source/extensions/filters/http/fault/config.h index 102511399bb5..bc0381835fdc 100644 --- a/source/extensions/filters/http/fault/config.h +++ b/source/extensions/filters/http/fault/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/fault/v3/fault.pb.h" #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Fault { class FaultFilterFactory : public Common::FactoryBase { public: - FaultFilterFactory() : FactoryBase(HttpFilterNames::get().Fault) {} + FaultFilterFactory() : FactoryBase("envoy.filters.http.fault") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/fault/fault_filter.cc b/source/extensions/filters/http/fault/fault_filter.cc index de302a221698..7499e47dd5b8 100644 --- a/source/extensions/filters/http/fault/fault_filter.cc +++ b/source/extensions/filters/http/fault/fault_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/fault/fault_filter.h" +#include "source/extensions/filters/http/fault/fault_filter.h" #include #include @@ -12,17 +12,15 @@ #include "envoy/http/header_map.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" -#include "common/stats/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Extensions { @@ -113,14 +111,9 @@ Http::FilterHeadersStatus FaultFilter::decodeHeaders(Http::RequestHeaderMap& hea // faults. In other words, runtime is supported only when faults are // configured at the filter level. fault_settings_ = config_->settings(); - if (decoder_callbacks_->route() && decoder_callbacks_->route()->routeEntry()) { - const std::string& name = Extensions::HttpFilters::HttpFilterNames::get().Fault; - const auto* route_entry = decoder_callbacks_->route()->routeEntry(); - - const auto* per_route_settings = - route_entry->mostSpecificPerFilterConfigTyped(name); - fault_settings_ = per_route_settings ? per_route_settings : fault_settings_; - } + const auto* per_route_settings = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.fault", decoder_callbacks_->route()); + fault_settings_ = per_route_settings ? per_route_settings : fault_settings_; if (!matchesTargetUpstreamCluster()) { return Http::FilterHeadersStatus::Continue; diff --git a/source/extensions/filters/http/fault/fault_filter.h b/source/extensions/filters/http/fault/fault_filter.h index fefea8bd06f5..f96756f16c13 100644 --- a/source/extensions/filters/http/fault/fault_filter.h +++ b/source/extensions/filters/http/fault/fault_filter.h @@ -13,13 +13,12 @@ #include "envoy/stats/stats_macros.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/token_bucket_impl.h" -#include "common/http/header_utility.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/common/fault/fault_config.h" -#include "extensions/filters/http/common/stream_rate_limiter.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/token_bucket_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/common/fault/fault_config.h" +#include "source/extensions/filters/http/common/stream_rate_limiter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_http1_bridge/BUILD b/source/extensions/filters/http/grpc_http1_bridge/BUILD index 4a1154094c64..c812c4e4c990 100644 --- a/source/extensions/filters/http/grpc_http1_bridge/BUILD +++ b/source/extensions/filters/http/grpc_http1_bridge/BUILD @@ -17,9 +17,9 @@ envoy_cc_library( srcs = ["http1_bridge_filter.cc"], hdrs = ["http1_bridge_filter.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/common:utility_lib", "//source/common/grpc:common_lib", @@ -33,18 +33,15 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//source/exe:__pkg__", "//test/integration:__subpackages__", "//test/server:__subpackages__", ], - security_posture = "unknown", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_http1_bridge:http1_bridge_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_bridge/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/grpc_http1_bridge/config.cc b/source/extensions/filters/http/grpc_http1_bridge/config.cc index 17f41987248f..bc058d0d28bb 100644 --- a/source/extensions/filters/http/grpc_http1_bridge/config.cc +++ b/source/extensions/filters/http/grpc_http1_bridge/config.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/grpc_http1_bridge/config.h" +#include "source/extensions/filters/http/grpc_http1_bridge/config.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" +#include "source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_http1_bridge/config.h b/source/extensions/filters/http/grpc_http1_bridge/config.h index a431632da562..c43f1a6d9520 100644 --- a/source/extensions/filters/http/grpc_http1_bridge/config.h +++ b/source/extensions/filters/http/grpc_http1_bridge/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/grpc_http1_bridge/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_http1_bridge/v3/config.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace GrpcHttp1Bridge { class GrpcHttp1BridgeFilterConfig : public Common::FactoryBase { public: - GrpcHttp1BridgeFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcHttp1Bridge) {} + GrpcHttp1BridgeFilterConfig() : FactoryBase("envoy.filters.http.grpc_http1_bridge") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_bridge::v3::Config& proto_config, diff --git a/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.cc b/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.cc index ae5332d3504a..5dc10045c3fc 100644 --- a/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.cc +++ b/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" +#include "source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" #include #include @@ -6,12 +6,12 @@ #include "envoy/http/codes.h" -#include "common/common/enum_to_int.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/grpc/context_impl.h" -#include "common/http/headers.h" -#include "common/http/http1/codec_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/http1/codec_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h b/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h index 84b1ad18a4d0..948e2952eac9 100644 --- a/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h +++ b/source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h @@ -3,8 +3,8 @@ #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" -#include "common/grpc/context_impl.h" -#include "common/runtime/runtime_features.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_http1_reverse_bridge/BUILD b/source/extensions/filters/http/grpc_http1_reverse_bridge/BUILD index be9226b61f54..a248578f0863 100644 --- a/source/extensions/filters/http/grpc_http1_reverse_bridge/BUILD +++ b/source/extensions/filters/http/grpc_http1_reverse_bridge/BUILD @@ -14,14 +14,13 @@ envoy_cc_library( srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/common:enum_to_int", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/grpc:status_lib", "//source/common/http:header_map_lib", "//source/common/http:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg_cc_proto", ], @@ -31,15 +30,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ ":filter_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/grpc_http1_reverse_bridge/config.cc b/source/extensions/filters/http/grpc_http1_reverse_bridge/config.cc index d85bff6e3194..3f8421a428fd 100644 --- a/source/extensions/filters/http/grpc_http1_reverse_bridge/config.cc +++ b/source/extensions/filters/http/grpc_http1_reverse_bridge/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/grpc_http1_reverse_bridge/config.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/config.h" #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_http1_reverse_bridge/config.h b/source/extensions/filters/http/grpc_http1_reverse_bridge/config.h index c9579e3f1379..2d9f7170de83 100644 --- a/source/extensions/filters/http/grpc_http1_reverse_bridge/config.h +++ b/source/extensions/filters/http/grpc_http1_reverse_bridge/config.h @@ -4,8 +4,7 @@ #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ class Config envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfig, envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfigPerRoute> { public: - Config() : FactoryBase(HttpFilterNames::get().GrpcHttp1ReverseBridge) {} + Config() : FactoryBase("envoy.filters.http.grpc_http1_reverse_bridge") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::grpc_http1_reverse_bridge::v3::FilterConfig& config, diff --git a/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.cc b/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.cc index d4f08c6951fa..ea80940d49a1 100644 --- a/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.cc +++ b/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.cc @@ -1,16 +1,14 @@ -#include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h" #include "envoy/http/filter.h" #include "envoy/http/header_map.h" -#include "common/common/enum_to_int.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/grpc/status.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/status.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Extensions { @@ -86,8 +84,7 @@ Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, if (decoder_callbacks_->route() != nullptr) { const auto* per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( - Extensions::HttpFilters::HttpFilterNames::get().GrpcHttp1ReverseBridge, - decoder_callbacks_->route()); + "envoy.filters.http.grpc_http1_reverse_bridge", decoder_callbacks_->route()); if (per_route_config != nullptr && per_route_config->disabled()) { enabled_ = false; return Http::FilterHeadersStatus::Continue; diff --git a/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h b/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h index 2c41e54811a9..392186fe75b0 100644 --- a/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h +++ b/source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h @@ -6,10 +6,9 @@ #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" #include "envoy/http/filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/status.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/status.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/http/grpc_json_transcoder/BUILD b/source/extensions/filters/http/grpc_json_transcoder/BUILD index 822264c252cf..96c08101fc7f 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/BUILD +++ b/source/extensions/filters/http/grpc_json_transcoder/BUILD @@ -25,13 +25,12 @@ envoy_cc_library( deps = [ ":http_body_utils_lib", ":transcoder_input_stream_lib", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/http:headers_lib", "//source/common/protobuf", "//source/common/runtime:runtime_features_lib", - "//source/extensions/filters/http:well_known_names", "@com_google_googleapis//google/api:http_cc_proto", "@envoy_api//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg_cc_proto", ], @@ -62,11 +61,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_json_transcoder:json_transcoder_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_json_transcoder/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/grpc_json_transcoder/config.cc b/source/extensions/filters/http/grpc_json_transcoder/config.cc index f4386c97eeb7..4b8850136c97 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/config.cc +++ b/source/extensions/filters/http/grpc_json_transcoder/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/grpc_json_transcoder/config.h" +#include "source/extensions/filters/http/grpc_json_transcoder/config.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" +#include "source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_json_transcoder/config.h b/source/extensions/filters/http/grpc_json_transcoder/config.h index a48b06dd7511..4fa0179558c3 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/config.h +++ b/source/extensions/filters/http/grpc_json_transcoder/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class GrpcJsonTranscoderFilterConfig : public Common::FactoryBase< envoy::extensions::filters::http::grpc_json_transcoder::v3::GrpcJsonTranscoder> { public: - GrpcJsonTranscoderFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcJsonTranscoder) {} + GrpcJsonTranscoderFilterConfig() : FactoryBase("envoy.filters.http.grpc_json_transcoder") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc index 7741c98c0613..2c14539be75b 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc +++ b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_json_transcoder/http_body_utils.h" +#include "source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h" #include "google/api/httpbody.pb.h" diff --git a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h index 82ef031ca35b..8847441c4732 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h +++ b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h @@ -2,9 +2,9 @@ #include "envoy/buffer/buffer.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/codec.h" -#include "common/protobuf/protobuf.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc b/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc index 3eefd8bfb521..b1b1cd319a40 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc +++ b/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" +#include "source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" #include #include @@ -7,18 +7,16 @@ #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/http/filter.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" - -#include "extensions/filters/http/grpc_json_transcoder/http_body_utils.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h" #include "google/api/annotations.pb.h" #include "google/api/http.pb.h" @@ -419,14 +417,8 @@ JsonTranscoderConfig::translateProtoMessageToJson(const Protobuf::Message& messa JsonTranscoderFilter::JsonTranscoderFilter(JsonTranscoderConfig& config) : config_(config) {} void JsonTranscoderFilter::initPerRouteConfig() { - if (!decoder_callbacks_->route() || !decoder_callbacks_->route()->routeEntry()) { - per_route_config_ = &config_; - return; - } - - const std::string& name = HttpFilterNames::get().GrpcJsonTranscoder; - const auto* entry = decoder_callbacks_->route()->routeEntry(); - const auto* route_local = entry->mostSpecificPerFilterConfigTyped(name); + const auto* route_local = Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.grpc_json_transcoder", decoder_callbacks_->route()); per_route_config_ = route_local ? route_local : &config_; } diff --git a/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h b/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h index 6b80e0cc5762..95d71aeaada9 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h +++ b/source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h @@ -6,12 +6,11 @@ #include "envoy/http/filter.h" #include "envoy/http/header_map.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/grpc/codec.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/grpc/codec.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" #include "google/api/http.pb.h" #include "grpc_transcoding/path_matcher.h" @@ -50,10 +49,6 @@ struct MethodInfo { }; using MethodInfoSharedPtr = std::shared_ptr; -void createHttpBodyEnvelope(Buffer::Instance& output, - const std::vector& request_body_field_path, - std::string content_type, uint64_t content_length); - /** * Global configuration for the gRPC JSON transcoder filter. Factory for the Transcoder interface. */ diff --git a/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.cc b/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.cc index f2dbe5983f61..7c220c004a64 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.cc +++ b/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" +#include "source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h b/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h index ff342cfdb5c4..5c294d74ce60 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h +++ b/source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" #include "grpc_transcoding/transcoder_input_stream.h" diff --git a/source/extensions/filters/http/grpc_stats/BUILD b/source/extensions/filters/http/grpc_stats/BUILD index 10c7558f549f..d3727239b710 100644 --- a/source/extensions/filters/http/grpc_stats/BUILD +++ b/source/extensions/filters/http/grpc_stats/BUILD @@ -14,18 +14,14 @@ envoy_cc_extension( name = "config", srcs = ["grpc_stats_filter.cc"], hdrs = ["grpc_stats_filter.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stream_info:filter_state_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", + "//envoy/stream_info:filter_state_interface", "//source/common/grpc:codec_lib", "//source/common/grpc:common_lib", "//source/common/grpc:context_lib", "//source/common/runtime:runtime_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_stats/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/grpc_stats/grpc_stats_filter.cc b/source/extensions/filters/http/grpc_stats/grpc_stats_filter.cc index 1b61e4ba9c5a..841e56989eea 100644 --- a/source/extensions/filters/http/grpc_stats/grpc_stats_filter.cc +++ b/source/extensions/filters/http/grpc_stats/grpc_stats_filter.cc @@ -1,16 +1,15 @@ -#include "extensions/filters/http/grpc_stats/grpc_stats_filter.h" +#include "source/extensions/filters/http/grpc_stats/grpc_stats_filter.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/grpc/context_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { @@ -53,7 +52,7 @@ class GrpcServiceMethodToRequestNamesMap { static uint64_t hash(const ViewTuple& key) { return absl::Hash()(key); } public: - using is_transparent = void; + using is_transparent = void; // NOLINT(readability-identifier-naming) uint64_t operator()(const OwningKey& key) const { return hash(key); } uint64_t operator()(const ViewKey& key) const { @@ -62,7 +61,7 @@ class GrpcServiceMethodToRequestNamesMap { }; struct MapEq { - using is_transparent = void; + using is_transparent = void; // NOLINT(readability-identifier-naming) bool operator()(const OwningKey& left, const OwningKey& right) const { return left == right; } bool operator()(const OwningKey& left, const ViewKey& right) const { return left == std::make_tuple(right.service_, right.method_); @@ -246,7 +245,7 @@ class GrpcStatsFilter : public Http::PassThroughFilter { auto state = std::make_unique(); filter_object_ = state.get(); decoder_callbacks_->streamInfo().filterState()->setData( - HttpFilterNames::get().GrpcStats, std::move(state), + "envoy.filters.http.grpc_stats", std::move(state), StreamInfo::FilterState::StateType::Mutable, StreamInfo::FilterState::LifeSpan::FilterChain); } diff --git a/source/extensions/filters/http/grpc_stats/grpc_stats_filter.h b/source/extensions/filters/http/grpc_stats/grpc_stats_filter.h index 0734d10e8d3d..c9cc7210a1fa 100644 --- a/source/extensions/filters/http/grpc_stats/grpc_stats_filter.h +++ b/source/extensions/filters/http/grpc_stats/grpc_stats_filter.h @@ -5,8 +5,7 @@ #include "envoy/server/filter_config.h" #include "envoy/stream_info/filter_state.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -33,7 +32,7 @@ struct GrpcStatsObject : public StreamInfo::FilterState::Object { class GrpcStatsFilterConfigFactory : public Common::FactoryBase { public: - GrpcStatsFilterConfigFactory() : FactoryBase(HttpFilterNames::get().GrpcStats) {} + GrpcStatsFilterConfigFactory() : FactoryBase("envoy.filters.http.grpc_stats") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/grpc_web/BUILD b/source/extensions/filters/http/grpc_web/BUILD index 4a7089ca962e..0f27e5f3695b 100644 --- a/source/extensions/filters/http/grpc_web/BUILD +++ b/source/extensions/filters/http/grpc_web/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["grpc_web_filter.cc"], hdrs = ["grpc_web_filter.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:base64_lib", "//source/common/common:utility_lib", "//source/common/grpc:codec_lib", @@ -32,12 +32,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/grpc_web:grpc_web_filter_lib", "@envoy_api//envoy/extensions/filters/http/grpc_web/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/grpc_web/config.cc b/source/extensions/filters/http/grpc_web/config.cc index 28fb50f6fd4d..c86c8bbcf50e 100644 --- a/source/extensions/filters/http/grpc_web/config.cc +++ b/source/extensions/filters/http/grpc_web/config.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/grpc_web/config.h" +#include "source/extensions/filters/http/grpc_web/config.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/grpc_web/grpc_web_filter.h" +#include "source/extensions/filters/http/grpc_web/grpc_web_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_web/config.h b/source/extensions/filters/http/grpc_web/config.h index fccfe0d3a1e0..37fe93a1d777 100644 --- a/source/extensions/filters/http/grpc_web/config.h +++ b/source/extensions/filters/http/grpc_web/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/grpc_web/v3/grpc_web.pb.h" #include "envoy/extensions/filters/http/grpc_web/v3/grpc_web.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -14,7 +13,7 @@ namespace GrpcWeb { class GrpcWebFilterConfig : public Common::FactoryBase { public: - GrpcWebFilterConfig() : FactoryBase(HttpFilterNames::get().GrpcWeb) {} + GrpcWebFilterConfig() : FactoryBase("envoy.filters.http.grpc_web") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/grpc_web/grpc_web_filter.cc b/source/extensions/filters/http/grpc_web/grpc_web_filter.cc index 93953fe44efd..ca474514a450 100644 --- a/source/extensions/filters/http/grpc_web/grpc_web_filter.cc +++ b/source/extensions/filters/http/grpc_web/grpc_web_filter.cc @@ -1,19 +1,19 @@ -#include "extensions/filters/http/grpc_web/grpc_web_filter.h" +#include "source/extensions/filters/http/grpc_web/grpc_web_filter.h" #ifndef WIN32 #include #endif -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/grpc/context_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/grpc_web/grpc_web_filter.h b/source/extensions/filters/http/grpc_web/grpc_web_filter.h index 01f4d59699b2..11c3a75a374d 100644 --- a/source/extensions/filters/http/grpc_web/grpc_web_filter.h +++ b/source/extensions/filters/http/grpc_web/grpc_web_filter.h @@ -3,10 +3,10 @@ #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/non_copyable.h" -#include "common/grpc/codec.h" -#include "common/grpc/context_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/non_copyable.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/context_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/gzip/BUILD b/source/extensions/filters/http/gzip/BUILD deleted file mode 100644 index d2d9fc86479b..000000000000 --- a/source/extensions/filters/http/gzip/BUILD +++ /dev/null @@ -1,41 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_extension", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -# HTTP L7 filter that performs gzip compression -# Public docs: docs/root/configuration/http_filters/gzip_filter.rst - -envoy_extension_package() - -envoy_cc_library( - name = "gzip_filter_lib", - srcs = ["gzip_filter.cc"], - hdrs = ["gzip_filter.h"], - deps = [ - "//source/common/http:headers_lib", - "//source/common/protobuf", - "//source/extensions/compression/gzip/compressor:compressor_lib", - "//source/extensions/filters/http/common/compressor:compressor_lib", - "@envoy_api//envoy/config/core/v3:pkg_cc_proto", - "@envoy_api//envoy/extensions/filters/http/gzip/v3:pkg_cc_proto", - ], -) - -envoy_cc_extension( - name = "config", - srcs = ["config.cc"], - hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", - deps = [ - "//source/extensions/filters/http:well_known_names", - "//source/extensions/filters/http/common:factory_base_lib", - "//source/extensions/filters/http/gzip:gzip_filter_lib", - "@envoy_api//envoy/extensions/filters/http/gzip/v3:pkg_cc_proto", - ], -) diff --git a/source/extensions/filters/http/gzip/config.cc b/source/extensions/filters/http/gzip/config.cc deleted file mode 100644 index e4344b8c9e35..000000000000 --- a/source/extensions/filters/http/gzip/config.cc +++ /dev/null @@ -1,48 +0,0 @@ -#include "extensions/filters/http/gzip/config.h" - -#include "extensions/filters/http/gzip/gzip_filter.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Gzip { - -Http::FilterFactoryCb GzipFilterFactory::createFilterFactoryFromProtoTyped( - const envoy::extensions::filters::http::gzip::v3::Gzip& proto_config, - const std::string& stats_prefix, Server::Configuration::FactoryContext& context) { - // The current deprecation phase is fail-by-default. - const bool runtime_feature_default = false; - const char runtime_key[] = "envoy.deprecated_features.allow_deprecated_gzip_http_filter"; - const std::string warn_message = - "Using deprecated extension 'envoy.extensions.filters.http.gzip'. This " - "extension will be removed from Envoy soon. Please use " - "'envoy.extensions.filters.http.compressor' instead."; - - if (context.runtime().snapshot().deprecatedFeatureEnabled(runtime_key, runtime_feature_default)) { - ENVOY_LOG_MISC(warn, "{}", warn_message); - } else { - throw EnvoyException( - warn_message + - " If continued use of this extension is absolutely necessary, see " - "https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime" - "#using-runtime-overrides-for-deprecated-features for how to apply a temporary and " - "highly discouraged override."); - } - - Common::Compressors::CompressorFilterConfigSharedPtr config = std::make_shared( - proto_config, stats_prefix, context.scope(), context.runtime()); - return [config](Http::FilterChainFactoryCallbacks& callbacks) -> void { - callbacks.addStreamFilter(std::make_shared(config)); - }; -} - -/** - * Static registration for the gzip filter. @see NamedHttpFilterConfigFactory. - */ -REGISTER_FACTORY(GzipFilterFactory, - Server::Configuration::NamedHttpFilterConfigFactory){"envoy.gzip"}; - -} // namespace Gzip -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/gzip/config.h b/source/extensions/filters/http/gzip/config.h deleted file mode 100644 index b91f55699430..000000000000 --- a/source/extensions/filters/http/gzip/config.h +++ /dev/null @@ -1,34 +0,0 @@ -#pragma once - -#include "envoy/extensions/filters/http/gzip/v3/gzip.pb.h" -#include "envoy/extensions/filters/http/gzip/v3/gzip.pb.validate.h" - -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Gzip { - -/** - * Config registration for the gzip filter. @see NamedHttpFilterConfigFactory. - */ -class GzipFilterFactory - : public Common::FactoryBase { -public: - GzipFilterFactory() : FactoryBase(HttpFilterNames::get().EnvoyGzip) {} - -private: - Http::FilterFactoryCb - createFilterFactoryFromProtoTyped(const envoy::extensions::filters::http::gzip::v3::Gzip& config, - const std::string& stats_prefix, - Server::Configuration::FactoryContext& context) override; -}; - -DECLARE_FACTORY(GzipFilterFactory); - -} // namespace Gzip -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/gzip/gzip_filter.cc b/source/extensions/filters/http/gzip/gzip_filter.cc deleted file mode 100644 index 804c3b9bd337..000000000000 --- a/source/extensions/filters/http/gzip/gzip_filter.cc +++ /dev/null @@ -1,107 +0,0 @@ -#include "extensions/filters/http/gzip/gzip_filter.h" - -#include "envoy/config/core/v3/base.pb.h" - -#include "common/http/headers.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/protobuf.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Gzip { - -namespace { -// Default zlib memory level. -const uint64_t DefaultMemoryLevel = 5; - -// Default and maximum compression window size. -const uint64_t DefaultWindowBits = 12; - -// When logical OR'ed to window bits, this sets a gzip header and trailer around the compressed -// data. -const uint64_t GzipHeaderValue = 16; - -} // namespace - -GzipFilterConfig::GzipFilterConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip, - const std::string& stats_prefix, Stats::Scope& scope, - Runtime::Loader& runtime) - : CompressorFilterConfig(compressorConfig(gzip), stats_prefix + "gzip.", scope, runtime, - Http::CustomHeaders::get().ContentEncodingValues.Gzip), - compression_level_(compressionLevelEnum(gzip.compression_level())), - compression_strategy_(compressionStrategyEnum(gzip.compression_strategy())), - memory_level_(memoryLevelUint(gzip.memory_level().value())), - window_bits_(windowBitsUint(gzip.window_bits().value())), - chunk_size_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(gzip, chunk_size, 4096)) {} - -Envoy::Compression::Compressor::CompressorPtr GzipFilterConfig::makeCompressor() { - auto compressor = - std::make_unique(chunk_size_); - compressor->init(compressionLevel(), compressionStrategy(), windowBits(), memoryLevel()); - return compressor; -} - -Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel -GzipFilterConfig::compressionLevelEnum( - envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::Enum compression_level) { - switch (compression_level) { - case envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::BEST: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Best; - case envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::SPEED: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Speed; - default: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Standard; - } -} - -Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy -GzipFilterConfig::compressionStrategyEnum( - envoy::extensions::filters::http::gzip::v3::Gzip::CompressionStrategy compression_strategy) { - switch (compression_strategy) { - case envoy::extensions::filters::http::gzip::v3::Gzip::RLE: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Rle; - case envoy::extensions::filters::http::gzip::v3::Gzip::FILTERED: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Filtered; - case envoy::extensions::filters::http::gzip::v3::Gzip::HUFFMAN: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Huffman; - default: - return Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Standard; - } -} - -uint64_t GzipFilterConfig::memoryLevelUint(Protobuf::uint32 level) { - return level > 0 ? level : DefaultMemoryLevel; -} - -uint64_t GzipFilterConfig::windowBitsUint(Protobuf::uint32 window_bits) { - return (window_bits > 0 ? window_bits : DefaultWindowBits) | GzipHeaderValue; -} - -const envoy::extensions::filters::http::compressor::v3::Compressor -GzipFilterConfig::compressorConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip) { - if (gzip.has_compressor()) { - return gzip.compressor(); - } - envoy::extensions::filters::http::compressor::v3::Compressor compressor = {}; - if (gzip.has_hidden_envoy_deprecated_content_length()) { - compressor.set_allocated_content_length( - // According to - // https://developers.google.com/protocol-buffers/docs/reference/cpp-generated#embeddedmessage - // the message Compressor takes ownership of the allocated Protobuf::Uint32Value object. - new Protobuf::UInt32Value(gzip.hidden_envoy_deprecated_content_length())); - } - // NOLINTNEXTLINE(clang-analyzer-cplusplus.NewDeleteLeaks) - for (const std::string& ctype : gzip.hidden_envoy_deprecated_content_type()) { - compressor.add_content_type(ctype); - } - compressor.set_disable_on_etag_header(gzip.hidden_envoy_deprecated_disable_on_etag_header()); - compressor.set_remove_accept_encoding_header( - gzip.hidden_envoy_deprecated_remove_accept_encoding_header()); - return compressor; -} - -} // namespace Gzip -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/gzip/gzip_filter.h b/source/extensions/filters/http/gzip/gzip_filter.h deleted file mode 100644 index be30f081a043..000000000000 --- a/source/extensions/filters/http/gzip/gzip_filter.h +++ /dev/null @@ -1,61 +0,0 @@ -#pragma once - -#include "envoy/extensions/filters/http/gzip/v3/gzip.pb.h" - -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" -#include "extensions/filters/http/common/compressor/compressor.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Gzip { - -/** - * Configuration for the gzip filter. - */ -class GzipFilterConfig : public Common::Compressors::CompressorFilterConfig { - -public: - GzipFilterConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime); - - Envoy::Compression::Compressor::CompressorPtr makeCompressor() override; - - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compressionLevel() const { - return compression_level_; - } - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy - compressionStrategy() const { - return compression_strategy_; - } - - uint64_t memoryLevel() const { return memory_level_; } - uint64_t windowBits() const { return window_bits_; } - uint32_t chunkSize() const { return chunk_size_; } - -private: - static Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compressionLevelEnum( - envoy::extensions::filters::http::gzip::v3::Gzip::CompressionLevel::Enum compression_level); - static Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy - compressionStrategyEnum( - envoy::extensions::filters::http::gzip::v3::Gzip::CompressionStrategy compression_strategy); - - static uint64_t memoryLevelUint(Protobuf::uint32 level); - static uint64_t windowBitsUint(Protobuf::uint32 window_bits); - - // TODO(rojkov): this is going to be deprecated when the old configuration fields are dropped. - static const envoy::extensions::filters::http::compressor::v3::Compressor - compressorConfig(const envoy::extensions::filters::http::gzip::v3::Gzip& gzip); - - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel compression_level_; - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy compression_strategy_; - - const int32_t memory_level_; - const int32_t window_bits_; - const uint32_t chunk_size_; -}; - -} // namespace Gzip -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/http/header_to_metadata/BUILD b/source/extensions/filters/http/header_to_metadata/BUILD index aa13db4517e1..ff6b8466a427 100644 --- a/source/extensions/filters/http/header_to_metadata/BUILD +++ b/source/extensions/filters/http/header_to_metadata/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( srcs = ["header_to_metadata_filter.cc"], hdrs = ["header_to_metadata_filter.h"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:base64_lib", + "//source/common/config:well_known_names", "//source/common/http:header_utility_lib", "//source/common/http:utility_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/header_to_metadata/v3:pkg_cc_proto", ], ) @@ -30,12 +30,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/header_to_metadata:header_to_metadata_filter_lib", "@envoy_api//envoy/extensions/filters/http/header_to_metadata/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/header_to_metadata/config.cc b/source/extensions/filters/http/header_to_metadata/config.cc index e51104c658da..1412e662fbce 100644 --- a/source/extensions/filters/http/header_to_metadata/config.cc +++ b/source/extensions/filters/http/header_to_metadata/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/header_to_metadata/config.h" +#include "source/extensions/filters/http/header_to_metadata/config.h" #include @@ -6,9 +6,8 @@ #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/header_to_metadata/config.h b/source/extensions/filters/http/header_to_metadata/config.h index 247fa1c535e3..82dbc7f7301f 100644 --- a/source/extensions/filters/http/header_to_metadata/config.h +++ b/source/extensions/filters/http/header_to_metadata/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace HeaderToMetadataFilter { class HeaderToMetadataConfig : public Common::FactoryBase { public: - HeaderToMetadataConfig() : FactoryBase(HttpFilterNames::get().HeaderToMetadata) {} + HeaderToMetadataConfig() : FactoryBase("envoy.filters.http.header_to_metadata") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.cc b/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.cc index 2d5358f89aeb..2b556e40a45f 100644 --- a/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.cc +++ b/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.cc @@ -1,15 +1,13 @@ -#include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" +#include "source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" -#include "common/common/base64.h" -#include "common/common/regex.h" -#include "common/config/well_known_names.h" -#include "common/http/header_utility.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/base64.h" +#include "source/common/common/regex.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/numbers.h" #include "absl/strings/string_view.h" @@ -213,7 +211,8 @@ bool HeaderToMetadataFilter::addMetadata(StructMap& map, const std::string& meta } const std::string& HeaderToMetadataFilter::decideNamespace(const std::string& nspace) const { - return nspace.empty() ? HttpFilterNames::get().HeaderToMetadata : nspace; + static const std::string& headerToMetadata = "envoy.filters.http.header_to_metadata"; + return nspace.empty() ? headerToMetadata : nspace; } // add metadata['key']= value depending on header present or missing case @@ -268,7 +267,7 @@ const Config* HeaderToMetadataFilter::getConfig() const { } effective_config_ = Http::Utility::resolveMostSpecificPerFilterConfig( - HttpFilterNames::get().HeaderToMetadata, decoder_callbacks_->route()); + "envoy.filters.http.header_to_metadata", decoder_callbacks_->route()); if (effective_config_) { return effective_config_; } diff --git a/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h b/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h index a9bb0476f966..b135f412bca8 100644 --- a/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h +++ b/source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h @@ -7,8 +7,8 @@ #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/health_check/BUILD b/source/extensions/filters/http/health_check/BUILD index c54f3bf2ad17..3a6077d479d1 100644 --- a/source/extensions/filters/http/health_check/BUILD +++ b/source/extensions/filters/http/health_check/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( srcs = ["health_check.cc"], hdrs = ["health_check.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", @@ -37,18 +37,15 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//test/common/filter/http:__subpackages__", "//test/integration:__subpackages__", "//test/server:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/http:header_utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/health_check:health_check_lib", "@envoy_api//envoy/extensions/filters/http/health_check/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/health_check/config.cc b/source/extensions/filters/http/health_check/config.cc index 7baa31b01daa..faad4fce070c 100644 --- a/source/extensions/filters/http/health_check/config.cc +++ b/source/extensions/filters/http/health_check/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/health_check/config.h" +#include "source/extensions/filters/http/health_check/config.h" #include @@ -6,10 +6,9 @@ #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/health_check/health_check.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/health_check/health_check.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/health_check/config.h b/source/extensions/filters/http/health_check/config.h index e42bdacd03b7..11b87db5a72c 100644 --- a/source/extensions/filters/http/health_check/config.h +++ b/source/extensions/filters/http/health_check/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.h" #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -14,7 +13,7 @@ namespace HealthCheck { class HealthCheckFilterConfig : public Common::FactoryBase { public: - HealthCheckFilterConfig() : FactoryBase(HttpFilterNames::get().HealthCheck) {} + HealthCheckFilterConfig() : FactoryBase("envoy.filters.http.health_check") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/health_check/health_check.cc b/source/extensions/filters/http/health_check/health_check.cc index 65713a721c1c..4a15e62df9f9 100644 --- a/source/extensions/filters/http/health_check/health_check.cc +++ b/source/extensions/filters/http/health_check/health_check.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/health_check/health_check.h" +#include "source/extensions/filters/http/health_check/health_check.h" #include #include @@ -7,13 +7,13 @@ #include "envoy/event/timer.h" #include "envoy/http/header_map.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/health_check/health_check.h b/source/extensions/filters/http/health_check/health_check.h index d11f0d3a80a9..674ed59af58e 100644 --- a/source/extensions/filters/http/health_check/health_check.h +++ b/source/extensions/filters/http/health_check/health_check.h @@ -9,7 +9,7 @@ #include "envoy/http/filter.h" #include "envoy/server/filter_config.h" -#include "common/http/header_utility.h" +#include "source/common/http/header_utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ip_tagging/BUILD b/source/extensions/filters/http/ip_tagging/BUILD index 2c75ece83a99..33f905265651 100644 --- a/source/extensions/filters/http/ip_tagging/BUILD +++ b/source/extensions/filters/http/ip_tagging/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["ip_tagging_filter.cc"], hdrs = ["ip_tagging_filter.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/http:filter_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", @@ -33,16 +33,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/ip_tagging:ip_tagging_filter_lib", "@envoy_api//envoy/extensions/filters/http/ip_tagging/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/ip_tagging/config.cc b/source/extensions/filters/http/ip_tagging/config.cc index 4b66bb2d34a0..7ee7d5797fb2 100644 --- a/source/extensions/filters/http/ip_tagging/config.cc +++ b/source/extensions/filters/http/ip_tagging/config.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/http/ip_tagging/config.h" +#include "source/extensions/filters/http/ip_tagging/config.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/ip_tagging/ip_tagging_filter.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/ip_tagging/ip_tagging_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ip_tagging/config.h b/source/extensions/filters/http/ip_tagging/config.h index b9d296096f1d..750466d8eeb8 100644 --- a/source/extensions/filters/http/ip_tagging/config.h +++ b/source/extensions/filters/http/ip_tagging/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace IpTagging { class IpTaggingFilterFactory : public Common::FactoryBase { public: - IpTaggingFilterFactory() : FactoryBase(HttpFilterNames::get().IpTagging) {} + IpTaggingFilterFactory() : FactoryBase("envoy.filters.http.ip_tagging") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/ip_tagging/ip_tagging_filter.cc b/source/extensions/filters/http/ip_tagging/ip_tagging_filter.cc index ed68cbe77144..3d308294ecb0 100644 --- a/source/extensions/filters/http/ip_tagging/ip_tagging_filter.cc +++ b/source/extensions/filters/http/ip_tagging/ip_tagging_filter.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/ip_tagging/ip_tagging_filter.h" +#include "source/extensions/filters/http/ip_tagging/ip_tagging_filter.h" #include "envoy/config/core/v3/address.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" #include "absl/strings/str_join.h" diff --git a/source/extensions/filters/http/ip_tagging/ip_tagging_filter.h b/source/extensions/filters/http/ip_tagging/ip_tagging_filter.h index a37c5b9006a8..3753122a3dff 100644 --- a/source/extensions/filters/http/ip_tagging/ip_tagging_filter.h +++ b/source/extensions/filters/http/ip_tagging/ip_tagging_filter.h @@ -12,9 +12,9 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" -#include "common/network/cidr_range.h" -#include "common/network/lc_trie.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/lc_trie.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/jwt_authn/BUILD b/source/extensions/filters/http/jwt_authn/BUILD index 0d5895dfbd5a..86f2cb511839 100644 --- a/source/extensions/filters/http/jwt_authn/BUILD +++ b/source/extensions/filters/http/jwt_authn/BUILD @@ -20,6 +20,33 @@ envoy_cc_library( ], ) +envoy_cc_library( + name = "stats_lib", + hdrs = ["stats.h"], + deps = [ + "//envoy/stats:stats_macros", + ], +) + +envoy_cc_library( + name = "jwks_async_fetcher_lib", + srcs = ["jwks_async_fetcher.cc"], + hdrs = ["jwks_async_fetcher.h"], + external_deps = [ + "jwt_verify_lib", + ], + deps = [ + ":stats_lib", + "//envoy/server:factory_context_interface", + "//source/common/common:minimal_logger_lib", + "//source/common/init:target_lib", + "//source/common/protobuf:utility_lib", + "//source/common/tracing:http_tracer_lib", + "//source/extensions/filters/http/common:jwks_fetcher_lib", + "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", + ], +) + envoy_cc_library( name = "jwks_cache_lib", srcs = ["jwks_cache.cc"], @@ -28,9 +55,8 @@ envoy_cc_library( "jwt_verify_lib", ], deps = [ - "//source/common/common:minimal_logger_lib", + "jwks_async_fetcher_lib", "//source/common/config:datasource_lib", - "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) @@ -42,8 +68,8 @@ envoy_cc_library( deps = [ ":extractor_lib", ":jwks_cache_lib", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_macros", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_macros", "//source/common/http:message_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/http/common:jwks_fetcher_lib", @@ -58,11 +84,10 @@ envoy_cc_library( "jwt_verify_lib", ], deps = [ - ":filter_config_interface", + ":filter_config_lib", ":matchers_lib", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/http:headers_lib", - "//source/extensions/filters/http:well_known_names", ], ) @@ -70,13 +95,9 @@ envoy_cc_extension( name = "config", srcs = ["filter_factory.cc"], hdrs = ["filter_factory.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", - status = "alpha", deps = [ ":filter_lib", - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], @@ -103,22 +124,22 @@ envoy_cc_library( deps = [ ":authenticator_lib", ":extractor_lib", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) envoy_cc_library( - name = "filter_config_interface", + name = "filter_config_lib", srcs = ["filter_config.cc"], hdrs = ["filter_config.h"], deps = [ ":jwks_cache_lib", ":matchers_lib", - "//include/envoy/router:string_accessor_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/router:string_accessor_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_macros", + "//envoy/thread_local:thread_local_interface", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/http/jwt_authn/authenticator.cc b/source/extensions/filters/http/jwt_authn/authenticator.cc index ff30bf5760ea..ee5aa0b1cc00 100644 --- a/source/extensions/filters/http/jwt_authn/authenticator.cc +++ b/source/extensions/filters/http/jwt_authn/authenticator.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/http/jwt_authn/authenticator.h" +#include "source/extensions/filters/http/jwt_authn/authenticator.h" #include "envoy/http/async_client.h" -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/tracing/http_tracer_impl.h" #include "jwt_verify_lib/jwt.h" #include "jwt_verify_lib/verify.h" @@ -222,6 +221,7 @@ void AuthenticatorImpl::startVerify() { } void AuthenticatorImpl::onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) { + jwks_cache_.stats().jwks_fetch_success_.inc(); const Status status = jwks_data_->setRemoteJwks(std::move(jwks))->getStatus(); if (status != Status::Ok) { doneWithStatus(status); @@ -230,7 +230,10 @@ void AuthenticatorImpl::onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) { } } -void AuthenticatorImpl::onJwksError(Failure) { doneWithStatus(Status::JwksFetchFail); } +void AuthenticatorImpl::onJwksError(Failure) { + jwks_cache_.stats().jwks_fetch_failed_.inc(); + doneWithStatus(Status::JwksFetchFail); +} void AuthenticatorImpl::onDestroy() { if (fetcher_) { @@ -249,12 +252,9 @@ void AuthenticatorImpl::verifyKey() { // Forward the payload const auto& provider = jwks_data_->getJwtProvider(); - if (!provider.forward_payload_header().empty()) { - std::string payload_with_padding = jwt_->payload_str_base64url_; - Base64::completePadding(payload_with_padding); headers_->addCopy(Http::LowerCaseString(provider.forward_payload_header()), - payload_with_padding); + jwt_->payload_str_base64url_); } if (!provider.forward()) { diff --git a/source/extensions/filters/http/jwt_authn/authenticator.h b/source/extensions/filters/http/jwt_authn/authenticator.h index 928a8045b843..f8dd647c7f4f 100644 --- a/source/extensions/filters/http/jwt_authn/authenticator.h +++ b/source/extensions/filters/http/jwt_authn/authenticator.h @@ -2,9 +2,8 @@ #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/jwks_fetcher.h" -#include "extensions/filters/http/jwt_authn/extractor.h" -#include "extensions/filters/http/jwt_authn/jwks_cache.h" +#include "source/extensions/filters/http/jwt_authn/extractor.h" +#include "source/extensions/filters/http/jwt_authn/jwks_cache.h" #include "jwt_verify_lib/check_audience.h" #include "jwt_verify_lib/status.h" @@ -21,11 +20,6 @@ using AuthenticatorCallback = std::function; -/** - * CreateJwksFetcherCb is a callback interface for creating a JwksFetcher instance. - */ -using CreateJwksFetcherCb = std::function; - /** * Authenticator object to handle all JWT authentication flow. */ diff --git a/source/extensions/filters/http/jwt_authn/extractor.cc b/source/extensions/filters/http/jwt_authn/extractor.cc index 68e338c6421a..8b78af98d0a9 100644 --- a/source/extensions/filters/http/jwt_authn/extractor.cc +++ b/source/extensions/filters/http/jwt_authn/extractor.cc @@ -1,14 +1,14 @@ -#include "extensions/filters/http/jwt_authn/extractor.h" +#include "source/extensions/filters/http/jwt_authn/extractor.h" #include #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/common/utility.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/singleton/const_singleton.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" diff --git a/source/extensions/filters/http/jwt_authn/extractor.h b/source/extensions/filters/http/jwt_authn/extractor.h index 921e489e7c18..98fb637c05fb 100644 --- a/source/extensions/filters/http/jwt_authn/extractor.h +++ b/source/extensions/filters/http/jwt_authn/extractor.h @@ -6,7 +6,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/http/header_map.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/jwt_authn/filter.cc b/source/extensions/filters/http/jwt_authn/filter.cc index 343ebc1cbeff..14711ad2c80f 100644 --- a/source/extensions/filters/http/jwt_authn/filter.cc +++ b/source/extensions/filters/http/jwt_authn/filter.cc @@ -1,9 +1,7 @@ -#include "extensions/filters/http/jwt_authn/filter.h" +#include "source/extensions/filters/http/jwt_authn/filter.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" #include "absl/strings/str_split.h" #include "jwt_verify_lib/status.h" @@ -68,7 +66,7 @@ Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, const Verifier* verifier = nullptr; const auto* per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( - HttpFilterNames::get().JwtAuthn, decoder_callbacks_->route()); + "envoy.filters.http.jwt_authn", decoder_callbacks_->route()); if (per_route_config != nullptr) { std::string error_msg; std::tie(verifier, error_msg) = config_->findPerRouteVerifier(*per_route_config); @@ -101,7 +99,7 @@ Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, } void Filter::setPayload(const ProtobufWkt::Struct& payload) { - decoder_callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().JwtAuthn, payload); + decoder_callbacks_->streamInfo().setDynamicMetadata("envoy.filters.http.jwt_authn", payload); } void Filter::onComplete(const Status& status) { diff --git a/source/extensions/filters/http/jwt_authn/filter.h b/source/extensions/filters/http/jwt_authn/filter.h index 732eb1ca913d..f4d95f04d900 100644 --- a/source/extensions/filters/http/jwt_authn/filter.h +++ b/source/extensions/filters/http/jwt_authn/filter.h @@ -2,12 +2,11 @@ #include "envoy/http/filter.h" -#include "common/common/lock_guard.h" -#include "common/common/logger.h" -#include "common/common/thread.h" - -#include "extensions/filters/http/jwt_authn/filter_config.h" -#include "extensions/filters/http/jwt_authn/matcher.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" +#include "source/extensions/filters/http/jwt_authn/matcher.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/jwt_authn/filter_config.cc b/source/extensions/filters/http/jwt_authn/filter_config.cc index a35ddf038824..8d2874290678 100644 --- a/source/extensions/filters/http/jwt_authn/filter_config.cc +++ b/source/extensions/filters/http/jwt_authn/filter_config.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/jwt_authn/filter_config.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" #include // std::sort -#include "common/common/empty_string.h" +#include "source/common/common/empty_string.h" using envoy::extensions::filters::http::jwt_authn::v3::RequirementRule; @@ -19,8 +19,7 @@ FilterConfigImpl::FilterConfigImpl( ENVOY_LOG(debug, "Loaded JwtAuthConfig: {}", proto_config_.DebugString()); - jwks_cache_ = - JwksCache::create(proto_config_, time_source_, context.api(), context.threadLocal()); + jwks_cache_ = JwksCache::create(proto_config_, context, Common::JwksFetcher::create, stats_); std::vector names; for (const auto& it : proto_config_.requirement_map()) { diff --git a/source/extensions/filters/http/jwt_authn/filter_config.h b/source/extensions/filters/http/jwt_authn/filter_config.h index d659dbf95135..b2508e4aa704 100644 --- a/source/extensions/filters/http/jwt_authn/filter_config.h +++ b/source/extensions/filters/http/jwt_authn/filter_config.h @@ -8,8 +8,9 @@ #include "envoy/stats/stats_macros.h" #include "envoy/thread_local/thread_local.h" -#include "extensions/filters/http/jwt_authn/matcher.h" -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/extensions/filters/http/jwt_authn/matcher.h" +#include "source/extensions/filters/http/jwt_authn/stats.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "absl/container/flat_hash_map.h" @@ -18,21 +19,6 @@ namespace Extensions { namespace HttpFilters { namespace JwtAuthn { -/** - * All stats for the Jwt Authn filter. @see stats_macros.h - */ -#define ALL_JWT_AUTHN_FILTER_STATS(COUNTER) \ - COUNTER(allowed) \ - COUNTER(cors_preflight_bypassed) \ - COUNTER(denied) - -/** - * Wrapper struct for jwt_authn filter stats. @see stats_macros.h - */ -struct JwtAuthnFilterStats { - ALL_JWT_AUTHN_FILTER_STATS(GENERATE_COUNTER_STRUCT) -}; - /** * The per-route filter config */ diff --git a/source/extensions/filters/http/jwt_authn/filter_factory.cc b/source/extensions/filters/http/jwt_authn/filter_factory.cc index 579571bd3d05..e2dc2b99ebb0 100644 --- a/source/extensions/filters/http/jwt_authn/filter_factory.cc +++ b/source/extensions/filters/http/jwt_authn/filter_factory.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/http/jwt_authn/filter_factory.h" +#include "source/extensions/filters/http/jwt_authn/filter_factory.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/datasource.h" - -#include "extensions/filters/http/jwt_authn/filter.h" +#include "source/common/config/datasource.h" +#include "source/extensions/filters/http/jwt_authn/filter.h" #include "jwt_verify_lib/jwks.h" diff --git a/source/extensions/filters/http/jwt_authn/filter_factory.h b/source/extensions/filters/http/jwt_authn/filter_factory.h index c0398c71e421..b447f9b43902 100644 --- a/source/extensions/filters/http/jwt_authn/filter_factory.h +++ b/source/extensions/filters/http/jwt_authn/filter_factory.h @@ -4,8 +4,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -19,7 +18,7 @@ class FilterFactory : public Common::FactoryBase { public: - FilterFactory() : FactoryBase(HttpFilterNames::get().JwtAuthn) {} + FilterFactory() : FactoryBase("envoy.filters.http.jwt_authn") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.cc b/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.cc new file mode 100644 index 000000000000..ddd7350d44d3 --- /dev/null +++ b/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.cc @@ -0,0 +1,98 @@ +#include "source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h" + +#include "source/common/protobuf/utility.h" +#include "source/common/tracing/http_tracer_impl.h" + +using envoy::extensions::filters::http::jwt_authn::v3::RemoteJwks; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace JwtAuthn { +namespace { + +// Default cache expiration time in 5 minutes. +constexpr int PubkeyCacheExpirationSec = 600; + +} // namespace + +JwksAsyncFetcher::JwksAsyncFetcher(const RemoteJwks& remote_jwks, + Server::Configuration::FactoryContext& context, + CreateJwksFetcherCb create_fetcher_fn, + JwtAuthnFilterStats& stats, JwksDoneFetched done_fn) + : remote_jwks_(remote_jwks), context_(context), create_fetcher_fn_(create_fetcher_fn), + stats_(stats), done_fn_(done_fn), cache_duration_(getCacheDuration(remote_jwks)), + debug_name_(absl::StrCat("Jwks async fetching url=", remote_jwks_.http_uri().uri())) { + // if async_fetch is not enabled, do nothing. + if (!remote_jwks_.has_async_fetch()) { + return; + } + + cache_duration_timer_ = context_.dispatcher().createTimer([this]() -> void { fetch(); }); + + // For fast_listener, just trigger a fetch, not register with init_manager. + if (remote_jwks_.async_fetch().fast_listener()) { + fetch(); + return; + } + + // Register to init_manager, force the listener to wait for the fetching. + init_target_ = std::make_unique(debug_name_, [this]() -> void { fetch(); }); + context_.initManager().add(*init_target_); +} + +std::chrono::seconds JwksAsyncFetcher::getCacheDuration(const RemoteJwks& remote_jwks) { + if (remote_jwks.has_cache_duration()) { + return std::chrono::seconds(DurationUtil::durationToSeconds(remote_jwks.cache_duration())); + } + return std::chrono::seconds(PubkeyCacheExpirationSec); +} + +void JwksAsyncFetcher::fetch() { + if (fetcher_) { + fetcher_->cancel(); + } + + ENVOY_LOG(debug, "{}: started", debug_name_); + fetcher_ = create_fetcher_fn_(context_.clusterManager()); + fetcher_->fetch(remote_jwks_.http_uri(), Tracing::NullSpan::instance(), *this); +} + +void JwksAsyncFetcher::handleFetchDone() { + if (init_target_) { + init_target_->ready(); + init_target_.reset(); + } + + cache_duration_timer_->enableTimer(cache_duration_); +} + +void JwksAsyncFetcher::onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) { + stats_.jwks_fetch_success_.inc(); + + done_fn_(std::move(jwks)); + handleFetchDone(); + + // Note: not to free fetcher_ within onJwksSuccess or onJwksError function. + // They are passed to fetcher_->fetch() and are called by fetcher_ after fetch is done. + // After calling these callback functions, fetch_ calls its reset() function. + // If fetcher_ is freed by the callback, calling reset() will crash. + + // Not need to free fetcher_. At the next fetch(), it will be freed with a cancel() call. + // The cancel() is needed to cancel the old call before the new one is created. + // But it is a no-op if the call is completed. +} + +void JwksAsyncFetcher::onJwksError(Failure) { + stats_.jwks_fetch_failed_.inc(); + + ENVOY_LOG(warn, "{}: failed", debug_name_); + handleFetchDone(); + + // Note: not to free fetcher_ in this function. Please see comment at onJwksSuccess. +} + +} // namespace JwtAuthn +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h b/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h new file mode 100644 index 000000000000..0d6247394eba --- /dev/null +++ b/source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h @@ -0,0 +1,84 @@ +#pragma once + +#include + +#include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" +#include "envoy/server/factory_context.h" + +#include "source/common/common/logger.h" +#include "source/common/init/target_impl.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" +#include "source/extensions/filters/http/jwt_authn/stats.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace JwtAuthn { + +/** + * CreateJwksFetcherCb is a callback interface for creating a JwksFetcher instance. + */ +using CreateJwksFetcherCb = std::function; +/** + * JwksDoneFetched is a callback interface to set a Jwks when fetch is done. + */ +using JwksDoneFetched = std::function; + +// This class handles fetching Jwks asynchronously. +// It will be no-op if async_fetch is not enabled. +// At its constructor, it will start to fetch Jwks, register with init_manager if not fast_listener. +// and handle fetching response. When cache is expired, it will fetch again. +// When a Jwks is fetched, done_fn is called to set the Jwks. +class JwksAsyncFetcher : public Logger::Loggable, + public Common::JwksFetcher::JwksReceiver { +public: + JwksAsyncFetcher(const envoy::extensions::filters::http::jwt_authn::v3::RemoteJwks& remote_jwks, + Server::Configuration::FactoryContext& context, CreateJwksFetcherCb fetcher_fn, + JwtAuthnFilterStats& stats, JwksDoneFetched done_fn); + + // Get the remote Jwks cache duration. + static std::chrono::seconds + getCacheDuration(const envoy::extensions::filters::http::jwt_authn::v3::RemoteJwks& remote_jwks); + +private: + // Fetch the Jwks + void fetch(); + // Handle fetch done. + void handleFetchDone(); + + // Override the functions from Common::JwksFetcher::JwksReceiver + void onJwksSuccess(google::jwt_verify::JwksPtr&& jwks) override; + void onJwksError(Failure reason) override; + + // the remote Jwks config + const envoy::extensions::filters::http::jwt_authn::v3::RemoteJwks& remote_jwks_; + // the factory context + Server::Configuration::FactoryContext& context_; + // the jwks fetcher creator function + const CreateJwksFetcherCb create_fetcher_fn_; + // stats + JwtAuthnFilterStats& stats_; + // the Jwks done function. + const JwksDoneFetched done_fn_; + + // The Jwks fetcher object + Common::JwksFetcherPtr fetcher_; + + // The cache duration. + const std::chrono::seconds cache_duration_; + // The timer to trigger fetch due to cache duration. + Envoy::Event::TimerPtr cache_duration_timer_; + + // The init target. + std::unique_ptr init_target_; + + // Used in logs. + const std::string debug_name_; +}; + +using JwksAsyncFetcherPtr = std::unique_ptr; + +} // namespace JwtAuthn +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/jwt_authn/jwks_cache.cc b/source/extensions/filters/http/jwt_authn/jwks_cache.cc index 7204199fe3e5..673b4f6823d8 100644 --- a/source/extensions/filters/http/jwt_authn/jwks_cache.cc +++ b/source/extensions/filters/http/jwt_authn/jwks_cache.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/jwt_authn/jwks_cache.h" +#include "source/extensions/filters/http/jwt_authn/jwks_cache.h" #include #include "envoy/common/time.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/common/logger.h" -#include "common/config/datasource.h" -#include "common/protobuf/utility.h" +#include "source/common/common/logger.h" +#include "source/common/config/datasource.h" #include "absl/container/node_hash_map.h" #include "jwt_verify_lib/check_audience.h" @@ -23,16 +22,12 @@ namespace HttpFilters { namespace JwtAuthn { namespace { -// Default cache expiration time in 5 minutes. -constexpr int PubkeyCacheExpirationSec = 600; - -using JwksSharedPtr = std::shared_ptr<::google::jwt_verify::Jwks>; - class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable { public: - JwksDataImpl(const JwtProvider& jwt_provider, TimeSource& time_source, Api::Api& api, - ThreadLocal::SlotAllocator& tls) - : jwt_provider_(jwt_provider), time_source_(time_source), tls_(tls) { + JwksDataImpl(const JwtProvider& jwt_provider, Server::Configuration::FactoryContext& context, + CreateJwksFetcherCb fetcher_cb, JwtAuthnFilterStats& stats) + : jwt_provider_(jwt_provider), time_source_(context.timeSource()), + tls_(context.threadLocal()) { std::vector audiences; for (const auto& aud : jwt_provider_.audiences()) { @@ -42,7 +37,8 @@ class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable(); }); - const auto inline_jwks = Config::DataSource::read(jwt_provider_.local_jwks(), true, api); + const auto inline_jwks = + Config::DataSource::read(jwt_provider_.local_jwks(), true, context.api()); if (!inline_jwks.empty()) { auto jwks = ::google::jwt_verify::Jwks::createFrom(inline_jwks, ::google::jwt_verify::Jwks::JWKS); @@ -50,7 +46,14 @@ class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable( + jwt_provider_.remote_jwks(), context, fetcher_cb, stats, + [this](google::jwt_verify::JwksPtr&& jwks) { setJwksToAllThreads(std::move(jwks)); }); } } } @@ -65,44 +68,32 @@ class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable= tls_->expire_; } - const ::google::jwt_verify::Jwks* setRemoteJwks(::google::jwt_verify::JwksPtr&& jwks) override { + const ::google::jwt_verify::Jwks* setRemoteJwks(JwksConstPtr&& jwks) override { // convert unique_ptr to shared_ptr - JwksSharedPtr shared_jwks(jwks.release()); + JwksConstSharedPtr shared_jwks = std::move(jwks); tls_->jwks_ = shared_jwks; - tls_->expire_ = getRemoteJwksExpirationTime(); + tls_->expire_ = time_source_.monotonicTime() + + JwksAsyncFetcher::getCacheDuration(jwt_provider_.remote_jwks()); return shared_jwks.get(); } private: struct ThreadLocalCache : public ThreadLocal::ThreadLocalObject { // The jwks object. - JwksSharedPtr jwks_; + JwksConstSharedPtr jwks_; // The pubkey expiration time. MonotonicTime expire_; }; // Set jwks shared_ptr to all threads. - void setJwksToAllThreads(::google::jwt_verify::JwksPtr&& jwks, - std::chrono::steady_clock::time_point expire) { - JwksSharedPtr shared_jwks(jwks.release()); - tls_.runOnAllThreads([shared_jwks, expire](OptRef obj) { + void setJwksToAllThreads(JwksConstPtr&& jwks) { + JwksConstSharedPtr shared_jwks = std::move(jwks); + tls_.runOnAllThreads([shared_jwks](OptRef obj) { obj->jwks_ = shared_jwks; - obj->expire_ = expire; + obj->expire_ = std::chrono::steady_clock::time_point::max(); }); } - // Get the expiration time for a remote Jwks - std::chrono::steady_clock::time_point getRemoteJwksExpirationTime() const { - auto expire = time_source_.monotonicTime(); - if (jwt_provider_.has_remote_jwks() && jwt_provider_.remote_jwks().has_cache_duration()) { - expire += std::chrono::milliseconds( - DurationUtil::durationToMilliseconds(jwt_provider_.remote_jwks().cache_duration())); - } else { - expire += std::chrono::seconds(PubkeyCacheExpirationSec); - } - return expire; - } - // The jwt provider config. const JwtProvider& jwt_provider_; // Check audience object @@ -111,6 +102,8 @@ class JwksDataImpl : public JwksCache::JwksData, public Logger::Loggable tls_; + // async fetcher + JwksAsyncFetcherPtr async_fetcher_; }; using JwksDataImplPtr = std::unique_ptr; @@ -118,11 +111,12 @@ using JwksDataImplPtr = std::unique_ptr; class JwksCacheImpl : public JwksCache { public: // Load the config from envoy config. - JwksCacheImpl(const JwtAuthentication& config, TimeSource& time_source, Api::Api& api, - ThreadLocal::SlotAllocator& tls) { + JwksCacheImpl(const JwtAuthentication& config, Server::Configuration::FactoryContext& context, + CreateJwksFetcherCb fetcher_fn, JwtAuthnFilterStats& stats) + : stats_(stats) { for (const auto& it : config.providers()) { const auto& provider = it.second; - auto jwks_data = std::make_unique(provider, time_source, api, tls); + auto jwks_data = std::make_unique(provider, context, fetcher_fn, stats); if (issuer_ptr_map_.find(provider.issuer()) == issuer_ptr_map_.end()) { issuer_ptr_map_.emplace(provider.issuer(), jwks_data.get()); } @@ -148,6 +142,8 @@ class JwksCacheImpl : public JwksCache { NOT_REACHED_GCOVR_EXCL_LINE; } + JwtAuthnFilterStats& stats() override { return stats_; } + private: JwksData* findIssuerMap(const std::string& issuer) { const auto& it = issuer_ptr_map_.find(issuer); @@ -157,6 +153,8 @@ class JwksCacheImpl : public JwksCache { return it->second; } + // stats + JwtAuthnFilterStats& stats_; // The Jwks data map indexed by provider. absl::node_hash_map jwks_data_map_; // The Jwks data pointer map indexed by issuer. @@ -167,8 +165,9 @@ class JwksCacheImpl : public JwksCache { JwksCachePtr JwksCache::create(const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& config, - TimeSource& time_source, Api::Api& api, ThreadLocal::SlotAllocator& tls) { - return std::make_unique(config, time_source, api, tls); + Server::Configuration::FactoryContext& context, CreateJwksFetcherCb fetcher_fn, + JwtAuthnFilterStats& stats) { + return std::make_unique(config, context, fetcher_fn, stats); } } // namespace JwtAuthn diff --git a/source/extensions/filters/http/jwt_authn/jwks_cache.h b/source/extensions/filters/http/jwt_authn/jwks_cache.h index e3b56348a740..0efcb2393136 100644 --- a/source/extensions/filters/http/jwt_authn/jwks_cache.h +++ b/source/extensions/filters/http/jwt_authn/jwks_cache.h @@ -6,6 +6,10 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/thread_local/thread_local.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" +#include "source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h" +#include "source/extensions/filters/http/jwt_authn/stats.h" + #include "jwt_verify_lib/jwks.h" namespace Envoy { @@ -16,6 +20,9 @@ namespace JwtAuthn { class JwksCache; using JwksCachePtr = std::unique_ptr; +using JwksConstPtr = std::unique_ptr; +using JwksConstSharedPtr = std::shared_ptr; + /** * Interface to access all configured Jwt rules and their cached Jwks objects. * It only caches Jwks specified in the config. @@ -57,8 +64,7 @@ class JwksCache { virtual bool isExpired() const PURE; // Set a remote Jwks. - virtual const ::google::jwt_verify::Jwks* - setRemoteJwks(::google::jwt_verify::JwksPtr&& jwks) PURE; + virtual const ::google::jwt_verify::Jwks* setRemoteJwks(JwksConstPtr&& jwks) PURE; }; // Lookup issuer cache map. The cache only stores Jwks specified in the config. @@ -67,10 +73,13 @@ class JwksCache { // Lookup provider cache map. virtual JwksData* findByProvider(const std::string& provider) PURE; + virtual JwtAuthnFilterStats& stats() PURE; + // Factory function to create an instance. static JwksCachePtr create(const envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication& config, - TimeSource& time_source, Api::Api& api, ThreadLocal::SlotAllocator& tls); + Server::Configuration::FactoryContext& context, CreateJwksFetcherCb fetcher_fn, + JwtAuthnFilterStats& stats); }; } // namespace JwtAuthn diff --git a/source/extensions/filters/http/jwt_authn/matcher.cc b/source/extensions/filters/http/jwt_authn/matcher.cc index a1599dac5394..7eb1cfcab9d8 100644 --- a/source/extensions/filters/http/jwt_authn/matcher.cc +++ b/source/extensions/filters/http/jwt_authn/matcher.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/http/jwt_authn/matcher.h" +#include "source/extensions/filters/http/jwt_authn/matcher.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/common/regex.h" -#include "common/router/config_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/common/regex.h" +#include "source/common/router/config_impl.h" #include "absl/strings/match.h" @@ -108,19 +108,11 @@ class PathMatcherImpl : public BaseMatcherImpl { */ class RegexMatcherImpl : public BaseMatcherImpl { public: - RegexMatcherImpl(const RequirementRule& rule) : BaseMatcherImpl(rule) { - // TODO(yangminzhu): Use PathMatcher once hidden_envoy_deprecated_regex is removed. - if (rule.match().path_specifier_case() == - envoy::config::route::v3::RouteMatch::PathSpecifierCase::kHiddenEnvoyDeprecatedRegex) { - regex_ = Regex::Utility::parseStdRegexAsCompiledMatcher( - rule.match().hidden_envoy_deprecated_regex()); - regex_str_ = rule.match().hidden_envoy_deprecated_regex(); - } else { - ASSERT(rule.match().path_specifier_case() == - envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); - regex_ = Regex::Utility::parseRegex(rule.match().safe_regex()); - regex_str_ = rule.match().safe_regex().regex(); - } + RegexMatcherImpl(const RequirementRule& rule) + : BaseMatcherImpl(rule), regex_str_(rule.match().safe_regex().regex()), + path_matcher_(Matchers::PathMatcher::createSafeRegex(rule.match().safe_regex())) { + ASSERT(rule.match().path_specifier_case() == + envoy::config::route::v3::RouteMatch::PathSpecifierCase::kSafeRegex); } bool matches(const Http::RequestHeaderMap& headers) const override { @@ -129,7 +121,7 @@ class RegexMatcherImpl : public BaseMatcherImpl { const absl::string_view query_string = Http::Utility::findQueryStringStart(path); absl::string_view path_view = path.getStringView(); path_view.remove_suffix(query_string.length()); - if (regex_->match(path_view)) { + if (path_matcher_->match(path_view)) { ENVOY_LOG(debug, "Regex requirement '{}' matched.", regex_str_); return true; } @@ -138,9 +130,9 @@ class RegexMatcherImpl : public BaseMatcherImpl { } private: - Regex::CompiledMatcherPtr regex_; // raw regex string, for logging. - std::string regex_str_; + const std::string regex_str_; + const Matchers::PathMatcherConstSharedPtr path_matcher_; }; /** diff --git a/source/extensions/filters/http/jwt_authn/stats.h b/source/extensions/filters/http/jwt_authn/stats.h new file mode 100644 index 000000000000..f1eccce13560 --- /dev/null +++ b/source/extensions/filters/http/jwt_authn/stats.h @@ -0,0 +1,30 @@ +#pragma once + +#include "envoy/stats/stats_macros.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace JwtAuthn { + +/** + * All stats for the Jwt Authn filter. @see stats_macros.h + */ +#define ALL_JWT_AUTHN_FILTER_STATS(COUNTER) \ + COUNTER(allowed) \ + COUNTER(cors_preflight_bypassed) \ + COUNTER(denied) \ + COUNTER(jwks_fetch_success) \ + COUNTER(jwks_fetch_failed) + +/** + * Wrapper struct for jwt_authn filter stats. @see stats_macros.h + */ +struct JwtAuthnFilterStats { + ALL_JWT_AUTHN_FILTER_STATS(GENERATE_COUNTER_STRUCT) +}; + +} // namespace JwtAuthn +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/jwt_authn/verifier.cc b/source/extensions/filters/http/jwt_authn/verifier.cc index 83361c8edd7b..c22c446cc98e 100644 --- a/source/extensions/filters/http/jwt_authn/verifier.cc +++ b/source/extensions/filters/http/jwt_authn/verifier.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" diff --git a/source/extensions/filters/http/jwt_authn/verifier.h b/source/extensions/filters/http/jwt_authn/verifier.h index b66c157fb45e..2b62ed4bcec9 100644 --- a/source/extensions/filters/http/jwt_authn/verifier.h +++ b/source/extensions/filters/http/jwt_authn/verifier.h @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "extensions/filters/http/jwt_authn/authenticator.h" +#include "source/extensions/filters/http/jwt_authn/authenticator.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/kill_request/BUILD b/source/extensions/filters/http/kill_request/BUILD index 09faef093742..1e18a74597c3 100644 --- a/source/extensions/filters/http/kill_request/BUILD +++ b/source/extensions/filters/http/kill_request/BUILD @@ -14,14 +14,13 @@ envoy_cc_library( srcs = ["kill_request_filter.cc"], hdrs = ["kill_request_filter.h"], deps = [ - "//include/envoy/common:random_generator_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", + "//envoy/common:random_generator_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", "//source/common/http:header_map_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/kill_request/v3:pkg_cc_proto", ], ) @@ -30,11 +29,8 @@ envoy_cc_extension( name = "kill_request_config", srcs = ["kill_request_config.cc"], hdrs = ["kill_request_config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/kill_request:kill_request_filter_lib", "@envoy_api//envoy/extensions/filters/http/kill_request/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/kill_request/kill_request_config.cc b/source/extensions/filters/http/kill_request/kill_request_config.cc index cb371c098da2..ba74b8c16da9 100644 --- a/source/extensions/filters/http/kill_request/kill_request_config.cc +++ b/source/extensions/filters/http/kill_request/kill_request_config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/kill_request/kill_request_config.h" +#include "source/extensions/filters/http/kill_request/kill_request_config.h" #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.h" #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/kill_request/kill_request_filter.h" +#include "source/extensions/filters/http/kill_request/kill_request_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/kill_request/kill_request_config.h b/source/extensions/filters/http/kill_request/kill_request_config.h index 4e56068d7750..4343da40a74d 100644 --- a/source/extensions/filters/http/kill_request/kill_request_config.h +++ b/source/extensions/filters/http/kill_request/kill_request_config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.h" #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace KillRequest { class KillRequestFilterFactory : public Common::FactoryBase { public: - KillRequestFilterFactory() : FactoryBase(HttpFilterNames::get().KillRequest) {} + KillRequestFilterFactory() : FactoryBase("envoy.filters.http.kill_request") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/kill_request/kill_request_filter.cc b/source/extensions/filters/http/kill_request/kill_request_filter.cc index 7cf10a23bc1b..62f3e9b8d3cc 100644 --- a/source/extensions/filters/http/kill_request/kill_request_filter.cc +++ b/source/extensions/filters/http/kill_request/kill_request_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/kill_request/kill_request_filter.h" +#include "source/extensions/filters/http/kill_request/kill_request_filter.h" #include #include @@ -6,9 +6,8 @@ #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.h" #include "envoy/http/header_map.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { @@ -52,18 +51,15 @@ Http::FilterHeadersStatus KillRequestFilter::decodeHeaders(Http::RequestHeaderMa } // Route-level configuration overrides filter-level configuration. - if (decoder_callbacks_->route() && decoder_callbacks_->route()->routeEntry()) { - const std::string& name = Extensions::HttpFilters::HttpFilterNames::get().KillRequest; - const auto* route_entry = decoder_callbacks_->route()->routeEntry(); - - const auto* per_route_kill_settings = - route_entry->mostSpecificPerFilterConfigTyped(name); - - if (per_route_kill_settings) { - is_correct_direction = per_route_kill_settings->getDirection() == KillRequest::REQUEST; - envoy::type::v3::FractionalPercent probability = per_route_kill_settings->getProbability(); - kill_request_.set_allocated_probability(&probability); - } + const auto* per_route_kill_settings = + Http::Utility::resolveMostSpecificPerFilterConfig( + "envoy.filters.http.kill_request", decoder_callbacks_->route()); + + if (per_route_kill_settings) { + is_correct_direction = per_route_kill_settings->getDirection() == KillRequest::REQUEST; + // Allocate the probability into kill_request in case the lifetime of + // per_route_kill_settings does not match that of kill_request_ + kill_request_.mutable_probability()->CopyFrom(per_route_kill_settings->getProbability()); } if (is_kill_request && is_correct_direction && isKillRequestEnabled()) { diff --git a/source/extensions/filters/http/kill_request/kill_request_filter.h b/source/extensions/filters/http/kill_request/kill_request_filter.h index be84624ea62f..b97c66fa14b1 100644 --- a/source/extensions/filters/http/kill_request/kill_request_filter.h +++ b/source/extensions/filters/http/kill_request/kill_request_filter.h @@ -7,8 +7,8 @@ #include "envoy/http/filter.h" #include "envoy/http/header_map.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/local_ratelimit/BUILD b/source/extensions/filters/http/local_ratelimit/BUILD index f60271193bc6..e1842983b466 100644 --- a/source/extensions/filters/http/local_ratelimit/BUILD +++ b/source/extensions/filters/http/local_ratelimit/BUILD @@ -17,9 +17,9 @@ envoy_cc_library( srcs = ["local_ratelimit.cc"], hdrs = ["local_ratelimit.h"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_macros", + "//envoy/http:codes_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_macros", "//source/common/common:utility_lib", "//source/common/http:header_utility_lib", "//source/common/http:headers_lib", @@ -36,11 +36,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", deps = [ ":local_ratelimit_lib", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/protobuf:utility_lib", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/local_ratelimit/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/local_ratelimit/config.cc b/source/extensions/filters/http/local_ratelimit/config.cc index a5e629d88055..15c710727696 100644 --- a/source/extensions/filters/http/local_ratelimit/config.cc +++ b/source/extensions/filters/http/local_ratelimit/config.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/http/local_ratelimit/config.h" +#include "source/extensions/filters/http/local_ratelimit/config.h" #include #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/local_ratelimit/local_ratelimit.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/local_ratelimit/local_ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/local_ratelimit/config.h b/source/extensions/filters/http/local_ratelimit/config.h index 4ee849e368be..96ae7caa5b89 100644 --- a/source/extensions/filters/http/local_ratelimit/config.h +++ b/source/extensions/filters/http/local_ratelimit/config.h @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/local_ratelimit/local_ratelimit.cc b/source/extensions/filters/http/local_ratelimit/local_ratelimit.cc index 30ed854930e5..b216b15075af 100644 --- a/source/extensions/filters/http/local_ratelimit/local_ratelimit.cc +++ b/source/extensions/filters/http/local_ratelimit/local_ratelimit.cc @@ -1,30 +1,36 @@ -#include "extensions/filters/http/local_ratelimit/local_ratelimit.h" +#include "source/extensions/filters/http/local_ratelimit/local_ratelimit.h" #include #include #include "envoy/http/codes.h" -#include "common/http/utility.h" -#include "common/router/config_impl.h" +#include "source/common/http/utility.h" +#include "source/common/router/config_impl.h" namespace Envoy { namespace Extensions { namespace HttpFilters { namespace LocalRateLimitFilter { +const std::string& PerConnectionRateLimiter::key() { + CONSTRUCT_ON_FIRST_USE(std::string, "per_connection_local_rate_limiter"); +} + FilterConfig::FilterConfig( const envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit& config, const LocalInfo::LocalInfo& local_info, Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::Loader& runtime, const bool per_route) : status_(toErrorCode(config.status().code())), stats_(generateStats(config.stat_prefix(), scope)), + fill_interval_(std::chrono::milliseconds( + PROTOBUF_GET_MS_OR_DEFAULT(config.token_bucket(), fill_interval, 0))), + max_tokens_(config.token_bucket().max_tokens()), + tokens_per_fill_(PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.token_bucket(), tokens_per_fill, 1)), + descriptors_(config.descriptors()), + rate_limit_per_connection_(config.local_rate_limit_per_downstream_connection()), rate_limiter_(Filters::Common::LocalRateLimit::LocalRateLimiterImpl( - std::chrono::milliseconds( - PROTOBUF_GET_MS_OR_DEFAULT(config.token_bucket(), fill_interval, 0)), - config.token_bucket().max_tokens(), - PROTOBUF_GET_WRAPPED_OR_DEFAULT(config.token_bucket(), tokens_per_fill, 1), dispatcher, - config.descriptors())), + fill_interval_, max_tokens_, tokens_per_fill_, dispatcher, descriptors_)), local_info_(local_info), runtime_(runtime), filter_enabled_( config.has_filter_enabled() @@ -84,7 +90,7 @@ Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, populateDescriptors(descriptors, headers); } - if (config->requestAllowed(descriptors)) { + if (requestAllowed(descriptors)) { config->stats().ok_.inc(); return Http::FilterHeadersStatus::Continue; } @@ -109,6 +115,34 @@ Http::FilterHeadersStatus Filter::decodeHeaders(Http::RequestHeaderMap& headers, return Http::FilterHeadersStatus::StopIteration; } +bool Filter::requestAllowed(absl::Span request_descriptors) { + const auto* config = getConfig(); + return config->rateLimitPerConnection() + ? getPerConnectionRateLimiter().requestAllowed(request_descriptors) + : config->requestAllowed(request_descriptors); +} + +const Filters::Common::LocalRateLimit::LocalRateLimiterImpl& Filter::getPerConnectionRateLimiter() { + const auto* config = getConfig(); + ASSERT(config->rateLimitPerConnection()); + + if (!decoder_callbacks_->streamInfo().filterState()->hasData( + PerConnectionRateLimiter::key())) { + decoder_callbacks_->streamInfo().filterState()->setData( + PerConnectionRateLimiter::key(), + std::make_unique( + config->fillInterval(), config->maxTokens(), config->tokensPerFill(), + decoder_callbacks_->dispatcher(), config->descriptors()), + StreamInfo::FilterState::StateType::ReadOnly, + StreamInfo::FilterState::LifeSpan::Connection); + } + + return decoder_callbacks_->streamInfo() + .filterState() + ->getDataReadOnly(PerConnectionRateLimiter::key()) + .value(); +} + void Filter::populateDescriptors(std::vector& descriptors, Http::RequestHeaderMap& headers) { Router::RouteConstSharedPtr route = decoder_callbacks_->route(); diff --git a/source/extensions/filters/http/local_ratelimit/local_ratelimit.h b/source/extensions/filters/http/local_ratelimit/local_ratelimit.h index af27e23efe4e..5b485e6b999f 100644 --- a/source/extensions/filters/http/local_ratelimit/local_ratelimit.h +++ b/source/extensions/filters/http/local_ratelimit/local_ratelimit.h @@ -12,14 +12,13 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/assert.h" -#include "common/http/header_map_impl.h" -#include "common/router/header_parser.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/header_parser.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { @@ -42,6 +41,23 @@ struct LocalRateLimitStats { ALL_LOCAL_RATE_LIMIT_STATS(GENERATE_COUNTER_STRUCT) }; +class PerConnectionRateLimiter : public StreamInfo::FilterState::Object { +public: + PerConnectionRateLimiter( + const std::chrono::milliseconds& fill_interval, uint32_t max_tokens, uint32_t tokens_per_fill, + Envoy::Event::Dispatcher& dispatcher, + const Protobuf::RepeatedPtrField< + envoy::extensions::common::ratelimit::v3::LocalRateLimitDescriptor>& descriptor) + : rate_limiter_(fill_interval, max_tokens, tokens_per_fill, dispatcher, descriptor) {} + static const std::string& key(); + const Filters::Common::LocalRateLimit::LocalRateLimiterImpl& value() const { + return rate_limiter_; + } + +private: + Filters::Common::LocalRateLimit::LocalRateLimiterImpl rate_limiter_; +}; + /** * Global configuration for the HTTP local rate limit filter. */ @@ -62,6 +78,15 @@ class FilterConfig : public Router::RouteSpecificFilterConfig { Http::Code status() const { return status_; } uint64_t stage() const { return stage_; } bool hasDescriptors() const { return has_descriptors_; } + const std::chrono::milliseconds& fillInterval() const { return fill_interval_; } + uint32_t maxTokens() const { return max_tokens_; } + uint32_t tokensPerFill() const { return tokens_per_fill_; } + const Protobuf::RepeatedPtrField< + envoy::extensions::common::ratelimit::v3::LocalRateLimitDescriptor>& + descriptors() const { + return descriptors_; + } + bool rateLimitPerConnection() const { return rate_limit_per_connection_; } private: friend class FilterTest; @@ -78,6 +103,13 @@ class FilterConfig : public Router::RouteSpecificFilterConfig { const Http::Code status_; mutable LocalRateLimitStats stats_; + const std::chrono::milliseconds fill_interval_; + const uint32_t max_tokens_; + const uint32_t tokens_per_fill_; + const Protobuf::RepeatedPtrField< + envoy::extensions::common::ratelimit::v3::LocalRateLimitDescriptor> + descriptors_; + const bool rate_limit_per_connection_; Filters::Common::LocalRateLimit::LocalRateLimiterImpl rate_limiter_; const LocalInfo::LocalInfo& local_info_; Runtime::Loader& runtime_; @@ -108,6 +140,8 @@ class Filter : public Http::PassThroughFilter { void populateDescriptors(std::vector& descriptors, Http::RequestHeaderMap& headers); + const Filters::Common::LocalRateLimit::LocalRateLimiterImpl& getPerConnectionRateLimiter(); + bool requestAllowed(absl::Span request_descriptors); const FilterConfig* getConfig() const; FilterConfigSharedPtr config_; diff --git a/source/extensions/filters/http/lua/BUILD b/source/extensions/filters/http/lua/BUILD index 9d6c381a0989..5b102a5e2a6c 100644 --- a/source/extensions/filters/http/lua/BUILD +++ b/source/extensions/filters/http/lua/BUILD @@ -18,9 +18,9 @@ envoy_cc_library( hdrs = ["lua_filter.h"], deps = [ ":wrappers_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/config:datasource_lib", @@ -29,7 +29,6 @@ envoy_cc_library( "//source/extensions/common:utility_lib", "//source/extensions/filters/common/lua:lua_lib", "//source/extensions/filters/common/lua:wrappers_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/lua/v3:pkg_cc_proto", ], @@ -40,8 +39,8 @@ envoy_cc_library( srcs = ["wrappers.cc"], hdrs = ["wrappers.h"], deps = [ - "//include/envoy/http:header_map_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/http:header_map_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/crypto:utility_lib", "//source/common/http:header_utility_lib", "//source/common/http:utility_lib", @@ -55,11 +54,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/lua:lua_filter_lib", "@envoy_api//envoy/extensions/filters/http/lua/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/lua/config.cc b/source/extensions/filters/http/lua/config.cc index 6bc518bf6659..6ed6ba6ddcd9 100644 --- a/source/extensions/filters/http/lua/config.cc +++ b/source/extensions/filters/http/lua/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/lua/config.h" +#include "source/extensions/filters/http/lua/config.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/lua/lua_filter.h" +#include "source/extensions/filters/http/lua/lua_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/lua/config.h b/source/extensions/filters/http/lua/config.h index b2057c532f2b..0e486e536612 100644 --- a/source/extensions/filters/http/lua/config.h +++ b/source/extensions/filters/http/lua/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class LuaFilterConfig : public Common::FactoryBase { public: - LuaFilterConfig() : FactoryBase(HttpFilterNames::get().Lua) {} + LuaFilterConfig() : FactoryBase("envoy.filters.http.lua") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/lua/lua_filter.cc b/source/extensions/filters/http/lua/lua_filter.cc index 883101fa0efe..8ff3ded5a54e 100644 --- a/source/extensions/filters/http/lua/lua_filter.cc +++ b/source/extensions/filters/http/lua/lua_filter.cc @@ -1,16 +1,16 @@ -#include "extensions/filters/http/lua/lua_filter.h" +#include "source/extensions/filters/http/lua/lua_filter.h" #include #include #include "envoy/http/codes.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/config/datasource.h" -#include "common/crypto/utility.h" -#include "common/http/message_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/config/datasource.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/message_impl.h" #include "absl/strings/escaping.h" @@ -40,7 +40,7 @@ bool allowDeprecatedMetadataName() { if (!deprecatedNameLogged().exchange(true)) { // Have not logged yet, so use the logging test. return Extensions::Common::Utility::ExtensionNameUtil::allowDeprecatedExtensionName( - "http filter", DEPRECATED_LUA_NAME, Extensions::HttpFilters::HttpFilterNames::get().Lua); + "http filter", DEPRECATED_LUA_NAME, "envoy.filters.http.lua"); } // We have logged (or another thread will do so momentarily), so just check whether the @@ -56,7 +56,7 @@ const ProtobufWkt::Struct& getMetadata(Http::StreamFilterCallbacks* callbacks) { const auto& metadata = callbacks->route()->routeEntry()->metadata(); { - const auto& filter_it = metadata.filter_metadata().find(HttpFilterNames::get().Lua); + const auto& filter_it = metadata.filter_metadata().find("envoy.filters.http.lua"); if (filter_it != metadata.filter_metadata().end()) { return filter_it->second; } diff --git a/source/extensions/filters/http/lua/lua_filter.h b/source/extensions/filters/http/lua/lua_filter.h index 5595eb72a41d..e779d9fdf424 100644 --- a/source/extensions/filters/http/lua/lua_filter.h +++ b/source/extensions/filters/http/lua/lua_filter.h @@ -4,14 +4,12 @@ #include "envoy/http/filter.h" #include "envoy/upstream/cluster_manager.h" -#include "common/crypto/utility.h" -#include "common/http/utility.h" - -#include "extensions/common/utility.h" -#include "extensions/filters/common/lua/wrappers.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/lua/wrappers.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/utility.h" +#include "source/extensions/common/utility.h" +#include "source/extensions/filters/common/lua/wrappers.h" +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/lua/wrappers.h" namespace Envoy { namespace Extensions { @@ -412,7 +410,7 @@ PerLuaCodeSetup* getPerLuaCodeSetup(const FilterConfig* filter_config, const FilterConfigPerRoute* config_per_route = nullptr; if (callbacks && callbacks->route()) { config_per_route = Http::Utility::resolveMostSpecificPerFilterConfig( - HttpFilterNames::get().Lua, callbacks->route()); + "envoy.filters.http.lua", callbacks->route()); } if (config_per_route != nullptr) { diff --git a/source/extensions/filters/http/lua/wrappers.cc b/source/extensions/filters/http/lua/wrappers.cc index 04fa2842ea64..04bd6a7b3eac 100644 --- a/source/extensions/filters/http/lua/wrappers.cc +++ b/source/extensions/filters/http/lua/wrappers.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/http/lua/wrappers.h" +#include "source/extensions/filters/http/lua/wrappers.h" -#include "common/http/header_utility.h" -#include "common/http/utility.h" - -#include "extensions/filters/common/lua/wrappers.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/common/lua/wrappers.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/lua/wrappers.h b/source/extensions/filters/http/lua/wrappers.h index 7168fe7768c7..e04ca24f4739 100644 --- a/source/extensions/filters/http/lua/wrappers.h +++ b/source/extensions/filters/http/lua/wrappers.h @@ -3,11 +3,10 @@ #include "envoy/http/header_map.h" #include "envoy/stream_info/stream_info.h" -#include "common/crypto/utility.h" - -#include "extensions/common/crypto/crypto_impl.h" -#include "extensions/filters/common/lua/lua.h" -#include "extensions/filters/common/lua/wrappers.h" +#include "source/common/crypto/utility.h" +#include "source/extensions/common/crypto/crypto_impl.h" +#include "source/extensions/filters/common/lua/lua.h" +#include "source/extensions/filters/common/lua/wrappers.h" #include "openssl/evp.h" diff --git a/source/extensions/filters/http/oauth2/BUILD b/source/extensions/filters/http/oauth2/BUILD index 7fc8a96a6cf3..e0d8962aca9c 100644 --- a/source/extensions/filters/http/oauth2/BUILD +++ b/source/extensions/filters/http/oauth2/BUILD @@ -29,8 +29,8 @@ envoy_cc_library( hdrs = ["oauth_client.h"], deps = [ ":oauth_response_cc_proto", - "//include/envoy/http:async_client_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:async_client_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/http:message_lib", "//source/common/http:utility_lib", "//source/common/protobuf:message_validator_lib", @@ -45,7 +45,7 @@ envoy_cc_library( hdrs = ["filter.h"], deps = [ ":oauth_client", - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/config:datasource_lib", @@ -63,13 +63,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", - status = "alpha", deps = [ ":oauth_lib", - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/api/v2/auth:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/oauth2/v3alpha:pkg_cc_proto", diff --git a/source/extensions/filters/http/oauth2/config.cc b/source/extensions/filters/http/oauth2/config.cc index d51d798874e5..ef8cfc364cb3 100644 --- a/source/extensions/filters/http/oauth2/config.cc +++ b/source/extensions/filters/http/oauth2/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/oauth2/config.h" +#include "source/extensions/filters/http/oauth2/config.h" #include #include @@ -13,11 +13,10 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/oauth2/filter.h" -#include "extensions/filters/http/oauth2/oauth.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/oauth2/filter.h" +#include "source/extensions/filters/http/oauth2/oauth.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/oauth2/config.h b/source/extensions/filters/http/oauth2/config.h index f9f9399f6500..10f4fbc8b84d 100644 --- a/source/extensions/filters/http/oauth2/config.h +++ b/source/extensions/filters/http/oauth2/config.h @@ -5,8 +5,7 @@ #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.h" #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ namespace Oauth2 { class OAuth2Config : public Extensions::HttpFilters::Common::FactoryBase< envoy::extensions::filters::http::oauth2::v3alpha::OAuth2> { public: - OAuth2Config() : FactoryBase(HttpFilterNames::get().OAuth) {} + OAuth2Config() : FactoryBase("envoy.filters.http.oauth2") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::oauth2::v3alpha::OAuth2&, const std::string&, diff --git a/source/extensions/filters/http/oauth2/filter.cc b/source/extensions/filters/http/oauth2/filter.cc index ee449c7ff4ed..f7731ee44d7a 100644 --- a/source/extensions/filters/http/oauth2/filter.cc +++ b/source/extensions/filters/http/oauth2/filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/oauth2/filter.h" +#include "source/extensions/filters/http/oauth2/filter.h" #include #include @@ -6,19 +6,19 @@ #include #include -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/common/matchers.h" -#include "common/crypto/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/common/matchers.h" +#include "source/common/crypto/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" #include "absl/strings/escaping.h" #include "absl/strings/match.h" diff --git a/source/extensions/filters/http/oauth2/filter.h b/source/extensions/filters/http/oauth2/filter.h index bd70be95ed2d..e2e4b88be3b8 100644 --- a/source/extensions/filters/http/oauth2/filter.h +++ b/source/extensions/filters/http/oauth2/filter.h @@ -14,18 +14,17 @@ #include "envoy/stream_info/stream_info.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/matchers.h" -#include "common/config/datasource.h" -#include "common/formatter/substitution_formatter.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" -#include "common/http/rest_api_fetcher.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/common/pass_through_filter.h" -#include "extensions/filters/http/oauth2/oauth.h" -#include "extensions/filters/http/oauth2/oauth_client.h" +#include "source/common/common/assert.h" +#include "source/common/common/matchers.h" +#include "source/common/config/datasource.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/rest_api_fetcher.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/oauth2/oauth.h" +#include "source/extensions/filters/http/oauth2/oauth_client.h" #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/oauth2/oauth_client.cc b/source/extensions/filters/http/oauth2/oauth_client.cc index ec0793587448..24335ff6c390 100644 --- a/source/extensions/filters/http/oauth2/oauth_client.cc +++ b/source/extensions/filters/http/oauth2/oauth_client.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/oauth2/oauth_client.h" +#include "source/extensions/filters/http/oauth2/oauth_client.h" #include @@ -6,13 +6,12 @@ #include "envoy/http/message.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" - +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" #include "source/extensions/filters/http/oauth2/oauth_response.pb.h" namespace Envoy { diff --git a/source/extensions/filters/http/oauth2/oauth_client.h b/source/extensions/filters/http/oauth2/oauth_client.h index e270c327236e..acd680784f4e 100644 --- a/source/extensions/filters/http/oauth2/oauth_client.h +++ b/source/extensions/filters/http/oauth2/oauth_client.h @@ -8,11 +8,10 @@ #include "envoy/http/message.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/oauth2/oauth.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/http/oauth2/oauth.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/on_demand/BUILD b/source/extensions/filters/http/on_demand/BUILD index 72c5f6b33d56..4c8b298149b3 100644 --- a/source/extensions/filters/http/on_demand/BUILD +++ b/source/extensions/filters/http/on_demand/BUILD @@ -16,9 +16,9 @@ envoy_cc_library( srcs = ["on_demand_update.cc"], hdrs = ["on_demand_update.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:filter_interface", + "//envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", @@ -30,16 +30,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", # TODO(#9953) classify and clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/on_demand:on_demand_update_lib", "@envoy_api//envoy/extensions/filters/http/on_demand/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/on_demand/config.cc b/source/extensions/filters/http/on_demand/config.cc index 42d07ef4dca6..34fe2125354b 100644 --- a/source/extensions/filters/http/on_demand/config.cc +++ b/source/extensions/filters/http/on_demand/config.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/http/on_demand/config.h" +#include "source/extensions/filters/http/on_demand/config.h" #include "envoy/extensions/filters/http/on_demand/v3/on_demand.pb.validate.h" -#include "extensions/filters/http/on_demand/on_demand_update.h" +#include "source/extensions/filters/http/on_demand/on_demand_update.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/on_demand/config.h b/source/extensions/filters/http/on_demand/config.h index eb48654ab34c..1e87142fd60a 100644 --- a/source/extensions/filters/http/on_demand/config.h +++ b/source/extensions/filters/http/on_demand/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/on_demand/v3/on_demand.pb.h" #include "envoy/extensions/filters/http/on_demand/v3/on_demand.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace OnDemand { class OnDemandFilterFactory : public Common::FactoryBase { public: - OnDemandFilterFactory() : FactoryBase(HttpFilterNames::get().OnDemand) {} + OnDemandFilterFactory() : FactoryBase("envoy.filters.http.on_demand") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/on_demand/on_demand_update.cc b/source/extensions/filters/http/on_demand/on_demand_update.cc index 2e392846f3b0..25c952fc386d 100644 --- a/source/extensions/filters/http/on_demand/on_demand_update.cc +++ b/source/extensions/filters/http/on_demand/on_demand_update.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/http/on_demand/on_demand_update.h" +#include "source/extensions/filters/http/on_demand/on_demand_update.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/http/codes.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/http/codes.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/original_src/BUILD b/source/extensions/filters/http/original_src/BUILD index 3181285fc50a..6c6338f3a3b7 100644 --- a/source/extensions/filters/http/original_src/BUILD +++ b/source/extensions/filters/http/original_src/BUILD @@ -24,7 +24,7 @@ envoy_cc_library( hdrs = ["original_src.h"], deps = [ ":config_lib", - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/original_src:socket_option_factory_lib", @@ -35,14 +35,10 @@ envoy_cc_extension( name = "config", # The extension build system requires a library named config srcs = ["original_src_config_factory.cc"], hdrs = ["original_src_config_factory.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", - status = "alpha", deps = [ ":config_lib", ":original_src_lib", - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/original_src/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/original_src/config.cc b/source/extensions/filters/http/original_src/config.cc index d5a28eaebe47..1c1e4bae381e 100644 --- a/source/extensions/filters/http/original_src/config.cc +++ b/source/extensions/filters/http/original_src/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/original_src/config.h" +#include "source/extensions/filters/http/original_src/config.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" diff --git a/source/extensions/filters/http/original_src/original_src.cc b/source/extensions/filters/http/original_src/original_src.cc index ef5f5214ef13..a4ef7d19aa50 100644 --- a/source/extensions/filters/http/original_src/original_src.cc +++ b/source/extensions/filters/http/original_src/original_src.cc @@ -1,8 +1,7 @@ -#include "extensions/filters/http/original_src/original_src.h" +#include "source/extensions/filters/http/original_src/original_src.h" -#include "common/common/assert.h" - -#include "extensions/filters/common/original_src/socket_option_factory.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/common/original_src/socket_option_factory.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/original_src/original_src.h b/source/extensions/filters/http/original_src/original_src.h index 032f93ee6304..4d6ed7db1e81 100644 --- a/source/extensions/filters/http/original_src/original_src.h +++ b/source/extensions/filters/http/original_src/original_src.h @@ -3,9 +3,8 @@ #include "envoy/http/filter.h" #include "envoy/network/address.h" -#include "common/common/logger.h" - -#include "extensions/filters/http/original_src/config.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/http/original_src/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/original_src/original_src_config_factory.cc b/source/extensions/filters/http/original_src/original_src_config_factory.cc index e49efec8596f..a7bebc9111b5 100644 --- a/source/extensions/filters/http/original_src/original_src_config_factory.cc +++ b/source/extensions/filters/http/original_src/original_src_config_factory.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/http/original_src/original_src_config_factory.h" +#include "source/extensions/filters/http/original_src/original_src_config_factory.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/original_src/config.h" -#include "extensions/filters/http/original_src/original_src.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/original_src/config.h" +#include "source/extensions/filters/http/original_src/original_src.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/original_src/original_src_config_factory.h b/source/extensions/filters/http/original_src/original_src_config_factory.h index e9c3b6dd39b2..be1c8837cf99 100644 --- a/source/extensions/filters/http/original_src/original_src_config_factory.h +++ b/source/extensions/filters/http/original_src/original_src_config_factory.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ namespace OriginalSrc { class OriginalSrcConfigFactory : public Common::FactoryBase { public: - OriginalSrcConfigFactory() : FactoryBase(HttpFilterNames::get().OriginalSrc) {} + OriginalSrcConfigFactory() : FactoryBase("envoy.filters.http.original_src") {} Http::FilterFactoryCb createFilterFactoryFromProtoTyped( const envoy::extensions::filters::http::original_src::v3::OriginalSrc& proto_config, diff --git a/source/extensions/filters/http/ratelimit/BUILD b/source/extensions/filters/http/ratelimit/BUILD index 78ec6694d2a5..13a1ef2efe5b 100644 --- a/source/extensions/filters/http/ratelimit/BUILD +++ b/source/extensions/filters/http/ratelimit/BUILD @@ -18,8 +18,8 @@ envoy_cc_library( hdrs = ["ratelimit.h"], deps = [ ":ratelimit_headers_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/ratelimit:ratelimit_interface", + "//envoy/http:codes_interface", + "//envoy/ratelimit:ratelimit_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:enum_to_int", @@ -45,16 +45,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", deps = [ ":ratelimit_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/ratelimit/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/ratelimit/config.cc b/source/extensions/filters/http/ratelimit/config.cc index c0c393b2aa75..0db542d17a9a 100644 --- a/source/extensions/filters/http/ratelimit/config.cc +++ b/source/extensions/filters/http/ratelimit/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/ratelimit/config.h" +#include "source/extensions/filters/http/ratelimit/config.h" #include #include @@ -7,11 +7,10 @@ #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" -#include "extensions/filters/http/ratelimit/ratelimit.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/extensions/filters/http/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ratelimit/config.h b/source/extensions/filters/http/ratelimit/config.h index 82d22786acc5..918c340590cb 100644 --- a/source/extensions/filters/http/ratelimit/config.h +++ b/source/extensions/filters/http/ratelimit/config.h @@ -3,9 +3,8 @@ #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -20,7 +19,7 @@ class RateLimitFilterConfig envoy::extensions::filters::http::ratelimit::v3::RateLimit, envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute> { public: - RateLimitFilterConfig() : FactoryBase(HttpFilterNames::get().RateLimit) {} + RateLimitFilterConfig() : FactoryBase("envoy.filters.http.ratelimit") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/ratelimit/ratelimit.cc b/source/extensions/filters/http/ratelimit/ratelimit.cc index d97b6ea489cb..538c4f7425c0 100644 --- a/source/extensions/filters/http/ratelimit/ratelimit.cc +++ b/source/extensions/filters/http/ratelimit/ratelimit.cc @@ -1,19 +1,17 @@ -#include "extensions/filters/http/ratelimit/ratelimit.h" +#include "source/extensions/filters/http/ratelimit/ratelimit.h" #include #include #include "envoy/http/codes.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/http/codes.h" -#include "common/http/header_utility.h" -#include "common/router/config_impl.h" - -#include "extensions/filters/http/ratelimit/ratelimit_headers.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_utility.h" +#include "source/common/router/config_impl.h" +#include "source/extensions/filters/http/ratelimit/ratelimit_headers.h" namespace Envoy { namespace Extensions { @@ -153,8 +151,7 @@ void Filter::complete(Filters::Common::RateLimit::LimitStatus status, Filters::Common::RateLimit::StatNames& stat_names = config_->statNames(); if (dynamic_metadata != nullptr && !dynamic_metadata->fields().empty()) { - callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().RateLimit, - *dynamic_metadata); + callbacks_->streamInfo().setDynamicMetadata("envoy.filters.http.ratelimit", *dynamic_metadata); } switch (status) { @@ -176,7 +173,7 @@ void Filter::complete(Filters::Common::RateLimit::LimitStatus status, empty_stat_name, empty_stat_name, false}; - httpContext().codeStats().chargeResponseStat(info); + httpContext().codeStats().chargeResponseStat(info, false); if (config_->enableXEnvoyRateLimitedHeader()) { if (response_headers_to_add_ == nullptr) { response_headers_to_add_ = Http::ResponseHeaderMapImpl::create(); @@ -273,7 +270,7 @@ VhRateLimitOptions Filter::getVirtualHostRateLimitOption(const Router::RouteCons } else { const auto* specific_per_route_config = Http::Utility::resolveMostSpecificPerFilterConfig( - HttpFilterNames::get().RateLimit, route); + "envoy.filters.http.ratelimit", route); if (specific_per_route_config != nullptr) { switch (specific_per_route_config->virtualHostRateLimits()) { case envoy::extensions::filters::http::ratelimit::v3::RateLimitPerRoute::INCLUDE: diff --git a/source/extensions/filters/http/ratelimit/ratelimit.h b/source/extensions/filters/http/ratelimit/ratelimit.h index fc0341e050e3..bee2d04ff2e0 100644 --- a/source/extensions/filters/http/ratelimit/ratelimit.h +++ b/source/extensions/filters/http/ratelimit/ratelimit.h @@ -14,11 +14,10 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/common/ratelimit/stat_names.h" +#include "source/common/common/assert.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/common/ratelimit/stat_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/ratelimit/ratelimit_headers.cc b/source/extensions/filters/http/ratelimit/ratelimit_headers.cc index 097171b108f5..76644be416df 100644 --- a/source/extensions/filters/http/ratelimit/ratelimit_headers.cc +++ b/source/extensions/filters/http/ratelimit/ratelimit_headers.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/http/ratelimit/ratelimit_headers.h" +#include "source/extensions/filters/http/ratelimit/ratelimit_headers.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" #include "absl/strings/substitute.h" diff --git a/source/extensions/filters/http/ratelimit/ratelimit_headers.h b/source/extensions/filters/http/ratelimit/ratelimit_headers.h index 047bf495defc..671794142656 100644 --- a/source/extensions/filters/http/ratelimit/ratelimit_headers.h +++ b/source/extensions/filters/http/ratelimit/ratelimit_headers.h @@ -2,9 +2,8 @@ #include "envoy/http/header_map.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/common/ratelimit/ratelimit.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/rbac/BUILD b/source/extensions/filters/http/rbac/BUILD index 9cd4d9cbedd8..603f17ef8a4f 100644 --- a/source/extensions/filters/http/rbac/BUILD +++ b/source/extensions/filters/http/rbac/BUILD @@ -13,15 +13,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - # TODO(#9953) clean up. - extra_visibility = [ - "//test/integration:__subpackages__", - ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/rbac:rbac_filter_lib", "@envoy_api//envoy/extensions/filters/http/rbac/v3:pkg_cc_proto", @@ -33,12 +26,11 @@ envoy_cc_library( srcs = ["rbac_filter.cc"], hdrs = ["rbac_filter.h"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/stats:stats_macros", + "//envoy/http:filter_interface", + "//envoy/stats:stats_macros", "//source/common/http:utility_lib", "//source/extensions/filters/common/rbac:engine_lib", "//source/extensions/filters/common/rbac:utility_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/rbac/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/http/rbac/config.cc b/source/extensions/filters/http/rbac/config.cc index 4ead41107d5c..e389ee1030f1 100644 --- a/source/extensions/filters/http/rbac/config.cc +++ b/source/extensions/filters/http/rbac/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/rbac/config.h" +#include "source/extensions/filters/http/rbac/config.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/rbac/rbac_filter.h" +#include "source/extensions/filters/http/rbac/rbac_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/rbac/config.h b/source/extensions/filters/http/rbac/config.h index b4b377d4a226..57b5dc09f3b5 100644 --- a/source/extensions/filters/http/rbac/config.h +++ b/source/extensions/filters/http/rbac/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class RoleBasedAccessControlFilterConfigFactory : public Common::FactoryBase { public: - RoleBasedAccessControlFilterConfigFactory() : FactoryBase(HttpFilterNames::get().Rbac) {} + RoleBasedAccessControlFilterConfigFactory() : FactoryBase("envoy.filters.http.rbac") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/rbac/rbac_filter.cc b/source/extensions/filters/http/rbac/rbac_filter.cc index 9d75db7f661f..5b385758ec3d 100644 --- a/source/extensions/filters/http/rbac/rbac_filter.cc +++ b/source/extensions/filters/http/rbac/rbac_filter.cc @@ -1,11 +1,9 @@ -#include "extensions/filters/http/rbac/rbac_filter.h" +#include "source/extensions/filters/http/rbac/rbac_filter.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/stats/scope.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/utility.h" #include "absl/strings/str_join.h" @@ -26,15 +24,8 @@ RoleBasedAccessControlFilterConfig::RoleBasedAccessControlFilterConfig( const Filters::Common::RBAC::RoleBasedAccessControlEngineImpl* RoleBasedAccessControlFilterConfig::engine(const Router::RouteConstSharedPtr route, Filters::Common::RBAC::EnforcementMode mode) const { - if (!route || !route->routeEntry()) { - return engine(mode); - } - - const std::string& name = HttpFilterNames::get().Rbac; - const auto* entry = route->routeEntry(); - const auto* route_local = - entry->mostSpecificPerFilterConfigTyped( - name); + const auto* route_local = Http::Utility::resolveMostSpecificPerFilterConfig< + RoleBasedAccessControlRouteSpecificFilterConfig>("envoy.filters.http.rbac", route); if (route_local) { return route_local->engine(mode); @@ -97,7 +88,7 @@ RoleBasedAccessControlFilter::decodeHeaders(Http::RequestHeaderMap& headers, boo } *fields[config_->shadowEngineResultField()].mutable_string_value() = shadow_resp_code; - callbacks_->streamInfo().setDynamicMetadata(HttpFilterNames::get().Rbac, metrics); + callbacks_->streamInfo().setDynamicMetadata("envoy.filters.http.rbac", metrics); } const auto engine = diff --git a/source/extensions/filters/http/rbac/rbac_filter.h b/source/extensions/filters/http/rbac/rbac_filter.h index f70df4c6e8ee..41d38a9a37c1 100644 --- a/source/extensions/filters/http/rbac/rbac_filter.h +++ b/source/extensions/filters/http/rbac/rbac_filter.h @@ -7,10 +7,9 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/filters/common/rbac/engine_impl.h" -#include "extensions/filters/common/rbac/utility.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" +#include "source/extensions/filters/common/rbac/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/router/BUILD b/source/extensions/filters/http/router/BUILD index 3d78b2f303e0..508b8c50b9d6 100644 --- a/source/extensions/filters/http/router/BUILD +++ b/source/extensions/filters/http/router/BUILD @@ -15,15 +15,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/router:router_lib", "//source/common/router:shadow_writer_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/on_demand:on_demand_update_lib", "@envoy_api//envoy/extensions/filters/http/router/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/router/config.cc b/source/extensions/filters/http/router/config.cc index 4e18fbe802fb..75d4410ca9c1 100644 --- a/source/extensions/filters/http/router/config.cc +++ b/source/extensions/filters/http/router/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/http/router/config.h" +#include "source/extensions/filters/http/router/config.h" #include "envoy/extensions/filters/http/router/v3/router.pb.h" #include "envoy/extensions/filters/http/router/v3/router.pb.validate.h" -#include "common/router/router.h" -#include "common/router/shadow_writer_impl.h" +#include "source/common/router/router.h" +#include "source/common/router/shadow_writer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/router/config.h b/source/extensions/filters/http/router/config.h index 604c3423481b..86a0e5fb44c7 100644 --- a/source/extensions/filters/http/router/config.h +++ b/source/extensions/filters/http/router/config.h @@ -4,10 +4,8 @@ #include "envoy/extensions/filters/http/router/v3/router.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -20,7 +18,7 @@ namespace RouterFilter { class RouterFilterConfig : public Common::FactoryBase { public: - RouterFilterConfig() : FactoryBase(HttpFilterNames::get().Router) {} + RouterFilterConfig() : FactoryBase("envoy.filters.http.router") {} private: bool isTerminalFilterByProtoTyped(const envoy::extensions::filters::http::router::v3::Router&, diff --git a/source/extensions/filters/http/set_metadata/BUILD b/source/extensions/filters/http/set_metadata/BUILD new file mode 100644 index 000000000000..202518f40375 --- /dev/null +++ b/source/extensions/filters/http/set_metadata/BUILD @@ -0,0 +1,37 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +envoy_extension_package() + +envoy_cc_library( + name = "set_metadata_filter_lib", + srcs = ["set_metadata_filter.cc"], + hdrs = ["set_metadata_filter.h"], + deps = [ + "//envoy/server:filter_config_interface", + "//source/common/config:well_known_names", + "//source/common/http:utility_lib", + "//source/common/protobuf:utility_lib", + "//source/extensions/filters/http/common:pass_through_filter_lib", + "@envoy_api//envoy/extensions/filters/http/set_metadata/v3:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + "//envoy/registry", + "//source/common/protobuf:utility_lib", + "//source/extensions/filters/http/common:factory_base_lib", + "//source/extensions/filters/http/set_metadata:set_metadata_filter_lib", + "@envoy_api//envoy/extensions/filters/http/set_metadata/v3:pkg_cc_proto", + ], +) diff --git a/source/extensions/filters/http/set_metadata/config.cc b/source/extensions/filters/http/set_metadata/config.cc new file mode 100644 index 000000000000..cb3ef84cb224 --- /dev/null +++ b/source/extensions/filters/http/set_metadata/config.cc @@ -0,0 +1,33 @@ +#include "source/extensions/filters/http/set_metadata/config.h" + +#include + +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.h" +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.validate.h" +#include "envoy/registry/registry.h" + +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/set_metadata/set_metadata_filter.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +Http::FilterFactoryCb SetMetadataConfig::createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::set_metadata::v3::Config& proto_config, + const std::string&, Server::Configuration::FactoryContext&) { + ConfigSharedPtr filter_config(std::make_shared(proto_config)); + + return [filter_config](Http::FilterChainFactoryCallbacks& callbacks) -> void { + callbacks.addStreamDecoderFilter( + Http::StreamDecoderFilterSharedPtr{new SetMetadataFilter(filter_config)}); + }; +} + +REGISTER_FACTORY(SetMetadataConfig, Server::Configuration::NamedHttpFilterConfigFactory); + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/set_metadata/config.h b/source/extensions/filters/http/set_metadata/config.h new file mode 100644 index 000000000000..91ba36229f05 --- /dev/null +++ b/source/extensions/filters/http/set_metadata/config.h @@ -0,0 +1,30 @@ +#pragma once + +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.h" +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.validate.h" + +#include "source/extensions/filters/http/common/factory_base.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +/** + * Config registration for the header-to-metadata filter. @see NamedHttpFilterConfigFactory. + */ +class SetMetadataConfig + : public Common::FactoryBase { +public: + SetMetadataConfig() : FactoryBase("envoy.filters.http.set_metadata") {} + +private: + Http::FilterFactoryCb createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::http::set_metadata::v3::Config& proto_config, + const std::string& stats_prefix, Server::Configuration::FactoryContext& context) override; +}; + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/set_metadata/set_metadata_filter.cc b/source/extensions/filters/http/set_metadata/set_metadata_filter.cc new file mode 100644 index 000000000000..8d824a3190e7 --- /dev/null +++ b/source/extensions/filters/http/set_metadata/set_metadata_filter.cc @@ -0,0 +1,48 @@ +#include "source/extensions/filters/http/set_metadata/set_metadata_filter.h" + +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.h" + +#include "source/common/config/well_known_names.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" + +#include "absl/strings/str_format.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +Config::Config(const envoy::extensions::filters::http::set_metadata::v3::Config& proto_config) { + namespace_ = proto_config.metadata_namespace(); + value_ = proto_config.value(); +} + +SetMetadataFilter::SetMetadataFilter(const ConfigSharedPtr config) : config_(config) {} + +SetMetadataFilter::~SetMetadataFilter() = default; + +Http::FilterHeadersStatus SetMetadataFilter::decodeHeaders(Http::RequestHeaderMap&, bool) { + const absl::string_view metadata_namespace = config_->metadataNamespace(); + auto& metadata = *decoder_callbacks_->streamInfo().dynamicMetadata().mutable_filter_metadata(); + ProtobufWkt::Struct& org_fields = + metadata[toStdStringView(metadata_namespace)]; // NOLINT(std::string_view) + const ProtobufWkt::Struct& to_merge = config_->value(); + + StructUtil::update(org_fields, to_merge); + + return Http::FilterHeadersStatus::Continue; +} + +Http::FilterDataStatus SetMetadataFilter::decodeData(Buffer::Instance&, bool) { + return Http::FilterDataStatus::Continue; +} + +void SetMetadataFilter::setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks& callbacks) { + decoder_callbacks_ = &callbacks; +} + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/set_metadata/set_metadata_filter.h b/source/extensions/filters/http/set_metadata/set_metadata_filter.h new file mode 100644 index 000000000000..8611980117f2 --- /dev/null +++ b/source/extensions/filters/http/set_metadata/set_metadata_filter.h @@ -0,0 +1,56 @@ +#pragma once + +#include +#include +#include + +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.h" + +#include "source/common/common/logger.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" + +#include "absl/strings/string_view.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +class Config : public ::Envoy::Router::RouteSpecificFilterConfig, + public Logger::Loggable { +public: + Config(const envoy::extensions::filters::http::set_metadata::v3::Config& config); + + absl::string_view metadataNamespace() const { return namespace_; } + const ProtobufWkt::Struct& value() { return value_; } + +private: + std::string namespace_; + ProtobufWkt::Struct value_; +}; + +using ConfigSharedPtr = std::shared_ptr; + +class SetMetadataFilter : public Http::PassThroughDecoderFilter, + public Logger::Loggable { +public: + SetMetadataFilter(const ConfigSharedPtr config); + ~SetMetadataFilter() override; + + // Http::StreamFilterBase + void onDestroy() override {} + + // StreamDecoderFilter + Http::FilterHeadersStatus decodeHeaders(Http::RequestHeaderMap& headers, bool) override; + Http::FilterDataStatus decodeData(Buffer::Instance&, bool) override; + void setDecoderFilterCallbacks(Http::StreamDecoderFilterCallbacks&) override; + +private: + const ConfigSharedPtr config_; + Http::StreamDecoderFilterCallbacks* decoder_callbacks_; +}; + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/http/squash/BUILD b/source/extensions/filters/http/squash/BUILD index e486d07f4a89..65831764d4c7 100644 --- a/source/extensions/filters/http/squash/BUILD +++ b/source/extensions/filters/http/squash/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( srcs = ["squash_filter.cc"], hdrs = ["squash_filter.h"], deps = [ - "//include/envoy/event:timer_interface", - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:timer_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:empty_string", "//source/common/common:enum_to_int", "//source/common/http:headers_lib", @@ -37,12 +37,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/squash:squash_filter_lib", "@envoy_api//envoy/extensions/filters/http/squash/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/squash/config.cc b/source/extensions/filters/http/squash/config.cc index 34dd36353a13..d2420a6bb838 100644 --- a/source/extensions/filters/http/squash/config.cc +++ b/source/extensions/filters/http/squash/config.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/squash/config.h" +#include "source/extensions/filters/http/squash/config.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/squash/squash_filter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/squash/squash_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/squash/config.h b/source/extensions/filters/http/squash/config.h index eb27a40880d7..c1514fe61ab9 100644 --- a/source/extensions/filters/http/squash/config.h +++ b/source/extensions/filters/http/squash/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Squash { class SquashFilterConfigFactory : public Common::FactoryBase { public: - SquashFilterConfigFactory() : FactoryBase(HttpFilterNames::get().Squash) {} + SquashFilterConfigFactory() : FactoryBase("envoy.filters.http.squash") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/squash/squash_filter.cc b/source/extensions/filters/http/squash/squash_filter.cc index 4efc21a79401..d15077455483 100644 --- a/source/extensions/filters/http/squash/squash_filter.cc +++ b/source/extensions/filters/http/squash/squash_filter.cc @@ -1,19 +1,19 @@ -#include "extensions/filters/http/squash/squash_filter.h" +#include "source/extensions/filters/http/squash/squash_filter.h" #include #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/http/codes.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/json/json_loader.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/json/json_loader.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/filters/http/squash/squash_filter.h b/source/extensions/filters/http/squash/squash_filter.h index d654e7f22088..6786a6117a74 100644 --- a/source/extensions/filters/http/squash/squash_filter.h +++ b/source/extensions/filters/http/squash/squash_filter.h @@ -8,8 +8,8 @@ #include "envoy/json/json_object.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/protobuf.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/http/tap/BUILD b/source/extensions/filters/http/tap/BUILD index 9379579d8b80..9693506a366d 100644 --- a/source/extensions/filters/http/tap/BUILD +++ b/source/extensions/filters/http/tap/BUILD @@ -16,8 +16,8 @@ envoy_cc_library( name = "tap_config_interface", hdrs = ["tap_config.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/http:header_map_interface", + "//envoy/buffer:buffer_interface", + "//envoy/http:header_map_interface", "//source/extensions/common/tap:tap_interface", ], ) @@ -41,8 +41,8 @@ envoy_cc_library( hdrs = ["tap_filter.h"], deps = [ ":tap_config_interface", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/http:filter_interface", + "//envoy/access_log:access_log_interface", + "//envoy/http:filter_interface", "//source/extensions/common/tap:extension_config_base", "@envoy_api//envoy/extensions/filters/http/tap/v3:pkg_cc_proto", ], @@ -52,14 +52,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":tap_config_impl", ":tap_filter_lib", - "//include/envoy/registry", - "//source/extensions/filters/http:well_known_names", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/http/tap/v3:pkg_cc_proto", diff --git a/source/extensions/filters/http/tap/config.cc b/source/extensions/filters/http/tap/config.cc index 1137022a7ff1..ab992a89a40c 100644 --- a/source/extensions/filters/http/tap/config.cc +++ b/source/extensions/filters/http/tap/config.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/http/tap/config.h" +#include "source/extensions/filters/http/tap/config.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/tap/tap_config_impl.h" -#include "extensions/filters/http/tap/tap_filter.h" +#include "source/extensions/filters/http/tap/tap_config_impl.h" +#include "source/extensions/filters/http/tap/tap_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/tap/config.h b/source/extensions/filters/http/tap/config.h index 105ca1d552b5..ab63dce3e9ce 100644 --- a/source/extensions/filters/http/tap/config.h +++ b/source/extensions/filters/http/tap/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace TapFilter { class TapFilterFactory : public Common::FactoryBase { public: - TapFilterFactory() : FactoryBase(HttpFilterNames::get().Tap) {} + TapFilterFactory() : FactoryBase("envoy.filters.http.tap") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/tap/tap_config.h b/source/extensions/filters/http/tap/tap_config.h index 5bbbf97ba322..7eadb86ba623 100644 --- a/source/extensions/filters/http/tap/tap_config.h +++ b/source/extensions/filters/http/tap/tap_config.h @@ -4,7 +4,7 @@ #include "envoy/common/pure.h" #include "envoy/http/header_map.h" -#include "extensions/common/tap/tap.h" +#include "source/extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/tap/tap_config_impl.cc b/source/extensions/filters/http/tap/tap_config_impl.cc index abcd825cc330..7078e5f0438d 100644 --- a/source/extensions/filters/http/tap/tap_config_impl.cc +++ b/source/extensions/filters/http/tap/tap_config_impl.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/http/tap/tap_config_impl.h" +#include "source/extensions/filters/http/tap/tap_config_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/data/tap/v3/http.pb.h" -#include "common/common/assert.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/tap/tap_config_impl.h b/source/extensions/filters/http/tap/tap_config_impl.h index 1b579b633c0b..d79ef4cc4842 100644 --- a/source/extensions/filters/http/tap/tap_config_impl.h +++ b/source/extensions/filters/http/tap/tap_config_impl.h @@ -5,10 +5,9 @@ #include "envoy/data/tap/v3/http.pb.h" #include "envoy/http/header_map.h" -#include "common/common/logger.h" - -#include "extensions/common/tap/tap_config_base.h" -#include "extensions/filters/http/tap/tap_config.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/tap/tap_config_base.h" +#include "source/extensions/filters/http/tap/tap_config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/tap/tap_filter.cc b/source/extensions/filters/http/tap/tap_filter.cc index 3e7cf36c193b..d64b3407fde3 100644 --- a/source/extensions/filters/http/tap/tap_filter.cc +++ b/source/extensions/filters/http/tap/tap_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/tap/tap_filter.h" +#include "source/extensions/filters/http/tap/tap_filter.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" diff --git a/source/extensions/filters/http/tap/tap_filter.h b/source/extensions/filters/http/tap/tap_filter.h index 585d1af8b81f..a6ea1a5059f2 100644 --- a/source/extensions/filters/http/tap/tap_filter.h +++ b/source/extensions/filters/http/tap/tap_filter.h @@ -6,8 +6,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "extensions/common/tap/extension_config_base.h" -#include "extensions/filters/http/tap/tap_config.h" +#include "source/extensions/common/tap/extension_config_base.h" +#include "source/extensions/filters/http/tap/tap_config.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/http/wasm/BUILD b/source/extensions/filters/http/wasm/BUILD index e399e89290aa..effe8996c206 100644 --- a/source/extensions/filters/http/wasm/BUILD +++ b/source/extensions/filters/http/wasm/BUILD @@ -17,11 +17,10 @@ envoy_cc_library( hdrs = ["wasm_filter.h"], visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/http:codes_interface", + "//envoy/server:filter_config_interface", + "//envoy/upstream:cluster_manager_interface", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/filters/http:well_known_names", "@envoy_api//envoy/extensions/filters/http/wasm/v3:pkg_cc_proto", ], ) @@ -30,16 +29,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.http", - security_posture = "unknown", - status = "alpha", deps = [ ":wasm_filter_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/http/wasm/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/http/wasm/config.cc b/source/extensions/filters/http/wasm/config.cc index f46b7cf0692f..06a02611e6cc 100644 --- a/source/extensions/filters/http/wasm/config.cc +++ b/source/extensions/filters/http/wasm/config.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/http/wasm/config.h" +#include "source/extensions/filters/http/wasm/config.h" #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" - -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/http/wasm/wasm_filter.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/http/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/wasm/config.h b/source/extensions/filters/http/wasm/config.h index 319aee96f9ca..0085fec7f4a0 100644 --- a/source/extensions/filters/http/wasm/config.h +++ b/source/extensions/filters/http/wasm/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.h" #include "envoy/extensions/filters/http/wasm/v3/wasm.pb.validate.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -17,7 +16,7 @@ namespace Wasm { class WasmFilterConfig : public Common::FactoryBase { public: - WasmFilterConfig() : FactoryBase(HttpFilterNames::get().Wasm) {} + WasmFilterConfig() : FactoryBase("envoy.filters.http.wasm") {} private: Http::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/http/wasm/wasm_filter.cc b/source/extensions/filters/http/wasm/wasm_filter.cc index a8921975fe48..90cd4c6bacd7 100644 --- a/source/extensions/filters/http/wasm/wasm_filter.cc +++ b/source/extensions/filters/http/wasm/wasm_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/wasm/wasm_filter.h" +#include "source/extensions/filters/http/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/wasm/wasm_filter.h b/source/extensions/filters/http/wasm/wasm_filter.h index cd633e505f7d..9b4ed541f070 100644 --- a/source/extensions/filters/http/wasm/wasm_filter.h +++ b/source/extensions/filters/http/wasm/wasm_filter.h @@ -7,9 +7,8 @@ #include "envoy/server/filter_config.h" #include "envoy/upstream/cluster_manager.h" -#include "extensions/common/wasm/plugin.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/common/wasm/plugin.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/http/well_known_names.h b/source/extensions/filters/http/well_known_names.h index ddb9e1e6346d..8021f5010639 100644 --- a/source/extensions/filters/http/well_known_names.h +++ b/source/extensions/filters/http/well_known_names.h @@ -1,6 +1,6 @@ #pragma once -#include "common/config/well_known_names.h" +#include "source/common/config/well_known_names.h" namespace Envoy { namespace Extensions { @@ -14,6 +14,8 @@ class HttpFilterNameValues { public: // Buffer filter const std::string Buffer = "envoy.filters.http.buffer"; + // Bandwidth limit filter + const std::string BandwidthLimit = "envoy.filters.http.bandwidth_limit"; // Cache filter const std::string Cache = "envoy.filters.http.cache"; // CDN Loop filter @@ -42,8 +44,6 @@ class HttpFilterNameValues { const std::string GrpcHttp1ReverseBridge = "envoy.filters.http.grpc_http1_reverse_bridge"; // GRPC telemetry const std::string GrpcStats = "envoy.filters.http.grpc_stats"; - // Gzip filter - const std::string EnvoyGzip = "envoy.filters.http.gzip"; // IP tagging filter const std::string IpTagging = "envoy.filters.http.ip_tagging"; // Rate limit filter @@ -76,6 +76,8 @@ class HttpFilterNameValues { const std::string OriginalSrc = "envoy.filters.http.original_src"; // Dynamic forward proxy filter const std::string DynamicForwardProxy = "envoy.filters.http.dynamic_forward_proxy"; + // Alternate Protocols Cache filter + const std::string AlternateProtocolsCache = "envoy.filters.http.alternate_protocols_cache"; // WebAssembly filter const std::string Wasm = "envoy.filters.http.wasm"; // AWS request signing filter @@ -88,6 +90,8 @@ class HttpFilterNameValues { const std::string KillRequest = "envoy.filters.http.kill_request"; // External Processing filter const std::string ExternalProcessing = "envoy.filters.http.ext_proc"; + // Set metadata filter + const std::string SetMetadata = "envoy.filters.http.set_metadata"; }; using HttpFilterNames = ConstSingleton; diff --git a/source/extensions/filters/listener/BUILD b/source/extensions/filters/listener/BUILD index 9a2ee9ad75cb..90e061ad8da3 100644 --- a/source/extensions/filters/listener/BUILD +++ b/source/extensions/filters/listener/BUILD @@ -1,19 +1,8 @@ load( "//bazel:envoy_build_system.bzl", - "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # Well known names are public. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/filters/listener/http_inspector/BUILD b/source/extensions/filters/listener/http_inspector/BUILD index 849277d618d1..a0fc9a0bfde3 100644 --- a/source/extensions/filters/listener/http_inspector/BUILD +++ b/source/extensions/filters/listener/http_inspector/BUILD @@ -17,10 +17,10 @@ envoy_cc_library( hdrs = ["http_inspector.h"], external_deps = ["http_parser"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:headers_lib", @@ -31,13 +31,10 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.listener", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":http_inspector_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/listener:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/listener/http_inspector/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/listener/http_inspector/config.cc b/source/extensions/filters/listener/http_inspector/config.cc index 247e1f20a807..d54aeaef913b 100644 --- a/source/extensions/filters/listener/http_inspector/config.cc +++ b/source/extensions/filters/listener/http_inspector/config.cc @@ -3,8 +3,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/listener/http_inspector/http_inspector.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/http_inspector/http_inspector.h" namespace Envoy { namespace Extensions { @@ -33,7 +32,7 @@ class HttpInspectorConfigFactory : public Server::Configuration::NamedListenerFi envoy::extensions::filters::listener::http_inspector::v3::HttpInspector>(); } - std::string name() const override { return ListenerFilterNames::get().HttpInspector; } + std::string name() const override { return "envoy.filters.listener.http_inspector"; } }; /** diff --git a/source/extensions/filters/listener/http_inspector/http_inspector.cc b/source/extensions/filters/listener/http_inspector/http_inspector.cc index 3f3c2c4d2426..2a69f38c7771 100644 --- a/source/extensions/filters/listener/http_inspector/http_inspector.cc +++ b/source/extensions/filters/listener/http_inspector/http_inspector.cc @@ -1,14 +1,14 @@ -#include "extensions/filters/listener/http_inspector/http_inspector.h" +#include "source/extensions/filters/listener/http_inspector/http_inspector.h" #include "envoy/event/dispatcher.h" #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/macros.h" -#include "common/http/headers.h" -#include "common/http/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" #include "absl/strings/match.h" #include "absl/strings/str_split.h" diff --git a/source/extensions/filters/listener/http_inspector/http_inspector.h b/source/extensions/filters/listener/http_inspector/http_inspector.h index 796add803b8f..75d5eb5e76af 100644 --- a/source/extensions/filters/listener/http_inspector/http_inspector.h +++ b/source/extensions/filters/listener/http_inspector/http_inspector.h @@ -8,7 +8,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/container/flat_hash_set.h" @@ -66,6 +66,11 @@ using ConfigSharedPtr = std::shared_ptr; class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr config); + ~Filter() override { + if (cb_) { + cb_->socket().ioHandle().resetFileEvents(); + } + } // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; diff --git a/source/extensions/filters/listener/original_dst/BUILD b/source/extensions/filters/listener/original_dst/BUILD index 62b0b88f001c..59207733fd74 100644 --- a/source/extensions/filters/listener/original_dst/BUILD +++ b/source/extensions/filters/listener/original_dst/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["original_dst.cc"], hdrs = ["original_dst.h"], deps = [ - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/network:upstream_socket_options_filter_state_lib", @@ -29,17 +29,14 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.listener", # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ ":original_dst_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/listener:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/listener/original_dst/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/listener/original_dst/config.cc b/source/extensions/filters/listener/original_dst/config.cc index cad8e5cd044b..3fe3f714430a 100644 --- a/source/extensions/filters/listener/original_dst/config.cc +++ b/source/extensions/filters/listener/original_dst/config.cc @@ -5,8 +5,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/listener/original_dst/original_dst.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/original_dst/original_dst.h" namespace Envoy { namespace Extensions { @@ -51,7 +50,7 @@ class OriginalDstConfigFactory : public Server::Configuration::NamedListenerFilt return std::make_unique(); } - std::string name() const override { return ListenerFilterNames::get().OriginalDst; } + std::string name() const override { return "envoy.filters.listener.original_dst"; } }; /** diff --git a/source/extensions/filters/listener/original_dst/original_dst.cc b/source/extensions/filters/listener/original_dst/original_dst.cc index ba4741d6f8da..f1465fad803e 100644 --- a/source/extensions/filters/listener/original_dst/original_dst.cc +++ b/source/extensions/filters/listener/original_dst/original_dst.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/listener/original_dst/original_dst.h" +#include "source/extensions/filters/listener/original_dst/original_dst.h" #include "envoy/network/listen_socket.h" -#include "common/common/assert.h" -#include "common/network/socket_option_factory.h" -#include "common/network/upstream_socket_options_filter_state.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/upstream_socket_options_filter_state.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/original_dst/original_dst.h b/source/extensions/filters/listener/original_dst/original_dst.h index f067bfed92a9..1732fbffaa00 100644 --- a/source/extensions/filters/listener/original_dst/original_dst.h +++ b/source/extensions/filters/listener/original_dst/original_dst.h @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/original_src/BUILD b/source/extensions/filters/listener/original_src/BUILD index 26df22093a3c..a48c85adc631 100644 --- a/source/extensions/filters/listener/original_src/BUILD +++ b/source/extensions/filters/listener/original_src/BUILD @@ -24,10 +24,10 @@ envoy_cc_library( hdrs = ["original_src.h"], deps = [ ":config_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:address_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/original_src:socket_option_factory_lib", @@ -38,15 +38,11 @@ envoy_cc_extension( name = "config", # The extension build system requires a library named config srcs = ["original_src_config_factory.cc"], hdrs = ["original_src_config_factory.h"], - category = "envoy.filters.listener", - security_posture = "robust_to_untrusted_downstream", - status = "alpha", deps = [ ":config_lib", ":original_src_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/listener:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/listener/original_src/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/listener/original_src/config.cc b/source/extensions/filters/listener/original_src/config.cc index 10ec27e4a4c6..6fa308bfd131 100644 --- a/source/extensions/filters/listener/original_src/config.cc +++ b/source/extensions/filters/listener/original_src/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/original_src/config.h" +#include "source/extensions/filters/listener/original_src/config.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" diff --git a/source/extensions/filters/listener/original_src/original_src.cc b/source/extensions/filters/listener/original_src/original_src.cc index a8793761cfb1..eefba846fcc8 100644 --- a/source/extensions/filters/listener/original_src/original_src.cc +++ b/source/extensions/filters/listener/original_src/original_src.cc @@ -1,11 +1,10 @@ -#include "extensions/filters/listener/original_src/original_src.h" +#include "source/extensions/filters/listener/original_src/original_src.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" -#include "common/common/assert.h" - -#include "extensions/filters/common/original_src/socket_option_factory.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/common/original_src/socket_option_factory.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/original_src/original_src.h b/source/extensions/filters/listener/original_src/original_src.h index f201644f8810..5aaf6988e3dc 100644 --- a/source/extensions/filters/listener/original_src/original_src.h +++ b/source/extensions/filters/listener/original_src/original_src.h @@ -3,9 +3,8 @@ #include "envoy/network/address.h" #include "envoy/network/filter.h" -#include "common/common/logger.h" - -#include "extensions/filters/listener/original_src/config.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/listener/original_src/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/original_src/original_src_config_factory.cc b/source/extensions/filters/listener/original_src/original_src_config_factory.cc index 157e1a92efdd..669c48cd5851 100644 --- a/source/extensions/filters/listener/original_src/original_src_config_factory.cc +++ b/source/extensions/filters/listener/original_src/original_src_config_factory.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/listener/original_src/original_src_config_factory.h" +#include "source/extensions/filters/listener/original_src/original_src_config_factory.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/listener/original_src/config.h" -#include "extensions/filters/listener/original_src/original_src.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/original_src/config.h" +#include "source/extensions/filters/listener/original_src/original_src.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/original_src/original_src_config_factory.h b/source/extensions/filters/listener/original_src/original_src_config_factory.h index 94197935ab07..60e50fa76842 100644 --- a/source/extensions/filters/listener/original_src/original_src_config_factory.h +++ b/source/extensions/filters/listener/original_src/original_src_config_factory.h @@ -3,8 +3,6 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/listener/well_known_names.h" - namespace Envoy { namespace Extensions { namespace ListenerFilters { @@ -22,7 +20,7 @@ class OriginalSrcConfigFactory : public Server::Configuration::NamedListenerFilt ProtobufTypes::MessagePtr createEmptyConfigProto() override; - std::string name() const override { return ListenerFilterNames::get().OriginalSrc; } + std::string name() const override { return "envoy.filters.listener.original_src"; } }; } // namespace OriginalSrc diff --git a/source/extensions/filters/listener/proxy_protocol/BUILD b/source/extensions/filters/listener/proxy_protocol/BUILD index 66c21a7b2768..404e11118676 100644 --- a/source/extensions/filters/listener/proxy_protocol/BUILD +++ b/source/extensions/filters/listener/proxy_protocol/BUILD @@ -20,9 +20,9 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -32,7 +32,6 @@ envoy_cc_library( "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", - "//source/extensions/filters/listener:well_known_names", "@envoy_api//envoy/extensions/filters/listener/proxy_protocol/v3:pkg_cc_proto", ], ) @@ -40,16 +39,13 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.listener", # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/listener:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/listener/proxy_protocol:proxy_protocol_lib", "@envoy_api//envoy/extensions/filters/listener/proxy_protocol/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/listener/proxy_protocol/config.cc b/source/extensions/filters/listener/proxy_protocol/config.cc index 4641fcd6c9bf..8044b2deb31f 100644 --- a/source/extensions/filters/listener/proxy_protocol/config.cc +++ b/source/extensions/filters/listener/proxy_protocol/config.cc @@ -5,8 +5,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" namespace Envoy { namespace Extensions { @@ -41,7 +40,7 @@ class ProxyProtocolConfigFactory : public Server::Configuration::NamedListenerFi envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol>(); } - std::string name() const override { return ListenerFilterNames::get().ProxyProtocol; } + std::string name() const override { return "envoy.filters.listener.proxy_protocol"; } }; /** diff --git a/source/extensions/filters/listener/proxy_protocol/proxy_protocol.cc b/source/extensions/filters/listener/proxy_protocol/proxy_protocol.cc index 320337fcba16..4a2c2db29c3b 100644 --- a/source/extensions/filters/listener/proxy_protocol/proxy_protocol.cc +++ b/source/extensions/filters/listener/proxy_protocol/proxy_protocol.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" #include #include @@ -13,17 +13,15 @@ #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V1_SIGNATURE; using Envoy::Extensions::Common::ProxyProtocol::PROXY_PROTO_V1_SIGNATURE_LEN; @@ -373,7 +371,7 @@ bool Filter::parseTlvs(const std::vector& tlvs) { tlv_value_length); std::string metadata_key = key_value_pair->metadata_namespace().empty() - ? ListenerFilterNames::get().ProxyProtocol + ? "envoy.filters.listener.proxy_protocol" : key_value_pair->metadata_namespace(); ProtobufWkt::Struct metadata( diff --git a/source/extensions/filters/listener/proxy_protocol/proxy_protocol.h b/source/extensions/filters/listener/proxy_protocol/proxy_protocol.h index 6255309c3123..3eeb067466f3 100644 --- a/source/extensions/filters/listener/proxy_protocol/proxy_protocol.h +++ b/source/extensions/filters/listener/proxy_protocol/proxy_protocol.h @@ -6,9 +6,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" #include "absl/container/flat_hash_map.h" #include "proxy_protocol_header.h" @@ -84,7 +83,11 @@ enum class ReadOrParseState { Done, TryAgainLater, Error }; class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr& config) : config_(config) {} - + ~Filter() override { + if (cb_) { + cb_->socket().ioHandle().resetFileEvents(); + } + } // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; diff --git a/source/extensions/filters/listener/proxy_protocol/proxy_protocol_header.h b/source/extensions/filters/listener/proxy_protocol/proxy_protocol_header.h index c451c8f5e1c7..f72258ce0ff5 100644 --- a/source/extensions/filters/listener/proxy_protocol/proxy_protocol_header.h +++ b/source/extensions/filters/listener/proxy_protocol/proxy_protocol_header.h @@ -2,7 +2,7 @@ #include "envoy/network/address.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/listener/tls_inspector/BUILD b/source/extensions/filters/listener/tls_inspector/BUILD index 3f6837524e2b..cc137ea1a5cc 100644 --- a/source/extensions/filters/listener/tls_inspector/BUILD +++ b/source/extensions/filters/listener/tls_inspector/BUILD @@ -22,10 +22,10 @@ envoy_cc_library( "//visibility:public", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -35,16 +35,13 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.listener", # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", - "//source/extensions/filters/listener:well_known_names", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/listener/tls_inspector:tls_inspector_lib", "@envoy_api//envoy/extensions/filters/listener/tls_inspector/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/listener/tls_inspector/config.cc b/source/extensions/filters/listener/tls_inspector/config.cc index 058a5ddaf7c5..a53a448ac309 100644 --- a/source/extensions/filters/listener/tls_inspector/config.cc +++ b/source/extensions/filters/listener/tls_inspector/config.cc @@ -5,8 +5,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/listener/tls_inspector/tls_inspector.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/tls_inspector/tls_inspector.h" namespace Envoy { namespace Extensions { @@ -35,7 +34,7 @@ class TlsInspectorConfigFactory : public Server::Configuration::NamedListenerFil envoy::extensions::filters::listener::tls_inspector::v3::TlsInspector>(); } - std::string name() const override { return ListenerFilterNames::get().TlsInspector; } + std::string name() const override { return "envoy.filters.listener.tls_inspector"; } }; /** diff --git a/source/extensions/filters/listener/tls_inspector/tls_inspector.cc b/source/extensions/filters/listener/tls_inspector/tls_inspector.cc index f2adbaf36367..c2798827f6c9 100644 --- a/source/extensions/filters/listener/tls_inspector/tls_inspector.cc +++ b/source/extensions/filters/listener/tls_inspector/tls_inspector.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/tls_inspector/tls_inspector.h" +#include "source/extensions/filters/listener/tls_inspector/tls_inspector.h" #include #include @@ -10,8 +10,8 @@ #include "envoy/network/listen_socket.h" #include "envoy/stats/scope.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" #include "absl/strings/str_join.h" #include "openssl/ssl.h" diff --git a/source/extensions/filters/listener/tls_inspector/tls_inspector.h b/source/extensions/filters/listener/tls_inspector/tls_inspector.h index 9784ea10b641..bd64cd2bd3f5 100644 --- a/source/extensions/filters/listener/tls_inspector/tls_inspector.h +++ b/source/extensions/filters/listener/tls_inspector/tls_inspector.h @@ -6,7 +6,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "openssl/ssl.h" @@ -73,6 +73,11 @@ using ConfigSharedPtr = std::shared_ptr; class Filter : public Network::ListenerFilter, Logger::Loggable { public: Filter(const ConfigSharedPtr config); + ~Filter() override { + if (cb_) { + cb_->socket().ioHandle().resetFileEvents(); + } + } // Network::ListenerFilter Network::FilterStatus onAccept(Network::ListenerFilterCallbacks& cb) override; @@ -85,7 +90,7 @@ class Filter : public Network::ListenerFilter, Logger::Loggable ssl_; uint64_t read_{0}; diff --git a/source/extensions/filters/listener/well_known_names.h b/source/extensions/filters/listener/well_known_names.h deleted file mode 100644 index 56c86d52620c..000000000000 --- a/source/extensions/filters/listener/well_known_names.h +++ /dev/null @@ -1,33 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace ListenerFilters { - -/** - * Well-known listener filter names. - * NOTE: New filters should use the well known name: envoy.filters.listener.name. - */ -class ListenerFilterNameValues { -public: - // HTTP Inspector listener filter - const std::string HttpInspector = "envoy.filters.listener.http_inspector"; - // Original destination listener filter - const std::string OriginalDst = "envoy.filters.listener.original_dst"; - // Original source listener filter - const std::string OriginalSrc = "envoy.filters.listener.original_src"; - // Proxy Protocol listener filter - const std::string ProxyProtocol = "envoy.filters.listener.proxy_protocol"; - // TLS Inspector listener filter - const std::string TlsInspector = "envoy.filters.listener.tls_inspector"; -}; - -using ListenerFilterNames = ConstSingleton; - -} // namespace ListenerFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/network/client_ssl_auth/BUILD b/source/extensions/filters/network/client_ssl_auth/BUILD index 184ef95404aa..8c9169f3fc8e 100644 --- a/source/extensions/filters/network/client_ssl_auth/BUILD +++ b/source/extensions/filters/network/client_ssl_auth/BUILD @@ -17,12 +17,12 @@ envoy_cc_library( srcs = ["client_ssl_auth.cc"], hdrs = ["client_ssl_auth.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_macros", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:enum_to_int", "//source/common/http:headers_lib", @@ -40,11 +40,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", deps = [ ":client_ssl_auth", - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/client_ssl_auth/v3:pkg_cc_proto", diff --git a/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.cc b/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.cc index bceb77b412ae..1fb12918e1f7 100644 --- a/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.cc +++ b/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/client_ssl_auth/client_ssl_auth.h" +#include "source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h" #include #include @@ -8,14 +8,14 @@ #include "envoy/network/connection.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/json/json_loader.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h b/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h index 53422e5f48d8..19b3caea0a8e 100644 --- a/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h +++ b/source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h @@ -13,10 +13,10 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/rest_api_fetcher.h" -#include "common/network/cidr_range.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/http/rest_api_fetcher.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" #include "absl/container/node_hash_set.h" diff --git a/source/extensions/filters/network/client_ssl_auth/config.cc b/source/extensions/filters/network/client_ssl_auth/config.cc index 23a5d8dfa6c2..f974b275274f 100644 --- a/source/extensions/filters/network/client_ssl_auth/config.cc +++ b/source/extensions/filters/network/client_ssl_auth/config.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/network/client_ssl_auth/config.h" +#include "source/extensions/filters/network/client_ssl_auth/config.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.validate.h" #include "envoy/network/connection.h" #include "envoy/registry/registry.h" -#include "extensions/filters/network/client_ssl_auth/client_ssl_auth.h" +#include "source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/client_ssl_auth/config.h b/source/extensions/filters/network/client_ssl_auth/config.h index 2bb3d7a25dde..eaccae4f5d58 100644 --- a/source/extensions/filters/network/client_ssl_auth/config.h +++ b/source/extensions/filters/network/client_ssl_auth/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/BUILD b/source/extensions/filters/network/common/BUILD index c8b8dd24f51f..be7c50d2fa1f 100644 --- a/source/extensions/filters/network/common/BUILD +++ b/source/extensions/filters/network/common/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( # Used by core. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/extensions/common:utility_lib", ], ) @@ -25,7 +25,7 @@ envoy_cc_library( # Used by core. TODO(#9953) clean up. visibility = ["//visibility:public"], deps = [ - "//include/envoy/runtime:runtime_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:macros", "//source/extensions/common:utility_lib", "//source/extensions/filters/network:well_known_names", diff --git a/source/extensions/filters/network/common/factory_base.h b/source/extensions/filters/network/common/factory_base.h index 9e818369b4a8..20067d0c383c 100644 --- a/source/extensions/filters/network/common/factory_base.h +++ b/source/extensions/filters/network/common/factory_base.h @@ -4,7 +4,7 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/upstream/upstream.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/BUILD b/source/extensions/filters/network/common/redis/BUILD index 497286700ff2..4561a35a52e5 100644 --- a/source/extensions/filters/network/common/redis/BUILD +++ b/source/extensions/filters/network/common/redis/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "codec_interface", hdrs = ["codec.h"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:assert_lib", ], ) @@ -49,7 +49,7 @@ envoy_cc_library( deps = [ ":codec_lib", ":redis_command_stats_lib", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", ], ) @@ -61,10 +61,10 @@ envoy_cc_library( ":client_interface", ":codec_lib", ":utility_lib", - "//include/envoy/router:router_interface", - "//include/envoy/stats:timespan_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/router:router_interface", + "//envoy/stats:timespan_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/network:filter_lib", @@ -92,8 +92,8 @@ envoy_cc_library( deps = [ ":codec_interface", ":supported_commands_lib", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", "//source/common/common:utility_lib", "//source/common/stats:symbol_table_lib", "//source/common/stats:timespan_lib", @@ -116,8 +116,8 @@ envoy_cc_library( deps = [ ":codec_lib", ":fault_interface", - "//include/envoy/common:random_generator_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/common:random_generator_interface", + "//envoy/upstream:upstream_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/network/common/redis/client.h b/source/extensions/filters/network/common/redis/client.h index f0c573f92f82..dbf3a0b317f1 100644 --- a/source/extensions/filters/network/common/redis/client.h +++ b/source/extensions/filters/network/common/redis/client.h @@ -4,8 +4,8 @@ #include "envoy/upstream/cluster_manager.h" -#include "extensions/filters/network/common/redis/codec_impl.h" -#include "extensions/filters/network/common/redis/redis_command_stats.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" +#include "source/extensions/filters/network/common/redis/redis_command_stats.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/client_impl.cc b/source/extensions/filters/network/common/redis/client_impl.cc index 6cdc7b8ad007..0efea010b910 100644 --- a/source/extensions/filters/network/common/redis/client_impl.cc +++ b/source/extensions/filters/network/common/redis/client_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" diff --git a/source/extensions/filters/network/common/redis/client_impl.h b/source/extensions/filters/network/common/redis/client_impl.h index ca0eb5f21dbe..2c5fc289cfb0 100644 --- a/source/extensions/filters/network/common/redis/client_impl.h +++ b/source/extensions/filters/network/common/redis/client_impl.h @@ -7,16 +7,15 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/hash.h" -#include "common/network/filter_impl.h" -#include "common/protobuf/utility.h" -#include "common/singleton/const_singleton.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/hash.h" +#include "source/common/network/filter_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/codec.h b/source/extensions/filters/network/common/redis/codec.h index fa256cd6dc4a..c66c1136c8a9 100644 --- a/source/extensions/filters/network/common/redis/codec.h +++ b/source/extensions/filters/network/common/redis/codec.h @@ -7,8 +7,8 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/codec_impl.cc b/source/extensions/filters/network/common/redis/codec_impl.cc index a668a7868e26..83a7ecabcef3 100644 --- a/source/extensions/filters/network/common/redis/codec_impl.cc +++ b/source/extensions/filters/network/common/redis/codec_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/common/redis/codec_impl.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" #include #include @@ -7,9 +7,9 @@ #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" #include "absl/container/fixed_array.h" diff --git a/source/extensions/filters/network/common/redis/codec_impl.h b/source/extensions/filters/network/common/redis/codec_impl.h index 125f703acf14..a55cfd695992 100644 --- a/source/extensions/filters/network/common/redis/codec_impl.h +++ b/source/extensions/filters/network/common/redis/codec_impl.h @@ -5,9 +5,8 @@ #include #include -#include "common/common/logger.h" - -#include "extensions/filters/network/common/redis/codec.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/fault_impl.cc b/source/extensions/filters/network/common/redis/fault_impl.cc index 02b4c5aba52e..b5d00bb99ee7 100644 --- a/source/extensions/filters/network/common/redis/fault_impl.cc +++ b/source/extensions/filters/network/common/redis/fault_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/common/redis/fault_impl.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/fault_impl.h b/source/extensions/filters/network/common/redis/fault_impl.h index 2774c2798eb2..5ec3978bf7a2 100644 --- a/source/extensions/filters/network/common/redis/fault_impl.h +++ b/source/extensions/filters/network/common/redis/fault_impl.h @@ -8,10 +8,9 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/upstream/upstream.h" -#include "common/protobuf/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/common/redis/fault.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/common/redis/fault.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/redis_command_stats.cc b/source/extensions/filters/network/common/redis/redis_command_stats.cc index 5a6509cf3ae6..9e67ab1e2ce5 100644 --- a/source/extensions/filters/network/common/redis/redis_command_stats.cc +++ b/source/extensions/filters/network/common/redis/redis_command_stats.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/network/common/redis/redis_command_stats.h" +#include "source/extensions/filters/network/common/redis/redis_command_stats.h" -#include "common/stats/timespan_impl.h" -#include "common/stats/utility.h" - -#include "extensions/filters/network/common/redis/supported_commands.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/stats/utility.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/redis_command_stats.h b/source/extensions/filters/network/common/redis/redis_command_stats.h index 5dddb9f8303c..fd80c5ac850c 100644 --- a/source/extensions/filters/network/common/redis/redis_command_stats.h +++ b/source/extensions/filters/network/common/redis/redis_command_stats.h @@ -6,9 +6,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/timespan.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/network/common/redis/codec.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/supported_commands.h b/source/extensions/filters/network/common/redis/supported_commands.h index 9e8a0f1aeafd..5e0b5f26bb82 100644 --- a/source/extensions/filters/network/common/redis/supported_commands.h +++ b/source/extensions/filters/network/common/redis/supported_commands.h @@ -4,7 +4,7 @@ #include #include -#include "common/common/macros.h" +#include "source/common/common/macros.h" #include "absl/container/flat_hash_set.h" diff --git a/source/extensions/filters/network/common/redis/utility.cc b/source/extensions/filters/network/common/redis/utility.cc index 773196dd70e2..3eb644f3285a 100644 --- a/source/extensions/filters/network/common/redis/utility.cc +++ b/source/extensions/filters/network/common/redis/utility.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/common/redis/utility.h" +#include "source/extensions/filters/network/common/redis/utility.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/redis/utility.h b/source/extensions/filters/network/common/redis/utility.h index ca5774d2d3a6..7f98bfbb444f 100644 --- a/source/extensions/filters/network/common/redis/utility.h +++ b/source/extensions/filters/network/common/redis/utility.h @@ -2,7 +2,7 @@ #include -#include "extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/common/utility.h b/source/extensions/filters/network/common/utility.h index 54a458aa7b62..1f43a2375c2c 100644 --- a/source/extensions/filters/network/common/utility.h +++ b/source/extensions/filters/network/common/utility.h @@ -1,9 +1,8 @@ #pragma once -#include "common/common/macros.h" - -#include "extensions/common/utility.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/macros.h" +#include "source/extensions/common/utility.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/connection_limit/BUILD b/source/extensions/filters/network/connection_limit/BUILD new file mode 100644 index 000000000000..eda2ddc3d484 --- /dev/null +++ b/source/extensions/filters/network/connection_limit/BUILD @@ -0,0 +1,40 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +# Connection limit L4 network filter +# Public docs: docs/root/configuration/network_filters/connection_limit_filter.rst + +envoy_extension_package() + +envoy_cc_library( + name = "connection_limit_lib", + srcs = ["connection_limit.cc"], + hdrs = ["connection_limit.h"], + deps = [ + "//envoy/event:dispatcher_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_macros", + "//source/common/protobuf:utility_lib", + "//source/common/runtime:runtime_lib", + "@envoy_api//envoy/extensions/filters/network/connection_limit/v3:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + "//source/extensions/filters/network:well_known_names", + "//source/extensions/filters/network/common:factory_base_lib", + "//source/extensions/filters/network/connection_limit:connection_limit_lib", + "@envoy_api//envoy/extensions/filters/network/connection_limit/v3:pkg_cc_proto", + ], +) diff --git a/source/extensions/filters/network/connection_limit/config.cc b/source/extensions/filters/network/connection_limit/config.cc new file mode 100644 index 000000000000..4fbc51d28953 --- /dev/null +++ b/source/extensions/filters/network/connection_limit/config.cc @@ -0,0 +1,31 @@ +#include "source/extensions/filters/network/connection_limit/config.h" + +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.h" +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.validate.h" + +#include "source/extensions/filters/network/connection_limit/connection_limit.h" + +namespace Envoy { +namespace Extensions { +namespace NetworkFilters { +namespace ConnectionLimitFilter { + +Network::FilterFactoryCb ConnectionLimitConfigFactory::createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit& proto_config, + Server::Configuration::FactoryContext& context) { + ConfigSharedPtr filter_config(new Config(proto_config, context.scope(), context.runtime())); + return [filter_config](Network::FilterManager& filter_manager) -> void { + filter_manager.addReadFilter(std::make_shared(filter_config)); + }; +} + +/** + * Static registration for the connection limit filter. @see RegisterFactory. + */ +REGISTER_FACTORY(ConnectionLimitConfigFactory, + Server::Configuration::NamedNetworkFilterConfigFactory); + +} // namespace ConnectionLimitFilter +} // namespace NetworkFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/network/connection_limit/config.h b/source/extensions/filters/network/connection_limit/config.h new file mode 100644 index 000000000000..a5dbfc6369c2 --- /dev/null +++ b/source/extensions/filters/network/connection_limit/config.h @@ -0,0 +1,33 @@ +#pragma once + +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.h" +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.validate.h" + +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" + +namespace Envoy { +namespace Extensions { +namespace NetworkFilters { +namespace ConnectionLimitFilter { + +/** + * Config registration for the connection limit filter. @see NamedNetworkFilterConfigFactory. + */ +class ConnectionLimitConfigFactory + : public Common::FactoryBase< + envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit> { +public: + ConnectionLimitConfigFactory() : FactoryBase(NetworkFilterNames::get().ConnectionLimit) {} + +private: + Network::FilterFactoryCb createFilterFactoryFromProtoTyped( + const envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit& + proto_config, + Server::Configuration::FactoryContext& context) override; +}; + +} // namespace ConnectionLimitFilter +} // namespace NetworkFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/network/connection_limit/connection_limit.cc b/source/extensions/filters/network/connection_limit/connection_limit.cc new file mode 100644 index 000000000000..64298a89cea5 --- /dev/null +++ b/source/extensions/filters/network/connection_limit/connection_limit.cc @@ -0,0 +1,108 @@ +#include "source/extensions/filters/network/connection_limit/connection_limit.h" + +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.h" + +#include "source/common/protobuf/utility.h" + +namespace Envoy { +namespace Extensions { +namespace NetworkFilters { +namespace ConnectionLimitFilter { + +Config::Config( + const envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit& proto_config, + Stats::Scope& scope, Runtime::Loader& runtime) + : enabled_(proto_config.runtime_enabled(), runtime), + stats_(generateStats(proto_config.stat_prefix(), scope)), + max_connections_(PROTOBUF_GET_WRAPPED_REQUIRED(proto_config, max_connections)), + connections_(0), delay_(PROTOBUF_GET_OPTIONAL_MS(proto_config, delay)) {} + +ConnectionLimitStats Config::generateStats(const std::string& prefix, Stats::Scope& scope) { + const std::string final_prefix = "connection_limit." + prefix; + return {ALL_CONNECTION_LIMIT_STATS(POOL_COUNTER_PREFIX(scope, final_prefix), + POOL_GAUGE_PREFIX(scope, final_prefix))}; +} + +bool Config::incrementConnectionWithinLimit() { + auto conns = connections_.load(std::memory_order_relaxed); + while (conns < max_connections_) { + // Testing hook. + synchronizer_.syncPoint("increment_pre_cas"); + + if (connections_.compare_exchange_weak(conns, conns + 1, std::memory_order_release, + std::memory_order_relaxed)) { + return true; + } + } + return false; +} + +void Config::incrementConnection() { connections_++; } + +void Config::decrementConnection() { + ASSERT(connections_ > 0); + connections_--; +} + +void Filter::resetTimerState() { + if (delay_timer_) { + delay_timer_->disableTimer(); + delay_timer_.reset(); + } +} + +Network::FilterStatus Filter::onData(Buffer::Instance&, bool) { + if (is_rejected_) { + return Network::FilterStatus::StopIteration; + } + return Network::FilterStatus::Continue; +} + +Network::FilterStatus Filter::onNewConnection() { + if (!config_->enabled()) { + ENVOY_CONN_LOG(trace, "connection_limit: runtime disabled", read_callbacks_->connection()); + return Network::FilterStatus::Continue; + } + + config_->stats().active_connections_.inc(); + + if (!config_->incrementConnectionWithinLimit()) { + config_->stats().limited_connections_.inc(); + ENVOY_CONN_LOG(trace, "connection_limit: connection limiting connection", + read_callbacks_->connection()); + + // Set is_rejected_ is true, so that onData() will return StopIteration during the delay time. + is_rejected_ = true; + // The close() will trigger onEvent() with close event, increment the active connections count. + config_->incrementConnection(); + + // Delay rejection provides a better DoS protection for Envoy. + absl::optional duration = config_->delay(); + if (duration.has_value() && duration.value() > std::chrono::milliseconds(0)) { + delay_timer_ = read_callbacks_->connection().dispatcher().createTimer([this]() -> void { + resetTimerState(); + read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); + }); + delay_timer_->enableTimer(duration.value()); + } else { + read_callbacks_->connection().close(Network::ConnectionCloseType::NoFlush); + } + return Network::FilterStatus::StopIteration; + } + + return Network::FilterStatus::Continue; +} + +void Filter::onEvent(Network::ConnectionEvent event) { + if (event == Network::ConnectionEvent::RemoteClose || + event == Network::ConnectionEvent::LocalClose) { + resetTimerState(); + config_->decrementConnection(); + config_->stats().active_connections_.dec(); + } +} + +} // namespace ConnectionLimitFilter +} // namespace NetworkFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/network/connection_limit/connection_limit.h b/source/extensions/filters/network/connection_limit/connection_limit.h new file mode 100644 index 000000000000..1e0e0b8ce11b --- /dev/null +++ b/source/extensions/filters/network/connection_limit/connection_limit.h @@ -0,0 +1,99 @@ +#pragma once + +#include +#include + +#include "envoy/event/dispatcher.h" +#include "envoy/event/timer.h" +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.h" +#include "envoy/network/filter.h" +#include "envoy/runtime/runtime.h" +#include "envoy/stats/stats_macros.h" + +#include "source/common/common/thread_synchronizer.h" +#include "source/common/runtime/runtime_protos.h" + +namespace Envoy { +namespace Extensions { +namespace NetworkFilters { +namespace ConnectionLimitFilter { + +/** + * All connection limit stats. @see stats_macros.h + */ +#define ALL_CONNECTION_LIMIT_STATS(COUNTER, GAUGE) \ + COUNTER(limited_connections) \ + GAUGE(active_connections, Accumulate) + +/** + * Struct definition for connection limit stats. @see stats_macros.h + */ +struct ConnectionLimitStats { + ALL_CONNECTION_LIMIT_STATS(GENERATE_COUNTER_STRUCT, GENERATE_GAUGE_STRUCT) +}; + +/** + * Configuration shared across all connections on a filter chain basis. + */ +class Config : Logger::Loggable { +public: + Config(const envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit& + proto_config, + Stats::Scope& scope, Runtime::Loader& runtime); + + bool incrementConnectionWithinLimit(); + void incrementConnection(); + void decrementConnection(); + bool enabled() { return enabled_.enabled(); } + absl::optional delay() { return delay_; } + ConnectionLimitStats& stats() { return stats_; } + +private: + static ConnectionLimitStats generateStats(const std::string& prefix, Stats::Scope& scope); + Runtime::FeatureFlag enabled_; + ConnectionLimitStats stats_; + const uint64_t max_connections_; + std::atomic connections_; + absl::optional delay_; + mutable Thread::ThreadSynchronizer synchronizer_; // Used for testing only. + + friend class ConnectionLimitTestBase; +}; + +using ConfigSharedPtr = std::shared_ptr; + +/** + * Per-connection connection limit filter + */ +class Filter : public Network::ReadFilter, + public Network::ConnectionCallbacks, + Logger::Loggable { +public: + Filter(const ConfigSharedPtr& config) : config_(config), is_rejected_(false) {} + + // Network::ReadFilter + Network::FilterStatus onData(Buffer::Instance&, bool) override; + Network::FilterStatus onNewConnection() override; + + void initializeReadFilterCallbacks(Network::ReadFilterCallbacks& read_callbacks) override { + read_callbacks_ = &read_callbacks; + read_callbacks_->connection().addConnectionCallbacks(*this); + } + + // Network::ConnectionCallbacks + void onEvent(Network::ConnectionEvent event) override; + void onAboveWriteBufferHighWatermark() override {} + void onBelowWriteBufferLowWatermark() override {} + +private: + void resetTimerState(); + const ConfigSharedPtr config_; + Network::ReadFilterCallbacks* read_callbacks_{}; + Event::TimerPtr delay_timer_ = nullptr; + bool is_rejected_; +}; + +} // namespace ConnectionLimitFilter +} // namespace NetworkFilters +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/filters/network/direct_response/BUILD b/source/extensions/filters/network/direct_response/BUILD index 7954de404211..a80985231941 100644 --- a/source/extensions/filters/network/direct_response/BUILD +++ b/source/extensions/filters/network/direct_response/BUILD @@ -17,8 +17,8 @@ envoy_cc_library( srcs = ["filter.cc"], hdrs = ["filter.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -28,12 +28,10 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.network", - security_posture = "unknown", deps = [ ":filter", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/config:datasource_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", diff --git a/source/extensions/filters/network/direct_response/config.cc b/source/extensions/filters/network/direct_response/config.cc index ff680dc83571..d06d7521d1a2 100644 --- a/source/extensions/filters/network/direct_response/config.cc +++ b/source/extensions/filters/network/direct_response/config.cc @@ -3,11 +3,10 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/config/datasource.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/direct_response/filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/config/datasource.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/direct_response/filter.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/direct_response/filter.cc b/source/extensions/filters/network/direct_response/filter.cc index 25cc20206d15..78063c0624e6 100644 --- a/source/extensions/filters/network/direct_response/filter.cc +++ b/source/extensions/filters/network/direct_response/filter.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/direct_response/filter.h" +#include "source/extensions/filters/network/direct_response/filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/direct_response/filter.h b/source/extensions/filters/network/direct_response/filter.h index e87dd07ae018..ef6449ae0c0b 100644 --- a/source/extensions/filters/network/direct_response/filter.h +++ b/source/extensions/filters/network/direct_response/filter.h @@ -3,7 +3,7 @@ #include "envoy/network/connection.h" #include "envoy/network/filter.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/BUILD b/source/extensions/filters/network/dubbo_proxy/BUILD index e051679a29b6..a7373ce0534c 100644 --- a/source/extensions/filters/network/dubbo_proxy/BUILD +++ b/source/extensions/filters/network/dubbo_proxy/BUILD @@ -18,7 +18,7 @@ envoy_cc_library( "hessian2_codec_object_codec_lib", ], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/singleton:const_singleton", ], ) @@ -30,7 +30,7 @@ envoy_cc_library( ":message_lib", ":metadata_lib", ":serializer_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", @@ -43,7 +43,7 @@ envoy_cc_library( hdrs = ["dubbo_protocol_impl.h"], deps = [ ":protocol_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/singleton:const_singleton", ], ) @@ -58,8 +58,8 @@ envoy_cc_library( ":hessian_utils_lib", ":message_lib", ":metadata_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/config:typed_config_interface", + "//envoy/buffer:buffer_interface", + "//envoy/config:typed_config_interface", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", @@ -96,20 +96,16 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":conn_manager_lib", - "//include/envoy/registry", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/registry", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/common:utility_lib", "//source/common/config:utility_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/dubbo_proxy/filters:factory_base_lib", - "//source/extensions/filters/network/dubbo_proxy/filters:well_known_names", "//source/extensions/filters/network/dubbo_proxy/router:config", "//source/extensions/filters/network/dubbo_proxy/router:route_matcher", "//source/extensions/filters/network/dubbo_proxy/router:router_lib", @@ -149,8 +145,8 @@ envoy_cc_library( hdrs = ["decoder_event_handler.h"], deps = [ ":metadata_lib", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/buffer:buffer_lib", ], ) @@ -159,8 +155,8 @@ envoy_cc_library( name = "stats_lib", hdrs = ["stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", ], ) @@ -173,7 +169,7 @@ envoy_cc_library( ":metadata_lib", ":protocol_interface", ":serializer_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/buffer:buffer_lib", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", ], @@ -187,7 +183,7 @@ envoy_cc_library( ":metadata_lib", ":protocol_interface", ":serializer_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/extensions/filters/network/dubbo_proxy/filters:filter_interface", ], ) @@ -210,12 +206,12 @@ envoy_cc_library( ":dubbo_protocol_impl_lib", ":heartbeat_response_lib", ":stats_lib", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:assert_lib", diff --git a/source/extensions/filters/network/dubbo_proxy/active_message.cc b/source/extensions/filters/network/dubbo_proxy/active_message.cc index e0818cf76b18..8366759269ea 100644 --- a/source/extensions/filters/network/dubbo_proxy/active_message.cc +++ b/source/extensions/filters/network/dubbo_proxy/active_message.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/network/dubbo_proxy/active_message.h" +#include "source/extensions/filters/network/dubbo_proxy/active_message.h" -#include "common/stats/timespan_impl.h" - -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/conn_manager.h" +#include "source/common/stats/timespan_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/conn_manager.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/active_message.h b/source/extensions/filters/network/dubbo_proxy/active_message.h index 2870e8d501d7..9a043d8656d2 100644 --- a/source/extensions/filters/network/dubbo_proxy/active_message.h +++ b/source/extensions/filters/network/dubbo_proxy/active_message.h @@ -5,17 +5,16 @@ #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/filters/network/dubbo_proxy/decoder.h" -#include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" -#include "extensions/filters/network/dubbo_proxy/stats.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/extensions/filters/network/dubbo_proxy/stats.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/dubbo_proxy/app_exception.cc b/source/extensions/filters/network/dubbo_proxy/app_exception.cc index dc5a8a083012..88047298999f 100644 --- a/source/extensions/filters/network/dubbo_proxy/app_exception.cc +++ b/source/extensions/filters/network/dubbo_proxy/app_exception.cc @@ -1,8 +1,7 @@ -#include "extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/app_exception.h b/source/extensions/filters/network/dubbo_proxy/app_exception.h index 50419b57c680..2073392ead6d 100644 --- a/source/extensions/filters/network/dubbo_proxy/app_exception.h +++ b/source/extensions/filters/network/dubbo_proxy/app_exception.h @@ -2,12 +2,11 @@ #include "envoy/common/exception.h" -#include "common/common/utility.h" - -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/config.cc b/source/extensions/filters/network/dubbo_proxy/config.cc index 0a6f49492152..4743f7e06064 100644 --- a/source/extensions/filters/network/dubbo_proxy/config.cc +++ b/source/extensions/filters/network/dubbo_proxy/config.cc @@ -1,15 +1,13 @@ -#include "extensions/filters/network/dubbo_proxy/config.h" +#include "source/extensions/filters/network/dubbo_proxy/config.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/filters/network/dubbo_proxy/conn_manager.h" -#include "extensions/filters/network/dubbo_proxy/filters/factory_base.h" -#include "extensions/filters/network/dubbo_proxy/filters/well_known_names.h" -#include "extensions/filters/network/dubbo_proxy/stats.h" +#include "source/common/config/utility.h" +#include "source/extensions/filters/network/dubbo_proxy/conn_manager.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/factory_base.h" +#include "source/extensions/filters/network/dubbo_proxy/stats.h" #include "absl/container/flat_hash_map.h" @@ -110,7 +108,7 @@ ConfigImpl::ConfigImpl(const DubboProxyConfig& config, ENVOY_LOG(debug, "using default router filter"); envoy::extensions::filters::network::dubbo_proxy::v3::DubboFilter router_config; - router_config.set_name(DubboFilters::DubboFilterNames::get().ROUTER); + router_config.set_name("envoy.filters.dubbo.router"); registerFilter(router_config); } else { for (const auto& filter_config : config.dubbo_filters()) { diff --git a/source/extensions/filters/network/dubbo_proxy/config.h b/source/extensions/filters/network/dubbo_proxy/config.h index df04009a2b02..a3bfb453f8ff 100644 --- a/source/extensions/filters/network/dubbo_proxy/config.h +++ b/source/extensions/filters/network/dubbo_proxy/config.h @@ -5,12 +5,12 @@ #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/dubbo_proxy/conn_manager.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/router/route_matcher.h" -#include "extensions/filters/network/dubbo_proxy/router/router_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/dubbo_proxy/conn_manager.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/router/route_matcher.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/conn_manager.cc b/source/extensions/filters/network/dubbo_proxy/conn_manager.cc index a21f6350bcae..3e259a18a6cb 100644 --- a/source/extensions/filters/network/dubbo_proxy/conn_manager.cc +++ b/source/extensions/filters/network/dubbo_proxy/conn_manager.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/network/dubbo_proxy/conn_manager.h" +#include "source/extensions/filters/network/dubbo_proxy/conn_manager.h" #include #include "envoy/common/exception.h" -#include "common/common/fmt.h" - -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" -#include "extensions/filters/network/dubbo_proxy/heartbeat_response.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/heartbeat_response.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/conn_manager.h b/source/extensions/filters/network/dubbo_proxy/conn_manager.h index f09ebfa1ac54..827f74571f8f 100644 --- a/source/extensions/filters/network/dubbo_proxy/conn_manager.h +++ b/source/extensions/filters/network/dubbo_proxy/conn_manager.h @@ -9,15 +9,14 @@ #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/dubbo_proxy/active_message.h" -#include "extensions/filters/network/dubbo_proxy/decoder.h" -#include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" -#include "extensions/filters/network/dubbo_proxy/stats.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/dubbo_proxy/active_message.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/extensions/filters/network/dubbo_proxy/stats.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/decoder.cc b/source/extensions/filters/network/dubbo_proxy/decoder.cc index 3bd1e79097e2..8ffab1751d33 100644 --- a/source/extensions/filters/network/dubbo_proxy/decoder.cc +++ b/source/extensions/filters/network/dubbo_proxy/decoder.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/dubbo_proxy/decoder.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/decoder.h b/source/extensions/filters/network/dubbo_proxy/decoder.h index d180ba13e4e0..32d72f155c8f 100644 --- a/source/extensions/filters/network/dubbo_proxy/decoder.h +++ b/source/extensions/filters/network/dubbo_proxy/decoder.h @@ -2,12 +2,11 @@ #include "envoy/buffer/buffer.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h b/source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h index 0da2344ac123..8d5b0497d7d4 100644 --- a/source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h +++ b/source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h @@ -3,10 +3,9 @@ #include "envoy/common/pure.h" #include "envoy/network/filter.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.cc b/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.cc index 32572652625f..f9234ea5f322 100644 --- a/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.cc +++ b/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" #include "hessian2/object.hpp" diff --git a/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h b/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h index 0bdb7697d15c..c39fb51a0177 100644 --- a/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h +++ b/source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.cc b/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.cc index daaacfe2be4f..01d86199fc64 100644 --- a/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.cc +++ b/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" - -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h b/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h index 47d4bb0062f2..4422a49bc0fc 100644 --- a/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h +++ b/source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h @@ -1,6 +1,6 @@ #pragma once -#include "extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/filters/BUILD b/source/extensions/filters/network/dubbo_proxy/filters/BUILD index d2c9fd1ff03c..9a28cccf36c5 100644 --- a/source/extensions/filters/network/dubbo_proxy/filters/BUILD +++ b/source/extensions/filters/network/dubbo_proxy/filters/BUILD @@ -12,9 +12,9 @@ envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/stream_info:stream_info_interface", "//source/extensions/filters/network/dubbo_proxy:decoder_events_lib", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", "//source/extensions/filters/network/dubbo_proxy:protocol_interface", @@ -28,8 +28,8 @@ envoy_cc_library( hdrs = ["filter_config.h"], deps = [ ":filter_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:macros", "//source/common/protobuf:cc_wkt_protos", ], @@ -43,11 +43,3 @@ envoy_cc_library( "//source/common/protobuf:utility_lib", ], ) - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/filters/network/dubbo_proxy/filters/factory_base.h b/source/extensions/filters/network/dubbo_proxy/filters/factory_base.h index 4591ca9aac82..b00d669dec07 100644 --- a/source/extensions/filters/network/dubbo_proxy/filters/factory_base.h +++ b/source/extensions/filters/network/dubbo_proxy/filters/factory_base.h @@ -5,9 +5,8 @@ #include "envoy/common/pure.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/dubbo_proxy/filters/filter_config.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter_config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/filters/filter.h b/source/extensions/filters/network/dubbo_proxy/filters/filter.h index 7ff4cbf5a030..14324e48df23 100644 --- a/source/extensions/filters/network/dubbo_proxy/filters/filter.h +++ b/source/extensions/filters/network/dubbo_proxy/filters/filter.h @@ -8,12 +8,12 @@ #include "envoy/network/connection.h" #include "envoy/stream_info/stream_info.h" -#include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" -#include "extensions/filters/network/dubbo_proxy/message.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/filters/filter_config.h b/source/extensions/filters/network/dubbo_proxy/filters/filter_config.h index 2138d44bb062..9d1fa415baa4 100644 --- a/source/extensions/filters/network/dubbo_proxy/filters/filter_config.h +++ b/source/extensions/filters/network/dubbo_proxy/filters/filter_config.h @@ -6,10 +6,9 @@ #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" -#include "common/common/macros.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/filters/well_known_names.h b/source/extensions/filters/network/dubbo_proxy/filters/well_known_names.h deleted file mode 100644 index 45528e57e373..000000000000 --- a/source/extensions/filters/network/dubbo_proxy/filters/well_known_names.h +++ /dev/null @@ -1,29 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace NetworkFilters { -namespace DubboProxy { -namespace DubboFilters { - -/** - * Well-known Dubbo filter names. - * NOTE: New filters should use the well known name: envoy.filters.dubbo.name. - */ -class DubboFilterNameValues { -public: - // Router filter - const std::string ROUTER = "envoy.filters.dubbo.router"; -}; - -using DubboFilterNames = ConstSingleton; - -} // namespace DubboFilters -} // namespace DubboProxy -} // namespace NetworkFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/network/dubbo_proxy/heartbeat_response.cc b/source/extensions/filters/network/dubbo_proxy/heartbeat_response.cc index 69df071a3527..138c5646f884 100644 --- a/source/extensions/filters/network/dubbo_proxy/heartbeat_response.cc +++ b/source/extensions/filters/network/dubbo_proxy/heartbeat_response.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/dubbo_proxy/heartbeat_response.h" +#include "source/extensions/filters/network/dubbo_proxy/heartbeat_response.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/heartbeat_response.h b/source/extensions/filters/network/dubbo_proxy/heartbeat_response.h index 7c76f6c0d674..9164262c6679 100644 --- a/source/extensions/filters/network/dubbo_proxy/heartbeat_response.h +++ b/source/extensions/filters/network/dubbo_proxy/heartbeat_response.h @@ -1,9 +1,9 @@ #pragma once -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/hessian_utils.cc b/source/extensions/filters/network/dubbo_proxy/hessian_utils.cc index c75a7427c0c7..9ba4a958066b 100644 --- a/source/extensions/filters/network/dubbo_proxy/hessian_utils.cc +++ b/source/extensions/filters/network/dubbo_proxy/hessian_utils.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/message.h b/source/extensions/filters/network/dubbo_proxy/message.h index 3aa194a8c922..5f36d05b808b 100644 --- a/source/extensions/filters/network/dubbo_proxy/message.h +++ b/source/extensions/filters/network/dubbo_proxy/message.h @@ -5,7 +5,7 @@ #include "envoy/common/pure.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/dubbo_proxy/message_impl.cc b/source/extensions/filters/network/dubbo_proxy/message_impl.cc index 5e76711ee832..73f5e68e14c7 100644 --- a/source/extensions/filters/network/dubbo_proxy/message_impl.cc +++ b/source/extensions/filters/network/dubbo_proxy/message_impl.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/message_impl.h b/source/extensions/filters/network/dubbo_proxy/message_impl.h index 952cbb3dc5c8..2b9092d41c57 100644 --- a/source/extensions/filters/network/dubbo_proxy/message_impl.h +++ b/source/extensions/filters/network/dubbo_proxy/message_impl.h @@ -2,8 +2,8 @@ #include "envoy/http/header_map.h" -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" -#include "extensions/filters/network/dubbo_proxy/message.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/metadata.h b/source/extensions/filters/network/dubbo_proxy/metadata.h index 698b50283ec6..647c412d2cef 100644 --- a/source/extensions/filters/network/dubbo_proxy/metadata.h +++ b/source/extensions/filters/network/dubbo_proxy/metadata.h @@ -3,11 +3,10 @@ #include #include -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/dubbo_proxy/protocol.h b/source/extensions/filters/network/dubbo_proxy/protocol.h index 09f16d4420da..aa3d1192bd6c 100644 --- a/source/extensions/filters/network/dubbo_proxy/protocol.h +++ b/source/extensions/filters/network/dubbo_proxy/protocol.h @@ -5,14 +5,13 @@ #include "envoy/buffer/buffer.h" #include "envoy/config/typed_config.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/serializer.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/serializer.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/protocol_constants.h b/source/extensions/filters/network/dubbo_proxy/protocol_constants.h index e7b787831e37..6bad4ff29c0d 100644 --- a/source/extensions/filters/network/dubbo_proxy/protocol_constants.h +++ b/source/extensions/filters/network/dubbo_proxy/protocol_constants.h @@ -1,10 +1,9 @@ #pragma once -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" #include "absl/container/node_hash_map.h" diff --git a/source/extensions/filters/network/dubbo_proxy/router/BUILD b/source/extensions/filters/network/dubbo_proxy/router/BUILD index 4227ca25fcf5..70ef29adc01a 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/BUILD +++ b/source/extensions/filters/network/dubbo_proxy/router/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "router_interface", hdrs = ["router.h"], deps = [ - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", ], ) @@ -22,8 +22,8 @@ envoy_cc_library( hdrs = ["route.h"], deps = [ ":router_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", "//source/extensions/filters/network/dubbo_proxy:metadata_lib", @@ -38,7 +38,7 @@ envoy_cc_library( deps = [ ":route_matcher_interface", ":router_interface", - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", "//source/common/common:logger_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", @@ -57,10 +57,9 @@ envoy_cc_library( hdrs = ["config.h"], deps = [ ":router_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/filters/network/dubbo_proxy/filters:factory_base_lib", "//source/extensions/filters/network/dubbo_proxy/filters:filter_config_interface", - "//source/extensions/filters/network/dubbo_proxy/filters:well_known_names", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg_cc_proto", ], ) @@ -71,10 +70,10 @@ envoy_cc_library( hdrs = ["router_impl.h"], deps = [ ":router_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:thread_local_cluster_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:thread_local_cluster_interface", "//source/common/common:logger_lib", "//source/common/http:header_utility_lib", "//source/common/router:metadatamatchcriteria_lib", diff --git a/source/extensions/filters/network/dubbo_proxy/router/config.cc b/source/extensions/filters/network/dubbo_proxy/router/config.cc index b82e9bd02768..aa42bf55d378 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/config.cc +++ b/source/extensions/filters/network/dubbo_proxy/router/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/dubbo_proxy/router/config.h" +#include "source/extensions/filters/network/dubbo_proxy/router/config.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/network/dubbo_proxy/router/router_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router_impl.h" namespace Envoy { namespace Extensions { @@ -16,7 +16,7 @@ DubboFilters::FilterFactoryCb RouterFilterConfig::createFilterFactoryFromProtoTy const envoy::extensions::filters::network::dubbo_proxy::router::v3::Router&, const std::string&, Server::Configuration::FactoryContext& context) { return [&context](DubboFilters::FilterChainFactoryCallbacks& callbacks) -> void { - callbacks.addDecoderFilter(std::make_shared(context.clusterManager())); + callbacks.addFilter(std::make_shared(context.clusterManager())); }; } diff --git a/source/extensions/filters/network/dubbo_proxy/router/config.h b/source/extensions/filters/network/dubbo_proxy/router/config.h index 2406514fdca3..d63ea9d7c0aa 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/config.h +++ b/source/extensions/filters/network/dubbo_proxy/router/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.validate.h" -#include "extensions/filters/network/dubbo_proxy/filters/factory_base.h" -#include "extensions/filters/network/dubbo_proxy/filters/well_known_names.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ class RouterFilterConfig : public DubboFilters::FactoryBase< envoy::extensions::filters::network::dubbo_proxy::router::v3::Router> { public: - RouterFilterConfig() : FactoryBase(DubboFilters::DubboFilterNames::get().ROUTER) {} + RouterFilterConfig() : FactoryBase("envoy.filters.dubbo.router") {} private: DubboFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/network/dubbo_proxy/router/route.h b/source/extensions/filters/network/dubbo_proxy/router/route.h index 247cdf480f16..f4346afda93b 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/route.h +++ b/source/extensions/filters/network/dubbo_proxy/router/route.h @@ -8,11 +8,10 @@ #include "envoy/router/router.h" #include "envoy/server/filter_config.h" -#include "common/config/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/router/route_matcher.cc b/source/extensions/filters/network/dubbo_proxy/router/route_matcher.cc index 7a5f5d26f944..904d7d1eb77b 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/route_matcher.cc +++ b/source/extensions/filters/network/dubbo_proxy/router/route_matcher.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/dubbo_proxy/router/route_matcher.h" +#include "source/extensions/filters/network/dubbo_proxy/router/route_matcher.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/router/route_matcher.h b/source/extensions/filters/network/dubbo_proxy/router/route_matcher.h index 79ab71db3b13..1a36230b8c5b 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/route_matcher.h +++ b/source/extensions/filters/network/dubbo_proxy/router/route_matcher.h @@ -8,15 +8,14 @@ #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" #include "envoy/type/v3/range.pb.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/http/header_utility.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/router/route.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/http/header_utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/router/route.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/dubbo_proxy/router/router.h b/source/extensions/filters/network/dubbo_proxy/router/router.h index 37887be6058d..e9f2ce15374d 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/router.h +++ b/source/extensions/filters/network/dubbo_proxy/router/router.h @@ -5,7 +5,7 @@ #include "envoy/router/router.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/dubbo_proxy/router/router_impl.cc b/source/extensions/filters/network/dubbo_proxy/router/router_impl.cc index 17e57fd49989..4c64decc03bd 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/router_impl.cc +++ b/source/extensions/filters/network/dubbo_proxy/router/router_impl.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/dubbo_proxy/router/router_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router_impl.h" #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" namespace Envoy { namespace Extensions { @@ -65,9 +65,8 @@ FilterStatus Router::onMessageDecoded(MessageMetadataSharedPtr metadata, Context return FilterStatus::StopIteration; } - Tcp::ConnectionPool::Instance* conn_pool = - cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); - if (!conn_pool) { + auto conn_pool_data = cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); + if (!conn_pool_data) { callbacks_->sendLocalReply( AppException( ResponseStatus::ServerError, @@ -112,11 +111,53 @@ FilterStatus Router::onMessageDecoded(MessageMetadataSharedPtr metadata, Context upstream_request_buffer_.move(ctx->originMessage(), ctx->messageSize()); } - upstream_request_ = std::make_unique( - *this, *conn_pool, metadata, callbacks_->serializationType(), callbacks_->protocolType()); + upstream_request_ = std::make_unique(*this, *conn_pool_data, metadata, + callbacks_->serializationType(), + callbacks_->protocolType()); return upstream_request_->start(); } +void Router::setEncoderFilterCallbacks(DubboFilters::EncoderFilterCallbacks& callbacks) { + encoder_callbacks_ = &callbacks; +} + +FilterStatus Router::onMessageEncoded(MessageMetadataSharedPtr metadata, ContextSharedPtr) { + if (!metadata->hasResponseStatus() || upstream_request_ == nullptr) { + return FilterStatus::Continue; + } + + ENVOY_STREAM_LOG(trace, "dubbo router: response status: {}", *encoder_callbacks_, + metadata->responseStatus()); + + switch (metadata->responseStatus()) { + case ResponseStatus::Ok: + if (metadata->messageType() == MessageType::Exception) { + upstream_request_->upstream_host_->outlierDetector().putResult( + Upstream::Outlier::Result::ExtOriginRequestFailed); + } else { + upstream_request_->upstream_host_->outlierDetector().putResult( + Upstream::Outlier::Result::ExtOriginRequestSuccess); + } + break; + case ResponseStatus::ServerTimeout: + upstream_request_->upstream_host_->outlierDetector().putResult( + Upstream::Outlier::Result::LocalOriginTimeout); + break; + case ResponseStatus::ServiceError: + FALLTHRU; + case ResponseStatus::ServerError: + FALLTHRU; + case ResponseStatus::ServerThreadpoolExhaustedError: + upstream_request_->upstream_host_->outlierDetector().putResult( + Upstream::Outlier::Result::ExtOriginRequestFailed); + break; + default: + break; + } + + return FilterStatus::Continue; +} + void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { ASSERT(!upstream_request_->response_complete_); @@ -168,6 +209,8 @@ void Router::onEvent(Network::ConnectionEvent event) { switch (event) { case Network::ConnectionEvent::RemoteClose: upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::RemoteConnectionFailure); + upstream_request_->upstream_host_->outlierDetector().putResult( + Upstream::Outlier::Result::LocalOriginConnectFailed); break; case Network::ConnectionEvent::LocalClose: upstream_request_->onResetStream(ConnectionPool::PoolFailureReason::LocalConnectionFailure); @@ -188,11 +231,11 @@ void Router::cleanup() { } } -Router::UpstreamRequest::UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, +Router::UpstreamRequest::UpstreamRequest(Router& parent, Upstream::TcpPoolData& pool_data, MessageMetadataSharedPtr& metadata, SerializationType serialization_type, ProtocolType protocol_type) - : parent_(parent), conn_pool_(pool), metadata_(metadata), + : parent_(parent), conn_pool_data_(pool_data), metadata_(metadata), protocol_( NamedProtocolConfigFactory::getFactory(protocol_type).createProtocol(serialization_type)), request_complete_(false), response_started_(false), response_complete_(false), @@ -201,7 +244,7 @@ Router::UpstreamRequest::UpstreamRequest(Router& parent, Tcp::ConnectionPool::In Router::UpstreamRequest::~UpstreamRequest() = default; FilterStatus Router::UpstreamRequest::start() { - Tcp::ConnectionPool::Cancellable* handle = conn_pool_.newConnection(*this); + Tcp::ConnectionPool::Cancellable* handle = conn_pool_data_.newConnection(*this); if (handle) { // Pause while we wait for a connection. conn_pool_handle_ = handle; @@ -238,6 +281,7 @@ void Router::UpstreamRequest::encodeData(Buffer::Instance& data) { } void Router::UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view, Upstream::HostDescriptionConstSharedPtr host) { conn_pool_handle_ = nullptr; @@ -254,6 +298,11 @@ void Router::UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason re if (reason == ConnectionPool::PoolFailureReason::Timeout || reason == ConnectionPool::PoolFailureReason::LocalConnectionFailure || reason == ConnectionPool::PoolFailureReason::RemoteConnectionFailure) { + if (reason == ConnectionPool::PoolFailureReason::Timeout) { + host->outlierDetector().putResult(Upstream::Outlier::Result::LocalOriginTimeout); + } else if (reason == ConnectionPool::PoolFailureReason::RemoteConnectionFailure) { + host->outlierDetector().putResult(Upstream::Outlier::Result::LocalOriginConnectFailed); + } parent_.callbacks_->continueDecoding(); } } @@ -266,6 +315,8 @@ void Router::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr bool continue_decoding = conn_pool_handle_ != nullptr; onUpstreamHostSelected(host); + host->outlierDetector().putResult(Upstream::Outlier::Result::LocalOriginConnectSuccess); + conn_data_ = std::move(conn_data); conn_data_->addUpstreamCallbacks(parent_); conn_pool_handle_ = nullptr; diff --git a/source/extensions/filters/network/dubbo_proxy/router/router_impl.h b/source/extensions/filters/network/dubbo_proxy/router/router_impl.h index 84a746d1f8a9..c67b7ab77871 100644 --- a/source/extensions/filters/network/dubbo_proxy/router/router_impl.h +++ b/source/extensions/filters/network/dubbo_proxy/router/router_impl.h @@ -6,11 +6,10 @@ #include "envoy/buffer/buffer.h" #include "envoy/tcp/conn_pool.h" -#include "common/common/logger.h" -#include "common/upstream/load_balancer_impl.h" - -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/common/common/logger.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" namespace Envoy { namespace Extensions { @@ -20,7 +19,7 @@ namespace Router { class Router : public Tcp::ConnectionPool::UpstreamCallbacks, public Upstream::LoadBalancerContextBase, - public DubboFilters::DecoderFilter, + public DubboFilters::CodecFilter, Logger::Loggable { public: Router(Upstream::ClusterManager& cluster_manager) : cluster_manager_(cluster_manager) {} @@ -32,6 +31,10 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, FilterStatus onMessageDecoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) override; + // DubboFilter::EncoderFilter + void setEncoderFilterCallbacks(DubboFilters::EncoderFilterCallbacks& callbacks) override; + FilterStatus onMessageEncoded(MessageMetadataSharedPtr metadata, ContextSharedPtr ctx) override; + // Upstream::LoadBalancerContextBase const Envoy::Router::MetadataMatchCriteria* metadataMatchCriteria() override { return nullptr; } const Network::Connection* downstreamConnection() const override; @@ -47,7 +50,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, private: struct UpstreamRequest : public Tcp::ConnectionPool::Callbacks { - UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, + UpstreamRequest(Router& parent, Upstream::TcpPoolData& pool_data, MessageMetadataSharedPtr& metadata, SerializationType serialization_type, ProtocolType protocol_type); ~UpstreamRequest() override; @@ -58,6 +61,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) override; @@ -69,7 +73,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, void onResetStream(ConnectionPool::PoolFailureReason reason); Router& parent_; - Tcp::ConnectionPool::Instance& conn_pool_; + Upstream::TcpPoolData conn_pool_data_; MessageMetadataSharedPtr metadata_; Tcp::ConnectionPool::Cancellable* conn_pool_handle_{}; @@ -89,6 +93,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, Upstream::ClusterManager& cluster_manager_; DubboFilters::DecoderFilterCallbacks* callbacks_{}; + DubboFilters::EncoderFilterCallbacks* encoder_callbacks_{}; RouteConstSharedPtr route_{}; const RouteEntry* route_entry_{}; Upstream::ClusterInfoConstSharedPtr cluster_; diff --git a/source/extensions/filters/network/dubbo_proxy/serializer.h b/source/extensions/filters/network/dubbo_proxy/serializer.h index 8b12ccd43dc4..753c49b0fb2d 100644 --- a/source/extensions/filters/network/dubbo_proxy/serializer.h +++ b/source/extensions/filters/network/dubbo_proxy/serializer.h @@ -5,13 +5,12 @@ #include "envoy/buffer/buffer.h" #include "envoy/config/typed_config.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/dubbo_proxy/message.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" -#include "extensions/filters/network/dubbo_proxy/protocol_constants.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/dubbo_proxy/message.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/echo/BUILD b/source/extensions/filters/network/echo/BUILD index 68270a5dd5e2..e0a91ea30b2c 100644 --- a/source/extensions/filters/network/echo/BUILD +++ b/source/extensions/filters/network/echo/BUILD @@ -17,9 +17,9 @@ envoy_cc_library( srcs = ["echo.cc"], hdrs = ["echo.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], @@ -28,16 +28,14 @@ envoy_cc_library( envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.filters.network", # TODO(#9953) move echo integration test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "unknown", deps = [ ":echo", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/echo/v3:pkg_cc_proto", diff --git a/source/extensions/filters/network/echo/config.cc b/source/extensions/filters/network/echo/config.cc index 119b1252d893..f15984e24199 100644 --- a/source/extensions/filters/network/echo/config.cc +++ b/source/extensions/filters/network/echo/config.cc @@ -3,9 +3,9 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/echo/echo.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/echo/echo.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/echo/echo.cc b/source/extensions/filters/network/echo/echo.cc index 60baf5f694bd..674e16245051 100644 --- a/source/extensions/filters/network/echo/echo.cc +++ b/source/extensions/filters/network/echo/echo.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/echo/echo.h" +#include "source/extensions/filters/network/echo/echo.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/echo/echo.h b/source/extensions/filters/network/echo/echo.h index 64957aa82783..7d51e2b294aa 100644 --- a/source/extensions/filters/network/echo/echo.h +++ b/source/extensions/filters/network/echo/echo.h @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ext_authz/BUILD b/source/extensions/filters/network/ext_authz/BUILD index 391fe6e21d72..ec33b570f98b 100644 --- a/source/extensions/filters/network/ext_authz/BUILD +++ b/source/extensions/filters/network/ext_authz/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( srcs = ["ext_authz.cc"], hdrs = ["ext_authz.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_macros", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/common:matchers_lib", "//source/common/tracing:http_tracer_lib", @@ -37,10 +37,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/filters/network:well_known_names", diff --git a/source/extensions/filters/network/ext_authz/config.cc b/source/extensions/filters/network/ext_authz/config.cc index 65e852f6a181..a8447f45342a 100644 --- a/source/extensions/filters/network/ext_authz/config.cc +++ b/source/extensions/filters/network/ext_authz/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/ext_authz/config.h" +#include "source/extensions/filters/network/ext_authz/config.h" #include #include @@ -9,12 +9,11 @@ #include "envoy/network/connection.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/common/ext_authz/ext_authz.h" -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" -#include "extensions/filters/network/ext_authz/ext_authz.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/extensions/filters/network/ext_authz/ext_authz.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ext_authz/config.h b/source/extensions/filters/network/ext_authz/config.h index 84ff872df5b9..17dc86e184a2 100644 --- a/source/extensions/filters/network/ext_authz/config.h +++ b/source/extensions/filters/network/ext_authz/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.h" #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ext_authz/ext_authz.cc b/source/extensions/filters/network/ext_authz/ext_authz.cc index f19cd3bb0eb9..7b187472a354 100644 --- a/source/extensions/filters/network/ext_authz/ext_authz.cc +++ b/source/extensions/filters/network/ext_authz/ext_authz.cc @@ -1,14 +1,13 @@ -#include "extensions/filters/network/ext_authz/ext_authz.h" +#include "source/extensions/filters/network/ext_authz/ext_authz.h" #include #include #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ext_authz/ext_authz.h b/source/extensions/filters/network/ext_authz/ext_authz.h index 89aa7b36892d..d055d493f524 100644 --- a/source/extensions/filters/network/ext_authz/ext_authz.h +++ b/source/extensions/filters/network/ext_authz/ext_authz.h @@ -14,10 +14,9 @@ #include "envoy/stats/stats_macros.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/matchers.h" - -#include "extensions/filters/common/ext_authz/ext_authz.h" -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/common/common/matchers.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/http_connection_manager/BUILD b/source/extensions/filters/network/http_connection_manager/BUILD index c2c6a19c2e94..5751aa396784 100644 --- a/source/extensions/filters/network/http_connection_manager/BUILD +++ b/source/extensions/filters/network/http_connection_manager/BUILD @@ -18,23 +18,21 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ ":dependency_manager", - "//include/envoy/config:config_provider_manager_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/http:original_ip_detection_interface", - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/registry", - "//include/envoy/router:route_config_provider_manager_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:options_interface", - "//include/envoy/stats:stats_interface", + "//envoy/config:config_provider_manager_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/http:codec_interface", + "//envoy/http:filter_interface", + "//envoy/http:original_ip_detection_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/registry", + "//envoy/router:route_config_provider_manager_interface", + "//envoy/server:admin_interface", + "//envoy/server:options_interface", + "//envoy/stats:stats_interface", "//source/common/access_log:access_log_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", diff --git a/source/extensions/filters/network/http_connection_manager/config.cc b/source/extensions/filters/network/http_connection_manager/config.cc index 67003b945d6c..c30836230797 100644 --- a/source/extensions/filters/network/http_connection_manager/config.cc +++ b/source/extensions/filters/network/http_connection_manager/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/http_connection_manager/config.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" #include #include @@ -17,31 +17,31 @@ #include "envoy/type/tracing/v3/custom_tag.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/access_log/access_log_impl.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/filter/http/filter_config_discovery_impl.h" -#include "common/http/conn_manager_config.h" -#include "common/http/conn_manager_utility.h" -#include "common/http/default_server_string.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http1/settings.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/request_id_extension_impl.h" -#include "common/http/utility.h" -#include "common/local_reply/local_reply.h" -#include "common/protobuf/utility.h" -#include "common/router/rds_impl.h" -#include "common/router/scoped_rds.h" -#include "common/runtime/runtime_impl.h" -#include "common/tracing/http_tracer_manager_impl.h" -#include "common/tracing/tracer_config_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/filter/http/filter_config_discovery_impl.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/conn_manager_utility.h" +#include "source/common/http/default_server_string.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http1/settings.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/request_id_extension_impl.h" +#include "source/common/http/utility.h" +#include "source/common/local_reply/local_reply.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/rds_impl.h" +#include "source/common/router/scoped_rds.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/tracing/http_tracer_manager_impl.h" +#include "source/common/tracing/tracer_config_impl.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/codec_impl.h" +#include "source/common/quic/codec_impl.h" #endif -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" namespace Envoy { namespace Extensions { @@ -307,7 +307,8 @@ HttpConnectionManagerConfig::HttpConnectionManagerConfig( headers_with_underscores_action_( config.common_http_protocol_options().headers_with_underscores_action()), local_reply_(LocalReply::Factory::create(config.local_reply_config(), context)), - path_with_escaped_slashes_action_(getPathWithEscapedSlashesAction(config, context)) { + path_with_escaped_slashes_action_(getPathWithEscapedSlashesAction(config, context)), + strip_trailing_host_dot_(config.strip_trailing_host_dot()) { // If idle_timeout_ was not configured in common_http_protocol_options, use value in deprecated // idle_timeout field. // TODO(asraa): Remove when idle_timeout is removed. diff --git a/source/extensions/filters/network/http_connection_manager/config.h b/source/extensions/filters/network/http_connection_manager/config.h index b98629ee8ecc..b2b8ae2a9e27 100644 --- a/source/extensions/filters/network/http_connection_manager/config.h +++ b/source/extensions/filters/network/http_connection_manager/config.h @@ -18,22 +18,21 @@ #include "envoy/router/route_config_provider_manager.h" #include "envoy/tracing/http_tracer_manager.h" -#include "common/common/logger.h" -#include "common/http/conn_manager_config.h" -#include "common/http/conn_manager_impl.h" -#include "common/http/date_provider_impl.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/http3/codec_stats.h" -#include "common/json/json_loader.h" -#include "common/local_reply/local_reply.h" -#include "common/router/rds_impl.h" -#include "common/router/scoped_rds.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/http_connection_manager/dependency_manager.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/logger.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/http3/codec_stats.h" +#include "source/common/json/json_loader.h" +#include "source/common/local_reply/local_reply.h" +#include "source/common/router/rds_impl.h" +#include "source/common/router/scoped_rds.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/http_connection_manager/dependency_manager.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { @@ -175,6 +174,7 @@ class HttpConnectionManagerConfig : Logger::Loggable, const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return normalize_path_; } bool shouldMergeSlashes() const override { return merge_slashes_; } + bool shouldStripTrailingHostDot() const override { return strip_trailing_host_dot_; } Http::StripPortType stripPortType() const override { return strip_port_type_; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const override { @@ -283,6 +283,7 @@ class HttpConnectionManagerConfig : Logger::Loggable, static const uint64_t RequestHeaderTimeoutMs = 0; const envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: PathWithEscapedSlashesAction path_with_escaped_slashes_action_; + const bool strip_trailing_host_dot_; }; /** diff --git a/source/extensions/filters/network/http_connection_manager/dependency_manager.cc b/source/extensions/filters/network/http_connection_manager/dependency_manager.cc index d84e117557f7..526fa46d6062 100644 --- a/source/extensions/filters/network/http_connection_manager/dependency_manager.cc +++ b/source/extensions/filters/network/http_connection_manager/dependency_manager.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/http_connection_manager/dependency_manager.h" +#include "source/extensions/filters/network/http_connection_manager/dependency_manager.h" #include "absl/container/flat_hash_set.h" #include "absl/strings/substitute.h" diff --git a/source/extensions/filters/network/kafka/BUILD b/source/extensions/filters/network/kafka/BUILD index 01c31e63cc9f..a6f2677a6075 100644 --- a/source/extensions/filters/network/kafka/BUILD +++ b/source/extensions/filters/network/kafka/BUILD @@ -18,9 +18,6 @@ envoy_cc_extension( name = "kafka_broker_config_lib", srcs = ["broker/config.cc"], hdrs = ["broker/config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", - status = "wip", deps = [ ":kafka_broker_filter_lib", "//source/extensions/filters/network:well_known_names", @@ -40,9 +37,9 @@ envoy_cc_library( deps = [ ":kafka_request_codec_lib", ":kafka_response_codec_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], @@ -229,7 +226,7 @@ envoy_cc_library( ], deps = [ ":kafka_types_lib", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:byte_order_lib", "//source/common/common:safe_memcpy_lib", ], diff --git a/source/extensions/filters/network/kafka/broker/config.cc b/source/extensions/filters/network/kafka/broker/config.cc index a90922243f14..5e8620728f66 100644 --- a/source/extensions/filters/network/kafka/broker/config.cc +++ b/source/extensions/filters/network/kafka/broker/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/kafka/broker/config.h" +#include "source/extensions/filters/network/kafka/broker/config.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" #include "envoy/stats/scope.h" -#include "extensions/filters/network/kafka/broker/filter.h" +#include "source/extensions/filters/network/kafka/broker/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/broker/config.h b/source/extensions/filters/network/kafka/broker/config.h index 38fb1e01861e..62ed619aedec 100644 --- a/source/extensions/filters/network/kafka/broker/config.h +++ b/source/extensions/filters/network/kafka/broker/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.pb.h" #include "envoy/extensions/filters/network/kafka_broker/v3/kafka_broker.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/broker/filter.cc b/source/extensions/filters/network/kafka/broker/filter.cc index e55f4f1b29ba..88427ea6f35d 100644 --- a/source/extensions/filters/network/kafka/broker/filter.cc +++ b/source/extensions/filters/network/kafka/broker/filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/broker/filter.h" +#include "source/extensions/filters/network/kafka/broker/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/broker/filter.h b/source/extensions/filters/network/kafka/broker/filter.h index dc2c4eef3990..57c63de0dcf0 100644 --- a/source/extensions/filters/network/kafka/broker/filter.h +++ b/source/extensions/filters/network/kafka/broker/filter.h @@ -3,13 +3,12 @@ #include "envoy/network/filter.h" #include "envoy/stats/scope.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/kafka/external/request_metrics.h" -#include "extensions/filters/network/kafka/external/response_metrics.h" -#include "extensions/filters/network/kafka/parser.h" -#include "extensions/filters/network/kafka/request_codec.h" -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/kafka/external/request_metrics.h" +#include "source/extensions/filters/network/kafka/external/response_metrics.h" +#include "source/extensions/filters/network/kafka/parser.h" +#include "source/extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/response_codec.h" #include "absl/container/flat_hash_map.h" diff --git a/source/extensions/filters/network/kafka/kafka_request.h b/source/extensions/filters/network/kafka/kafka_request.h index ff9f57282af3..3c9cc414083e 100644 --- a/source/extensions/filters/network/kafka/kafka_request.h +++ b/source/extensions/filters/network/kafka/kafka_request.h @@ -2,9 +2,9 @@ #include "envoy/common/exception.h" -#include "extensions/filters/network/kafka/external/serialization_composite.h" -#include "extensions/filters/network/kafka/serialization.h" -#include "extensions/filters/network/kafka/tagged_fields.h" +#include "source/extensions/filters/network/kafka/external/serialization_composite.h" +#include "source/extensions/filters/network/kafka/serialization.h" +#include "source/extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/kafka_request_parser.cc b/source/extensions/filters/network/kafka/kafka_request_parser.cc index 811c051182c3..c713dad186a3 100644 --- a/source/extensions/filters/network/kafka/kafka_request_parser.cc +++ b/source/extensions/filters/network/kafka/kafka_request_parser.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/kafka_request_parser.h" +#include "source/extensions/filters/network/kafka/kafka_request_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/kafka_request_parser.h b/source/extensions/filters/network/kafka/kafka_request_parser.h index 15d304b8d187..8afdc769de08 100644 --- a/source/extensions/filters/network/kafka/kafka_request_parser.h +++ b/source/extensions/filters/network/kafka/kafka_request_parser.h @@ -4,11 +4,10 @@ #include "envoy/common/exception.h" -#include "common/common/assert.h" - -#include "extensions/filters/network/kafka/kafka_request.h" -#include "extensions/filters/network/kafka/parser.h" -#include "extensions/filters/network/kafka/tagged_fields.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/network/kafka/kafka_request.h" +#include "source/extensions/filters/network/kafka/parser.h" +#include "source/extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/kafka_response.h b/source/extensions/filters/network/kafka/kafka_response.h index e53ae70de0da..805d46defb69 100644 --- a/source/extensions/filters/network/kafka/kafka_response.h +++ b/source/extensions/filters/network/kafka/kafka_response.h @@ -1,8 +1,8 @@ #pragma once -#include "extensions/filters/network/kafka/external/serialization_composite.h" -#include "extensions/filters/network/kafka/serialization.h" -#include "extensions/filters/network/kafka/tagged_fields.h" +#include "source/extensions/filters/network/kafka/external/serialization_composite.h" +#include "source/extensions/filters/network/kafka/serialization.h" +#include "source/extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/kafka_response_parser.cc b/source/extensions/filters/network/kafka/kafka_response_parser.cc index 3adbb1b28777..dc0a8a9b1f98 100644 --- a/source/extensions/filters/network/kafka/kafka_response_parser.cc +++ b/source/extensions/filters/network/kafka/kafka_response_parser.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/kafka_response_parser.h" +#include "source/extensions/filters/network/kafka/kafka_response_parser.h" #include "absl/strings/str_cat.h" diff --git a/source/extensions/filters/network/kafka/kafka_response_parser.h b/source/extensions/filters/network/kafka/kafka_response_parser.h index 428511bac592..ab3fd2d66b1d 100644 --- a/source/extensions/filters/network/kafka/kafka_response_parser.h +++ b/source/extensions/filters/network/kafka/kafka_response_parser.h @@ -3,9 +3,9 @@ #include #include -#include "extensions/filters/network/kafka/kafka_response.h" -#include "extensions/filters/network/kafka/parser.h" -#include "extensions/filters/network/kafka/tagged_fields.h" +#include "source/extensions/filters/network/kafka/kafka_response.h" +#include "source/extensions/filters/network/kafka/parser.h" +#include "source/extensions/filters/network/kafka/tagged_fields.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/parser.h b/source/extensions/filters/network/kafka/parser.h index f131a3242659..a9cb67458be7 100644 --- a/source/extensions/filters/network/kafka/parser.h +++ b/source/extensions/filters/network/kafka/parser.h @@ -2,7 +2,7 @@ #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/kafka/protocol/kafka_request_resolver_cc.j2 b/source/extensions/filters/network/kafka/protocol/kafka_request_resolver_cc.j2 index d82c23864fd7..0d2da9aaa7c5 100644 --- a/source/extensions/filters/network/kafka/protocol/kafka_request_resolver_cc.j2 +++ b/source/extensions/filters/network/kafka/protocol/kafka_request_resolver_cc.j2 @@ -3,9 +3,9 @@ Defines default Kafka request resolver, that uses request parsers in (also generated) 'requests.h'. #} -#include "extensions/filters/network/kafka/external/requests.h" -#include "extensions/filters/network/kafka/kafka_request_parser.h" -#include "extensions/filters/network/kafka/parser.h" +#include "source/extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/kafka_request_parser.h" +#include "source/extensions/filters/network/kafka/parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/protocol/kafka_response_resolver_cc.j2 b/source/extensions/filters/network/kafka/protocol/kafka_response_resolver_cc.j2 index b89df698a5d7..0256e370dca6 100644 --- a/source/extensions/filters/network/kafka/protocol/kafka_response_resolver_cc.j2 +++ b/source/extensions/filters/network/kafka/protocol/kafka_response_resolver_cc.j2 @@ -3,8 +3,8 @@ Defines default Kafka response resolver, that uses response parsers in (also generated) 'responses.h'. #} -#include "extensions/filters/network/kafka/external/responses.h" -#include "extensions/filters/network/kafka/kafka_response_parser.h" +#include "source/extensions/filters/network/kafka/external/responses.h" +#include "source/extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/protocol/requests_h.j2 b/source/extensions/filters/network/kafka/protocol/requests_h.j2 index ff85d19410d0..e6b4fd42976c 100644 --- a/source/extensions/filters/network/kafka/protocol/requests_h.j2 +++ b/source/extensions/filters/network/kafka/protocol/requests_h.j2 @@ -22,8 +22,8 @@ (because partition data is present in every FetchRequestTopic version). #} #pragma once -#include "extensions/filters/network/kafka/kafka_request.h" -#include "extensions/filters/network/kafka/kafka_request_parser.h" +#include "source/extensions/filters/network/kafka/kafka_request.h" +#include "source/extensions/filters/network/kafka/kafka_request_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/protocol/responses_h.j2 b/source/extensions/filters/network/kafka/protocol/responses_h.j2 index d7a3d6a63391..099e6c014c03 100644 --- a/source/extensions/filters/network/kafka/protocol/responses_h.j2 +++ b/source/extensions/filters/network/kafka/protocol/responses_h.j2 @@ -23,8 +23,8 @@ - AbortedTransaction & its Deserializers (starting with version 4). #} #pragma once -#include "extensions/filters/network/kafka/kafka_response.h" -#include "extensions/filters/network/kafka/kafka_response_parser.h" +#include "source/extensions/filters/network/kafka/kafka_response.h" +#include "source/extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/request_codec.cc b/source/extensions/filters/network/kafka/request_codec.cc index 398f0116131c..f389cecad74b 100644 --- a/source/extensions/filters/network/kafka/request_codec.cc +++ b/source/extensions/filters/network/kafka/request_codec.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/request_codec.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/kafka/request_codec.h b/source/extensions/filters/network/kafka/request_codec.h index 1c69637029ae..07fa4b2b90e0 100644 --- a/source/extensions/filters/network/kafka/request_codec.h +++ b/source/extensions/filters/network/kafka/request_codec.h @@ -3,10 +3,10 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" -#include "extensions/filters/network/kafka/codec.h" -#include "extensions/filters/network/kafka/kafka_request.h" -#include "extensions/filters/network/kafka/kafka_request_parser.h" -#include "extensions/filters/network/kafka/parser.h" +#include "source/extensions/filters/network/kafka/codec.h" +#include "source/extensions/filters/network/kafka/kafka_request.h" +#include "source/extensions/filters/network/kafka/kafka_request_parser.h" +#include "source/extensions/filters/network/kafka/parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/response_codec.cc b/source/extensions/filters/network/kafka/response_codec.cc index 8c41f407da8e..ccde039bb951 100644 --- a/source/extensions/filters/network/kafka/response_codec.cc +++ b/source/extensions/filters/network/kafka/response_codec.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/extensions/filters/network/kafka/response_codec.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/response_codec.h b/source/extensions/filters/network/kafka/response_codec.h index 767426c4b7df..688defdc75b1 100644 --- a/source/extensions/filters/network/kafka/response_codec.h +++ b/source/extensions/filters/network/kafka/response_codec.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/network/kafka/codec.h" -#include "extensions/filters/network/kafka/kafka_response_parser.h" +#include "source/extensions/filters/network/kafka/codec.h" +#include "source/extensions/filters/network/kafka/kafka_response_parser.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/serialization.cc b/source/extensions/filters/network/kafka/serialization.cc index 1f1d2643f3a8..f34f6b0d652a 100644 --- a/source/extensions/filters/network/kafka/serialization.cc +++ b/source/extensions/filters/network/kafka/serialization.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/serialization.h" +#include "source/extensions/filters/network/kafka/serialization.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/kafka/serialization.h b/source/extensions/filters/network/kafka/serialization.h index 6e2fe85f145b..cab81a0acf23 100644 --- a/source/extensions/filters/network/kafka/serialization.h +++ b/source/extensions/filters/network/kafka/serialization.h @@ -9,12 +9,11 @@ #include "envoy/common/exception.h" #include "envoy/common/pure.h" -#include "common/common/byte_order.h" -#include "common/common/fmt.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" - -#include "extensions/filters/network/kafka/kafka_types.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/fmt.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/network/kafka/kafka_types.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/kafka/serialization/serialization_composite_h.j2 b/source/extensions/filters/network/kafka/serialization/serialization_composite_h.j2 index 83a7be7a25f3..0f4e7065c41c 100644 --- a/source/extensions/filters/network/kafka/serialization/serialization_composite_h.j2 +++ b/source/extensions/filters/network/kafka/serialization/serialization_composite_h.j2 @@ -16,11 +16,11 @@ #include "envoy/common/exception.h" #include "envoy/common/pure.h" -#include "common/common/byte_order.h" -#include "common/common/fmt.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/fmt.h" -#include "extensions/filters/network/kafka/kafka_types.h" -#include "extensions/filters/network/kafka/serialization.h" +#include "source/extensions/filters/network/kafka/kafka_types.h" +#include "source/extensions/filters/network/kafka/serialization.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/kafka/tagged_fields.h b/source/extensions/filters/network/kafka/tagged_fields.h index 0678d9053f32..6ace5ce2fcca 100644 --- a/source/extensions/filters/network/kafka/tagged_fields.h +++ b/source/extensions/filters/network/kafka/tagged_fields.h @@ -2,7 +2,7 @@ #include -#include "extensions/filters/network/kafka/serialization.h" +#include "source/extensions/filters/network/kafka/serialization.h" /** * This header file provides serialization support for tagged fields structure added in 2.4. diff --git a/source/extensions/filters/network/local_ratelimit/BUILD b/source/extensions/filters/network/local_ratelimit/BUILD index 6e10aaff1de3..9bcc59be6883 100644 --- a/source/extensions/filters/network/local_ratelimit/BUILD +++ b/source/extensions/filters/network/local_ratelimit/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( srcs = ["local_ratelimit.cc"], hdrs = ["local_ratelimit.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_macros", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_macros", "//source/common/protobuf:utility_lib", "//source/common/runtime:runtime_lib", "//source/extensions/filters/common/local_ratelimit:local_ratelimit_lib", @@ -33,8 +33,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", deps = [ "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", diff --git a/source/extensions/filters/network/local_ratelimit/config.cc b/source/extensions/filters/network/local_ratelimit/config.cc index e8b7e05d3d68..e9d2c907bd10 100644 --- a/source/extensions/filters/network/local_ratelimit/config.cc +++ b/source/extensions/filters/network/local_ratelimit/config.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/local_ratelimit/config.h" +#include "source/extensions/filters/network/local_ratelimit/config.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.validate.h" -#include "extensions/filters/network/local_ratelimit/local_ratelimit.h" +#include "source/extensions/filters/network/local_ratelimit/local_ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/local_ratelimit/config.h b/source/extensions/filters/network/local_ratelimit/config.h index ca03d81d9398..d96fb762e8f5 100644 --- a/source/extensions/filters/network/local_ratelimit/config.h +++ b/source/extensions/filters/network/local_ratelimit/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/local_ratelimit/local_ratelimit.cc b/source/extensions/filters/network/local_ratelimit/local_ratelimit.cc index 287679763927..9f462aa9b289 100644 --- a/source/extensions/filters/network/local_ratelimit/local_ratelimit.cc +++ b/source/extensions/filters/network/local_ratelimit/local_ratelimit.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/local_ratelimit/local_ratelimit.h" +#include "source/extensions/filters/network/local_ratelimit/local_ratelimit.h" #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/local_ratelimit/local_ratelimit.h b/source/extensions/filters/network/local_ratelimit/local_ratelimit.h index f8ac07272459..61166d1991db 100644 --- a/source/extensions/filters/network/local_ratelimit/local_ratelimit.h +++ b/source/extensions/filters/network/local_ratelimit/local_ratelimit.h @@ -6,10 +6,9 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/stats_macros.h" -#include "common/common/thread_synchronizer.h" -#include "common/runtime/runtime_protos.h" - -#include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/common/runtime/runtime_protos.h" +#include "source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/BUILD b/source/extensions/filters/network/mongo_proxy/BUILD index ab1956d777cb..651d4d6ed20f 100644 --- a/source/extensions/filters/network/mongo_proxy/BUILD +++ b/source/extensions/filters/network/mongo_proxy/BUILD @@ -15,7 +15,7 @@ envoy_extension_package() envoy_cc_library( name = "bson_interface", hdrs = ["bson.h"], - deps = ["//include/envoy/buffer:buffer_interface"], + deps = ["//envoy/buffer:buffer_interface"], ) envoy_cc_library( @@ -30,7 +30,7 @@ envoy_cc_library( hdrs = ["bson_impl.h"], deps = [ ":bson_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/common:byte_order_lib", "//source/common/common:hex_lib", @@ -46,7 +46,7 @@ envoy_cc_library( deps = [ ":bson_lib", ":codec_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], @@ -61,15 +61,15 @@ envoy_cc_library( ":codec_lib", ":mongo_stats_lib", ":utility_lib", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/common:time_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:drain_decision_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/access_log:access_log_interface", + "//envoy/common:time_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/network:connection_interface", + "//envoy/network:drain_decision_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -87,7 +87,7 @@ envoy_cc_library( srcs = ["mongo_stats.cc"], hdrs = ["mongo_stats.h"], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], @@ -107,11 +107,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":proxy_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/extensions/filters/network/mongo_proxy/v3:pkg_cc_proto", diff --git a/source/extensions/filters/network/mongo_proxy/bson_impl.cc b/source/extensions/filters/network/mongo_proxy/bson_impl.cc index de0b9170b22b..3f6d10d827c7 100644 --- a/source/extensions/filters/network/mongo_proxy/bson_impl.cc +++ b/source/extensions/filters/network/mongo_proxy/bson_impl.cc @@ -1,14 +1,14 @@ -#include "extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" #include #include #include -#include "common/common/assert.h" -#include "common/common/byte_order.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/bson_impl.h b/source/extensions/filters/network/mongo_proxy/bson_impl.h index 57e44c951d44..38bc2b91bc29 100644 --- a/source/extensions/filters/network/mongo_proxy/bson_impl.h +++ b/source/extensions/filters/network/mongo_proxy/bson_impl.h @@ -7,10 +7,9 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" -#include "common/common/logger.h" -#include "common/common/utility.h" - -#include "extensions/filters/network/mongo_proxy/bson.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/network/mongo_proxy/bson.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/codec.h b/source/extensions/filters/network/mongo_proxy/codec.h index b6221ba30bd0..8588b86b36e2 100644 --- a/source/extensions/filters/network/mongo_proxy/codec.h +++ b/source/extensions/filters/network/mongo_proxy/codec.h @@ -5,7 +5,7 @@ #include #include -#include "extensions/filters/network/mongo_proxy/bson.h" +#include "source/extensions/filters/network/mongo_proxy/bson.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/codec_impl.cc b/source/extensions/filters/network/mongo_proxy/codec_impl.cc index d56fe7ff4e31..8a4ad294284f 100644 --- a/source/extensions/filters/network/mongo_proxy/codec_impl.cc +++ b/source/extensions/filters/network/mongo_proxy/codec_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mongo_proxy/codec_impl.h" +#include "source/extensions/filters/network/mongo_proxy/codec_impl.h" #include #include @@ -9,10 +9,9 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" - -#include "extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/codec_impl.h b/source/extensions/filters/network/mongo_proxy/codec_impl.h index 4a404d14089e..6041dbcdf4c6 100644 --- a/source/extensions/filters/network/mongo_proxy/codec_impl.h +++ b/source/extensions/filters/network/mongo_proxy/codec_impl.h @@ -5,9 +5,8 @@ #include #include -#include "common/common/logger.h" - -#include "extensions/filters/network/mongo_proxy/codec.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mongo_proxy/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/config.cc b/source/extensions/filters/network/mongo_proxy/config.cc index ecdc60644888..79597c01087e 100644 --- a/source/extensions/filters/network/mongo_proxy/config.cc +++ b/source/extensions/filters/network/mongo_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mongo_proxy/config.h" +#include "source/extensions/filters/network/mongo_proxy/config.h" #include @@ -7,9 +7,8 @@ #include "envoy/network/connection.h" #include "envoy/registry/registry.h" -#include "common/common/fmt.h" - -#include "extensions/filters/network/mongo_proxy/proxy.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/mongo_proxy/proxy.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/config.h b/source/extensions/filters/network/mongo_proxy/config.h index f5819c39b453..59448bfe01e7 100644 --- a/source/extensions/filters/network/mongo_proxy/config.h +++ b/source/extensions/filters/network/mongo_proxy/config.h @@ -5,8 +5,8 @@ #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.h" #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/mongo_stats.cc b/source/extensions/filters/network/mongo_proxy/mongo_stats.cc index aca9ffaf35fd..fd362d35af42 100644 --- a/source/extensions/filters/network/mongo_proxy/mongo_stats.cc +++ b/source/extensions/filters/network/mongo_proxy/mongo_stats.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mongo_proxy/mongo_stats.h" +#include "source/extensions/filters/network/mongo_proxy/mongo_stats.h" #include #include @@ -6,7 +6,7 @@ #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/mongo_stats.h b/source/extensions/filters/network/mongo_proxy/mongo_stats.h index 3df51affd0a4..5dee14714599 100644 --- a/source/extensions/filters/network/mongo_proxy/mongo_stats.h +++ b/source/extensions/filters/network/mongo_proxy/mongo_stats.h @@ -6,8 +6,8 @@ #include "envoy/stats/scope.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/proxy.cc b/source/extensions/filters/network/mongo_proxy/proxy.cc index 8a8042ede425..86db1078f659 100644 --- a/source/extensions/filters/network/mongo_proxy/proxy.cc +++ b/source/extensions/filters/network/mongo_proxy/proxy.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mongo_proxy/proxy.h" +#include "source/extensions/filters/network/mongo_proxy/proxy.h" #include #include @@ -10,12 +10,11 @@ #include "envoy/runtime/runtime.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" - -#include "extensions/filters/network/mongo_proxy/codec_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/network/mongo_proxy/codec_impl.h" +#include "source/extensions/filters/network/well_known_names.h" #include "absl/strings/str_split.h" diff --git a/source/extensions/filters/network/mongo_proxy/proxy.h b/source/extensions/filters/network/mongo_proxy/proxy.h index 773d4714aa7f..f049c6d4d6dd 100644 --- a/source/extensions/filters/network/mongo_proxy/proxy.h +++ b/source/extensions/filters/network/mongo_proxy/proxy.h @@ -16,16 +16,15 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/network/filter_impl.h" -#include "common/protobuf/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/common/fault/fault_config.h" -#include "extensions/filters/network/mongo_proxy/codec.h" -#include "extensions/filters/network/mongo_proxy/mongo_stats.h" -#include "extensions/filters/network/mongo_proxy/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/filter_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/common/fault/fault_config.h" +#include "source/extensions/filters/network/mongo_proxy/codec.h" +#include "source/extensions/filters/network/mongo_proxy/mongo_stats.h" +#include "source/extensions/filters/network/mongo_proxy/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/utility.cc b/source/extensions/filters/network/mongo_proxy/utility.cc index bb4537744288..421eceaa9b64 100644 --- a/source/extensions/filters/network/mongo_proxy/utility.cc +++ b/source/extensions/filters/network/mongo_proxy/utility.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/mongo_proxy/utility.h" +#include "source/extensions/filters/network/mongo_proxy/utility.h" #include #include "envoy/common/exception.h" -#include "common/json/json_loader.h" +#include "source/common/json/json_loader.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mongo_proxy/utility.h b/source/extensions/filters/network/mongo_proxy/utility.h index 3b8a6773601c..4394640c9e36 100644 --- a/source/extensions/filters/network/mongo_proxy/utility.h +++ b/source/extensions/filters/network/mongo_proxy/utility.h @@ -2,7 +2,7 @@ #include -#include "extensions/filters/network/mongo_proxy/codec.h" +#include "source/extensions/filters/network/mongo_proxy/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/BUILD b/source/extensions/filters/network/mysql_proxy/BUILD index d176bad30b97..8c2f9316138a 100644 --- a/source/extensions/filters/network/mysql_proxy/BUILD +++ b/source/extensions/filters/network/mysql_proxy/BUILD @@ -23,10 +23,10 @@ envoy_cc_library( deps = [ ":codec_lib", ":decoder_lib", - "//include/envoy/network:filter_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:filter_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/network:filter_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -107,9 +107,6 @@ envoy_cc_extension( name = "config", srcs = ["mysql_config.cc"], hdrs = ["mysql_config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":filter_lib", "//source/extensions/filters/network:well_known_names", diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec.h b/source/extensions/filters/network/mysql_proxy/mysql_codec.h index 5cc863eb8f76..d040ab3fb6db 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec.h @@ -2,8 +2,8 @@ #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.cc b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.cc index f8bbab1160c1..be4739d909f9 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h index c6714e1fd812..fbf3f7b22a72 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h @@ -1,9 +1,8 @@ #pragma once #include "envoy/buffer/buffer.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.cc b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.cc index 3e204058e5df..8847de47baf0 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "envoy/buffer/buffer.h" -#include "common/common/assert.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h index 37f882003e42..a843e0c85b62 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h @@ -4,10 +4,9 @@ #include "envoy/buffer/buffer.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_command.cc b/source/extensions/filters/network/mysql_proxy/mysql_codec_command.cc index 8642a12126aa..4e515381760a 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_command.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_command.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_command.h" #include "envoy/buffer/buffer.h" -#include "common/common/logger.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_command.h b/source/extensions/filters/network/mysql_proxy/mysql_codec_command.h index 3d76c31d9ccb..4764770e0704 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_command.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_command.h @@ -1,9 +1,8 @@ #pragma once #include "envoy/buffer/buffer.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.cc b/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.cc index 90ecd487b48c..88b2ba5f1ec1 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "envoy/buffer/buffer.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h b/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h index 8f33d5eb5ecf..a507a5ec8939 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h @@ -1,7 +1,6 @@ #pragma once -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.cc b/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.cc index 0aec54525de7..120669c5f288 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.cc @@ -1,11 +1,10 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "envoy/buffer/buffer.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h b/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h index ccf2f91debf4..f6128191e372 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h @@ -1,8 +1,7 @@ #pragma once -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_config.cc b/source/extensions/filters/network/mysql_proxy/mysql_config.cc index f2c536e9fd64..39a68f5f8d26 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_config.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mysql_proxy/mysql_config.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_config.h" #include @@ -7,9 +7,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_filter.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_config.h b/source/extensions/filters/network/mysql_proxy/mysql_config.h index d0a90364832f..66e459f90144 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_config.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_config.h @@ -3,9 +3,9 @@ #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.h" #include "envoy/extensions/filters/network/mysql_proxy/v3/mysql_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/mysql_proxy/mysql_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_filter.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_decoder.h b/source/extensions/filters/network/mysql_proxy/mysql_decoder.h index 6b813e2248f1..6b4f83a2c8cc 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_decoder.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_decoder.h @@ -1,12 +1,12 @@ #pragma once -#include "extensions/common/sqlutils/sqlutils.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_session.h" +#include "source/extensions/common/sqlutils/sqlutils.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_command.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_session.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.cc b/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.cc index aac9e3a6366a..f958f22aefd2 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.cc @@ -1,10 +1,9 @@ -#include "extensions/filters/network/mysql_proxy/mysql_decoder_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h b/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h index 3159e298a66e..ae787ba777c0 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h @@ -1,5 +1,5 @@ #pragma once -#include "extensions/filters/network/mysql_proxy/mysql_decoder.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_decoder.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_filter.cc b/source/extensions/filters/network/mysql_proxy/mysql_filter.cc index 602d1e0e8c2c..a1f6a1da95f5 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_filter.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_filter.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/network/mysql_proxy/mysql_filter.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_filter.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_decoder_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_decoder_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_filter.h b/source/extensions/filters/network/mysql_proxy/mysql_filter.h index daabb165dde6..6b83b13770f0 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_filter.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_filter.h @@ -7,16 +7,15 @@ #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_decoder.h" -#include "extensions/filters/network/mysql_proxy/mysql_session.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_command.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_decoder.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_session.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_session.h b/source/extensions/filters/network/mysql_proxy/mysql_session.h index 41655b7adc6a..691d582633b1 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_session.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_session.h @@ -1,5 +1,5 @@ #pragma once -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_utils.cc b/source/extensions/filters/network/mysql_proxy/mysql_utils.cc index d72fe8e06d85..d2574cc94fbf 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_utils.cc +++ b/source/extensions/filters/network/mysql_proxy/mysql_utils.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/mysql_proxy/mysql_utils.h b/source/extensions/filters/network/mysql_proxy/mysql_utils.h index 2a60feb49763..d8548eed24f0 100644 --- a/source/extensions/filters/network/mysql_proxy/mysql_utils.h +++ b/source/extensions/filters/network/mysql_proxy/mysql_utils.h @@ -3,11 +3,10 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/byte_order.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/postgres_proxy/BUILD b/source/extensions/filters/network/postgres_proxy/BUILD index 398fa80cc67d..89c26a2cf94f 100644 --- a/source/extensions/filters/network/postgres_proxy/BUILD +++ b/source/extensions/filters/network/postgres_proxy/BUILD @@ -29,10 +29,10 @@ envoy_cc_library( ], repository = "@envoy", deps = [ - "//include/envoy/network:filter_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:filter_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/network:filter_lib", "//source/extensions/common/sqlutils:sqlutils_lib", @@ -44,9 +44,7 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", repository = "@envoy", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":filter", "//source/extensions/filters/network:well_known_names", diff --git a/source/extensions/filters/network/postgres_proxy/config.cc b/source/extensions/filters/network/postgres_proxy/config.cc index 4e0eeb8c05b1..a1e148da6396 100644 --- a/source/extensions/filters/network/postgres_proxy/config.cc +++ b/source/extensions/filters/network/postgres_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/postgres_proxy/config.h" +#include "source/extensions/filters/network/postgres_proxy/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/postgres_proxy/config.h b/source/extensions/filters/network/postgres_proxy/config.h index eada27fed618..7edb63852575 100644 --- a/source/extensions/filters/network/postgres_proxy/config.h +++ b/source/extensions/filters/network/postgres_proxy/config.h @@ -3,9 +3,9 @@ #include "envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.pb.h" #include "envoy/extensions/filters/network/postgres_proxy/v3alpha/postgres_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/postgres_proxy/postgres_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_filter.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/postgres_proxy/postgres_decoder.cc b/source/extensions/filters/network/postgres_proxy/postgres_decoder.cc index f5d144dc4883..793bd96f32d3 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_decoder.cc +++ b/source/extensions/filters/network/postgres_proxy/postgres_decoder.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/postgres_proxy/postgres_decoder.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_decoder.h" #include @@ -13,13 +13,16 @@ namespace PostgresProxy { []() -> std::unique_ptr { return createMsgBodyReader<__VA_ARGS__>(); } #define NO_BODY BODY_FORMAT() +constexpr absl::string_view FRONTEND = "Frontend"; +constexpr absl::string_view BACKEND = "Backend"; + void DecoderImpl::initialize() { // Special handler for first message of the transaction. first_ = MessageProcessor{"Startup", BODY_FORMAT(Int32, Repeated), {&DecoderImpl::onStartup}}; // Frontend messages. - FE_messages_.direction_ = "Frontend"; + FE_messages_.direction_ = FRONTEND; // Setup handlers for known messages. absl::flat_hash_map& FE_known_msgs = FE_messages_.messages_; @@ -52,7 +55,7 @@ void DecoderImpl::initialize() { MessageProcessor{"Other", BODY_FORMAT(ByteN), {&DecoderImpl::incMessagesUnknown}}; // Backend messages. - BE_messages_.direction_ = "Backend"; + BE_messages_.direction_ = BACKEND; // Setup handlers for known messages. absl::flat_hash_map& BE_known_msgs = BE_messages_.messages_; @@ -176,88 +179,156 @@ void DecoderImpl::initialize() { }; } -Decoder::Result DecoderImpl::parseHeader(Buffer::Instance& data) { - ENVOY_LOG(trace, "postgres_proxy: parsing message, len {}", data.length()); +/* Main handler for incoming messages. Messages are dispatched based on the + current decoder's state. +*/ +Decoder::Result DecoderImpl::onData(Buffer::Instance& data, bool frontend) { + switch (state_) { + case State::InitState: + return onDataInit(data, frontend); + case State::OutOfSyncState: + case State::EncryptedState: + return onDataIgnore(data, frontend); + case State::InSyncState: + return onDataInSync(data, frontend); + default: + NOT_IMPLEMENTED_GCOVR_EXCL_LINE; + } +} - // The minimum size of the message sufficient for parsing is 5 bytes. - if (data.length() < 5) { +/* Handler for messages when decoder is in Init State. There are very few message types which + are allowed in this state. + If the initial message has the correct syntax and indicates that session should be in + clear-text, the decoder will move to InSyncState. If the initial message has the correct syntax + and indicates that session should be encrypted, the decoder stays in InitState, because the + initial message will be received again after transport socket negotiates SSL. If the message + syntax is incorrect, the decoder will move to OutOfSyncState, in which messages are not parsed. +*/ +Decoder::Result DecoderImpl::onDataInit(Buffer::Instance& data, bool) { + ASSERT(state_ == State::InitState); + + // In Init state the minimum size of the message sufficient for parsing is 4 bytes. + if (data.length() < 4) { // not enough data in the buffer. - return Decoder::NeedMoreData; + return Decoder::Result::NeedMoreData; + } + + // Validate the message before processing. + const MsgBodyReader& f = std::get<1>(first_); + const auto msgParser = f(); + // Run the validation. + message_len_ = data.peekBEInt(0); + if (message_len_ > MAX_STARTUP_PACKET_LENGTH) { + // Message does not conform to the expected format. Move to out-of-sync state. + data.drain(data.length()); + state_ = State::OutOfSyncState; + return Decoder::Result::ReadyForNext; } - if (!startup_) { - data.copyOut(0, 1, &command_); - ENVOY_LOG(trace, "postgres_proxy: command is {}", command_); + Message::ValidationResult validationResult = msgParser->validate(data, 4, message_len_ - 4); + + if (validationResult == Message::ValidationNeedMoreData) { + return Decoder::Result::NeedMoreData; } - // The 1 byte message type and message length should be in the buffer - // Check if the entire message has been read. - std::string message; - message_len_ = data.peekBEInt(startup_ ? 0 : 1); - if (data.length() < (message_len_ + (startup_ ? 0 : 1))) { - ENVOY_LOG(trace, "postgres_proxy: cannot parse message. Need {} bytes in buffer", - message_len_ + (startup_ ? 0 : 1)); - // Not enough data in the buffer. - return Decoder::NeedMoreData; + if (validationResult == Message::ValidationFailed) { + // Message does not conform to the expected format. Move to out-of-sync state. + data.drain(data.length()); + state_ = State::OutOfSyncState; + return Decoder::Result::ReadyForNext; } - if (startup_) { - uint32_t code = data.peekBEInt(4); - // Startup message with 1234 in the most significant 16 bits - // indicate request to encrypt. - if (code >= 0x04d20000) { - encrypted_ = true; - // Handler for SSLRequest (Int32(80877103) = 0x04d2162f) - // See details in https://www.postgresql.org/docs/current/protocol-message-formats.html. - if (code == 0x04d2162f) { - // Notify the filter that `SSLRequest` message was decoded. - // If the filter returns true, it means to pass the message upstream - // to the server. If it returns false it means, that filter will try - // to terminate SSL session and SSLRequest should not be passed to the - // server. - encrypted_ = callbacks_->onSSLRequest(); - } - - // Count it as recognized frontend message. - callbacks_->incMessagesFrontend(); - if (encrypted_) { - ENVOY_LOG(trace, "postgres_proxy: detected encrypted traffic."); - incSessionsEncrypted(); - startup_ = false; - } - data.drain(data.length()); - return encrypted_ ? Decoder::ReadyForNext : Decoder::Stopped; + Decoder::Result result = Decoder::Result::ReadyForNext; + uint32_t code = data.peekBEInt(4); + data.drain(4); + // Startup message with 1234 in the most significant 16 bits + // indicate request to encrypt. + if (code >= 0x04d20000) { + encrypted_ = true; + // Handler for SSLRequest (Int32(80877103) = 0x04d2162f) + // See details in https://www.postgresql.org/docs/current/protocol-message-formats.html. + if (code == 0x04d2162f) { + // Notify the filter that `SSLRequest` message was decoded. + // If the filter returns true, it means to pass the message upstream + // to the server. If it returns false it means, that filter will try + // to terminate SSL session and SSLRequest should not be passed to the + // server. + encrypted_ = callbacks_->onSSLRequest(); + } + + // Count it as recognized frontend message. + callbacks_->incMessagesFrontend(); + if (encrypted_) { + ENVOY_LOG(trace, "postgres_proxy: detected encrypted traffic."); + incSessionsEncrypted(); + state_ = State::EncryptedState; } else { - ENVOY_LOG(debug, "Detected version {}.{} of Postgres", code >> 16, code & 0x0000FFFF); + result = Decoder::Result::Stopped; + // Stay in InitState. After switch to SSL, another init packet will be sent. } + } else { + ENVOY_LOG(debug, "Detected version {}.{} of Postgres", code >> 16, code & 0x0000FFFF); + state_ = State::InSyncState; } - data.drain(startup_ ? 4 : 5); // Length plus optional 1st byte. - - ENVOY_LOG(trace, "postgres_proxy: msg parsed"); - return Decoder::ReadyForNext; + processMessageBody(data, FRONTEND, message_len_ - 4, first_, msgParser); + data.drain(message_len_); + return result; } -Decoder::Result DecoderImpl::onData(Buffer::Instance& data, bool frontend) { - // If encrypted, just drain the traffic. - if (encrypted_) { - ENVOY_LOG(trace, "postgres_proxy: ignoring {} bytes of encrypted data", data.length()); - data.drain(data.length()); - return Decoder::ReadyForNext; - } +/* + Method invokes actions associated with message type and generate debug logs. +*/ +void DecoderImpl::processMessageBody(Buffer::Instance& data, absl::string_view direction, + uint32_t length, MessageProcessor& msg, + const std::unique_ptr& parser) { + uint32_t bytes_to_read = length; - if (!frontend && startup_) { - data.drain(data.length()); - return Decoder::ReadyForNext; + std::vector& actions = std::get<2>(msg); + if (!actions.empty()) { + // Linearize the message for processing. + message_.assign(std::string(static_cast(data.linearize(bytes_to_read)), bytes_to_read)); + + // Invoke actions associated with the type of received message. + for (const auto& action : actions) { + action(this); + } + + // Drop the linearized message. + message_.erase(); } + ENVOY_LOG(debug, "({}) command = {} ({})", direction, command_, std::get<0>(msg)); + ENVOY_LOG(debug, "({}) length = {}", direction, message_len_); + ENVOY_LOG(debug, "({}) message = {}", direction, genDebugMessage(parser, data, bytes_to_read)); + + ENVOY_LOG(trace, "postgres_proxy: {} bytes remaining in buffer", data.length()); + + data.drain(length); +} + +/* + onDataInSync is called when decoder is on-track with decoding messages. + All previous messages has been decoded properly and decoder is able to find + message boundaries. +*/ +Decoder::Result DecoderImpl::onDataInSync(Buffer::Instance& data, bool frontend) { ENVOY_LOG(trace, "postgres_proxy: decoding {} bytes", data.length()); - const Decoder::Result result = parseHeader(data); - if (result != Decoder::ReadyForNext || encrypted_) { - return result; + ENVOY_LOG(trace, "postgres_proxy: parsing message, len {}", data.length()); + + // The minimum size of the message sufficient for parsing is 5 bytes. + if (data.length() < 5) { + // not enough data in the buffer. + return Decoder::Result::NeedMoreData; } + data.copyOut(0, 1, &command_); + ENVOY_LOG(trace, "postgres_proxy: command is {}", command_); + + // The 1 byte message type and message length should be in the buffer + // Find the message processor and validate the message syntax. + MsgGroup& msg_processor = std::ref(frontend ? FE_messages_ : BE_messages_); frontend ? callbacks_->incMessagesFrontend() : callbacks_->incMessagesBackend(); @@ -265,45 +336,55 @@ Decoder::Result DecoderImpl::onData(Buffer::Instance& data, bool frontend) { // If message is found, the processing will be updated. std::reference_wrapper msg = msg_processor.unknown_; - if (startup_) { - msg = std::ref(first_); - startup_ = false; - } else { - auto it = msg_processor.messages_.find(command_); - if (it != msg_processor.messages_.end()) { - msg = std::ref((*it).second); - } + auto it = msg_processor.messages_.find(command_); + if (it != msg_processor.messages_.end()) { + msg = std::ref((*it).second); } - // message_len_ specifies total message length including 4 bytes long - // "length" field. The length of message body is total length minus size - // of "length" field (4 bytes). - uint32_t bytes_to_read = message_len_ - 4; - - std::vector& actions = std::get<2>(msg.get()); - if (!actions.empty()) { - // Linearize the message for processing. - message_.assign(std::string(static_cast(data.linearize(bytes_to_read)), bytes_to_read)); - - // Invoke actions associated with the type of received message. - for (const auto& action : actions) { - action(this); - } + // Validate the message before processing. + const MsgBodyReader& f = std::get<1>(msg.get()); + message_len_ = data.peekBEInt(1); + const auto msgParser = f(); + // Run the validation. + // Because the message validation may return NeedMoreData error, data must stay intact (no + // draining) until the remaining data arrives and validator will run again. Validator therefore + // starts at offset 5 (1 byte message type and 4 bytes of length). This is in contrast to + // processing of the message, which assumes that message has been validated and starts at the + // beginning of the message. + Message::ValidationResult validationResult = msgParser->validate(data, 5, message_len_ - 4); + + if (validationResult == Message::ValidationNeedMoreData) { + ENVOY_LOG(trace, "postgres_proxy: cannot parse message. Not enough bytes in the buffer."); + return Decoder::Result::NeedMoreData; + } - // Drop the linearized message. - message_.erase(); + if (validationResult == Message::ValidationFailed) { + // Message does not conform to the expected format. Move to out-of-sync state. + data.drain(data.length()); + state_ = State::OutOfSyncState; + return Decoder::Result::ReadyForNext; } - ENVOY_LOG(debug, "({}) command = {} ({})", msg_processor.direction_, command_, - std::get<0>(msg.get())); - ENVOY_LOG(debug, "({}) length = {}", msg_processor.direction_, message_len_); - ENVOY_LOG(debug, "({}) message = {}", msg_processor.direction_, - genDebugMessage(msg, data, bytes_to_read)); + // Drain message code and length fields. + // Processing the message assumes that message starts at the beginning of the buffer. + data.drain(5); - data.drain(bytes_to_read); - ENVOY_LOG(trace, "postgres_proxy: {} bytes remaining in buffer", data.length()); + processMessageBody(data, msg_processor.direction_, message_len_ - 4, msg, msgParser); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; +} +/* + onDataIgnore method is called when the decoder does not inspect passing + messages. This happens when the decoder detected encrypted packets or + when the decoder could not validate passing messages and lost track of + messages boundaries. In order not to interpret received values as message + lengths and not to start buffering large amount of data, the decoder + enters OutOfSync state and starts ignoring passing messages. Once the + decoder enters OutOfSyncState it cannot leave that state. +*/ +Decoder::Result DecoderImpl::onDataIgnore(Buffer::Instance& data, bool) { + data.drain(data.length()); + return Decoder::Result::ReadyForNext; } // Method is called when C (CommandComplete) message has been @@ -423,16 +504,10 @@ void DecoderImpl::onStartup() { } // Method generates displayable format of currently processed message. -const std::string DecoderImpl::genDebugMessage(const MessageProcessor& msg, Buffer::Instance& data, - uint32_t message_len) { - const MsgBodyReader& f = std::get<1>(msg); - std::string message = "Unrecognized"; - if (f != nullptr) { - const auto msgParser = f(); - msgParser->read(data, message_len); - message = msgParser->toString(); - } - return message; +const std::string DecoderImpl::genDebugMessage(const std::unique_ptr& parser, + Buffer::Instance& data, uint32_t message_len) { + parser->read(data, message_len); + return parser->toString(); } } // namespace PostgresProxy diff --git a/source/extensions/filters/network/postgres_proxy/postgres_decoder.h b/source/extensions/filters/network/postgres_proxy/postgres_decoder.h index b8326aaf8bc6..f62de0108f57 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_decoder.h +++ b/source/extensions/filters/network/postgres_proxy/postgres_decoder.h @@ -3,12 +3,11 @@ #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/common/sqlutils/sqlutils.h" -#include "extensions/filters/network/postgres_proxy/postgres_message.h" -#include "extensions/filters/network/postgres_proxy/postgres_session.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/sqlutils/sqlutils.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_message.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_session.h" #include "absl/container/flat_hash_map.h" @@ -54,7 +53,7 @@ class Decoder { // The following values are returned by the decoder, when filter // passes bytes of data via onData method: - enum Result { + enum class Result { ReadyForNext, // Decoder processed previous message and is ready for the next message. NeedMoreData, // Decoder needs more data to reconstruct the message. Stopped // Received and processed message disrupts the current flow. Decoder stopped accepting @@ -85,12 +84,21 @@ class DecoderImpl : public Decoder, Logger::Loggable { std::string getMessage() { return message_; } - void setStartup(bool startup) { startup_ = startup; } void initialize(); bool encrypted() const { return encrypted_; } + enum class State { InitState, InSyncState, OutOfSyncState, EncryptedState }; + State state() const { return state_; } + void state(State state) { state_ = state; } + protected: + State state_{State::InitState}; + + Result onDataInit(Buffer::Instance& data, bool frontend); + Result onDataInSync(Buffer::Instance& data, bool frontend); + Result onDataIgnore(Buffer::Instance& data, bool frontend); + // MsgAction defines the Decoder's method which will be invoked // when a specific message has been decoded. using MsgAction = std::function; @@ -111,7 +119,7 @@ class DecoderImpl : public Decoder, Logger::Loggable { // Frontend and Backend messages. using MsgGroup = struct { // String describing direction (Frontend or Backend). - std::string direction_; + absl::string_view direction_; // Hash map indexed by messages' 1st byte points to handlers used for processing messages. absl::flat_hash_map messages_; // Handler used for processing messages not found in hash map. @@ -132,7 +140,8 @@ class DecoderImpl : public Decoder, Logger::Loggable { MsgAction unknown_; }; - Result parseHeader(Buffer::Instance& data); + void processMessageBody(Buffer::Instance& data, absl::string_view direction, uint32_t length, + MessageProcessor& msg, const std::unique_ptr& parser); void decode(Buffer::Instance& data); void decodeAuthentication(); void decodeBackendStatements(); @@ -150,18 +159,17 @@ class DecoderImpl : public Decoder, Logger::Loggable { // Helper method generating currently processed message in // displayable format. - const std::string genDebugMessage(const MessageProcessor& msg, Buffer::Instance& data, + const std::string genDebugMessage(const std::unique_ptr& parser, Buffer::Instance& data, uint32_t message_len); DecoderCallbacks* callbacks_{}; PostgresSession session_{}; // The following fields store result of message parsing. - char command_{}; + char command_{'-'}; std::string message_; uint32_t message_len_{}; - bool startup_{true}; // startup stage does not have 1st byte command bool encrypted_{false}; // tells if exchange is encrypted // Dispatchers for Backend (BE) and Frontend (FE) messages. @@ -179,6 +187,11 @@ class DecoderImpl : public Decoder, Logger::Loggable { MsgParserDict BE_errors_; MsgParserDict BE_notices_; + + // MAX_STARTUP_PACKET_LENGTH is defined in Postgres source code + // as maximum size of initial packet. + // https://github.com/postgres/postgres/search?q=MAX_STARTUP_PACKET_LENGTH&type=code + static constexpr uint64_t MAX_STARTUP_PACKET_LENGTH = 10000; }; } // namespace PostgresProxy diff --git a/source/extensions/filters/network/postgres_proxy/postgres_filter.cc b/source/extensions/filters/network/postgres_proxy/postgres_filter.cc index accc59117c48..0e8daac36fed 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_filter.cc +++ b/source/extensions/filters/network/postgres_proxy/postgres_filter.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/postgres_proxy/postgres_filter.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_filter.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" -#include "extensions/filters/network/postgres_proxy/postgres_decoder.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_decoder.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { @@ -231,11 +231,11 @@ Network::FilterStatus PostgresFilter::doDecode(Buffer::Instance& data, bool fron // that it cannot process data in the buffer. while (0 < data.length()) { switch (decoder_->onData(data, frontend)) { - case Decoder::NeedMoreData: + case Decoder::Result::NeedMoreData: return Network::FilterStatus::Continue; - case Decoder::ReadyForNext: + case Decoder::Result::ReadyForNext: continue; - case Decoder::Stopped: + case Decoder::Result::Stopped: return Network::FilterStatus::StopIteration; } } diff --git a/source/extensions/filters/network/postgres_proxy/postgres_filter.h b/source/extensions/filters/network/postgres_proxy/postgres_filter.h index f6740b3536ab..cb89499d47c4 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_filter.h +++ b/source/extensions/filters/network/postgres_proxy/postgres_filter.h @@ -5,10 +5,9 @@ #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/postgres_proxy/postgres_decoder.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_decoder.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/postgres_proxy/postgres_message.cc b/source/extensions/filters/network/postgres_proxy/postgres_message.cc index 5f7c1f27d814..b8e4a3d5febe 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_message.cc +++ b/source/extensions/filters/network/postgres_proxy/postgres_message.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/postgres_proxy/postgres_message.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_message.h" namespace Envoy { namespace Extensions { @@ -7,18 +7,16 @@ namespace PostgresProxy { // String type methods. bool String::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { - // First find the terminating zero. - const char zero = 0; - const ssize_t index = data.search(&zero, 1, pos); - if (index == -1) { - return false; - } + // read method uses values set by validate method. + // This avoids unnecessary repetition of scanning data looking for terminating zero. + ASSERT(pos == start_); + ASSERT(end_ >= start_); // Reserve that many bytes in the string. - const uint64_t size = index - pos; + const uint64_t size = end_ - start_; value_.resize(size); // Now copy from buffer to string. - data.copyOut(pos, index - pos, value_.data()); + data.copyOut(pos, size, value_.data()); pos += (size + 1); left -= (size + 1); @@ -27,6 +25,35 @@ bool String::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { std::string String::toString() const { return absl::StrCat("[", value_, "]"); } +Message::ValidationResult String::validate(const Buffer::Instance& data, + const uint64_t start_offset, uint64_t& pos, + uint64_t& left) { + // Try to find the terminating zero. + // If found, all is good. If not found, we may need more data. + const char zero = 0; + const ssize_t index = data.search(&zero, 1, pos); + if (index == -1) { + if (left <= (data.length() - pos)) { + // Message ended before finding terminating zero. + return Message::ValidationFailed; + } else { + return Message::ValidationNeedMoreData; + } + } + // Found, but after the message boundary. + const uint64_t size = index - pos; + if (size >= left) { + return Message::ValidationFailed; + } + + start_ = pos - start_offset; + end_ = start_ + size; + + pos += (size + 1); + left -= (size + 1); + return Message::ValidationOK; +} + // ByteN type methods. bool ByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { if (left > (data.length() - pos)) { @@ -38,6 +65,19 @@ bool ByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { left = 0; return true; } +// Since ByteN does not have a length field, it is not possible to verify +// its correctness. +Message::ValidationResult ByteN::validate(const Buffer::Instance& data, const uint64_t, + uint64_t& pos, uint64_t& left) { + if (left > (data.length() - pos)) { + return Message::ValidationNeedMoreData; + } + + pos += left; + left = 0; + + return Message::ValidationOK; +} std::string ByteN::toString() const { std::string out = "["; @@ -48,10 +88,7 @@ std::string ByteN::toString() const { // VarByteN type methods. bool VarByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { - if ((left < sizeof(int32_t)) || ((data.length() - pos) < sizeof(int32_t))) { - return false; - } - len_ = data.peekBEInt(pos); + // len_ was set by validator, skip it. pos += sizeof(int32_t); left -= sizeof(int32_t); if (len_ < 1) { @@ -59,10 +96,7 @@ bool VarByteN::read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) value_.clear(); return true; } - if ((left < static_cast(len_)) || - ((data.length() - pos) < static_cast(len_))) { - return false; - } + value_.resize(len_); data.copyOut(pos, len_, value_.data()); pos += len_; @@ -78,6 +112,42 @@ std::string VarByteN::toString() const { return out; } +Message::ValidationResult VarByteN::validate(const Buffer::Instance& data, const uint64_t, + uint64_t& pos, uint64_t& left) { + if (left < sizeof(int32_t)) { + // Malformed message. + return Message::ValidationFailed; + } + + if ((data.length() - pos) < sizeof(int32_t)) { + return Message::ValidationNeedMoreData; + } + + // Read length of the VarByteN structure. + len_ = data.peekBEInt(pos); + if (static_cast(len_) > static_cast(left)) { + // VarByteN would extend past the current message boundaries. + // Lengths of message and individual fields do not match. + return Message::ValidationFailed; + } + + if (len_ < 1) { + // There is no payload if length is not positive. + pos += sizeof(int32_t); + left -= sizeof(int32_t); + return Message::ValidationOK; + } + + if ((data.length() - pos) < (len_ + sizeof(int32_t))) { + return Message::ValidationNeedMoreData; + } + + pos += (len_ + sizeof(int32_t)); + left -= (len_ + sizeof(int32_t)); + + return Message::ValidationOK; +} + } // namespace PostgresProxy } // namespace NetworkFilters } // namespace Extensions diff --git a/source/extensions/filters/network/postgres_proxy/postgres_message.h b/source/extensions/filters/network/postgres_proxy/postgres_message.h index 697a2e84ef47..584662f0b754 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_message.h +++ b/source/extensions/filters/network/postgres_proxy/postgres_message.h @@ -1,6 +1,6 @@ #pragma once -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" @@ -29,6 +29,30 @@ namespace PostgresProxy { * */ +// Interface to Postgres message class. +class Message { +public: + enum ValidationResult { ValidationFailed, ValidationOK, ValidationNeedMoreData }; + + virtual ~Message() = default; + + // read method should read only as many bytes from data + // buffer as it is indicated in message's length field. + // "length" parameter indicates how many bytes were indicated in Postgres message's + // length field. "data" buffer may contain more bytes than "length". + virtual bool read(const Buffer::Instance& data, const uint64_t length) PURE; + + virtual ValidationResult validate(const Buffer::Instance& data, const uint64_t, + const uint64_t) PURE; + + // toString method provides displayable representation of + // the Postgres message. + virtual std::string toString() const PURE; + +protected: + ValidationResult validation_result_{ValidationNeedMoreData}; +}; + // Template for integer types. // Size of integer types is fixed and depends on the type of integer. template class Int { @@ -46,15 +70,27 @@ template class Int { * for the current message. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { - if ((data.length() - pos) < sizeof(T)) { - return false; - } value_ = data.peekBEInt(pos); pos += sizeof(T); left -= sizeof(T); return true; } + Message::ValidationResult validate(const Buffer::Instance& data, const uint64_t, uint64_t& pos, + uint64_t& left) { + if (left < sizeof(T)) { + return Message::ValidationFailed; + } + + if ((data.length() - pos) < sizeof(T)) { + return Message::ValidationNeedMoreData; + } + + pos += sizeof(T); + left -= sizeof(T); + return Message::ValidationOK; + } + std::string toString() const { return fmt::format("[{}]", value_); } T get() const { return value_; } @@ -78,8 +114,13 @@ class String { */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; + Message::ValidationResult validate(const Buffer::Instance&, const uint64_t start_offset, + uint64_t&, uint64_t&); private: + // start_ and end_ are set by validate method. + uint64_t start_; + uint64_t end_; std::string value_; }; @@ -92,6 +133,7 @@ class ByteN { */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; + Message::ValidationResult validate(const Buffer::Instance&, const uint64_t, uint64_t&, uint64_t&); private: std::vector value_; @@ -115,6 +157,7 @@ class VarByteN { */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left); std::string toString() const; + Message::ValidationResult validate(const Buffer::Instance&, const uint64_t, uint64_t&, uint64_t&); private: int32_t len_; @@ -128,22 +171,11 @@ template class Array { * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { - // First read the 16 bits value which indicates how many - // elements there are in the array. - if (((data.length() - pos) < sizeof(uint16_t)) || (left < sizeof(uint16_t))) { - return false; - } - const uint16_t num = data.peekBEInt(pos); + // Skip reading the size of array. The validator did it. pos += sizeof(uint16_t); left -= sizeof(uint16_t); - if (num != 0) { - for (uint16_t i = 0; i < num; i++) { - auto item = std::make_unique(); - if (!item->read(data, pos, left)) { - return false; - } - value_.push_back(std::move(item)); - } + for (uint16_t i = 0; i < size_; i++) { + value_[i]->read(data, pos, left); } return true; } @@ -161,8 +193,41 @@ template class Array { return out; } + Message::ValidationResult validate(const Buffer::Instance& data, const uint64_t start_offset, + uint64_t& pos, uint64_t& left) { + // First read the 16 bits value which indicates how many + // elements there are in the array. + if (left < sizeof(uint16_t)) { + return Message::ValidationFailed; + } + + if ((data.length() - pos) < sizeof(uint16_t)) { + return Message::ValidationNeedMoreData; + } + + size_ = data.peekBEInt(pos); + uint64_t orig_pos = pos; + uint64_t orig_left = left; + pos += sizeof(uint16_t); + left -= sizeof(uint16_t); + if (size_ != 0) { + for (uint16_t i = 0; i < size_; i++) { + auto item = std::make_unique(); + Message::ValidationResult result = item->validate(data, start_offset, pos, left); + if (Message::ValidationOK != result) { + pos = orig_pos; + left = orig_left; + value_.clear(); + return result; + } + value_.push_back(std::move(item)); + } + } + return Message::ValidationOK; + } private: + uint16_t size_; std::vector> value_; }; @@ -175,16 +240,10 @@ template class Repeated { * See above for parameter and return value description. */ bool read(const Buffer::Instance& data, uint64_t& pos, uint64_t& left) { - if ((data.length() - pos) < left) { - return false; - } - // Read until nothing is left. - while (left != 0) { - auto item = std::make_unique(); - if (!item->read(data, pos, left)) { + for (size_t i = 0; i < value_.size(); i++) { + if (!value_[i]->read(data, pos, left)) { return false; } - value_.push_back(std::move(item)); } return true; } @@ -200,47 +259,45 @@ template class Repeated { } return out; } + Message::ValidationResult validate(const Buffer::Instance& data, const uint64_t start_offset, + uint64_t& pos, uint64_t& left) { + if ((data.length() - pos) < left) { + return Message::ValidationNeedMoreData; + } -private: - std::vector> value_; -}; - -// Interface to Postgres message class. -class Message { -public: - virtual ~Message() = default; + // Validate until the end of the message. + uint64_t orig_pos = pos; + uint64_t orig_left = left; + while (left != 0) { + auto item = std::make_unique(); + Message::ValidationResult result = item->validate(data, start_offset, pos, left); + if (Message::ValidationOK != result) { + pos = orig_pos; + left = orig_left; + value_.clear(); + return result; + } + value_.push_back(std::move(item)); + } - // read method should read only as many bytes from data - // buffer as it is indicated in message's length field. - // "length" parameter indicates how many bytes were indicated in Postgres message's - // length field. "data" buffer may contain more bytes than "length". - virtual bool read(const Buffer::Instance& data, const uint64_t length) PURE; + return Message::ValidationOK; + } - // toString method provides displayable representation of - // the Postgres message. - virtual std::string toString() const PURE; +private: + std::vector> value_; }; // Sequence is tuple like structure, which binds together // set of several fields of different types. template class Sequence; -template -class Sequence : public Message { +template class Sequence { FirstField first_; Sequence remaining_; public: Sequence() = default; - std::string toString() const override { - return absl::StrCat(first_.toString(), remaining_.toString()); - } - - bool read(const Buffer::Instance& data, const uint64_t length) override { - uint64_t pos = 0; - uint64_t left = length; - return read(data, pos, left); - } + std::string toString() const { return absl::StrCat(first_.toString(), remaining_.toString()); } /** * Implementation of "read" method for variadic template. @@ -255,21 +312,56 @@ class Sequence : public Message { } return remaining_.read(data, pos, left); } + + Message::ValidationResult validate(const Buffer::Instance& data, const uint64_t start_offset, + uint64_t& pos, uint64_t& left) { + Message::ValidationResult result = first_.validate(data, start_offset, pos, left); + if (result != Message::ValidationOK) { + return result; + } + return remaining_.validate(data, start_offset, pos, left); + } }; // Terminal template definition for variadic Sequence template. -template <> class Sequence<> : public Message { +template <> class Sequence<> { public: Sequence<>() = default; - std::string toString() const override { return ""; } + std::string toString() const { return ""; } bool read(const Buffer::Instance&, uint64_t&, uint64_t&) { return true; } - bool read(const Buffer::Instance&, const uint64_t) override { return true; } + Message::ValidationResult validate(const Buffer::Instance&, const uint64_t, uint64_t&, + uint64_t& left) { + return left == 0 ? Message::ValidationOK : Message::ValidationFailed; + } +}; + +template class MessageImpl : public Message, public Sequence { +public: + ~MessageImpl() override = default; + bool read(const Buffer::Instance& data, const uint64_t length) override { + // Do not call read unless validation was successful. + ASSERT(validation_result_ == ValidationOK); + uint64_t pos = 0; + uint64_t left = length; + return Sequence::read(data, pos, left); + } + Message::ValidationResult validate(const Buffer::Instance& data, const uint64_t start_pos, + const uint64_t length) override { + uint64_t pos = start_pos; + uint64_t left = length; + validation_result_ = Sequence::validate(data, start_pos, pos, left); + return validation_result_; + } + std::string toString() const override { return Sequence::toString(); } + +private: + // Message::ValidationResult validation_result_; }; // Helper function to create pointer to a Sequence structure and is used by Postgres // decoder after learning the type of Postgres message. template std::unique_ptr createMsgBodyReader() { - return std::make_unique>(); + return std::make_unique>(); } } // namespace PostgresProxy diff --git a/source/extensions/filters/network/postgres_proxy/postgres_session.h b/source/extensions/filters/network/postgres_proxy/postgres_session.h index 46d8632530bc..b8282d008e16 100644 --- a/source/extensions/filters/network/postgres_proxy/postgres_session.h +++ b/source/extensions/filters/network/postgres_proxy/postgres_session.h @@ -1,7 +1,7 @@ #pragma once #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ratelimit/BUILD b/source/extensions/filters/network/ratelimit/BUILD index 2ab3b5ac6787..50f8ef036898 100644 --- a/source/extensions/filters/network/ratelimit/BUILD +++ b/source/extensions/filters/network/ratelimit/BUILD @@ -23,11 +23,11 @@ envoy_cc_library( "//test/extensions:__subpackages__", ], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_macros", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/network:well_known_names", @@ -39,10 +39,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", diff --git a/source/extensions/filters/network/ratelimit/config.cc b/source/extensions/filters/network/ratelimit/config.cc index 1274275f7747..fdf84987e9ff 100644 --- a/source/extensions/filters/network/ratelimit/config.cc +++ b/source/extensions/filters/network/ratelimit/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/ratelimit/config.h" +#include "source/extensions/filters/network/ratelimit/config.h" #include #include @@ -7,11 +7,10 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" -#include "extensions/filters/network/ratelimit/ratelimit.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/extensions/filters/network/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ratelimit/config.h b/source/extensions/filters/network/ratelimit/config.h index 616696c61b04..8156613a4905 100644 --- a/source/extensions/filters/network/ratelimit/config.h +++ b/source/extensions/filters/network/ratelimit/config.h @@ -3,9 +3,9 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ratelimit/ratelimit.cc b/source/extensions/filters/network/ratelimit/ratelimit.cc index 1ac7accd7d11..1714f5a4f8ad 100644 --- a/source/extensions/filters/network/ratelimit/ratelimit.cc +++ b/source/extensions/filters/network/ratelimit/ratelimit.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/ratelimit/ratelimit.h" +#include "source/extensions/filters/network/ratelimit/ratelimit.h" #include #include @@ -6,10 +6,9 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/stats/scope.h" -#include "common/common/fmt.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/fmt.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/ratelimit/ratelimit.h b/source/extensions/filters/network/ratelimit/ratelimit.h index 168be8008ff5..fac416280945 100644 --- a/source/extensions/filters/network/ratelimit/ratelimit.h +++ b/source/extensions/filters/network/ratelimit/ratelimit.h @@ -13,7 +13,7 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rbac/BUILD b/source/extensions/filters/network/rbac/BUILD index f5a4f38fdc0e..200ea6327282 100644 --- a/source/extensions/filters/network/rbac/BUILD +++ b/source/extensions/filters/network/rbac/BUILD @@ -13,12 +13,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", deps = [ ":rbac_filter", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "@envoy_api//envoy/config/rbac/v3:pkg_cc_proto", @@ -31,9 +29,9 @@ envoy_cc_library( srcs = ["rbac_filter.cc"], hdrs = ["rbac_filter.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:minimal_logger_lib", "//source/extensions/filters/common/rbac:engine_lib", "//source/extensions/filters/common/rbac:utility_lib", diff --git a/source/extensions/filters/network/rbac/config.cc b/source/extensions/filters/network/rbac/config.cc index f50e490ba378..b5fc803f5202 100644 --- a/source/extensions/filters/network/rbac/config.cc +++ b/source/extensions/filters/network/rbac/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/rbac/config.h" +#include "source/extensions/filters/network/rbac/config.h" #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" @@ -6,8 +6,8 @@ #include "envoy/network/connection.h" #include "envoy/registry/registry.h" -#include "extensions/filters/network/rbac/rbac_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/rbac/rbac_filter.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rbac/config.h b/source/extensions/filters/network/rbac/config.h index 2555df7bc7a2..ec3ab751627f 100644 --- a/source/extensions/filters/network/rbac/config.h +++ b/source/extensions/filters/network/rbac/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rbac/rbac_filter.cc b/source/extensions/filters/network/rbac/rbac_filter.cc index 3892600c77dc..705ecf0d417f 100644 --- a/source/extensions/filters/network/rbac/rbac_filter.cc +++ b/source/extensions/filters/network/rbac/rbac_filter.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/rbac/rbac_filter.h" +#include "source/extensions/filters/network/rbac/rbac_filter.h" #include "envoy/buffer/buffer.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/network/connection.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/well_known_names.h" #include "absl/strings/str_join.h" diff --git a/source/extensions/filters/network/rbac/rbac_filter.h b/source/extensions/filters/network/rbac/rbac_filter.h index 1faee7c498fd..d5eabcc2b473 100644 --- a/source/extensions/filters/network/rbac/rbac_filter.h +++ b/source/extensions/filters/network/rbac/rbac_filter.h @@ -5,10 +5,9 @@ #include "envoy/network/filter.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/filters/common/rbac/engine_impl.h" -#include "extensions/filters/common/rbac/utility.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" +#include "source/extensions/filters/common/rbac/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/BUILD b/source/extensions/filters/network/redis_proxy/BUILD index 7cf695e2a513..0902220618ac 100644 --- a/source/extensions/filters/network/redis_proxy/BUILD +++ b/source/extensions/filters/network/redis_proxy/BUILD @@ -17,7 +17,7 @@ envoy_cc_library( name = "command_splitter_interface", hdrs = ["command_splitter.h"], deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/extensions/filters/network/common/redis:codec_interface", ], ) @@ -38,7 +38,7 @@ envoy_cc_library( name = "conn_pool_interface", hdrs = ["conn_pool.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/extensions/filters/network/common/redis:client_interface", "//source/extensions/filters/network/common/redis:codec_interface", ], @@ -58,8 +58,8 @@ envoy_cc_library( ":command_splitter_interface", ":conn_pool_lib", ":router_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/stats:timespan_interface", + "//envoy/stats:stats_macros", + "//envoy/stats:timespan_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", @@ -78,9 +78,9 @@ envoy_cc_library( deps = [ ":config_interface", ":conn_pool_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/stats:stats_macros", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/network:address_lib", @@ -104,9 +104,9 @@ envoy_cc_library( hdrs = ["proxy_filter.h"], deps = [ ":command_splitter_interface", - "//include/envoy/network:drain_decision_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/network:drain_decision_interface", + "//envoy/network:filter_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/config:datasource_lib", @@ -120,14 +120,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", # TODO(#9953) clean up. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "requires_trusted_downstream_and_upstream", deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/extensions/common/redis:cluster_refresh_manager_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", @@ -149,8 +147,8 @@ envoy_cc_library( hdrs = ["router_impl.h"], deps = [ ":router_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/extensions/filters/network/common/redis:codec_lib", "//source/extensions/filters/network/common/redis:supported_commands_lib", "//source/extensions/filters/network/common/redis:utility_lib", diff --git a/source/extensions/filters/network/redis_proxy/command_splitter.h b/source/extensions/filters/network/redis_proxy/command_splitter.h index 019ae429459a..b6905db242e3 100644 --- a/source/extensions/filters/network/redis_proxy/command_splitter.h +++ b/source/extensions/filters/network/redis_proxy/command_splitter.h @@ -5,7 +5,7 @@ #include "envoy/common/pure.h" #include "envoy/event/dispatcher.h" -#include "extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/common/redis/codec.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/command_splitter_impl.cc b/source/extensions/filters/network/redis_proxy/command_splitter_impl.cc index 8b5aa8317cba..65552d8ae523 100644 --- a/source/extensions/filters/network/redis_proxy/command_splitter_impl.cc +++ b/source/extensions/filters/network/redis_proxy/command_splitter_impl.cc @@ -1,8 +1,7 @@ -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/common/redis/supported_commands.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/command_splitter_impl.h b/source/extensions/filters/network/redis_proxy/command_splitter_impl.h index 301daf2450dc..9c765ea10e3c 100644 --- a/source/extensions/filters/network/redis_proxy/command_splitter_impl.h +++ b/source/extensions/filters/network/redis_proxy/command_splitter_impl.h @@ -8,16 +8,15 @@ #include "envoy/stats/stats_macros.h" #include "envoy/stats/timespan.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/stats/timespan_impl.h" - -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/fault_impl.h" -#include "extensions/filters/network/common/redis/utility.h" -#include "extensions/filters/network/redis_proxy/command_splitter.h" -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" -#include "extensions/filters/network/redis_proxy/router.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/stats/timespan_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" +#include "source/extensions/filters/network/common/redis/utility.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/extensions/filters/network/redis_proxy/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/config.cc b/source/extensions/filters/network/redis_proxy/config.cc index d10e951e7b85..4a6790b7569d 100644 --- a/source/extensions/filters/network/redis_proxy/config.cc +++ b/source/extensions/filters/network/redis_proxy/config.cc @@ -1,14 +1,14 @@ -#include "extensions/filters/network/redis_proxy/config.h" +#include "source/extensions/filters/network/redis_proxy/config.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "extensions/common/redis/cluster_refresh_manager_impl.h" -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/fault_impl.h" -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" -#include "extensions/filters/network/redis_proxy/proxy_filter.h" -#include "extensions/filters/network/redis_proxy/router_impl.h" +#include "source/extensions/common/redis/cluster_refresh_manager_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/extensions/filters/network/redis_proxy/proxy_filter.h" +#include "source/extensions/filters/network/redis_proxy/router_impl.h" #include "absl/container/flat_hash_set.h" diff --git a/source/extensions/filters/network/redis_proxy/config.h b/source/extensions/filters/network/redis_proxy/config.h index c3237934fcea..fc32de5163bc 100644 --- a/source/extensions/filters/network/redis_proxy/config.h +++ b/source/extensions/filters/network/redis_proxy/config.h @@ -8,11 +8,10 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/upstream/upstream.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/conn_pool.h b/source/extensions/filters/network/redis_proxy/conn_pool.h index 385fac2eb527..4c9246d63838 100644 --- a/source/extensions/filters/network/redis_proxy/conn_pool.h +++ b/source/extensions/filters/network/redis_proxy/conn_pool.h @@ -6,8 +6,8 @@ #include "envoy/upstream/cluster_manager.h" -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/codec.h" #include "absl/types/variant.h" diff --git a/source/extensions/filters/network/redis_proxy/conn_pool_impl.cc b/source/extensions/filters/network/redis_proxy/conn_pool_impl.cc index 83c04e7bdb89..56a06c67e075 100644 --- a/source/extensions/filters/network/redis_proxy/conn_pool_impl.cc +++ b/source/extensions/filters/network/redis_proxy/conn_pool_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" #include #include @@ -11,11 +11,10 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/stats/utility.h" - -#include "extensions/filters/network/redis_proxy/config.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/stats/utility.h" +#include "source/extensions/filters/network/redis_proxy/config.h" namespace Envoy { namespace Extensions { @@ -153,8 +152,7 @@ void InstanceImpl::ThreadLocalPool::onClusterAddOrUpdateNonVirtual( Upstream::ClusterInfoConstSharedPtr info = cluster_->info(); const auto& cluster_type = info->clusterType(); is_redis_cluster_ = info->lbType() == Upstream::LoadBalancerType::ClusterProvided && - cluster_type.has_value() && - cluster_type->name() == Extensions::Clusters::ClusterTypes::get().Redis; + cluster_type.has_value() && cluster_type->name() == "envoy.clusters.redis"; } void InstanceImpl::ThreadLocalPool::onClusterRemoval(const std::string& cluster_name) { diff --git a/source/extensions/filters/network/redis_proxy/conn_pool_impl.h b/source/extensions/filters/network/redis_proxy/conn_pool_impl.h index 60c27afe1c22..76373d33fe9c 100644 --- a/source/extensions/filters/network/redis_proxy/conn_pool_impl.h +++ b/source/extensions/filters/network/redis_proxy/conn_pool_impl.h @@ -12,22 +12,20 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/filter_impl.h" -#include "common/protobuf/utility.h" -#include "common/singleton/const_singleton.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" - +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/filter_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "source/extensions/clusters/redis/redis_cluster_lb.h" - -#include "extensions/common/redis/cluster_refresh_manager.h" -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/codec_impl.h" -#include "extensions/filters/network/common/redis/utility.h" -#include "extensions/filters/network/redis_proxy/conn_pool.h" +#include "source/extensions/common/redis/cluster_refresh_manager.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" +#include "source/extensions/filters/network/common/redis/utility.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool.h" #include "absl/container/node_hash_map.h" diff --git a/source/extensions/filters/network/redis_proxy/proxy_filter.cc b/source/extensions/filters/network/redis_proxy/proxy_filter.cc index 54e029813ef0..cbc1be8302c0 100644 --- a/source/extensions/filters/network/redis_proxy/proxy_filter.cc +++ b/source/extensions/filters/network/redis_proxy/proxy_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/redis_proxy/proxy_filter.h" +#include "source/extensions/filters/network/redis_proxy/proxy_filter.h" #include #include @@ -6,10 +6,10 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/datasource.h" -#include "common/config/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/datasource.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/proxy_filter.h b/source/extensions/filters/network/redis_proxy/proxy_filter.h index 103e7c33c9e6..12fbc9255549 100644 --- a/source/extensions/filters/network/redis_proxy/proxy_filter.h +++ b/source/extensions/filters/network/redis_proxy/proxy_filter.h @@ -11,10 +11,9 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/common/redis/codec.h" -#include "extensions/filters/network/redis_proxy/command_splitter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/common/redis/codec.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/router.h b/source/extensions/filters/network/redis_proxy/router.h index d1090be1ed8d..339a672ef645 100644 --- a/source/extensions/filters/network/redis_proxy/router.h +++ b/source/extensions/filters/network/redis_proxy/router.h @@ -6,7 +6,7 @@ #include "envoy/common/pure.h" -#include "extensions/filters/network/redis_proxy/conn_pool.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/redis_proxy/router_impl.cc b/source/extensions/filters/network/redis_proxy/router_impl.cc index bccb472c8e3a..3e5048737ef1 100644 --- a/source/extensions/filters/network/redis_proxy/router_impl.cc +++ b/source/extensions/filters/network/redis_proxy/router_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/redis_proxy/router_impl.h" +#include "source/extensions/filters/network/redis_proxy/router_impl.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/type/v3/percent.pb.h" diff --git a/source/extensions/filters/network/redis_proxy/router_impl.h b/source/extensions/filters/network/redis_proxy/router_impl.h index e60552c5c879..47a04f9adec8 100644 --- a/source/extensions/filters/network/redis_proxy/router_impl.h +++ b/source/extensions/filters/network/redis_proxy/router_impl.h @@ -13,9 +13,9 @@ #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "extensions/filters/network/common/redis/supported_commands.h" -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" -#include "extensions/filters/network/redis_proxy/router.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/extensions/filters/network/redis_proxy/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/BUILD b/source/extensions/filters/network/rocketmq_proxy/BUILD index 4dd07abc6225..f9ea690d242d 100644 --- a/source/extensions/filters/network/rocketmq_proxy/BUILD +++ b/source/extensions/filters/network/rocketmq_proxy/BUILD @@ -19,8 +19,8 @@ envoy_cc_library( name = "stats_interface", hdrs = ["stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", ], ) @@ -74,7 +74,7 @@ envoy_cc_library( ], deps = [ ":protocol_lib", - "//include/envoy/network:filter_interface", + "//envoy/network:filter_interface", "//source/common/protobuf:utility_lib", ], ) @@ -95,11 +95,11 @@ envoy_cc_library( ":rocketmq_lib", ":stats_interface", ":well_known_names", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", @@ -122,13 +122,10 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":conn_manager_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/common:logger_lib", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", diff --git a/source/extensions/filters/network/rocketmq_proxy/active_message.cc b/source/extensions/filters/network/rocketmq_proxy/active_message.cc index 2a263fe752bb..772806a5829c 100644 --- a/source/extensions/filters/network/rocketmq_proxy/active_message.cc +++ b/source/extensions/filters/network/rocketmq_proxy/active_message.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/network/rocketmq_proxy/active_message.h" +#include "source/extensions/filters/network/rocketmq_proxy/active_message.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/topic_route.h" -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/topic_route.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/extensions/filters/network/well_known_names.h" #include "absl/strings/match.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/active_message.h b/source/extensions/filters/network/rocketmq_proxy/active_message.h index 1cb83453755c..cbec9f107128 100644 --- a/source/extensions/filters/network/rocketmq_proxy/active_message.h +++ b/source/extensions/filters/network/rocketmq_proxy/active_message.h @@ -5,14 +5,13 @@ #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/rocketmq_proxy/codec.h" -#include "extensions/filters/network/rocketmq_proxy/protocol.h" -#include "extensions/filters/network/rocketmq_proxy/router/router.h" -#include "extensions/filters/network/rocketmq_proxy/topic_route.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/rocketmq_proxy/codec.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router.h" +#include "source/extensions/filters/network/rocketmq_proxy/topic_route.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/codec.cc b/source/extensions/filters/network/rocketmq_proxy/codec.cc index eabf762cdf19..8255de59d3e1 100644 --- a/source/extensions/filters/network/rocketmq_proxy/codec.cc +++ b/source/extensions/filters/network/rocketmq_proxy/codec.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/network/rocketmq_proxy/codec.h" +#include "source/extensions/filters/network/rocketmq_proxy/codec.h" #include -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/codec.h b/source/extensions/filters/network/rocketmq_proxy/codec.h index 3f307b8500bb..5459c380370e 100644 --- a/source/extensions/filters/network/rocketmq_proxy/codec.h +++ b/source/extensions/filters/network/rocketmq_proxy/codec.h @@ -7,11 +7,10 @@ #include "envoy/common/platform.h" #include "envoy/network/filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/config.cc b/source/extensions/filters/network/rocketmq_proxy/config.cc index f4fdbfbaf65a..938c79edaa71 100644 --- a/source/extensions/filters/network/rocketmq_proxy/config.cc +++ b/source/extensions/filters/network/rocketmq_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" #include @@ -6,9 +6,9 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/stats.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/stats.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/config.h b/source/extensions/filters/network/rocketmq_proxy/config.h index 5597a27c0801..5ff3d7e98966 100644 --- a/source/extensions/filters/network/rocketmq_proxy/config.h +++ b/source/extensions/filters/network/rocketmq_proxy/config.h @@ -6,11 +6,11 @@ #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/router/route_matcher.h" -#include "extensions/filters/network/rocketmq_proxy/router/router_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/conn_manager.cc b/source/extensions/filters/network/rocketmq_proxy/conn_manager.cc index f25b57eac096..8f5ba509f6db 100644 --- a/source/extensions/filters/network/rocketmq_proxy/conn_manager.cc +++ b/source/extensions/filters/network/rocketmq_proxy/conn_manager.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "envoy/buffer/buffer.h" #include "envoy/network/connection.h" -#include "common/common/enum_to_int.h" -#include "common/protobuf/utility.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/conn_manager.h b/source/extensions/filters/network/rocketmq_proxy/conn_manager.h index 29f3faf48ad5..e724b15b3393 100644 --- a/source/extensions/filters/network/rocketmq_proxy/conn_manager.h +++ b/source/extensions/filters/network/rocketmq_proxy/conn_manager.h @@ -13,12 +13,11 @@ #include "envoy/stats/timespan.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/rocketmq_proxy/active_message.h" -#include "extensions/filters/network/rocketmq_proxy/codec.h" -#include "extensions/filters/network/rocketmq_proxy/stats.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/rocketmq_proxy/active_message.h" +#include "source/extensions/filters/network/rocketmq_proxy/codec.h" +#include "source/extensions/filters/network/rocketmq_proxy/stats.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/metadata.h b/source/extensions/filters/network/rocketmq_proxy/metadata.h index db71356b8064..a2efeb031bbc 100644 --- a/source/extensions/filters/network/rocketmq_proxy/metadata.h +++ b/source/extensions/filters/network/rocketmq_proxy/metadata.h @@ -2,7 +2,7 @@ #include -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/protocol.cc b/source/extensions/filters/network/rocketmq_proxy/protocol.cc index d3bb8a48d598..f35a5f68d64f 100644 --- a/source/extensions/filters/network/rocketmq_proxy/protocol.cc +++ b/source/extensions/filters/network/rocketmq_proxy/protocol.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" - -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/protocol.h b/source/extensions/filters/network/rocketmq_proxy/protocol.h index 151785193546..c6a085562799 100644 --- a/source/extensions/filters/network/rocketmq_proxy/protocol.h +++ b/source/extensions/filters/network/rocketmq_proxy/protocol.h @@ -6,11 +6,10 @@ #include "envoy/common/pure.h" #include "envoy/common/time.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/network/rocketmq_proxy/metadata.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/network/rocketmq_proxy/metadata.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/router/BUILD b/source/extensions/filters/network/rocketmq_proxy/router/BUILD index 8f303861daae..396e5bc40132 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/BUILD +++ b/source/extensions/filters/network/rocketmq_proxy/router/BUILD @@ -12,8 +12,8 @@ envoy_cc_library( name = "router_interface", hdrs = ["router.h"], deps = [ - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:load_balancer_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:load_balancer_interface", "//source/common/upstream:load_balancer_lib", ], ) @@ -24,8 +24,8 @@ envoy_cc_library( hdrs = ["router_impl.h"], deps = [ ":router_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:thread_local_cluster_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:thread_local_cluster_interface", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/rocketmq_proxy:conn_manager_lib", ], @@ -37,8 +37,8 @@ envoy_cc_library( hdrs = ["route_matcher.h"], deps = [ ":router_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:logger_lib", "//source/common/common:matchers_lib", "//source/common/http:header_utility_lib", diff --git a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc index 91c66e5887c7..4bb961f5fa39 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc +++ b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc @@ -1,9 +1,8 @@ -#include "extensions/filters/network/rocketmq_proxy/router/route_matcher.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h" -#include "common/router/metadatamatchcriteria_impl.h" - -#include "extensions/filters/network/rocketmq_proxy/metadata.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/router/metadatamatchcriteria_impl.h" +#include "source/extensions/filters/network/rocketmq_proxy/metadata.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h index 6c98427f5a12..06aec7221d25 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h @@ -6,11 +6,10 @@ #include "envoy/extensions/filters/network/rocketmq_proxy/v3/route.pb.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" -#include "common/common/matchers.h" -#include "common/http/header_utility.h" - -#include "extensions/filters/network/rocketmq_proxy/router/router.h" +#include "source/common/common/logger.h" +#include "source/common/common/matchers.h" +#include "source/common/http/header_utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router.h b/source/extensions/filters/network/rocketmq_proxy/router/router.h index 7ab07d310a97..7a4f9c60db9f 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/router.h @@ -2,7 +2,7 @@ #include "envoy/tcp/conn_pool.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/upstream/load_balancer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc index 8cfb40a7cdfa..7c24db78482f 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc +++ b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/network/rocketmq_proxy/router/router_impl.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router_impl.h" -#include "common/common/enum_to_int.h" - -#include "extensions/filters/network/rocketmq_proxy/active_message.h" -#include "extensions/filters/network/rocketmq_proxy/codec.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/protocol.h" -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/enum_to_int.h" +#include "source/extensions/filters/network/rocketmq_proxy/active_message.h" +#include "source/extensions/filters/network/rocketmq_proxy/codec.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { @@ -35,27 +34,25 @@ void RouterImpl::onBelowWriteBufferLowWatermark() { } void RouterImpl::onEvent(Network::ConnectionEvent event) { - switch (event) { + switch (event) case Network::ConnectionEvent::RemoteClose: { ENVOY_LOG(error, "Connection to upstream: {} is closed by remote peer", upstream_host_->address()->asString()); // Send local reply to downstream active_message_->onError("Connection to upstream is closed by remote peer"); break; - } - case Network::ConnectionEvent::LocalClose: { + case Network::ConnectionEvent::LocalClose: ENVOY_LOG(error, "Connection to upstream: {} has been closed", upstream_host_->address()->asString()); // Send local reply to downstream active_message_->onError("Connection to upstream has been closed"); break; - } default: // Ignore other events for now ENVOY_LOG(trace, "Ignore event type"); return; } - active_message_->onReset(); + active_message_->onReset(); } const Envoy::Router::MetadataMatchCriteria* RouterImpl::metadataMatchCriteria() { @@ -106,9 +103,8 @@ void RouterImpl::sendRequestToUpstream(ActiveMessage& active_message) { return; } - Tcp::ConnectionPool::Instance* conn_pool = - cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); - if (!conn_pool) { + auto data = cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); + if (!data) { ENVOY_LOG(warn, "No host available for cluster {}. Opaque: {}", cluster_name, opaque); active_message.onError("No host available"); reset(); @@ -116,7 +112,7 @@ void RouterImpl::sendRequestToUpstream(ActiveMessage& active_message) { } upstream_request_ = std::make_unique(*this); - Tcp::ConnectionPool::Cancellable* cancellable = conn_pool->newConnection(*upstream_request_); + Tcp::ConnectionPool::Cancellable* cancellable = data.value().newConnection(*upstream_request_); if (cancellable) { handle_ = cancellable; ENVOY_LOG(trace, "No connection is available for now. Create a cancellable handle. Opaque: {}", @@ -170,6 +166,7 @@ void RouterImpl::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDat } void RouterImpl::UpstreamRequest::onPoolFailure(Tcp::ConnectionPool::PoolFailureReason reason, + absl::string_view, Upstream::HostDescriptionConstSharedPtr host) { if (router_.handle_) { ENVOY_LOG(trace, "#onPoolFailure, reset cancellable handle to nullptr"); diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h index b56960266b28..38a61dcdfef2 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h @@ -4,10 +4,9 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/common/logger.h" -#include "common/upstream/load_balancer_impl.h" - -#include "extensions/filters/network/rocketmq_proxy/router/router.h" +#include "source/common/common/logger.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router.h" namespace Envoy { namespace Extensions { @@ -42,6 +41,7 @@ class RouterImpl : public Router, public Logger::Loggable UpstreamRequest(RouterImpl& router); void onPoolFailure(Tcp::ConnectionPool::PoolFailureReason reason, + absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, diff --git a/source/extensions/filters/network/rocketmq_proxy/topic_route.cc b/source/extensions/filters/network/rocketmq_proxy/topic_route.cc index 17a00e3879e9..afe0a828d0ad 100644 --- a/source/extensions/filters/network/rocketmq_proxy/topic_route.cc +++ b/source/extensions/filters/network/rocketmq_proxy/topic_route.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/rocketmq_proxy/topic_route.h" +#include "source/extensions/filters/network/rocketmq_proxy/topic_route.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/rocketmq_proxy/topic_route.h b/source/extensions/filters/network/rocketmq_proxy/topic_route.h index 01958aef9a51..6d5622e24366 100644 --- a/source/extensions/filters/network/rocketmq_proxy/topic_route.h +++ b/source/extensions/filters/network/rocketmq_proxy/topic_route.h @@ -3,7 +3,7 @@ #include #include -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "absl/container/node_hash_map.h" diff --git a/source/extensions/filters/network/rocketmq_proxy/well_known_names.h b/source/extensions/filters/network/rocketmq_proxy/well_known_names.h index 7a02dda1a50d..3c04eed8a30a 100644 --- a/source/extensions/filters/network/rocketmq_proxy/well_known_names.h +++ b/source/extensions/filters/network/rocketmq_proxy/well_known_names.h @@ -2,7 +2,7 @@ #include -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_cluster/BUILD b/source/extensions/filters/network/sni_cluster/BUILD index 310bf058c192..8c83a5a9c968 100644 --- a/source/extensions/filters/network/sni_cluster/BUILD +++ b/source/extensions/filters/network/sni_cluster/BUILD @@ -14,8 +14,8 @@ envoy_cc_library( srcs = ["sni_cluster.cc"], hdrs = ["sni_cluster.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/tcp_proxy", @@ -26,12 +26,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "unknown", deps = [ ":sni_cluster", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/sni_cluster/v3:pkg_cc_proto", ], diff --git a/source/extensions/filters/network/sni_cluster/config.cc b/source/extensions/filters/network/sni_cluster/config.cc index 96bf6ffa2844..5bf4bc53b504 100644 --- a/source/extensions/filters/network/sni_cluster/config.cc +++ b/source/extensions/filters/network/sni_cluster/config.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/network/sni_cluster/config.h" +#include "source/extensions/filters/network/sni_cluster/config.h" #include "envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.pb.h" #include "envoy/extensions/filters/network/sni_cluster/v3/sni_cluster.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/network/sni_cluster/sni_cluster.h" +#include "source/extensions/filters/network/sni_cluster/sni_cluster.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_cluster/config.h b/source/extensions/filters/network/sni_cluster/config.h index 9091e7685401..b2c18d98ef0c 100644 --- a/source/extensions/filters/network/sni_cluster/config.h +++ b/source/extensions/filters/network/sni_cluster/config.h @@ -2,7 +2,7 @@ #include "envoy/server/filter_config.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_cluster/sni_cluster.cc b/source/extensions/filters/network/sni_cluster/sni_cluster.cc index 876eca758a94..6fea2639de93 100644 --- a/source/extensions/filters/network/sni_cluster/sni_cluster.cc +++ b/source/extensions/filters/network/sni_cluster/sni_cluster.cc @@ -1,9 +1,9 @@ -#include "extensions/filters/network/sni_cluster/sni_cluster.h" +#include "source/extensions/filters/network/sni_cluster/sni_cluster.h" #include "envoy/network/connection.h" -#include "common/common/assert.h" -#include "common/tcp_proxy/tcp_proxy.h" +#include "source/common/common/assert.h" +#include "source/common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_cluster/sni_cluster.h b/source/extensions/filters/network/sni_cluster/sni_cluster.h index d062368ac666..d5dc62edcc95 100644 --- a/source/extensions/filters/network/sni_cluster/sni_cluster.h +++ b/source/extensions/filters/network/sni_cluster/sni_cluster.h @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_dynamic_forward_proxy/BUILD b/source/extensions/filters/network/sni_dynamic_forward_proxy/BUILD index bed8252554bb..335b62d0192c 100644 --- a/source/extensions/filters/network/sni_dynamic_forward_proxy/BUILD +++ b/source/extensions/filters/network/sni_dynamic_forward_proxy/BUILD @@ -14,8 +14,8 @@ envoy_cc_library( srcs = ["proxy_filter.cc"], hdrs = ["proxy_filter.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/tcp_proxy", @@ -28,9 +28,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "unknown", - status = "alpha", deps = [ ":proxy_filter_lib", "//source/extensions/common/dynamic_forward_proxy:dns_cache_manager_impl", diff --git a/source/extensions/filters/network/sni_dynamic_forward_proxy/config.cc b/source/extensions/filters/network/sni_dynamic_forward_proxy/config.cc index 97924d6086c6..54a7ef5a05a5 100644 --- a/source/extensions/filters/network/sni_dynamic_forward_proxy/config.cc +++ b/source/extensions/filters/network/sni_dynamic_forward_proxy/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/sni_dynamic_forward_proxy/config.h" +#include "source/extensions/filters/network/sni_dynamic_forward_proxy/config.h" #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" -#include "extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" +#include "source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_dynamic_forward_proxy/config.h b/source/extensions/filters/network/sni_dynamic_forward_proxy/config.h index c54dc6d56937..f2aea2c4b85f 100644 --- a/source/extensions/filters/network/sni_dynamic_forward_proxy/config.h +++ b/source/extensions/filters/network/sni_dynamic_forward_proxy/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.h" #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.cc b/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.cc index 01089bfca094..3c8f6e079890 100644 --- a/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.cc +++ b/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" +#include "source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" #include "envoy/network/connection.h" #include "envoy/network/filter.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/common/assert.h" -#include "common/tcp_proxy/tcp_proxy.h" +#include "source/common/common/assert.h" +#include "source/common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h b/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h index 0839fe064189..e7f0de159d20 100644 --- a/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h +++ b/source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h @@ -4,9 +4,8 @@ #include "envoy/network/filter.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" - -#include "extensions/common/dynamic_forward_proxy/dns_cache.h" +#include "source/common/common/logger.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/tcp_proxy/BUILD b/source/extensions/filters/network/tcp_proxy/BUILD index e1a22d965da9..723dec148112 100644 --- a/source/extensions/filters/network/tcp_proxy/BUILD +++ b/source/extensions/filters/network/tcp_proxy/BUILD @@ -15,12 +15,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/tcp_proxy", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", diff --git a/source/extensions/filters/network/tcp_proxy/config.cc b/source/extensions/filters/network/tcp_proxy/config.cc index 9543c5683f64..ccdc6e7a69da 100644 --- a/source/extensions/filters/network/tcp_proxy/config.cc +++ b/source/extensions/filters/network/tcp_proxy/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/tcp_proxy/config.h" +#include "source/extensions/filters/network/tcp_proxy/config.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/tcp_proxy/tcp_proxy.h" +#include "source/common/tcp_proxy/tcp_proxy.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/tcp_proxy/config.h b/source/extensions/filters/network/tcp_proxy/config.h index e4ded4263d92..7c0c4fba6a36 100644 --- a/source/extensions/filters/network/tcp_proxy/config.h +++ b/source/extensions/filters/network/tcp_proxy/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/BUILD b/source/extensions/filters/network/thrift_proxy/BUILD index 47439e4c53ea..be42dd471b50 100644 --- a/source/extensions/filters/network/thrift_proxy/BUILD +++ b/source/extensions/filters/network/thrift_proxy/BUILD @@ -16,7 +16,7 @@ envoy_cc_library( deps = [ ":protocol_interface", ":thrift_lib", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) @@ -36,8 +36,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":app_exception_lib", ":auto_protocol_lib", @@ -51,12 +49,11 @@ envoy_cc_extension( ":protocol_interface", ":twitter_protocol_lib", ":unframed_transport_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/extensions/filters/network:well_known_names", "//source/extensions/filters/network/common:factory_base_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_config_interface", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "//source/extensions/filters/network/thrift_proxy/router:router_lib", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/v3:pkg_cc_proto", ], @@ -74,12 +71,12 @@ envoy_cc_library( ":protocol_interface", ":stats_lib", ":transport_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:linked_object", @@ -121,7 +118,7 @@ envoy_cc_library( deps = [ ":thrift_lib", ":tracing_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "//source/common/common:macros", "//source/common/http:header_map_lib", ], @@ -142,7 +139,7 @@ envoy_cc_library( deps = [ ":decoder_events_lib", ":protocol_interface", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) @@ -159,9 +156,9 @@ envoy_cc_library( ":thrift_lib", ":thrift_object_interface", ":transport_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/registry", + "//envoy/buffer:buffer_interface", + "//envoy/config:typed_config_interface", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", @@ -238,8 +235,8 @@ envoy_cc_library( name = "stats_lib", hdrs = ["stats.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", ], ) @@ -251,9 +248,9 @@ envoy_cc_library( ":buffer_helper_lib", ":metadata_lib", ":thrift_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/registry", + "//envoy/buffer:buffer_interface", + "//envoy/config:typed_config_interface", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/singleton:const_singleton", @@ -264,7 +261,7 @@ envoy_cc_library( name = "conn_state_lib", hdrs = ["conn_state.h"], deps = [ - "//include/envoy/tcp:conn_pool_interface", + "//envoy/tcp:conn_pool_interface", ], ) @@ -282,7 +279,7 @@ envoy_cc_library( hdrs = ["thrift_object.h"], deps = [ ":thrift_lib", - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", ], ) diff --git a/source/extensions/filters/network/thrift_proxy/app_exception_impl.cc b/source/extensions/filters/network/thrift_proxy/app_exception_impl.cc index 33e8d248d215..6437de01a410 100644 --- a/source/extensions/filters/network/thrift_proxy/app_exception_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/app_exception_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/app_exception_impl.h b/source/extensions/filters/network/thrift_proxy/app_exception_impl.h index 6ca0012bcaec..fffacd783d95 100644 --- a/source/extensions/filters/network/thrift_proxy/app_exception_impl.h +++ b/source/extensions/filters/network/thrift_proxy/app_exception_impl.h @@ -2,9 +2,9 @@ #include "envoy/common/exception.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.cc b/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.cc index be1c42bbcfa9..908560c39447 100644 --- a/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.cc @@ -1,17 +1,16 @@ -#include "extensions/filters/network/thrift_proxy/auto_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/byte_order.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h b/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h index 51492e804c2d..c15d50e3de9d 100644 --- a/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h +++ b/source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h @@ -4,9 +4,8 @@ #include "envoy/buffer/buffer.h" -#include "common/common/fmt.h" - -#include "extensions/filters/network/thrift_proxy/protocol.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/auto_transport_impl.cc b/source/extensions/filters/network/thrift_proxy/auto_transport_impl.cc index 022c711cbae2..9cad6091a586 100644 --- a/source/extensions/filters/network/thrift_proxy/auto_transport_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/auto_transport_impl.cc @@ -1,15 +1,14 @@ -#include "extensions/filters/network/thrift_proxy/auto_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/auto_transport_impl.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" - -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/header_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/header_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/auto_transport_impl.h b/source/extensions/filters/network/thrift_proxy/auto_transport_impl.h index 4db0109c88b2..65d8be0c7668 100644 --- a/source/extensions/filters/network/thrift_proxy/auto_transport_impl.h +++ b/source/extensions/filters/network/thrift_proxy/auto_transport_impl.h @@ -4,9 +4,8 @@ #include "envoy/buffer/buffer.h" -#include "common/common/fmt.h" - -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.cc b/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.cc index 556380f1af44..805ec973e021 100644 --- a/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.cc @@ -1,14 +1,13 @@ -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h b/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h index cfd687ba1878..a3497aa70a6d 100644 --- a/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h +++ b/source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h @@ -5,7 +5,7 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/buffer_helper.cc b/source/extensions/filters/network/thrift_proxy/buffer_helper.cc index 48167e024bed..ca3d209f423b 100644 --- a/source/extensions/filters/network/thrift_proxy/buffer_helper.cc +++ b/source/extensions/filters/network/thrift_proxy/buffer_helper.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" -#include "common/common/byte_order.h" -#include "common/common/safe_memcpy.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/safe_memcpy.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/buffer_helper.h b/source/extensions/filters/network/thrift_proxy/buffer_helper.h index 90acf982edf0..c4999001f5ae 100644 --- a/source/extensions/filters/network/thrift_proxy/buffer_helper.h +++ b/source/extensions/filters/network/thrift_proxy/buffer_helper.h @@ -3,7 +3,7 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.cc b/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.cc index f496db6850bf..4bab4da2e625 100644 --- a/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.cc @@ -1,14 +1,13 @@ -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include #include "envoy/common/exception.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h b/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h index 5d69037d68e2..fb89e613ece3 100644 --- a/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h +++ b/source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h @@ -6,7 +6,7 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/thrift_proxy/config.cc b/source/extensions/filters/network/thrift_proxy/config.cc index dd835c7cf48d..bd0cf021f079 100644 --- a/source/extensions/filters/network/thrift_proxy/config.cc +++ b/source/extensions/filters/network/thrift_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/config.h" +#include "source/extensions/filters/network/thrift_proxy/config.h" #include #include @@ -8,18 +8,16 @@ #include "envoy/network/connection.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/filters/network/thrift_proxy/auto_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/auto_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/decoder.h" -#include "extensions/filters/network/thrift_proxy/filters/filter_config.h" -#include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/stats.h" -#include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" +#include "source/common/config/utility.h" +#include "source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/auto_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/decoder.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter_config.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/stats.h" +#include "source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { @@ -129,7 +127,7 @@ ConfigImpl::ConfigImpl( ENVOY_LOG(debug, "using default router filter"); envoy::extensions::filters::network::thrift_proxy::v3::ThriftFilter router; - router.set_name(ThriftFilters::ThriftFilterNames::get().ROUTER); + router.set_name("envoy.filters.thrift.router"); processFilter(router); } else { for (const auto& filter : config.thrift_filters()) { diff --git a/source/extensions/filters/network/thrift_proxy/config.h b/source/extensions/filters/network/thrift_proxy/config.h index de2cd2bb4e29..8cc5d722071f 100644 --- a/source/extensions/filters/network/thrift_proxy/config.h +++ b/source/extensions/filters/network/thrift_proxy/config.h @@ -6,11 +6,11 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/thrift_proxy/conn_manager.h" -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/router/router_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/thrift_proxy/conn_manager.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_impl.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/conn_manager.cc b/source/extensions/filters/network/thrift_proxy/conn_manager.cc index 078f3a8ccbf6..c3de018f2dfd 100644 --- a/source/extensions/filters/network/thrift_proxy/conn_manager.cc +++ b/source/extensions/filters/network/thrift_proxy/conn_manager.cc @@ -1,11 +1,11 @@ -#include "extensions/filters/network/thrift_proxy/conn_manager.h" +#include "source/extensions/filters/network/thrift_proxy/conn_manager.h" #include "envoy/common/exception.h" #include "envoy/event/dispatcher.h" -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/conn_manager.h b/source/extensions/filters/network/thrift_proxy/conn_manager.h index eb056aaed122..f4e19152d0aa 100644 --- a/source/extensions/filters/network/thrift_proxy/conn_manager.h +++ b/source/extensions/filters/network/thrift_proxy/conn_manager.h @@ -7,18 +7,17 @@ #include "envoy/network/filter.h" #include "envoy/stats/timespan.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/linked_object.h" -#include "common/common/logger.h" -#include "common/stats/timespan_impl.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/filters/network/thrift_proxy/decoder.h" -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/protocol_converter.h" -#include "extensions/filters/network/thrift_proxy/stats.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/logger.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/filters/network/thrift_proxy/decoder.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/protocol_converter.h" +#include "source/extensions/filters/network/thrift_proxy/stats.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" #include "absl/types/any.h" diff --git a/source/extensions/filters/network/thrift_proxy/decoder.cc b/source/extensions/filters/network/thrift_proxy/decoder.cc index 55f23af6ef88..111703e63da5 100644 --- a/source/extensions/filters/network/thrift_proxy/decoder.cc +++ b/source/extensions/filters/network/thrift_proxy/decoder.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/thrift_proxy/decoder.h" +#include "source/extensions/filters/network/thrift_proxy/decoder.h" #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/decoder.h b/source/extensions/filters/network/thrift_proxy/decoder.h index 6c8b8bef5755..99739221c510 100644 --- a/source/extensions/filters/network/thrift_proxy/decoder.h +++ b/source/extensions/filters/network/thrift_proxy/decoder.h @@ -2,12 +2,11 @@ #include "envoy/buffer/buffer.h" -#include "common/common/assert.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/decoder_events.h b/source/extensions/filters/network/thrift_proxy/decoder_events.h index b5981d6bc1df..342f65ece685 100644 --- a/source/extensions/filters/network/thrift_proxy/decoder_events.h +++ b/source/extensions/filters/network/thrift_proxy/decoder_events.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/BUILD b/source/extensions/filters/network/thrift_proxy/filters/BUILD index 36e94c0a648c..195d75cf741c 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/BUILD +++ b/source/extensions/filters/network/thrift_proxy/filters/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( hdrs = ["filter_config.h"], deps = [ ":filter_interface", - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:macros", "//source/common/protobuf:cc_wkt_protos", ], @@ -33,25 +33,16 @@ envoy_cc_library( name = "filter_interface", hdrs = ["filter.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/stream_info:stream_info_interface", "//source/extensions/filters/network/thrift_proxy:decoder_events_lib", "//source/extensions/filters/network/thrift_proxy:protocol_interface", "//source/extensions/filters/network/thrift_proxy:thrift_lib", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "//source/extensions/filters/network/thrift_proxy/router:router_interface", ], ) -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) - envoy_cc_library( name = "pass_through_filter_lib", hdrs = ["pass_through_filter.h"], diff --git a/source/extensions/filters/network/thrift_proxy/filters/factory_base.h b/source/extensions/filters/network/thrift_proxy/filters/factory_base.h index 3f6f1b144d11..ee75cb7316ae 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/factory_base.h +++ b/source/extensions/filters/network/thrift_proxy/filters/factory_base.h @@ -1,8 +1,7 @@ #pragma once -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/thrift_proxy/filters/filter_config.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter_config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/filter.h b/source/extensions/filters/network/thrift_proxy/filters/filter.h index b8b73ddf517b..4a75fecad750 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/filter.h +++ b/source/extensions/filters/network/thrift_proxy/filters/filter.h @@ -8,11 +8,11 @@ #include "envoy/network/connection.h" #include "envoy/stream_info/stream_info.h" -#include "extensions/filters/network/thrift_proxy/decoder_events.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" -#include "extensions/filters/network/thrift_proxy/thrift.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/decoder_events.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/filter_config.h b/source/extensions/filters/network/thrift_proxy/filters/filter_config.h index 62d900a8b1d6..f87669990fd6 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/filter_config.h +++ b/source/extensions/filters/network/thrift_proxy/filters/filter_config.h @@ -3,10 +3,9 @@ #include "envoy/config/typed_config.h" #include "envoy/server/filter_config.h" -#include "common/common/macros.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h b/source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h index dfcdebb8888c..5858ff46e6c1 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h +++ b/source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h @@ -1,6 +1,6 @@ #pragma once -#include "extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD index b27da3987272..2111de636907 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD +++ b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["ratelimit.cc"], hdrs = ["ratelimit.h"], deps = [ - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/protobuf:utility_lib", "//source/common/tracing:http_tracer_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", @@ -22,7 +22,6 @@ envoy_cc_library( "//source/extensions/filters/common/ratelimit:stat_names_lib", "//source/extensions/filters/network/thrift_proxy:app_exception_lib", "//source/extensions/filters/network/thrift_proxy/filters:pass_through_filter_lib", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "//source/extensions/filters/network/thrift_proxy/router:router_ratelimit_interface", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg_cc_proto", ], @@ -32,18 +31,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.thrift_proxy.filters", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":ratelimit_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", "//source/extensions/filters/common/ratelimit:ratelimit_lib", "//source/extensions/filters/network/thrift_proxy/filters:factory_base_lib", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.cc b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.cc index a3e442de6347..82217079c8e9 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.cc +++ b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/filters/ratelimit/config.h" +#include "source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h" #include #include @@ -7,11 +7,10 @@ #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" -#include "extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h index aba657fbe605..57b39c03060d 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h +++ b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h @@ -3,9 +3,8 @@ #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/network/thrift_proxy/filters/factory_base.h" -#include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/network/thrift_proxy/filters/factory_base.h" namespace Envoy { namespace Extensions { @@ -21,8 +20,7 @@ class RateLimitFilterConfig : public ThriftProxy::ThriftFilters::FactoryBase< envoy::extensions::filters::network::thrift_proxy::filters::ratelimit::v3::RateLimit> { public: - RateLimitFilterConfig() - : FactoryBase(ThriftProxy::ThriftFilters::ThriftFilterNames::get().RATE_LIMIT) {} + RateLimitFilterConfig() : FactoryBase("envoy.filters.thrift.rate_limit") {} private: ThriftProxy::ThriftFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.cc b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.cc index 7fcfef1f0817..c71612a7f6bc 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.cc +++ b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.cc @@ -1,11 +1,9 @@ -#include "extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" +#include "source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h" namespace Envoy { namespace Extensions { @@ -73,8 +71,8 @@ void Filter::complete(Filters::Common::RateLimit::LimitStatus status, UNREFERENCED_PARAMETER(request_headers_to_add); if (dynamic_metadata != nullptr && !dynamic_metadata->fields().empty()) { - decoder_callbacks_->streamInfo().setDynamicMetadata( - ThriftProxy::ThriftFilters::ThriftFilterNames::get().RATE_LIMIT, *dynamic_metadata); + decoder_callbacks_->streamInfo().setDynamicMetadata("envoy.filters.thrift.rate_limit", + *dynamic_metadata); } state_ = State::Complete; diff --git a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h index 8fe178752c12..d796044555e5 100644 --- a/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h +++ b/source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h @@ -9,11 +9,10 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/common/ratelimit/ratelimit.h" -#include "extensions/filters/common/ratelimit/stat_names.h" -#include "extensions/filters/network/thrift_proxy/filters/pass_through_filter.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/common/ratelimit/stat_names.h" +#include "source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/filters/well_known_names.h b/source/extensions/filters/network/thrift_proxy/filters/well_known_names.h deleted file mode 100644 index 83f672c524f1..000000000000 --- a/source/extensions/filters/network/thrift_proxy/filters/well_known_names.h +++ /dev/null @@ -1,32 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace NetworkFilters { -namespace ThriftProxy { -namespace ThriftFilters { - -/** - * Well-known http filter names. - * NOTE: New filters should use the well known name: envoy.filters.thrift.name. - */ -class ThriftFilterNameValues { -public: - // Ratelimit filter - const std::string RATE_LIMIT = "envoy.filters.thrift.rate_limit"; - - // Router filter - const std::string ROUTER = "envoy.filters.thrift.router"; -}; - -using ThriftFilterNames = ConstSingleton; - -} // namespace ThriftFilters -} // namespace ThriftProxy -} // namespace NetworkFilters -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/filters/network/thrift_proxy/framed_transport_impl.cc b/source/extensions/filters/network/thrift_proxy/framed_transport_impl.cc index b2dfcf1e3b09..40ee57bc3393 100644 --- a/source/extensions/filters/network/thrift_proxy/framed_transport_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/framed_transport_impl.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" #include "envoy/common/exception.h" -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/framed_transport_impl.h b/source/extensions/filters/network/thrift_proxy/framed_transport_impl.h index 786bfce0680b..4984bb197922 100644 --- a/source/extensions/filters/network/thrift_proxy/framed_transport_impl.h +++ b/source/extensions/filters/network/thrift_proxy/framed_transport_impl.h @@ -4,7 +4,7 @@ #include "envoy/buffer/buffer.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/header_transport_impl.cc b/source/extensions/filters/network/thrift_proxy/header_transport_impl.cc index 0a548452c820..cbfb42b0dc08 100644 --- a/source/extensions/filters/network/thrift_proxy/header_transport_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/header_transport_impl.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/thrift_proxy/header_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/header_transport_impl.h" #include #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" #include "absl/strings/str_replace.h" diff --git a/source/extensions/filters/network/thrift_proxy/header_transport_impl.h b/source/extensions/filters/network/thrift_proxy/header_transport_impl.h index e7eb6d3e18ac..b1b48ab9c9ed 100644 --- a/source/extensions/filters/network/thrift_proxy/header_transport_impl.h +++ b/source/extensions/filters/network/thrift_proxy/header_transport_impl.h @@ -4,10 +4,10 @@ #include "envoy/buffer/buffer.h" -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/thrift.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/thrift_proxy/metadata.h b/source/extensions/filters/network/thrift_proxy/metadata.h index f99be53d812b..560952003f92 100644 --- a/source/extensions/filters/network/thrift_proxy/metadata.h +++ b/source/extensions/filters/network/thrift_proxy/metadata.h @@ -8,11 +8,10 @@ #include "envoy/buffer/buffer.h" -#include "common/common/macros.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/network/thrift_proxy/thrift.h" -#include "extensions/filters/network/thrift_proxy/tracing.h" +#include "source/common/common/macros.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/tracing.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/thrift_proxy/protocol.h b/source/extensions/filters/network/thrift_proxy/protocol.h index 3a76799229da..a9eae7779e1e 100644 --- a/source/extensions/filters/network/thrift_proxy/protocol.h +++ b/source/extensions/filters/network/thrift_proxy/protocol.h @@ -8,16 +8,15 @@ #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/thrift_proxy/conn_state.h" -#include "extensions/filters/network/thrift_proxy/decoder_events.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/thrift.h" -#include "extensions/filters/network/thrift_proxy/thrift_object.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/thrift_proxy/conn_state.h" +#include "source/extensions/filters/network/thrift_proxy/decoder_events.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/filters/network/thrift_proxy/protocol_converter.h b/source/extensions/filters/network/thrift_proxy/protocol_converter.h index 16a2d4111541..62de1a1f9fa7 100644 --- a/source/extensions/filters/network/thrift_proxy/protocol_converter.h +++ b/source/extensions/filters/network/thrift_proxy/protocol_converter.h @@ -2,8 +2,8 @@ #include "envoy/buffer/buffer.h" -#include "extensions/filters/network/thrift_proxy/decoder_events.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/decoder_events.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/router/BUILD b/source/extensions/filters/network/thrift_proxy/router/BUILD index e63f180ecc9e..ff8750daf31a 100644 --- a/source/extensions/filters/network/thrift_proxy/router/BUILD +++ b/source/extensions/filters/network/thrift_proxy/router/BUILD @@ -13,14 +13,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.thrift_proxy.filters", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":router_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/filters/network/thrift_proxy/filters:factory_base_lib", "//source/extensions/filters/network/thrift_proxy/filters:filter_config_interface", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "@envoy_api//envoy/extensions/filters/network/thrift_proxy/router/v3:pkg_cc_proto", ], ) @@ -30,7 +27,7 @@ envoy_cc_library( hdrs = ["router.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", "//source/extensions/filters/network/thrift_proxy:metadata_lib", ], ) @@ -40,7 +37,7 @@ envoy_cc_library( hdrs = ["router_ratelimit.h"], deps = [ ":router_interface", - "//include/envoy/router:router_ratelimit_interface", + "//envoy/router:router_ratelimit_interface", "//source/extensions/filters/network/thrift_proxy:metadata_lib", ], ) @@ -52,10 +49,10 @@ envoy_cc_library( deps = [ ":router_interface", ":router_ratelimit_lib", - "//include/envoy/tcp:conn_pool_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:thread_local_cluster_interface", + "//envoy/tcp:conn_pool_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:thread_local_cluster_interface", "//source/common/common:logger_lib", "//source/common/http:header_utility_lib", "//source/common/router:metadatamatchcriteria_lib", diff --git a/source/extensions/filters/network/thrift_proxy/router/config.cc b/source/extensions/filters/network/thrift_proxy/router/config.cc index b6a055445aa6..ef94242c89b8 100644 --- a/source/extensions/filters/network/thrift_proxy/router/config.cc +++ b/source/extensions/filters/network/thrift_proxy/router/config.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/thrift_proxy/router/config.h" +#include "source/extensions/filters/network/thrift_proxy/router/config.h" #include "envoy/extensions/filters/network/thrift_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/router/v3/router.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/filters/network/thrift_proxy/router/router_impl.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/router/config.h b/source/extensions/filters/network/thrift_proxy/router/config.h index 7c712d8621cc..9441e2cb0c64 100644 --- a/source/extensions/filters/network/thrift_proxy/router/config.h +++ b/source/extensions/filters/network/thrift_proxy/router/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/filters/network/thrift_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/router/v3/router.pb.validate.h" -#include "extensions/filters/network/thrift_proxy/filters/factory_base.h" -#include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" +#include "source/extensions/filters/network/thrift_proxy/filters/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ class RouterFilterConfig : public ThriftFilters::FactoryBase< envoy::extensions::filters::network::thrift_proxy::router::v3::Router> { public: - RouterFilterConfig() : FactoryBase(ThriftFilters::ThriftFilterNames::get().ROUTER) {} + RouterFilterConfig() : FactoryBase("envoy.filters.thrift.router") {} private: ThriftFilters::FilterFactoryCb createFilterFactoryFromProtoTyped( diff --git a/source/extensions/filters/network/thrift_proxy/router/router.h b/source/extensions/filters/network/thrift_proxy/router/router.h index 26d2074c6fc0..d5155cb0c296 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router.h +++ b/source/extensions/filters/network/thrift_proxy/router/router.h @@ -5,7 +5,7 @@ #include "envoy/router/router.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/router/router_impl.cc b/source/extensions/filters/network/thrift_proxy/router/router_impl.cc index 498a86bbe61c..34a8d4486ad4 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/router/router_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/router/router_impl.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_impl.h" #include @@ -6,11 +6,10 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/common/utility.h" -#include "common/router/metadatamatchcriteria_impl.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/common/utility.h" +#include "source/common/router/metadatamatchcriteria_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/well_known_names.h" #include "absl/strings/match.h" @@ -281,9 +280,8 @@ FilterStatus Router::messageBegin(MessageMetadataSharedPtr metadata) { passthrough_supported_ = true; } - Tcp::ConnectionPool::Instance* conn_pool = - cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); - if (!conn_pool) { + auto conn_pool_data = cluster->tcpConnPool(Upstream::ResourcePriority::Default, this); + if (!conn_pool_data) { stats_.no_healthy_upstream_.inc(); callbacks_->sendLocalReply( AppException(AppExceptionType::InternalError, @@ -303,7 +301,7 @@ FilterStatus Router::messageBegin(MessageMetadataSharedPtr metadata) { } upstream_request_ = - std::make_unique(*this, *conn_pool, metadata, transport, protocol); + std::make_unique(*this, *conn_pool_data, metadata, transport, protocol); return upstream_request_->start(); } @@ -316,6 +314,10 @@ FilterStatus Router::messageEnd() { upstream_request_->transport_->encodeFrame(transport_buffer, *upstream_request_->metadata_, upstream_request_buffer_); + + request_size_ += transport_buffer.length(); + recordClusterScopeHistogram({upstream_rq_size_}, Stats::Histogram::Unit::Bytes, request_size_); + upstream_request_->conn_data_->connection().write(transport_buffer, false); upstream_request_->onRequestComplete(); return FilterStatus::Continue; @@ -324,6 +326,8 @@ FilterStatus Router::messageEnd() { void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { ASSERT(!upstream_request_->response_complete_); + response_size_ += data.length(); + if (upstream_request_->upgrade_response_ != nullptr) { ENVOY_STREAM_LOG(trace, "reading upgrade response: {} bytes", *callbacks_, data.length()); // Handle upgrade response. @@ -351,6 +355,9 @@ void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { ThriftFilters::ResponseStatus status = callbacks_->upstreamData(data); if (status == ThriftFilters::ResponseStatus::Complete) { ENVOY_STREAM_LOG(debug, "response complete", *callbacks_); + recordClusterScopeHistogram({upstream_resp_size_}, Stats::Histogram::Unit::Bytes, + response_size_); + switch (callbacks_->responseMetadata()->messageType()) { case MessageType::Reply: incClusterScopeCounter({upstream_resp_reply_}); @@ -373,6 +380,7 @@ void Router::onUpstreamData(Buffer::Instance& data, bool end_stream) { cleanup(); return; } else if (status == ThriftFilters::ResponseStatus::Reset) { + // Note: invalid responses are not accounted in the response size histogram. ENVOY_STREAM_LOG(debug, "upstream reset", *callbacks_); upstream_request_->resetStream(); return; @@ -422,10 +430,10 @@ void Router::convertMessageBegin(MessageMetadataSharedPtr metadata) { void Router::cleanup() { upstream_request_.reset(); } -Router::UpstreamRequest::UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, +Router::UpstreamRequest::UpstreamRequest(Router& parent, Upstream::TcpPoolData& pool_data, MessageMetadataSharedPtr& metadata, TransportType transport_type, ProtocolType protocol_type) - : parent_(parent), conn_pool_(pool), metadata_(metadata), + : parent_(parent), conn_pool_data_(pool_data), metadata_(metadata), transport_(NamedTransportConfigFactory::getFactory(transport_type).createTransport()), protocol_(NamedProtocolConfigFactory::getFactory(protocol_type).createProtocol()), request_complete_(false), response_started_(false), response_complete_(false) {} @@ -437,7 +445,7 @@ Router::UpstreamRequest::~UpstreamRequest() { } FilterStatus Router::UpstreamRequest::start() { - Tcp::ConnectionPool::Cancellable* handle = conn_pool_.newConnection(*this); + Tcp::ConnectionPool::Cancellable* handle = conn_pool_data_.newConnection(*this); if (handle) { // Pause while we wait for a connection. conn_pool_handle_ = handle; @@ -475,6 +483,7 @@ void Router::UpstreamRequest::releaseConnection(const bool close) { void Router::UpstreamRequest::resetStream() { releaseConnection(true); } void Router::UpstreamRequest::onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view, Upstream::HostDescriptionConstSharedPtr host) { conn_pool_handle_ = nullptr; @@ -503,6 +512,7 @@ void Router::UpstreamRequest::onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr upgrade_response_ = protocol_->attemptUpgrade(*transport_, *conn_state_, parent_.upstream_request_buffer_); if (upgrade_response_ != nullptr) { + parent_.request_size_ += parent_.upstream_request_buffer_.length(); conn_data_->connection().write(parent_.upstream_request_buffer_, false); return; } diff --git a/source/extensions/filters/network/thrift_proxy/router/router_impl.h b/source/extensions/filters/network/thrift_proxy/router/router_impl.h index e125c69fce0b..6fd9039dde43 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router_impl.h +++ b/source/extensions/filters/network/thrift_proxy/router/router_impl.h @@ -11,15 +11,14 @@ #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/load_balancer.h" -#include "common/common/logger.h" -#include "common/http/header_utility.h" -#include "common/upstream/load_balancer_impl.h" - -#include "extensions/filters/network/thrift_proxy/conn_manager.h" -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" -#include "extensions/filters/network/thrift_proxy/thrift_object.h" +#include "source/common/common/logger.h" +#include "source/common/http/header_utility.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/conn_manager.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object.h" #include "absl/types/optional.h" @@ -190,6 +189,8 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, upstream_resp_exception_(stat_name_set_->add("thrift.upstream_resp_exception")), upstream_resp_invalid_type_(stat_name_set_->add("thrift.upstream_resp_invalid_type")), upstream_rq_time_(stat_name_set_->add("thrift.upstream_rq_time")), + upstream_rq_size_(stat_name_set_->add("thrift.upstream_rq_size")), + upstream_resp_size_(stat_name_set_->add("thrift.upstream_resp_size")), passthrough_supported_(false) {} ~Router() override = default; @@ -222,7 +223,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, private: struct UpstreamRequest : public Tcp::ConnectionPool::Callbacks { - UpstreamRequest(Router& parent, Tcp::ConnectionPool::Instance& pool, + UpstreamRequest(Router& parent, Upstream::TcpPoolData& pool_data, MessageMetadataSharedPtr& metadata, TransportType transport_type, ProtocolType protocol_type); ~UpstreamRequest() override; @@ -233,6 +234,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override; void onPoolReady(Tcp::ConnectionPool::ConnectionDataPtr&& conn, Upstream::HostDescriptionConstSharedPtr host) override; @@ -245,7 +247,7 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, void chargeResponseTiming(); Router& parent_; - Tcp::ConnectionPool::Instance& conn_pool_; + Upstream::TcpPoolData& conn_pool_data_; MessageMetadataSharedPtr metadata_; Tcp::ConnectionPool::Cancellable* conn_pool_handle_{}; @@ -299,6 +301,8 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, const Stats::StatName upstream_resp_exception_; const Stats::StatName upstream_resp_invalid_type_; const Stats::StatName upstream_rq_time_; + const Stats::StatName upstream_rq_size_; + const Stats::StatName upstream_resp_size_; ThriftFilters::DecoderFilterCallbacks* callbacks_{}; RouteConstSharedPtr route_{}; @@ -309,6 +313,8 @@ class Router : public Tcp::ConnectionPool::UpstreamCallbacks, Buffer::OwnedImpl upstream_request_buffer_; bool passthrough_supported_ : 1; + uint64_t request_size_{}; + uint64_t response_size_{}; }; } // namespace Router diff --git a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h index aca46cd33036..181d644b905b 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h +++ b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h @@ -8,8 +8,8 @@ #include "envoy/http/header_map.h" #include "envoy/ratelimit/ratelimit.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.cc b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.cc index 01d4154a4d08..b510ac9e303b 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" #include "envoy/common/exception.h" #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/ratelimit/ratelimit.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h index 48f3a4f860c7..3bdcdadc54c9 100644 --- a/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h +++ b/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h @@ -7,11 +7,10 @@ #include "envoy/config/route/v3/route_components.pb.h" -#include "common/http/header_utility.h" - -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit.h" +#include "source/common/http/header_utility.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/thrift.h b/source/extensions/filters/network/thrift_proxy/thrift.h index e42f1338adc6..3092bceb11b7 100644 --- a/source/extensions/filters/network/thrift_proxy/thrift.h +++ b/source/extensions/filters/network/thrift_proxy/thrift.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/assert.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/assert.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/thrift_object.h b/source/extensions/filters/network/thrift_proxy/thrift_object.h index 6c4d9f355510..ae8ff24067ba 100644 --- a/source/extensions/filters/network/thrift_proxy/thrift_object.h +++ b/source/extensions/filters/network/thrift_proxy/thrift_object.h @@ -6,9 +6,8 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/exception.h" -#include "common/common/utility.h" - -#include "extensions/filters/network/thrift_proxy/thrift.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/thrift_object_impl.cc b/source/extensions/filters/network/thrift_proxy/thrift_object_impl.cc index 0008f3f58495..0c02f11a0230 100644 --- a/source/extensions/filters/network/thrift_proxy/thrift_object_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/thrift_object_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/thrift_object_impl.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/thrift_object_impl.h b/source/extensions/filters/network/thrift_proxy/thrift_object_impl.h index 700e6b223839..c9a5386d6fe6 100644 --- a/source/extensions/filters/network/thrift_proxy/thrift_object_impl.h +++ b/source/extensions/filters/network/thrift_proxy/thrift_object_impl.h @@ -1,8 +1,8 @@ #pragma once -#include "extensions/filters/network/thrift_proxy/decoder.h" -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/thrift_object.h" +#include "source/extensions/filters/network/thrift_proxy/decoder.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/transport.h b/source/extensions/filters/network/thrift_proxy/transport.h index d8393cef6870..64f755df4b1a 100644 --- a/source/extensions/filters/network/thrift_proxy/transport.h +++ b/source/extensions/filters/network/thrift_proxy/transport.h @@ -7,11 +7,10 @@ #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/singleton/const_singleton.h" - -#include "extensions/filters/network/thrift_proxy/metadata.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/const_singleton.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.cc b/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.cc index 7f1ca57592cd..b46c87f18804 100644 --- a/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" -#include "extensions/filters/network/thrift_proxy/thrift_object_impl.h" -#include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object_impl.h" +#include "source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h" #include "absl/strings/str_replace.h" diff --git a/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h b/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h index 101f016f6b33..e63ba7545258 100644 --- a/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h +++ b/source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h @@ -5,9 +5,8 @@ #include "envoy/buffer/buffer.h" #include "envoy/common/pure.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "absl/types/optional.h" diff --git a/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.cc b/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.cc index 14a47af80f76..d85e91fed073 100644 --- a/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.cc +++ b/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h b/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h index 5266d1eaad7e..bd6280cff19b 100644 --- a/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h +++ b/source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h @@ -4,7 +4,7 @@ #include "envoy/buffer/buffer.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/wasm/BUILD b/source/extensions/filters/network/wasm/BUILD index 2023fd1f48d8..6633576aa7a1 100644 --- a/source/extensions/filters/network/wasm/BUILD +++ b/source/extensions/filters/network/wasm/BUILD @@ -16,8 +16,8 @@ envoy_cc_library( srcs = ["wasm_filter.cc"], hdrs = ["wasm_filter.h"], deps = [ - "//include/envoy/server:filter_config_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/server:filter_config_interface", + "//envoy/upstream:cluster_manager_interface", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/filters/network:well_known_names", "@envoy_api//envoy/extensions/filters/network/wasm/v3:pkg_cc_proto", @@ -28,12 +28,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "unknown", - status = "alpha", deps = [ ":wasm_filter_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:empty_string", "//source/common/config:datasource_lib", "//source/extensions/common/wasm:wasm_lib", diff --git a/source/extensions/filters/network/wasm/config.cc b/source/extensions/filters/network/wasm/config.cc index 05f8f1abb854..925e538cb67e 100644 --- a/source/extensions/filters/network/wasm/config.cc +++ b/source/extensions/filters/network/wasm/config.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/network/wasm/config.h" +#include "source/extensions/filters/network/wasm/config.h" #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" - -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/network/wasm/wasm_filter.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/network/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/wasm/config.h b/source/extensions/filters/network/wasm/config.h index 12201c56b187..306bc5191825 100644 --- a/source/extensions/filters/network/wasm/config.h +++ b/source/extensions/filters/network/wasm/config.h @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.h" #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/wasm/wasm_filter.cc b/source/extensions/filters/network/wasm/wasm_filter.cc index 4aa922071c4a..862382d10ee1 100644 --- a/source/extensions/filters/network/wasm/wasm_filter.cc +++ b/source/extensions/filters/network/wasm/wasm_filter.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/wasm/wasm_filter.h" +#include "source/extensions/filters/network/wasm/wasm_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/wasm/wasm_filter.h b/source/extensions/filters/network/wasm/wasm_filter.h index 9a166139e23f..ad0d99e5a4a6 100644 --- a/source/extensions/filters/network/wasm/wasm_filter.h +++ b/source/extensions/filters/network/wasm/wasm_filter.h @@ -7,8 +7,8 @@ #include "envoy/server/filter_config.h" #include "envoy/upstream/cluster_manager.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { @@ -51,7 +51,7 @@ class FilterConfig : Logger::Loggable { Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; -typedef std::shared_ptr FilterConfigSharedPtr; +using FilterConfigSharedPtr = std::shared_ptr; } // namespace Wasm } // namespace NetworkFilters diff --git a/source/extensions/filters/network/well_known_names.h b/source/extensions/filters/network/well_known_names.h index 7f62193c7896..2bfddcf7d092 100644 --- a/source/extensions/filters/network/well_known_names.h +++ b/source/extensions/filters/network/well_known_names.h @@ -1,6 +1,6 @@ #pragma once -#include "common/config/well_known_names.h" +#include "source/common/config/well_known_names.h" namespace Envoy { namespace Extensions { @@ -14,6 +14,8 @@ class NetworkFilterNameValues { public: // Client ssl auth filter const std::string ClientSslAuth = "envoy.filters.network.client_ssl_auth"; + // Connection limit filter + const std::string ConnectionLimit = "envoy.filters.network.connection_limit"; // Echo filter const std::string Echo = "envoy.filters.network.echo"; // Direct response filter diff --git a/source/extensions/filters/network/zookeeper_proxy/BUILD b/source/extensions/filters/network/zookeeper_proxy/BUILD index 10d14b23ae88..b71fbf09d546 100644 --- a/source/extensions/filters/network/zookeeper_proxy/BUILD +++ b/source/extensions/filters/network/zookeeper_proxy/BUILD @@ -25,10 +25,10 @@ envoy_cc_library( "utils.h", ], deps = [ - "//include/envoy/network:filter_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:filter_interface", + "//envoy/server:filter_config_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:enum_to_int", "//source/common/network:filter_lib", @@ -43,9 +43,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.network", - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":proxy_lib", "//source/extensions/filters/network:well_known_names", diff --git a/source/extensions/filters/network/zookeeper_proxy/config.cc b/source/extensions/filters/network/zookeeper_proxy/config.cc index 33016ac1e3fe..0a980cf96152 100644 --- a/source/extensions/filters/network/zookeeper_proxy/config.cc +++ b/source/extensions/filters/network/zookeeper_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/zookeeper_proxy/config.h" +#include "source/extensions/filters/network/zookeeper_proxy/config.h" #include @@ -7,9 +7,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/zookeeper_proxy/filter.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/zookeeper_proxy/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/zookeeper_proxy/config.h b/source/extensions/filters/network/zookeeper_proxy/config.h index c72e28d347c2..10164f9094e7 100644 --- a/source/extensions/filters/network/zookeeper_proxy/config.h +++ b/source/extensions/filters/network/zookeeper_proxy/config.h @@ -3,9 +3,9 @@ #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.h" #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/filters/network/well_known_names.h" -#include "extensions/filters/network/zookeeper_proxy/filter.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/zookeeper_proxy/filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/zookeeper_proxy/decoder.cc b/source/extensions/filters/network/zookeeper_proxy/decoder.cc index 56877b8ac82e..adfb593afb74 100644 --- a/source/extensions/filters/network/zookeeper_proxy/decoder.cc +++ b/source/extensions/filters/network/zookeeper_proxy/decoder.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/network/zookeeper_proxy/decoder.h" +#include "source/extensions/filters/network/zookeeper_proxy/decoder.h" #include -#include "common/common/enum_to_int.h" +#include "source/common/common/enum_to_int.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/zookeeper_proxy/decoder.h b/source/extensions/filters/network/zookeeper_proxy/decoder.h index 85b99fdffbf7..62ca20885c5e 100644 --- a/source/extensions/filters/network/zookeeper_proxy/decoder.h +++ b/source/extensions/filters/network/zookeeper_proxy/decoder.h @@ -5,10 +5,9 @@ #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/filters/network/zookeeper_proxy/utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/network/zookeeper_proxy/utils.h" #include "absl/container/node_hash_map.h" diff --git a/source/extensions/filters/network/zookeeper_proxy/filter.cc b/source/extensions/filters/network/zookeeper_proxy/filter.cc index b6c38c0ec297..a32c5052d06a 100644 --- a/source/extensions/filters/network/zookeeper_proxy/filter.cc +++ b/source/extensions/filters/network/zookeeper_proxy/filter.cc @@ -1,18 +1,17 @@ -#include "extensions/filters/network/zookeeper_proxy/filter.h" +#include "source/extensions/filters/network/zookeeper_proxy/filter.h" #include #include #include "envoy/config/core/v3/base.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/stats/utility.h" - -#include "extensions/filters/network/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/stats/utility.h" +#include "source/extensions/filters/network/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/zookeeper_proxy/filter.h b/source/extensions/filters/network/zookeeper_proxy/filter.h index dc932764b156..46c4f0ea8da3 100644 --- a/source/extensions/filters/network/zookeeper_proxy/filter.h +++ b/source/extensions/filters/network/zookeeper_proxy/filter.h @@ -11,10 +11,9 @@ #include "envoy/stats/stats.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/network/zookeeper_proxy/decoder.h" +#include "source/common/common/logger.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/network/zookeeper_proxy/decoder.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/network/zookeeper_proxy/utils.cc b/source/extensions/filters/network/zookeeper_proxy/utils.cc index ed79ecba75ba..cf1c77a8bf19 100644 --- a/source/extensions/filters/network/zookeeper_proxy/utils.cc +++ b/source/extensions/filters/network/zookeeper_proxy/utils.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/zookeeper_proxy/utils.h" +#include "source/extensions/filters/network/zookeeper_proxy/utils.h" #include diff --git a/source/extensions/filters/network/zookeeper_proxy/utils.h b/source/extensions/filters/network/zookeeper_proxy/utils.h index 7ce749ed8641..dc699afaf548 100644 --- a/source/extensions/filters/network/zookeeper_proxy/utils.h +++ b/source/extensions/filters/network/zookeeper_proxy/utils.h @@ -5,9 +5,9 @@ #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/byte_order.h" -#include "common/common/logger.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/byte_order.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/dns_filter/BUILD b/source/extensions/filters/udp/dns_filter/BUILD index 210d68496d0d..8dc000cc2ea1 100644 --- a/source/extensions/filters/udp/dns_filter/BUILD +++ b/source/extensions/filters/udp/dns_filter/BUILD @@ -26,15 +26,14 @@ envoy_cc_library( ], external_deps = ["ares"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listener_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:address_interface", + "//envoy/network:dns_interface", + "//envoy/network:filter_interface", + "//envoy/network:listener_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", - "//source/common/common:matchers_lib", "//source/common/common:safe_memcpy_lib", "//source/common/config:config_provider_lib", "//source/common/config:datasource_lib", @@ -52,13 +51,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.udp_listener", - security_posture = "robust_to_untrusted_downstream", - status = "alpha", deps = [ ":dns_filter_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/udp/dns_filter/v3alpha:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/udp/dns_filter/config.cc b/source/extensions/filters/udp/dns_filter/config.cc index 242bbab75e9c..28f00e6a445f 100644 --- a/source/extensions/filters/udp/dns_filter/config.cc +++ b/source/extensions/filters/udp/dns_filter/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/udp/dns_filter/config.h" +#include "source/extensions/filters/udp/dns_filter/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/dns_filter/config.h b/source/extensions/filters/udp/dns_filter/config.h index 421feb786675..9278199a26d6 100644 --- a/source/extensions/filters/udp/dns_filter/config.h +++ b/source/extensions/filters/udp/dns_filter/config.h @@ -4,7 +4,7 @@ #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/udp/dns_filter/dns_filter.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/dns_filter/dns_filter.cc b/source/extensions/filters/udp/dns_filter/dns_filter.cc index 206a264f28b4..f2e9e5fcf9b1 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter.cc +++ b/source/extensions/filters/udp/dns_filter/dns_filter.cc @@ -1,13 +1,12 @@ -#include "extensions/filters/udp/dns_filter/dns_filter.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter.h" #include "envoy/network/listener.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/config/datasource.h" -#include "common/network/address_impl.h" -#include "common/protobuf/message_validator_impl.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_utils.h" +#include "source/common/config/datasource.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_utils.h" namespace Envoy { namespace Extensions { @@ -33,12 +32,12 @@ DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( retry_count_ = dns_table.external_retry_count(); - virtual_domains_.reserve(dns_table.virtual_domains().size()); for (const auto& virtual_domain : dns_table.virtual_domains()) { AddressConstPtrVec addrs{}; const absl::string_view domain_name = virtual_domain.name(); - ENVOY_LOG(trace, "Loading configuration for domain: {}", domain_name); + const absl::string_view suffix = Utils::getDomainSuffix(domain_name); + ENVOY_LOG(trace, "Loading configuration for domain: {}. Suffix: {}", domain_name, suffix); if (virtual_domain.endpoint().has_address_list()) { const auto& address_list = virtual_domain.endpoint().address_list().address(); @@ -56,16 +55,28 @@ DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( addrs.push_back(std::move(ipaddr)); } - // If the domain already exists with a different endpoint config, update the address_list - // with the data from the config - if (virtual_domains_.contains(domain_name)) { - auto& addr_vec = virtual_domains_[domain_name].address_list.value(); - addr_vec.reserve(addr_vec.size() + addrs.size()); - std::move(addrs.begin(), addrs.end(), std::inserter(addr_vec, addr_vec.end())); + DnsEndpointConfig endpoint_config{}; + + // Check whether the trie contains an entry for this domain + auto virtual_domains = dns_lookup_trie_.find(suffix); + if (virtual_domains != nullptr) { + // The suffix already has a node in the trie + + auto existing_endpoint_config = virtual_domains->find(domain_name); + if (existing_endpoint_config != virtual_domains->end()) { + // Update the existing endpoint config with the new addresses + + auto& addr_vec = existing_endpoint_config->second.address_list.value(); + addr_vec.reserve(addr_vec.size() + addrs.size()); + std::move(addrs.begin(), addrs.end(), std::inserter(addr_vec, addr_vec.end())); + } else { + // Add a new endpoint config for the new domain + endpoint_config.address_list = absl::make_optional(std::move(addrs)); + virtual_domains->emplace(std::string(domain_name), std::move(endpoint_config)); + } } else { - DnsEndpointConfig endpoint_config{}; endpoint_config.address_list = absl::make_optional(std::move(addrs)); - virtual_domains_.emplace(std::string(domain_name), std::move(endpoint_config)); + addEndpointToSuffix(suffix, domain_name, endpoint_config); } } @@ -112,7 +123,11 @@ DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( DnsEndpointConfig endpoint_config{}; endpoint_config.service_list = absl::make_optional(std::move(service_record_ptr)); - virtual_domains_.emplace(full_service_name, std::move(endpoint_config)); + + auto virtual_domains = dns_lookup_trie_.find(suffix); + if (virtual_domains != nullptr) { + virtual_domains->emplace(full_service_name, std::move(endpoint_config)); + } } } @@ -121,7 +136,18 @@ DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( if (!cluster_name.empty()) { DnsEndpointConfig endpoint_config{}; endpoint_config.cluster_name = absl::make_optional(cluster_name); - virtual_domains_.emplace(domain_name, std::move(endpoint_config)); + + // See if there's a suffix already configured + auto virtual_domains = dns_lookup_trie_.find(suffix); + if (virtual_domains == nullptr) { + addEndpointToSuffix(suffix, domain_name, endpoint_config); + } else { + // A domain can be redirected to one cluster. If it appears multiple times, the first + // entry is the only one used + if (virtual_domains->find(domain_name) == virtual_domains->end()) { + virtual_domains->emplace(domain_name, std::move(endpoint_config)); + } + } } std::chrono::seconds ttl = virtual_domain.has_answer_ttl() @@ -130,29 +156,38 @@ DnsFilterEnvoyConfig::DnsFilterEnvoyConfig( domain_ttl_.emplace(virtual_domain.name(), ttl); } - // Add known domain suffixes - known_suffixes_.reserve(dns_table.known_suffixes().size()); - for (const auto& suffix : dns_table.known_suffixes()) { - auto matcher_ptr = std::make_unique(suffix); - known_suffixes_.push_back(std::move(matcher_ptr)); - } - forward_queries_ = config.has_client_config(); if (forward_queries_) { const auto& client_config = config.client_config(); - const auto& upstream_resolvers = client_config.upstream_resolvers(); - resolvers_.reserve(upstream_resolvers.size()); - for (const auto& resolver : upstream_resolvers) { - auto ipaddr = Network::Utility::protobufAddressToAddress(resolver); - resolvers_.emplace_back(std::move(ipaddr)); + if (client_config.has_dns_resolution_config()) { + dns_resolver_options_.CopyFrom(client_config.dns_resolution_config().dns_resolver_options()); + if (!client_config.dns_resolution_config().resolvers().empty()) { + const auto& resolver_addrs = client_config.dns_resolution_config().resolvers(); + resolvers_.reserve(resolver_addrs.size()); + for (const auto& resolver_addr : resolver_addrs) { + resolvers_.push_back(Network::Utility::protobufAddressToAddress(resolver_addr)); + } + } } + + // Set additional resolving options from configuration resolver_timeout_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT( client_config, resolver_timeout, DEFAULT_RESOLVER_TIMEOUT.count())); - max_pending_lookups_ = client_config.max_pending_lookups(); } } +void DnsFilterEnvoyConfig::addEndpointToSuffix(const absl::string_view suffix, + const absl::string_view domain_name, + DnsEndpointConfig& endpoint_config) { + + DnsVirtualDomainConfigSharedPtr virtual_domains = std::make_shared(); + virtual_domains->emplace(std::string(domain_name), std::move(endpoint_config)); + + auto success = dns_lookup_trie_.add(suffix, std::move(virtual_domains), false); + ASSERT(success, "Unable to overwrite existing suffix in dns_filter trie"); +} + bool DnsFilterEnvoyConfig::loadServerConfig( const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig:: ServerContextConfig& config, @@ -220,9 +255,9 @@ DnsFilter::DnsFilter(Network::UdpReadFilterCallbacks& callbacks, sendDnsResponse(std::move(context)); }; - resolver_ = std::make_unique(resolver_callback_, config->resolvers(), - config->resolverTimeout(), listener_.dispatcher(), - config->maxPendingLookups()); + resolver_ = std::make_unique( + resolver_callback_, config->resolvers(), config->resolverTimeout(), listener_.dispatcher(), + config->maxPendingLookups(), config->dnsResolverOptions()); } void DnsFilter::onData(Network::UdpRecvData& client_request) { @@ -280,7 +315,8 @@ DnsLookupResponseCode DnsFilter::getResponseForQuery(DnsQueryContextPtr& context for (const auto& query : context->queries_) { // Try to resolve the query locally. If forwarding the query externally is disabled we will // always attempt to resolve with the configured domains - if (isKnownDomain(query->name_) || !config_->forwardQueries()) { + const bool forward_queries = config_->forwardQueries(); + if (isKnownDomain(query->name_) || !forward_queries) { // Determine whether the name is a cluster. Move on to the next query if successful if (resolveViaClusters(context, *query)) { continue; @@ -292,10 +328,14 @@ DnsLookupResponseCode DnsFilter::getResponseForQuery(DnsQueryContextPtr& context } } - ENVOY_LOG(debug, "resolving name [{}] via external resolvers", query->name_); - resolver_->resolveExternalQuery(std::move(context), query.get()); + // Forwarding queries is enabled if the configuration contains a client configuration + // for the dns_filter. + if (forward_queries) { + ENVOY_LOG(debug, "resolving name [{}] via external resolvers", query->name_); + resolver_->resolveExternalQuery(std::move(context), query.get()); - return DnsLookupResponseCode::External; + return DnsLookupResponseCode::External; + } } if (context->answers_.empty()) { @@ -329,24 +369,28 @@ std::chrono::seconds DnsFilter::getDomainTTL(const absl::string_view domain) { } bool DnsFilter::isKnownDomain(const absl::string_view domain_name) { - const auto& known_suffixes = config_->knownSuffixes(); - // If we don't have a list of allowlisted domain suffixes, we will resolve the name with an - // external DNS server - - // TODO(abaptiste): Use a trie to find a match instead of iterating through the list - for (auto& suffix : known_suffixes) { - if (suffix->match(domain_name)) { - config_->stats().known_domain_queries_.inc(); - return true; - } + const absl::string_view suffix = Utils::getDomainSuffix(domain_name); + auto config = config_->getDnsTrie().find(suffix); + + if (config != nullptr) { + config_->stats().known_domain_queries_.inc(); + return true; } + return false; } const DnsEndpointConfig* DnsFilter::getEndpointConfigForDomain(const absl::string_view domain) { - const auto& domains = config_->domains(); - const auto iter = domains.find(domain); - if (iter == domains.end()) { + const absl::string_view suffix = Utils::getDomainSuffix(domain); + const auto virtual_domains = config_->getDnsTrie().find(suffix); + + if (virtual_domains == nullptr) { + ENVOY_LOG(debug, "No domain configuration exists for [{}]", domain); + return nullptr; + } + + const auto iter = virtual_domains->find(domain); + if (iter == virtual_domains->end()) { ENVOY_LOG(debug, "No endpoint configuration exists for [{}]", domain); return nullptr; } diff --git a/source/extensions/filters/udp/dns_filter/dns_filter.h b/source/extensions/filters/udp/dns_filter/dns_filter.h index 3a02f39db20a..bdcfae1239fd 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter.h +++ b/source/extensions/filters/udp/dns_filter/dns_filter.h @@ -5,13 +5,12 @@ #include "envoy/network/dns.h" #include "envoy/network/filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/matchers.h" -#include "common/config/config_provider_impl.h" -#include "common/network/utility.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_resolver.h" -#include "extensions/filters/udp/dns_filter/dns_parser.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/config_provider_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_resolver.h" +#include "source/extensions/filters/udp/dns_filter/dns_parser.h" #include "absl/container/flat_hash_set.h" @@ -70,6 +69,7 @@ struct DnsEndpointConfig { }; using DnsVirtualDomainConfig = absl::flat_hash_map; +using DnsVirtualDomainConfigSharedPtr = std::shared_ptr; /** * DnsFilter configuration class abstracting access to data necessary for the filter's operation @@ -81,8 +81,6 @@ class DnsFilterEnvoyConfig : public Logger::Loggable { const envoy::extensions::filters::udp::dns_filter::v3alpha::DnsFilterConfig& config); DnsFilterStats& stats() const { return stats_; } - const DnsVirtualDomainConfig& domains() const { return virtual_domains_; } - const std::vector& knownSuffixes() const { return known_suffixes_; } const absl::flat_hash_map& domainTtl() const { return domain_ttl_; } @@ -93,6 +91,12 @@ class DnsFilterEnvoyConfig : public Logger::Loggable { uint64_t retryCount() const { return retry_count_; } Random::RandomGenerator& random() const { return random_; } uint64_t maxPendingLookups() const { return max_pending_lookups_; } + const envoy::config::core::v3::DnsResolverOptions& dnsResolverOptions() const { + return dns_resolver_options_; + } + const TrieLookupTable& getDnsTrie() const { + return dns_lookup_trie_; + } private: static DnsFilterStats generateStats(const std::string& stat_prefix, Stats::Scope& scope) { @@ -105,14 +109,17 @@ class DnsFilterEnvoyConfig : public Logger::Loggable { DnsFilterConfig::ServerContextConfig& config, envoy::data::dns::v3::DnsTable& table); + void addEndpointToSuffix(const absl::string_view suffix, const absl::string_view domain_name, + DnsEndpointConfig& endpoint_config); + Stats::Scope& root_scope_; Upstream::ClusterManager& cluster_manager_; Network::DnsResolverSharedPtr resolver_; Api::Api& api_; mutable DnsFilterStats stats_; - DnsVirtualDomainConfig virtual_domains_; - std::vector known_suffixes_; + + TrieLookupTable dns_lookup_trie_; absl::flat_hash_map domain_ttl_; bool forward_queries_; uint64_t retry_count_; @@ -120,6 +127,7 @@ class DnsFilterEnvoyConfig : public Logger::Loggable { std::chrono::milliseconds resolver_timeout_; Random::RandomGenerator& random_; uint64_t max_pending_lookups_; + envoy::config::core::v3::DnsResolverOptions dns_resolver_options_; }; using DnsFilterEnvoyConfigSharedPtr = std::shared_ptr; diff --git a/source/extensions/filters/udp/dns_filter/dns_filter_constants.h b/source/extensions/filters/udp/dns_filter/dns_filter_constants.h index 4982c67bd66d..8f5d21f318a3 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter_constants.h +++ b/source/extensions/filters/udp/dns_filter/dns_filter_constants.h @@ -23,6 +23,8 @@ constexpr size_t MIN_QUERY_NAME_LENGTH = 3; constexpr size_t MAX_LABEL_LENGTH = 63; constexpr size_t MAX_NAME_LENGTH = 255; +constexpr size_t MAX_SUFFIX_LABEL_COUNT = 2; + // Amazon Route53 will return up to 8 records in an answer // https://aws.amazon.com/route53/faqs/#associate_multiple_ip_with_single_record constexpr size_t MAX_RETURNED_RECORDS = 8; diff --git a/source/extensions/filters/udp/dns_filter/dns_filter_resolver.cc b/source/extensions/filters/udp/dns_filter/dns_filter_resolver.cc index 2ca86479c382..76160c497434 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter_resolver.cc +++ b/source/extensions/filters/udp/dns_filter/dns_filter_resolver.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/udp/dns_filter/dns_filter_resolver.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_resolver.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/dns_filter/dns_filter_resolver.h b/source/extensions/filters/udp/dns_filter/dns_filter_resolver.h index 23372871a618..3a32da841c19 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter_resolver.h +++ b/source/extensions/filters/udp/dns_filter/dns_filter_resolver.h @@ -3,7 +3,7 @@ #include "envoy/event/dispatcher.h" #include "envoy/network/dns.h" -#include "extensions/filters/udp/dns_filter/dns_parser.h" +#include "source/extensions/filters/udp/dns_filter/dns_parser.h" namespace Envoy { namespace Extensions { @@ -20,9 +20,10 @@ class DnsFilterResolver : Logger::Loggable { public: DnsFilterResolver(DnsFilterResolverCallback& callback, AddressConstPtrVec resolvers, std::chrono::milliseconds timeout, Event::Dispatcher& dispatcher, - uint64_t max_pending_lookups) + uint64_t max_pending_lookups, + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) : timeout_(timeout), dispatcher_(dispatcher), - resolver_(dispatcher.createDnsResolver(resolvers, false /* use_tcp_for_dns_lookups */)), + resolver_(dispatcher.createDnsResolver(resolvers, dns_resolver_options)), callback_(callback), max_pending_lookups_(max_pending_lookups) {} /** * @brief entry point to resolve the name in a DnsQueryRecord diff --git a/source/extensions/filters/udp/dns_filter/dns_filter_utils.cc b/source/extensions/filters/udp/dns_filter/dns_filter_utils.cc index cb22c4483fb3..9a73255a7134 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter_utils.cc +++ b/source/extensions/filters/udp/dns_filter/dns_filter_utils.cc @@ -1,12 +1,12 @@ -#include "extensions/filters/udp/dns_filter/dns_filter_utils.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_utils.h" #include #include "envoy/common/platform.h" -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/network/address_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Extensions { @@ -84,6 +84,24 @@ getAddressRecordType(const Network::Address::InstanceConstSharedPtr& ipaddr) { } return absl::nullopt; } + +absl::string_view getDomainSuffix(const absl::string_view name) { + size_t pos, offset = std::string::npos, iterations = MAX_SUFFIX_LABEL_COUNT; + + // Start from the end of a name and attempt to determine the last + // two labels. This should return the domain name and the top level + // domain + while (iterations--) { + pos = name.find_last_of('.', offset); + if (pos == std::string::npos) { + return name; + } + offset = pos - 1; + } + + return name.substr(pos + 1); +} + } // namespace Utils } // namespace DnsFilter } // namespace UdpFilters diff --git a/source/extensions/filters/udp/dns_filter/dns_filter_utils.h b/source/extensions/filters/udp/dns_filter/dns_filter_utils.h index 47f63952b6d2..b2e4565c6219 100644 --- a/source/extensions/filters/udp/dns_filter/dns_filter_utils.h +++ b/source/extensions/filters/udp/dns_filter/dns_filter_utils.h @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/network/address.h" -#include "extensions/filters/udp/dns_filter/dns_filter_constants.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_constants.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" @@ -46,6 +46,12 @@ std::string buildServiceName(const std::string& name, const std::string& proto, absl::optional getAddressRecordType(const Network::Address::InstanceConstSharedPtr& ipaddr); +/** + * @brief For a given fully qualified domain name, extract up to the last two labels to form a + * domain suffix. + */ +absl::string_view getDomainSuffix(const absl::string_view name); + } // namespace Utils } // namespace DnsFilter } // namespace UdpFilters diff --git a/source/extensions/filters/udp/dns_filter/dns_parser.cc b/source/extensions/filters/udp/dns_filter/dns_parser.cc index 26899ea8ad13..65397af75c19 100644 --- a/source/extensions/filters/udp/dns_filter/dns_parser.cc +++ b/source/extensions/filters/udp/dns_filter/dns_parser.cc @@ -1,12 +1,11 @@ -#include "extensions/filters/udp/dns_filter/dns_parser.h" +#include "source/extensions/filters/udp/dns_filter/dns_parser.h" #include "envoy/network/address.h" -#include "common/common/safe_memcpy.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_utils.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_utils.h" #include "ares.h" diff --git a/source/extensions/filters/udp/dns_filter/dns_parser.h b/source/extensions/filters/udp/dns_filter/dns_parser.h index d604f0784ba7..e6a12019d042 100644 --- a/source/extensions/filters/udp/dns_filter/dns_parser.h +++ b/source/extensions/filters/udp/dns_filter/dns_parser.h @@ -7,12 +7,11 @@ #include "envoy/network/dns.h" #include "envoy/network/listener.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/runtime/runtime_impl.h" -#include "common/stats/timespan_impl.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_constants.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stats/timespan_impl.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/udp_proxy/BUILD b/source/extensions/filters/udp/udp_proxy/BUILD index b939347604fa..331e28323819 100644 --- a/source/extensions/filters/udp/udp_proxy/BUILD +++ b/source/extensions/filters/udp/udp_proxy/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["hash_policy_impl.cc"], hdrs = ["hash_policy_impl.h"], deps = [ - "//include/envoy/udp:hash_policy_interface", + "//envoy/udp:hash_policy_interface", "//source/common/common:assert_lib", "//source/common/common:hash_lib", "@envoy_api//envoy/extensions/filters/udp/udp_proxy/v3:pkg_cc_proto", @@ -27,11 +27,11 @@ envoy_cc_library( hdrs = ["udp_proxy_filter.h"], deps = [ ":hash_policy_lib", - "//include/envoy/event:file_event_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:file_event_interface", + "//envoy/event:timer_interface", + "//envoy/network:filter_interface", + "//envoy/network:listener_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/api:os_sys_calls_lib", "//source/common/network:socket_lib", "//source/common/network:socket_option_factory_lib", @@ -45,12 +45,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.filters.udp_listener", - security_posture = "robust_to_untrusted_downstream", deps = [ ":udp_proxy_filter_lib", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/extensions/filters/udp/udp_proxy/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/filters/udp/udp_proxy/config.cc b/source/extensions/filters/udp/udp_proxy/config.cc index 43324d8ced9a..aa46a14114e1 100644 --- a/source/extensions/filters/udp/udp_proxy/config.cc +++ b/source/extensions/filters/udp/udp_proxy/config.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/udp/udp_proxy/config.h" +#include "source/extensions/filters/udp/udp_proxy/config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/udp_proxy/config.h b/source/extensions/filters/udp/udp_proxy/config.h index 36dc5e2b7550..ef3ab1074e4b 100644 --- a/source/extensions/filters/udp/udp_proxy/config.h +++ b/source/extensions/filters/udp/udp_proxy/config.h @@ -4,7 +4,7 @@ #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.validate.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/udp/udp_proxy/udp_proxy_filter.h" +#include "source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/udp_proxy/hash_policy_impl.cc b/source/extensions/filters/udp/udp_proxy/hash_policy_impl.cc index 5f6551c521e4..4e6a0a6897d2 100644 --- a/source/extensions/filters/udp/udp_proxy/hash_policy_impl.cc +++ b/source/extensions/filters/udp/udp_proxy/hash_policy_impl.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/udp/udp_proxy/hash_policy_impl.h" +#include "source/extensions/filters/udp/udp_proxy/hash_policy_impl.h" -#include "common/common/assert.h" -#include "common/common/macros.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/udp_proxy/hash_policy_impl.h b/source/extensions/filters/udp/udp_proxy/hash_policy_impl.h index faae9e3ed467..9cb9fb3e486e 100644 --- a/source/extensions/filters/udp/udp_proxy/hash_policy_impl.h +++ b/source/extensions/filters/udp/udp_proxy/hash_policy_impl.h @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" #include "envoy/udp/hash_policy.h" -#include "common/common/hash.h" +#include "source/common/common/hash.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.cc b/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.cc index 3f11d37f0f12..4ee826eeb3f7 100644 --- a/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.cc +++ b/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/udp/udp_proxy/udp_proxy_filter.h" +#include "source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h" #include "envoy/network/listener.h" -#include "common/network/socket_option_factory.h" +#include "source/common/network/socket_option_factory.h" namespace Envoy { namespace Extensions { @@ -222,7 +222,10 @@ void UdpProxyFilter::ActiveSession::onReadReady() { const Api::IoErrorPtr result = Network::Utility::readPacketsFromSocket( socket_->ioHandle(), *addresses_.local_, *this, cluster_.filter_.config_->timeSource(), cluster_.filter_.config_->upstreamSocketConfig().prefer_gro_, packets_dropped); - // TODO(mattklein123): Handle no error when we limit the number of packets read. + if (result == nullptr) { + socket_->ioHandle().activateFileEvents(Event::FileReadyType::Read); + return; + } if (result->getErrorCode() != Api::IoError::IoErrorCode::Again) { cluster_.cluster_stats_.sess_rx_errors_.inc(); } diff --git a/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h b/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h index 4a437152acf9..fd20e7025dd2 100644 --- a/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h +++ b/source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h @@ -6,14 +6,13 @@ #include "envoy/network/filter.h" #include "envoy/upstream/cluster_manager.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/network/socket_impl.h" -#include "common/network/socket_interface.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/upstream/load_balancer_impl.h" - -#include "extensions/filters/udp/udp_proxy/hash_policy_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/extensions/filters/udp/udp_proxy/hash_policy_impl.h" #include "absl/container/flat_hash_set.h" @@ -178,6 +177,10 @@ class UdpProxyFilter : public Network::UdpListenerReadFilter, void onDatagramsDropped(uint32_t dropped) override { cluster_.cluster_stats_.sess_rx_datagrams_dropped_.add(dropped); } + size_t numPacketsExpectedPerEventLoop() const final { + // TODO(mattklein123) change this to a reasonable number if needed. + return Network::MAX_NUM_PACKETS_PER_EVENT_LOOP; + } ClusterInfo& cluster_; const bool use_original_src_ip_; diff --git a/source/extensions/formatter/req_without_query/BUILD b/source/extensions/formatter/req_without_query/BUILD new file mode 100644 index 000000000000..45c8ee111559 --- /dev/null +++ b/source/extensions/formatter/req_without_query/BUILD @@ -0,0 +1,34 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +envoy_extension_package() + +# Access log formatter that strips query string from request path +# Public docs: docs/root/TODO(tsaarni) + +envoy_cc_library( + name = "req_without_query_lib", + srcs = ["req_without_query.cc"], + hdrs = ["req_without_query.h"], + deps = [ + "//source/common/formatter:substitution_formatter_lib", + "//source/common/protobuf:utility_lib", + ], +) + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + "//envoy/registry", + "//source/extensions/formatter/req_without_query:req_without_query_lib", + "@envoy_api//envoy/extensions/formatter/req_without_query/v3:pkg_cc_proto", + ], +) diff --git a/source/extensions/formatter/req_without_query/config.cc b/source/extensions/formatter/req_without_query/config.cc new file mode 100644 index 000000000000..76035de46951 --- /dev/null +++ b/source/extensions/formatter/req_without_query/config.cc @@ -0,0 +1,26 @@ +#include "source/extensions/formatter/req_without_query/config.h" + +#include "envoy/extensions/formatter/req_without_query/v3/req_without_query.pb.h" + +#include "source/extensions/formatter/req_without_query/req_without_query.h" + +namespace Envoy { +namespace Extensions { +namespace Formatter { + +::Envoy::Formatter::CommandParserPtr +ReqWithoutQueryFactory::createCommandParserFromProto(const Protobuf::Message&) { + return std::make_unique(); +} + +ProtobufTypes::MessagePtr ReqWithoutQueryFactory::createEmptyConfigProto() { + return std::make_unique(); +} + +std::string ReqWithoutQueryFactory::name() const { return "envoy.formatter.req_without_query"; } + +REGISTER_FACTORY(ReqWithoutQueryFactory, ReqWithoutQueryFactory::CommandParserFactory); + +} // namespace Formatter +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/formatter/req_without_query/config.h b/source/extensions/formatter/req_without_query/config.h new file mode 100644 index 000000000000..71b33f3904b0 --- /dev/null +++ b/source/extensions/formatter/req_without_query/config.h @@ -0,0 +1,19 @@ +#pragma once + +#include "source/common/formatter/substitution_formatter.h" + +namespace Envoy { +namespace Extensions { +namespace Formatter { + +class ReqWithoutQueryFactory : public ::Envoy::Formatter::CommandParserFactory { +public: + ::Envoy::Formatter::CommandParserPtr + createCommandParserFromProto(const Protobuf::Message&) override; + ProtobufTypes::MessagePtr createEmptyConfigProto() override; + std::string name() const override; +}; + +} // namespace Formatter +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/formatter/req_without_query/req_without_query.cc b/source/extensions/formatter/req_without_query/req_without_query.cc new file mode 100644 index 000000000000..d0fb6580b442 --- /dev/null +++ b/source/extensions/formatter/req_without_query/req_without_query.cc @@ -0,0 +1,88 @@ +#include "source/extensions/formatter/req_without_query/req_without_query.h" + +#include + +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" + +namespace Envoy { +namespace Extensions { +namespace Formatter { + +namespace { + +void truncate(std::string& str, absl::optional max_length) { + if (!max_length) { + return; + } + + str = str.substr(0, max_length.value()); +} + +} // namespace + +ReqWithoutQuery::ReqWithoutQuery(const std::string& main_header, + const std::string& alternative_header, + absl::optional max_length) + : main_header_(main_header), alternative_header_(alternative_header), max_length_(max_length) {} + +absl::optional ReqWithoutQuery::format(const Http::RequestHeaderMap& request, + const Http::ResponseHeaderMap&, + const Http::ResponseTrailerMap&, + const StreamInfo::StreamInfo&, + absl::string_view) const { + const Http::HeaderEntry* header = findHeader(request); + if (!header) { + return absl::nullopt; + } + + std::string val = Http::Utility::stripQueryString(header->value()); + truncate(val, max_length_); + + return val; +} + +ProtobufWkt::Value ReqWithoutQuery::formatValue(const Http::RequestHeaderMap& request, + const Http::ResponseHeaderMap&, + const Http::ResponseTrailerMap&, + const StreamInfo::StreamInfo&, + absl::string_view) const { + const Http::HeaderEntry* header = findHeader(request); + if (!header) { + return ValueUtil::nullValue(); + } + + std::string val = Http::Utility::stripQueryString(header->value()); + truncate(val, max_length_); + return ValueUtil::stringValue(val); +} + +const Http::HeaderEntry* ReqWithoutQuery::findHeader(const Http::HeaderMap& headers) const { + const auto header = headers.get(main_header_); + + if (header.empty() && !alternative_header_.get().empty()) { + const auto alternate_header = headers.get(alternative_header_); + // TODO(https://github.com/envoyproxy/envoy/issues/13454): Potentially log all header values. + return alternate_header.empty() ? nullptr : alternate_header[0]; + } + + return header.empty() ? nullptr : header[0]; +} + +::Envoy::Formatter::FormatterProviderPtr +ReqWithoutQueryCommandParser::parse(const std::string& token, size_t, size_t) const { + if (absl::StartsWith(token, "REQ_WITHOUT_QUERY(")) { + std::string main_header, alternative_header; + absl::optional max_length; + + Envoy::Formatter::SubstitutionFormatParser::parseCommandHeader( + token, ReqWithoutQueryParamStart, main_header, alternative_header, max_length); + return std::make_unique(main_header, alternative_header, max_length); + } + + return nullptr; +} + +} // namespace Formatter +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/formatter/req_without_query/req_without_query.h b/source/extensions/formatter/req_without_query/req_without_query.h new file mode 100644 index 000000000000..4fd000351a64 --- /dev/null +++ b/source/extensions/formatter/req_without_query/req_without_query.h @@ -0,0 +1,46 @@ +#pragma once + +#include + +#include "envoy/config/typed_config.h" +#include "envoy/registry/registry.h" + +#include "source/common/formatter/substitution_formatter.h" + +namespace Envoy { +namespace Extensions { +namespace Formatter { + +class ReqWithoutQuery : public ::Envoy::Formatter::FormatterProvider { +public: + ReqWithoutQuery(const std::string& main_header, const std::string& alternative_header, + absl::optional max_length); + + absl::optional format(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, + const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, + absl::string_view) const override; + ProtobufWkt::Value formatValue(const Http::RequestHeaderMap&, const Http::ResponseHeaderMap&, + const Http::ResponseTrailerMap&, const StreamInfo::StreamInfo&, + absl::string_view) const override; + +private: + const Http::HeaderEntry* findHeader(const Http::HeaderMap& headers) const; + + Http::LowerCaseString main_header_; + Http::LowerCaseString alternative_header_; + absl::optional max_length_; +}; + +class ReqWithoutQueryCommandParser : public ::Envoy::Formatter::CommandParser { +public: + ReqWithoutQueryCommandParser() = default; + ::Envoy::Formatter::FormatterProviderPtr parse(const std::string& token, size_t, + size_t) const override; + +private: + static const size_t ReqWithoutQueryParamStart{sizeof("REQ_WITHOUT_QUERY(") - 1}; +}; + +} // namespace Formatter +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/grpc_credentials/BUILD b/source/extensions/grpc_credentials/BUILD deleted file mode 100644 index 40a5e79b39d3..000000000000 --- a/source/extensions/grpc_credentials/BUILD +++ /dev/null @@ -1,19 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/grpc_credentials/aws_iam/BUILD b/source/extensions/grpc_credentials/aws_iam/BUILD index 41e311cc52c5..ac63c34674e6 100644 --- a/source/extensions/grpc_credentials/aws_iam/BUILD +++ b/source/extensions/grpc_credentials/aws_iam/BUILD @@ -14,13 +14,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.grpc_credentials", external_deps = ["grpc"], - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ - "//include/envoy/grpc:google_grpc_creds_interface", - "//include/envoy/registry", + "//envoy/grpc:google_grpc_creds_interface", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/grpc:google_grpc_creds_lib", @@ -30,7 +27,6 @@ envoy_cc_extension( "//source/extensions/common/aws:region_provider_impl_lib", "//source/extensions/common/aws:signer_impl_lib", "//source/extensions/common/aws:utility_lib", - "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/grpc_credential/v3:pkg_cc_proto", ], diff --git a/source/extensions/grpc_credentials/aws_iam/config.cc b/source/extensions/grpc_credentials/aws_iam/config.cc index 345d975fedbd..c70140a437cb 100644 --- a/source/extensions/grpc_credentials/aws_iam/config.cc +++ b/source/extensions/grpc_credentials/aws_iam/config.cc @@ -1,4 +1,4 @@ -#include "extensions/grpc_credentials/aws_iam/config.h" +#include "source/extensions/grpc_credentials/aws_iam/config.h" #include "envoy/common/exception.h" #include "envoy/config/core/v3/grpc_service.pb.h" @@ -7,15 +7,14 @@ #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/grpc/google_grpc_creds_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/message_validator_impl.h" - -#include "extensions/common/aws/credentials_provider_impl.h" -#include "extensions/common/aws/region_provider_impl.h" -#include "extensions/common/aws/signer_impl.h" -#include "extensions/common/aws/utility.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/google_grpc_creds_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/extensions/common/aws/credentials_provider_impl.h" +#include "source/extensions/common/aws/region_provider_impl.h" +#include "source/extensions/common/aws/signer_impl.h" +#include "source/extensions/common/aws/utility.h" namespace Envoy { namespace Extensions { @@ -34,7 +33,7 @@ std::shared_ptr AwsIamGrpcCredentialsFactory::getChann switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kFromPlugin: { - if (credential.from_plugin().name() == GrpcCredentialsNames::get().AwsIam) { + if (credential.from_plugin().name() == "envoy.grpc_credentials.aws_iam") { AwsIamGrpcCredentialsFactory credentials_factory; // We don't deal with validation failures here at runtime today, see // https://github.com/envoyproxy/envoy/issues/8010. diff --git a/source/extensions/grpc_credentials/aws_iam/config.h b/source/extensions/grpc_credentials/aws_iam/config.h index 9ac68a0451fc..f07ae3fe0029 100644 --- a/source/extensions/grpc_credentials/aws_iam/config.h +++ b/source/extensions/grpc_credentials/aws_iam/config.h @@ -5,10 +5,8 @@ #include "envoy/grpc/google_grpc_creds.h" #include "envoy/http/header_map.h" -#include "common/http/message_impl.h" - -#include "extensions/common/aws/signer.h" -#include "extensions/grpc_credentials/well_known_names.h" +#include "source/common/http/message_impl.h" +#include "source/extensions/common/aws/signer.h" namespace Envoy { namespace Extensions { @@ -28,7 +26,7 @@ class AwsIamGrpcCredentialsFactory : public Grpc::GoogleGrpcCredentialsFactory { return std::make_unique(); } - std::string name() const override { return GrpcCredentialsNames::get().AwsIam; } + std::string name() const override { return "envoy.grpc_credentials.aws_iam"; } private: static std::string getRegion(const envoy::config::grpc_credential::v3::AwsIamConfig& config); diff --git a/source/extensions/grpc_credentials/example/BUILD b/source/extensions/grpc_credentials/example/BUILD index 8c43f6c27532..01c0e4e8ea23 100644 --- a/source/extensions/grpc_credentials/example/BUILD +++ b/source/extensions/grpc_credentials/example/BUILD @@ -22,11 +22,10 @@ envoy_cc_library( "//test/extensions:__subpackages__", ], deps = [ - "//include/envoy/grpc:google_grpc_creds_interface", - "//include/envoy/registry", + "//envoy/grpc:google_grpc_creds_interface", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/grpc:google_grpc_creds_lib", - "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/grpc_credentials/example/config.cc b/source/extensions/grpc_credentials/example/config.cc index 8ce8c7891d24..2645fb07deea 100644 --- a/source/extensions/grpc_credentials/example/config.cc +++ b/source/extensions/grpc_credentials/example/config.cc @@ -1,10 +1,10 @@ -#include "extensions/grpc_credentials/example/config.h" +#include "source/extensions/grpc_credentials/example/config.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" -#include "common/grpc/google_grpc_creds_impl.h" +#include "source/common/grpc/google_grpc_creds_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/grpc_credentials/example/config.h b/source/extensions/grpc_credentials/example/config.h index e6bf0db6ef4b..33cd85e6f425 100644 --- a/source/extensions/grpc_credentials/example/config.h +++ b/source/extensions/grpc_credentials/example/config.h @@ -3,8 +3,6 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/grpc/google_grpc_creds.h" -#include "extensions/grpc_credentials/well_known_names.h" - namespace Envoy { namespace Extensions { namespace GrpcCredentials { @@ -32,7 +30,7 @@ class AccessTokenExampleGrpcCredentialsFactory : public Grpc::GoogleGrpcCredenti getChannelCredentials(const envoy::config::core::v3::GrpcService& grpc_service_config, Api::Api& api) override; - std::string name() const override { return GrpcCredentialsNames::get().AccessTokenExample; } + std::string name() const override { return "envoy.grpc_credentials.access_token_example"; } }; /* diff --git a/source/extensions/grpc_credentials/file_based_metadata/BUILD b/source/extensions/grpc_credentials/file_based_metadata/BUILD index 45f065419f87..ffaa5554b5ce 100644 --- a/source/extensions/grpc_credentials/file_based_metadata/BUILD +++ b/source/extensions/grpc_credentials/file_based_metadata/BUILD @@ -14,17 +14,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.grpc_credentials", external_deps = ["grpc"], - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ - "//include/envoy/grpc:google_grpc_creds_interface", - "//include/envoy/registry", + "//envoy/grpc:google_grpc_creds_interface", + "//envoy/registry", "//source/common/config:utility_lib", "//source/common/grpc:common_lib", "//source/common/grpc:google_grpc_creds_lib", - "//source/extensions/grpc_credentials:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/grpc_credential/v3:pkg_cc_proto", ], diff --git a/source/extensions/grpc_credentials/file_based_metadata/config.cc b/source/extensions/grpc_credentials/file_based_metadata/config.cc index 124961d1d57a..81fa4aa78343 100644 --- a/source/extensions/grpc_credentials/file_based_metadata/config.cc +++ b/source/extensions/grpc_credentials/file_based_metadata/config.cc @@ -1,4 +1,4 @@ -#include "extensions/grpc_credentials/file_based_metadata/config.h" +#include "source/extensions/grpc_credentials/file_based_metadata/config.h" #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.h" @@ -6,11 +6,11 @@ #include "envoy/grpc/google_grpc_creds.h" #include "envoy/registry/registry.h" -#include "common/config/datasource.h" -#include "common/config/utility.h" -#include "common/grpc/google_grpc_creds_impl.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/config/datasource.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/google_grpc_creds_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { @@ -28,7 +28,7 @@ FileBasedMetadataGrpcCredentialsFactory::getChannelCredentials( switch (credential.credential_specifier_case()) { case envoy::config::core::v3::GrpcService::GoogleGrpc::CallCredentials:: CredentialSpecifierCase::kFromPlugin: { - if (credential.from_plugin().name() == GrpcCredentialsNames::get().FileBasedMetadata) { + if (credential.from_plugin().name() == "envoy.grpc_credentials.file_based_metadata") { FileBasedMetadataGrpcCredentialsFactory file_based_metadata_credentials_factory; // We don't deal with validation failures here at runtime today, see // https://github.com/envoyproxy/envoy/issues/8010. diff --git a/source/extensions/grpc_credentials/file_based_metadata/config.h b/source/extensions/grpc_credentials/file_based_metadata/config.h index c9d7b3dfeeb5..2ff1c54a161f 100644 --- a/source/extensions/grpc_credentials/file_based_metadata/config.h +++ b/source/extensions/grpc_credentials/file_based_metadata/config.h @@ -4,9 +4,7 @@ #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.h" #include "envoy/grpc/google_grpc_creds.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/grpc_credentials/well_known_names.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { @@ -32,7 +30,7 @@ class FileBasedMetadataGrpcCredentialsFactory : public Grpc::GoogleGrpcCredentia return std::make_unique(); } - std::string name() const override { return GrpcCredentialsNames::get().FileBasedMetadata; } + std::string name() const override { return "envoy.grpc_credentials.file_based_metadata"; } }; class FileBasedMetadataAuthenticator : public grpc::MetadataCredentialsPlugin { diff --git a/source/extensions/grpc_credentials/well_known_names.h b/source/extensions/grpc_credentials/well_known_names.h deleted file mode 100644 index e654414e9b47..000000000000 --- a/source/extensions/grpc_credentials/well_known_names.h +++ /dev/null @@ -1,29 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace GrpcCredentials { - -/** - * Well-known gRPC Credentials names. - * NOTE: New gRPC Credentials should use the well known name: envoy.grpc_credentials.name. - */ -class GrpcCredentialsNameValues { -public: - // Access Token Example. - const std::string AccessTokenExample = "envoy.grpc_credentials.access_token_example"; - // File Based Metadata credentials - const std::string FileBasedMetadata = "envoy.grpc_credentials.file_based_metadata"; - // AWS IAM - const std::string AwsIam = "envoy.grpc_credentials.aws_iam"; -}; - -using GrpcCredentialsNames = ConstSingleton; - -} // namespace GrpcCredentials -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/health_checkers/BUILD b/source/extensions/health_checkers/BUILD deleted file mode 100644 index 40a5e79b39d3..000000000000 --- a/source/extensions/health_checkers/BUILD +++ /dev/null @@ -1,19 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/health_checkers/redis/BUILD b/source/extensions/health_checkers/redis/BUILD index 8689cbecb107..0fd615b9d044 100644 --- a/source/extensions/health_checkers/redis/BUILD +++ b/source/extensions/health_checkers/redis/BUILD @@ -31,15 +31,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.health_checkers", - security_posture = "requires_trusted_downstream_and_upstream", deps = [ ":redis", ":utility", - "//include/envoy/registry", - "//include/envoy/server:health_checker_config_interface", + "//envoy/registry", + "//envoy/server:health_checker_config_interface", "//source/common/common:assert_lib", - "//source/extensions/health_checkers:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/filters/network/redis_proxy/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/health_checkers/redis/v3:pkg_cc_proto", diff --git a/source/extensions/health_checkers/redis/config.cc b/source/extensions/health_checkers/redis/config.cc index b36a2b6f0118..880c2b34de77 100644 --- a/source/extensions/health_checkers/redis/config.cc +++ b/source/extensions/health_checkers/redis/config.cc @@ -1,13 +1,12 @@ -#include "extensions/health_checkers/redis/config.h" +#include "source/extensions/health_checkers/redis/config.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/health_checkers/redis/utility.h" +#include "source/common/config/utility.h" +#include "source/extensions/health_checkers/redis/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/health_checkers/redis/config.h b/source/extensions/health_checkers/redis/config.h index e51cb8b256cb..ea8820e87b35 100644 --- a/source/extensions/health_checkers/redis/config.h +++ b/source/extensions/health_checkers/redis/config.h @@ -7,8 +7,7 @@ #include "envoy/extensions/health_checkers/redis/v3/redis.pb.validate.h" #include "envoy/server/health_checker_config.h" -#include "extensions/health_checkers/redis/redis.h" -#include "extensions/health_checkers/well_known_names.h" +#include "source/extensions/health_checkers/redis/redis.h" namespace Envoy { namespace Extensions { @@ -24,7 +23,7 @@ class RedisHealthCheckerFactory : public Server::Configuration::CustomHealthChec createCustomHealthChecker(const envoy::config::core::v3::HealthCheck& config, Server::Configuration::HealthCheckerFactoryContext& context) override; - std::string name() const override { return HealthCheckerNames::get().RedisHealthChecker; } + std::string name() const override { return "envoy.health_checkers.redis"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr{new envoy::extensions::health_checkers::redis::v3::Redis()}; } diff --git a/source/extensions/health_checkers/redis/redis.cc b/source/extensions/health_checkers/redis/redis.cc index 6d188c5e2b06..29241d2cf177 100644 --- a/source/extensions/health_checkers/redis/redis.cc +++ b/source/extensions/health_checkers/redis/redis.cc @@ -1,4 +1,4 @@ -#include "extensions/health_checkers/redis/redis.h" +#include "source/extensions/health_checkers/redis/redis.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/data/core/v3/health_check_event.pb.h" diff --git a/source/extensions/health_checkers/redis/redis.h b/source/extensions/health_checkers/redis/redis.h index 1639e98e9c14..9f7be5bf197c 100644 --- a/source/extensions/health_checkers/redis/redis.h +++ b/source/extensions/health_checkers/redis/redis.h @@ -9,11 +9,10 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/extensions/health_checkers/redis/v3/redis.pb.h" -#include "common/upstream/health_checker_base_impl.h" - -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/redis_proxy/config.h" -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/common/upstream/health_checker_base_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/redis_proxy/config.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/health_checkers/redis/utility.h b/source/extensions/health_checkers/redis/utility.h index 25bfd9887309..b9c5de5848c2 100644 --- a/source/extensions/health_checkers/redis/utility.h +++ b/source/extensions/health_checkers/redis/utility.h @@ -4,9 +4,9 @@ #include "envoy/extensions/health_checkers/redis/v3/redis.pb.h" #include "envoy/extensions/health_checkers/redis/v3/redis.pb.validate.h" -#include "common/config/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/health_checkers/well_known_names.h b/source/extensions/health_checkers/well_known_names.h deleted file mode 100644 index e17e4a2349a4..000000000000 --- a/source/extensions/health_checkers/well_known_names.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace HealthCheckers { - -/** - * Well-known health checker names. - * NOTE: New health checkers should use the well known name: envoy.health_checkers.name. - */ -class HealthCheckerNameValues { -public: - // Redis health checker. - const std::string RedisHealthChecker = "envoy.health_checkers.redis"; -}; - -using HealthCheckerNames = ConstSingleton; - -} // namespace HealthCheckers -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/http/header_formatters/preserve_case/BUILD b/source/extensions/http/header_formatters/preserve_case/BUILD index 6fde9d6725f3..5233d48e4114 100644 --- a/source/extensions/http/header_formatters/preserve_case/BUILD +++ b/source/extensions/http/header_formatters/preserve_case/BUILD @@ -12,10 +12,8 @@ envoy_cc_extension( name = "preserve_case_formatter", srcs = ["preserve_case_formatter.cc"], hdrs = ["preserve_case_formatter.h"], - category = "envoy.http.stateful_header_formatters", - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ - "//include/envoy/registry", + "//envoy/registry", "@envoy_api//envoy/extensions/http/header_formatters/preserve_case/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc index 38d72824a983..a27b35478f1e 100644 --- a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc +++ b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc @@ -1,4 +1,4 @@ -#include "extensions/http/header_formatters/preserve_case/preserve_case_formatter.h" +#include "source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h" #include "envoy/extensions/http/header_formatters/preserve_case/v3/preserve_case.pb.h" #include "envoy/extensions/http/header_formatters/preserve_case/v3/preserve_case.pb.validate.h" diff --git a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h index ca78e0a5e260..d2e3f7da00ff 100644 --- a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h +++ b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h @@ -2,7 +2,7 @@ #include "envoy/http/header_formatter.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/http/original_ip_detection/custom_header/BUILD b/source/extensions/http/original_ip_detection/custom_header/BUILD index 13f1a2000999..1792aec58707 100644 --- a/source/extensions/http/original_ip_detection/custom_header/BUILD +++ b/source/extensions/http/original_ip_detection/custom_header/BUILD @@ -16,7 +16,7 @@ envoy_cc_library( # This extension is used from core tests. visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:original_ip_detection_interface", + "//envoy/http:original_ip_detection_interface", "//source/common/network:utility_lib", "@envoy_api//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg_cc_proto", ], @@ -26,14 +26,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.http.original_ip_detection", - security_posture = "robust_to_untrusted_downstream", # This extension is used from core tests. visibility = ["//visibility:public"], deps = [ ":custom_header_lib", - "//include/envoy/http:original_ip_detection_interface", - "//include/envoy/registry", + "//envoy/http:original_ip_detection_interface", + "//envoy/registry", "//source/common/config:utility_lib", "@envoy_api//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg_cc_proto", ], diff --git a/source/extensions/http/original_ip_detection/custom_header/config.cc b/source/extensions/http/original_ip_detection/custom_header/config.cc index 65defdccb738..12a6feef49ef 100644 --- a/source/extensions/http/original_ip_detection/custom_header/config.cc +++ b/source/extensions/http/original_ip_detection/custom_header/config.cc @@ -1,13 +1,11 @@ -#include "extensions/http/original_ip_detection/custom_header/config.h" +#include "source/extensions/http/original_ip_detection/custom_header/config.h" #include "envoy/extensions/http/original_ip_detection/custom_header/v3/custom_header.pb.h" #include "envoy/extensions/http/original_ip_detection/custom_header/v3/custom_header.pb.validate.h" #include "envoy/http/original_ip_detection.h" -#include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/http/original_ip_detection/custom_header/custom_header.h" +#include "source/common/config/utility.h" +#include "source/extensions/http/original_ip_detection/custom_header/custom_header.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/http/original_ip_detection/custom_header/config.h b/source/extensions/http/original_ip_detection/custom_header/config.h index 05e28c07b30e..4c460c3a1caa 100644 --- a/source/extensions/http/original_ip_detection/custom_header/config.h +++ b/source/extensions/http/original_ip_detection/custom_header/config.h @@ -2,8 +2,9 @@ #include "envoy/extensions/http/original_ip_detection/custom_header/v3/custom_header.pb.h" #include "envoy/http/original_ip_detection.h" +#include "envoy/registry/registry.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { @@ -29,6 +30,8 @@ class CustomHeaderIPDetectionFactory : public Envoy::Http::OriginalIPDetectionFa std::string name() const override { return "envoy.http.original_ip_detection.custom_header"; } }; +DECLARE_FACTORY(CustomHeaderIPDetectionFactory); + } // namespace CustomHeader } // namespace OriginalIPDetection } // namespace Http diff --git a/source/extensions/http/original_ip_detection/custom_header/custom_header.cc b/source/extensions/http/original_ip_detection/custom_header/custom_header.cc index 9e7d9d7e8bcb..b75065111981 100644 --- a/source/extensions/http/original_ip_detection/custom_header/custom_header.cc +++ b/source/extensions/http/original_ip_detection/custom_header/custom_header.cc @@ -1,6 +1,6 @@ -#include "extensions/http/original_ip_detection/custom_header/custom_header.h" +#include "source/extensions/http/original_ip_detection/custom_header/custom_header.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/http/original_ip_detection/xff/BUILD b/source/extensions/http/original_ip_detection/xff/BUILD index a247f485a1f5..a3519bca646a 100644 --- a/source/extensions/http/original_ip_detection/xff/BUILD +++ b/source/extensions/http/original_ip_detection/xff/BUILD @@ -16,7 +16,7 @@ envoy_cc_library( # This extension is core code. visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:original_ip_detection_interface", + "//envoy/http:original_ip_detection_interface", "//source/common/http:utility_lib", "@envoy_api//envoy/extensions/http/original_ip_detection/xff/v3:pkg_cc_proto", ], @@ -26,14 +26,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.http.original_ip_detection", - security_posture = "robust_to_untrusted_downstream", # This extension is core code. visibility = ["//visibility:public"], deps = [ ":xff_lib", - "//include/envoy/http:original_ip_detection_interface", - "//include/envoy/registry", + "//envoy/http:original_ip_detection_interface", + "//envoy/registry", "//source/common/config:utility_lib", "@envoy_api//envoy/extensions/http/original_ip_detection/xff/v3:pkg_cc_proto", ], diff --git a/source/extensions/http/original_ip_detection/xff/config.cc b/source/extensions/http/original_ip_detection/xff/config.cc index 57179a6a077f..0f657239e3e8 100644 --- a/source/extensions/http/original_ip_detection/xff/config.cc +++ b/source/extensions/http/original_ip_detection/xff/config.cc @@ -1,13 +1,11 @@ -#include "extensions/http/original_ip_detection/xff/config.h" +#include "source/extensions/http/original_ip_detection/xff/config.h" #include "envoy/extensions/http/original_ip_detection/xff/v3/xff.pb.h" #include "envoy/extensions/http/original_ip_detection/xff/v3/xff.pb.validate.h" #include "envoy/http/original_ip_detection.h" -#include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/http/original_ip_detection/xff/xff.h" +#include "source/common/config/utility.h" +#include "source/extensions/http/original_ip_detection/xff/xff.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/http/original_ip_detection/xff/config.h b/source/extensions/http/original_ip_detection/xff/config.h index df3872adbab0..ce04edbbc0d4 100644 --- a/source/extensions/http/original_ip_detection/xff/config.h +++ b/source/extensions/http/original_ip_detection/xff/config.h @@ -2,8 +2,9 @@ #include "envoy/extensions/http/original_ip_detection/xff/v3/xff.pb.h" #include "envoy/http/original_ip_detection.h" +#include "envoy/registry/registry.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { @@ -28,6 +29,8 @@ class XffIPDetectionFactory : public Envoy::Http::OriginalIPDetectionFactory { std::string name() const override { return "envoy.http.original_ip_detection.xff"; } }; +DECLARE_FACTORY(XffIPDetectionFactory); + } // namespace Xff } // namespace OriginalIPDetection } // namespace Http diff --git a/source/extensions/http/original_ip_detection/xff/xff.cc b/source/extensions/http/original_ip_detection/xff/xff.cc index 70f142bb52df..7dd6740d543b 100644 --- a/source/extensions/http/original_ip_detection/xff/xff.cc +++ b/source/extensions/http/original_ip_detection/xff/xff.cc @@ -1,6 +1,6 @@ -#include "extensions/http/original_ip_detection/xff/xff.h" +#include "source/extensions/http/original_ip_detection/xff/xff.h" -#include "common/http/utility.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/internal_redirect/BUILD b/source/extensions/internal_redirect/BUILD index 40a5e79b39d3..90e061ad8da3 100644 --- a/source/extensions/internal_redirect/BUILD +++ b/source/extensions/internal_redirect/BUILD @@ -1,19 +1,8 @@ load( "//bazel:envoy_build_system.bzl", - "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/internal_redirect/allow_listed_routes/BUILD b/source/extensions/internal_redirect/allow_listed_routes/BUILD index f3186dde09df..bb6a1f6091db 100644 --- a/source/extensions/internal_redirect/allow_listed_routes/BUILD +++ b/source/extensions/internal_redirect/allow_listed_routes/BUILD @@ -13,9 +13,8 @@ envoy_cc_library( name = "allow_listed_routes_lib", hdrs = ["allow_listed_routes.h"], deps = [ - "//include/envoy/router:internal_redirect_interface", - "//include/envoy/stream_info:filter_state_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/router:internal_redirect_interface", + "//envoy/stream_info:filter_state_interface", "@envoy_api//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg_cc_proto", ], ) @@ -24,17 +23,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.internal_redirect_predicates", # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":allow_listed_routes_lib", - "//include/envoy/registry", - "//include/envoy/router:internal_redirect_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/registry", + "//envoy/router:internal_redirect_interface", "@envoy_api//envoy/extensions/internal_redirect/allow_listed_routes/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h b/source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h index 72d8d605db0f..8f5119ac9d1e 100644 --- a/source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h +++ b/source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h @@ -4,8 +4,6 @@ #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" -#include "extensions/internal_redirect/well_known_names.h" - #include "absl/container/flat_hash_set.h" #include "absl/strings/string_view.h" @@ -26,7 +24,7 @@ class AllowListedRoutesPredicate : public Router::InternalRedirectPredicate { } absl::string_view name() const override { - return InternalRedirectPredicateValues::get().AllowListedRoutesPredicate; + return "envoy.internal_redirect_predicates.allow_listed_routes"; } const absl::flat_hash_set allowed_routes_; diff --git a/source/extensions/internal_redirect/allow_listed_routes/config.cc b/source/extensions/internal_redirect/allow_listed_routes/config.cc index 55c2d5af81ce..75d517cd9c53 100644 --- a/source/extensions/internal_redirect/allow_listed_routes/config.cc +++ b/source/extensions/internal_redirect/allow_listed_routes/config.cc @@ -1,4 +1,4 @@ -#include "extensions/internal_redirect/allow_listed_routes/config.h" +#include "source/extensions/internal_redirect/allow_listed_routes/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" diff --git a/source/extensions/internal_redirect/allow_listed_routes/config.h b/source/extensions/internal_redirect/allow_listed_routes/config.h index 1a122f4f31b6..8f4a5b151538 100644 --- a/source/extensions/internal_redirect/allow_listed_routes/config.h +++ b/source/extensions/internal_redirect/allow_listed_routes/config.h @@ -4,11 +4,9 @@ #include "envoy/extensions/internal_redirect/allow_listed_routes/v3/allow_listed_routes_config.pb.validate.h" #include "envoy/router/internal_redirect.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h" -#include "extensions/internal_redirect/well_known_names.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/internal_redirect/allow_listed_routes/allow_listed_routes.h" namespace Envoy { namespace Extensions { @@ -26,7 +24,7 @@ class AllowListedRoutesPredicateFactory : public Router::InternalRedirectPredica } std::string name() const override { - return InternalRedirectPredicateValues::get().AllowListedRoutesPredicate; + return "envoy.internal_redirect_predicates.allow_listed_routes"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { diff --git a/source/extensions/internal_redirect/previous_routes/BUILD b/source/extensions/internal_redirect/previous_routes/BUILD index ada41e1ed237..969d1ac9a13b 100644 --- a/source/extensions/internal_redirect/previous_routes/BUILD +++ b/source/extensions/internal_redirect/previous_routes/BUILD @@ -14,9 +14,8 @@ envoy_cc_library( srcs = ["previous_routes.cc"], hdrs = ["previous_routes.h"], deps = [ - "//include/envoy/router:internal_redirect_interface", - "//include/envoy/stream_info:filter_state_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/router:internal_redirect_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -24,17 +23,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.internal_redirect_predicates", # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":previous_routes_lib", - "//include/envoy/registry", - "//include/envoy/router:internal_redirect_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/registry", + "//envoy/router:internal_redirect_interface", "@envoy_api//envoy/extensions/internal_redirect/previous_routes/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/internal_redirect/previous_routes/config.cc b/source/extensions/internal_redirect/previous_routes/config.cc index d5d4b67c491e..5070b9379aae 100644 --- a/source/extensions/internal_redirect/previous_routes/config.cc +++ b/source/extensions/internal_redirect/previous_routes/config.cc @@ -1,4 +1,4 @@ -#include "extensions/internal_redirect/previous_routes/config.h" +#include "source/extensions/internal_redirect/previous_routes/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" diff --git a/source/extensions/internal_redirect/previous_routes/config.h b/source/extensions/internal_redirect/previous_routes/config.h index 21ccb3c1646b..54f947b02ee6 100644 --- a/source/extensions/internal_redirect/previous_routes/config.h +++ b/source/extensions/internal_redirect/previous_routes/config.h @@ -4,8 +4,7 @@ #include "envoy/extensions/internal_redirect/previous_routes/v3/previous_routes_config.pb.validate.h" #include "envoy/router/internal_redirect.h" -#include "extensions/internal_redirect/previous_routes/previous_routes.h" -#include "extensions/internal_redirect/well_known_names.h" +#include "source/extensions/internal_redirect/previous_routes/previous_routes.h" namespace Envoy { namespace Extensions { @@ -19,9 +18,7 @@ class PreviousRoutesPredicateFactory : public Router::InternalRedirectPredicateF return std::make_shared(current_route_name); } - std::string name() const override { - return InternalRedirectPredicateValues::get().PreviousRoutesPredicate; - } + std::string name() const override { return "envoy.internal_redirect_predicates.previous_routes"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return std::make_unique< diff --git a/source/extensions/internal_redirect/previous_routes/previous_routes.cc b/source/extensions/internal_redirect/previous_routes/previous_routes.cc index a29187e29d43..5194255b5d49 100644 --- a/source/extensions/internal_redirect/previous_routes/previous_routes.cc +++ b/source/extensions/internal_redirect/previous_routes/previous_routes.cc @@ -1,4 +1,4 @@ -#include "extensions/internal_redirect/previous_routes/previous_routes.h" +#include "source/extensions/internal_redirect/previous_routes/previous_routes.h" #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" diff --git a/source/extensions/internal_redirect/previous_routes/previous_routes.h b/source/extensions/internal_redirect/previous_routes/previous_routes.h index b79f4f8b1754..9b13a5397364 100644 --- a/source/extensions/internal_redirect/previous_routes/previous_routes.h +++ b/source/extensions/internal_redirect/previous_routes/previous_routes.h @@ -3,8 +3,6 @@ #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" -#include "extensions/internal_redirect/well_known_names.h" - #include "absl/strings/string_view.h" namespace Envoy { @@ -20,7 +18,7 @@ class PreviousRoutesPredicate : public Router::InternalRedirectPredicate { bool) override; absl::string_view name() const override { - return InternalRedirectPredicateValues::get().PreviousRoutesPredicate; + return "envoy.internal_redirect_predicates.previous_routes"; } private: diff --git a/source/extensions/internal_redirect/safe_cross_scheme/BUILD b/source/extensions/internal_redirect/safe_cross_scheme/BUILD index 5936010fed94..bc464c310b14 100644 --- a/source/extensions/internal_redirect/safe_cross_scheme/BUILD +++ b/source/extensions/internal_redirect/safe_cross_scheme/BUILD @@ -13,9 +13,8 @@ envoy_cc_library( name = "safe_cross_scheme_lib", hdrs = ["safe_cross_scheme.h"], deps = [ - "//include/envoy/router:internal_redirect_interface", - "//include/envoy/stream_info:filter_state_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/router:internal_redirect_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -23,17 +22,14 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.internal_redirect_predicates", # TODO(#9953) clean up by moving the redirect test to extensions. extra_visibility = [ "//test/integration:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":safe_cross_scheme_lib", - "//include/envoy/registry", - "//include/envoy/router:internal_redirect_interface", - "//source/extensions/internal_redirect:well_known_names", + "//envoy/registry", + "//envoy/router:internal_redirect_interface", "@envoy_api//envoy/extensions/internal_redirect/safe_cross_scheme/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/internal_redirect/safe_cross_scheme/config.cc b/source/extensions/internal_redirect/safe_cross_scheme/config.cc index 43b7664fd7ff..b3e2d16cfba7 100644 --- a/source/extensions/internal_redirect/safe_cross_scheme/config.cc +++ b/source/extensions/internal_redirect/safe_cross_scheme/config.cc @@ -1,4 +1,4 @@ -#include "extensions/internal_redirect/safe_cross_scheme/config.h" +#include "source/extensions/internal_redirect/safe_cross_scheme/config.h" #include "envoy/registry/registry.h" #include "envoy/router/internal_redirect.h" diff --git a/source/extensions/internal_redirect/safe_cross_scheme/config.h b/source/extensions/internal_redirect/safe_cross_scheme/config.h index 49a8fdfa8b69..36c8385cbce8 100644 --- a/source/extensions/internal_redirect/safe_cross_scheme/config.h +++ b/source/extensions/internal_redirect/safe_cross_scheme/config.h @@ -3,8 +3,7 @@ #include "envoy/extensions/internal_redirect/safe_cross_scheme/v3/safe_cross_scheme_config.pb.h" #include "envoy/router/internal_redirect.h" -#include "extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h" -#include "extensions/internal_redirect/well_known_names.h" +#include "source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h" namespace Envoy { namespace Extensions { @@ -18,7 +17,7 @@ class SafeCrossSchemePredicateFactory : public Router::InternalRedirectPredicate } std::string name() const override { - return InternalRedirectPredicateValues::get().SafeCrossSchemePredicate; + return "envoy.internal_redirect_predicates.safe_cross_scheme"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { diff --git a/source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h b/source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h index fb33e58b6fdd..d62a2e0b03b0 100644 --- a/source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h +++ b/source/extensions/internal_redirect/safe_cross_scheme/safe_cross_scheme.h @@ -3,8 +3,6 @@ #include "envoy/router/internal_redirect.h" #include "envoy/stream_info/filter_state.h" -#include "extensions/internal_redirect/well_known_names.h" - #include "absl/strings/string_view.h" namespace Envoy { @@ -19,7 +17,7 @@ class SafeCrossSchemePredicate : public Router::InternalRedirectPredicate { } absl::string_view name() const override { - return InternalRedirectPredicateValues::get().SafeCrossSchemePredicate; + return "envoy.internal_redirect_predicates.safe_cross_scheme"; } }; diff --git a/source/extensions/internal_redirect/well_known_names.h b/source/extensions/internal_redirect/well_known_names.h deleted file mode 100644 index 003e270329d6..000000000000 --- a/source/extensions/internal_redirect/well_known_names.h +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace InternalRedirect { - -/** - * Well-known internal redirect predicate names. - */ -class InternalRedirectPredicatesNameValues { -public: - const std::string AllowListedRoutesPredicate = - "envoy.internal_redirect_predicates.allow_listed_routes"; - const std::string PreviousRoutesPredicate = "envoy.internal_redirect_predicates.previous_routes"; - const std::string SafeCrossSchemePredicate = - "envoy.internal_redirect_predicates.safe_cross_scheme"; -}; - -using InternalRedirectPredicateValues = ConstSingleton; - -} // namespace InternalRedirect -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/io_socket/user_space/BUILD b/source/extensions/io_socket/user_space/BUILD index 18a01f6e1eae..334fe51a916e 100644 --- a/source/extensions/io_socket/user_space/BUILD +++ b/source/extensions/io_socket/user_space/BUILD @@ -12,10 +12,6 @@ envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.h"], - category = "envoy.io_socket", - security_posture = "unknown", - status = "wip", - undocumented = True, deps = [ ], ) @@ -40,7 +36,7 @@ envoy_cc_library( ], deps = [ ":io_handle_lib", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", ], ) diff --git a/source/extensions/io_socket/user_space/file_event_impl.cc b/source/extensions/io_socket/user_space/file_event_impl.cc index 6f116d809bcb..dcb89c659529 100644 --- a/source/extensions/io_socket/user_space/file_event_impl.cc +++ b/source/extensions/io_socket/user_space/file_event_impl.cc @@ -1,8 +1,7 @@ -#include "extensions/io_socket/user_space/file_event_impl.h" +#include "source/extensions/io_socket/user_space/file_event_impl.h" -#include "common/common/assert.h" - -#include "extensions/io_socket/user_space/io_handle.h" +#include "source/common/common/assert.h" +#include "source/extensions/io_socket/user_space/io_handle.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/io_socket/user_space/file_event_impl.h b/source/extensions/io_socket/user_space/file_event_impl.h index 870339aacf8a..f02a80689e57 100644 --- a/source/extensions/io_socket/user_space/file_event_impl.h +++ b/source/extensions/io_socket/user_space/file_event_impl.h @@ -5,9 +5,8 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/file_event.h" -#include "common/common/assert.h" - -#include "extensions/io_socket/user_space/io_handle.h" +#include "source/common/common/assert.h" +#include "source/extensions/io_socket/user_space/io_handle.h" namespace Envoy { diff --git a/source/extensions/io_socket/user_space/io_handle_impl.cc b/source/extensions/io_socket/user_space/io_handle_impl.cc index 4c487cf5fa9e..bbdb37e3b09e 100644 --- a/source/extensions/io_socket/user_space/io_handle_impl.cc +++ b/source/extensions/io_socket/user_space/io_handle_impl.cc @@ -1,14 +1,13 @@ -#include "extensions/io_socket/user_space/io_handle_impl.h" +#include "source/extensions/io_socket/user_space/io_handle_impl.h" #include "envoy/buffer/buffer.h" #include "envoy/common/platform.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" - -#include "extensions/io_socket/user_space/file_event_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/io_socket/user_space/file_event_impl.h" #include "absl/types/optional.h" diff --git a/source/extensions/io_socket/user_space/io_handle_impl.h b/source/extensions/io_socket/user_space/io_handle_impl.h index d0ceab1d5cf8..71d3248d4722 100644 --- a/source/extensions/io_socket/user_space/io_handle_impl.h +++ b/source/extensions/io_socket/user_space/io_handle_impl.h @@ -9,12 +9,11 @@ #include "envoy/network/address.h" #include "envoy/network/io_handle.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/logger.h" -#include "common/network/io_socket_error_impl.h" - -#include "extensions/io_socket/user_space/file_event_impl.h" -#include "extensions/io_socket/user_space/io_handle.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/logger.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/extensions/io_socket/user_space/file_event_impl.h" +#include "source/extensions/io_socket/user_space/io_handle.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/matching/common_inputs/environment_variable/BUILD b/source/extensions/matching/common_inputs/environment_variable/BUILD index cf54b92130a8..52a146857ad8 100644 --- a/source/extensions/matching/common_inputs/environment_variable/BUILD +++ b/source/extensions/matching/common_inputs/environment_variable/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( name = "input_lib", hdrs = ["input.h"], deps = [ - "//include/envoy/matcher:matcher_interface", + "//envoy/matcher:matcher_interface", "//source/common/common:hash_lib", ], ) @@ -22,13 +22,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.matching.common_inputs", - security_posture = "robust_to_untrusted_downstream", deps = [ ":input_lib", - "//include/envoy/matcher:matcher_interface", - "//include/envoy/registry", - "//include/envoy/server:factory_context_interface", + "//envoy/matcher:matcher_interface", + "//envoy/registry", + "//envoy/server:factory_context_interface", "@envoy_api//envoy/extensions/matching/common_inputs/environment_variable/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/matching/common_inputs/environment_variable/config.cc b/source/extensions/matching/common_inputs/environment_variable/config.cc index a7716e0b0748..bebbe41a7fd9 100644 --- a/source/extensions/matching/common_inputs/environment_variable/config.cc +++ b/source/extensions/matching/common_inputs/environment_variable/config.cc @@ -1,4 +1,4 @@ -#include "extensions/matching/common_inputs/environment_variable/config.h" +#include "source/extensions/matching/common_inputs/environment_variable/config.h" #include @@ -10,9 +10,9 @@ namespace Matching { namespace CommonInputs { namespace EnvironmentVariable { -Envoy::Matcher::CommonProtocolInputPtr -Config::createCommonProtocolInput(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) { +Envoy::Matcher::CommonProtocolInputFactoryCb +Config::createCommonProtocolInputFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) { const auto& environment_config = MessageUtil::downcastAndValidate< const envoy::extensions::matching::common_inputs::environment_variable::v3::Config&>( config, factory_context.messageValidationVisitor()); @@ -21,10 +21,10 @@ Config::createCommonProtocolInput(const Protobuf::Message& config, // This assumes that the environment remains stable during the process lifetime. auto* value = getenv(environment_config.name().data()); if (value != nullptr) { - return std::make_unique(std::string(value)); + return [s = std::string(value)]() { return std::make_unique(s); }; } - return std::make_unique(absl::nullopt); + return []() { return std::make_unique(absl::nullopt); }; } /** diff --git a/source/extensions/matching/common_inputs/environment_variable/config.h b/source/extensions/matching/common_inputs/environment_variable/config.h index a583785a3101..842e7c4bb23f 100644 --- a/source/extensions/matching/common_inputs/environment_variable/config.h +++ b/source/extensions/matching/common_inputs/environment_variable/config.h @@ -5,9 +5,8 @@ #include "envoy/matcher/matcher.h" #include "envoy/server/factory_context.h" -#include "common/protobuf/utility.h" - -#include "extensions/matching/common_inputs/environment_variable/input.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/matching/common_inputs/environment_variable/input.h" namespace Envoy { namespace Extensions { @@ -17,9 +16,9 @@ namespace EnvironmentVariable { class Config : public Envoy::Matcher::CommonProtocolInputFactory { public: - Envoy::Matcher::CommonProtocolInputPtr - createCommonProtocolInput(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) override; + Envoy::Matcher::CommonProtocolInputFactoryCb createCommonProtocolInputFactoryCb( + const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) override; std::string name() const override { return "envoy.matching.common_inputs.environment_variable"; } diff --git a/source/extensions/matching/common_inputs/environment_variable/input.h b/source/extensions/matching/common_inputs/environment_variable/input.h index 240869d9c9d0..07b2d67ccffb 100644 --- a/source/extensions/matching/common_inputs/environment_variable/input.h +++ b/source/extensions/matching/common_inputs/environment_variable/input.h @@ -12,7 +12,7 @@ class Input : public Matcher::CommonProtocolInput { public: explicit Input(absl::optional&& value) : storage_(std::move(value)) {} - absl::optional get() override { return storage_; } + absl::optional get() override { return storage_; } private: const absl::optional storage_; diff --git a/source/extensions/matching/input_matchers/consistent_hashing/BUILD b/source/extensions/matching/input_matchers/consistent_hashing/BUILD index 753f6ae6756a..a5fc295998e4 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/BUILD +++ b/source/extensions/matching/input_matchers/consistent_hashing/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( name = "consistent_hashing_lib", hdrs = ["matcher.h"], deps = [ - "//include/envoy/matcher:matcher_interface", - "//include/envoy/upstream:retry_interface", + "//envoy/matcher:matcher_interface", + "//envoy/upstream:retry_interface", "//source/common/common:hash_lib", ], ) @@ -23,13 +23,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.matching.input_matchers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":consistent_hashing_lib", - "//include/envoy/matcher:matcher_interface", - "//include/envoy/registry", - "//include/envoy/server:factory_context_interface", + "//envoy/matcher:matcher_interface", + "//envoy/registry", + "//envoy/server:factory_context_interface", "@envoy_api//envoy/extensions/matching/input_matchers/consistent_hashing/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/matching/input_matchers/consistent_hashing/config.cc b/source/extensions/matching/input_matchers/consistent_hashing/config.cc index 6b9e2e7f7aca..cfcac842d366 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/config.cc +++ b/source/extensions/matching/input_matchers/consistent_hashing/config.cc @@ -1,4 +1,4 @@ -#include "extensions/matching/input_matchers/consistent_hashing/config.h" +#include "source/extensions/matching/input_matchers/consistent_hashing/config.h" namespace Envoy { namespace Extensions { @@ -6,7 +6,7 @@ namespace Matching { namespace InputMatchers { namespace ConsistentHashing { -Envoy::Matcher::InputMatcherPtr ConsistentHashingConfig::createInputMatcher( +Envoy::Matcher::InputMatcherFactoryCb ConsistentHashingConfig::createInputMatcherFactoryCb( const Protobuf::Message& config, Server::Configuration::FactoryContext& factory_context) { const auto& consistent_hashing_config = MessageUtil::downcastAndValidate(consistent_hashing_config.threshold(), - consistent_hashing_config.modulo(), - consistent_hashing_config.seed()); + return [consistent_hashing_config]() { + return std::make_unique(consistent_hashing_config.threshold(), + consistent_hashing_config.modulo(), + consistent_hashing_config.seed()); + }; } /** * Static registration for the consistent hashing matcher. @see RegisterFactory. diff --git a/source/extensions/matching/input_matchers/consistent_hashing/config.h b/source/extensions/matching/input_matchers/consistent_hashing/config.h index ec0f66649190..1ce2dd628986 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/config.h +++ b/source/extensions/matching/input_matchers/consistent_hashing/config.h @@ -5,9 +5,8 @@ #include "envoy/matcher/matcher.h" #include "envoy/server/factory_context.h" -#include "common/protobuf/utility.h" - -#include "extensions/matching/input_matchers/consistent_hashing/matcher.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/matching/input_matchers/consistent_hashing/matcher.h" namespace Envoy { namespace Extensions { @@ -17,9 +16,9 @@ namespace ConsistentHashing { class ConsistentHashingConfig : public Envoy::Matcher::InputMatcherFactory { public: - Envoy::Matcher::InputMatcherPtr - createInputMatcher(const Protobuf::Message& config, - Server::Configuration::FactoryContext& factory_context) override; + Envoy::Matcher::InputMatcherFactoryCb + createInputMatcherFactoryCb(const Protobuf::Message& config, + Server::Configuration::FactoryContext& factory_context) override; std::string name() const override { return "envoy.matching.matchers.consistent_hashing"; } diff --git a/source/extensions/matching/input_matchers/consistent_hashing/matcher.h b/source/extensions/matching/input_matchers/consistent_hashing/matcher.h index d55e795f3b65..4ef0f6eaa20d 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/matcher.h +++ b/source/extensions/matching/input_matchers/consistent_hashing/matcher.h @@ -2,7 +2,7 @@ #include "envoy/matcher/matcher.h" -#include "common/common/hash.h" +#include "source/common/common/hash.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/quic/crypto_stream/BUILD b/source/extensions/quic/crypto_stream/BUILD new file mode 100644 index 000000000000..8c919379f2c3 --- /dev/null +++ b/source/extensions/quic/crypto_stream/BUILD @@ -0,0 +1,59 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +# Extensions of QUIC crypto stream. + +envoy_extension_package() + +envoy_cc_library( + name = "envoy_quic_crypto_server_stream_lib", + srcs = ["envoy_quic_crypto_server_stream.cc"], + hdrs = ["envoy_quic_crypto_server_stream.h"], + tags = ["nofips"], + visibility = [ + "//source/common/quic:__subpackages__", + "//test:__subpackages__", + ], + deps = [ + "//source/common/quic:envoy_quic_crypto_stream_factory_lib", + "@envoy_api//envoy/extensions/quic/crypto_stream/v3:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "envoy_quic_default_crypto_server_stream", + extra_visibility = [ + "//source/common/quic:__subpackages__", + "//test:__subpackages__", + ], + tags = ["nofips"], + deps = select( + { + "//bazel:boringssl_fips": [], + "//bazel:boringssl_disabled": [], + "//conditions:default": [ + ":envoy_quic_crypto_server_stream_lib", + ], + }, + ), +) + +envoy_cc_library( + name = "envoy_quic_crypto_client_stream_lib", + srcs = ["envoy_quic_crypto_client_stream.cc"], + hdrs = ["envoy_quic_crypto_client_stream.h"], + tags = ["nofips"], + visibility = [ + "//source/common/quic:__subpackages__", + "//test:__subpackages__", + ], + deps = [ + "//source/common/quic:envoy_quic_crypto_stream_factory_lib", + ], +) diff --git a/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.cc b/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.cc new file mode 100644 index 000000000000..da458db20eb2 --- /dev/null +++ b/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.cc @@ -0,0 +1,18 @@ +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h" + +namespace Envoy { +namespace Quic { + +std::unique_ptr +EnvoyQuicCryptoClientStreamFactoryImpl::createEnvoyQuicCryptoClientStream( + const quic::QuicServerId& server_id, quic::QuicSession* session, + std::unique_ptr verify_context, + quic::QuicCryptoClientConfig* crypto_config, + quic::QuicCryptoClientStream::ProofHandler* proof_handler, bool has_application_state) { + return std::make_unique(server_id, session, + std::move(verify_context), crypto_config, + proof_handler, has_application_state); +}; + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h b/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h new file mode 100644 index 000000000000..7b8f12c09402 --- /dev/null +++ b/source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h @@ -0,0 +1,19 @@ +#pragma once + +#include "source/common/quic/envoy_quic_crypto_stream_factory.h" + +namespace Envoy { +namespace Quic { + +class EnvoyQuicCryptoClientStreamFactoryImpl : public EnvoyQuicCryptoClientStreamFactoryInterface { +public: + std::unique_ptr + createEnvoyQuicCryptoClientStream(const quic::QuicServerId& server_id, quic::QuicSession* session, + std::unique_ptr verify_context, + quic::QuicCryptoClientConfig* crypto_config, + quic::QuicCryptoClientStream::ProofHandler* proof_handler, + bool has_application_state) override; +}; + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.cc b/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.cc new file mode 100644 index 000000000000..ad17d8512605 --- /dev/null +++ b/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.cc @@ -0,0 +1,22 @@ +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h" + +namespace Envoy { +namespace Quic { + +std::unique_ptr +EnvoyQuicCryptoServerStreamFactoryImpl::createEnvoyQuicCryptoServerStream( + const quic::QuicCryptoServerConfig* crypto_config, + quic::QuicCompressedCertsCache* compressed_certs_cache, quic::QuicSession* session, + quic::QuicCryptoServerStreamBase::Helper* helper, + // Though this extension doesn't use the two parameters below, they might be used by + // downstreams. Do not remove them. + OptRef /*transport_socket_factory*/, + Envoy::Event::Dispatcher& /*dispatcher*/) { + return quic::CreateCryptoServerStream(crypto_config, compressed_certs_cache, session, helper); +} + +REGISTER_FACTORY(EnvoyQuicCryptoServerStreamFactoryImpl, + EnvoyQuicCryptoServerStreamFactoryInterface); + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h b/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h new file mode 100644 index 000000000000..10bf47cf5e8b --- /dev/null +++ b/source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h @@ -0,0 +1,28 @@ +#pragma once + +#include "envoy/extensions/quic/crypto_stream/v3/crypto_stream.pb.h" +#include "envoy/registry/registry.h" + +#include "source/common/quic/envoy_quic_crypto_stream_factory.h" + +namespace Envoy { +namespace Quic { + +class EnvoyQuicCryptoServerStreamFactoryImpl : public EnvoyQuicCryptoServerStreamFactoryInterface { +public: + ProtobufTypes::MessagePtr createEmptyConfigProto() override { + return std::make_unique(); + } + std::string name() const override { return "envoy.quic.crypto_stream.server.quiche"; } + std::unique_ptr createEnvoyQuicCryptoServerStream( + const quic::QuicCryptoServerConfig* crypto_config, + quic::QuicCompressedCertsCache* compressed_certs_cache, quic::QuicSession* session, + quic::QuicCryptoServerStreamBase::Helper* helper, + OptRef transport_socket_factory, + Envoy::Event::Dispatcher& dispatcher) override; +}; + +DECLARE_FACTORY(EnvoyQuicCryptoServerStreamFactoryImpl); + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/quic/proof_source/BUILD b/source/extensions/quic/proof_source/BUILD new file mode 100644 index 000000000000..87dfd8b6023b --- /dev/null +++ b/source/extensions/quic/proof_source/BUILD @@ -0,0 +1,46 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_cc_library", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +# Extensions of QUIC proof source. + +envoy_extension_package() + +envoy_cc_library( + name = "envoy_quic_proof_source_factory_impl_lib", + srcs = ["envoy_quic_proof_source_factory_impl.cc"], + hdrs = ["envoy_quic_proof_source_factory_impl.h"], + tags = ["nofips"], + visibility = [ + "//source/common/quic:__subpackages__", + "//test:__subpackages__", + ], + deps = [ + "//source/common/quic:envoy_quic_proof_source_factory_interface", + "//source/common/quic:envoy_quic_proof_source_lib", + "@envoy_api//envoy/extensions/quic/proof_source/v3:pkg_cc_proto", + ], +) + +envoy_cc_extension( + name = "envoy_quic_default_proof_source", + extra_visibility = [ + "//source/common/quic:__subpackages__", + "//test:__subpackages__", + ], + tags = ["nofips"], + deps = select( + { + "//bazel:boringssl_fips": [], + "//bazel:boringssl_disabled": [], + "//conditions:default": [ + ":envoy_quic_proof_source_factory_impl_lib", + ], + }, + ), +) diff --git a/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.cc b/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.cc new file mode 100644 index 000000000000..3b459c4ca341 --- /dev/null +++ b/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.cc @@ -0,0 +1,16 @@ +#include "source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.h" + +namespace Envoy { +namespace Quic { + +std::unique_ptr EnvoyQuicProofSourceFactoryImpl::createQuicProofSource( + Network::Socket& listen_socket, Network::FilterChainManager& filter_chain_manager, + Server::ListenerStats& listener_stats) { + return std::make_unique(listen_socket, filter_chain_manager, + listener_stats); +} + +REGISTER_FACTORY(EnvoyQuicProofSourceFactoryImpl, EnvoyQuicProofSourceFactoryInterface); + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.h b/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.h new file mode 100644 index 000000000000..39384fcfbc8f --- /dev/null +++ b/source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.h @@ -0,0 +1,28 @@ +#include "envoy/extensions/quic/proof_source/v3/proof_source.pb.h" +#include "envoy/registry/registry.h" + +#include "source/common/quic/envoy_quic_proof_source.h" +#include "source/common/quic/envoy_quic_proof_source_factory_interface.h" + +namespace Envoy { +namespace Quic { + +// Provides a ProofSource implementation which gets certs from filter chain. +class EnvoyQuicProofSourceFactoryImpl : public EnvoyQuicProofSourceFactoryInterface { +public: + ProtobufTypes::MessagePtr createEmptyConfigProto() override { + return std::make_unique(); + } + + std::string name() const override { return "envoy.quic.proof_source.filter_chain"; } + + std::unique_ptr + createQuicProofSource(Network::Socket& listen_socket, + Network::FilterChainManager& filter_chain_manager, + Server::ListenerStats& listener_stats) override; +}; + +DECLARE_FACTORY(EnvoyQuicProofSourceFactoryImpl); + +} // namespace Quic +} // namespace Envoy diff --git a/source/extensions/rate_limit_descriptors/expr/BUILD b/source/extensions/rate_limit_descriptors/expr/BUILD index 088dd84be9c7..35c818a82cd4 100644 --- a/source/extensions/rate_limit_descriptors/expr/BUILD +++ b/source/extensions/rate_limit_descriptors/expr/BUILD @@ -12,17 +12,15 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.rate_limit_descriptors", copts = select({ "//bazel:windows_x86_64": [], # TODO: fix the windows ANTLR build "//conditions:default": [ "-DUSE_CEL_PARSER", ], }), - security_posture = "unknown", deps = [ - "//include/envoy/ratelimit:ratelimit_interface", - "//include/envoy/registry", + "//envoy/ratelimit:ratelimit_interface", + "//envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/filters/common/expr:evaluator_lib", "@envoy_api//envoy/extensions/rate_limit_descriptors/expr/v3:pkg_cc_proto", diff --git a/source/extensions/rate_limit_descriptors/expr/config.cc b/source/extensions/rate_limit_descriptors/expr/config.cc index 57aeda76b92e..e780574ec813 100644 --- a/source/extensions/rate_limit_descriptors/expr/config.cc +++ b/source/extensions/rate_limit_descriptors/expr/config.cc @@ -1,9 +1,9 @@ -#include "extensions/rate_limit_descriptors/expr/config.h" +#include "source/extensions/rate_limit_descriptors/expr/config.h" #include "envoy/extensions/rate_limit_descriptors/expr/v3/expr.pb.h" #include "envoy/extensions/rate_limit_descriptors/expr/v3/expr.pb.validate.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #if defined(USE_CEL_PARSER) #include "parser/parser.h" diff --git a/source/extensions/rate_limit_descriptors/expr/config.h b/source/extensions/rate_limit_descriptors/expr/config.h index 6d3967bb8285..da50da1ab14b 100644 --- a/source/extensions/rate_limit_descriptors/expr/config.h +++ b/source/extensions/rate_limit_descriptors/expr/config.h @@ -3,7 +3,7 @@ #include "envoy/ratelimit/ratelimit.h" #include "envoy/registry/registry.h" -#include "extensions/filters/common/expr/evaluator.h" +#include "source/extensions/filters/common/expr/evaluator.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/request_id/uuid/BUILD b/source/extensions/request_id/uuid/BUILD index 2c09ede8b559..b358c1e32fc2 100644 --- a/source/extensions/request_id/uuid/BUILD +++ b/source/extensions/request_id/uuid/BUILD @@ -16,12 +16,10 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.request_id", - security_posture = "robust_to_untrusted_downstream_and_upstream", visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/server:request_id_extension_config_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/server:request_id_extension_config_interface", "//source/common/common:random_generator_lib", "@envoy_api//envoy/extensions/request_id/uuid/v3:pkg_cc_proto", ], diff --git a/source/extensions/request_id/uuid/config.cc b/source/extensions/request_id/uuid/config.cc index dbddb4c8422b..9423d8a27564 100644 --- a/source/extensions/request_id/uuid/config.cc +++ b/source/extensions/request_id/uuid/config.cc @@ -1,10 +1,10 @@ -#include "extensions/request_id/uuid/config.h" +#include "source/extensions/request_id/uuid/config.h" #include "envoy/http/header_map.h" #include "envoy/tracing/http_tracer.h" -#include "common/common/random_generator.h" -#include "common/common/utility.h" +#include "source/common/common/random_generator.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/resource_monitors/BUILD b/source/extensions/resource_monitors/BUILD index 40a5e79b39d3..90e061ad8da3 100644 --- a/source/extensions/resource_monitors/BUILD +++ b/source/extensions/resource_monitors/BUILD @@ -1,19 +1,8 @@ load( "//bazel:envoy_build_system.bzl", - "envoy_cc_library", "envoy_extension_package", ) licenses(["notice"]) # Apache 2 envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/resource_monitors/common/BUILD b/source/extensions/resource_monitors/common/BUILD index a17f10b5c378..0f8e19c757df 100644 --- a/source/extensions/resource_monitors/common/BUILD +++ b/source/extensions/resource_monitors/common/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( # This resource monitoring library is considered core code. visibility = ["//visibility:public"], deps = [ - "//include/envoy/server:resource_monitor_config_interface", + "//envoy/server:resource_monitor_config_interface", "//source/common/protobuf:utility_lib", ], ) diff --git a/source/extensions/resource_monitors/common/factory_base.h b/source/extensions/resource_monitors/common/factory_base.h index 403200a47432..13bd2e86aa15 100644 --- a/source/extensions/resource_monitors/common/factory_base.h +++ b/source/extensions/resource_monitors/common/factory_base.h @@ -2,7 +2,7 @@ #include "envoy/server/resource_monitor_config.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/resource_monitors/fixed_heap/BUILD b/source/extensions/resource_monitors/fixed_heap/BUILD index 1e856a6b06d7..108be4816bbe 100644 --- a/source/extensions/resource_monitors/fixed_heap/BUILD +++ b/source/extensions/resource_monitors/fixed_heap/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["fixed_heap_monitor.cc"], hdrs = ["fixed_heap_monitor.h"], deps = [ - "//include/envoy/server:resource_monitor_config_interface", + "//envoy/server:resource_monitor_config_interface", "//source/common/common:assert_lib", "//source/common/memory:stats_lib", "@envoy_api//envoy/extensions/resource_monitors/fixed_heap/v3:pkg_cc_proto", @@ -25,14 +25,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.resource_monitors", - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ ":fixed_heap_monitor", - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:assert_lib", - "//source/extensions/resource_monitors:well_known_names", "//source/extensions/resource_monitors/common:factory_base_lib", "@envoy_api//envoy/extensions/resource_monitors/fixed_heap/v3:pkg_cc_proto", ], diff --git a/source/extensions/resource_monitors/fixed_heap/config.cc b/source/extensions/resource_monitors/fixed_heap/config.cc index df498656e218..c622892e5d93 100644 --- a/source/extensions/resource_monitors/fixed_heap/config.cc +++ b/source/extensions/resource_monitors/fixed_heap/config.cc @@ -1,12 +1,11 @@ -#include "extensions/resource_monitors/fixed_heap/config.h" +#include "source/extensions/resource_monitors/fixed_heap/config.h" #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.h" #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/resource_monitors/fixed_heap/config.h b/source/extensions/resource_monitors/fixed_heap/config.h index 4c822719abea..06eb587a50ea 100644 --- a/source/extensions/resource_monitors/fixed_heap/config.h +++ b/source/extensions/resource_monitors/fixed_heap/config.h @@ -4,8 +4,7 @@ #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.validate.h" #include "envoy/server/resource_monitor_config.h" -#include "extensions/resource_monitors/common/factory_base.h" -#include "extensions/resource_monitors/well_known_names.h" +#include "source/extensions/resource_monitors/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ class FixedHeapMonitorFactory : public Common::FactoryBase< envoy::extensions::resource_monitors::fixed_heap::v3::FixedHeapConfig> { public: - FixedHeapMonitorFactory() : FactoryBase(ResourceMonitorNames::get().FixedHeap) {} + FixedHeapMonitorFactory() : FactoryBase("envoy.resource_monitors.fixed_heap") {} private: Server::ResourceMonitorPtr createResourceMonitorFromProtoTyped( diff --git a/source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.cc b/source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.cc index b97227e35bea..106c44620b68 100644 --- a/source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.cc +++ b/source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.cc @@ -1,9 +1,9 @@ -#include "extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" +#include "source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.h" -#include "common/common/assert.h" -#include "common/memory/stats.h" +#include "source/common/common/assert.h" +#include "source/common/memory/stats.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/resource_monitors/injected_resource/BUILD b/source/extensions/resource_monitors/injected_resource/BUILD index a84b00fbd76b..5f6361259941 100644 --- a/source/extensions/resource_monitors/injected_resource/BUILD +++ b/source/extensions/resource_monitors/injected_resource/BUILD @@ -14,9 +14,9 @@ envoy_cc_library( srcs = ["injected_resource_monitor.cc"], hdrs = ["injected_resource_monitor.h"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/server:resource_monitor_config_interface", + "//envoy/api:api_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/server:resource_monitor_config_interface", "//source/common/common:assert_lib", "@envoy_api//envoy/extensions/resource_monitors/injected_resource/v3:pkg_cc_proto", ], @@ -26,19 +26,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.resource_monitors", - # TODO(#9953) clean up. - extra_visibility = [ - "//test/integration:__subpackages__", - "//test/common/quic/integration:__subpackages__", - ], - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ ":injected_resource_monitor", - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:assert_lib", - "//source/extensions/resource_monitors:well_known_names", "//source/extensions/resource_monitors/common:factory_base_lib", "@envoy_api//envoy/extensions/resource_monitors/injected_resource/v3:pkg_cc_proto", ], diff --git a/source/extensions/resource_monitors/injected_resource/config.cc b/source/extensions/resource_monitors/injected_resource/config.cc index 2db6abd8b8a9..df579888074c 100644 --- a/source/extensions/resource_monitors/injected_resource/config.cc +++ b/source/extensions/resource_monitors/injected_resource/config.cc @@ -1,12 +1,11 @@ -#include "extensions/resource_monitors/injected_resource/config.h" +#include "source/extensions/resource_monitors/injected_resource/config.h" #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.h" #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/resource_monitors/injected_resource/injected_resource_monitor.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/resource_monitors/injected_resource/injected_resource_monitor.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/resource_monitors/injected_resource/config.h b/source/extensions/resource_monitors/injected_resource/config.h index cbbd5abd49a7..a9336b988d9f 100644 --- a/source/extensions/resource_monitors/injected_resource/config.h +++ b/source/extensions/resource_monitors/injected_resource/config.h @@ -4,8 +4,7 @@ #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.validate.h" #include "envoy/server/resource_monitor_config.h" -#include "extensions/resource_monitors/common/factory_base.h" -#include "extensions/resource_monitors/well_known_names.h" +#include "source/extensions/resource_monitors/common/factory_base.h" namespace Envoy { namespace Extensions { @@ -16,7 +15,7 @@ class InjectedResourceMonitorFactory : public Common::FactoryBase< envoy::extensions::resource_monitors::injected_resource::v3::InjectedResourceConfig> { public: - InjectedResourceMonitorFactory() : FactoryBase(ResourceMonitorNames::get().InjectedResource) {} + InjectedResourceMonitorFactory() : FactoryBase("envoy.resource_monitors.injected_resource") {} private: Server::ResourceMonitorPtr createResourceMonitorFromProtoTyped( diff --git a/source/extensions/resource_monitors/injected_resource/injected_resource_monitor.cc b/source/extensions/resource_monitors/injected_resource/injected_resource_monitor.cc index 46277bff6552..6aa0aeb76858 100644 --- a/source/extensions/resource_monitors/injected_resource/injected_resource_monitor.cc +++ b/source/extensions/resource_monitors/injected_resource/injected_resource_monitor.cc @@ -1,8 +1,8 @@ -#include "extensions/resource_monitors/injected_resource/injected_resource_monitor.h" +#include "source/extensions/resource_monitors/injected_resource/injected_resource_monitor.h" #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/numbers.h" diff --git a/source/extensions/resource_monitors/well_known_names.h b/source/extensions/resource_monitors/well_known_names.h deleted file mode 100644 index 7828997ed782..000000000000 --- a/source/extensions/resource_monitors/well_known_names.h +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace ResourceMonitors { - -/** - * Well-known resource monitor names. - * NOTE: New resource monitors should use the well known name: envoy.resource_monitors.name. - */ -class ResourceMonitorNameValues { -public: - // Heap monitor with statically configured max. - const std::string FixedHeap = "envoy.resource_monitors.fixed_heap"; - - // File-based injected resource monitor. - const std::string InjectedResource = "envoy.resource_monitors.injected_resource"; -}; - -using ResourceMonitorNames = ConstSingleton; - -} // namespace ResourceMonitors -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/retry/host/omit_canary_hosts/BUILD b/source/extensions/retry/host/omit_canary_hosts/BUILD index 734c5df84736..6cf826b484f4 100644 --- a/source/extensions/retry/host/omit_canary_hosts/BUILD +++ b/source/extensions/retry/host/omit_canary_hosts/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( name = "omit_canary_hosts_predicate_lib", hdrs = ["omit_canary_hosts.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", ], ) @@ -21,12 +21,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.retry_host_predicates", - security_posture = "robust_to_untrusted_downstream", deps = [ ":omit_canary_hosts_predicate_lib", - "//include/envoy/registry", - "//include/envoy/upstream:retry_interface", + "//envoy/registry", + "//envoy/upstream:retry_interface", "@envoy_api//envoy/extensions/retry/host/omit_canary_hosts/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/retry/host/omit_canary_hosts/config.cc b/source/extensions/retry/host/omit_canary_hosts/config.cc index 495790ecc731..24a965d65bb6 100644 --- a/source/extensions/retry/host/omit_canary_hosts/config.cc +++ b/source/extensions/retry/host/omit_canary_hosts/config.cc @@ -1,4 +1,4 @@ -#include "extensions/retry/host/omit_canary_hosts/config.h" +#include "source/extensions/retry/host/omit_canary_hosts/config.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" diff --git a/source/extensions/retry/host/omit_canary_hosts/config.h b/source/extensions/retry/host/omit_canary_hosts/config.h index 3f493a9bee7c..8a5bea9a6a3b 100644 --- a/source/extensions/retry/host/omit_canary_hosts/config.h +++ b/source/extensions/retry/host/omit_canary_hosts/config.h @@ -3,7 +3,7 @@ #include "envoy/extensions/retry/host/omit_canary_hosts/v3/omit_canary_hosts.pb.validate.h" #include "envoy/upstream/retry.h" -#include "extensions/retry/host/omit_canary_hosts/omit_canary_hosts.h" +#include "source/extensions/retry/host/omit_canary_hosts/omit_canary_hosts.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/host/omit_host_metadata/BUILD b/source/extensions/retry/host/omit_host_metadata/BUILD index 51813ad4a4b8..a40fe7d642ae 100644 --- a/source/extensions/retry/host/omit_host_metadata/BUILD +++ b/source/extensions/retry/host/omit_host_metadata/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["omit_host_metadata.cc"], hdrs = ["omit_host_metadata.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", "//source/common/config:well_known_names", ], ) @@ -23,12 +23,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.retry_host_predicates", - security_posture = "robust_to_untrusted_downstream", deps = [ ":omit_host_metadata_predicate_lib", - "//include/envoy/registry", - "//include/envoy/upstream:retry_interface", + "//envoy/registry", + "//envoy/upstream:retry_interface", "//source/common/protobuf", "@envoy_api//envoy/extensions/retry/host/omit_host_metadata/v3:pkg_cc_proto", ], diff --git a/source/extensions/retry/host/omit_host_metadata/config.cc b/source/extensions/retry/host/omit_host_metadata/config.cc index 035fe69173a1..689c4628ad07 100644 --- a/source/extensions/retry/host/omit_host_metadata/config.cc +++ b/source/extensions/retry/host/omit_host_metadata/config.cc @@ -1,10 +1,10 @@ -#include "extensions/retry/host/omit_host_metadata/config.h" +#include "source/extensions/retry/host/omit_host_metadata/config.h" #include "envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.pb.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" -#include "common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/message_validator_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/host/omit_host_metadata/config.h b/source/extensions/retry/host/omit_host_metadata/config.h index 85cb0734692d..c7242498e2b5 100644 --- a/source/extensions/retry/host/omit_host_metadata/config.h +++ b/source/extensions/retry/host/omit_host_metadata/config.h @@ -4,7 +4,7 @@ #include "envoy/extensions/retry/host/omit_host_metadata/v3/omit_host_metadata_config.pb.validate.h" #include "envoy/upstream/retry.h" -#include "extensions/retry/host/omit_host_metadata/omit_host_metadata.h" +#include "source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.cc b/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.cc index 91559571ef2e..6c6e8b6481fb 100644 --- a/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.cc +++ b/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.cc @@ -1,6 +1,6 @@ -#include "extensions/retry/host/omit_host_metadata/omit_host_metadata.h" +#include "source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h" -#include "common/config/metadata.h" +#include "source/common/config/metadata.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h b/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h index e0e1477cd162..19ec5c659ebe 100644 --- a/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h +++ b/source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h @@ -3,7 +3,7 @@ #include "envoy/upstream/retry.h" #include "envoy/upstream/upstream.h" -#include "common/config/well_known_names.h" +#include "source/common/config/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/host/previous_hosts/BUILD b/source/extensions/retry/host/previous_hosts/BUILD index 81842e7a6788..700069ecd9f8 100644 --- a/source/extensions/retry/host/previous_hosts/BUILD +++ b/source/extensions/retry/host/previous_hosts/BUILD @@ -13,7 +13,7 @@ envoy_cc_library( name = "previous_hosts_predicate_lib", hdrs = ["previous_hosts.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", ], ) @@ -21,12 +21,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.retry_host_predicates", - security_posture = "robust_to_untrusted_downstream", deps = [ ":previous_hosts_predicate_lib", - "//include/envoy/registry", - "//include/envoy/upstream:retry_interface", + "//envoy/registry", + "//envoy/upstream:retry_interface", "@envoy_api//envoy/extensions/retry/host/previous_hosts/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/retry/host/previous_hosts/config.cc b/source/extensions/retry/host/previous_hosts/config.cc index af216ca4baad..876f70a02cf0 100644 --- a/source/extensions/retry/host/previous_hosts/config.cc +++ b/source/extensions/retry/host/previous_hosts/config.cc @@ -1,4 +1,4 @@ -#include "extensions/retry/host/previous_hosts/config.h" +#include "source/extensions/retry/host/previous_hosts/config.h" #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" diff --git a/source/extensions/retry/host/previous_hosts/config.h b/source/extensions/retry/host/previous_hosts/config.h index 1622242b1102..b57dc5732847 100644 --- a/source/extensions/retry/host/previous_hosts/config.h +++ b/source/extensions/retry/host/previous_hosts/config.h @@ -3,7 +3,7 @@ #include "envoy/extensions/retry/host/previous_hosts/v3/previous_hosts.pb.validate.h" #include "envoy/upstream/retry.h" -#include "extensions/retry/host/previous_hosts/previous_hosts.h" +#include "source/extensions/retry/host/previous_hosts/previous_hosts.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/priority/BUILD b/source/extensions/retry/priority/BUILD deleted file mode 100644 index 22d835b40706..000000000000 --- a/source/extensions/retry/priority/BUILD +++ /dev/null @@ -1,17 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/retry/priority/previous_priorities/BUILD b/source/extensions/retry/priority/previous_priorities/BUILD index ae736299dc7f..0df95fe8f405 100644 --- a/source/extensions/retry/priority/previous_priorities/BUILD +++ b/source/extensions/retry/priority/previous_priorities/BUILD @@ -14,7 +14,7 @@ envoy_cc_library( srcs = ["previous_priorities.cc"], hdrs = ["previous_priorities.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", "//source/common/upstream:load_balancer_lib", ], ) @@ -23,14 +23,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.retry_priorities", - security_posture = "robust_to_untrusted_downstream", deps = [ ":previous_priorities_lib", - "//include/envoy/registry", - "//include/envoy/upstream:retry_interface", + "//envoy/registry", + "//envoy/upstream:retry_interface", "//source/common/protobuf", - "//source/extensions/retry/priority:well_known_names", "@envoy_api//envoy/extensions/retry/priority/previous_priorities/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/retry/priority/previous_priorities/config.cc b/source/extensions/retry/priority/previous_priorities/config.cc index 39756f51ff86..7d8e16eb2b07 100644 --- a/source/extensions/retry/priority/previous_priorities/config.cc +++ b/source/extensions/retry/priority/previous_priorities/config.cc @@ -1,4 +1,4 @@ -#include "extensions/retry/priority/previous_priorities/config.h" +#include "source/extensions/retry/priority/previous_priorities/config.h" #include "envoy/extensions/retry/priority/previous_priorities/v3/previous_priorities_config.pb.h" #include "envoy/extensions/retry/priority/previous_priorities/v3/previous_priorities_config.pb.validate.h" diff --git a/source/extensions/retry/priority/previous_priorities/config.h b/source/extensions/retry/priority/previous_priorities/config.h index 3976a94f3297..b2c47e4f864d 100644 --- a/source/extensions/retry/priority/previous_priorities/config.h +++ b/source/extensions/retry/priority/previous_priorities/config.h @@ -3,10 +3,8 @@ #include "envoy/extensions/retry/priority/previous_priorities/v3/previous_priorities_config.pb.h" #include "envoy/upstream/retry.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/retry/priority/previous_priorities/previous_priorities.h" -#include "extensions/retry/priority/well_known_names.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/retry/priority/previous_priorities/previous_priorities.h" namespace Envoy { namespace Extensions { @@ -20,9 +18,7 @@ class PreviousPrioritiesRetryPriorityFactory : public Upstream::RetryPriorityFac ProtobufMessage::ValidationVisitor& validation_visitor, uint32_t max_retries) override; - std::string name() const override { - return RetryPriorityValues::get().PreviousPrioritiesRetryPriority; - } + std::string name() const override { return "envoy.retry_priorities.previous_priorities"; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { return ProtobufTypes::MessagePtr(new envoy::extensions::retry::priority::previous_priorities:: diff --git a/source/extensions/retry/priority/previous_priorities/previous_priorities.cc b/source/extensions/retry/priority/previous_priorities/previous_priorities.cc index e01028e7fc3b..5599cb66d715 100644 --- a/source/extensions/retry/priority/previous_priorities/previous_priorities.cc +++ b/source/extensions/retry/priority/previous_priorities/previous_priorities.cc @@ -1,4 +1,4 @@ -#include "extensions/retry/priority/previous_priorities/previous_priorities.h" +#include "source/extensions/retry/priority/previous_priorities/previous_priorities.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/priority/previous_priorities/previous_priorities.h b/source/extensions/retry/priority/previous_priorities/previous_priorities.h index f626f664a04c..5cceb5f8fbae 100644 --- a/source/extensions/retry/priority/previous_priorities/previous_priorities.h +++ b/source/extensions/retry/priority/previous_priorities/previous_priorities.h @@ -2,7 +2,7 @@ #include "envoy/upstream/retry.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/upstream/load_balancer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/retry/priority/well_known_names.h b/source/extensions/retry/priority/well_known_names.h deleted file mode 100644 index 5e20524e8df6..000000000000 --- a/source/extensions/retry/priority/well_known_names.h +++ /dev/null @@ -1,26 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace Retry { -namespace Priority { - -/** - * Well-known retry priority load names. - */ -class RetryPriorityNameValues { -public: - // Previous priority retry priority. Excludes previously attempted priorities during retries. - const std::string PreviousPrioritiesRetryPriority = "envoy.retry_priorities.previous_priorities"; -}; - -using RetryPriorityValues = ConstSingleton; - -} // namespace Priority -} // namespace Retry -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/stat_sinks/common/statsd/BUILD b/source/extensions/stat_sinks/common/statsd/BUILD index 5e3d6a771d21..2d74e42869e9 100644 --- a/source/extensions/stat_sinks/common/statsd/BUILD +++ b/source/extensions/stat_sinks/common/statsd/BUILD @@ -10,15 +10,21 @@ envoy_extension_package() envoy_cc_library( name = "statsd_lib", - srcs = ["statsd.cc"], - hdrs = ["statsd.h"], + srcs = [ + "statsd.cc", + "tag_formats.cc", + ], + hdrs = [ + "statsd.h", + "tag_formats.h", + ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:connection_interface", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", diff --git a/source/extensions/stat_sinks/common/statsd/statsd.cc b/source/extensions/stat_sinks/common/statsd/statsd.cc index ae37b96f0548..fab256cc7c21 100644 --- a/source/extensions/stat_sinks/common/statsd/statsd.cc +++ b/source/extensions/stat_sinks/common/statsd/statsd.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" #include #include @@ -11,15 +11,15 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/cluster_manager.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/network/socket_interface.h" -#include "common/network/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/utility.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/strings/str_join.h" @@ -46,10 +46,11 @@ void UdpStatsdSink::WriterImpl::writeBuffer(Buffer::Instance& data) { UdpStatsdSink::UdpStatsdSink(ThreadLocal::SlotAllocator& tls, Network::Address::InstanceConstSharedPtr address, const bool use_tag, - const std::string& prefix, absl::optional buffer_size) + const std::string& prefix, absl::optional buffer_size, + const Statsd::TagFormat& tag_format) : tls_(tls.allocateSlot()), server_address_(std::move(address)), use_tag_(use_tag), prefix_(prefix.empty() ? Statsd::getDefaultPrefix() : prefix), - buffer_size_(buffer_size.value_or(0)) { + buffer_size_(buffer_size.value_or(0)), tag_format_(tag_format) { tls_->set([this](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return std::make_shared(*this); }); @@ -61,18 +62,14 @@ void UdpStatsdSink::flush(Stats::MetricSnapshot& snapshot) { for (const auto& counter : snapshot.counters()) { if (counter.counter_.get().used()) { - const std::string counter_str = - absl::StrCat(prefix_, ".", getName(counter.counter_.get()), ":", counter.delta_, "|c", - buildTagStr(counter.counter_.get().tags())); + const std::string counter_str = buildMessage(counter.counter_.get(), counter.delta_, "|c"); writeBuffer(buffer, writer, counter_str); } } for (const auto& gauge : snapshot.gauges()) { if (gauge.get().used()) { - const std::string gauge_str = - absl::StrCat(prefix_, ".", getName(gauge.get()), ":", gauge.get().value(), "|g", - buildTagStr(gauge.get().tags())); + const std::string gauge_str = buildMessage(gauge.get(), gauge.get().value(), "|g"); writeBuffer(buffer, writer, gauge_str); } } @@ -115,12 +112,39 @@ void UdpStatsdSink::onHistogramComplete(const Stats::Histogram& histogram, uint6 // are timers but record in units other than milliseconds, it may make sense to scale the value to // milliseconds here and potentially suffix the names accordingly (minus the pre-existing ones for // backwards compatibility). - const std::string message(absl::StrCat(prefix_, ".", getName(histogram), ":", - std::chrono::milliseconds(value).count(), "|ms", - buildTagStr(histogram.tags()))); + const std::string message = + buildMessage(histogram, std::chrono::milliseconds(value).count(), "|ms"); tls_->getTyped().write(message); } +const std::string UdpStatsdSink::buildMessage(const Stats::Metric& metric, uint64_t value, + const std::string& type) const { + switch (tag_format_.tag_position) { + case Statsd::TagPosition::TagAfterValue: { + const std::string message = absl::StrCat( + // metric name + prefix_, ".", getName(metric), + // value and type + ":", value, type, + // tags + buildTagStr(metric.tags())); + return message; + } + + case Statsd::TagPosition::TagAfterName: { + const std::string message = absl::StrCat( + // metric name + prefix_, ".", getName(metric), + // tags + buildTagStr(metric.tags()), + // value and type + ":", value, type); + return message; + } + } + NOT_REACHED_GCOVR_EXCL_LINE; +} + const std::string UdpStatsdSink::getName(const Stats::Metric& metric) const { if (use_tag_) { return metric.tagExtractedName(); @@ -137,9 +161,9 @@ const std::string UdpStatsdSink::buildTagStr(const std::vector& tags std::vector tag_strings; tag_strings.reserve(tags.size()); for (const Stats::Tag& tag : tags) { - tag_strings.emplace_back(tag.name_ + ":" + tag.value_); + tag_strings.emplace_back(tag.name_ + tag_format_.assign + tag.value_); } - return "|#" + absl::StrJoin(tag_strings, ","); + return tag_format_.start + absl::StrJoin(tag_strings, tag_format_.separator); } TcpStatsdSink::TcpStatsdSink(const LocalInfo::LocalInfo& local_info, @@ -220,6 +244,7 @@ void TcpStatsdSink::TlsSink::commonFlush(const std::string& name, uint64_t value current_slice_mem_ += StringUtil::itoa(current_slice_mem_, 30, value); *current_slice_mem_++ = '|'; *current_slice_mem_++ = stat_type; + *current_slice_mem_++ = '\n'; ASSERT(static_cast(current_slice_mem_ - snapped_current) < max_size); diff --git a/source/extensions/stat_sinks/common/statsd/statsd.h b/source/extensions/stat_sinks/common/statsd/statsd.h index 6abc53bc0661..9237b0368811 100644 --- a/source/extensions/stat_sinks/common/statsd/statsd.h +++ b/source/extensions/stat_sinks/common/statsd/statsd.h @@ -12,9 +12,10 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/macros.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/macros.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/extensions/stat_sinks/common/statsd/tag_formats.h" #include "absl/types/optional.h" @@ -42,14 +43,16 @@ class UdpStatsdSink : public Stats::Sink { UdpStatsdSink(ThreadLocal::SlotAllocator& tls, Network::Address::InstanceConstSharedPtr address, const bool use_tag, const std::string& prefix = getDefaultPrefix(), - absl::optional buffer_size = absl::nullopt); + absl::optional buffer_size = absl::nullopt, + const Statsd::TagFormat& tag_format = Statsd::getDefaultTagFormat()); // For testing. UdpStatsdSink(ThreadLocal::SlotAllocator& tls, const std::shared_ptr& writer, const bool use_tag, const std::string& prefix = getDefaultPrefix(), - absl::optional buffer_size = absl::nullopt) + absl::optional buffer_size = absl::nullopt, + const Statsd::TagFormat& tag_format = Statsd::getDefaultTagFormat()) : tls_(tls.allocateSlot()), use_tag_(use_tag), prefix_(prefix.empty() ? getDefaultPrefix() : prefix), - buffer_size_(buffer_size.value_or(0)) { + buffer_size_(buffer_size.value_or(0)), tag_format_(tag_format) { tls_->set( [writer](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return writer; }); } @@ -82,6 +85,8 @@ class UdpStatsdSink : public Stats::Sink { void flushBuffer(Buffer::OwnedImpl& buffer, Writer& writer) const; void writeBuffer(Buffer::OwnedImpl& buffer, Writer& writer, const std::string& data) const; + const std::string buildMessage(const Stats::Metric& metric, uint64_t value, + const std::string& type) const; const std::string getName(const Stats::Metric& metric) const; const std::string buildTagStr(const std::vector& tags) const; @@ -91,6 +96,7 @@ class UdpStatsdSink : public Stats::Sink { // Prefix for all flushed stats. const std::string prefix_; const uint64_t buffer_size_; + const Statsd::TagFormat tag_format_; }; /** diff --git a/source/extensions/stat_sinks/common/statsd/tag_formats.cc b/source/extensions/stat_sinks/common/statsd/tag_formats.cc new file mode 100644 index 000000000000..e74721860bc3 --- /dev/null +++ b/source/extensions/stat_sinks/common/statsd/tag_formats.cc @@ -0,0 +1,33 @@ +#include "source/extensions/stat_sinks/common/statsd/tag_formats.h" + +#include "source/common/common/macros.h" + +namespace Envoy { +namespace Extensions { +namespace StatSinks { +namespace Common { +namespace Statsd { + +const TagFormat& getDefaultTagFormat() { + CONSTRUCT_ON_FIRST_USE(TagFormat, TagFormat{ + "|#", // start + ":", // assign + ",", // separator + TagPosition::TagAfterValue, // tag_position + }); +} + +const TagFormat& getGraphiteTagFormat() { + CONSTRUCT_ON_FIRST_USE(TagFormat, TagFormat{ + ";", // start + "=", // assign + ";", // separator + TagPosition::TagAfterName, // tag_position + }); +} + +} // namespace Statsd +} // namespace Common +} // namespace StatSinks +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/stat_sinks/common/statsd/tag_formats.h b/source/extensions/stat_sinks/common/statsd/tag_formats.h new file mode 100644 index 000000000000..dce0e4123daf --- /dev/null +++ b/source/extensions/stat_sinks/common/statsd/tag_formats.h @@ -0,0 +1,27 @@ +#pragma once + +#include + +namespace Envoy { +namespace Extensions { +namespace StatSinks { +namespace Common { +namespace Statsd { + +enum class TagPosition { TagAfterValue, TagAfterName }; + +struct TagFormat { + const std::string start; + const std::string assign; + const std::string separator; + const TagPosition tag_position; +}; + +const TagFormat& getDefaultTagFormat(); +const TagFormat& getGraphiteTagFormat(); + +} // namespace Statsd +} // namespace Common +} // namespace StatSinks +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/stat_sinks/dog_statsd/BUILD b/source/extensions/stat_sinks/dog_statsd/BUILD index a9a269862dd3..ce75b191dedd 100644 --- a/source/extensions/stat_sinks/dog_statsd/BUILD +++ b/source/extensions/stat_sinks/dog_statsd/BUILD @@ -15,10 +15,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.stats_sinks", - security_posture = "data_plane_agnostic", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", diff --git a/source/extensions/stat_sinks/dog_statsd/config.cc b/source/extensions/stat_sinks/dog_statsd/config.cc index 985eb3e255b0..e31ac22f68e1 100644 --- a/source/extensions/stat_sinks/dog_statsd/config.cc +++ b/source/extensions/stat_sinks/dog_statsd/config.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/dog_statsd/config.h" +#include "source/extensions/stat_sinks/dog_statsd/config.h" #include @@ -6,10 +6,9 @@ #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/network/resolver_impl.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/network/resolver_impl.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/well_known_names.h" #include "absl/types/optional.h" diff --git a/source/extensions/stat_sinks/dog_statsd/config.h b/source/extensions/stat_sinks/dog_statsd/config.h index 037dd4476eff..69806524bbe6 100644 --- a/source/extensions/stat_sinks/dog_statsd/config.h +++ b/source/extensions/stat_sinks/dog_statsd/config.h @@ -2,7 +2,7 @@ #include "envoy/server/instance.h" -#include "server/configuration_impl.h" +#include "source/server/configuration_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/graphite_statsd/BUILD b/source/extensions/stat_sinks/graphite_statsd/BUILD new file mode 100644 index 000000000000..d8e7ed52cfa8 --- /dev/null +++ b/source/extensions/stat_sinks/graphite_statsd/BUILD @@ -0,0 +1,25 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_extension_package", +) + +licenses(["notice"]) # Apache 2 + +# Stats sink for the Graphite protocol. + +envoy_extension_package() + +envoy_cc_extension( + name = "config", + srcs = ["config.cc"], + hdrs = ["config.h"], + deps = [ + "//envoy/registry", + "//source/common/network:address_lib", + "//source/common/network:resolver_lib", + "//source/extensions/stat_sinks/common/statsd:statsd_lib", + "//source/server:configuration_lib", + "@envoy_api//envoy/extensions/stat_sinks/graphite_statsd/v3:pkg_cc_proto", + ], +) diff --git a/source/extensions/stat_sinks/graphite_statsd/config.cc b/source/extensions/stat_sinks/graphite_statsd/config.cc new file mode 100644 index 000000000000..089085671d6a --- /dev/null +++ b/source/extensions/stat_sinks/graphite_statsd/config.cc @@ -0,0 +1,60 @@ +#include "source/extensions/stat_sinks/graphite_statsd/config.h" + +#include + +#include "envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.pb.h" +#include "envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.pb.validate.h" +#include "envoy/registry/registry.h" + +#include "source/common/network/resolver_impl.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/common/statsd/tag_formats.h" + +namespace Envoy { +namespace Extensions { +namespace StatSinks { +namespace GraphiteStatsd { + +Stats::SinkPtr +GraphiteStatsdSinkFactory::createStatsSink(const Protobuf::Message& config, + Server::Configuration::ServerFactoryContext& server) { + + const auto& statsd_sink = MessageUtil::downcastAndValidate< + const envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink&>( + config, server.messageValidationContext().staticValidationVisitor()); + switch (statsd_sink.statsd_specifier_case()) { + case envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink::StatsdSpecifierCase:: + kAddress: { + Network::Address::InstanceConstSharedPtr address = + Network::Address::resolveProtoAddress(statsd_sink.address()); + ENVOY_LOG(debug, "statsd UDP ip address: {}", address->asString()); + absl::optional max_bytes; + if (statsd_sink.has_max_bytes_per_datagram()) { + max_bytes = statsd_sink.max_bytes_per_datagram().value(); + } + return std::make_unique(server.threadLocal(), std::move(address), + true, statsd_sink.prefix(), max_bytes, + Common::Statsd::getGraphiteTagFormat()); + } + default: + // Verified by schema. + NOT_REACHED_GCOVR_EXCL_LINE; + } +} + +ProtobufTypes::MessagePtr GraphiteStatsdSinkFactory::createEmptyConfigProto() { + return std::make_unique(); +} + +std::string GraphiteStatsdSinkFactory::name() const { return "envoy.stat_sinks.graphite_statsd"; } + +/** + * Static registration for the statsd sink factory. @see RegisterFactory. + */ +REGISTER_FACTORY(GraphiteStatsdSinkFactory, + Server::Configuration::StatsSinkFactory){"envoy.graphite_statsd"}; + +} // namespace GraphiteStatsd +} // namespace StatSinks +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/stat_sinks/graphite_statsd/config.h b/source/extensions/stat_sinks/graphite_statsd/config.h new file mode 100644 index 000000000000..77a83ca1e1e3 --- /dev/null +++ b/source/extensions/stat_sinks/graphite_statsd/config.h @@ -0,0 +1,32 @@ +#pragma once + +#include "envoy/server/instance.h" + +#include "source/server/configuration_impl.h" + +namespace Envoy { +namespace Extensions { +namespace StatSinks { +namespace GraphiteStatsd { + +/** + * Config registration for the tcp statsd sink. @see StatsSinkFactory. + */ +class GraphiteStatsdSinkFactory : Logger::Loggable, + public Server::Configuration::StatsSinkFactory { +public: + // GraphiteStatsSinkFactory + Stats::SinkPtr createStatsSink(const Protobuf::Message& config, + Server::Configuration::ServerFactoryContext& server) override; + + ProtobufTypes::MessagePtr createEmptyConfigProto() override; + + std::string name() const override; +}; + +DECLARE_FACTORY(GraphiteStatsdSinkFactory); + +} // namespace GraphiteStatsd +} // namespace StatSinks +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/stat_sinks/hystrix/BUILD b/source/extensions/stat_sinks/hystrix/BUILD index 1566d97c6de1..3908e49d3272 100644 --- a/source/extensions/stat_sinks/hystrix/BUILD +++ b/source/extensions/stat_sinks/hystrix/BUILD @@ -15,11 +15,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.stats_sinks", - security_posture = "data_plane_agnostic", deps = [ ":hystrix_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", @@ -33,9 +31,9 @@ envoy_cc_library( srcs = ["hystrix.cc"], hdrs = ["hystrix.h"], deps = [ - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/stats:stats_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", + "//envoy/stats:stats_interface", "//source/common/buffer:buffer_lib", "//source/common/common:logger_lib", "//source/common/config:well_known_names", diff --git a/source/extensions/stat_sinks/hystrix/config.cc b/source/extensions/stat_sinks/hystrix/config.cc index 4997231b8be8..b9ae021fb9af 100644 --- a/source/extensions/stat_sinks/hystrix/config.cc +++ b/source/extensions/stat_sinks/hystrix/config.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/hystrix/config.h" +#include "source/extensions/stat_sinks/hystrix/config.h" #include @@ -6,10 +6,9 @@ #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/network/resolver_impl.h" - -#include "extensions/stat_sinks/hystrix/hystrix.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/network/resolver_impl.h" +#include "source/extensions/stat_sinks/hystrix/hystrix.h" +#include "source/extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/hystrix/config.h b/source/extensions/stat_sinks/hystrix/config.h index cff7ede28a17..1bf144323381 100644 --- a/source/extensions/stat_sinks/hystrix/config.h +++ b/source/extensions/stat_sinks/hystrix/config.h @@ -4,7 +4,7 @@ #include "envoy/server/instance.h" -#include "server/configuration_impl.h" +#include "source/server/configuration_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/hystrix/hystrix.cc b/source/extensions/stat_sinks/hystrix/hystrix.cc index dae271c85d0e..57a22f7e63a7 100644 --- a/source/extensions/stat_sinks/hystrix/hystrix.cc +++ b/source/extensions/stat_sinks/hystrix/hystrix.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/hystrix/hystrix.h" +#include "source/extensions/stat_sinks/hystrix/hystrix.h" #include #include @@ -7,11 +7,11 @@ #include "envoy/stats/scope.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/config/well_known_names.h" -#include "common/http/headers.h" -#include "common/stats/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/headers.h" +#include "source/common/stats/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" diff --git a/source/extensions/stat_sinks/hystrix/hystrix.h b/source/extensions/stat_sinks/hystrix/hystrix.h index 796e72d1f97a..97c5b2b2e7f5 100644 --- a/source/extensions/stat_sinks/hystrix/hystrix.h +++ b/source/extensions/stat_sinks/hystrix/hystrix.h @@ -9,7 +9,7 @@ #include "envoy/stats/histogram.h" #include "envoy/stats/sink.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/metrics_service/BUILD b/source/extensions/stat_sinks/metrics_service/BUILD index 28afad7f25ac..11ffe31b018a 100644 --- a/source/extensions/stat_sinks/metrics_service/BUILD +++ b/source/extensions/stat_sinks/metrics_service/BUILD @@ -16,10 +16,10 @@ envoy_cc_library( srcs = ["grpc_metrics_service_impl.cc"], hdrs = ["grpc_metrics_service_impl.h"], deps = [ - "//include/envoy/grpc:async_client_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/singleton:instance_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/local_info:local_info_interface", + "//envoy/singleton:instance_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:assert_lib", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/service/metrics/v3:pkg_cc_proto", @@ -43,10 +43,8 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.stats_sinks", - security_posture = "data_plane_agnostic", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/extensions/stat_sinks:well_known_names", diff --git a/source/extensions/stat_sinks/metrics_service/config.cc b/source/extensions/stat_sinks/metrics_service/config.cc index a17539df4e6f..a711335b01f7 100644 --- a/source/extensions/stat_sinks/metrics_service/config.cc +++ b/source/extensions/stat_sinks/metrics_service/config.cc @@ -1,17 +1,16 @@ -#include "extensions/stat_sinks/metrics_service/config.h" +#include "source/extensions/stat_sinks/metrics_service/config.h" #include "envoy/config/metrics/v3/metrics_service.pb.h" #include "envoy/config/metrics/v3/metrics_service.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/grpc/async_client_impl.h" -#include "common/network/resolver_impl.h" - -#include "extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" -#include "extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" +#include "source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" +#include "source/extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/metrics_service/config.h b/source/extensions/stat_sinks/metrics_service/config.h index f67eeb2cb538..aff8e19fa2fc 100644 --- a/source/extensions/stat_sinks/metrics_service/config.h +++ b/source/extensions/stat_sinks/metrics_service/config.h @@ -3,7 +3,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/instance.h" -#include "server/configuration_impl.h" +#include "source/server/configuration_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.cc b/source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.cc index 16793caef480..3987969712f2 100644 --- a/source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.cc +++ b/source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.cc @@ -1,12 +1,12 @@ -#include "extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" +#include "source/extensions/stat_sinks/metrics_service/grpc_metrics_proto_descriptors.h" #include "envoy/config/metrics/v2/metrics_service.pb.h" #include "envoy/service/metrics/v2/metrics_service.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/api_version.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_version.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.cc b/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.cc index 14d0d2043bb4..80ba3889bd7f 100644 --- a/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.cc +++ b/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" +#include "source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" #include @@ -9,9 +9,9 @@ #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/config/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Extensions { @@ -59,19 +59,19 @@ MetricsPtr MetricsFlusher::flush(Stats::MetricSnapshot& snapshot) const { snapshot.snapshotTime().time_since_epoch()) .count(); for (const auto& counter : snapshot.counters()) { - if (counter.counter_.get().used()) { + if (predicate_(counter.counter_.get())) { flushCounter(*metrics->Add(), counter, snapshot_time_ms); } } for (const auto& gauge : snapshot.gauges()) { - if (gauge.get().used()) { + if (predicate_(gauge)) { flushGauge(*metrics->Add(), gauge.get(), snapshot_time_ms); } } for (const auto& histogram : snapshot.histograms()) { - if (histogram.get().used()) { + if (predicate_(histogram.get())) { flushHistogram(*metrics->Add(), *metrics->Add(), histogram.get(), snapshot_time_ms); } } diff --git a/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h b/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h index 7baef22c5bc0..93fc32ed6a9c 100644 --- a/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h +++ b/source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h @@ -12,8 +12,8 @@ #include "envoy/stats/stats.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/typed_async_client.h" namespace Envoy { namespace Extensions { @@ -82,8 +82,12 @@ using GrpcMetricsStreamerImplPtr = std::unique_ptr; class MetricsFlusher { public: - MetricsFlusher(bool report_counters_as_deltas, bool emit_labels) - : report_counters_as_deltas_(report_counters_as_deltas), emit_labels_(emit_labels) {} + MetricsFlusher( + bool report_counters_as_deltas, bool emit_labels, + std::function predicate = + [](const auto& metric) { return metric.used(); }) + : report_counters_as_deltas_(report_counters_as_deltas), emit_labels_(emit_labels), + predicate_(predicate) {} MetricsPtr flush(Stats::MetricSnapshot& snapshot) const; @@ -105,6 +109,7 @@ class MetricsFlusher { const bool report_counters_as_deltas_; const bool emit_labels_; + const std::function predicate_; }; /** @@ -112,13 +117,18 @@ class MetricsFlusher { */ template class MetricsServiceSink : public Stats::Sink { public: - // MetricsService::Sink MetricsServiceSink( const GrpcMetricsStreamerSharedPtr& grpc_metrics_streamer, bool report_counters_as_deltas, bool emit_labels) - : flusher_(report_counters_as_deltas, emit_labels), - grpc_metrics_streamer_(grpc_metrics_streamer) {} + : MetricsServiceSink(grpc_metrics_streamer, + MetricsFlusher(report_counters_as_deltas, emit_labels)) {} + MetricsServiceSink( + const GrpcMetricsStreamerSharedPtr& grpc_metrics_streamer, + MetricsFlusher&& flusher) + : flusher_(std::move(flusher)), grpc_metrics_streamer_(std::move(grpc_metrics_streamer)) {} + + // MetricsService::Sink void flush(Stats::MetricSnapshot& snapshot) override { grpc_metrics_streamer_->send(flusher_.flush(snapshot)); } diff --git a/source/extensions/stat_sinks/statsd/BUILD b/source/extensions/stat_sinks/statsd/BUILD index 8d4c70c3131a..8ac0182eba9d 100644 --- a/source/extensions/stat_sinks/statsd/BUILD +++ b/source/extensions/stat_sinks/statsd/BUILD @@ -14,11 +14,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.stats_sinks", - security_posture = "data_plane_agnostic", # Legacy test use. TODO(#9953) clean up. deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/network:address_lib", "//source/common/network:resolver_lib", "//source/extensions/stat_sinks:well_known_names", diff --git a/source/extensions/stat_sinks/statsd/config.cc b/source/extensions/stat_sinks/statsd/config.cc index 3cbea7f511a2..e9656bfdb8e0 100644 --- a/source/extensions/stat_sinks/statsd/config.cc +++ b/source/extensions/stat_sinks/statsd/config.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/statsd/config.h" +#include "source/extensions/stat_sinks/statsd/config.h" #include @@ -6,10 +6,9 @@ #include "envoy/config/metrics/v3/stats.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/network/resolver_impl.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/network/resolver_impl.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/statsd/config.h b/source/extensions/stat_sinks/statsd/config.h index 3a709715b2bd..dbce694b7a79 100644 --- a/source/extensions/stat_sinks/statsd/config.h +++ b/source/extensions/stat_sinks/statsd/config.h @@ -2,7 +2,7 @@ #include "envoy/server/instance.h" -#include "server/configuration_impl.h" +#include "source/server/configuration_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/wasm/BUILD b/source/extensions/stat_sinks/wasm/BUILD index 6c6b6523bb80..1747789d6c7a 100644 --- a/source/extensions/stat_sinks/wasm/BUILD +++ b/source/extensions/stat_sinks/wasm/BUILD @@ -15,14 +15,11 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.stats_sinks", - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ ":wasm_stat_sink_lib", - "//include/envoy/registry", - "//include/envoy/server:factory_context_interface", - "//include/envoy/server:instance_interface", + "//envoy/registry", + "//envoy/server:factory_context_interface", + "//envoy/server:instance_interface", "//source/extensions/common/wasm:wasm_lib", "//source/extensions/stat_sinks:well_known_names", "//source/server:configuration_lib", @@ -34,7 +31,7 @@ envoy_cc_library( name = "wasm_stat_sink_lib", hdrs = ["wasm_stat_sink_impl.h"], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/extensions/common/wasm:wasm_lib", "@envoy_api//envoy/extensions/filters/network/wasm/v3:pkg_cc_proto", ], diff --git a/source/extensions/stat_sinks/wasm/config.cc b/source/extensions/stat_sinks/wasm/config.cc index edc89aa62a68..8e1ffd9274d4 100644 --- a/source/extensions/stat_sinks/wasm/config.cc +++ b/source/extensions/stat_sinks/wasm/config.cc @@ -1,4 +1,4 @@ -#include "extensions/stat_sinks/wasm/config.h" +#include "source/extensions/stat_sinks/wasm/config.h" #include @@ -6,9 +6,9 @@ #include "envoy/registry/registry.h" #include "envoy/server/factory_context.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/stat_sinks/wasm/wasm_stat_sink_impl.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h" +#include "source/extensions/stat_sinks/well_known_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/wasm/config.h b/source/extensions/stat_sinks/wasm/config.h index 4fbd3d72937a..8887e7b6ab45 100644 --- a/source/extensions/stat_sinks/wasm/config.h +++ b/source/extensions/stat_sinks/wasm/config.h @@ -5,9 +5,8 @@ #include "envoy/server/factory_context.h" #include "envoy/server/instance.h" -#include "common/config/datasource.h" - -#include "server/configuration_impl.h" +#include "source/common/config/datasource.h" +#include "source/server/configuration_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h b/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h index ce3eea40dcd6..e3099b85874e 100644 --- a/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h +++ b/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h @@ -5,7 +5,7 @@ #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "envoy/stats/sink.h" -#include "extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/stat_sinks/well_known_names.h b/source/extensions/stat_sinks/well_known_names.h index a1f5c7965d03..ab253da7acb8 100644 --- a/source/extensions/stat_sinks/well_known_names.h +++ b/source/extensions/stat_sinks/well_known_names.h @@ -2,7 +2,7 @@ #include -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { @@ -18,6 +18,8 @@ class StatsSinkNameValues { const std::string Statsd = "envoy.stat_sinks.statsd"; // DogStatsD compatible statsd sink const std::string DogStatsd = "envoy.stat_sinks.dog_statsd"; + // Graphite Statsd sink (with Graphite-formatted tags) + const std::string GraphiteStatsd = "envoy.stat_sinks.graphite_statsd"; // MetricsService sink const std::string MetricsService = "envoy.stat_sinks.metrics_service"; // Hystrix sink diff --git a/source/extensions/tracers/common/BUILD b/source/extensions/tracers/common/BUILD index 450aef98b536..89e447c456fc 100644 --- a/source/extensions/tracers/common/BUILD +++ b/source/extensions/tracers/common/BUILD @@ -12,7 +12,7 @@ envoy_cc_library( name = "factory_base_lib", hdrs = ["factory_base.h"], deps = [ - "//include/envoy/server:tracer_config_interface", + "//envoy/server:tracer_config_interface", "//source/common/config:utility_lib", ], ) diff --git a/source/extensions/tracers/common/ot/BUILD b/source/extensions/tracers/common/ot/BUILD index c8b386d0c3c8..c07fd828a0d7 100644 --- a/source/extensions/tracers/common/ot/BUILD +++ b/source/extensions/tracers/common/ot/BUILD @@ -18,10 +18,10 @@ envoy_cc_library( ], external_deps = ["opentracing"], deps = [ - "//include/envoy/runtime:runtime_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:trace_driver_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/runtime:runtime_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:trace_driver_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:base64_lib", "//source/common/common:empty_string", "//source/common/http:header_map_lib", diff --git a/source/extensions/tracers/common/ot/opentracing_driver_impl.cc b/source/extensions/tracers/common/ot/opentracing_driver_impl.cc index 92a6b07d634f..aeeb94a489af 100644 --- a/source/extensions/tracers/common/ot/opentracing_driver_impl.cc +++ b/source/extensions/tracers/common/ot/opentracing_driver_impl.cc @@ -1,15 +1,15 @@ -#include "extensions/tracers/common/ot/opentracing_driver_impl.h" +#include "source/extensions/tracers/common/ot/opentracing_driver_impl.h" #include #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/utility.h" -#include "common/http/header_map_impl.h" -#include "common/tracing/common_values.h" -#include "common/tracing/null_span_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/tracing/common_values.h" +#include "source/common/tracing/null_span_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/common/ot/opentracing_driver_impl.h b/source/extensions/tracers/common/ot/opentracing_driver_impl.h index d214d967a287..582e31ed31d5 100644 --- a/source/extensions/tracers/common/ot/opentracing_driver_impl.h +++ b/source/extensions/tracers/common/ot/opentracing_driver_impl.h @@ -5,9 +5,9 @@ #include "envoy/stats/scope.h" #include "envoy/tracing/trace_driver.h" -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/singleton/const_singleton.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/singleton/const_singleton.h" #include "opentracing/ext/tags.h" #include "opentracing/tracer.h" diff --git a/source/extensions/tracers/datadog/BUILD b/source/extensions/tracers/datadog/BUILD index 164a1d73c1f9..0c314374f968 100644 --- a/source/extensions/tracers/datadog/BUILD +++ b/source/extensions/tracers/datadog/BUILD @@ -34,8 +34,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":datadog_tracer_lib", "//source/extensions/tracers/common:factory_base_lib", diff --git a/source/extensions/tracers/datadog/config.cc b/source/extensions/tracers/datadog/config.cc index cdfcafdddf38..562df5f645b1 100644 --- a/source/extensions/tracers/datadog/config.cc +++ b/source/extensions/tracers/datadog/config.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/datadog/config.h" +#include "source/extensions/tracers/datadog/config.h" #include "envoy/config/trace/v3/datadog.pb.h" #include "envoy/config/trace/v3/datadog.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" - -#include "extensions/tracers/datadog/datadog_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/datadog/datadog_tracer_impl.h" #include "datadog/opentracing.h" diff --git a/source/extensions/tracers/datadog/config.h b/source/extensions/tracers/datadog/config.h index 1808fddff003..f836916fca63 100644 --- a/source/extensions/tracers/datadog/config.h +++ b/source/extensions/tracers/datadog/config.h @@ -5,7 +5,7 @@ #include "envoy/config/trace/v3/datadog.pb.h" #include "envoy/config/trace/v3/datadog.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/datadog/datadog_tracer_impl.cc b/source/extensions/tracers/datadog/datadog_tracer_impl.cc index d2806d741ab2..8956afea8351 100644 --- a/source/extensions/tracers/datadog/datadog_tracer_impl.cc +++ b/source/extensions/tracers/datadog/datadog_tracer_impl.cc @@ -1,14 +1,14 @@ -#include "extensions/tracers/datadog/datadog_tracer_impl.h" +#include "source/extensions/tracers/datadog/datadog_tracer_impl.h" #include "envoy/config/trace/v3/datadog.pb.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/version/version.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/version/version.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/datadog/datadog_tracer_impl.h b/source/extensions/tracers/datadog/datadog_tracer_impl.h index 5649c3ef5594..57276a103c3b 100644 --- a/source/extensions/tracers/datadog/datadog_tracer_impl.h +++ b/source/extensions/tracers/datadog/datadog_tracer_impl.h @@ -8,12 +8,11 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/async_client_utility.h" -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" -#include "common/upstream/cluster_update_tracker.h" - -#include "extensions/tracers/common/ot/opentracing_driver_impl.h" +#include "source/common/http/async_client_utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/upstream/cluster_update_tracker.h" +#include "source/extensions/tracers/common/ot/opentracing_driver_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/dynamic_ot/BUILD b/source/extensions/tracers/dynamic_ot/BUILD index c7ce76f3267f..8a3bb1937ed3 100644 --- a/source/extensions/tracers/dynamic_ot/BUILD +++ b/source/extensions/tracers/dynamic_ot/BUILD @@ -29,8 +29,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":dynamic_opentracing_driver_lib", "//source/extensions/tracers/common:factory_base_lib", diff --git a/source/extensions/tracers/dynamic_ot/config.cc b/source/extensions/tracers/dynamic_ot/config.cc index aabcbba91bbc..bcecdc2d1db1 100644 --- a/source/extensions/tracers/dynamic_ot/config.cc +++ b/source/extensions/tracers/dynamic_ot/config.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/dynamic_ot/config.h" +#include "source/extensions/tracers/dynamic_ot/config.h" #include "envoy/config/trace/v3/dynamic_ot.pb.h" #include "envoy/config/trace/v3/dynamic_ot.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" - -#include "extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/dynamic_ot/config.h b/source/extensions/tracers/dynamic_ot/config.h index 4b9a761a262e..61be3be55c27 100644 --- a/source/extensions/tracers/dynamic_ot/config.h +++ b/source/extensions/tracers/dynamic_ot/config.h @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/dynamic_ot.pb.h" #include "envoy/config/trace/v3/dynamic_ot.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.cc b/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.cc index 10b1a0e79cf3..583fbfd6bb6f 100644 --- a/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.cc +++ b/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.cc @@ -1,6 +1,6 @@ -#include "extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" +#include "source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h b/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h index 668e3f99ad73..712283919b36 100644 --- a/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h +++ b/source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h @@ -4,7 +4,7 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "extensions/tracers/common/ot/opentracing_driver_impl.h" +#include "source/extensions/tracers/common/ot/opentracing_driver_impl.h" #include "opentracing/dynamic_load.h" diff --git a/source/extensions/tracers/lightstep/BUILD b/source/extensions/tracers/lightstep/BUILD index 72f4ff80f146..3c9cf3c57e0d 100644 --- a/source/extensions/tracers/lightstep/BUILD +++ b/source/extensions/tracers/lightstep/BUILD @@ -35,8 +35,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":lightstep_tracer_lib", "//source/common/config:datasource_lib", diff --git a/source/extensions/tracers/lightstep/config.cc b/source/extensions/tracers/lightstep/config.cc index 49aa98ccaf4a..3e1c029614a9 100644 --- a/source/extensions/tracers/lightstep/config.cc +++ b/source/extensions/tracers/lightstep/config.cc @@ -1,13 +1,12 @@ -#include "extensions/tracers/lightstep/config.h" +#include "source/extensions/tracers/lightstep/config.h" #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/config/trace/v3/lightstep.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" -#include "common/config/datasource.h" - -#include "extensions/tracers/lightstep/lightstep_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/datasource.h" +#include "source/extensions/tracers/lightstep/lightstep_tracer_impl.h" #include "lightstep/tracer.h" diff --git a/source/extensions/tracers/lightstep/config.h b/source/extensions/tracers/lightstep/config.h index 33cec8da3d60..9f29aa4860cc 100644 --- a/source/extensions/tracers/lightstep/config.h +++ b/source/extensions/tracers/lightstep/config.h @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/config/trace/v3/lightstep.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/lightstep/lightstep_tracer_impl.cc b/source/extensions/tracers/lightstep/lightstep_tracer_impl.cc index 952d24e4284f..64b07a562963 100644 --- a/source/extensions/tracers/lightstep/lightstep_tracer_impl.cc +++ b/source/extensions/tracers/lightstep/lightstep_tracer_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/lightstep/lightstep_tracer_impl.h" +#include "source/extensions/tracers/lightstep/lightstep_tracer_impl.h" #include #include @@ -7,14 +7,14 @@ #include "envoy/config/trace/v3/lightstep.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/base64.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/grpc/common.h" -#include "common/http/message_impl.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/base64.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/message_impl.h" +#include "source/common/tracing/http_tracer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/lightstep/lightstep_tracer_impl.h b/source/extensions/tracers/lightstep/lightstep_tracer_impl.h index 10820e4a3601..6c7c131245a7 100644 --- a/source/extensions/tracers/lightstep/lightstep_tracer_impl.h +++ b/source/extensions/tracers/lightstep/lightstep_tracer_impl.h @@ -9,16 +9,15 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/context_impl.h" -#include "common/http/header_map_impl.h" -#include "common/http/message_impl.h" -#include "common/json/json_loader.h" -#include "common/protobuf/protobuf.h" -#include "common/stats/symbol_table_impl.h" -#include "common/upstream/cluster_update_tracker.h" - -#include "extensions/tracers/common/ot/opentracing_driver_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/message_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/upstream/cluster_update_tracker.h" +#include "source/extensions/tracers/common/ot/opentracing_driver_impl.h" #include "lightstep/tracer.h" #include "lightstep/transporter.h" diff --git a/source/extensions/tracers/opencensus/BUILD b/source/extensions/tracers/opencensus/BUILD index a1c414cca9d7..f661bed6ddf6 100644 --- a/source/extensions/tracers/opencensus/BUILD +++ b/source/extensions/tracers/opencensus/BUILD @@ -16,8 +16,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":opencensus_tracer_impl", "//source/extensions/tracers/common:factory_base_lib", diff --git a/source/extensions/tracers/opencensus/config.cc b/source/extensions/tracers/opencensus/config.cc index ae6756e9bbff..bf33e76de248 100644 --- a/source/extensions/tracers/opencensus/config.cc +++ b/source/extensions/tracers/opencensus/config.cc @@ -1,10 +1,10 @@ -#include "extensions/tracers/opencensus/config.h" +#include "source/extensions/tracers/opencensus/config.h" #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/config/trace/v3/opencensus.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/tracers/opencensus/opencensus_tracer_impl.h" +#include "source/extensions/tracers/opencensus/opencensus_tracer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/opencensus/config.h b/source/extensions/tracers/opencensus/config.h index 5b853f9b9e1d..da3d534e3625 100644 --- a/source/extensions/tracers/opencensus/config.h +++ b/source/extensions/tracers/opencensus/config.h @@ -5,7 +5,7 @@ #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/config/trace/v3/opencensus.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/opencensus/opencensus_tracer_impl.cc b/source/extensions/tracers/opencensus/opencensus_tracer_impl.cc index ee0fc31e53ee..82ea4b3c3908 100644 --- a/source/extensions/tracers/opencensus/opencensus_tracer_impl.cc +++ b/source/extensions/tracers/opencensus/opencensus_tracer_impl.cc @@ -1,12 +1,12 @@ -#include "extensions/tracers/opencensus/opencensus_tracer_impl.h" +#include "source/extensions/tracers/opencensus/opencensus_tracer_impl.h" #include #include "envoy/config/trace/v3/opencensus.pb.h" #include "envoy/http/header_map.h" -#include "common/common/base64.h" -#include "common/common/empty_string.h" +#include "source/common/common/base64.h" +#include "source/common/common/empty_string.h" #include "absl/strings/str_cat.h" #include "google/devtools/cloudtrace/v2/tracing.grpc.pb.h" @@ -25,7 +25,7 @@ #include "opencensus/trace/trace_params.h" #ifdef ENVOY_GOOGLE_GRPC -#include "common/grpc/google_grpc_utils.h" +#include "source/common/grpc/google_grpc_utils.h" #endif namespace Envoy { diff --git a/source/extensions/tracers/opencensus/opencensus_tracer_impl.h b/source/extensions/tracers/opencensus/opencensus_tracer_impl.h index 3d4cbf7cdae9..ab0c14d1c5ef 100644 --- a/source/extensions/tracers/opencensus/opencensus_tracer_impl.h +++ b/source/extensions/tracers/opencensus/opencensus_tracer_impl.h @@ -5,7 +5,7 @@ #include "envoy/local_info/local_info.h" #include "envoy/tracing/trace_driver.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/skywalking/BUILD b/source/extensions/tracers/skywalking/BUILD index 41da2c3f61f3..a35573f7d0be 100644 --- a/source/extensions/tracers/skywalking/BUILD +++ b/source/extensions/tracers/skywalking/BUILD @@ -20,7 +20,7 @@ envoy_cc_library( ], deps = [ ":skywalking_stats_lib", - "//include/envoy/grpc:async_client_manager_interface", + "//envoy/grpc:async_client_manager_interface", "//source/common/common:backoff_lib", "//source/common/grpc:async_client_lib", "@envoy_api//envoy/config/trace/v3:pkg_cc_proto", @@ -42,9 +42,9 @@ envoy_cc_library( ], deps = [ ":trace_segment_reporter_lib", - "//include/envoy/common:time_interface", - "//include/envoy/server:tracer_config_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/common:time_interface", + "//envoy/server:tracer_config_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/common:macros", "//source/common/http:header_map_lib", "//source/common/runtime:runtime_lib", @@ -59,7 +59,7 @@ envoy_cc_library( "skywalking_stats.h", ], deps = [ - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", ], ) @@ -67,9 +67,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", - status = "wip", deps = [ ":skywalking_tracer_lib", "//source/common/config:datasource_lib", diff --git a/source/extensions/tracers/skywalking/config.cc b/source/extensions/tracers/skywalking/config.cc index 12e1b43c0157..eca304c41d4c 100644 --- a/source/extensions/tracers/skywalking/config.cc +++ b/source/extensions/tracers/skywalking/config.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/skywalking/config.h" +#include "source/extensions/tracers/skywalking/config.h" #include "envoy/config/trace/v3/skywalking.pb.h" #include "envoy/config/trace/v3/skywalking.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" - -#include "extensions/tracers/skywalking/skywalking_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/skywalking/skywalking_tracer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/skywalking/config.h b/source/extensions/tracers/skywalking/config.h index 0fc1ad8dc967..26d4fca522ba 100644 --- a/source/extensions/tracers/skywalking/config.h +++ b/source/extensions/tracers/skywalking/config.h @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/skywalking.pb.h" #include "envoy/config/trace/v3/skywalking.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/skywalking/skywalking_tracer_impl.cc b/source/extensions/tracers/skywalking/skywalking_tracer_impl.cc index fa40d5469717..716db5434ee1 100644 --- a/source/extensions/tracers/skywalking/skywalking_tracer_impl.cc +++ b/source/extensions/tracers/skywalking/skywalking_tracer_impl.cc @@ -1,10 +1,10 @@ -#include "extensions/tracers/skywalking/skywalking_tracer_impl.h" +#include "source/extensions/tracers/skywalking/skywalking_tracer_impl.h" #include -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/http/path_utility.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/http/path_utility.h" #include "cpp2sky/propagation.h" @@ -62,7 +62,8 @@ Tracing::SpanPtr Driver::startSpan(const Tracing::Config& config, } else { auto header_value_string = propagation_header[0]->value().getStringView(); try { - SpanContextPtr span_context = createSpanContext(header_value_string); + SpanContextPtr span_context = + createSpanContext(toStdStringView(header_value_string)); // NOLINT(std::string_view) tracing_context = tracing_context_factory_->create(span_context); } catch (TracerException& e) { ENVOY_LOG(warn, "New SkyWalking Span/Segment cannot be created for error: {}", e.what()); diff --git a/source/extensions/tracers/skywalking/skywalking_tracer_impl.h b/source/extensions/tracers/skywalking/skywalking_tracer_impl.h index a2443f10d2ba..aeb4f91434fb 100644 --- a/source/extensions/tracers/skywalking/skywalking_tracer_impl.h +++ b/source/extensions/tracers/skywalking/skywalking_tracer_impl.h @@ -5,10 +5,9 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/trace_driver.h" +#include "source/extensions/tracers/skywalking/tracer.h" #include "source/tracing_context_impl.h" -#include "extensions/tracers/skywalking/tracer.h" - #include "cpp2sky/exception.h" namespace Envoy { diff --git a/source/extensions/tracers/skywalking/trace_segment_reporter.cc b/source/extensions/tracers/skywalking/trace_segment_reporter.cc index 5d81ac68f240..27fd24fd2522 100644 --- a/source/extensions/tracers/skywalking/trace_segment_reporter.cc +++ b/source/extensions/tracers/skywalking/trace_segment_reporter.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/skywalking/trace_segment_reporter.h" +#include "source/extensions/tracers/skywalking/trace_segment_reporter.h" #include "envoy/http/header_map.h" diff --git a/source/extensions/tracers/skywalking/trace_segment_reporter.h b/source/extensions/tracers/skywalking/trace_segment_reporter.h index a54885a75671..db198d2e0c1d 100644 --- a/source/extensions/tracers/skywalking/trace_segment_reporter.h +++ b/source/extensions/tracers/skywalking/trace_segment_reporter.h @@ -5,10 +5,9 @@ #include "envoy/config/trace/v3/skywalking.pb.h" #include "envoy/grpc/async_client_manager.h" -#include "common/common/backoff_strategy.h" -#include "common/grpc/async_client_impl.h" - -#include "extensions/tracers/skywalking/skywalking_stats.h" +#include "source/common/common/backoff_strategy.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/extensions/tracers/skywalking/skywalking_stats.h" #include "cpp2sky/tracing_context.h" diff --git a/source/extensions/tracers/skywalking/tracer.cc b/source/extensions/tracers/skywalking/tracer.cc index bcca619fb886..3f803c4c0965 100644 --- a/source/extensions/tracers/skywalking/tracer.cc +++ b/source/extensions/tracers/skywalking/tracer.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/skywalking/tracer.h" +#include "source/extensions/tracers/skywalking/tracer.h" #include diff --git a/source/extensions/tracers/skywalking/tracer.h b/source/extensions/tracers/skywalking/tracer.h index 52e2a24fb18d..d0e1887277c6 100644 --- a/source/extensions/tracers/skywalking/tracer.h +++ b/source/extensions/tracers/skywalking/tracer.h @@ -4,10 +4,9 @@ #include "envoy/tracing/trace_driver.h" -#include "common/tracing/common_values.h" -#include "common/tracing/null_span_impl.h" - -#include "extensions/tracers/skywalking/trace_segment_reporter.h" +#include "source/common/tracing/common_values.h" +#include "source/common/tracing/null_span_impl.h" +#include "source/extensions/tracers/skywalking/trace_segment_reporter.h" #include "cpp2sky/tracing_context.h" #include "cpp2sky/well_known_names.h" diff --git a/source/extensions/tracers/xray/BUILD b/source/extensions/tracers/xray/BUILD index 797e8a84e407..a0824d8ea9bc 100644 --- a/source/extensions/tracers/xray/BUILD +++ b/source/extensions/tracers/xray/BUILD @@ -39,9 +39,9 @@ envoy_cc_library( external_deps = [], deps = [ ":daemon_cc_proto", - "//include/envoy/common:time_interface", - "//include/envoy/server:tracer_config_interface", - "//include/envoy/tracing:trace_driver_interface", + "//envoy/common:time_interface", + "//envoy/server:tracer_config_interface", + "//envoy/tracing:trace_driver_interface", "//source/common/common:hex_lib", "//source/common/common:macros", "//source/common/common:random_generator_lib", @@ -58,8 +58,6 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", - security_posture = "robust_to_untrusted_downstream", deps = [ ":xray_lib", "//source/common/config:datasource_lib", diff --git a/source/extensions/tracers/xray/config.cc b/source/extensions/tracers/xray/config.cc index ff9bd156ea7f..f297c5c7d841 100644 --- a/source/extensions/tracers/xray/config.cc +++ b/source/extensions/tracers/xray/config.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/config.h" +#include "source/extensions/tracers/xray/config.h" #include @@ -7,10 +7,9 @@ #include "envoy/config/trace/v3/xray.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" -#include "common/config/datasource.h" - -#include "extensions/tracers/xray/xray_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/datasource.h" +#include "source/extensions/tracers/xray/xray_tracer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/config.h b/source/extensions/tracers/xray/config.h index 00c5b3d5fa8e..2115608f9eba 100644 --- a/source/extensions/tracers/xray/config.h +++ b/source/extensions/tracers/xray/config.h @@ -2,9 +2,8 @@ #include "envoy/config/trace/v3/xray.pb.h" -#include "common/common/logger.h" - -#include "extensions/tracers/common/factory_base.h" +#include "source/common/common/logger.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/daemon_broker.cc b/source/extensions/tracers/xray/daemon_broker.cc index 7af0945220fe..2734996be51f 100644 --- a/source/extensions/tracers/xray/daemon_broker.cc +++ b/source/extensions/tracers/xray/daemon_broker.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/xray/daemon_broker.h" +#include "source/extensions/tracers/xray/daemon_broker.h" #include "envoy/network/address.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/socket_interface.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" - +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" #include "source/extensions/tracers/xray/daemon.pb.h" namespace Envoy { diff --git a/source/extensions/tracers/xray/daemon_broker.h b/source/extensions/tracers/xray/daemon_broker.h index ce261a3c2b79..35d2e0ee8244 100644 --- a/source/extensions/tracers/xray/daemon_broker.h +++ b/source/extensions/tracers/xray/daemon_broker.h @@ -6,7 +6,7 @@ #include "envoy/common/pure.h" #include "envoy/network/address.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/network/io_socket_handle_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/localized_sampling.cc b/source/extensions/tracers/xray/localized_sampling.cc index b16b3929898a..e56cfc52b393 100644 --- a/source/extensions/tracers/xray/localized_sampling.cc +++ b/source/extensions/tracers/xray/localized_sampling.cc @@ -1,9 +1,8 @@ -#include "extensions/tracers/xray/localized_sampling.h" +#include "source/extensions/tracers/xray/localized_sampling.h" -#include "common/http/exception.h" -#include "common/protobuf/utility.h" - -#include "extensions/tracers/xray/util.h" +#include "source/common/http/exception.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/tracers/xray/util.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/localized_sampling.h b/source/extensions/tracers/xray/localized_sampling.h index f95a3da8fdd1..dc9cde196047 100644 --- a/source/extensions/tracers/xray/localized_sampling.h +++ b/source/extensions/tracers/xray/localized_sampling.h @@ -6,11 +6,10 @@ #include "envoy/common/time.h" -#include "common/common/logger.h" -#include "common/common/random_generator.h" - -#include "extensions/tracers/xray/reservoir.h" -#include "extensions/tracers/xray/sampling_strategy.h" +#include "source/common/common/logger.h" +#include "source/common/common/random_generator.h" +#include "source/extensions/tracers/xray/reservoir.h" +#include "source/extensions/tracers/xray/sampling_strategy.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/tracers/xray/reservoir.h b/source/extensions/tracers/xray/reservoir.h index fc8da633c471..1230354127cf 100644 --- a/source/extensions/tracers/xray/reservoir.h +++ b/source/extensions/tracers/xray/reservoir.h @@ -4,8 +4,8 @@ #include "envoy/common/time.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/sampling_strategy.h b/source/extensions/tracers/xray/sampling_strategy.h index 908c28c6414e..4d744aaef02e 100644 --- a/source/extensions/tracers/xray/sampling_strategy.h +++ b/source/extensions/tracers/xray/sampling_strategy.h @@ -5,7 +5,7 @@ #include "envoy/common/pure.h" #include "envoy/common/random_generator.h" -#include "common/common/macros.h" +#include "source/common/common/macros.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/tracers/xray/tracer.cc b/source/extensions/tracers/xray/tracer.cc index 684f36b8b5ea..b7e1f603fcd6 100644 --- a/source/extensions/tracers/xray/tracer.cc +++ b/source/extensions/tracers/xray/tracer.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/tracer.h" +#include "source/extensions/tracers/xray/tracer.h" #include #include @@ -7,10 +7,9 @@ #include "envoy/http/header_map.h" #include "envoy/network/listener.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/protobuf/utility.h" - +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/utility.h" #include "source/extensions/tracers/xray/daemon.pb.validate.h" namespace Envoy { diff --git a/source/extensions/tracers/xray/tracer.h b/source/extensions/tracers/xray/tracer.h index 07c6f04bd2b2..7e252f7cfc29 100644 --- a/source/extensions/tracers/xray/tracer.h +++ b/source/extensions/tracers/xray/tracer.h @@ -7,14 +7,13 @@ #include "envoy/common/time.h" #include "envoy/tracing/http_tracer.h" -#include "common/common/empty_string.h" -#include "common/common/hex.h" -#include "common/common/random_generator.h" -#include "common/protobuf/utility.h" - -#include "extensions/tracers/xray/daemon_broker.h" -#include "extensions/tracers/xray/sampling_strategy.h" -#include "extensions/tracers/xray/xray_configuration.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/hex.h" +#include "source/common/common/random_generator.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/tracers/xray/daemon_broker.h" +#include "source/extensions/tracers/xray/sampling_strategy.h" +#include "source/extensions/tracers/xray/xray_configuration.h" #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/tracers/xray/util.cc b/source/extensions/tracers/xray/util.cc index 65b052d48300..32730fbf6a4b 100644 --- a/source/extensions/tracers/xray/util.cc +++ b/source/extensions/tracers/xray/util.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/util.h" +#include "source/extensions/tracers/xray/util.h" #include "absl/strings/ascii.h" diff --git a/source/extensions/tracers/xray/xray_configuration.h b/source/extensions/tracers/xray/xray_configuration.h index 3abcdadd8cd0..104ca39cbc35 100644 --- a/source/extensions/tracers/xray/xray_configuration.h +++ b/source/extensions/tracers/xray/xray_configuration.h @@ -1,7 +1,7 @@ #pragma once #include -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "absl/container/flat_hash_map.h" diff --git a/source/extensions/tracers/xray/xray_tracer_impl.cc b/source/extensions/tracers/xray/xray_tracer_impl.cc index 77e240c783a2..22bba12bf348 100644 --- a/source/extensions/tracers/xray/xray_tracer_impl.cc +++ b/source/extensions/tracers/xray/xray_tracer_impl.cc @@ -1,11 +1,10 @@ -#include "extensions/tracers/xray/xray_tracer_impl.h" +#include "source/extensions/tracers/xray/xray_tracer_impl.h" -#include "common/common/macros.h" -#include "common/common/utility.h" - -#include "extensions/tracers/xray/localized_sampling.h" -#include "extensions/tracers/xray/tracer.h" -#include "extensions/tracers/xray/xray_configuration.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/xray/localized_sampling.h" +#include "source/extensions/tracers/xray/tracer.h" +#include "source/extensions/tracers/xray/xray_configuration.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/xray/xray_tracer_impl.h b/source/extensions/tracers/xray/xray_tracer_impl.h index 8985cc83ccef..37357dfff8e0 100644 --- a/source/extensions/tracers/xray/xray_tracer_impl.h +++ b/source/extensions/tracers/xray/xray_tracer_impl.h @@ -4,8 +4,8 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/tracing/trace_driver.h" -#include "extensions/tracers/xray/tracer.h" -#include "extensions/tracers/xray/xray_configuration.h" +#include "source/extensions/tracers/xray/tracer.h" +#include "source/extensions/tracers/xray/xray_configuration.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/BUILD b/source/extensions/tracers/zipkin/BUILD index 34e00329e121..e7ee5ee6b0c7 100644 --- a/source/extensions/tracers/zipkin/BUILD +++ b/source/extensions/tracers/zipkin/BUILD @@ -38,13 +38,13 @@ envoy_cc_library( "abseil_optional", ], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/network:address_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/common:time_interface", + "//envoy/local_info:local_info_interface", + "//envoy/network:address_interface", + "//envoy/runtime:runtime_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:enum_to_int", "//source/common/common:hex_lib", "//source/common/common:utility_lib", @@ -67,12 +67,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.tracers", # Legacy test use. TODO(#9953) clean up. extra_visibility = [ "//test/server:__subpackages__", ], - security_posture = "robust_to_untrusted_downstream", deps = [ ":zipkin_lib", "//source/extensions/tracers/common:factory_base_lib", diff --git a/source/extensions/tracers/zipkin/config.cc b/source/extensions/tracers/zipkin/config.cc index b77ab83f4812..b79a47a4598b 100644 --- a/source/extensions/tracers/zipkin/config.cc +++ b/source/extensions/tracers/zipkin/config.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/zipkin/config.h" +#include "source/extensions/tracers/zipkin/config.h" #include "envoy/config/trace/v3/zipkin.pb.h" #include "envoy/config/trace/v3/zipkin.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/common/utility.h" - -#include "extensions/tracers/zipkin/zipkin_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/zipkin/zipkin_tracer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/config.h b/source/extensions/tracers/zipkin/config.h index 8c879e64f524..8c32693e1a25 100644 --- a/source/extensions/tracers/zipkin/config.h +++ b/source/extensions/tracers/zipkin/config.h @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/zipkin.pb.h" #include "envoy/config/trace/v3/zipkin.pb.validate.h" -#include "extensions/tracers/common/factory_base.h" +#include "source/extensions/tracers/common/factory_base.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/span_buffer.cc b/source/extensions/tracers/zipkin/span_buffer.cc index df1682e7881a..e5ab41876cca 100644 --- a/source/extensions/tracers/zipkin/span_buffer.cc +++ b/source/extensions/tracers/zipkin/span_buffer.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/zipkin/span_buffer.h" +#include "source/extensions/tracers/zipkin/span_buffer.h" #include "envoy/config/trace/v3/zipkin.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/tracers/zipkin/util.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_json_field_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_json_field_names.h" #include "absl/strings/str_join.h" #include "absl/strings/str_replace.h" diff --git a/source/extensions/tracers/zipkin/span_buffer.h b/source/extensions/tracers/zipkin/span_buffer.h index a2267c7b724f..c1667c609078 100644 --- a/source/extensions/tracers/zipkin/span_buffer.h +++ b/source/extensions/tracers/zipkin/span_buffer.h @@ -2,10 +2,9 @@ #include "envoy/config/trace/v3/zipkin.pb.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/tracers/zipkin/tracer_interface.h" -#include "extensions/tracers/zipkin/zipkin_core_types.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/tracers/zipkin/tracer_interface.h" +#include "source/extensions/tracers/zipkin/zipkin_core_types.h" #include "zipkin.pb.h" diff --git a/source/extensions/tracers/zipkin/span_context.cc b/source/extensions/tracers/zipkin/span_context.cc index 20841648992b..aac074542fbb 100644 --- a/source/extensions/tracers/zipkin/span_context.cc +++ b/source/extensions/tracers/zipkin/span_context.cc @@ -1,9 +1,8 @@ -#include "extensions/tracers/zipkin/span_context.h" +#include "source/extensions/tracers/zipkin/span_context.h" -#include "common/common/macros.h" -#include "common/common/utility.h" - -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/span_context.h b/source/extensions/tracers/zipkin/span_context.h index c06381272cbe..615c81e1d0e4 100644 --- a/source/extensions/tracers/zipkin/span_context.h +++ b/source/extensions/tracers/zipkin/span_context.h @@ -2,9 +2,9 @@ #include -#include "extensions/tracers/zipkin/util.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_core_types.h" +#include "source/extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_core_types.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/span_context_extractor.cc b/source/extensions/tracers/zipkin/span_context_extractor.cc index a9b67503ffd1..a452636587b9 100644 --- a/source/extensions/tracers/zipkin/span_context_extractor.cc +++ b/source/extensions/tracers/zipkin/span_context_extractor.cc @@ -1,10 +1,9 @@ -#include "extensions/tracers/zipkin/span_context_extractor.h" +#include "source/extensions/tracers/zipkin/span_context_extractor.h" -#include "common/common/assert.h" -#include "common/common/utility.h" - -#include "extensions/tracers/zipkin/span_context.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/zipkin/span_context.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/span_context_extractor.h b/source/extensions/tracers/zipkin/span_context_extractor.h index 425a0d59973c..b364d6e528c3 100644 --- a/source/extensions/tracers/zipkin/span_context_extractor.h +++ b/source/extensions/tracers/zipkin/span_context_extractor.h @@ -3,7 +3,7 @@ #include "envoy/common/exception.h" #include "envoy/tracing/http_tracer.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/tracer.cc b/source/extensions/tracers/zipkin/tracer.cc index 90f1f1d72f49..cb156d36b6d5 100644 --- a/source/extensions/tracers/zipkin/tracer.cc +++ b/source/extensions/tracers/zipkin/tracer.cc @@ -1,12 +1,11 @@ -#include "extensions/tracers/zipkin/tracer.h" +#include "source/extensions/tracers/zipkin/tracer.h" #include -#include "common/common/utility.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/zipkin/util.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/utility.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/tracer.h b/source/extensions/tracers/zipkin/tracer.h index 109982af7ff0..e29c5446f9aa 100644 --- a/source/extensions/tracers/zipkin/tracer.h +++ b/source/extensions/tracers/zipkin/tracer.h @@ -5,10 +5,10 @@ #include "envoy/common/time.h" #include "envoy/tracing/http_tracer.h" -#include "extensions/tracers/zipkin/span_context.h" -#include "extensions/tracers/zipkin/tracer_interface.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_core_types.h" +#include "source/extensions/tracers/zipkin/span_context.h" +#include "source/extensions/tracers/zipkin/tracer_interface.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_core_types.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/util.cc b/source/extensions/tracers/zipkin/util.cc index 5263eec00ecc..53763443576f 100644 --- a/source/extensions/tracers/zipkin/util.cc +++ b/source/extensions/tracers/zipkin/util.cc @@ -1,11 +1,11 @@ -#include "extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/util.h" #include #include #include -#include "common/common/hex.h" -#include "common/common/utility.h" +#include "source/common/common/hex.h" +#include "source/common/common/utility.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_join.h" diff --git a/source/extensions/tracers/zipkin/util.h b/source/extensions/tracers/zipkin/util.h index 0c9158a36423..80303986034f 100644 --- a/source/extensions/tracers/zipkin/util.h +++ b/source/extensions/tracers/zipkin/util.h @@ -5,8 +5,8 @@ #include "envoy/common/time.h" -#include "common/common/byte_order.h" -#include "common/protobuf/utility.h" +#include "source/common/common/byte_order.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/zipkin_core_constants.h b/source/extensions/tracers/zipkin/zipkin_core_constants.h index 0401c39fb142..03e1ba63a40b 100644 --- a/source/extensions/tracers/zipkin/zipkin_core_constants.h +++ b/source/extensions/tracers/zipkin/zipkin_core_constants.h @@ -4,7 +4,7 @@ #include "envoy/http/header_map.h" -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/zipkin_core_types.cc b/source/extensions/tracers/zipkin/zipkin_core_types.cc index 3128a82586f8..eb6c17c8382a 100644 --- a/source/extensions/tracers/zipkin/zipkin_core_types.cc +++ b/source/extensions/tracers/zipkin/zipkin_core_types.cc @@ -1,13 +1,12 @@ -#include "extensions/tracers/zipkin/zipkin_core_types.h" +#include "source/extensions/tracers/zipkin/zipkin_core_types.h" #include -#include "common/common/utility.h" - -#include "extensions/tracers/zipkin/span_context.h" -#include "extensions/tracers/zipkin/util.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_json_field_names.h" +#include "source/common/common/utility.h" +#include "source/extensions/tracers/zipkin/span_context.h" +#include "source/extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_json_field_names.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/zipkin_core_types.h b/source/extensions/tracers/zipkin/zipkin_core_types.h index b87573c8f7bf..ae70ddff7adc 100644 --- a/source/extensions/tracers/zipkin/zipkin_core_types.h +++ b/source/extensions/tracers/zipkin/zipkin_core_types.h @@ -6,12 +6,11 @@ #include "envoy/common/time.h" #include "envoy/network/address.h" -#include "common/common/assert.h" -#include "common/common/hex.h" -#include "common/protobuf/utility.h" - -#include "extensions/tracers/zipkin/tracer_interface.h" -#include "extensions/tracers/zipkin/util.h" +#include "source/common/common/assert.h" +#include "source/common/common/hex.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/tracers/zipkin/tracer_interface.h" +#include "source/extensions/tracers/zipkin/util.h" #include "absl/strings/str_cat.h" #include "absl/strings/str_replace.h" diff --git a/source/extensions/tracers/zipkin/zipkin_json_field_names.h b/source/extensions/tracers/zipkin/zipkin_json_field_names.h index 95e401992db7..0d178d820334 100644 --- a/source/extensions/tracers/zipkin/zipkin_json_field_names.h +++ b/source/extensions/tracers/zipkin/zipkin_json_field_names.h @@ -2,7 +2,7 @@ #include -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/zipkin_tracer_impl.cc b/source/extensions/tracers/zipkin/zipkin_tracer_impl.cc index d25f143cec47..77c7944550ad 100644 --- a/source/extensions/tracers/zipkin/zipkin_tracer_impl.cc +++ b/source/extensions/tracers/zipkin/zipkin_tracer_impl.cc @@ -1,19 +1,18 @@ -#include "extensions/tracers/zipkin/zipkin_tracer_impl.h" +#include "source/extensions/tracers/zipkin/zipkin_tracer_impl.h" #include "envoy/config/trace/v3/zipkin.pb.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/zipkin/span_context_extractor.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/zipkin/span_context_extractor.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/tracers/zipkin/zipkin_tracer_impl.h b/source/extensions/tracers/zipkin/zipkin_tracer_impl.h index 2649825a3635..7def3ced8e49 100644 --- a/source/extensions/tracers/zipkin/zipkin_tracer_impl.h +++ b/source/extensions/tracers/zipkin/zipkin_tracer_impl.h @@ -8,17 +8,16 @@ #include "envoy/tracing/trace_driver.h" #include "envoy/upstream/cluster_manager.h" -#include "common/common/empty_string.h" -#include "common/http/async_client_utility.h" -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" -#include "common/tracing/common_values.h" -#include "common/tracing/null_span_impl.h" -#include "common/upstream/cluster_update_tracker.h" - -#include "extensions/tracers/zipkin/span_buffer.h" -#include "extensions/tracers/zipkin/tracer.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/async_client_utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/tracing/common_values.h" +#include "source/common/tracing/null_span_impl.h" +#include "source/common/upstream/cluster_update_tracker.h" +#include "source/extensions/tracers/zipkin/span_buffer.h" +#include "source/extensions/tracers/zipkin/tracer.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/BUILD b/source/extensions/transport_sockets/BUILD deleted file mode 100644 index 40a5e79b39d3..000000000000 --- a/source/extensions/transport_sockets/BUILD +++ /dev/null @@ -1,19 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_cc_library", - "envoy_extension_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_extension_package() - -envoy_cc_library( - name = "well_known_names", - hdrs = ["well_known_names.h"], - # well known names files are public as long as they exist. - visibility = ["//visibility:public"], - deps = [ - "//source/common/singleton:const_singleton", - ], -) diff --git a/source/extensions/transport_sockets/alts/BUILD b/source/extensions/transport_sockets/alts/BUILD index 587e9a2ecf29..2086ef77546e 100644 --- a/source/extensions/transport_sockets/alts/BUILD +++ b/source/extensions/transport_sockets/alts/BUILD @@ -34,19 +34,14 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = ( - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - ), external_deps = [ "abseil_node_hash_set", ], - security_posture = "robust_to_untrusted_downstream_and_upstream", deps = [ ":tsi_handshaker", ":tsi_socket", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "//source/common/grpc:google_grpc_context_lib", "@envoy_api//envoy/extensions/transport_sockets/alts/v3:pkg_cc_proto", ], @@ -76,7 +71,7 @@ envoy_cc_library( ], deps = [ ":grpc_tsi_wrapper", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", ], ) @@ -93,8 +88,8 @@ envoy_cc_library( ":noop_transport_socket_callbacks_lib", ":tsi_frame_protector", ":tsi_handshaker", - "//include/envoy/network:io_handle_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:io_handle_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:watermark_buffer_lib", "//source/common/common:cleanup_lib", @@ -109,7 +104,7 @@ envoy_cc_library( name = "noop_transport_socket_callbacks_lib", hdrs = ["noop_transport_socket_callbacks.h"], deps = [ - "//include/envoy/network:io_handle_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:io_handle_interface", + "//envoy/network:transport_socket_interface", ], ) diff --git a/source/extensions/transport_sockets/alts/config.cc b/source/extensions/transport_sockets/alts/config.cc index 90494996aafe..59f66580110a 100644 --- a/source/extensions/transport_sockets/alts/config.cc +++ b/source/extensions/transport_sockets/alts/config.cc @@ -1,17 +1,16 @@ -#include "extensions/transport_sockets/alts/config.h" +#include "source/extensions/transport_sockets/alts/config.h" #include "envoy/extensions/transport_sockets/alts/v3/alts.pb.h" #include "envoy/extensions/transport_sockets/alts/v3/alts.pb.validate.h" #include "envoy/registry/registry.h" #include "envoy/server/transport_socket_config.h" -#include "common/common/assert.h" -#include "common/grpc/google_grpc_context.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" - -#include "extensions/transport_sockets/alts/grpc_tsi.h" -#include "extensions/transport_sockets/alts/tsi_socket.h" +#include "source/common/common/assert.h" +#include "source/common/grpc/google_grpc_context.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/transport_sockets/alts/grpc_tsi.h" +#include "source/extensions/transport_sockets/alts/tsi_socket.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_join.h" diff --git a/source/extensions/transport_sockets/alts/grpc_tsi.h b/source/extensions/transport_sockets/alts/grpc_tsi.h index 1acecac58d4d..4b280f0420f9 100644 --- a/source/extensions/transport_sockets/alts/grpc_tsi.h +++ b/source/extensions/transport_sockets/alts/grpc_tsi.h @@ -22,7 +22,7 @@ #pragma GCC diagnostic pop #endif -#include "common/common/c_smart_ptr.h" +#include "source/common/common/c_smart_ptr.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/alts/tsi_frame_protector.cc b/source/extensions/transport_sockets/alts/tsi_frame_protector.cc index 2739f2029a98..6e06411f0751 100644 --- a/source/extensions/transport_sockets/alts/tsi_frame_protector.cc +++ b/source/extensions/transport_sockets/alts/tsi_frame_protector.cc @@ -1,7 +1,7 @@ -#include "extensions/transport_sockets/alts/tsi_frame_protector.h" +#include "source/extensions/transport_sockets/alts/tsi_frame_protector.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" #include "src/core/tsi/transport_security_grpc.h" #include "src/core/tsi/transport_security_interface.h" diff --git a/source/extensions/transport_sockets/alts/tsi_frame_protector.h b/source/extensions/transport_sockets/alts/tsi_frame_protector.h index 5ea60bb5a0c7..3b7bfab2bf70 100644 --- a/source/extensions/transport_sockets/alts/tsi_frame_protector.h +++ b/source/extensions/transport_sockets/alts/tsi_frame_protector.h @@ -2,7 +2,7 @@ #include "envoy/buffer/buffer.h" -#include "extensions/transport_sockets/alts/grpc_tsi.h" +#include "source/extensions/transport_sockets/alts/grpc_tsi.h" #include "grpc/slice_buffer.h" diff --git a/source/extensions/transport_sockets/alts/tsi_handshaker.cc b/source/extensions/transport_sockets/alts/tsi_handshaker.cc index 08f14967f40f..4440fc4011f6 100644 --- a/source/extensions/transport_sockets/alts/tsi_handshaker.cc +++ b/source/extensions/transport_sockets/alts/tsi_handshaker.cc @@ -1,7 +1,7 @@ -#include "extensions/transport_sockets/alts/tsi_handshaker.h" +#include "source/extensions/transport_sockets/alts/tsi_handshaker.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/alts/tsi_handshaker.h b/source/extensions/transport_sockets/alts/tsi_handshaker.h index 71cd6989e71a..9408a67bfa68 100644 --- a/source/extensions/transport_sockets/alts/tsi_handshaker.h +++ b/source/extensions/transport_sockets/alts/tsi_handshaker.h @@ -5,9 +5,8 @@ #include "envoy/buffer/buffer.h" #include "envoy/event/dispatcher.h" -#include "common/common/c_smart_ptr.h" - -#include "extensions/transport_sockets/alts/grpc_tsi.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/extensions/transport_sockets/alts/grpc_tsi.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/alts/tsi_socket.cc b/source/extensions/transport_sockets/alts/tsi_socket.cc index ce2316921ce7..6b06552e4a20 100644 --- a/source/extensions/transport_sockets/alts/tsi_socket.cc +++ b/source/extensions/transport_sockets/alts/tsi_socket.cc @@ -1,9 +1,9 @@ -#include "extensions/transport_sockets/alts/tsi_socket.h" +#include "source/extensions/transport_sockets/alts/tsi_socket.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" namespace Envoy { namespace Extensions { @@ -151,7 +151,9 @@ Network::PostIoAction TsiSocket::doHandshakeNextDone(NextResultPtr&& next_result frame_protector_ = std::make_unique(frame_protector); handshake_complete_ = true; - callbacks_->raiseEvent(Network::ConnectionEvent::Connected); + if (raw_write_buffer_.length() == 0) { + callbacks_->raiseEvent(Network::ConnectionEvent::Connected); + } } if (read_error_ || (!handshake_complete_ && end_stream_read_)) { @@ -167,8 +169,8 @@ Network::PostIoAction TsiSocket::doHandshakeNextDone(NextResultPtr&& next_result // Try to write raw buffer when next call is done, even this is not in do[Read|Write] stack. if (raw_write_buffer_.length() > 0) { Network::IoResult result = raw_buffer_socket_->doWrite(raw_write_buffer_, false); - if (handshake_complete_ && raw_write_buffer_.length() > 0) { - write_buffer_contains_handshake_bytes_ = true; + if (handshake_complete_ && result.action_ != Network::PostIoAction::Close) { + callbacks_->raiseEvent(Network::ConnectionEvent::Connected); } return result.action_; } @@ -266,13 +268,13 @@ Network::IoResult TsiSocket::doRead(Buffer::Instance& buffer) { Network::IoResult TsiSocket::repeatProtectAndWrite(Buffer::Instance& buffer, bool end_stream) { uint64_t total_bytes_written = 0; Network::IoResult result = {Network::PostIoAction::KeepOpen, 0, false}; - - ASSERT(!write_buffer_contains_handshake_bytes_); + // There should be no handshake bytes in raw_write_buffer_. + ASSERT(!(raw_write_buffer_.length() > 0 && prev_bytes_to_drain_ == 0)); while (true) { uint64_t bytes_to_drain_this_iteration = prev_bytes_to_drain_ > 0 ? prev_bytes_to_drain_ - : std::min(buffer.length(), actual_frame_size_to_use_ - frame_overhead_size_); + : std::min(buffer.length(), actual_frame_size_to_use_ - frame_overhead_size_); // Consumed all data. Exit. if (bytes_to_drain_this_iteration == 0) { break; @@ -327,8 +329,7 @@ Network::IoResult TsiSocket::doWrite(Buffer::Instance& buffer, bool end_stream) } else { ASSERT(frame_protector_); // Check if we need to flush outstanding handshake bytes. - if (write_buffer_contains_handshake_bytes_) { - ASSERT(raw_write_buffer_.length() > 0); + if (raw_write_buffer_.length() > 0 && prev_bytes_to_drain_ == 0) { ENVOY_CONN_LOG(debug, "TSI: raw_write length {} end_stream {}", callbacks_->connection(), raw_write_buffer_.length(), end_stream); Network::IoResult result = @@ -337,7 +338,6 @@ Network::IoResult TsiSocket::doWrite(Buffer::Instance& buffer, bool end_stream) if (raw_write_buffer_.length() > 0) { return {result.action_, 0, false}; } - write_buffer_contains_handshake_bytes_ = false; } return repeatProtectAndWrite(buffer, end_stream); } diff --git a/source/extensions/transport_sockets/alts/tsi_socket.h b/source/extensions/transport_sockets/alts/tsi_socket.h index 2d74b293d048..8784ddcc10f1 100644 --- a/source/extensions/transport_sockets/alts/tsi_socket.h +++ b/source/extensions/transport_sockets/alts/tsi_socket.h @@ -2,13 +2,12 @@ #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/watermark_buffer.h" -#include "common/network/raw_buffer_socket.h" - -#include "extensions/transport_sockets/alts/noop_transport_socket_callbacks.h" -#include "extensions/transport_sockets/alts/tsi_frame_protector.h" -#include "extensions/transport_sockets/alts/tsi_handshaker.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/extensions/transport_sockets/alts/noop_transport_socket_callbacks.h" +#include "source/extensions/transport_sockets/alts/tsi_frame_protector.h" +#include "source/extensions/transport_sockets/alts/tsi_handshaker.h" namespace Envoy { namespace Extensions { @@ -118,7 +117,6 @@ class TsiSocket : public Network::TransportSocket, bool handshake_complete_{}; bool end_stream_read_{}; bool read_error_{}; - bool write_buffer_contains_handshake_bytes_{}; uint64_t prev_bytes_to_drain_{}; }; diff --git a/source/extensions/transport_sockets/common/BUILD b/source/extensions/transport_sockets/common/BUILD index eee229da12fb..d333c0993f44 100644 --- a/source/extensions/transport_sockets/common/BUILD +++ b/source/extensions/transport_sockets/common/BUILD @@ -13,8 +13,8 @@ envoy_cc_library( srcs = ["passthrough.cc"], hdrs = ["passthrough.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", ], ) diff --git a/source/extensions/transport_sockets/common/passthrough.cc b/source/extensions/transport_sockets/common/passthrough.cc index 86fc282ed3e3..ba4f61d113e3 100644 --- a/source/extensions/transport_sockets/common/passthrough.cc +++ b/source/extensions/transport_sockets/common/passthrough.cc @@ -1,9 +1,9 @@ -#include "extensions/transport_sockets/common/passthrough.h" +#include "source/extensions/transport_sockets/common/passthrough.h" #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/common/passthrough.h b/source/extensions/transport_sockets/common/passthrough.h index 5c338af425a0..ed633024040c 100644 --- a/source/extensions/transport_sockets/common/passthrough.h +++ b/source/extensions/transport_sockets/common/passthrough.h @@ -3,7 +3,7 @@ #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/proxy_protocol/BUILD b/source/extensions/transport_sockets/proxy_protocol/BUILD index e268b828524c..c84e1932ebc6 100644 --- a/source/extensions/transport_sockets/proxy_protocol/BUILD +++ b/source/extensions/transport_sockets/proxy_protocol/BUILD @@ -13,15 +13,11 @@ envoy_cc_extension( name = "upstream_config", srcs = ["config.cc"], hdrs = ["config.h"], - category = ( - "envoy.transport_sockets.upstream", - ), - security_posture = "robust_to_untrusted_downstream_and_upstream", # header generated in Envoy, so can't be faked deps = [ ":upstream_proxy_protocol", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "//source/common/config:utility_lib", "@envoy_api//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg_cc_proto", ], @@ -32,8 +28,8 @@ envoy_cc_library( srcs = ["proxy_protocol.cc"], hdrs = ["proxy_protocol.h"], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/network:address_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", diff --git a/source/extensions/transport_sockets/proxy_protocol/config.cc b/source/extensions/transport_sockets/proxy_protocol/config.cc index e037263c8a4a..860fdb637c32 100644 --- a/source/extensions/transport_sockets/proxy_protocol/config.cc +++ b/source/extensions/transport_sockets/proxy_protocol/config.cc @@ -1,12 +1,11 @@ -#include "extensions/transport_sockets/proxy_protocol/config.h" +#include "source/extensions/transport_sockets/proxy_protocol/config.h" #include "envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.pb.h" #include "envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" - -#include "extensions/transport_sockets/proxy_protocol/proxy_protocol.h" +#include "source/common/config/utility.h" +#include "source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc index 3302d3de9214..503c7898981d 100644 --- a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc +++ b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc @@ -1,14 +1,13 @@ -#include "extensions/transport_sockets/proxy_protocol/proxy_protocol.h" +#include "source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h" #include #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" using envoy::config::core::v3::ProxyProtocolConfig; using envoy::config::core::v3::ProxyProtocolConfig_Version; @@ -51,7 +50,8 @@ void UpstreamProxyProtocolSocket::generateHeader() { } void UpstreamProxyProtocolSocket::generateHeaderV1() { - // Default to local addresses (used if no downstream connection exists e.g. health checks) + // Default to local addresses. Used if no downstream connection exists or + // downstream address info is not set e.g. health checks auto src_addr = callbacks_->connection().addressProvider().localAddress(); auto dst_addr = callbacks_->connection().addressProvider().remoteAddress(); diff --git a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h index c4c9a80f629e..05d787fcea8b 100644 --- a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h +++ b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h @@ -4,10 +4,9 @@ #include "envoy/network/connection.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" - -#include "extensions/transport_sockets/common/passthrough.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/extensions/transport_sockets/common/passthrough.h" using envoy::config::core::v3::ProxyProtocolConfig; using envoy::config::core::v3::ProxyProtocolConfig_Version; diff --git a/source/extensions/transport_sockets/raw_buffer/BUILD b/source/extensions/transport_sockets/raw_buffer/BUILD index 94a2bee0a980..5f27c78663cc 100644 --- a/source/extensions/transport_sockets/raw_buffer/BUILD +++ b/source/extensions/transport_sockets/raw_buffer/BUILD @@ -14,17 +14,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = ( - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - ), - security_posture = "requires_trusted_downstream_and_upstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ - "//include/envoy/network:transport_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "//source/common/network:raw_buffer_socket_lib", "@envoy_api//envoy/extensions/transport_sockets/raw_buffer/v3:pkg_cc_proto", ], diff --git a/source/extensions/transport_sockets/raw_buffer/config.cc b/source/extensions/transport_sockets/raw_buffer/config.cc index b77df99bc96b..04dc89663530 100644 --- a/source/extensions/transport_sockets/raw_buffer/config.cc +++ b/source/extensions/transport_sockets/raw_buffer/config.cc @@ -1,11 +1,11 @@ -#include "extensions/transport_sockets/raw_buffer/config.h" +#include "source/extensions/transport_sockets/raw_buffer/config.h" #include #include "envoy/extensions/transport_sockets/raw_buffer/v3/raw_buffer.pb.h" #include "envoy/extensions/transport_sockets/raw_buffer/v3/raw_buffer.pb.validate.h" -#include "common/network/raw_buffer_socket.h" +#include "source/common/network/raw_buffer_socket.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/starttls/BUILD b/source/extensions/transport_sockets/starttls/BUILD index f3414c9837e3..31fcfef60a36 100644 --- a/source/extensions/transport_sockets/starttls/BUILD +++ b/source/extensions/transport_sockets/starttls/BUILD @@ -15,17 +15,12 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = ( - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - ), - security_posture = "robust_to_untrusted_downstream_and_upstream", visibility = ["//visibility:public"], deps = [ ":starttls_socket_lib", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "//source/common/config:utility_lib", "@envoy_api//envoy/extensions/transport_sockets/starttls/v3:pkg_cc_proto", ], @@ -41,9 +36,9 @@ envoy_cc_library( "ssl", ], deps = [ - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", + "//envoy/stats:stats_macros", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:empty_string", diff --git a/source/extensions/transport_sockets/starttls/config.cc b/source/extensions/transport_sockets/starttls/config.cc index 2e06edd4ad4d..f4911dd3b89d 100644 --- a/source/extensions/transport_sockets/starttls/config.cc +++ b/source/extensions/transport_sockets/starttls/config.cc @@ -1,6 +1,6 @@ -#include "extensions/transport_sockets/starttls/config.h" +#include "source/extensions/transport_sockets/starttls/config.h" -#include "extensions/transport_sockets/starttls/starttls_socket.h" +#include "source/extensions/transport_sockets/starttls/starttls_socket.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/starttls/config.h b/source/extensions/transport_sockets/starttls/config.h index 2b5edbbef6d0..d60c9dbf0a50 100644 --- a/source/extensions/transport_sockets/starttls/config.h +++ b/source/extensions/transport_sockets/starttls/config.h @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/transport_socket_config.h" -#include "common/config/utility.h" +#include "source/common/config/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/starttls/starttls_socket.cc b/source/extensions/transport_sockets/starttls/starttls_socket.cc index c87df0748d76..17c73aec17fd 100644 --- a/source/extensions/transport_sockets/starttls/starttls_socket.cc +++ b/source/extensions/transport_sockets/starttls/starttls_socket.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/starttls/starttls_socket.h" +#include "source/extensions/transport_sockets/starttls/starttls_socket.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/starttls/starttls_socket.h b/source/extensions/transport_sockets/starttls/starttls_socket.h index 616502b08bfa..6583cc6a4e85 100644 --- a/source/extensions/transport_sockets/starttls/starttls_socket.h +++ b/source/extensions/transport_sockets/starttls/starttls_socket.h @@ -6,8 +6,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/BUILD b/source/extensions/transport_sockets/tap/BUILD index e97cb4f1255c..47437466ea2c 100644 --- a/source/extensions/transport_sockets/tap/BUILD +++ b/source/extensions/transport_sockets/tap/BUILD @@ -15,7 +15,7 @@ envoy_cc_library( name = "tap_config_interface", hdrs = ["tap_config.h"], deps = [ - "//include/envoy/network:connection_interface", + "//envoy/network:connection_interface", "//source/extensions/common/tap:tap_interface", ], ) @@ -39,7 +39,7 @@ envoy_cc_library( hdrs = ["tap.h"], deps = [ ":tap_config_interface", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/extensions/common/tap:extension_config_base", "//source/extensions/transport_sockets/common:passthrough_lib", @@ -51,23 +51,17 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = ( - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - ), # TODO(#9953) clean up. extra_visibility = [ "//test/common/access_log:__subpackages__", - "//test/integration:__subpackages__", + "//test/extensions/transport_sockets/tls/integration:__subpackages__", ], - security_posture = "requires_trusted_downstream_and_upstream", - status = "alpha", deps = [ ":tap_config_impl", ":tap_lib", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/config/tap/v3:pkg_cc_proto", diff --git a/source/extensions/transport_sockets/tap/config.cc b/source/extensions/transport_sockets/tap/config.cc index 9c49f2b8a3bc..f389c8633c22 100644 --- a/source/extensions/transport_sockets/tap/config.cc +++ b/source/extensions/transport_sockets/tap/config.cc @@ -1,15 +1,14 @@ -#include "extensions/transport_sockets/tap/config.h" +#include "source/extensions/transport_sockets/tap/config.h" #include "envoy/config/tap/v3/common.pb.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/transport_sockets/tap/tap.h" -#include "extensions/transport_sockets/tap/tap_config_impl.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/transport_sockets/tap/tap.h" +#include "source/extensions/transport_sockets/tap/tap_config_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/tap.cc b/source/extensions/transport_sockets/tap/tap.cc index 2f58c23703ce..4d69a01bda95 100644 --- a/source/extensions/transport_sockets/tap/tap.cc +++ b/source/extensions/transport_sockets/tap/tap.cc @@ -1,8 +1,8 @@ -#include "extensions/transport_sockets/tap/tap.h" +#include "source/extensions/transport_sockets/tap/tap.h" #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/tap.h b/source/extensions/transport_sockets/tap/tap.h index 2971c3e846ba..745b8f0a8c4e 100644 --- a/source/extensions/transport_sockets/tap/tap.h +++ b/source/extensions/transport_sockets/tap/tap.h @@ -4,9 +4,9 @@ #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "envoy/network/transport_socket.h" -#include "extensions/common/tap/extension_config_base.h" -#include "extensions/transport_sockets/common/passthrough.h" -#include "extensions/transport_sockets/tap/tap_config.h" +#include "source/extensions/common/tap/extension_config_base.h" +#include "source/extensions/transport_sockets/common/passthrough.h" +#include "source/extensions/transport_sockets/tap/tap_config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/tap_config.h b/source/extensions/transport_sockets/tap/tap_config.h index 8cbd431db0fe..da0436eb8126 100644 --- a/source/extensions/transport_sockets/tap/tap_config.h +++ b/source/extensions/transport_sockets/tap/tap_config.h @@ -2,7 +2,7 @@ #include "envoy/network/connection.h" -#include "extensions/common/tap/tap.h" +#include "source/extensions/common/tap/tap.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/tap_config_impl.cc b/source/extensions/transport_sockets/tap/tap_config_impl.cc index 4e817ebba294..7855df9273ff 100644 --- a/source/extensions/transport_sockets/tap/tap_config_impl.cc +++ b/source/extensions/transport_sockets/tap/tap_config_impl.cc @@ -1,9 +1,9 @@ -#include "extensions/transport_sockets/tap/tap_config_impl.h" +#include "source/extensions/transport_sockets/tap/tap_config_impl.h" #include "envoy/data/tap/v3/transport.pb.h" -#include "common/common/assert.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tap/tap_config_impl.h b/source/extensions/transport_sockets/tap/tap_config_impl.h index fc883bffa5b7..cf715c3df973 100644 --- a/source/extensions/transport_sockets/tap/tap_config_impl.h +++ b/source/extensions/transport_sockets/tap/tap_config_impl.h @@ -4,8 +4,8 @@ #include "envoy/data/tap/v3/transport.pb.h" #include "envoy/event/timer.h" -#include "extensions/common/tap/tap_config_base.h" -#include "extensions/transport_sockets/tap/tap_config.h" +#include "source/extensions/common/tap/tap_config_base.h" +#include "source/extensions/transport_sockets/tap/tap_config.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/BUILD b/source/extensions/transport_sockets/tls/BUILD index 29dfa2be2a9d..91deb5c164bf 100644 --- a/source/extensions/transport_sockets/tls/BUILD +++ b/source/extensions/transport_sockets/tls/BUILD @@ -15,18 +15,13 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = ( - "envoy.transport_sockets.downstream", - "envoy.transport_sockets.upstream", - ), - security_posture = "robust_to_untrusted_downstream_and_upstream", # TLS is core functionality. visibility = ["//visibility:public"], deps = [ ":ssl_socket_lib", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/network:transport_socket_interface", + "//envoy/registry", + "//envoy/server:transport_socket_config_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) @@ -39,14 +34,14 @@ envoy_cc_library( deps = [ ":context_lib", ":utility_lib", - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/ssl:handshaker_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", - "//include/envoy/ssl:ssl_socket_state", - "//include/envoy/ssl/private_key:private_key_callbacks_interface", - "//include/envoy/ssl/private_key:private_key_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", + "//envoy/ssl:handshaker_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl:ssl_socket_state", + "//envoy/ssl/private_key:private_key_callbacks_interface", + "//envoy/ssl/private_key:private_key_interface", + "//envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", @@ -61,8 +56,8 @@ envoy_cc_library( hdrs = ["io_handle_bio.h"], external_deps = ["ssl"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:io_handle_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:io_handle_interface", ], ) @@ -85,14 +80,14 @@ envoy_cc_library( ":io_handle_bio_lib", ":ssl_handshaker_lib", ":utility_lib", - "//include/envoy/network:connection_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/ssl:handshaker_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", - "//include/envoy/ssl:ssl_socket_state", - "//include/envoy/ssl/private_key:private_key_callbacks_interface", - "//include/envoy/ssl/private_key:private_key_interface", - "//include/envoy/stats:stats_macros", + "//envoy/network:connection_interface", + "//envoy/network:transport_socket_interface", + "//envoy/ssl:handshaker_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl:ssl_socket_state", + "//envoy/ssl/private_key:private_key_callbacks_interface", + "//envoy/ssl/private_key:private_key_interface", + "//envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:minimal_logger_lib", @@ -112,10 +107,10 @@ envoy_cc_library( visibility = ["//visibility:public"], deps = [ ":ssl_handshaker_lib", - "//include/envoy/secret:secret_callbacks_interface", - "//include/envoy/secret:secret_provider_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:context_config_interface", + "//envoy/secret:secret_callbacks_interface", + "//envoy/secret:secret_provider_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:context_config_interface", "//source/common/common:assert_lib", "//source/common/common:empty_string", "//source/common/common:matchers_lib", @@ -149,13 +144,13 @@ envoy_cc_library( deps = [ ":stats_lib", ":utility_lib", - "//include/envoy/ssl:context_config_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", - "//include/envoy/ssl/private_key:private_key_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/ssl:context_config_interface", + "//envoy/ssl:context_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl/private_key:private_key_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/common:assert_lib", "//source/common/common:base64_lib", "//source/common/common:hex_lib", @@ -181,8 +176,8 @@ envoy_cc_library( "ssl", ], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_interface", + "//envoy/stats:stats_macros", "//source/common/stats:symbol_table_lib", "//source/common/stats:utility_lib", ], diff --git a/source/extensions/transport_sockets/tls/cert_validator/BUILD b/source/extensions/transport_sockets/tls/cert_validator/BUILD index de0fbd42c08c..6fcffd4d9e5f 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/BUILD +++ b/source/extensions/transport_sockets/tls/cert_validator/BUILD @@ -20,7 +20,6 @@ envoy_cc_library( "default_validator.h", "factory.h", "utility.h", - "well_known_names.h", ], external_deps = [ "ssl", @@ -29,8 +28,8 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/ssl:context_config_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl:context_config_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", "//source/common/common:assert_lib", "//source/common/common:base64_lib", "//source/common/common:hex_lib", diff --git a/source/extensions/transport_sockets/tls/cert_validator/cert_validator.h b/source/extensions/transport_sockets/tls/cert_validator/cert_validator.h index 9b55c1cf6fa1..efec7cb3aa4e 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/cert_validator.h +++ b/source/extensions/transport_sockets/tls/cert_validator/cert_validator.h @@ -13,10 +13,9 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/common/matchers.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/matchers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "openssl/ssl.h" #include "openssl/x509v3.h" diff --git a/source/extensions/transport_sockets/tls/cert_validator/default_validator.cc b/source/extensions/transport_sockets/tls/cert_validator/default_validator.cc index 001f93286d82..06fa51331293 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/default_validator.cc +++ b/source/extensions/transport_sockets/tls/cert_validator/default_validator.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/cert_validator/default_validator.h" +#include "source/extensions/transport_sockets/tls/cert_validator/default_validator.h" #include #include @@ -12,24 +12,22 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/common/matchers.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" - -#include "extensions/transport_sockets/tls/cert_validator/cert_validator.h" -#include "extensions/transport_sockets/tls/cert_validator/factory.h" -#include "extensions/transport_sockets/tls/cert_validator/utility.h" -#include "extensions/transport_sockets/tls/cert_validator/well_known_names.h" -#include "extensions/transport_sockets/tls/stats.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/common/matchers.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" +#include "source/extensions/transport_sockets/tls/cert_validator/cert_validator.h" +#include "source/extensions/transport_sockets/tls/cert_validator/factory.h" +#include "source/extensions/transport_sockets/tls/cert_validator/utility.h" +#include "source/extensions/transport_sockets/tls/stats.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/synchronization/mutex.h" #include "openssl/ssl.h" @@ -145,11 +143,6 @@ int DefaultCertValidator::initializeSslContexts(std::vector contexts, const Envoy::Ssl::CertificateValidationContextConfig* cert_validation_config = config_; if (cert_validation_config != nullptr) { - if (!cert_validation_config->verifySubjectAltNameList().empty()) { - verify_subject_alt_name_list_ = cert_validation_config->verifySubjectAltNameList(); - verify_mode = verify_mode_validation_context; - } - if (!cert_validation_config->subjectAltNameMatchers().empty()) { for (const envoy::type::matcher::v3::StringMatcher& matcher : cert_validation_config->subjectAltNameMatchers()) { @@ -206,13 +199,12 @@ int DefaultCertValidator::doVerifyCertChain( } } - Envoy::Ssl::ClientValidationStatus validated = verifyCertificate( - &leaf_cert, - transport_socket_options && - !transport_socket_options->verifySubjectAltNameListOverride().empty() - ? transport_socket_options->verifySubjectAltNameListOverride() - : verify_subject_alt_name_list_, - subject_alt_name_matchers_); + Envoy::Ssl::ClientValidationStatus validated = + verifyCertificate(&leaf_cert, + transport_socket_options != nullptr + ? transport_socket_options->verifySubjectAltNameListOverride() + : std::vector{}, + subject_alt_name_matchers_); if (ssl_extended_info) { if (ssl_extended_info->certificateValidationStatus() == @@ -240,9 +232,12 @@ Envoy::Ssl::ClientValidationStatus DefaultCertValidator::verifyCertificate( validated = Envoy::Ssl::ClientValidationStatus::Validated; } - if (!subject_alt_name_matchers.empty() && !matchSubjectAltName(cert, subject_alt_name_matchers)) { - stats_.fail_verify_san_.inc(); - return Envoy::Ssl::ClientValidationStatus::Failed; + if (!subject_alt_name_matchers.empty()) { + if (!matchSubjectAltName(cert, subject_alt_name_matchers)) { + stats_.fail_verify_san_.inc(); + return Envoy::Ssl::ClientValidationStatus::Failed; + } + validated = Envoy::Ssl::ClientValidationStatus::Validated; } if (!verify_certificate_hash_list_.empty() || !verify_certificate_spki_list_.empty()) { @@ -383,12 +378,6 @@ void DefaultCertValidator::updateDigestForSessionId(bssl::ScopedEVP_MD_CTX& md, rc = EVP_DigestUpdate(md.get(), hash_buffer, hash_length); RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); - - // verify_subject_alt_name_list_ can only be set with a ca_cert - for (const std::string& name : verify_subject_alt_name_list_) { - rc = EVP_DigestUpdate(md.get(), name.data(), name.size()); - RELEASE_ASSERT(rc == 1, Utility::getLastCryptoError().value_or("")); - } } for (const auto& hash : verify_certificate_hash_list_) { @@ -472,7 +461,7 @@ class DefaultCertValidatorFactory : public CertValidatorFactory { return std::make_unique(config, stats, time_source); } - absl::string_view name() override { return CertValidatorNames::get().Default; } + absl::string_view name() override { return "envoy.tls.cert_validator.default"; } }; REGISTER_FACTORY(DefaultCertValidatorFactory, CertValidatorFactory); diff --git a/source/extensions/transport_sockets/tls/cert_validator/default_validator.h b/source/extensions/transport_sockets/tls/cert_validator/default_validator.h index ee5f655bae3f..fb7e7acab1f4 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/default_validator.h +++ b/source/extensions/transport_sockets/tls/cert_validator/default_validator.h @@ -14,11 +14,10 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/common/matchers.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/cert_validator/cert_validator.h" -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/matchers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/cert_validator/cert_validator.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "absl/synchronization/mutex.h" #include "openssl/ssl.h" @@ -117,7 +116,6 @@ class DefaultCertValidator : public CertValidator { std::vector subject_alt_name_matchers_; std::vector> verify_certificate_hash_list_; std::vector> verify_certificate_spki_list_; - std::vector verify_subject_alt_name_list_; bool verify_trusted_ca_{false}; }; diff --git a/source/extensions/transport_sockets/tls/cert_validator/factory.cc b/source/extensions/transport_sockets/tls/cert_validator/factory.cc index 349b04e260b4..b17d5b338536 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/factory.cc +++ b/source/extensions/transport_sockets/tls/cert_validator/factory.cc @@ -1,9 +1,7 @@ -#include "extensions/transport_sockets/tls/cert_validator/factory.h" +#include "source/extensions/transport_sockets/tls/cert_validator/factory.h" #include "envoy/ssl/context_config.h" -#include "extensions/transport_sockets/tls/cert_validator/well_known_names.h" - namespace Envoy { namespace Extensions { namespace TransportSockets { @@ -12,7 +10,7 @@ namespace Tls { std::string getCertValidatorName(const Envoy::Ssl::CertificateValidationContextConfig* config) { return config != nullptr && config->customValidatorConfig().has_value() ? config->customValidatorConfig().value().name() - : CertValidatorNames::get().Default; + : "envoy.tls.cert_validator.default"; }; } // namespace Tls diff --git a/source/extensions/transport_sockets/tls/cert_validator/factory.h b/source/extensions/transport_sockets/tls/cert_validator/factory.h index 590bf15fcde9..9a1689ab1713 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/factory.h +++ b/source/extensions/transport_sockets/tls/cert_validator/factory.h @@ -3,10 +3,9 @@ #include "envoy/common/pure.h" #include "envoy/ssl/context_config.h" -#include "common/common/utility.h" - -#include "extensions/transport_sockets/tls/cert_validator/cert_validator.h" -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/utility.h" +#include "source/extensions/transport_sockets/tls/cert_validator/cert_validator.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "absl/strings/string_view.h" diff --git a/source/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD b/source/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD index d6f74254f3a0..a0723eb783f2 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD +++ b/source/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD @@ -16,18 +16,15 @@ envoy_cc_extension( hdrs = [ "spiffe_validator.h", ], - category = "envoy.tls.cert_validator", external_deps = [ "ssl", "abseil_base", "abseil_hash", ], - security_posture = "unknown", - status = "wip", visibility = ["//visibility:public"], deps = [ - "//include/envoy/ssl:context_config_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl:context_config_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", "//source/common/common:assert_lib", "//source/common/common:base64_lib", "//source/common/common:c_smart_ptr_lib", diff --git a/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.cc b/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.cc index f7d5639d4027..bebf2a3067f9 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.cc +++ b/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h" +#include "source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h" #include "envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.pb.h" #include "envoy/network/transport_socket.h" @@ -6,16 +6,14 @@ #include "envoy/ssl/context_config.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/config/datasource.h" -#include "common/config/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/cert_validator/factory.h" -#include "extensions/transport_sockets/tls/cert_validator/utility.h" -#include "extensions/transport_sockets/tls/cert_validator/well_known_names.h" -#include "extensions/transport_sockets/tls/stats.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/config/datasource.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/cert_validator/factory.h" +#include "source/extensions/transport_sockets/tls/cert_validator/utility.h" +#include "source/extensions/transport_sockets/tls/stats.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "openssl/ssl.h" #include "openssl/x509v3.h" @@ -285,7 +283,7 @@ class SPIFFEValidatorFactory : public CertValidatorFactory { return std::make_unique(config, stats, time_source); } - absl::string_view name() override { return CertValidatorNames::get().SPIFFE; } + absl::string_view name() override { return "envoy.tls.cert_validator.spiffe"; } }; REGISTER_FACTORY(SPIFFEValidatorFactory, CertValidatorFactory); diff --git a/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h b/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h index 55b2fa3cc05b..fc3a045d0255 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h +++ b/source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h @@ -13,12 +13,11 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/common/c_smart_ptr.h" -#include "common/common/matchers.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/cert_validator/cert_validator.h" -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/common/matchers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/cert_validator/cert_validator.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "openssl/ssl.h" #include "openssl/x509v3.h" diff --git a/source/extensions/transport_sockets/tls/cert_validator/utility.cc b/source/extensions/transport_sockets/tls/cert_validator/utility.cc index 53a3fd41ecea..fac07fe3aeac 100644 --- a/source/extensions/transport_sockets/tls/cert_validator/utility.cc +++ b/source/extensions/transport_sockets/tls/cert_validator/utility.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/cert_validator/utility.h" +#include "source/extensions/transport_sockets/tls/cert_validator/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/cert_validator/well_known_names.h b/source/extensions/transport_sockets/tls/cert_validator/well_known_names.h deleted file mode 100644 index 226830cd514c..000000000000 --- a/source/extensions/transport_sockets/tls/cert_validator/well_known_names.h +++ /dev/null @@ -1,29 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace TransportSockets { -namespace Tls { - -/** - * Well-known certificate validator's names. - */ -class CertValidatorValues { -public: - // default certificate validator - const std::string Default = "envoy.tls.cert_validator.default"; - - // SPIFFE(https://github.com/spiffe/spiffe) - const std::string SPIFFE = "envoy.tls.cert_validator.spiffe"; -}; - -using CertValidatorNames = ConstSingleton; - -} // namespace Tls -} // namespace TransportSockets -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/transport_sockets/tls/config.cc b/source/extensions/transport_sockets/tls/config.cc index c743f5f6def8..4f4d46526c1f 100644 --- a/source/extensions/transport_sockets/tls/config.cc +++ b/source/extensions/transport_sockets/tls/config.cc @@ -1,12 +1,11 @@ -#include "extensions/transport_sockets/tls/config.h" +#include "source/extensions/transport_sockets/tls/config.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" -#include "common/protobuf/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/context_config_impl.cc b/source/extensions/transport_sockets/tls/context_config_impl.cc index 40f113c95fef..4dae255fa1c3 100644 --- a/source/extensions/transport_sockets/tls/context_config_impl.cc +++ b/source/extensions/transport_sockets/tls/context_config_impl.cc @@ -1,18 +1,17 @@ -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" #include #include #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" -#include "common/protobuf/utility.h" -#include "common/secret/sds_api.h" -#include "common/ssl/certificate_validation_context_config_impl.h" - -#include "extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/common/protobuf/utility.h" +#include "source/common/secret/sds_api.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" #include "openssl/ssl.h" @@ -26,8 +25,8 @@ namespace { std::vector getTlsCertificateConfigProviders( const envoy::extensions::transport_sockets::tls::v3::CommonTlsContext& config, Server::Configuration::TransportSocketFactoryContext& factory_context) { + std::vector providers; if (!config.tls_certificates().empty()) { - std::vector providers; for (const auto& tls_certificate : config.tls_certificates()) { if (!tls_certificate.has_private_key_provider() && !tls_certificate.has_certificate_chain() && !tls_certificate.has_private_key()) { @@ -39,20 +38,22 @@ std::vector getTlsCertificateConf return providers; } if (!config.tls_certificate_sds_secret_configs().empty()) { - const auto& sds_secret_config = config.tls_certificate_sds_secret_configs(0); - if (sds_secret_config.has_sds_config()) { - // Fetch dynamic secret. - return {factory_context.secretManager().findOrCreateTlsCertificateProvider( - sds_secret_config.sds_config(), sds_secret_config.name(), factory_context)}; - } else { - // Load static secret. - auto secret_provider = factory_context.secretManager().findStaticTlsCertificateProvider( - sds_secret_config.name()); - if (!secret_provider) { - throw EnvoyException(fmt::format("Unknown static secret: {}", sds_secret_config.name())); + for (const auto& sds_secret_config : config.tls_certificate_sds_secret_configs()) { + if (sds_secret_config.has_sds_config()) { + // Fetch dynamic secret. + providers.push_back(factory_context.secretManager().findOrCreateTlsCertificateProvider( + sds_secret_config.sds_config(), sds_secret_config.name(), factory_context)); + } else { + // Load static secret. + auto secret_provider = factory_context.secretManager().findStaticTlsCertificateProvider( + sds_secret_config.name()); + if (!secret_provider) { + throw EnvoyException(fmt::format("Unknown static secret: {}", sds_secret_config.name())); + } + providers.push_back(secret_provider); } - return {secret_provider}; } + return providers; } return {}; } @@ -247,25 +248,27 @@ Ssl::CertificateValidationContextConfigPtr ContextConfigImpl::getCombinedValidat } void ContextConfigImpl::setSecretUpdateCallback(std::function callback) { - if (!tls_certificate_providers_.empty()) { - // Once tls_certificate_config_ receives new secret, this callback updates - // ContextConfigImpl::tls_certificate_config_ with new secret. - tc_update_callback_handle_ = - tls_certificate_providers_[0]->addUpdateCallback([this, callback]() { - // This breaks multiple certificate support, but today SDS is only single cert. - // TODO(htuch): Fix this when SDS goes multi-cert. + // When any of tls_certificate_providers_ receives a new secret, this callback updates + // ContextConfigImpl::tls_certificate_configs_ with new secret. + for (const auto& tls_certificate_provider : tls_certificate_providers_) { + tc_update_callback_handles_.push_back( + tls_certificate_provider->addUpdateCallback([this, callback]() { tls_certificate_configs_.clear(); - tls_certificate_configs_.emplace_back(*tls_certificate_providers_[0]->secret(), nullptr, - api_); + for (const auto& tls_certificate_provider : tls_certificate_providers_) { + auto* secret = tls_certificate_provider->secret(); + if (secret != nullptr) { + tls_certificate_configs_.emplace_back(*secret, nullptr, api_); + } + } callback(); - }); + })); } if (certificate_validation_context_provider_) { if (default_cvc_) { // Once certificate_validation_context_provider_ receives new secret, this callback updates // ContextConfigImpl::validation_context_config_ with a combined certificate validation - // context. The combined certificate validation context is created by merging new secret into - // default_cvc_. + // context. The combined certificate validation context is created by merging new secret + // into default_cvc_. cvc_update_callback_handle_ = certificate_validation_context_provider_->addUpdateCallback([this, callback]() { validation_context_config_ = getCombinedValidationContextConfig( diff --git a/source/extensions/transport_sockets/tls/context_config_impl.h b/source/extensions/transport_sockets/tls/context_config_impl.h index 85ef556d874b..7dcbb0ea8681 100644 --- a/source/extensions/transport_sockets/tls/context_config_impl.h +++ b/source/extensions/transport_sockets/tls/context_config_impl.h @@ -9,9 +9,9 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/ssl/context_config.h" -#include "common/common/empty_string.h" -#include "common/json/json_loader.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/json/json_loader.h" +#include "source/common/ssl/tls_certificate_config_impl.h" namespace Envoy { namespace Extensions { @@ -87,7 +87,7 @@ class ContextConfigImpl : public virtual Ssl::ContextConfig { default_cvc_; std::vector tls_certificate_providers_; // Handle for TLS certificate dynamic secret callback. - Envoy::Common::CallbackHandlePtr tc_update_callback_handle_; + std::vector tc_update_callback_handles_; Secret::CertificateValidationContextConfigProviderSharedPtr certificate_validation_context_provider_; // Handle for certificate validation context dynamic secret callback. diff --git a/source/extensions/transport_sockets/tls/context_impl.cc b/source/extensions/transport_sockets/tls/context_impl.cc index 29c82704c8ea..378097a1aca7 100644 --- a/source/extensions/transport_sockets/tls/context_impl.cc +++ b/source/extensions/transport_sockets/tls/context_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" #include #include @@ -12,19 +12,18 @@ #include "envoy/stats/scope.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/fmt.h" -#include "common/common/hex.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" -#include "common/stats/utility.h" - -#include "extensions/transport_sockets/tls/cert_validator/factory.h" -#include "extensions/transport_sockets/tls/stats.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/fmt.h" +#include "source/common/common/hex.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/stats/utility.h" +#include "source/extensions/transport_sockets/tls/cert_validator/factory.h" +#include "source/extensions/transport_sockets/tls/stats.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_set.h" #include "absl/strings/match.h" diff --git a/source/extensions/transport_sockets/tls/context_impl.h b/source/extensions/transport_sockets/tls/context_impl.h index 87c830184fe3..a3b981b68eb6 100644 --- a/source/extensions/transport_sockets/tls/context_impl.h +++ b/source/extensions/transport_sockets/tls/context_impl.h @@ -14,13 +14,12 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/matchers.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/cert_validator/cert_validator.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ocsp/ocsp.h" -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/matchers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/cert_validator/cert_validator.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ocsp/ocsp.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "absl/synchronization/mutex.h" #include "openssl/ssl.h" diff --git a/source/extensions/transport_sockets/tls/context_manager_impl.cc b/source/extensions/transport_sockets/tls/context_manager_impl.cc index fd0eefe761ea..7c83121892f2 100644 --- a/source/extensions/transport_sockets/tls/context_manager_impl.cc +++ b/source/extensions/transport_sockets/tls/context_manager_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include #include @@ -6,9 +6,8 @@ #include "envoy/stats/scope.h" -#include "common/common/assert.h" - -#include "extensions/transport_sockets/tls/context_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/context_manager_impl.h b/source/extensions/transport_sockets/tls/context_manager_impl.h index 3b680fc91c75..eb8914fc0009 100644 --- a/source/extensions/transport_sockets/tls/context_manager_impl.h +++ b/source/extensions/transport_sockets/tls/context_manager_impl.h @@ -8,7 +8,7 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/stats/scope.h" -#include "extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" +#include "source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/io_handle_bio.cc b/source/extensions/transport_sockets/tls/io_handle_bio.cc index e4867e95c623..f7ede00cd45a 100644 --- a/source/extensions/transport_sockets/tls/io_handle_bio.cc +++ b/source/extensions/transport_sockets/tls/io_handle_bio.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/io_handle_bio.h" +#include "source/extensions/transport_sockets/tls/io_handle_bio.h" #include "envoy/buffer/buffer.h" #include "envoy/network/io_handle.h" diff --git a/source/extensions/transport_sockets/tls/ocsp/BUILD b/source/extensions/transport_sockets/tls/ocsp/BUILD index e2995afd45cd..70b250cffe15 100644 --- a/source/extensions/transport_sockets/tls/ocsp/BUILD +++ b/source/extensions/transport_sockets/tls/ocsp/BUILD @@ -15,8 +15,8 @@ envoy_cc_library( repository = "", deps = [ ":asn1_utility_lib", - "//include/envoy/common:time_interface", - "//include/envoy/ssl:context_config_interface", + "//envoy/common:time_interface", + "//envoy/ssl:context_config_interface", "//source/extensions/transport_sockets/tls:utility_lib", ], ) @@ -27,8 +27,8 @@ envoy_cc_library( hdrs = ["asn1_utility.h"], repository = "", deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/ssl:context_config_interface", + "//envoy/common:time_interface", + "//envoy/ssl:context_config_interface", "//source/common/common:c_smart_ptr_lib", ], ) diff --git a/source/extensions/transport_sockets/tls/ocsp/asn1_utility.cc b/source/extensions/transport_sockets/tls/ocsp/asn1_utility.cc index 3da51ed7e9f3..e152cf8d0f1f 100644 --- a/source/extensions/transport_sockets/tls/ocsp/asn1_utility.cc +++ b/source/extensions/transport_sockets/tls/ocsp/asn1_utility.cc @@ -1,6 +1,6 @@ -#include "extensions/transport_sockets/tls/ocsp/asn1_utility.h" +#include "source/extensions/transport_sockets/tls/ocsp/asn1_utility.h" -#include "common/common/c_smart_ptr.h" +#include "source/common/common/c_smart_ptr.h" #include "absl/strings/ascii.h" diff --git a/source/extensions/transport_sockets/tls/ocsp/asn1_utility.h b/source/extensions/transport_sockets/tls/ocsp/asn1_utility.h index 05bea0c2d19b..061b0fc5f7a9 100644 --- a/source/extensions/transport_sockets/tls/ocsp/asn1_utility.h +++ b/source/extensions/transport_sockets/tls/ocsp/asn1_utility.h @@ -7,7 +7,7 @@ #include "envoy/common/exception.h" #include "envoy/common/time.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/types/optional.h" #include "absl/types/variant.h" diff --git a/source/extensions/transport_sockets/tls/ocsp/ocsp.cc b/source/extensions/transport_sockets/tls/ocsp/ocsp.cc index 32410365916f..0e493685ab70 100644 --- a/source/extensions/transport_sockets/tls/ocsp/ocsp.cc +++ b/source/extensions/transport_sockets/tls/ocsp/ocsp.cc @@ -1,9 +1,8 @@ -#include "extensions/transport_sockets/tls/ocsp/ocsp.h" +#include "source/extensions/transport_sockets/tls/ocsp/ocsp.h" -#include "common/common/utility.h" - -#include "extensions/transport_sockets/tls/ocsp/asn1_utility.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/utility.h" +#include "source/extensions/transport_sockets/tls/ocsp/asn1_utility.h" +#include "source/extensions/transport_sockets/tls/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/transport_sockets/tls/private_key/BUILD b/source/extensions/transport_sockets/tls/private_key/BUILD index f6163ca64012..3d9a42a78c76 100644 --- a/source/extensions/transport_sockets/tls/private_key/BUILD +++ b/source/extensions/transport_sockets/tls/private_key/BUILD @@ -17,10 +17,10 @@ envoy_cc_library( "private_key_manager_impl.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/registry", - "//include/envoy/ssl/private_key:private_key_config_interface", - "//include/envoy/ssl/private_key:private_key_interface", + "//envoy/event:dispatcher_interface", + "//envoy/registry", + "//envoy/ssl/private_key:private_key_config_interface", + "//envoy/ssl/private_key:private_key_interface", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.cc b/source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.cc index b7103768ce9c..f886beeaa96e 100644 --- a/source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.cc +++ b/source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" +#include "source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/registry/registry.h" diff --git a/source/extensions/transport_sockets/tls/ssl_handshaker.cc b/source/extensions/transport_sockets/tls/ssl_handshaker.cc index 766454bbd879..5361d7b42bc4 100644 --- a/source/extensions/transport_sockets/tls/ssl_handshaker.cc +++ b/source/extensions/transport_sockets/tls/ssl_handshaker.cc @@ -1,13 +1,12 @@ -#include "extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/hex.h" -#include "common/http/headers.h" - -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/hex.h" +#include "source/common/http/headers.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/strings/str_replace.h" #include "openssl/err.h" diff --git a/source/extensions/transport_sockets/tls/ssl_handshaker.h b/source/extensions/transport_sockets/tls/ssl_handshaker.h index ec43d5a784d5..81577c818174 100644 --- a/source/extensions/transport_sockets/tls/ssl_handshaker.h +++ b/source/extensions/transport_sockets/tls/ssl_handshaker.h @@ -13,9 +13,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/logger.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_map.h" #include "absl/synchronization/mutex.h" diff --git a/source/extensions/transport_sockets/tls/ssl_socket.cc b/source/extensions/transport_sockets/tls/ssl_socket.cc index b7d8a8563512..98c2989b57bf 100644 --- a/source/extensions/transport_sockets/tls/ssl_socket.cc +++ b/source/extensions/transport_sockets/tls/ssl_socket.cc @@ -1,16 +1,15 @@ -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/hex.h" -#include "common/http/headers.h" -#include "common/runtime/runtime_features.h" - -#include "extensions/transport_sockets/tls/io_handle_bio.h" -#include "extensions/transport_sockets/tls/ssl_handshaker.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/hex.h" +#include "source/common/http/headers.h" +#include "source/common/runtime/runtime_features.h" +#include "source/extensions/transport_sockets/tls/io_handle_bio.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/strings/str_replace.h" #include "openssl/err.h" diff --git a/source/extensions/transport_sockets/tls/ssl_socket.h b/source/extensions/transport_sockets/tls/ssl_socket.h index 203fbe707849..217c7abcff06 100644 --- a/source/extensions/transport_sockets/tls/ssl_socket.h +++ b/source/extensions/transport_sockets/tls/ssl_socket.h @@ -13,11 +13,10 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" -#include "common/common/logger.h" - -#include "extensions/transport_sockets/tls/context_impl.h" -#include "extensions/transport_sockets/tls/ssl_handshaker.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/logger.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "absl/container/node_hash_map.h" #include "absl/synchronization/mutex.h" diff --git a/source/extensions/transport_sockets/tls/stats.cc b/source/extensions/transport_sockets/tls/stats.cc index f162e9db7512..5a5cdc86c054 100644 --- a/source/extensions/transport_sockets/tls/stats.cc +++ b/source/extensions/transport_sockets/tls/stats.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/tls/stats.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "envoy/stats/scope.h" #include "envoy/stats/stats_macros.h" diff --git a/source/extensions/transport_sockets/tls/utility.cc b/source/extensions/transport_sockets/tls/utility.cc index 10688dd6052b..cbc6739c0299 100644 --- a/source/extensions/transport_sockets/tls/utility.cc +++ b/source/extensions/transport_sockets/tls/utility.cc @@ -1,10 +1,10 @@ -#include "extensions/transport_sockets/tls/utility.h" +#include "source/extensions/transport_sockets/tls/utility.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/safe_memcpy.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" #include "absl/strings/str_join.h" #include "openssl/x509v3.h" @@ -14,6 +14,31 @@ namespace Extensions { namespace TransportSockets { namespace Tls { +#if BORINGSSL_API_VERSION < 10 +static constexpr absl::string_view SSL_ERROR_NONE_MESSAGE = "NONE"; +static constexpr absl::string_view SSL_ERROR_SSL_MESSAGE = "SSL"; +static constexpr absl::string_view SSL_ERROR_WANT_READ_MESSAGE = "WANT_READ"; +static constexpr absl::string_view SSL_ERROR_WANT_WRITE_MESSAGE = "WANT_WRITE"; +static constexpr absl::string_view SSL_ERROR_WANT_X509_LOOPUP_MESSAGE = "WANT_X509_LOOKUP"; +static constexpr absl::string_view SSL_ERROR_SYSCALL_MESSAGE = "SYSCALL"; +static constexpr absl::string_view SSL_ERROR_ZERO_RETURN_MESSAGE = "ZERO_RETURN"; +static constexpr absl::string_view SSL_ERROR_WANT_CONNECT_MESSAGE = "WANT_CONNECT"; +static constexpr absl::string_view SSL_ERROR_WANT_ACCEPT_MESSAGE = "WANT_ACCEPT"; +static constexpr absl::string_view SSL_ERROR_WANT_CHANNEL_ID_LOOKUP_MESSAGE = + "WANT_CHANNEL_ID_LOOKUP"; +static constexpr absl::string_view SSL_ERROR_PENDING_SESSION_MESSAGE = "PENDING_SESSION"; +static constexpr absl::string_view SSL_ERROR_PENDING_CERTIFICATE_MESSAGE = "PENDING_CERTIFICATE"; +static constexpr absl::string_view SSL_ERROR_WANT_PRIVATE_KEY_OPERATION_MESSAGE = + "WANT_PRIVATE_KEY_OPERATION"; +static constexpr absl::string_view SSL_ERROR_PENDING_TICKET_MESSAGE = "PENDING_TICKET"; +static constexpr absl::string_view SSL_ERROR_EARLY_DATA_REJECTED_MESSAGE = "EARLY_DATA_REJECTED"; +static constexpr absl::string_view SSL_ERROR_WANT_CERTIFICATE_VERIFY_MESSAGE = + "WANT_CERTIFICATE_VERIFY"; +static constexpr absl::string_view SSL_ERROR_HANDOFF_MESSAGE = "HANDOFF"; +static constexpr absl::string_view SSL_ERROR_HANDBACK_MESSAGE = "HANDBACK"; +#endif +static constexpr absl::string_view SSL_ERROR_UNKNOWN_ERROR_MESSAGE = "UNKNOWN_ERROR"; + Envoy::Ssl::CertificateDetailsPtr Utility::certificateDetails(X509* cert, const std::string& path, TimeSource& time_source) { Envoy::Ssl::CertificateDetailsPtr certificate_details = @@ -255,6 +280,9 @@ absl::optional Utility::getLastCryptoError() { } absl::string_view Utility::getErrorDescription(int err) { +#if BORINGSSL_API_VERSION < 10 + // TODO(davidben): Remove this and the corresponding SSL_ERROR_*_MESSAGE constants when the FIPS + // build is updated to a later version. switch (err) { case SSL_ERROR_NONE: return SSL_ERROR_NONE_MESSAGE; @@ -292,10 +320,15 @@ absl::string_view Utility::getErrorDescription(int err) { return SSL_ERROR_HANDOFF_MESSAGE; case SSL_ERROR_HANDBACK: return SSL_ERROR_HANDBACK_MESSAGE; - default: - ENVOY_BUG(false, "Unknown BoringSSL error had occurred"); - return SSL_ERROR_UNKNOWN_ERROR_MESSAGE; } +#else + const char* description = SSL_error_description(err); + if (description) { + return description; + } +#endif + ENVOY_BUG(false, "Unknown BoringSSL error had occurred"); + return SSL_ERROR_UNKNOWN_ERROR_MESSAGE; } } // namespace Tls diff --git a/source/extensions/transport_sockets/tls/utility.h b/source/extensions/transport_sockets/tls/utility.h index 2b4c2ab2dff2..76824328d46b 100644 --- a/source/extensions/transport_sockets/tls/utility.h +++ b/source/extensions/transport_sockets/tls/utility.h @@ -5,7 +5,7 @@ #include "envoy/ssl/context.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "absl/types/optional.h" #include "openssl/ssl.h" @@ -17,29 +17,6 @@ namespace TransportSockets { namespace Tls { namespace Utility { -static constexpr absl::string_view SSL_ERROR_NONE_MESSAGE = "NONE"; -static constexpr absl::string_view SSL_ERROR_SSL_MESSAGE = "SSL"; -static constexpr absl::string_view SSL_ERROR_WANT_READ_MESSAGE = "WANT_READ"; -static constexpr absl::string_view SSL_ERROR_WANT_WRITE_MESSAGE = "WANT_WRITE"; -static constexpr absl::string_view SSL_ERROR_WANT_X509_LOOPUP_MESSAGE = "WANT_X509_LOOKUP"; -static constexpr absl::string_view SSL_ERROR_SYSCALL_MESSAGE = "SYSCALL"; -static constexpr absl::string_view SSL_ERROR_ZERO_RETURN_MESSAGE = "ZERO_RETURN"; -static constexpr absl::string_view SSL_ERROR_WANT_CONNECT_MESSAGE = "WANT_CONNECT"; -static constexpr absl::string_view SSL_ERROR_WANT_ACCEPT_MESSAGE = "WANT_ACCEPT"; -static constexpr absl::string_view SSL_ERROR_WANT_CHANNEL_ID_LOOKUP_MESSAGE = - "WANT_CHANNEL_ID_LOOKUP"; -static constexpr absl::string_view SSL_ERROR_PENDING_SESSION_MESSAGE = "PENDING_SESSION"; -static constexpr absl::string_view SSL_ERROR_PENDING_CERTIFICATE_MESSAGE = "PENDING_CERTIFICATE"; -static constexpr absl::string_view SSL_ERROR_WANT_PRIVATE_KEY_OPERATION_MESSAGE = - "WANT_PRIVATE_KEY_OPERATION"; -static constexpr absl::string_view SSL_ERROR_PENDING_TICKET_MESSAGE = "PENDING_TICKET"; -static constexpr absl::string_view SSL_ERROR_EARLY_DATA_REJECTED_MESSAGE = "EARLY_DATA_REJECTED"; -static constexpr absl::string_view SSL_ERROR_WANT_CERTIFICATE_VERIFY_MESSAGE = - "WANT_CERTIFICATE_VERIFY"; -static constexpr absl::string_view SSL_ERROR_HANDOFF_MESSAGE = "HANDOFF"; -static constexpr absl::string_view SSL_ERROR_HANDBACK_MESSAGE = "HANDBACK"; -static constexpr absl::string_view SSL_ERROR_UNKNOWN_ERROR_MESSAGE = "UNKNOWN_ERROR"; - Envoy::Ssl::CertificateDetailsPtr certificateDetails(X509* cert, const std::string& path, TimeSource& time_source); diff --git a/source/extensions/transport_sockets/well_known_names.h b/source/extensions/transport_sockets/well_known_names.h deleted file mode 100644 index ef6e85361fee..000000000000 --- a/source/extensions/transport_sockets/well_known_names.h +++ /dev/null @@ -1,44 +0,0 @@ -#pragma once - -#include - -#include "common/singleton/const_singleton.h" - -namespace Envoy { -namespace Extensions { -namespace TransportSockets { - -/** - * Well-known transport socket names. - * NOTE: New transport sockets should use the well known name: envoy.transport_sockets.name. - */ -class TransportSocketNameValues { -public: - const std::string Alts = "envoy.transport_sockets.alts"; - const std::string Quic = "envoy.transport_sockets.quic"; - const std::string RawBuffer = "envoy.transport_sockets.raw_buffer"; - const std::string Tap = "envoy.transport_sockets.tap"; - const std::string Tls = "envoy.transport_sockets.tls"; - const std::string UpstreamProxyProtocol = "envoy.transport_sockets.upstream_proxy_protocol"; - const std::string StartTls = "envoy.transport_sockets.starttls"; -}; - -using TransportSocketNames = ConstSingleton; - -/** - * Well-known transport protocol names. - */ -class TransportProtocolNameValues { -public: - const std::string Tls = "tls"; - const std::string RawBuffer = "raw_buffer"; - const std::string Quic = "quic"; - const std::string StartTls = "starttls"; -}; - -// TODO(lizan): Find a better place to have this singleton. -using TransportProtocolNames = ConstSingleton; - -} // namespace TransportSockets -} // namespace Extensions -} // namespace Envoy diff --git a/source/extensions/upstreams/http/BUILD b/source/extensions/upstreams/http/BUILD index 198a0b12b4fc..bf6272398e7b 100644 --- a/source/extensions/upstreams/http/BUILD +++ b/source/extensions/upstreams/http/BUILD @@ -12,12 +12,10 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.upstreams", - security_posture = "robust_to_untrusted_downstream", # This is core Envoy config. visibility = ["//visibility:public"], deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:minimal_logger_lib", "//source/common/config:utility_lib", "//source/common/http:utility_lib", diff --git a/source/extensions/upstreams/http/config.cc b/source/extensions/upstreams/http/config.cc index fd204bfd75d8..29cde124642b 100644 --- a/source/extensions/upstreams/http/config.cc +++ b/source/extensions/upstreams/http/config.cc @@ -1,4 +1,4 @@ -#include "extensions/upstreams/http/config.h" +#include "source/extensions/upstreams/http/config.h" #include #include @@ -9,10 +9,10 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/upstream/upstream.h" -#include "common/config/utility.h" -#include "common/http/http1/settings.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/config/utility.h" +#include "source/common/http/http1/settings.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/config.h b/source/extensions/upstreams/http/config.h index 4668c5d1a38a..7ae4479c63d2 100644 --- a/source/extensions/upstreams/http/config.h +++ b/source/extensions/upstreams/http/config.h @@ -15,8 +15,8 @@ #include "envoy/server/filter_config.h" #include "envoy/server/transport_socket_config.h" -#include "common/common/logger.h" -#include "common/protobuf/message_validator_impl.h" +#include "source/common/common/logger.h" +#include "source/common/protobuf/message_validator_impl.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/generic/BUILD b/source/extensions/upstreams/http/generic/BUILD index 1e2c0d2119e7..759f4626f205 100644 --- a/source/extensions/upstreams/http/generic/BUILD +++ b/source/extensions/upstreams/http/generic/BUILD @@ -16,8 +16,6 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.upstreams", - security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ "//source/extensions/upstreams/http/http:upstream_request_lib", diff --git a/source/extensions/upstreams/http/generic/config.cc b/source/extensions/upstreams/http/generic/config.cc index caedb4babd78..b2b02e28ac56 100644 --- a/source/extensions/upstreams/http/generic/config.cc +++ b/source/extensions/upstreams/http/generic/config.cc @@ -1,7 +1,7 @@ -#include "extensions/upstreams/http/generic/config.h" +#include "source/extensions/upstreams/http/generic/config.h" -#include "extensions/upstreams/http/http/upstream_request.h" -#include "extensions/upstreams/http/tcp/upstream_request.h" +#include "source/extensions/upstreams/http/http/upstream_request.h" +#include "source/extensions/upstreams/http/tcp/upstream_request.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/http/BUILD b/source/extensions/upstreams/http/http/BUILD index 132d065cabb3..d53b9a92a9dd 100644 --- a/source/extensions/upstreams/http/http/BUILD +++ b/source/extensions/upstreams/http/http/BUILD @@ -17,8 +17,6 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.upstreams", - security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ ":upstream_request_lib", @@ -36,11 +34,11 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:codes_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", diff --git a/source/extensions/upstreams/http/http/config.cc b/source/extensions/upstreams/http/http/config.cc index a6084a1219d8..620915a11d66 100644 --- a/source/extensions/upstreams/http/http/config.cc +++ b/source/extensions/upstreams/http/http/config.cc @@ -1,6 +1,6 @@ -#include "extensions/upstreams/http/http/config.h" +#include "source/extensions/upstreams/http/http/config.h" -#include "extensions/upstreams/http/http/upstream_request.h" +#include "source/extensions/upstreams/http/http/upstream_request.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/http/upstream_request.cc b/source/extensions/upstreams/http/http/upstream_request.cc index f41b081f8b18..4f9c42448d8d 100644 --- a/source/extensions/upstreams/http/http/upstream_request.cc +++ b/source/extensions/upstreams/http/http/upstream_request.cc @@ -1,4 +1,4 @@ -#include "extensions/upstreams/http/http/upstream_request.h" +#include "source/extensions/upstreams/http/http/upstream_request.h" #include #include @@ -10,13 +10,13 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/utility.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/router/router.h" +#include "source/common/common/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/router/router.h" using Envoy::Router::GenericConnectionPoolCallbacks; @@ -32,7 +32,7 @@ void HttpConnPool::newStream(GenericConnectionPoolCallbacks* callbacks) { // might get deleted inline as well. Only write the returned handle out if it is not nullptr to // deal with this case. Envoy::Http::ConnectionPool::Cancellable* handle = - conn_pool_->newStream(callbacks->upstreamToDownstream(), *this); + pool_data_.value().newStream(callbacks->upstreamToDownstream(), *this); if (handle) { conn_pool_stream_handle_ = handle; } diff --git a/source/extensions/upstreams/http/http/upstream_request.h b/source/extensions/upstreams/http/http/upstream_request.h index 94f5a0a0fda6..a49dc2875890 100644 --- a/source/extensions/upstreams/http/http/upstream_request.h +++ b/source/extensions/upstreams/http/http/upstream_request.h @@ -7,10 +7,10 @@ #include "envoy/http/conn_pool.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/config/well_known_names.h" -#include "common/router/upstream_request.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/config/well_known_names.h" +#include "source/common/router/upstream_request.h" namespace Envoy { namespace Extensions { @@ -26,7 +26,7 @@ class HttpConnPool : public Router::GenericConnPool, public Envoy::Http::Connect absl::optional downstream_protocol, Upstream::LoadBalancerContext* ctx) { ASSERT(!is_connect); - conn_pool_ = + pool_data_ = thread_local_cluster.httpConnPool(route_entry.priority(), downstream_protocol, ctx); } ~HttpConnPool() override { @@ -42,13 +42,15 @@ class HttpConnPool : public Router::GenericConnPool, public Envoy::Http::Connect void onPoolReady(Envoy::Http::RequestEncoder& callbacks_encoder, Upstream::HostDescriptionConstSharedPtr host, const StreamInfo::StreamInfo& info, absl::optional protocol) override; - Upstream::HostDescriptionConstSharedPtr host() const override { return conn_pool_->host(); } + Upstream::HostDescriptionConstSharedPtr host() const override { + return pool_data_.value().host(); + } - bool valid() { return conn_pool_ != nullptr; } + bool valid() { return pool_data_.has_value(); } protected: // Points to the actual connection pool to create streams from. - Envoy::Http::ConnectionPool::Instance* conn_pool_{}; + absl::optional pool_data_{}; Envoy::Http::ConnectionPool::Cancellable* conn_pool_stream_handle_{}; Router::GenericConnectionPoolCallbacks* callbacks_{}; }; @@ -82,6 +84,10 @@ class HttpUpstream : public Router::GenericUpstream, public Envoy::Http::StreamC request_encoder_->getStream().resetStream(Envoy::Http::StreamResetReason::LocalReset); } + void setAccount(Buffer::BufferMemoryAccountSharedPtr account) override { + request_encoder_->getStream().setAccount(std::move(account)); + } + // Http::StreamCallbacks void onResetStream(Envoy::Http::StreamResetReason reason, absl::string_view transport_failure_reason) override { diff --git a/source/extensions/upstreams/http/tcp/BUILD b/source/extensions/upstreams/http/tcp/BUILD index 46169ea4b14c..869c0ee5ec6a 100644 --- a/source/extensions/upstreams/http/tcp/BUILD +++ b/source/extensions/upstreams/http/tcp/BUILD @@ -17,8 +17,6 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.upstreams", - security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ ":upstream_request_lib", @@ -36,9 +34,9 @@ envoy_cc_library( ], visibility = ["//visibility:public"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:utility_lib", diff --git a/source/extensions/upstreams/http/tcp/config.cc b/source/extensions/upstreams/http/tcp/config.cc index 8f0df971dc9f..b0773c0a9535 100644 --- a/source/extensions/upstreams/http/tcp/config.cc +++ b/source/extensions/upstreams/http/tcp/config.cc @@ -1,6 +1,6 @@ -#include "extensions/upstreams/http/tcp/config.h" +#include "source/extensions/upstreams/http/tcp/config.h" -#include "extensions/upstreams/http/tcp/upstream_request.h" +#include "source/extensions/upstreams/http/tcp/upstream_request.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/tcp/upstream_request.cc b/source/extensions/upstreams/http/tcp/upstream_request.cc index 3ec33c73284e..17d291a1a437 100644 --- a/source/extensions/upstreams/http/tcp/upstream_request.cc +++ b/source/extensions/upstreams/http/tcp/upstream_request.cc @@ -1,20 +1,19 @@ -#include "extensions/upstreams/http/tcp/upstream_request.h" +#include "source/extensions/upstreams/http/tcp/upstream_request.h" #include #include #include "envoy/upstream/upstream.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/router/router.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/router/router.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/upstreams/http/tcp/upstream_request.h b/source/extensions/upstreams/http/tcp/upstream_request.h index 3a002f4b7a12..ce947b05f943 100644 --- a/source/extensions/upstreams/http/tcp/upstream_request.h +++ b/source/extensions/upstreams/http/tcp/upstream_request.h @@ -7,12 +7,12 @@ #include "envoy/tcp/conn_pool.h" #include "envoy/upstream/thread_local_cluster.h" -#include "common/buffer/watermark_buffer.h" -#include "common/common/cleanup.h" -#include "common/common/logger.h" -#include "common/config/well_known_names.h" -#include "common/router/upstream_request.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger.h" +#include "source/common/config/well_known_names.h" +#include "source/common/router/upstream_request.h" +#include "source/common/stream_info/stream_info_impl.h" namespace Envoy { namespace Extensions { @@ -26,11 +26,11 @@ class TcpConnPool : public Router::GenericConnPool, public Envoy::Tcp::Connectio const Router::RouteEntry& route_entry, absl::optional, Upstream::LoadBalancerContext* ctx) { ASSERT(is_connect); - conn_pool_ = thread_local_cluster.tcpConnPool(route_entry.priority(), ctx); + conn_pool_data_ = thread_local_cluster.tcpConnPool(route_entry.priority(), ctx); } void newStream(Router::GenericConnectionPoolCallbacks* callbacks) override { callbacks_ = callbacks; - upstream_handle_ = conn_pool_->newConnection(*this); + upstream_handle_ = conn_pool_data_.value().newConnection(*this); } bool cancelAnyPendingStream() override { @@ -41,22 +41,25 @@ class TcpConnPool : public Router::GenericConnPool, public Envoy::Tcp::Connectio } return false; } - Upstream::HostDescriptionConstSharedPtr host() const override { return conn_pool_->host(); } + Upstream::HostDescriptionConstSharedPtr host() const override { + return conn_pool_data_.value().host(); + } - bool valid() { return conn_pool_ != nullptr; } + bool valid() { return conn_pool_data_.has_value(); } // Tcp::ConnectionPool::Callbacks void onPoolFailure(ConnectionPool::PoolFailureReason reason, + absl::string_view transport_failure_reason, Upstream::HostDescriptionConstSharedPtr host) override { upstream_handle_ = nullptr; - callbacks_->onPoolFailure(reason, "", host); + callbacks_->onPoolFailure(reason, transport_failure_reason, host); } void onPoolReady(Envoy::Tcp::ConnectionPool::ConnectionDataPtr&& conn_data, Upstream::HostDescriptionConstSharedPtr host) override; private: - Envoy::Tcp::ConnectionPool::Instance* conn_pool_; + absl::optional conn_pool_data_; Envoy::Tcp::ConnectionPool::Cancellable* upstream_handle_{}; Router::GenericConnectionPoolCallbacks* callbacks_{}; }; @@ -74,6 +77,7 @@ class TcpUpstream : public Router::GenericUpstream, void encodeTrailers(const Envoy::Http::RequestTrailerMap&) override; void readDisable(bool disable) override; void resetStream() override; + void setAccount(Buffer::BufferMemoryAccountSharedPtr) override {} // Tcp::ConnectionPool::UpstreamCallbacks void onUpstreamData(Buffer::Instance& data, bool end_stream) override; diff --git a/source/extensions/upstreams/tcp/generic/BUILD b/source/extensions/upstreams/tcp/generic/BUILD index 2320d1ea51ef..673d44aeae31 100644 --- a/source/extensions/upstreams/tcp/generic/BUILD +++ b/source/extensions/upstreams/tcp/generic/BUILD @@ -16,8 +16,6 @@ envoy_cc_extension( hdrs = [ "config.h", ], - category = "envoy.upstreams", - security_posture = "robust_to_untrusted_downstream", visibility = ["//visibility:public"], deps = [ "//source/common/http:codec_client_lib", diff --git a/source/extensions/upstreams/tcp/generic/config.cc b/source/extensions/upstreams/tcp/generic/config.cc index 1a71c3c5bc04..77625e5fd040 100644 --- a/source/extensions/upstreams/tcp/generic/config.cc +++ b/source/extensions/upstreams/tcp/generic/config.cc @@ -1,9 +1,9 @@ -#include "extensions/upstreams/tcp/generic/config.h" +#include "source/extensions/upstreams/tcp/generic/config.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/codec_client.h" -#include "common/tcp_proxy/upstream.h" +#include "source/common/http/codec_client.h" +#include "source/common/tcp_proxy/upstream.h" namespace Envoy { namespace Extensions { @@ -18,8 +18,8 @@ TcpProxy::GenericConnPoolPtr GenericConnPoolFactory::createGenericConnPool( if (config.has_value()) { auto pool_type = ((thread_local_cluster.info()->features() & Upstream::ClusterInfo::Features::HTTP2) != 0) - ? Http::CodecClient::Type::HTTP2 - : Http::CodecClient::Type::HTTP1; + ? Http::CodecType::HTTP2 + : Http::CodecType::HTTP1; auto ret = std::make_unique( thread_local_cluster, context, config.value(), upstream_callbacks, pool_type); return (ret->valid() ? std::move(ret) : nullptr); diff --git a/source/extensions/wasm_runtime/null/BUILD b/source/extensions/wasm_runtime/null/BUILD index e66dce75d6f3..eec5da8cfae2 100644 --- a/source/extensions/wasm_runtime/null/BUILD +++ b/source/extensions/wasm_runtime/null/BUILD @@ -11,12 +11,10 @@ envoy_extension_package() envoy_cc_extension( name = "config", srcs = ["config.cc"], - category = "envoy.wasm.runtime", - security_posture = "unknown", - status = "alpha", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/common/wasm:wasm_runtime_factory_interface", + "@proxy_wasm_cpp_host//:base_lib", "@proxy_wasm_cpp_host//:null_lib", ], ) diff --git a/source/extensions/wasm_runtime/null/config.cc b/source/extensions/wasm_runtime/null/config.cc index e281a24deb74..62de7669608d 100644 --- a/source/extensions/wasm_runtime/null/config.cc +++ b/source/extensions/wasm_runtime/null/config.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "extensions/common/wasm/wasm_runtime_factory.h" +#include "source/extensions/common/wasm/wasm_runtime_factory.h" #include "include/proxy-wasm/null.h" diff --git a/source/extensions/wasm_runtime/v8/BUILD b/source/extensions/wasm_runtime/v8/BUILD index 8024375f6446..5b78352fb1f1 100644 --- a/source/extensions/wasm_runtime/v8/BUILD +++ b/source/extensions/wasm_runtime/v8/BUILD @@ -11,14 +11,11 @@ envoy_extension_package() envoy_cc_extension( name = "config", - srcs = ["config.cc"], - category = "envoy.wasm.runtime", - security_posture = "unknown", - status = "alpha", - deps = [ - "//include/envoy/registry", + srcs = envoy_select_wasm_v8(["config.cc"]), + deps = envoy_select_wasm_v8([ + "//envoy/registry", "//source/extensions/common/wasm:wasm_runtime_factory_interface", - ] + envoy_select_wasm_v8([ + "@proxy_wasm_cpp_host//:base_lib", "@proxy_wasm_cpp_host//:v8_lib", ]), ) diff --git a/source/extensions/wasm_runtime/v8/config.cc b/source/extensions/wasm_runtime/v8/config.cc index 0aabca1fdd08..a502fc0d4dd1 100644 --- a/source/extensions/wasm_runtime/v8/config.cc +++ b/source/extensions/wasm_runtime/v8/config.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "extensions/common/wasm/wasm_runtime_factory.h" +#include "source/extensions/common/wasm/wasm_runtime_factory.h" #include "include/proxy-wasm/v8.h" @@ -16,7 +16,7 @@ class V8RuntimeFactory : public WasmRuntimeFactory { absl::string_view name() override { return "envoy.wasm.runtime.v8"; } }; -#if defined(ENVOY_WASM_V8) +#if defined(PROXY_WASM_HAS_RUNTIME_V8) REGISTER_FACTORY(V8RuntimeFactory, WasmRuntimeFactory); #endif diff --git a/source/extensions/wasm_runtime/wamr/BUILD b/source/extensions/wasm_runtime/wamr/BUILD new file mode 100644 index 000000000000..c50d09185696 --- /dev/null +++ b/source/extensions/wasm_runtime/wamr/BUILD @@ -0,0 +1,21 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_extension", + "envoy_extension_package", +) +load("//bazel:envoy_select.bzl", "envoy_select_wasm_wamr") + +licenses(["notice"]) # Apache 2 + +envoy_extension_package() + +envoy_cc_extension( + name = "config", + srcs = envoy_select_wasm_wamr(["config.cc"]), + deps = envoy_select_wasm_wamr([ + "//envoy/registry", + "//source/extensions/common/wasm:wasm_runtime_factory_interface", + "@proxy_wasm_cpp_host//:base_lib", + "@proxy_wasm_cpp_host//:wamr_lib", + ]), +) diff --git a/source/extensions/wasm_runtime/wamr/config.cc b/source/extensions/wasm_runtime/wamr/config.cc new file mode 100644 index 000000000000..cd20aa1fedc7 --- /dev/null +++ b/source/extensions/wasm_runtime/wamr/config.cc @@ -0,0 +1,26 @@ +#include "envoy/registry/registry.h" + +#include "source/extensions/common/wasm/wasm_runtime_factory.h" + +#include "include/proxy-wasm/wamr.h" + +namespace Envoy { +namespace Extensions { +namespace Common { +namespace Wasm { + +class WamrRuntimeFactory : public WasmRuntimeFactory { +public: + WasmVmPtr createWasmVm() override { return proxy_wasm::createWamrVm(); } + + absl::string_view name() override { return "envoy.wasm.runtime.wamr"; } +}; + +#if defined(PROXY_WASM_HAS_RUNTIME_WAMR) +REGISTER_FACTORY(WamrRuntimeFactory, WasmRuntimeFactory); +#endif + +} // namespace Wasm +} // namespace Common +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/wasm_runtime/wasmtime/BUILD b/source/extensions/wasm_runtime/wasmtime/BUILD index 47923bd0caa3..237e03ebf504 100644 --- a/source/extensions/wasm_runtime/wasmtime/BUILD +++ b/source/extensions/wasm_runtime/wasmtime/BUILD @@ -11,14 +11,11 @@ envoy_extension_package() envoy_cc_extension( name = "config", - srcs = ["config.cc"], - category = "envoy.wasm.runtime", - security_posture = "unknown", - status = "alpha", - deps = [ - "//include/envoy/registry", + srcs = envoy_select_wasm_wasmtime(["config.cc"]), + deps = envoy_select_wasm_wasmtime([ + "//envoy/registry", "//source/extensions/common/wasm:wasm_runtime_factory_interface", - ] + envoy_select_wasm_wasmtime([ + "@proxy_wasm_cpp_host//:base_lib", "@proxy_wasm_cpp_host//:wasmtime_lib", ]), ) diff --git a/source/extensions/wasm_runtime/wasmtime/config.cc b/source/extensions/wasm_runtime/wasmtime/config.cc index 9e25ce8e1548..4489b7bc68c9 100644 --- a/source/extensions/wasm_runtime/wasmtime/config.cc +++ b/source/extensions/wasm_runtime/wasmtime/config.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "extensions/common/wasm/wasm_runtime_factory.h" +#include "source/extensions/common/wasm/wasm_runtime_factory.h" #include "include/proxy-wasm/wasmtime.h" @@ -16,7 +16,7 @@ class WasmtimeRuntimeFactory : public WasmRuntimeFactory { absl::string_view name() override { return "envoy.wasm.runtime.wasmtime"; } }; -#if defined(ENVOY_WASM_WASMTIME) +#if defined(PROXY_WASM_HAS_RUNTIME_WASMTIME) REGISTER_FACTORY(WasmtimeRuntimeFactory, WasmRuntimeFactory); #endif diff --git a/source/extensions/wasm_runtime/wavm/BUILD b/source/extensions/wasm_runtime/wavm/BUILD index f2b8c69ae785..fa65a029b17b 100644 --- a/source/extensions/wasm_runtime/wavm/BUILD +++ b/source/extensions/wasm_runtime/wavm/BUILD @@ -11,14 +11,11 @@ envoy_extension_package() envoy_cc_extension( name = "config", - srcs = ["config.cc"], - category = "envoy.wasm.runtime", - security_posture = "unknown", - status = "alpha", - deps = [ - "//include/envoy/registry", + srcs = envoy_select_wasm_wavm(["config.cc"]), + deps = envoy_select_wasm_wavm([ + "//envoy/registry", "//source/extensions/common/wasm:wasm_runtime_factory_interface", - ] + envoy_select_wasm_wavm([ + "@proxy_wasm_cpp_host//:base_lib", "@proxy_wasm_cpp_host//:wavm_lib", ]), ) diff --git a/source/extensions/wasm_runtime/wavm/config.cc b/source/extensions/wasm_runtime/wavm/config.cc index be53e31f523b..8fcccda266bb 100644 --- a/source/extensions/wasm_runtime/wavm/config.cc +++ b/source/extensions/wasm_runtime/wavm/config.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "extensions/common/wasm/wasm_runtime_factory.h" +#include "source/extensions/common/wasm/wasm_runtime_factory.h" #include "include/proxy-wasm/wavm.h" @@ -16,7 +16,7 @@ class WavmRuntimeFactory : public WasmRuntimeFactory { absl::string_view name() override { return "envoy.wasm.runtime.wavm"; } }; -#if defined(ENVOY_WASM_WAVM) +#if defined(PROXY_WASM_HAS_RUNTIME_WAVM) REGISTER_FACTORY(WavmRuntimeFactory, WasmRuntimeFactory); #endif diff --git a/source/extensions/watchdog/profile_action/BUILD b/source/extensions/watchdog/profile_action/BUILD index 8da916b007ad..1de6bb89d075 100644 --- a/source/extensions/watchdog/profile_action/BUILD +++ b/source/extensions/watchdog/profile_action/BUILD @@ -17,11 +17,11 @@ envoy_cc_library( "abseil_optional", ], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/common:time_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/server:guarddog_config_interface", - "//include/envoy/thread:thread_interface", + "//envoy/api:api_interface", + "//envoy/common:time_interface", + "//envoy/event:timer_interface", + "//envoy/server:guarddog_config_interface", + "//envoy/thread:thread_interface", "//source/common/profiler:profiler_lib", "//source/common/protobuf:utility_lib", "//source/common/stats:symbol_table_lib", @@ -33,12 +33,9 @@ envoy_cc_extension( name = "config", srcs = ["config.cc"], hdrs = ["config.h"], - category = "envoy.guarddog_actions", - security_posture = "data_plane_agnostic", - status = "alpha", deps = [ ":profile_action_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/common:assert_lib", "//source/common/config:utility_lib", "//source/common/protobuf", diff --git a/source/extensions/watchdog/profile_action/config.cc b/source/extensions/watchdog/profile_action/config.cc index 035fa17641e0..ebf4dfa24e08 100644 --- a/source/extensions/watchdog/profile_action/config.cc +++ b/source/extensions/watchdog/profile_action/config.cc @@ -1,11 +1,10 @@ -#include "extensions/watchdog/profile_action/config.h" +#include "source/extensions/watchdog/profile_action/config.h" #include "envoy/registry/registry.h" -#include "common/config/utility.h" -#include "common/protobuf/message_validator_impl.h" - -#include "extensions/watchdog/profile_action/profile_action.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/extensions/watchdog/profile_action/profile_action.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/watchdog/profile_action/config.h b/source/extensions/watchdog/profile_action/config.h index 0ccce8a03b7c..de821d48fced 100644 --- a/source/extensions/watchdog/profile_action/config.h +++ b/source/extensions/watchdog/profile_action/config.h @@ -3,7 +3,7 @@ #include "envoy/extensions/watchdog/profile_action/v3alpha/profile_action.pb.h" #include "envoy/server/guarddog_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/source/extensions/watchdog/profile_action/profile_action.cc b/source/extensions/watchdog/profile_action/profile_action.cc index d324f45da39d..3d1fc5adc465 100644 --- a/source/extensions/watchdog/profile_action/profile_action.cc +++ b/source/extensions/watchdog/profile_action/profile_action.cc @@ -1,12 +1,12 @@ -#include "extensions/watchdog/profile_action/profile_action.h" +#include "source/extensions/watchdog/profile_action/profile_action.h" #include #include "envoy/thread/thread.h" -#include "common/profiler/profiler.h" -#include "common/protobuf/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/profiler/profiler.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/symbol_table_impl.h" #include "absl/strings/str_format.h" diff --git a/source/server/BUILD b/source/server/BUILD index bd71a7014674..07b31d256467 100644 --- a/source/server/BUILD +++ b/source/server/BUILD @@ -31,16 +31,16 @@ envoy_cc_library( srcs = ["configuration_impl.cc"], hdrs = ["configuration_impl.h"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:configuration_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/server:tracer_config_interface", - "//include/envoy/ssl:context_manager_interface", + "//envoy/config:typed_config_interface", + "//envoy/http:filter_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:configuration_interface", + "//envoy/server:filter_config_interface", + "//envoy/server:instance_interface", + "//envoy/server:tracer_config_interface", + "//envoy/ssl:context_manager_interface", "//source/common/access_log:access_log_lib", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", @@ -78,16 +78,16 @@ envoy_cc_library( ], deps = [ ":active_tcp_listener", - "//include/envoy/common:time_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/common:time_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:listener_interface", + "//envoy/server:listener_manager_interface", + "//envoy/stats:timespan_interface", "//source/common/common:linked_object", "//source/common/common:non_copyable", "//source/common/event:deferred_task", @@ -102,9 +102,9 @@ envoy_cc_library( "active_listener_base.h", ], deps = [ - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:listener_interface", + "//envoy/stats:timespan_interface", "//source/common/stats:timespan_lib", ], ) @@ -116,17 +116,18 @@ envoy_cc_library( "active_tcp_listener.h", ], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/stats:timespan_interface", + "//envoy/common:time_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:listener_interface", + "//envoy/server:listener_manager_interface", + "//envoy/stats:timespan_interface", + "//source/common/common:assert_lib", "//source/common/common:linked_object", "//source/common/common:non_copyable", "//source/common/common:safe_memcpy_lib", @@ -145,13 +146,13 @@ envoy_cc_library( "active_udp_listener.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:exception_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/server:listener_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:exception_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:listener_interface", + "//envoy/server:listener_manager_interface", "//source/server:connection_handler_impl", ], ) @@ -163,11 +164,11 @@ envoy_cc_library( "drain_manager_impl.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/server:drain_manager_interface", - "//include/envoy/server:instance_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/runtime:runtime_interface", + "//envoy/server:drain_manager_interface", + "//envoy/server:instance_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", @@ -181,16 +182,16 @@ envoy_cc_library( external_deps = ["abseil_optional"], deps = [ ":watchdog_lib", - "//include/envoy/api:api_interface", - "//include/envoy/common:time_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/server:configuration_interface", - "//include/envoy/server:guarddog_config_interface", - "//include/envoy/server:guarddog_interface", - "//include/envoy/server:watchdog_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread:thread_interface", + "//envoy/api:api_interface", + "//envoy/common:time_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/server:configuration_interface", + "//envoy/server:guarddog_config_interface", + "//envoy/server:guarddog_interface", + "//envoy/server:watchdog_interface", + "//envoy/stats:stats_interface", + "//envoy/thread:thread_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/common:thread_lib", @@ -215,13 +216,13 @@ envoy_cc_library( hdrs = envoy_select_hot_restart(["hot_restarting_base.h"]), deps = [ ":hot_restart_cc_proto", - "//include/envoy/api:os_sys_calls_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/server:hot_restart_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/server:options_interface", - "//include/envoy/stats:stats_interface", + "//envoy/api:os_sys_calls_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/server:hot_restart_interface", + "//envoy/server:instance_interface", + "//envoy/server:options_interface", + "//envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/common:mem_block_builder_lib", @@ -263,12 +264,12 @@ envoy_cc_library( deps = [ ":hot_restarting_child", ":hot_restarting_parent", - "//include/envoy/api:os_sys_calls_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/server:hot_restart_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/server:options_interface", + "//envoy/api:os_sys_calls_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/server:hot_restart_interface", + "//envoy/server:instance_interface", + "//envoy/server:options_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:assert_lib", "//source/common/stats:allocator_lib", @@ -279,7 +280,7 @@ envoy_cc_library( name = "hot_restart_nop_lib", hdrs = ["hot_restart_nop_impl.h"], deps = [ - "//include/envoy/server:hot_restart_interface", + "//envoy/server:hot_restart_interface", "//source/common/stats:allocator_lib", ], ) @@ -307,10 +308,10 @@ envoy_cc_library( copts = ["-DHAVE_LONG_LONG"], external_deps = ["tclap"], deps = [ - "//include/envoy/network:address_interface", - "//include/envoy/registry", - "//include/envoy/server:options_interface", - "//include/envoy/stats:stats_interface", + "//envoy/network:address_interface", + "//envoy/registry", + "//envoy/server:options_interface", + "//envoy/stats:stats_interface", "//source/common/api:os_sys_calls_lib", "//source/common/common:logger_lib", "//source/common/common:macros", @@ -326,9 +327,9 @@ envoy_cc_library( srcs = ["overload_manager_impl.cc"], hdrs = ["overload_manager_impl.h"], deps = [ - "//include/envoy/server/overload:overload_manager_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/server/overload:overload_manager_interface", + "//envoy/stats:stats_interface", + "//envoy/thread_local:thread_local_interface", "//source/common/common:logger_lib", "//source/common/config:utility_lib", "//source/common/event:scaled_range_timer_manager_lib", @@ -343,10 +344,10 @@ envoy_cc_library( srcs = ["lds_api.cc"], hdrs = ["lds_api.h"], deps = [ - "//include/envoy/config:subscription_factory_interface", - "//include/envoy/config:subscription_interface", - "//include/envoy/init:manager_interface", - "//include/envoy/server:listener_manager_interface", + "//envoy/config:subscription_factory_interface", + "//envoy/config:subscription_interface", + "//envoy/init:manager_interface", + "//envoy/server:listener_manager_interface", "//source/common/common:cleanup_lib", "//source/common/config:api_version_lib", "//source/common/config:subscription_base_interface", @@ -383,13 +384,13 @@ envoy_cc_library( ":filter_chain_manager_lib", ":lds_api_lib", ":transport_socket_config_lib", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/server:api_listener_interface", - "//include/envoy/server:filter_config_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/server:worker_interface", + "//envoy/access_log:access_log_interface", + "//envoy/network:connection_interface", + "//envoy/server:api_listener_interface", + "//envoy/server:filter_config_interface", + "//envoy/server:listener_manager_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/server:worker_interface", "//source/common/access_log:access_log_lib", "//source/common/common:basic_resource_lib", "//source/common/common:empty_string", @@ -408,7 +409,6 @@ envoy_cc_library( "//source/common/network:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/stream_info:stream_info_lib", - "//source/extensions/filters/listener:well_known_names", "//source/extensions/filters/network/http_connection_manager:config", "//source/extensions/upstreams/http/generic:config", "@envoy_api//envoy/admin/v3:pkg_cc_proto", @@ -421,6 +421,7 @@ envoy_cc_library( "//source/common/quic:quic_factory_lib", "//source/common/quic:quic_transport_socket_factory_lib", "//source/common/quic:udp_gso_batch_writer_lib", + "//source/common/quic:quic_stat_names_lib", ]), ) @@ -430,9 +431,9 @@ envoy_cc_library( hdrs = ["filter_chain_manager_impl.h"], deps = [ ":filter_chain_factory_context_callback", - "//include/envoy/server:instance_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/server:transport_socket_config_interface", + "//envoy/server:instance_interface", + "//envoy/server:listener_manager_interface", + "//envoy/server:transport_socket_config_interface", "//source/common/common:empty_string", "//source/common/config:utility_lib", "//source/common/init:manager_lib", @@ -446,7 +447,7 @@ envoy_cc_library( envoy_cc_library( name = "process_context_lib", hdrs = ["process_context_impl.h"], - deps = ["//include/envoy/server:process_context_interface"], + deps = ["//envoy/server:process_context_interface"], ) envoy_cc_library( @@ -464,7 +465,7 @@ envoy_cc_library( name = "resource_monitor_config_lib", hdrs = ["resource_monitor_config_impl.h"], deps = [ - "//include/envoy/server:resource_monitor_config_interface", + "//envoy/server:resource_monitor_config_interface", ], ) @@ -485,21 +486,21 @@ envoy_cc_library( ":listener_manager_lib", ":ssl_context_manager_lib", ":worker_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:signal_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/server:bootstrap_extension_config_interface", - "//include/envoy/server:configuration_interface", - "//include/envoy/server:drain_manager_interface", - "//include/envoy/server:fatal_action_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/server:options_interface", - "//include/envoy/server:process_context_interface", - "//include/envoy/stats:stats_macros", - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:signal_interface", + "//envoy/event:timer_interface", + "//envoy/network:dns_interface", + "//envoy/server:bootstrap_extension_config_interface", + "//envoy/server:configuration_interface", + "//envoy/server:drain_manager_interface", + "//envoy/server:fatal_action_interface", + "//envoy/server:instance_interface", + "//envoy/server:listener_manager_interface", + "//envoy/server:options_interface", + "//envoy/server:process_context_interface", + "//envoy/stats:stats_macros", + "//envoy/tracing:http_tracer_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/access_log:access_log_manager_lib", "//source/common/api:api_lib", "//source/common/common:cleanup_lib", @@ -539,8 +540,8 @@ envoy_cc_library( srcs = ["ssl_context_manager.cc"], hdrs = ["ssl_context_manager.h"], deps = [ - "//include/envoy/registry", - "//include/envoy/ssl:context_manager_interface", + "//envoy/registry", + "//envoy/ssl:context_manager_interface", ], ) @@ -553,8 +554,8 @@ envoy_cc_library( name = "watchdog_lib", hdrs = ["watchdog_impl.h"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/server:watchdog_interface", + "//envoy/common:time_interface", + "//envoy/server:watchdog_interface", "//source/common/common:assert_lib", ], ) @@ -566,16 +567,16 @@ envoy_cc_library( deps = [ ":connection_handler_lib", ":listener_hooks_lib", - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:exception_interface", - "//include/envoy/server:configuration_interface", - "//include/envoy/server:guarddog_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/server:worker_interface", - "//include/envoy/thread:thread_interface", - "//include/envoy/thread_local:thread_local_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", + "//envoy/network:exception_interface", + "//envoy/server:configuration_interface", + "//envoy/server:guarddog_interface", + "//envoy/server:listener_manager_interface", + "//envoy/server:worker_interface", + "//envoy/thread:thread_interface", + "//envoy/thread_local:thread_local_interface", ], ) @@ -583,7 +584,7 @@ envoy_cc_library( name = "transport_socket_config_lib", hdrs = ["transport_socket_config_impl.h"], deps = [ - "//include/envoy/server:transport_socket_config_interface", + "//envoy/server:transport_socket_config_interface", ], ) @@ -593,7 +594,7 @@ envoy_cc_library( hdrs = ["active_raw_udp_listener_config.h"], deps = [ ":connection_handler_lib", - "//include/envoy/registry", + "//envoy/registry", ], ) @@ -601,7 +602,7 @@ envoy_cc_library( name = "filter_chain_factory_context_callback", hdrs = ["filter_chain_factory_context_callback.h"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ], ) diff --git a/source/server/active_raw_udp_listener_config.cc b/source/server/active_raw_udp_listener_config.cc index 28abfe2ceb31..86de0c3053b0 100644 --- a/source/server/active_raw_udp_listener_config.cc +++ b/source/server/active_raw_udp_listener_config.cc @@ -1,10 +1,10 @@ -#include "server/active_raw_udp_listener_config.h" +#include "source/server/active_raw_udp_listener_config.h" #include #include -#include "server/active_udp_listener.h" -#include "server/connection_handler_impl.h" +#include "source/server/active_udp_listener.h" +#include "source/server/connection_handler_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/active_tcp_listener.cc b/source/server/active_tcp_listener.cc index bcf5cae34d83..a8a2120ba2a0 100644 --- a/source/server/active_tcp_listener.cc +++ b/source/server/active_tcp_listener.cc @@ -1,4 +1,4 @@ -#include "server/active_tcp_listener.h" +#include "source/server/active_tcp_listener.h" #include @@ -7,10 +7,11 @@ #include "envoy/network/filter.h" #include "envoy/stats/scope.h" -#include "common/event/deferred_task.h" -#include "common/network/connection_impl.h" -#include "common/network/utility.h" -#include "common/stats/timespan_impl.h" +#include "source/common/common/assert.h" +#include "source/common/event/deferred_task.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stats/timespan_impl.h" namespace Envoy { namespace Server { @@ -198,10 +199,8 @@ void ActiveTcpSocket::newConnection() { if (socket_->detectedTransportProtocol().empty()) { socket_->setDetectedTransportProtocol("raw_buffer"); } - // TODO(lambdai): add integration test - // TODO: Address issues in wider scope. See https://github.com/envoyproxy/envoy/issues/8925 - // Erase accept filter states because accept filters may not get the opportunity to clean up. - // Particularly the assigned events need to reset before assigning new events in the follow up. + // Clear the listener filter to ensure the file event registered by + // listener filter to be removed. reference https://github.com/envoyproxy/envoy/issues/8925. accept_filters_.clear(); // Create a new connection on this listener. listener_.newConnection(std::move(socket_), std::move(stream_info_)); @@ -210,8 +209,9 @@ void ActiveTcpSocket::newConnection() { void ActiveTcpListener::onAccept(Network::ConnectionSocketPtr&& socket) { if (listenerConnectionLimitReached()) { - ENVOY_LOG(trace, "closing connection: listener connection limit reached for {}", - config_->name()); + RELEASE_ASSERT(socket->addressProvider().remoteAddress() != nullptr, ""); + ENVOY_LOG(trace, "closing connection from {}: listener connection limit reached for {}", + socket->addressProvider().remoteAddress()->asString(), config_->name()); socket->close(); stats_.downstream_cx_overflow_.inc(); return; @@ -288,7 +288,9 @@ void ActiveTcpListener::newConnection(Network::ConnectionSocketPtr&& socket, // Find matching filter chain. const auto filter_chain = config_->filterChainManager().findFilterChain(*socket); if (filter_chain == nullptr) { - ENVOY_LOG(debug, "closing connection: no matching filter chain found"); + RELEASE_ASSERT(socket->addressProvider().remoteAddress() != nullptr, ""); + ENVOY_LOG(debug, "closing connection from {}: no matching filter chain found", + socket->addressProvider().remoteAddress()->asString()); stats_.no_filter_chain_match_.inc(); stream_info->setResponseFlag(StreamInfo::ResponseFlag::NoRouteFound); stream_info->setResponseCodeDetails(StreamInfo::ResponseCodeDetails::get().FilterChainNotFound); @@ -307,21 +309,26 @@ void ActiveTcpListener::newConnection(Network::ConnectionSocketPtr&& socket, timeout != std::chrono::milliseconds::zero()) { server_conn_ptr->setTransportSocketConnectTimeout(timeout); } + ActiveTcpConnectionPtr active_connection( new ActiveTcpConnection(active_connections, std::move(server_conn_ptr), parent_.dispatcher().timeSource(), std::move(stream_info))); active_connection->connection_->setBufferLimits(config_->perConnectionBufferLimitBytes()); + RELEASE_ASSERT(active_connection->connection_->addressProvider().remoteAddress() != nullptr, ""); + const bool empty_filter_chain = !config_->filterChainFactory().createNetworkFilterChain( *active_connection->connection_, filter_chain->networkFilterFactories()); if (empty_filter_chain) { - ENVOY_CONN_LOG(debug, "closing connection: no filters", *active_connection->connection_); + ENVOY_CONN_LOG(debug, "closing connection from {}: no filters", *active_connection->connection_, + active_connection->connection_->addressProvider().remoteAddress()->asString()); active_connection->connection_->close(Network::ConnectionCloseType::NoFlush); } // If the connection is already closed, we can just let this connection immediately die. if (active_connection->connection_->state() != Network::Connection::State::Closed) { - ENVOY_CONN_LOG(debug, "new connection", *active_connection->connection_); + ENVOY_CONN_LOG(debug, "new connection from {}", *active_connection->connection_, + active_connection->connection_->addressProvider().remoteAddress()->asString()); active_connection->connection_->addConnectionCallbacks(*active_connection); LinkedList::moveIntoList(std::move(active_connection), active_connections.connections_); } diff --git a/source/server/active_tcp_listener.h b/source/server/active_tcp_listener.h index c698faaa0605..469e1677c999 100644 --- a/source/server/active_tcp_listener.h +++ b/source/server/active_tcp_listener.h @@ -4,10 +4,9 @@ #include "envoy/event/timer.h" #include "envoy/stats/timespan.h" -#include "common/common/linked_object.h" -#include "common/stream_info/stream_info_impl.h" - -#include "server/active_listener_base.h" +#include "source/common/common/linked_object.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/server/active_listener_base.h" namespace Envoy { namespace Server { diff --git a/source/server/active_udp_listener.cc b/source/server/active_udp_listener.cc index ceb01bbcd14e..c20d2809aa07 100644 --- a/source/server/active_udp_listener.cc +++ b/source/server/active_udp_listener.cc @@ -1,10 +1,10 @@ -#include "server/active_udp_listener.h" +#include "source/server/active_udp_listener.h" #include "envoy/network/exception.h" #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" #include "spdlog/spdlog.h" diff --git a/source/server/active_udp_listener.h b/source/server/active_udp_listener.h index e122b65d2e42..520663ac4ddf 100644 --- a/source/server/active_udp_listener.h +++ b/source/server/active_udp_listener.h @@ -8,7 +8,8 @@ #include "envoy/network/listen_socket.h" #include "envoy/network/listener.h" -#include "server/active_listener_base.h" +#include "source/common/network/utility.h" +#include "source/server/active_listener_base.h" namespace Envoy { namespace Server { @@ -82,6 +83,10 @@ class ActiveRawUdpListener : public ActiveUdpListenerBase, void onWriteReady(const Network::Socket& socket) override; void onReceiveError(Api::IoError::IoErrorCode error_code) override; Network::UdpPacketWriter& udpPacketWriter() override { return *udp_packet_writer_; } + size_t numPacketsExpectedPerEventLoop() const final { + // TODO(mattklein123) change this to a reasonable number if needed. + return Network::MAX_NUM_PACKETS_PER_EVENT_LOOP; + } // Network::UdpWorker void onDataWorker(Network::UdpRecvData&& data) override; diff --git a/source/server/admin/BUILD b/source/server/admin/BUILD index 1df8446d2a17..533e22849b45 100644 --- a/source/server/admin/BUILD +++ b/source/server/admin/BUILD @@ -26,15 +26,15 @@ envoy_cc_library( ":server_info_handler_lib", ":stats_handler_lib", ":utils_lib", - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:hot_restart_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/server:listener_manager_interface", - "//include/envoy/server:options_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/http:filter_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/server:admin_interface", + "//envoy/server:hot_restart_interface", + "//envoy/server:instance_interface", + "//envoy/server:listener_manager_interface", + "//envoy/server:options_interface", "//source/common/access_log:access_log_lib", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", @@ -73,8 +73,8 @@ envoy_cc_library( hdrs = ["admin_filter.h"], deps = [ ":utils_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/server:admin_interface", + "//envoy/http:filter_interface", + "//envoy/server:admin_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", @@ -87,7 +87,7 @@ envoy_cc_library( name = "handler_ctx_lib", hdrs = ["handler_ctx.h"], deps = [ - "//include/envoy/server:instance_interface", + "//envoy/server:instance_interface", ], ) @@ -99,9 +99,9 @@ envoy_cc_library( ":handler_ctx_lib", ":prometheus_stats_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/html:utility_lib", "//source/common/http:codes_lib", @@ -129,9 +129,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -146,9 +146,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -162,9 +162,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/common:minimal_logger_lib", "//source/common/http:codes_lib", @@ -178,8 +178,8 @@ envoy_cc_library( hdrs = ["profiling_handler.h"], deps = [ ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -194,9 +194,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -210,9 +210,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -229,9 +229,9 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -248,9 +248,9 @@ envoy_cc_library( ":config_tracker_lib", ":handler_ctx_lib", ":utils_lib", - "//include/envoy/http:codes_interface", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/http:codes_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/buffer:buffer_lib", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -267,8 +267,8 @@ envoy_cc_library( deps = [ ":handler_ctx_lib", ":utils_lib", - "//include/envoy/server:admin_interface", - "//include/envoy/server:instance_interface", + "//envoy/server:admin_interface", + "//envoy/server:instance_interface", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", "@envoy_api//envoy/admin/v3:pkg_cc_proto", @@ -280,7 +280,7 @@ envoy_cc_library( srcs = ["utils.cc"], hdrs = ["utils.h"], deps = [ - "//include/envoy/init:manager_interface", + "//envoy/init:manager_interface", "//source/common/common:enum_to_int", "//source/common/http:codes_lib", "//source/common/http:header_map_lib", @@ -294,7 +294,7 @@ envoy_cc_library( srcs = ["config_tracker_impl.cc"], hdrs = ["config_tracker_impl.h"], deps = [ - "//include/envoy/server:config_tracker_interface", + "//envoy/server:config_tracker_interface", "//source/common/common:assert_lib", "//source/common/common:macros", ], diff --git a/source/server/admin/admin.cc b/source/server/admin/admin.cc index fbfe86bd2246..4e3ee65c2813 100644 --- a/source/server/admin/admin.cc +++ b/source/server/admin/admin.cc @@ -1,4 +1,4 @@ -#include "server/admin/admin.h" +#include "source/server/admin/admin.h" #include #include @@ -15,29 +15,27 @@ #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/upstream.h" -#include "common/access_log/access_log_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/mutex_tracer_impl.h" -#include "common/common/utility.h" -#include "common/formatter/substitution_formatter.h" -#include "common/html/utility.h" -#include "common/http/codes.h" -#include "common/http/conn_manager_utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/memory/utils.h" -#include "common/network/listen_socket_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" - -#include "server/admin/utils.h" -#include "server/listener_impl.h" - -#include "extensions/request_id/uuid/config.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/mutex_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/html/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/conn_manager_utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/memory/utils.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" +#include "source/extensions/request_id/uuid/config.h" +#include "source/server/admin/utils.h" +#include "source/server/listener_impl.h" #include "absl/strings/str_join.h" #include "absl/strings/str_replace.h" diff --git a/source/server/admin/admin.h b/source/server/admin/admin.h index 84d5236e212b..5fcaa5ddcf60 100644 --- a/source/server/admin/admin.h +++ b/source/server/admin/admin.h @@ -18,38 +18,36 @@ #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/resource_manager.h" -#include "common/common/assert.h" -#include "common/common/basic_resource_impl.h" -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/common/macros.h" -#include "common/http/conn_manager_config.h" -#include "common/http/conn_manager_impl.h" -#include "common/http/date_provider_impl.h" -#include "common/http/default_server_string.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/request_id_extension_impl.h" -#include "common/http/utility.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/router/scoped_config_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "server/admin/admin_filter.h" -#include "server/admin/clusters_handler.h" -#include "server/admin/config_dump_handler.h" -#include "server/admin/config_tracker_impl.h" -#include "server/admin/init_dump_handler.h" -#include "server/admin/listeners_handler.h" -#include "server/admin/logs_handler.h" -#include "server/admin/profiling_handler.h" -#include "server/admin/runtime_handler.h" -#include "server/admin/server_cmd_handler.h" -#include "server/admin/server_info_handler.h" -#include "server/admin/stats_handler.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/assert.h" +#include "source/common/common/basic_resource_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/http/default_server_string.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/request_id_extension_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/router/scoped_config_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" +#include "source/server/admin/admin_filter.h" +#include "source/server/admin/clusters_handler.h" +#include "source/server/admin/config_dump_handler.h" +#include "source/server/admin/config_tracker_impl.h" +#include "source/server/admin/init_dump_handler.h" +#include "source/server/admin/listeners_handler.h" +#include "source/server/admin/logs_handler.h" +#include "source/server/admin/profiling_handler.h" +#include "source/server/admin/runtime_handler.h" +#include "source/server/admin/server_cmd_handler.h" +#include "source/server/admin/server_info_handler.h" +#include "source/server/admin/stats_handler.h" #include "absl/strings/string_view.h" @@ -177,6 +175,7 @@ class AdminImpl : public Admin, const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return true; } bool shouldMergeSlashes() const override { return true; } + bool shouldStripTrailingHostDot() const override { return false; } Http::StripPortType stripPortType() const override { return Http::StripPortType::None; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const override { diff --git a/source/server/admin/admin_filter.cc b/source/server/admin/admin_filter.cc index c9227f2c725d..ecd5fa6e9562 100644 --- a/source/server/admin/admin_filter.cc +++ b/source/server/admin/admin_filter.cc @@ -1,6 +1,6 @@ -#include "server/admin/admin_filter.h" +#include "source/server/admin/admin_filter.h" -#include "server/admin/utils.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/admin_filter.h b/source/server/admin/admin_filter.h index 000279f8ff79..0cc9da6069ef 100644 --- a/source/server/admin/admin_filter.h +++ b/source/server/admin/admin_filter.h @@ -6,12 +6,11 @@ #include "envoy/http/filter.h" #include "envoy/server/admin.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/clusters_handler.cc b/source/server/admin/clusters_handler.cc index 77523012e0dc..a0425e40c674 100644 --- a/source/server/admin/clusters_handler.cc +++ b/source/server/admin/clusters_handler.cc @@ -1,13 +1,12 @@ -#include "server/admin/clusters_handler.h" +#include "source/server/admin/clusters_handler.h" #include "envoy/admin/v3/clusters.pb.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/upstream/host_utility.h" - -#include "server/admin/utils.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/host_utility.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/clusters_handler.h b/source/server/admin/clusters_handler.h index efb00e3b2cca..7786755cbeb6 100644 --- a/source/server/admin/clusters_handler.h +++ b/source/server/admin/clusters_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/config_dump_handler.cc b/source/server/admin/config_dump_handler.cc index 766b86bbe9d2..69c685d8a693 100644 --- a/source/server/admin/config_dump_handler.cc +++ b/source/server/admin/config_dump_handler.cc @@ -1,13 +1,12 @@ -#include "server/admin/config_dump_handler.h" +#include "source/server/admin/config_dump_handler.h" #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" - -#include "server/admin/utils.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/config_dump_handler.h b/source/server/admin/config_dump_handler.h index f8b77c4a2e6f..f1531ddee04a 100644 --- a/source/server/admin/config_dump_handler.h +++ b/source/server/admin/config_dump_handler.h @@ -9,8 +9,8 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/config_tracker_impl.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/config_tracker_impl.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/config_tracker_impl.cc b/source/server/admin/config_tracker_impl.cc index da1bc875a6ee..dcd4cf67818e 100644 --- a/source/server/admin/config_tracker_impl.cc +++ b/source/server/admin/config_tracker_impl.cc @@ -1,4 +1,4 @@ -#include "server/admin/config_tracker_impl.h" +#include "source/server/admin/config_tracker_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/config_tracker_impl.h b/source/server/admin/config_tracker_impl.h index 3c8ab1c156bf..9d57ec41cfd4 100644 --- a/source/server/admin/config_tracker_impl.h +++ b/source/server/admin/config_tracker_impl.h @@ -2,8 +2,8 @@ #include "envoy/server/config_tracker.h" -#include "common/common/assert.h" -#include "common/common/macros.h" +#include "source/common/common/assert.h" +#include "source/common/common/macros.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/init_dump_handler.cc b/source/server/admin/init_dump_handler.cc index 11e40cd4a466..837625d16180 100644 --- a/source/server/admin/init_dump_handler.cc +++ b/source/server/admin/init_dump_handler.cc @@ -1,10 +1,9 @@ -#include "server/admin/init_dump_handler.h" +#include "source/server/admin/init_dump_handler.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" - -#include "server/admin/utils.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/init_dump_handler.h b/source/server/admin/init_dump_handler.h index bb3683f74ca7..26156c4e9122 100644 --- a/source/server/admin/init_dump_handler.h +++ b/source/server/admin/init_dump_handler.h @@ -7,7 +7,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/listeners_handler.cc b/source/server/admin/listeners_handler.cc index 510393a17b31..9e6ddbbc746b 100644 --- a/source/server/admin/listeners_handler.cc +++ b/source/server/admin/listeners_handler.cc @@ -1,12 +1,11 @@ -#include "server/admin/listeners_handler.h" +#include "source/server/admin/listeners_handler.h" #include "envoy/admin/v3/listeners.pb.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" - -#include "server/admin/utils.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/listeners_handler.h b/source/server/admin/listeners_handler.h index bf48f86419e5..52d52ea0298b 100644 --- a/source/server/admin/listeners_handler.h +++ b/source/server/admin/listeners_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/logs_handler.cc b/source/server/admin/logs_handler.cc index 353a51794745..e5bc7a54a69f 100644 --- a/source/server/admin/logs_handler.cc +++ b/source/server/admin/logs_handler.cc @@ -1,11 +1,10 @@ -#include "server/admin/logs_handler.h" +#include "source/server/admin/logs_handler.h" #include -#include "common/common/fancy_logger.h" -#include "common/common/logger.h" - -#include "server/admin/utils.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/common/logger.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/logs_handler.h b/source/server/admin/logs_handler.h index 1eea995d88ba..21359c27c5a8 100644 --- a/source/server/admin/logs_handler.h +++ b/source/server/admin/logs_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/profiling_handler.cc b/source/server/admin/profiling_handler.cc index 243b8292a0af..e0a3892f2336 100644 --- a/source/server/admin/profiling_handler.cc +++ b/source/server/admin/profiling_handler.cc @@ -1,8 +1,7 @@ -#include "server/admin/profiling_handler.h" +#include "source/server/admin/profiling_handler.h" -#include "common/profiler/profiler.h" - -#include "server/admin/utils.h" +#include "source/common/profiler/profiler.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/prometheus_stats.cc b/source/server/admin/prometheus_stats.cc index a82d59878d93..b0b01dc9759a 100644 --- a/source/server/admin/prometheus_stats.cc +++ b/source/server/admin/prometheus_stats.cc @@ -1,8 +1,8 @@ -#include "server/admin/prometheus_stats.h" +#include "source/server/admin/prometheus_stats.h" -#include "common/common/empty_string.h" -#include "common/common/macros.h" -#include "common/stats/histogram_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/macros.h" +#include "source/common/stats/histogram_impl.h" #include "absl/strings/str_cat.h" diff --git a/source/server/admin/runtime_handler.cc b/source/server/admin/runtime_handler.cc index a827d8a0994b..1aa3b922b98d 100644 --- a/source/server/admin/runtime_handler.cc +++ b/source/server/admin/runtime_handler.cc @@ -1,13 +1,12 @@ -#include "server/admin/runtime_handler.h" +#include "source/server/admin/runtime_handler.h" #include #include -#include "common/common/empty_string.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "server/admin/utils.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/server/admin/utils.h" #include "absl/container/node_hash_map.h" diff --git a/source/server/admin/runtime_handler.h b/source/server/admin/runtime_handler.h index 306a356574b3..30400bec83d1 100644 --- a/source/server/admin/runtime_handler.h +++ b/source/server/admin/runtime_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/server_cmd_handler.cc b/source/server/admin/server_cmd_handler.cc index dfa66a41ee84..de48307c4daa 100644 --- a/source/server/admin/server_cmd_handler.cc +++ b/source/server/admin/server_cmd_handler.cc @@ -1,4 +1,4 @@ -#include "server/admin/server_cmd_handler.h" +#include "source/server/admin/server_cmd_handler.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/server_cmd_handler.h b/source/server/admin/server_cmd_handler.h index cddfb94b3917..7d1a9fc33cd1 100644 --- a/source/server/admin/server_cmd_handler.h +++ b/source/server/admin/server_cmd_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/server_info_handler.cc b/source/server/admin/server_info_handler.cc index 8f5e35797019..4a3d35f916bf 100644 --- a/source/server/admin/server_info_handler.cc +++ b/source/server/admin/server_info_handler.cc @@ -1,11 +1,10 @@ -#include "server/admin/server_info_handler.h" +#include "source/server/admin/server_info_handler.h" #include "envoy/admin/v3/memory.pb.h" -#include "common/memory/stats.h" -#include "common/version/version.h" - -#include "server/admin/utils.h" +#include "source/common/memory/stats.h" +#include "source/common/version/version.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/server_info_handler.h b/source/server/admin/server_info_handler.h index 6a2a29abf3ac..b87c00e0822b 100644 --- a/source/server/admin/server_info_handler.h +++ b/source/server/admin/server_info_handler.h @@ -6,7 +6,7 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "server/admin/handler_ctx.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" diff --git a/source/server/admin/stats_handler.cc b/source/server/admin/stats_handler.cc index 00837e2e393e..d8426f10abc5 100644 --- a/source/server/admin/stats_handler.cc +++ b/source/server/admin/stats_handler.cc @@ -1,14 +1,13 @@ -#include "server/admin/stats_handler.h" +#include "source/server/admin/stats_handler.h" #include "envoy/admin/v3/mutex_stats.pb.h" -#include "common/common/empty_string.h" -#include "common/html/utility.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "server/admin/prometheus_stats.h" -#include "server/admin/utils.h" +#include "source/common/common/empty_string.h" +#include "source/common/html/utility.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/server/admin/prometheus_stats.h" +#include "source/server/admin/utils.h" namespace Envoy { namespace Server { @@ -75,7 +74,6 @@ Http::Code StatsHandler::handlerStats(absl::string_view url, server_.flushStats(); } - Http::Code rc = Http::Code::OK; const Http::Utility::QueryParams params = Http::Utility::parseAndDecodeQueryString(url); const bool used_only = params.find("usedonly") != params.end(); @@ -105,38 +103,27 @@ Http::Code StatsHandler::handlerStats(absl::string_view url, } } - if (const auto format_value = Utility::formatParam(params)) { - if (format_value.value() == "json") { - response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); - response.add( - statsAsJson(all_stats, text_readouts, server_.stats().histograms(), used_only, regex)); - } else if (format_value.value() == "prometheus") { - return handlerPrometheusStats(url, response_headers, response, admin_stream); - } else { - response.add("usage: /stats?format=json or /stats?format=prometheus \n"); - response.add("\n"); - rc = Http::Code::NotFound; - } - } else { // Display plain stats if format query param is not there. - for (const auto& text_readout : text_readouts) { - response.add(fmt::format("{}: \"{}\"\n", text_readout.first, - Html::Utility::sanitize(text_readout.second))); - } - for (const auto& stat : all_stats) { - response.add(fmt::format("{}: {}\n", stat.first, stat.second)); - } - std::map all_histograms; - for (const Stats::ParentHistogramSharedPtr& histogram : server_.stats().histograms()) { - if (shouldShowMetric(*histogram, used_only, regex)) { - auto insert = all_histograms.emplace(histogram->name(), histogram->quantileSummary()); - ASSERT(insert.second); // No duplicates expected. - } - } - for (const auto& histogram : all_histograms) { - response.add(fmt::format("{}: {}\n", histogram.first, histogram.second)); - } + absl::optional format_value = Utility::formatParam(params); + if (!format_value.has_value()) { + // Display plain stats if format query param is not there. + statsAsText(all_stats, text_readouts, server_.stats().histograms(), used_only, regex, response); + return Http::Code::OK; + } + + if (format_value.value() == "json") { + response_headers.setReferenceContentType(Http::Headers::get().ContentTypeValues.Json); + response.add( + statsAsJson(all_stats, text_readouts, server_.stats().histograms(), used_only, regex)); + return Http::Code::OK; + } + + if (format_value.value() == "prometheus") { + return handlerPrometheusStats(url, response_headers, response, admin_stream); } - return rc; + + response.add("usage: /stats?format=json or /stats?format=prometheus \n"); + response.add("\n"); + return Http::Code::NotFound; } Http::Code StatsHandler::handlerPrometheusStats(absl::string_view path_and_query, @@ -175,11 +162,36 @@ Http::Code StatsHandler::handlerContention(absl::string_view, return Http::Code::OK; } +void StatsHandler::statsAsText(const std::map& all_stats, + const std::map& text_readouts, + const std::vector& histograms, + bool used_only, const absl::optional& regex, + Buffer::Instance& response) { + // Display plain stats if format query param is not there. + for (const auto& text_readout : text_readouts) { + response.add(fmt::format("{}: \"{}\"\n", text_readout.first, + Html::Utility::sanitize(text_readout.second))); + } + for (const auto& stat : all_stats) { + response.add(fmt::format("{}: {}\n", stat.first, stat.second)); + } + std::map all_histograms; + for (const Stats::ParentHistogramSharedPtr& histogram : histograms) { + if (shouldShowMetric(*histogram, used_only, regex)) { + auto insert = all_histograms.emplace(histogram->name(), histogram->quantileSummary()); + ASSERT(insert.second); // No duplicates expected. + } + } + for (const auto& histogram : all_histograms) { + response.add(fmt::format("{}: {}\n", histogram.first, histogram.second)); + } +} + std::string StatsHandler::statsAsJson(const std::map& all_stats, const std::map& text_readouts, const std::vector& all_histograms, - const bool used_only, const absl::optional regex, + const bool used_only, const absl::optional& regex, const bool pretty_print) { ProtobufWkt::Struct document; diff --git a/source/server/admin/stats_handler.h b/source/server/admin/stats_handler.h index abdb656ed2c9..84ba69fbde94 100644 --- a/source/server/admin/stats_handler.h +++ b/source/server/admin/stats_handler.h @@ -9,9 +9,8 @@ #include "envoy/server/admin.h" #include "envoy/server/instance.h" -#include "common/stats/histogram_impl.h" - -#include "server/admin/handler_ctx.h" +#include "source/common/stats/histogram_impl.h" +#include "source/server/admin/handler_ctx.h" #include "absl/strings/string_view.h" @@ -61,9 +60,14 @@ class StatsHandler : public HandlerContextBase { static std::string statsAsJson(const std::map& all_stats, const std::map& text_readouts, const std::vector& all_histograms, - bool used_only, - const absl::optional regex = absl::nullopt, + bool used_only, const absl::optional& regex, bool pretty_print = false); + + void statsAsText(const std::map& all_stats, + const std::map& text_readouts, + const std::vector& all_histograms, + bool used_only, const absl::optional& regex, + Buffer::Instance& response); }; } // namespace Server diff --git a/source/server/admin/utils.cc b/source/server/admin/utils.cc index 2402afc47ec2..109e70fbb39b 100644 --- a/source/server/admin/utils.cc +++ b/source/server/admin/utils.cc @@ -1,7 +1,7 @@ -#include "server/admin/utils.h" +#include "source/server/admin/utils.h" -#include "common/common/enum_to_int.h" -#include "common/http/headers.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/http/headers.h" namespace Envoy { namespace Server { diff --git a/source/server/admin/utils.h b/source/server/admin/utils.h index fc091467450a..2bbe6d2c2091 100644 --- a/source/server/admin/utils.h +++ b/source/server/admin/utils.h @@ -5,9 +5,9 @@ #include "envoy/admin/v3/server_info.pb.h" #include "envoy/init/manager.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" namespace Envoy { namespace Server { diff --git a/source/server/api_listener_impl.cc b/source/server/api_listener_impl.cc index e2bdddd6c445..7005ec11d0f2 100644 --- a/source/server/api_listener_impl.cc +++ b/source/server/api_listener_impl.cc @@ -1,16 +1,14 @@ -#include "server/api_listener_impl.h" +#include "source/server/api_listener_impl.h" #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/stats/scope.h" -#include "common/http/conn_manager_impl.h" -#include "common/network/resolver_impl.h" -#include "common/protobuf/utility.h" - -#include "server/drain_manager_impl.h" -#include "server/listener_manager_impl.h" - -#include "extensions/filters/network/http_connection_manager/config.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" +#include "source/server/drain_manager_impl.h" +#include "source/server/listener_manager_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/api_listener_impl.h b/source/server/api_listener_impl.h index ca792e83ebdd..c0e2d0bc7c6c 100644 --- a/source/server/api_listener_impl.h +++ b/source/server/api_listener_impl.h @@ -14,14 +14,13 @@ #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" -#include "common/common/empty_string.h" -#include "common/common/logger.h" -#include "common/http/conn_manager_impl.h" -#include "common/init/manager_impl.h" -#include "common/network/socket_impl.h" -#include "common/stream_info/stream_info_impl.h" - -#include "server/filter_chain_manager_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/logger.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/init/manager_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/server/filter_chain_manager_impl.h" namespace Envoy { namespace Server { @@ -146,7 +145,7 @@ class ApiListenerImplBase : public ApiListener, bool startSecureTransport() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } absl::optional lastRoundTripTime() const override { return {}; }; // ScopeTrackedObject - void dumpState(std::ostream&, int) const override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } + void dumpState(std::ostream& os, int) const override { os << "SyntheticConnection"; } SyntheticReadCallbacks& parent_; Network::SocketAddressSetterSharedPtr address_provider_; diff --git a/source/server/backtrace.cc b/source/server/backtrace.cc index 46ca057ee8a9..60602aabfacf 100644 --- a/source/server/backtrace.cc +++ b/source/server/backtrace.cc @@ -1,4 +1,4 @@ -#include "server/backtrace.h" +#include "source/server/backtrace.h" #include diff --git a/source/server/backtrace.h b/source/server/backtrace.h index fd391a691c81..21976bf12e88 100644 --- a/source/server/backtrace.h +++ b/source/server/backtrace.h @@ -2,8 +2,8 @@ #include -#include "common/common/logger.h" -#include "common/version/version.h" +#include "source/common/common/logger.h" +#include "source/common/version/version.h" #include "absl/debugging/stacktrace.h" #include "absl/debugging/symbolize.h" diff --git a/source/server/config_validation/BUILD b/source/server/config_validation/BUILD index bcf753dcf197..f1c14f54e4f0 100644 --- a/source/server/config_validation/BUILD +++ b/source/server/config_validation/BUILD @@ -9,8 +9,8 @@ envoy_cc_library( srcs = ["admin.cc"], hdrs = ["admin.h"], deps = [ - "//include/envoy/network:listen_socket_interface", - "//include/envoy/server:admin_interface", + "//envoy/network:listen_socket_interface", + "//envoy/server:admin_interface", "//source/common/common:assert_lib", "//source/common/network:listen_socket_lib", "//source/server/admin:config_tracker_lib", @@ -23,8 +23,8 @@ envoy_cc_library( hdrs = ["api.h"], deps = [ ":dispatcher_lib", - "//include/envoy/api:api_interface", - "//include/envoy/filesystem:filesystem_interface", + "//envoy/api:api_interface", + "//envoy/filesystem:filesystem_interface", "//source/common/api:api_lib", ], ) @@ -34,7 +34,7 @@ envoy_cc_library( srcs = ["cluster_manager.cc"], hdrs = ["cluster_manager.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:utility_lib", "//source/common/http:context_lib", "//source/common/upstream:cluster_manager_lib", @@ -52,8 +52,8 @@ envoy_cc_library( "dns.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:connection_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:connection_interface", "//source/common/common:assert_lib", "//source/common/event:dispatcher_lib", ], @@ -64,8 +64,8 @@ envoy_cc_library( srcs = ["dns.cc"], hdrs = ["dns.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:dns_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:dns_interface", ], ) @@ -79,10 +79,10 @@ envoy_cc_library( ":api_lib", ":cluster_manager_lib", ":dns_lib", - "//include/envoy/server:drain_manager_interface", - "//include/envoy/server:instance_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/server:drain_manager_interface", + "//envoy/server:instance_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/access_log:access_log_manager_lib", "//source/common/common:assert_lib", "//source/common/common:utility_lib", diff --git a/source/server/config_validation/admin.cc b/source/server/config_validation/admin.cc index 8a0874ee0e11..a7ba41394788 100644 --- a/source/server/config_validation/admin.cc +++ b/source/server/config_validation/admin.cc @@ -1,4 +1,4 @@ -#include "server/config_validation/admin.h" +#include "source/server/config_validation/admin.h" namespace Envoy { namespace Server { diff --git a/source/server/config_validation/admin.h b/source/server/config_validation/admin.h index 68a309aee4bb..45fc2a224f79 100644 --- a/source/server/config_validation/admin.h +++ b/source/server/config_validation/admin.h @@ -3,10 +3,9 @@ #include "envoy/network/listen_socket.h" #include "envoy/server/admin.h" -#include "common/common/assert.h" -#include "common/network/listen_socket_impl.h" - -#include "server/admin/config_tracker_impl.h" +#include "source/common/common/assert.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/server/admin/config_tracker_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/config_validation/api.cc b/source/server/config_validation/api.cc index bcf28c69172b..75f8e755797c 100644 --- a/source/server/config_validation/api.cc +++ b/source/server/config_validation/api.cc @@ -1,8 +1,7 @@ -#include "server/config_validation/api.h" +#include "source/server/config_validation/api.h" -#include "common/common/assert.h" - -#include "server/config_validation/dispatcher.h" +#include "source/common/common/assert.h" +#include "source/server/config_validation/dispatcher.h" namespace Envoy { namespace Api { diff --git a/source/server/config_validation/api.h b/source/server/config_validation/api.h index 2d44022c191a..6725362caa73 100644 --- a/source/server/config_validation/api.h +++ b/source/server/config_validation/api.h @@ -4,7 +4,7 @@ #include "envoy/event/timer.h" #include "envoy/filesystem/filesystem.h" -#include "common/api/api_impl.h" +#include "source/common/api/api_impl.h" namespace Envoy { namespace Api { diff --git a/source/server/config_validation/cluster_manager.cc b/source/server/config_validation/cluster_manager.cc index e54aa866f183..16ab99e868fc 100644 --- a/source/server/config_validation/cluster_manager.cc +++ b/source/server/config_validation/cluster_manager.cc @@ -1,9 +1,9 @@ -#include "server/config_validation/cluster_manager.h" +#include "source/server/config_validation/cluster_manager.h" #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/config_source.pb.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Upstream { diff --git a/source/server/config_validation/cluster_manager.h b/source/server/config_validation/cluster_manager.h index 7d9d42d323bf..60c801a5260d 100644 --- a/source/server/config_validation/cluster_manager.h +++ b/source/server/config_validation/cluster_manager.h @@ -6,8 +6,8 @@ #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" -#include "common/http/context_impl.h" -#include "common/upstream/cluster_manager_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/upstream/cluster_manager_impl.h" namespace Envoy { namespace Upstream { diff --git a/source/server/config_validation/connection.h b/source/server/config_validation/connection.h index 6fb9839ff890..c7b2dfc9f8b4 100644 --- a/source/server/config_validation/connection.h +++ b/source/server/config_validation/connection.h @@ -1,8 +1,7 @@ #pragma once -#include "common/network/connection_impl.h" - -#include "server/config_validation/dispatcher.h" +#include "source/common/network/connection_impl.h" +#include "source/server/config_validation/dispatcher.h" namespace Envoy { namespace Network { diff --git a/source/server/config_validation/dispatcher.cc b/source/server/config_validation/dispatcher.cc index 3316f58065c2..a4aacf9dd25e 100644 --- a/source/server/config_validation/dispatcher.cc +++ b/source/server/config_validation/dispatcher.cc @@ -1,8 +1,7 @@ -#include "server/config_validation/dispatcher.h" +#include "source/server/config_validation/dispatcher.h" -#include "common/common/assert.h" - -#include "server/config_validation/connection.h" +#include "source/common/common/assert.h" +#include "source/server/config_validation/connection.h" namespace Envoy { namespace Event { @@ -17,7 +16,8 @@ Network::ClientConnectionPtr ValidationDispatcher::createClientConnection( } Network::DnsResolverSharedPtr ValidationDispatcher::createDnsResolver( - const std::vector&, const bool) { + const std::vector&, + const envoy::config::core::v3::DnsResolverOptions&) { return dns_resolver_; } diff --git a/source/server/config_validation/dispatcher.h b/source/server/config_validation/dispatcher.h index b5deea61f58d..5857df0811d7 100644 --- a/source/server/config_validation/dispatcher.h +++ b/source/server/config_validation/dispatcher.h @@ -2,7 +2,7 @@ #include "envoy/event/dispatcher.h" -#include "common/event/dispatcher_impl.h" +#include "source/common/event/dispatcher_impl.h" #include "dns.h" @@ -23,9 +23,9 @@ class ValidationDispatcher : public DispatcherImpl { createClientConnection(Network::Address::InstanceConstSharedPtr, Network::Address::InstanceConstSharedPtr, Network::TransportSocketPtr&&, const Network::ConnectionSocket::OptionsSharedPtr& options) override; - Network::DnsResolverSharedPtr - createDnsResolver(const std::vector& resolvers, - const bool use_tcp_for_dns_lookups) override; + Network::DnsResolverSharedPtr createDnsResolver( + const std::vector& resolvers, + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) override; Network::ListenerPtr createListener(Network::SocketSharedPtr&&, Network::TcpListenerCallbacks&, bool bind_to_port, uint32_t backlog_size) override; diff --git a/source/server/config_validation/dns.cc b/source/server/config_validation/dns.cc index e9b4f19c4650..c590bf181133 100644 --- a/source/server/config_validation/dns.cc +++ b/source/server/config_validation/dns.cc @@ -1,4 +1,4 @@ -#include "server/config_validation/dns.h" +#include "source/server/config_validation/dns.h" namespace Envoy { namespace Network { diff --git a/source/server/config_validation/server.cc b/source/server/config_validation/server.cc index 100647275b8c..11ab271ccda3 100644 --- a/source/server/config_validation/server.cc +++ b/source/server/config_validation/server.cc @@ -1,18 +1,17 @@ -#include "server/config_validation/server.h" +#include "source/server/config_validation/server.h" #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/event/real_time_system.h" -#include "common/local_info/local_info_impl.h" -#include "common/protobuf/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/version/version.h" - -#include "server/ssl_context_manager.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/event/real_time_system.h" +#include "source/common/local_info/local_info_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/version/version.h" +#include "source/server/ssl_context_manager.h" namespace Envoy { namespace Server { diff --git a/source/server/config_validation/server.h b/source/server/config_validation/server.h index 1919a6643ad8..c86de87e278b 100644 --- a/source/server/config_validation/server.h +++ b/source/server/config_validation/server.h @@ -11,24 +11,23 @@ #include "envoy/ssl/context_manager.h" #include "envoy/tracing/http_tracer.h" -#include "common/access_log/access_log_manager_impl.h" -#include "common/common/assert.h" -#include "common/common/random_generator.h" -#include "common/grpc/common.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/router/context_impl.h" -#include "common/router/rds_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/secret/secret_manager_impl.h" -#include "common/thread_local/thread_local_impl.h" - -#include "server/admin/admin.h" -#include "server/config_validation/admin.h" -#include "server/config_validation/api.h" -#include "server/config_validation/cluster_manager.h" -#include "server/config_validation/dns.h" -#include "server/listener_manager_impl.h" -#include "server/server.h" +#include "source/common/access_log/access_log_manager_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/random_generator.h" +#include "source/common/grpc/common.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/router/context_impl.h" +#include "source/common/router/rds_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/secret/secret_manager_impl.h" +#include "source/common/thread_local/thread_local_impl.h" +#include "source/server/admin/admin.h" +#include "source/server/config_validation/admin.h" +#include "source/server/config_validation/api.h" +#include "source/server/config_validation/cluster_manager.h" +#include "source/server/config_validation/dns.h" +#include "source/server/listener_manager_impl.h" +#include "source/server/server.h" #include "absl/types/optional.h" @@ -75,7 +74,7 @@ class ValidationInstance final : Logger::Loggable, Ssl::ContextManager& sslContextManager() override { return *ssl_context_manager_; } Event::Dispatcher& dispatcher() override { return *dispatcher_; } Network::DnsResolverSharedPtr dnsResolver() override { - return dispatcher().createDnsResolver({}, false); + return dispatcher().createDnsResolver({}, envoy::config::core::v3::DnsResolverOptions()); } void drainListeners() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } DrainManager& drainManager() override { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } diff --git a/source/server/configuration_impl.cc b/source/server/configuration_impl.cc index debbfef503d2..f09586440b42 100644 --- a/source/server/configuration_impl.cc +++ b/source/server/configuration_impl.cc @@ -1,4 +1,4 @@ -#include "server/configuration_impl.h" +#include "source/server/configuration_impl.h" #include #include @@ -16,15 +16,14 @@ #include "envoy/server/tracer_config.h" #include "envoy/ssl/context_manager.h" -#include "common/access_log/access_log_impl.h" -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/config/runtime_utility.h" -#include "common/config/utility.h" -#include "common/network/socket_option_factory.h" -#include "common/protobuf/utility.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/config/runtime_utility.h" +#include "source/common/config/utility.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/configuration_impl.h b/source/server/configuration_impl.h index 5cbdec23bf6a..58a7474a5872 100644 --- a/source/server/configuration_impl.h +++ b/source/server/configuration_impl.h @@ -17,9 +17,9 @@ #include "envoy/server/filter_config.h" #include "envoy/server/instance.h" -#include "common/common/logger.h" -#include "common/network/resolver_impl.h" -#include "common/network/utility.h" +#include "source/common/common/logger.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Server { diff --git a/source/server/connection_handler_impl.cc b/source/server/connection_handler_impl.cc index 84ea2bbc416f..e13ca96dbfff 100644 --- a/source/server/connection_handler_impl.cc +++ b/source/server/connection_handler_impl.cc @@ -1,14 +1,13 @@ -#include "server/connection_handler_impl.h" +#include "source/server/connection_handler_impl.h" #include #include "envoy/event/dispatcher.h" #include "envoy/network/filter.h" -#include "common/event/deferred_task.h" -#include "common/network/utility.h" - -#include "server/active_tcp_listener.h" +#include "source/common/event/deferred_task.h" +#include "source/common/network/utility.h" +#include "source/server/active_tcp_listener.h" namespace Envoy { namespace Server { diff --git a/source/server/connection_handler_impl.h b/source/server/connection_handler_impl.h index 4d73ba79fe21..24ff9cffafde 100644 --- a/source/server/connection_handler_impl.h +++ b/source/server/connection_handler_impl.h @@ -12,7 +12,7 @@ #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" -#include "common/common/non_copyable.h" +#include "source/common/common/non_copyable.h" #include "spdlog/spdlog.h" diff --git a/source/server/drain_manager_impl.cc b/source/server/drain_manager_impl.cc index 132108b95eaf..41e8b8db6dec 100644 --- a/source/server/drain_manager_impl.cc +++ b/source/server/drain_manager_impl.cc @@ -1,4 +1,4 @@ -#include "server/drain_manager_impl.h" +#include "source/server/drain_manager_impl.h" #include #include @@ -7,7 +7,7 @@ #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/event/timer.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Server { diff --git a/source/server/drain_manager_impl.h b/source/server/drain_manager_impl.h index c8056f22396c..352d0669b38a 100644 --- a/source/server/drain_manager_impl.h +++ b/source/server/drain_manager_impl.h @@ -8,7 +8,7 @@ #include "envoy/server/drain_manager.h" #include "envoy/server/instance.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Server { diff --git a/source/server/filter_chain_manager_impl.cc b/source/server/filter_chain_manager_impl.cc index f95fd064d6a8..427b3cb0eeef 100644 --- a/source/server/filter_chain_manager_impl.cc +++ b/source/server/filter_chain_manager_impl.cc @@ -1,15 +1,14 @@ -#include "server/filter_chain_manager_impl.h" +#include "source/server/filter_chain_manager_impl.h" #include "envoy/config/listener/v3/listener_components.pb.h" -#include "common/common/cleanup.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/network/socket_interface.h" -#include "common/protobuf/utility.h" - -#include "server/configuration_impl.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/network/socket_interface.h" +#include "source/common/protobuf/utility.h" +#include "source/server/configuration_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/match.h" diff --git a/source/server/filter_chain_manager_impl.h b/source/server/filter_chain_manager_impl.h index f1ef81e98bbc..bb7b9cd32af0 100644 --- a/source/server/filter_chain_manager_impl.h +++ b/source/server/filter_chain_manager_impl.h @@ -12,12 +12,11 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/logger.h" -#include "common/init/manager_impl.h" -#include "common/network/cidr_range.h" -#include "common/network/lc_trie.h" - -#include "server/filter_chain_factory_context_callback.h" +#include "source/common/common/logger.h" +#include "source/common/init/manager_impl.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/lc_trie.h" +#include "source/server/filter_chain_factory_context_callback.h" #include "absl/container/flat_hash_map.h" diff --git a/source/server/guarddog_impl.cc b/source/server/guarddog_impl.cc index fbc3e59a4682..9aafc65b714f 100644 --- a/source/server/guarddog_impl.cc +++ b/source/server/guarddog_impl.cc @@ -1,4 +1,4 @@ -#include "server/guarddog_impl.h" +#include "source/server/guarddog_impl.h" #include @@ -15,17 +15,17 @@ #include "envoy/stats/scope.h" #include "envoy/watchdog/v3alpha/abort_action.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/lock_guard.h" -#include "common/common/logger.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" -#include "common/stats/symbol_table_impl.h" - -#include "server/watchdog_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/logger.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/server/watchdog_impl.h" #include "absl/synchronization/mutex.h" +#include "absl/synchronization/notification.h" namespace Envoy { namespace Server { @@ -217,14 +217,21 @@ void GuardDogImpl::stopWatching(WatchDogSharedPtr wd) { void GuardDogImpl::start(Api::Api& api) { Thread::LockGuard guard(mutex_); + + // Synchronize between calling thread and guarddog thread. + absl::Notification guarddog_thread_started; + // See comments in WorkerImpl::start for the naming convention. Thread::Options options{absl::StrCat("dog:", dispatcher_->name())}; thread_ = api.threadFactory().createThread( - [this]() -> void { + [this, &guarddog_thread_started]() -> void { loop_timer_->enableTimer(std::chrono::milliseconds(0)); + dispatcher_->post([&guarddog_thread_started]() { guarddog_thread_started.Notify(); }); dispatcher_->run(Event::Dispatcher::RunType::RunUntilExit); }, options); + + guarddog_thread_started.WaitForNotification(); } void GuardDogImpl::stop() { diff --git a/source/server/guarddog_impl.h b/source/server/guarddog_impl.h index b6a4fb475977..065fa66c9e18 100644 --- a/source/server/guarddog_impl.h +++ b/source/server/guarddog_impl.h @@ -13,12 +13,11 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" -#include "common/common/lock_guard.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/event/libevent.h" - -#include "server/watchdog_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/event/libevent.h" +#include "source/server/watchdog_impl.h" #include "absl/types/optional.h" diff --git a/source/server/hot_restart_impl.cc b/source/server/hot_restart_impl.cc index 56db57578985..ab9e28f38618 100644 --- a/source/server/hot_restart_impl.cc +++ b/source/server/hot_restart_impl.cc @@ -1,4 +1,4 @@ -#include "server/hot_restart_impl.h" +#include "source/server/hot_restart_impl.h" #include #include @@ -13,10 +13,10 @@ #include "envoy/event/file_event.h" #include "envoy/server/instance.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/api/os_sys_calls_impl_hot_restart.h" -#include "common/common/fmt.h" -#include "common/common/lock_guard.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl_hot_restart.h" +#include "source/common/common/fmt.h" +#include "source/common/common/lock_guard.h" #include "absl/strings/string_view.h" diff --git a/source/server/hot_restart_impl.h b/source/server/hot_restart_impl.h index 309b6e766484..63545c8fd1b0 100644 --- a/source/server/hot_restart_impl.h +++ b/source/server/hot_restart_impl.h @@ -11,11 +11,10 @@ #include "envoy/common/platform.h" #include "envoy/server/hot_restart.h" -#include "common/common/assert.h" -#include "common/stats/allocator_impl.h" - -#include "server/hot_restarting_child.h" -#include "server/hot_restarting_parent.h" +#include "source/common/common/assert.h" +#include "source/common/stats/allocator_impl.h" +#include "source/server/hot_restarting_child.h" +#include "source/server/hot_restarting_parent.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restart_nop_impl.h b/source/server/hot_restart_nop_impl.h index 5e5250185582..28369b3b1ac6 100644 --- a/source/server/hot_restart_nop_impl.h +++ b/source/server/hot_restart_nop_impl.h @@ -4,8 +4,8 @@ #include "envoy/server/hot_restart.h" -#include "common/common/thread.h" -#include "common/stats/allocator_impl.h" +#include "source/common/common/thread.h" +#include "source/common/stats/allocator_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_base.cc b/source/server/hot_restarting_base.cc index ea8424f1778e..22e8286ca02d 100644 --- a/source/server/hot_restarting_base.cc +++ b/source/server/hot_restarting_base.cc @@ -1,11 +1,11 @@ -#include "server/hot_restarting_base.h" - -#include "common/api/os_sys_calls_impl.h" -#include "common/common/mem_block_builder.h" -#include "common/common/safe_memcpy.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/stats/utility.h" +#include "source/server/hot_restarting_base.h" + +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/mem_block_builder.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_base.h b/source/server/hot_restarting_base.h index 1d1fac8c921c..16eefe939282 100644 --- a/source/server/hot_restarting_base.h +++ b/source/server/hot_restarting_base.h @@ -15,7 +15,7 @@ #include "envoy/server/options.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_child.cc b/source/server/hot_restarting_child.cc index cd673303475b..ff49a173d5e0 100644 --- a/source/server/hot_restarting_child.cc +++ b/source/server/hot_restarting_child.cc @@ -1,6 +1,6 @@ -#include "server/hot_restarting_child.h" +#include "source/server/hot_restarting_child.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_child.h b/source/server/hot_restarting_child.h index 4ac03e4182c0..f2a7056874d2 100644 --- a/source/server/hot_restarting_child.h +++ b/source/server/hot_restarting_child.h @@ -1,8 +1,7 @@ #pragma once -#include "common/stats/stat_merger.h" - -#include "server/hot_restarting_base.h" +#include "source/common/stats/stat_merger.h" +#include "source/server/hot_restarting_base.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_parent.cc b/source/server/hot_restarting_parent.cc index 6898c0db9999..d399bc7b16ac 100644 --- a/source/server/hot_restarting_parent.cc +++ b/source/server/hot_restarting_parent.cc @@ -1,14 +1,13 @@ -#include "server/hot_restarting_parent.h" +#include "source/server/hot_restarting_parent.h" #include "envoy/server/instance.h" -#include "common/memory/stats.h" -#include "common/network/utility.h" -#include "common/stats/stat_merger.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" - -#include "server/listener_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/network/utility.h" +#include "source/common/stats/stat_merger.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" +#include "source/server/listener_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/hot_restarting_parent.h b/source/server/hot_restarting_parent.h index 298ff426aea1..d838d8e72ac5 100644 --- a/source/server/hot_restarting_parent.h +++ b/source/server/hot_restarting_parent.h @@ -1,8 +1,7 @@ #pragma once -#include "common/common/hash.h" - -#include "server/hot_restarting_base.h" +#include "source/common/common/hash.h" +#include "source/server/hot_restarting_base.h" namespace Envoy { namespace Server { diff --git a/source/server/lds_api.cc b/source/server/lds_api.cc index f6a16585fa43..1a1f9f9aed98 100644 --- a/source/server/lds_api.cc +++ b/source/server/lds_api.cc @@ -1,4 +1,4 @@ -#include "server/lds_api.h" +#include "source/server/lds_api.h" #include "envoy/admin/v3/config_dump.pb.h" #include "envoy/config/core/v3/config_source.pb.h" @@ -7,11 +7,11 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/config/api_version.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/config/api_version.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" #include "absl/container/node_hash_set.h" #include "absl/strings/str_join.h" diff --git a/source/server/lds_api.h b/source/server/lds_api.h index 3474a5038904..05a4db0a29f5 100644 --- a/source/server/lds_api.h +++ b/source/server/lds_api.h @@ -12,9 +12,9 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/common/logger.h" -#include "common/config/subscription_base.h" -#include "common/init/target_impl.h" +#include "source/common/common/logger.h" +#include "source/common/config/subscription_base.h" +#include "source/common/init/target_impl.h" namespace Envoy { namespace Server { diff --git a/source/server/listener_impl.cc b/source/server/listener_impl.cc index 405937f7cf7b..0606862c8238 100644 --- a/source/server/listener_impl.cc +++ b/source/server/listener_impl.cc @@ -1,4 +1,4 @@ -#include "server/listener_impl.h" +#include "source/server/listener_impl.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/listener/v3/listener.pb.h" @@ -10,38 +10,38 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" -#include "common/access_log/access_log_impl.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/config/utility.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/resolver_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" - -#include "server/active_raw_udp_listener_config.h" -#include "server/configuration_impl.h" -#include "server/drain_manager_impl.h" -#include "server/filter_chain_manager_impl.h" -#include "server/listener_manager_impl.h" -#include "server/transport_socket_config_impl.h" - -#include "extensions/filters/listener/well_known_names.h" - -#if defined(ENVOY_ENABLE_QUIC) -#include "common/quic/active_quic_listener.h" -#include "common/quic/udp_gso_batch_writer.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/config/utility.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/server/active_raw_udp_listener_config.h" +#include "source/server/configuration_impl.h" +#include "source/server/drain_manager_impl.h" +#include "source/server/filter_chain_manager_impl.h" +#include "source/server/listener_manager_impl.h" +#include "source/server/transport_socket_config_impl.h" + +#ifdef ENVOY_ENABLE_QUIC +#include "source/common/quic/active_quic_listener.h" +#include "source/common/quic/udp_gso_batch_writer.h" #endif namespace Envoy { namespace Server { namespace { + +const std::string TlsInspector = "envoy.filters.listener.tls_inspector"; + bool anyFilterChain( const envoy::config::listener::v3::Listener& config, std::function predicate) { @@ -61,13 +61,11 @@ bool needTlsInspector(const envoy::config::listener::v3::Listener& config) { (!matcher.server_names().empty() || !matcher.application_protocols().empty())); }) && - !std::any_of( - config.listener_filters().begin(), config.listener_filters().end(), - [](const auto& filter) { - return filter.name() == - Extensions::ListenerFilters::ListenerFilterNames::get().TlsInspector || - filter.name() == "envoy.listener.tls_inspector"; - }); + !std::any_of(config.listener_filters().begin(), config.listener_filters().end(), + [](const auto& filter) { + return filter.name() == "envoy.listener.tls_inspector" || + filter.name() == TlsInspector; + }); } bool usesProxyProto(const envoy::config::listener::v3::Listener& config) { @@ -289,15 +287,21 @@ ListenerImpl::ListenerImpl(const envoy::config::listener::v3::Listener& config, open_connections_(std::make_shared( std::numeric_limits::max(), listener_factory_context_->runtime(), cx_limit_runtime_key_)), - local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), [this] { - if (workers_started_) { - parent_.onListenerWarmed(*this); - } else { - // Notify Server that this listener is - // ready. - listener_init_target_.ready(); - } - }) { + local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), + [this] { + if (workers_started_) { + parent_.onListenerWarmed(*this); + } else { + // Notify Server that this listener is + // ready. + listener_init_target_.ready(); + } + }) +#ifdef ENVOY_ENABLE_QUIC + , + quic_stat_names_(parent_.quicStatNames()) +#endif +{ const absl::optional runtime_val = listener_factory_context_->runtime().snapshot().get(cx_limit_runtime_key_); @@ -360,10 +364,16 @@ ListenerImpl::ListenerImpl(ListenerImpl& origin, origin.listener_factory_context_->listener_factory_context_base_, this, *this)), filter_chain_manager_(address_, origin.listener_factory_context_->parentFactoryContext(), initManager(), origin.filter_chain_manager_), - local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), [this] { - ASSERT(workers_started_); - parent_.inPlaceFilterChainUpdate(*this); - }) { + local_init_watcher_(fmt::format("Listener-local-init-watcher {}", name), + [this] { + ASSERT(workers_started_); + parent_.inPlaceFilterChainUpdate(*this); + }) +#ifdef ENVOY_ENABLE_QUIC + , + quic_stat_names_(parent_.quicStatNames()) +#endif +{ buildAccessLog(); auto socket_type = Network::Utility::protobufAddressSocketType(config.address()); buildListenSocketOptions(socket_type); @@ -401,9 +411,9 @@ void ListenerImpl::buildUdpListenerFactory(Network::Socket::Type socket_type, udp_listener_config_ = std::make_unique(config_.udp_listener_config()); if (config_.udp_listener_config().has_quic_options()) { -#if defined(ENVOY_ENABLE_QUIC) +#ifdef ENVOY_ENABLE_QUIC udp_listener_config_->listener_factory_ = std::make_unique( - config_.udp_listener_config().quic_options(), concurrency); + config_.udp_listener_config().quic_options(), concurrency, quic_stat_names_); #if UDP_GSO_BATCH_WRITER_COMPILETIME_SUPPORT // TODO(mattklein123): We should be able to use GSO without QUICHE/QUIC. Right now this causes // non-QUIC integration tests to fail, which I haven't investigated yet. Additionally, from @@ -542,7 +552,7 @@ void ListenerImpl::buildOriginalDstListenerFilter() { if (PROTOBUF_GET_WRAPPED_OR_DEFAULT(config_, use_original_dst, false)) { auto& factory = Config::Utility::getAndCheckFactoryByName( - Extensions::ListenerFilters::ListenerFilterNames::get().OriginalDst); + "envoy.filters.listener.original_dst"); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( Envoy::ProtobufWkt::Empty(), @@ -558,7 +568,7 @@ void ListenerImpl::buildProxyProtocolListenerFilter() { if (usesProxyProto(config_)) { auto& factory = Config::Utility::getAndCheckFactoryByName( - Extensions::ListenerFilters::ListenerFilterNames::get().ProxyProtocol); + "envoy.filters.listener.proxy_protocol"); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( envoy::extensions::filters::listener::proxy_protocol::v3::ProxyProtocol(), /*listener_filter_matcher=*/nullptr, *listener_factory_context_)); @@ -579,7 +589,7 @@ void ListenerImpl::buildTlsInspectorListenerFilter() { auto& factory = Config::Utility::getAndCheckFactoryByName( - Extensions::ListenerFilters::ListenerFilterNames::get().TlsInspector); + TlsInspector); listener_filter_factories_.push_back(factory.createListenerFilterFactoryFromProto( Envoy::ProtobufWkt::Empty(), /*listener_filter_matcher=*/nullptr, *listener_factory_context_)); diff --git a/source/server/listener_impl.h b/source/server/listener_impl.h index 2f0b860bd133..d04613f03069 100644 --- a/source/server/listener_impl.h +++ b/source/server/listener_impl.h @@ -13,15 +13,18 @@ #include "envoy/server/listener_manager.h" #include "envoy/stats/scope.h" -#include "common/common/basic_resource_impl.h" -#include "common/common/logger.h" -#include "common/init/manager_impl.h" -#include "common/init/target_impl.h" - -#include "server/filter_chain_manager_impl.h" +#include "source/common/common/basic_resource_impl.h" +#include "source/common/common/logger.h" +#include "source/common/init/manager_impl.h" +#include "source/common/init/target_impl.h" +#include "source/server/filter_chain_manager_impl.h" #include "absl/base/call_once.h" +#ifdef ENVOY_ENABLE_QUIC +#include "source/common/quic/quic_stat_names.h" +#endif + namespace Envoy { namespace Server { @@ -424,6 +427,10 @@ class ListenerImpl final : public Network::ListenerConfig, // callback during the destroy of ListenerImpl. Init::WatcherImpl local_init_watcher_; +#ifdef ENVOY_ENABLE_QUIC + Quic::QuicStatNames& quic_stat_names_; +#endif + // to access ListenerManagerImpl::factory_. friend class ListenerFilterChainFactoryBuilder; }; diff --git a/source/server/listener_manager_impl.cc b/source/server/listener_manager_impl.cc index c9fa407fd791..ca25b2ad23b1 100644 --- a/source/server/listener_manager_impl.cc +++ b/source/server/listener_manager_impl.cc @@ -1,4 +1,4 @@ -#include "server/listener_manager_impl.h" +#include "source/server/listener_manager_impl.h" #include @@ -13,28 +13,28 @@ #include "envoy/server/transport_socket_config.h" #include "envoy/stats/scope.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/network/filter_matcher.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/network/filter_matcher.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" + +#include "absl/synchronization/blocking_counter.h" #if defined(ENVOY_ENABLE_QUIC) -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/quic_transport_socket_factory.h" #endif -#include "server/api_listener_impl.h" -#include "server/configuration_impl.h" -#include "server/drain_manager_impl.h" -#include "server/filter_chain_manager_impl.h" -#include "server/transport_socket_config_impl.h" - -#include "extensions/filters/listener/well_known_names.h" +#include "source/server/api_listener_impl.h" +#include "source/server/configuration_impl.h" +#include "source/server/drain_manager_impl.h" +#include "source/server/filter_chain_manager_impl.h" +#include "source/server/transport_socket_config_impl.h" namespace Envoy { namespace Server { @@ -559,17 +559,6 @@ void ListenerManagerImpl::drainListener(ListenerImplPtr&& listener) { // main thread to avoid locking. This makes sure that we don't destroy the listener // while filters might still be using its context (stats, etc.). server_.dispatcher().post([this, draining_it]() -> void { - // TODO(lambdai): Resolve race condition below. - // Consider the below events in global sequence order - // main thread: calling drainListener - // work thread: deferred delete the active connection - // work thread: post to main that the drain is done - // main thread: erase the listener - // worker thread: execute destroying connection when the shared listener config is - // destroyed at step 4 (could be worse such as access the connection because connection is - // not yet started to deleted). The race condition is introduced because 3 occurs too - // early. My solution is to defer schedule the callback posting to main thread, by - // introducing DeferTaskUtil. So that 5 should always happen before 3. if (--draining_it->workers_pending_removal_ == 0) { draining_it->listener_->debugLog("draining listener removal complete"); draining_listeners_.erase(draining_it); @@ -833,6 +822,11 @@ void ListenerManagerImpl::startWorkers(GuardDog& guard_dog, std::functionstart(guard_dog); + worker->start(guard_dog, worker_started_running); if (enable_dispatcher_stats_) { worker->initializeStats(*scope_); } i++; } + + // Wait for workers to start running. + workers_waiting_to_run.Wait(); + if (active_listeners_.empty()) { stats_.workers_started_.set(1); callback(); diff --git a/source/server/listener_manager_impl.h b/source/server/listener_manager_impl.h index 045465f837ce..8b1ee3f1d8b6 100644 --- a/source/server/listener_manager_impl.h +++ b/source/server/listener_manager_impl.h @@ -18,10 +18,14 @@ #include "envoy/server/worker.h" #include "envoy/stats/scope.h" -#include "server/filter_chain_factory_context_callback.h" -#include "server/filter_chain_manager_impl.h" -#include "server/lds_api.h" -#include "server/listener_impl.h" +#include "source/server/filter_chain_factory_context_callback.h" +#include "source/server/filter_chain_manager_impl.h" +#include "source/server/lds_api.h" +#include "source/server/listener_impl.h" + +#ifdef ENVOY_ENABLE_QUIC +#include "source/common/quic/quic_stat_names.h" +#endif namespace Envoy { namespace Server { @@ -202,6 +206,10 @@ class ListenerManagerImpl : public ListenerManager, Logger::Loggable> error_state_tracker_; FailureStates overall_error_state_; +#ifdef ENVOY_ENABLE_QUIC + Quic::QuicStatNames quic_stat_names_ = Quic::QuicStatNames(server_.stats().symbolTable()); +#endif }; class ListenerFilterChainFactoryBuilder : public FilterChainFactoryBuilder { diff --git a/source/server/options_impl.cc b/source/server/options_impl.cc index f1c2ce979a77..57becc5a89e4 100644 --- a/source/server/options_impl.cc +++ b/source/server/options_impl.cc @@ -1,4 +1,4 @@ -#include "server/options_impl.h" +#include "source/server/options_impl.h" #include #include @@ -7,13 +7,12 @@ #include "envoy/admin/v3/server_info.pb.h" -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/macros.h" -#include "common/protobuf/utility.h" -#include "common/version/version.h" - -#include "server/options_impl_platform.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" +#include "source/common/protobuf/utility.h" +#include "source/common/version/version.h" +#include "source/server/options_impl_platform.h" #include "absl/strings/str_replace.h" #include "absl/strings/str_split.h" @@ -41,8 +40,7 @@ OptionsImpl::OptionsImpl(int argc, const char* const* argv, OptionsImpl::OptionsImpl(std::vector args, const HotRestartVersionCb& hot_restart_version_cb, - spdlog::level::level_enum default_log_level) - : signal_handling_enabled_(true) { + spdlog::level::level_enum default_log_level) { std::string log_levels_string = fmt::format("Log levels: {}", allowedLogLevels()); log_levels_string += fmt::format("\nDefault is [{}]", spdlog::level::level_string_views[default_log_level]); diff --git a/source/server/options_impl.h b/source/server/options_impl.h index cd5ac7232e65..9efd569cf2bd 100644 --- a/source/server/options_impl.h +++ b/source/server/options_impl.h @@ -9,7 +9,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/options.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "spdlog/spdlog.h" @@ -90,7 +90,7 @@ class OptionsImpl : public Server::Options, protected Logger::Loggable -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { class OptionsImplPlatform : protected Logger::Loggable { diff --git a/source/server/options_impl_platform_default.cc b/source/server/options_impl_platform_default.cc index 3b4cbbe3118e..2f526e178fbc 100644 --- a/source/server/options_impl_platform_default.cc +++ b/source/server/options_impl_platform_default.cc @@ -1,8 +1,7 @@ #include -#include "common/common/logger.h" - -#include "server/options_impl_platform.h" +#include "source/common/common/logger.h" +#include "source/server/options_impl_platform.h" namespace Envoy { diff --git a/source/server/options_impl_platform_linux.cc b/source/server/options_impl_platform_linux.cc index 069c68ab83da..9365614dc184 100644 --- a/source/server/options_impl_platform_linux.cc +++ b/source/server/options_impl_platform_linux.cc @@ -2,15 +2,14 @@ #error "Linux platform file is part of non-Linux build." #endif -#include "server/options_impl_platform_linux.h" +#include "source/server/options_impl_platform_linux.h" #include #include -#include "common/api/os_sys_calls_impl_linux.h" - -#include "server/options_impl_platform.h" +#include "source/common/api/os_sys_calls_impl_linux.h" +#include "source/server/options_impl_platform.h" namespace Envoy { diff --git a/source/server/overload_manager_impl.cc b/source/server/overload_manager_impl.cc index 71be8f3c5699..ee6e479a6d40 100644 --- a/source/server/overload_manager_impl.cc +++ b/source/server/overload_manager_impl.cc @@ -1,4 +1,4 @@ -#include "server/overload_manager_impl.h" +#include "source/server/overload_manager_impl.h" #include @@ -7,13 +7,12 @@ #include "envoy/config/overload/v3/overload.pb.validate.h" #include "envoy/stats/scope.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/event/scaled_range_timer_manager_impl.h" -#include "common/protobuf/utility.h" -#include "common/stats/symbol_table_impl.h" - -#include "server/resource_monitor_config_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/event/scaled_range_timer_manager_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/server/resource_monitor_config_impl.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" diff --git a/source/server/overload_manager_impl.h b/source/server/overload_manager_impl.h index 730d4ae06391..784308b1f4b8 100644 --- a/source/server/overload_manager_impl.h +++ b/source/server/overload_manager_impl.h @@ -15,8 +15,8 @@ #include "envoy/stats/stats.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/logger.h" -#include "common/event/scaled_range_timer_manager_impl.h" +#include "source/common/common/logger.h" +#include "source/common/event/scaled_range_timer_manager_impl.h" #include "absl/container/node_hash_map.h" #include "absl/container/node_hash_set.h" diff --git a/source/server/proto_descriptors.cc b/source/server/proto_descriptors.cc index 2a71693eefe8..d7043ff18feb 100644 --- a/source/server/proto_descriptors.cc +++ b/source/server/proto_descriptors.cc @@ -1,9 +1,9 @@ -#include "server/proto_descriptors.h" +#include "source/server/proto_descriptors.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/protobuf/protobuf.h" #include "absl/strings/str_cat.h" diff --git a/source/server/server.cc b/source/server/server.cc index 920bd37f55e4..5b8520e2fffc 100644 --- a/source/server/server.cc +++ b/source/server/server.cc @@ -1,4 +1,4 @@ -#include "server/server.h" +#include "source/server/server.h" #include #include @@ -24,37 +24,36 @@ #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" -#include "common/api/api_impl.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/enum_to_int.h" -#include "common/common/mutex_tracer_impl.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/config/xds_resource.h" -#include "common/http/codes.h" -#include "common/local_info/local_info_impl.h" -#include "common/memory/stats.h" -#include "common/network/address_impl.h" -#include "common/network/socket_interface.h" -#include "common/network/socket_interface_impl.h" -#include "common/network/tcp_listener_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/rds_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/signal/fatal_error_handler.h" -#include "common/singleton/manager_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/stats/timespan_impl.h" -#include "common/upstream/cluster_manager_impl.h" -#include "common/version/version.h" - -#include "server/admin/utils.h" -#include "server/configuration_impl.h" -#include "server/connection_handler_impl.h" -#include "server/guarddog_impl.h" -#include "server/listener_hooks.h" -#include "server/ssl_context_manager.h" +#include "source/common/api/api_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/common/mutex_tracer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/config/xds_resource.h" +#include "source/common/http/codes.h" +#include "source/common/local_info/local_info_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/socket_interface_impl.h" +#include "source/common/network/tcp_listener_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/rds_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/signal/fatal_error_handler.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/stats/timespan_impl.h" +#include "source/common/upstream/cluster_manager_impl.h" +#include "source/common/version/version.h" +#include "source/server/admin/utils.h" +#include "source/server/configuration_impl.h" +#include "source/server/connection_handler_impl.h" +#include "source/server/guarddog_impl.h" +#include "source/server/listener_hooks.h" +#include "source/server/ssl_context_manager.h" namespace Envoy { namespace Server { @@ -412,9 +411,27 @@ void InstanceImpl::initialize(const Options& options, server_compilation_settings_stats_->fips_mode_.set(1); } - bootstrap_.mutable_node()->set_hidden_envoy_deprecated_build_version(VersionInfo::version()); - bootstrap_.mutable_node()->set_user_agent_name("envoy"); - *bootstrap_.mutable_node()->mutable_user_agent_build_version() = VersionInfo::buildVersion(); + // If user has set user_agent_name in the bootstrap config, use it. + // Default to "envoy" if unset. + if (bootstrap_.node().user_agent_name().empty()) { + bootstrap_.mutable_node()->set_user_agent_name("envoy"); + } + + // If user has set user_agent_version in the bootstrap config, use it. + // Default to the internal server version. + if (!bootstrap_.node().user_agent_version().empty()) { + std::string user_agent_version = bootstrap_.node().user_agent_version(); + bootstrap_.mutable_node()->set_hidden_envoy_deprecated_build_version(user_agent_version); + } else { + bootstrap_.mutable_node()->set_hidden_envoy_deprecated_build_version(VersionInfo::version()); + } + + // If user has set user_agent_build_version in the bootstrap config, use it. + // Default to the internal server version. + if (!bootstrap_.node().user_agent_build_version().has_version()) { + *bootstrap_.mutable_node()->mutable_user_agent_build_version() = VersionInfo::buildVersion(); + } + for (const auto& ext : Envoy::Registry::FactoryCategoryRegistry::registeredFactories()) { for (const auto& name : ext.second->allRegisteredNames()) { auto* extension = bootstrap_.mutable_node()->add_extensions(); @@ -543,8 +560,23 @@ void InstanceImpl::initialize(const Options& options, // Once we have runtime we can initialize the SSL context manager. ssl_context_manager_ = createContextManager("ssl_context_manager", time_source_); - const bool use_tcp_for_dns_lookups = bootstrap_.use_tcp_for_dns_lookups(); - dns_resolver_ = dispatcher_->createDnsResolver({}, use_tcp_for_dns_lookups); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + std::vector resolvers; + if (bootstrap_.has_dns_resolution_config()) { + dns_resolver_options.CopyFrom(bootstrap_.dns_resolution_config().dns_resolver_options()); + if (!bootstrap_.dns_resolution_config().resolvers().empty()) { + const auto& resolver_addrs = bootstrap_.dns_resolution_config().resolvers(); + resolvers.reserve(resolver_addrs.size()); + for (const auto& resolver_addr : resolver_addrs) { + resolvers.push_back(Network::Address::resolveProtoAddress(resolver_addr)); + } + } + } else { + // Field bool `use_tcp_for_dns_lookups` will be deprecated in future. To be backward compatible + // utilize bootstrap_.use_tcp_for_dns_lookups() if `bootstrap_.dns_resolver_options` is not set. + dns_resolver_options.set_use_tcp_for_dns_lookups(bootstrap_.use_tcp_for_dns_lookups()); + } + dns_resolver_ = dispatcher_->createDnsResolver(resolvers, dns_resolver_options); cluster_manager_factory_ = std::make_unique( *admin_, Runtime::LoaderSingleton::get(), stats_store_, thread_local_, dns_resolver_, diff --git a/source/server/server.h b/source/server/server.h index 0c6e027d58ec..f40d31880d5b 100644 --- a/source/server/server.h +++ b/source/server/server.h @@ -23,27 +23,26 @@ #include "envoy/stats/timespan.h" #include "envoy/tracing/http_tracer.h" -#include "common/access_log/access_log_manager_impl.h" -#include "common/common/assert.h" -#include "common/common/cleanup.h" -#include "common/common/logger_delegates.h" -#include "common/grpc/async_client_manager_impl.h" -#include "common/grpc/context_impl.h" -#include "common/http/context_impl.h" -#include "common/init/manager_impl.h" -#include "common/memory/heap_shrinker.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/router/context_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/secret/secret_manager_impl.h" -#include "common/upstream/health_discovery_service.h" - -#include "server/admin/admin.h" -#include "server/configuration_impl.h" -#include "server/listener_hooks.h" -#include "server/listener_manager_impl.h" -#include "server/overload_manager_impl.h" -#include "server/worker_impl.h" +#include "source/common/access_log/access_log_manager_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/cleanup.h" +#include "source/common/common/logger_delegates.h" +#include "source/common/grpc/async_client_manager_impl.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/init/manager_impl.h" +#include "source/common/memory/heap_shrinker.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/router/context_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/secret/secret_manager_impl.h" +#include "source/common/upstream/health_discovery_service.h" +#include "source/server/admin/admin.h" +#include "source/server/configuration_impl.h" +#include "source/server/listener_hooks.h" +#include "source/server/listener_manager_impl.h" +#include "source/server/overload_manager_impl.h" +#include "source/server/worker_impl.h" #include "absl/container/node_hash_map.h" #include "absl/types/optional.h" @@ -73,8 +72,8 @@ struct ServerCompilationSettingsStats { COUNTER(static_unknown_fields) \ COUNTER(dropped_stat_flushes) \ GAUGE(concurrency, NeverImport) \ - GAUGE(days_until_first_cert_expiring, Accumulate) \ - GAUGE(seconds_until_first_ocsp_response_expiring, Accumulate) \ + GAUGE(days_until_first_cert_expiring, NeverImport) \ + GAUGE(seconds_until_first_ocsp_response_expiring, NeverImport) \ GAUGE(hot_restart_epoch, NeverImport) \ /* hot_restart_generation is an Accumulate gauge; we omit it here for testing dynamics. */ \ GAUGE(live, NeverImport) \ diff --git a/source/server/ssl_context_manager.cc b/source/server/ssl_context_manager.cc index 4df41234cd43..0189da0c6d04 100644 --- a/source/server/ssl_context_manager.cc +++ b/source/server/ssl_context_manager.cc @@ -1,4 +1,4 @@ -#include "server/ssl_context_manager.h" +#include "source/server/ssl_context_manager.h" #include "envoy/common/exception.h" #include "envoy/registry/registry.h" diff --git a/source/server/worker_impl.cc b/source/server/worker_impl.cc index 68fd72defdb9..ae15ced3c085 100644 --- a/source/server/worker_impl.cc +++ b/source/server/worker_impl.cc @@ -1,4 +1,4 @@ -#include "server/worker_impl.h" +#include "source/server/worker_impl.h" #include #include @@ -9,7 +9,7 @@ #include "envoy/server/configuration.h" #include "envoy/thread_local/thread_local.h" -#include "server/connection_handler_impl.h" +#include "source/server/connection_handler_impl.h" namespace Envoy { namespace Server { @@ -87,7 +87,7 @@ void WorkerImpl::removeFilterChains(uint64_t listener_tag, }); } -void WorkerImpl::start(GuardDog& guard_dog) { +void WorkerImpl::start(GuardDog& guard_dog, const Event::PostCb& cb) { ASSERT(!thread_); // In posix, thread names are limited to 15 characters, so contrive to make @@ -102,7 +102,7 @@ void WorkerImpl::start(GuardDog& guard_dog) { // architecture is centralized, resulting in clearer names. Thread::Options options{absl::StrCat("wrk:", dispatcher_->name())}; thread_ = api_.threadFactory().createThread( - [this, &guard_dog]() -> void { threadRoutine(guard_dog); }, options); + [this, &guard_dog, cb]() -> void { threadRoutine(guard_dog, cb); }, options); } void WorkerImpl::initializeStats(Stats::Scope& scope) { dispatcher_->initializeStats(scope); } @@ -127,11 +127,12 @@ void WorkerImpl::stopListener(Network::ListenerConfig& listener, std::functionpost([this, &guard_dog]() { + dispatcher_->post([this, &guard_dog, cb]() { + cb(); watch_dog_ = guard_dog.createWatchDog(api_.threadFactory().currentThreadId(), dispatcher_->name(), *dispatcher_); }); diff --git a/source/server/worker_impl.h b/source/server/worker_impl.h index 22513b594e5d..c5187c6716de 100644 --- a/source/server/worker_impl.h +++ b/source/server/worker_impl.h @@ -10,9 +10,8 @@ #include "envoy/server/worker.h" #include "envoy/thread_local/thread_local.h" -#include "common/common/logger.h" - -#include "server/listener_hooks.h" +#include "source/common/common/logger.h" +#include "source/server/listener_hooks.h" namespace Envoy { namespace Server { @@ -50,13 +49,13 @@ class WorkerImpl : public Worker, Logger::Loggable { void removeFilterChains(uint64_t listener_tag, const std::list& filter_chains, std::function completion) override; - void start(GuardDog& guard_dog) override; + void start(GuardDog& guard_dog, const Event::PostCb& cb) override; void initializeStats(Stats::Scope& scope) override; void stop() override; void stopListener(Network::ListenerConfig& listener, std::function completion) override; private: - void threadRoutine(GuardDog& guard_dog); + void threadRoutine(GuardDog& guard_dog, const Event::PostCb& cb); void stopAcceptingConnectionsCb(OverloadActionState state); void rejectIncomingConnectionsCb(OverloadActionState state); diff --git a/support/hooks/pre-push b/support/hooks/pre-push index 9ebaf62eb5a4..42e31df9e6d2 100755 --- a/support/hooks/pre-push +++ b/support/hooks/pre-push @@ -12,6 +12,7 @@ DUMMY_SHA=0000000000000000000000000000000000000000 echo "Running pre-push check; to skip this step use 'push --no-verify'" +AUTHOR=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/\1/p') # shellcheck disable=SC2034 while read -r LOCAL_REF LOCAL_SHA REMOTE_REF REMOTE_SHA @@ -37,8 +38,8 @@ do # # In general, we can't assume that the commits are signed off by author # pushing, so we settle for just checking that there is a signoff at all. - SIGNED_OFF=$(git rev-list --no-merges --grep "^Signed-off-by: " "$RANGE") - NOT_SIGNED_OFF=$(git rev-list --no-merges "$RANGE" | grep -Fxv "$SIGNED_OFF") + SIGNED_OFF=$(git rev-list --no-merges --author "$AUTHOR" --grep "^Signed-off-by: " "$RANGE") + NOT_SIGNED_OFF=$(git rev-list --no-merges --author "$AUTHOR" "$RANGE" | grep -Fxv "$SIGNED_OFF") if [ -n "$NOT_SIGNED_OFF" ] then echo >&2 "ERROR: The following commits do not have DCO signoff:" diff --git a/test/BUILD b/test/BUILD index ab4a56a7d42e..572e27eb653f 100644 --- a/test/BUILD +++ b/test/BUILD @@ -2,6 +2,7 @@ load( "//bazel:envoy_build_system.bzl", "envoy_cc_test_library", "envoy_package", + "envoy_pch_library", ) licenses(["notice"]) # Apache 2 @@ -36,3 +37,52 @@ envoy_cc_test_library( "//test/test_common:printers_lib", ], ) + +envoy_pch_library( + name = "test_pch", + testonly = True, + external_deps = [ + "googletest", + "spdlog", + ], + includes = [ + "envoy/config/bootstrap/v3/bootstrap.pb.h", + "envoy/config/cluster/v3/cluster.pb.h", + "envoy/config/core/v3/base.pb.h", + "envoy/config/core/v3/config_source.pb.h", + "envoy/config/route/v3/route_components.pb.h", + "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h", + "envoy/service/discovery/v3/discovery.pb.h", + "gmock/gmock.h", + "gtest/gtest.h", + "spdlog/sinks/android_sink.h", + "spdlog/spdlog.h", + "test/mocks/access_log/mocks.h", + "test/mocks/common.h", + "test/mocks/event/mocks.h", + "test/mocks/http/mocks.h", + "test/mocks/network/mocks.h", + "test/mocks/runtime/mocks.h", + "test/mocks/server/factory_context.h", + "test/mocks/server/instance.h", + "test/mocks/stats/mocks.h", + ], + visibility = ["//visibility:public"], + deps = [ + "//test/mocks:common_lib", + "//test/mocks/access_log:access_log_mocks", + "//test/mocks/event:event_mocks", + "//test/mocks/http:http_mocks", + "//test/mocks/network:network_mocks", + "//test/mocks/runtime:runtime_mocks", + "//test/mocks/server:factory_context_mocks", + "//test/mocks/server:instance_mocks", + "//test/mocks/stats:stats_mocks", + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", + "@envoy_api//envoy/config/route/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + "@envoy_api//envoy/service/discovery/v3:pkg_cc_proto", + ], +) diff --git a/test/benchmark/main.cc b/test/benchmark/main.cc index 311d1de56986..6ab63fb6a51d 100644 --- a/test/benchmark/main.cc +++ b/test/benchmark/main.cc @@ -2,8 +2,8 @@ // This is an Envoy driver for benchmarks. #include "test/benchmark/main.h" -#include "common/common/logger.h" -#include "common/common/thread.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" #include "test/test_common/environment.h" #include "test/test_common/test_runtime.h" diff --git a/test/common/access_log/access_log_impl_test.cc b/test/common/access_log/access_log_impl_test.cc index 495b27f1f2ad..427392a2df98 100644 --- a/test/common/access_log/access_log_impl_test.cc +++ b/test/common/access_log/access_log_impl_test.cc @@ -8,11 +8,11 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/access_log/access_log_impl.h" -#include "common/config/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/stream_info/utility.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stream_info/utility.h" #include "test/common/stream_info/test_util.h" #include "test/common/upstream/utility.h" @@ -989,6 +989,7 @@ name: accesslog - DT - UPE - NC + - OM typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog path: /dev/null diff --git a/test/common/access_log/access_log_manager_impl_test.cc b/test/common/access_log/access_log_manager_impl_test.cc index b5de178505d6..3aea8cae6d40 100644 --- a/test/common/access_log/access_log_manager_impl_test.cc +++ b/test/common/access_log/access_log_manager_impl_test.cc @@ -1,7 +1,7 @@ #include -#include "common/access_log/access_log_manager_impl.h" -#include "common/filesystem/file_shared_impl.h" +#include "source/common/access_log/access_log_manager_impl.h" +#include "source/common/filesystem/file_shared_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/common/buffer/buffer_fuzz.cc b/test/common/buffer/buffer_fuzz.cc index 493f31b8b31d..46241032beff 100644 --- a/test/common/buffer/buffer_fuzz.cc +++ b/test/common/buffer/buffer_fuzz.cc @@ -4,11 +4,11 @@ #include "envoy/common/platform.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/memory/stats.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/memory/stats.h" +#include "source/common/network/io_socket_handle_impl.h" #include "test/fuzz/utility.h" @@ -193,6 +193,7 @@ class StringBuffer : public Buffer::Instance { // WatermarkBuffer implementations. ASSERT(false); } + uint32_t highWatermark() const override { return 0; } bool highWatermarkTriggered() const override { return false; } diff --git a/test/common/buffer/buffer_speed_test.cc b/test/common/buffer/buffer_speed_test.cc index 653a5bea770a..458a92098aa0 100644 --- a/test/common/buffer/buffer_speed_test.cc +++ b/test/common/buffer/buffer_speed_test.cc @@ -1,5 +1,5 @@ -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" #include "absl/strings/string_view.h" #include "benchmark/benchmark.h" diff --git a/test/common/buffer/buffer_test.cc b/test/common/buffer/buffer_test.cc index d301d634ce6f..57d7e402a7d4 100644 --- a/test/common/buffer/buffer_test.cc +++ b/test/common/buffer/buffer_test.cc @@ -2,7 +2,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/common/buffer/utility.h" #include "test/test_common/printers.h" diff --git a/test/common/buffer/owned_impl_test.cc b/test/common/buffer/owned_impl_test.cc index 667d37460e30..ea5cf249ae1d 100644 --- a/test/common/buffer/owned_impl_test.cc +++ b/test/common/buffer/owned_impl_test.cc @@ -2,8 +2,8 @@ #include "envoy/api/io_error.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/io_socket_handle_impl.h" #include "test/common/buffer/utility.h" #include "test/mocks/api/mocks.h" diff --git a/test/common/buffer/utility.h b/test/common/buffer/utility.h index 868427de465a..27913ecf025d 100644 --- a/test/common/buffer/utility.h +++ b/test/common/buffer/utility.h @@ -2,7 +2,7 @@ #include -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "gtest/gtest.h" diff --git a/test/common/buffer/watermark_buffer_test.cc b/test/common/buffer/watermark_buffer_test.cc index 70ddb07d9800..548318a8065a 100644 --- a/test/common/buffer/watermark_buffer_test.cc +++ b/test/common/buffer/watermark_buffer_test.cc @@ -1,9 +1,9 @@ #include -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/watermark_buffer.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/network/io_socket_handle_impl.h" #include "test/common/buffer/utility.h" #include "test/test_common/test_runtime.h" diff --git a/test/common/buffer/zero_copy_input_stream_test.cc b/test/common/buffer/zero_copy_input_stream_test.cc index 9ff0ffd6683e..7b20ec1b1634 100644 --- a/test/common/buffer/zero_copy_input_stream_test.cc +++ b/test/common/buffer/zero_copy_input_stream_test.cc @@ -1,5 +1,5 @@ -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" #include "test/common/buffer/utility.h" diff --git a/test/common/common/api_version_test.cc b/test/common/common/api_version_test.cc index 10682206b58b..8d386ebee601 100644 --- a/test/common/common/api_version_test.cc +++ b/test/common/common/api_version_test.cc @@ -1,4 +1,4 @@ -#include "common/version/api_version.h" +#include "source/common/version/api_version.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/common/assert2_test.cc b/test/common/common/assert2_test.cc index 00aa17e95798..99e5f9119ce9 100644 --- a/test/common/common/assert2_test.cc +++ b/test/common/common/assert2_test.cc @@ -1,4 +1,4 @@ -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" diff --git a/test/common/common/assert_test.cc b/test/common/common/assert_test.cc index 878c71523efe..d655233e669b 100644 --- a/test/common/common/assert_test.cc +++ b/test/common/common/assert_test.cc @@ -1,4 +1,4 @@ -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" diff --git a/test/common/common/backoff_strategy_test.cc b/test/common/common/backoff_strategy_test.cc index bfc540234c7b..67225242cde9 100644 --- a/test/common/common/backoff_strategy_test.cc +++ b/test/common/common/backoff_strategy_test.cc @@ -1,4 +1,4 @@ -#include "common/common/backoff_strategy.h" +#include "source/common/common/backoff_strategy.h" #include "test/mocks/common.h" diff --git a/test/common/common/base64_fuzz_test.cc b/test/common/common/base64_fuzz_test.cc index bf56f713cdfc..d6a3ef4e3e15 100644 --- a/test/common/common/base64_fuzz_test.cc +++ b/test/common/common/base64_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/common/base64.h" +#include "source/common/common/base64.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/common/base64_test.cc b/test/common/common/base64_test.cc index ff9382191e89..3c6bf92a0574 100644 --- a/test/common/common/base64_test.cc +++ b/test/common/common/base64_test.cc @@ -1,7 +1,7 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/common/base64.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/base64.h" #include "test/test_common/printers.h" @@ -132,47 +132,6 @@ TEST(Base64Test, BinaryBufferEncode) { EXPECT_EQ("AAECAwgKCQCqvN4=", Base64::encode(buffer, 30)); } -TEST(Base64Test, CompletePadding) { - struct CompletePaddingBase64UrlTestCases { - std::string base64, base64_with_padding; - }; - - // For base64 encoding, there are only three length needed to test - // - 3n bytes => 4n bytes, no padding needed - // - 3n + 1 bytes => 4n + 2 bytes, 2 padding needed - // - 3n + 2 bytes => 4n + 3 bytes, 1 padding needed - CompletePaddingBase64UrlTestCases testCases[3] = { - // Payload text(3n bytes): - {"eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG8iLCJpYXQiOjE1MTYyMzkwMjJ" - "9", - // No padding added. - "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG8iLCJpYXQiOjE1MTYyMzkwMjJ" - "9"}, - // Payload text(3n + 1 bytes): - {"eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2" - "MjM5MDIyfQ", - // 2 padding added. - "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2" - "MjM5MDIyfQ=="}, - // Payload text(3n + 2 bytes): - {"eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lZSIsImlhdCI6MTUx" - "NjIzOTAyMn0", - // 1 padding added. - "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lZSIsImlhdCI6MTUx" - "NjIzOTAyMn0="}}; - for (auto& tc : testCases) { - // Ensure these two base64 binaries are equivalent after decoding. - EXPECT_EQ(Base64::decodeWithoutPadding(tc.base64), - Base64::decodeWithoutPadding(tc.base64_with_padding)); - // Ensure the `base64_with_padding` is correctly padded. - EXPECT_NE(Base64::decode(tc.base64_with_padding), ""); - - std::string base64_padded = tc.base64; - Base64::completePadding(base64_padded); - EXPECT_EQ(base64_padded, tc.base64_with_padding); - } -} - TEST(Base64UrlTest, EncodeString) { EXPECT_EQ("", Base64Url::encode("", 0)); EXPECT_EQ("AAA", Base64Url::encode("\0\0", 2)); diff --git a/test/common/common/basic_resource_impl_test.cc b/test/common/common/basic_resource_impl_test.cc index 60481535d06c..4a54303bcf1d 100644 --- a/test/common/common/basic_resource_impl_test.cc +++ b/test/common/common/basic_resource_impl_test.cc @@ -1,6 +1,6 @@ #include -#include "common/common/basic_resource_impl.h" +#include "source/common/common/basic_resource_impl.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/common/common/callback_impl_test.cc b/test/common/common/callback_impl_test.cc index e9a451c8d15e..6261766e2a2e 100644 --- a/test/common/common/callback_impl_test.cc +++ b/test/common/common/callback_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/common/callback_impl.h" +#include "source/common/common/callback_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/common/cleanup_test.cc b/test/common/common/cleanup_test.cc index d76faf78e445..c000a6ed2b94 100644 --- a/test/common/common/cleanup_test.cc +++ b/test/common/common/cleanup_test.cc @@ -1,4 +1,4 @@ -#include "common/common/cleanup.h" +#include "source/common/common/cleanup.h" #include "gtest/gtest.h" diff --git a/test/common/common/containers_test.cc b/test/common/common/containers_test.cc index 5bc2c5aec62d..69128a225d25 100644 --- a/test/common/common/containers_test.cc +++ b/test/common/common/containers_test.cc @@ -1,4 +1,4 @@ -#include "common/common/containers.h" +#include "source/common/common/containers.h" #include "gtest/gtest.h" diff --git a/test/common/common/fmt_test.cc b/test/common/common/fmt_test.cc index f5b8fd45d953..73809fad4cf3 100644 --- a/test/common/common/fmt_test.cc +++ b/test/common/common/fmt_test.cc @@ -1,5 +1,5 @@ -#include "common/common/fmt.h" -#include "common/common/logger.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" #include "absl/strings/string_view.h" #include "gtest/gtest.h" diff --git a/test/common/common/hash_fuzz_test.cc b/test/common/common/hash_fuzz_test.cc index c9d84205831e..4245ffbc7ec2 100644 --- a/test/common/common/hash_fuzz_test.cc +++ b/test/common/common/hash_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/common/hash.h" +#include "source/common/common/hash.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/common/hash_test.cc b/test/common/common/hash_test.cc index 1d3681568d50..38447086ba84 100644 --- a/test/common/common/hash_test.cc +++ b/test/common/common/hash_test.cc @@ -1,4 +1,4 @@ -#include "common/common/hash.h" +#include "source/common/common/hash.h" #include "gtest/gtest.h" diff --git a/test/common/common/hex_test.cc b/test/common/common/hex_test.cc index ba0829dbe92d..7e012b6fc5db 100644 --- a/test/common/common/hex_test.cc +++ b/test/common/common/hex_test.cc @@ -3,7 +3,7 @@ #include "envoy/common/exception.h" -#include "common/common/hex.h" +#include "source/common/common/hex.h" #include "gtest/gtest.h" diff --git a/test/common/common/interval_value_test.cc b/test/common/common/interval_value_test.cc index 41a6c3fbc077..42a3b5594a89 100644 --- a/test/common/common/interval_value_test.cc +++ b/test/common/common/interval_value_test.cc @@ -1,4 +1,4 @@ -#include "common/common/interval_value.h" +#include "source/common/common/interval_value.h" #include "gtest/gtest.h" diff --git a/test/common/common/linked_object_test.cc b/test/common/common/linked_object_test.cc index 351f2f340d3f..4152c754f32d 100644 --- a/test/common/common/linked_object_test.cc +++ b/test/common/common/linked_object_test.cc @@ -1,4 +1,4 @@ -#include "common/common/linked_object.h" +#include "source/common/common/linked_object.h" #include "gtest/gtest.h" diff --git a/test/common/common/lock_guard_test.cc b/test/common/common/lock_guard_test.cc index 01b677c8dc48..be786f073883 100644 --- a/test/common/common/lock_guard_test.cc +++ b/test/common/common/lock_guard_test.cc @@ -1,5 +1,5 @@ -#include "common/common/lock_guard.h" -#include "common/common/thread.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" #include "gtest/gtest.h" diff --git a/test/common/common/log_macros_test.cc b/test/common/common/log_macros_test.cc index 58087c6a46f3..fb5520ff8b3d 100644 --- a/test/common/common/log_macros_test.cc +++ b/test/common/common/log_macros_test.cc @@ -4,8 +4,8 @@ #include #include -#include "common/common/fancy_logger.h" -#include "common/common/logger.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/common/logger.h" #include "test/mocks/http/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/common/common/logger_fuzz_test.cc b/test/common/common/logger_fuzz_test.cc index 0fcfb601556b..a6a86651bf6d 100644 --- a/test/common/common/logger_fuzz_test.cc +++ b/test/common/common/logger_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/common/logger_speed_test.cc b/test/common/common/logger_speed_test.cc index 55f4275db251..880eb450a9f7 100644 --- a/test/common/common/logger_speed_test.cc +++ b/test/common/common/logger_speed_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/common/fancy_logger.h" -#include "common/common/logger.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/common/logger.h" #include "benchmark/benchmark.h" diff --git a/test/common/common/logger_test.cc b/test/common/common/logger_test.cc index 199285aa5ec4..62fe85f33e81 100644 --- a/test/common/common/logger_test.cc +++ b/test/common/common/logger_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/common/json_escape_string.h" -#include "common/common/logger.h" +#include "source/common/common/json_escape_string.h" +#include "source/common/common/logger.h" #include "test/test_common/environment.h" diff --git a/test/common/common/matchers_test.cc b/test/common/common/matchers_test.cc index 0b8ec9b95db0..bcdf34441acc 100644 --- a/test/common/common/matchers_test.cc +++ b/test/common/common/matchers_test.cc @@ -4,9 +4,9 @@ #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/matcher/v3/value.pb.h" -#include "common/common/matchers.h" -#include "common/config/metadata.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/matchers.h" +#include "source/common/config/metadata.h" +#include "source/common/protobuf/protobuf.h" #include "test/test_common/utility.h" @@ -350,14 +350,6 @@ TEST(StringMatcher, SafeRegexValue) { EXPECT_FALSE(Matchers::StringMatcherImpl(matcher).match("bar")); } -TEST(StringMatcher, RegexValueIgnoreCase) { - envoy::type::matcher::v3::StringMatcher matcher; - matcher.set_ignore_case(true); - matcher.set_hidden_envoy_deprecated_regex("foo"); - EXPECT_THROW_WITH_MESSAGE(Matchers::StringMatcherImpl(matcher).match("foo"), EnvoyException, - "ignore_case has no effect for regex."); -} - TEST(StringMatcher, SafeRegexValueIgnoreCase) { envoy::type::matcher::v3::StringMatcher matcher; matcher.set_ignore_case(true); diff --git a/test/common/common/mem_block_builder_test.cc b/test/common/common/mem_block_builder_test.cc index 0fbcdff18be4..de82a3adc36e 100644 --- a/test/common/common/mem_block_builder_test.cc +++ b/test/common/common/mem_block_builder_test.cc @@ -1,6 +1,6 @@ #include -#include "common/common/mem_block_builder.h" +#include "source/common/common/mem_block_builder.h" #include "gtest/gtest.h" diff --git a/test/common/common/mutex_tracer_test.cc b/test/common/common/mutex_tracer_test.cc index e72fc3a995b9..b86bc848c810 100644 --- a/test/common/common/mutex_tracer_test.cc +++ b/test/common/common/mutex_tracer_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/common/lock_guard.h" -#include "common/common/mutex_tracer_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/mutex_tracer_impl.h" #include "test/test_common/contention.h" #include "test/test_common/utility.h" diff --git a/test/common/common/perf_annotation_disabled_test.cc b/test/common/common/perf_annotation_disabled_test.cc index b5f67aa756d5..9b7762305cb9 100644 --- a/test/common/common/perf_annotation_disabled_test.cc +++ b/test/common/common/perf_annotation_disabled_test.cc @@ -4,7 +4,7 @@ #undef ENVOY_PERF_ANNOTATION #endif -#include "common/common/perf_annotation.h" +#include "source/common/common/perf_annotation.h" #include "gtest/gtest.h" diff --git a/test/common/common/perf_annotation_test.cc b/test/common/common/perf_annotation_test.cc index 0927ff971749..78c745e7198f 100644 --- a/test/common/common/perf_annotation_test.cc +++ b/test/common/common/perf_annotation_test.cc @@ -7,7 +7,7 @@ #define ENVOY_PERF_ANNOTATION #endif -#include "common/common/perf_annotation.h" +#include "source/common/common/perf_annotation.h" #include "gtest/gtest.h" diff --git a/test/common/common/phantom_test.cc b/test/common/common/phantom_test.cc index 482cf42de3c9..c87858187083 100644 --- a/test/common/common/phantom_test.cc +++ b/test/common/common/phantom_test.cc @@ -1,4 +1,4 @@ -#include "common/common/phantom.h" +#include "source/common/common/phantom.h" #include "gtest/gtest.h" diff --git a/test/common/common/random_generator_test.cc b/test/common/common/random_generator_test.cc index 7658080b116b..249590446e70 100644 --- a/test/common/common/random_generator_test.cc +++ b/test/common/common/random_generator_test.cc @@ -1,7 +1,7 @@ #include -#include "common/common/interval_value.h" -#include "common/common/random_generator.h" +#include "source/common/common/interval_value.h" +#include "source/common/common/random_generator.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/common/re_speed_test.cc b/test/common/common/re_speed_test.cc index 0db62906e281..4f2161df9fda 100644 --- a/test/common/common/re_speed_test.cc +++ b/test/common/common/re_speed_test.cc @@ -3,7 +3,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/string_view.h" #include "benchmark/benchmark.h" diff --git a/test/common/common/regex_test.cc b/test/common/common/regex_test.cc index e3d5a67eb89d..24cd3efc555d 100644 --- a/test/common/common/regex_test.cc +++ b/test/common/common/regex_test.cc @@ -1,7 +1,7 @@ #include "envoy/common/exception.h" #include "envoy/type/matcher/v3/regex.pb.h" -#include "common/common/regex.h" +#include "source/common/common/regex.h" #include "test/test_common/logging.h" #include "test/test_common/test_runtime.h" @@ -17,9 +17,6 @@ TEST(Utility, ParseStdRegex) { EXPECT_THROW_WITH_REGEX(Utility::parseStdRegex("(+invalid)"), EnvoyException, "Invalid regex '\\(\\+invalid\\)': .+"); - EXPECT_THROW_WITH_REGEX(Utility::parseStdRegexAsCompiledMatcher("(+invalid)"), EnvoyException, - "Invalid regex '\\(\\+invalid\\)': .+"); - { std::regex regex = Utility::parseStdRegex("x*"); EXPECT_NE(0, regex.flags() & std::regex::optimize); @@ -30,15 +27,6 @@ TEST(Utility, ParseStdRegex) { EXPECT_NE(0, regex.flags() & std::regex::icase); EXPECT_EQ(0, regex.flags() & std::regex::optimize); } - - { - // Regression test to cover high-complexity regular expressions that throw on std::regex_match. - // Note that not all std::regex_match implementations will throw when matching against the - // expression below, but at least clang 9.0.0 under linux does. - auto matcher = Utility::parseStdRegexAsCompiledMatcher( - "|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||"); - EXPECT_FALSE(matcher->match("0")); - } } TEST(Utility, ParseRegex) { diff --git a/test/common/common/safe_memcpy_test.cc b/test/common/common/safe_memcpy_test.cc index 1f5f39b5518e..bd0da38da182 100644 --- a/test/common/common/safe_memcpy_test.cc +++ b/test/common/common/safe_memcpy_test.cc @@ -1,10 +1,10 @@ #include -#include "common/common/safe_memcpy.h" -#include "common/grpc/common.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" +#include "source/common/common/safe_memcpy.h" +#include "source/common/grpc/common.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" #include "test/test_common/utility.h" diff --git a/test/common/common/scope_tracked_object_stack_test.cc b/test/common/common/scope_tracked_object_stack_test.cc index 984f66f39bcb..46fa6908248b 100644 --- a/test/common/common/scope_tracked_object_stack_test.cc +++ b/test/common/common/scope_tracked_object_stack_test.cc @@ -2,8 +2,8 @@ #include "envoy/common/scope_tracker.h" -#include "common/common/scope_tracked_object_stack.h" -#include "common/common/utility.h" +#include "source/common/common/scope_tracked_object_stack.h" +#include "source/common/common/utility.h" #include "test/test_common/utility.h" diff --git a/test/common/common/scope_tracker_test.cc b/test/common/common/scope_tracker_test.cc index 1c5451660f04..12b7133a0616 100644 --- a/test/common/common/scope_tracker_test.cc +++ b/test/common/common/scope_tracker_test.cc @@ -1,8 +1,8 @@ #include -#include "common/api/api_impl.h" -#include "common/common/scope_tracker.h" -#include "common/event/dispatcher_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/event/dispatcher_impl.h" #include "test/mocks/common.h" #include "test/test_common/utility.h" @@ -18,7 +18,7 @@ using testing::_; TEST(ScopeTrackerScopeStateTest, ShouldManageTrackedObjectOnDispatcherStack) { Api::ApiPtr api(Api::createApiForTest()); Event::DispatcherPtr dispatcher(api->allocateDispatcher("test_thread")); - MockScopedTrackedObject tracked_object; + MockScopeTrackedObject tracked_object; { ScopeTrackerScopeState scope(&tracked_object, *dispatcher); // Check that the tracked_object is on the tracked object stack diff --git a/test/common/common/shared_token_bucket_impl_test.cc b/test/common/common/shared_token_bucket_impl_test.cc index 2a14019bdfc7..bceb435fed6b 100644 --- a/test/common/common/shared_token_bucket_impl_test.cc +++ b/test/common/common/shared_token_bucket_impl_test.cc @@ -1,6 +1,6 @@ #include -#include "common/common/shared_token_bucket_impl.h" +#include "source/common/common/shared_token_bucket_impl.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/common/statusor_test.cc b/test/common/common/statusor_test.cc index 2b42e3c6bf67..dd07315ec5f4 100644 --- a/test/common/common/statusor_test.cc +++ b/test/common/common/statusor_test.cc @@ -1,5 +1,5 @@ -#include "common/common/statusor.h" -#include "common/http/status.h" +#include "source/common/common/statusor.h" +#include "source/common/http/status.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/common/stl_helpers_test.cc b/test/common/common/stl_helpers_test.cc index 40915d4bba12..8f4b297c7405 100644 --- a/test/common/common/stl_helpers_test.cc +++ b/test/common/common/stl_helpers_test.cc @@ -1,6 +1,6 @@ #include -#include "common/common/stl_helpers.h" +#include "source/common/common/stl_helpers.h" #include "gtest/gtest.h" diff --git a/test/common/common/thread_id_test.cc b/test/common/common/thread_id_test.cc index 5c5687ecd4da..1d03cd7dbc1a 100644 --- a/test/common/common/thread_id_test.cc +++ b/test/common/common/thread_id_test.cc @@ -1,4 +1,4 @@ -#include "common/common/thread.h" +#include "source/common/common/thread.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/common/common/thread_test.cc b/test/common/common/thread_test.cc index 9dac043921f7..8cfc1c6ac771 100644 --- a/test/common/common/thread_test.cc +++ b/test/common/common/thread_test.cc @@ -1,7 +1,7 @@ #include -#include "common/common/thread.h" -#include "common/common/thread_synchronizer.h" +#include "source/common/common/thread.h" +#include "source/common/common/thread_synchronizer.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/common/common/token_bucket_impl_test.cc b/test/common/common/token_bucket_impl_test.cc index 30e273c02407..c3d25a4c2b27 100644 --- a/test/common/common/token_bucket_impl_test.cc +++ b/test/common/common/token_bucket_impl_test.cc @@ -1,6 +1,6 @@ #include -#include "common/common/token_bucket_impl.h" +#include "source/common/common/token_bucket_impl.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/common/utility_fuzz_test.cc b/test/common/common/utility_fuzz_test.cc index c4f468c91725..049311dd7f97 100644 --- a/test/common/common/utility_fuzz_test.cc +++ b/test/common/common/utility_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/common/utility_speed_test.cc b/test/common/common/utility_speed_test.cc index a0563263b076..ce9d8c790330 100644 --- a/test/common/common/utility_speed_test.cc +++ b/test/common/common/utility_speed_test.cc @@ -3,8 +3,8 @@ #include -#include "common/common/assert.h" -#include "common/common/utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" #include "absl/strings/string_view.h" #include "benchmark/benchmark.h" diff --git a/test/common/common/utility_test.cc b/test/common/common/utility_test.cc index a69a00e3ae4f..344f45aba0f0 100644 --- a/test/common/common/utility_test.cc +++ b/test/common/common/utility_test.cc @@ -7,7 +7,7 @@ #include "envoy/common/exception.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/common/version_test.cc b/test/common/common/version_test.cc index 379d539b85dd..dec9a8a26cb8 100644 --- a/test/common/common/version_test.cc +++ b/test/common/common/version_test.cc @@ -1,4 +1,4 @@ -#include "common/version/version.h" +#include "source/common/version/version.h" #include "absl/strings/str_cat.h" #include "gmock/gmock.h" diff --git a/test/common/config/BUILD b/test/common/config/BUILD index d0b7264f8d5d..a7c5aaf0e447 100644 --- a/test/common/config/BUILD +++ b/test/common/config/BUILD @@ -257,7 +257,7 @@ envoy_cc_test_library( srcs = ["http_subscription_test_harness.h"], deps = [ ":subscription_test_harness", - "//include/envoy/http:async_client_interface", + "//envoy/http:async_client_interface", "//source/common/common:utility_lib", "//source/common/config:http_subscription_lib", "//source/common/config:utility_lib", @@ -353,7 +353,7 @@ envoy_cc_test( name = "metadata_test", srcs = ["metadata_test.cc"], deps = [ - "//include/envoy/common:base_includes", + "//envoy/common:base_includes", "//source/common/config:metadata_lib", "//source/common/config:well_known_names", "//source/common/protobuf:utility_lib", @@ -403,7 +403,7 @@ envoy_cc_test( name = "registry_test", srcs = ["registry_test.cc"], deps = [ - "//include/envoy/config:typed_config_interface", + "//envoy/config:typed_config_interface", "//test/test_common:logging_lib", "//test/test_common:utility_lib", ], diff --git a/test/common/config/api_type_oracle_test.cc b/test/common/config/api_type_oracle_test.cc index 327d4dc32e54..97aa001ff5a1 100644 --- a/test/common/config/api_type_oracle_test.cc +++ b/test/common/config/api_type_oracle_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/filter/http/ip_tagging/v2/ip_tagging.pb.h" #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" -#include "common/config/api_type_oracle.h" +#include "source/common/config/api_type_oracle.h" #include "gtest/gtest.h" diff --git a/test/common/config/config_provider_impl_test.cc b/test/common/config/config_provider_impl_test.cc index b9d507062384..6b3d6d36cc0f 100644 --- a/test/common/config/config_provider_impl_test.cc +++ b/test/common/config/config_provider_impl_test.cc @@ -3,9 +3,9 @@ #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/config/config_provider_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/config/config_provider_impl.h" +#include "source/common/protobuf/utility.h" #include "test/common/config/dummy_config.pb.h" #include "test/mocks/server/instance.h" diff --git a/test/common/config/context_provider_impl_test.cc b/test/common/config/context_provider_impl_test.cc index 93142d769a40..48f90c5bcf96 100644 --- a/test/common/config/context_provider_impl_test.cc +++ b/test/common/config/context_provider_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/config/context_provider_impl.h" +#include "source/common/config/context_provider_impl.h" #include "test/common/config/xds_test_utility.h" #include "test/test_common/utility.h" @@ -46,7 +46,7 @@ TEST(ContextProviderTest, DynamicContextParameters) { auto callback_handle = context_provider.addDynamicContextUpdateCallback( [&update_count, &last_updated_resource](absl::string_view resource_type_url) { ++update_count; - last_updated_resource = resource_type_url; + last_updated_resource = std::string(resource_type_url); }); // Default empty DCP for all types. diff --git a/test/common/config/datasource_test.cc b/test/common/config/datasource_test.cc index 8e2900b38c4a..8a5d0a632c97 100644 --- a/test/common/config/datasource_test.cc +++ b/test/common/config/datasource_test.cc @@ -1,10 +1,10 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/core/v3/base.pb.validate.h" -#include "common/common/empty_string.h" -#include "common/config/datasource.h" -#include "common/http/message_impl.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/datasource.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/protobuf.h" #include "test/mocks/event/mocks.h" #include "test/mocks/init/mocks.h" diff --git a/test/common/config/decoded_resource_impl_test.cc b/test/common/config/decoded_resource_impl_test.cc index 2bb1020869c7..7ac26933f101 100644 --- a/test/common/config/decoded_resource_impl_test.cc +++ b/test/common/config/decoded_resource_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/config/decoded_resource_impl.h" +#include "source/common/config/decoded_resource_impl.h" #include "test/mocks/config/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/config/delta_subscription_impl_test.cc b/test/common/config/delta_subscription_impl_test.cc index 3498a57cf964..92e11a0f7f21 100644 --- a/test/common/config/delta_subscription_impl_test.cc +++ b/test/common/config/delta_subscription_impl_test.cc @@ -3,8 +3,8 @@ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/config/api_version.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/config/api_version.h" #include "test/common/config/delta_subscription_test_harness.h" diff --git a/test/common/config/delta_subscription_state_test.cc b/test/common/config/delta_subscription_state_test.cc index cc33dc4a5758..fea85b717740 100644 --- a/test/common/config/delta_subscription_state_test.cc +++ b/test/common/config/delta_subscription_state_test.cc @@ -3,9 +3,9 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/delta_subscription_state.h" -#include "common/config/utility.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/config/delta_subscription_state.h" +#include "source/common/config/utility.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/config/delta_subscription_test_harness.h b/test/common/config/delta_subscription_test_harness.h index 080f7f29450f..e74e33f40230 100644 --- a/test/common/config/delta_subscription_test_harness.h +++ b/test/common/config/delta_subscription_test_harness.h @@ -7,10 +7,10 @@ #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/grpc_subscription_impl.h" -#include "common/config/new_grpc_mux_impl.h" -#include "common/config/version_converter.h" -#include "common/grpc/common.h" +#include "source/common/config/grpc_subscription_impl.h" +#include "source/common/config/new_grpc_mux_impl.h" +#include "source/common/config/version_converter.h" +#include "source/common/grpc/common.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/common.h" diff --git a/test/common/config/filesystem_subscription_test_harness.h b/test/common/config/filesystem_subscription_test_harness.h index 9c372725207e..c516809ed16a 100644 --- a/test/common/config/filesystem_subscription_test_harness.h +++ b/test/common/config/filesystem_subscription_test_harness.h @@ -6,10 +6,10 @@ #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/filesystem_subscription_impl.h" -#include "common/config/utility.h" -#include "common/event/dispatcher_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/config/filesystem_subscription_impl.h" +#include "source/common/config/utility.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/protobuf/utility.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" diff --git a/test/common/config/grpc_mux_impl_test.cc b/test/common/config/grpc_mux_impl_test.cc index 8e1ac0945f69..3eecdbb4f5de 100644 --- a/test/common/config/grpc_mux_impl_test.cc +++ b/test/common/config/grpc_mux_impl_test.cc @@ -5,14 +5,14 @@ #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/empty_string.h" -#include "common/config/api_version.h" -#include "common/config/grpc_mux_impl.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/protobuf/protobuf.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/api_version.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" @@ -457,6 +457,40 @@ TEST_F(GrpcMuxImplTest, ResourceTTL) { expectSendMessage(type_url, {}, "1"); } +// Checks that the control plane identifier is logged +TEST_F(GrpcMuxImplTest, LogsControlPlaneIndentifier) { + setup(); + std::string type_url = "foo"; + auto foo_sub = grpc_mux_->addWatch(type_url, {}, callbacks_, resource_decoder_, {}); + + EXPECT_CALL(*async_client_, startRaw(_, _, _, _)).WillOnce(Return(&async_stream_)); + expectSendMessage(type_url, {}, "", true); + grpc_mux_->start(); + + { + auto response = std::make_unique(); + response->set_type_url(type_url); + response->set_version_info("1"); + response->mutable_control_plane()->set_identifier("control_plane_ID"); + + EXPECT_CALL(callbacks_, onConfigUpdate(_, _)); + expectSendMessage(type_url, {}, "1"); + EXPECT_LOG_CONTAINS("debug", "for foo from control_plane_ID", + grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response))); + } + { + auto response = std::make_unique(); + response->set_type_url(type_url); + response->set_version_info("2"); + response->mutable_control_plane()->set_identifier("different_ID"); + + EXPECT_CALL(callbacks_, onConfigUpdate(_, _)); + expectSendMessage(type_url, {}, "2"); + EXPECT_LOG_CONTAINS("debug", "for foo from different_ID", + grpc_mux_->grpcStreamForTest().onReceiveMessage(std::move(response))); + } +} + // Validate behavior when watches has an unknown resource name. TEST_F(GrpcMuxImplTest, WildcardWatch) { setup(); diff --git a/test/common/config/grpc_stream_test.cc b/test/common/config/grpc_stream_test.cc index ecd38d75d0b6..5128a21b2a3b 100644 --- a/test/common/config/grpc_stream_test.cc +++ b/test/common/config/grpc_stream_test.cc @@ -1,7 +1,7 @@ #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/grpc_stream.h" -#include "common/protobuf/protobuf.h" +#include "source/common/config/grpc_stream.h" +#include "source/common/protobuf/protobuf.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" diff --git a/test/common/config/grpc_subscription_test_harness.h b/test/common/config/grpc_subscription_test_harness.h index b5cca58fb4ab..aa6aea0e5686 100644 --- a/test/common/config/grpc_subscription_test_harness.h +++ b/test/common/config/grpc_subscription_test_harness.h @@ -8,11 +8,11 @@ #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/hash.h" -#include "common/config/api_version.h" -#include "common/config/grpc_mux_impl.h" -#include "common/config/grpc_subscription_impl.h" -#include "common/config/version_converter.h" +#include "source/common/common/hash.h" +#include "source/common/config/api_version.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/config/grpc_subscription_impl.h" +#include "source/common/config/version_converter.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" @@ -27,7 +27,6 @@ #include "gtest/gtest.h" using testing::_; -using testing::Invoke; using testing::Mock; using testing::NiceMock; using testing::Return; diff --git a/test/common/config/http_subscription_test_harness.h b/test/common/config/http_subscription_test_harness.h index cdb0266c5a92..b168ea3ab436 100644 --- a/test/common/config/http_subscription_test_harness.h +++ b/test/common/config/http_subscription_test_harness.h @@ -8,12 +8,12 @@ #include "envoy/http/async_client.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/utility.h" -#include "common/config/http_subscription_impl.h" -#include "common/config/utility.h" -#include "common/http/message_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/common/utility.h" +#include "source/common/config/http_subscription_impl.h" +#include "source/common/config/utility.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/common/config/subscription_test_harness.h" #include "test/mocks/config/mocks.h" diff --git a/test/common/config/metadata_test.cc b/test/common/config/metadata_test.cc index ee3c6b273ebf..72ad06f6dfe7 100644 --- a/test/common/config/metadata_test.cc +++ b/test/common/config/metadata_test.cc @@ -1,9 +1,9 @@ #include "envoy/common/exception.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/utility.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" diff --git a/test/common/config/new_grpc_mux_impl_test.cc b/test/common/config/new_grpc_mux_impl_test.cc index 3240986c1075..ce917b39a0fc 100644 --- a/test/common/config/new_grpc_mux_impl_test.cc +++ b/test/common/config/new_grpc_mux_impl_test.cc @@ -5,12 +5,12 @@ #include "envoy/event/timer.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/empty_string.h" -#include "common/config/new_grpc_mux_impl.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/new_grpc_mux_impl.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/protobuf.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" @@ -328,7 +328,8 @@ TEST_F(NewGrpcMuxImplTest, ConfigUpdateWithAliases) { response->mutable_resources()->at(0).add_aliases("prefix/domain1.test"); response->mutable_resources()->at(0).add_aliases("prefix/domain2.test"); - grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_); + EXPECT_LOG_CONTAINS("debug", "for " + type_url + " from HAL 9000", + grpc_mux_->onDiscoveryResponse(std::move(response), control_plane_stats_)); const auto& subscriptions = grpc_mux_->subscriptions(); auto sub = subscriptions.find(type_url); diff --git a/test/common/config/opaque_resource_decoder_impl_test.cc b/test/common/config/opaque_resource_decoder_impl_test.cc index 9aded46538ba..f36e20f61417 100644 --- a/test/common/config/opaque_resource_decoder_impl_test.cc +++ b/test/common/config/opaque_resource_decoder_impl_test.cc @@ -1,8 +1,8 @@ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/config/endpoint/v3/endpoint.pb.validate.h" -#include "common/config/opaque_resource_decoder_impl.h" -#include "common/protobuf/message_validator_impl.h" +#include "source/common/config/opaque_resource_decoder_impl.h" +#include "source/common/protobuf/message_validator_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/config/pausable_ack_queue_test.cc b/test/common/config/pausable_ack_queue_test.cc index f817cc7ff52a..f984193bf837 100644 --- a/test/common/config/pausable_ack_queue_test.cc +++ b/test/common/config/pausable_ack_queue_test.cc @@ -1,4 +1,4 @@ -#include "common/config/pausable_ack_queue.h" +#include "source/common/config/pausable_ack_queue.h" #include "gtest/gtest.h" diff --git a/test/common/config/registry_test.cc b/test/common/config/registry_test.cc index be6ea155d8bd..53d6979a42a6 100644 --- a/test/common/config/registry_test.cc +++ b/test/common/config/registry_test.cc @@ -3,7 +3,7 @@ #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" -#include "common/common/fmt.h" +#include "source/common/common/fmt.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" diff --git a/test/common/config/runtime_utility_test.cc b/test/common/config/runtime_utility_test.cc index 1e886ba80eb6..a479be40d55d 100644 --- a/test/common/config/runtime_utility_test.cc +++ b/test/common/config/runtime_utility_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/config/runtime_utility.h" +#include "source/common/config/runtime_utility.h" #include "test/test_common/utility.h" diff --git a/test/common/config/subscription_factory_impl_test.cc b/test/common/config/subscription_factory_impl_test.cc index a9d7e7e0c1bb..f41376504c02 100644 --- a/test/common/config/subscription_factory_impl_test.cc +++ b/test/common/config/subscription_factory_impl_test.cc @@ -8,8 +8,8 @@ #include "envoy/config/endpoint/v3/endpoint.pb.h" #include "envoy/stats/scope.h" -#include "common/config/subscription_factory_impl.h" -#include "common/config/xds_resource.h" +#include "source/common/config/subscription_factory_impl.h" +#include "source/common/config/xds_resource.h" #include "test/mocks/config/mocks.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/config/subscription_test_harness.h b/test/common/config/subscription_test_harness.h index 5b0fe24a49d2..e1b5421da711 100644 --- a/test/common/config/subscription_test_harness.h +++ b/test/common/config/subscription_test_harness.h @@ -1,6 +1,6 @@ #pragma once -#include "common/config/utility.h" +#include "source/common/config/utility.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/config/ttl_test.cc b/test/common/config/ttl_test.cc index 14e6edd6023a..f96741ac720b 100644 --- a/test/common/config/ttl_test.cc +++ b/test/common/config/ttl_test.cc @@ -1,6 +1,6 @@ #include -#include "common/config/ttl.h" +#include "source/common/config/ttl.h" #include "test/mocks/event/mocks.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/config/type_to_endpoint_test.cc b/test/common/config/type_to_endpoint_test.cc index f163d832218c..1dd24c0c0308 100644 --- a/test/common/config/type_to_endpoint_test.cc +++ b/test/common/config/type_to_endpoint_test.cc @@ -1,7 +1,7 @@ #include "envoy/api/v2/rds.pb.h" #include "envoy/service/route/v3/rds.pb.h" -#include "common/config/type_to_endpoint.h" +#include "source/common/config/type_to_endpoint.h" #include "gtest/gtest.h" diff --git a/test/common/config/utility_test.cc b/test/common/config/utility_test.cc index 8d97b8f22544..cd2ff60b96f3 100644 --- a/test/common/config/utility_test.cc +++ b/test/common/config/utility_test.cc @@ -6,11 +6,11 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/filters/http/cors/v3/cors.pb.h" -#include "common/common/fmt.h" -#include "common/config/api_version.h" -#include "common/config/utility.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/protobuf.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_version.h" +#include "source/common/config/utility.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/protobuf.h" #include "test/mocks/config/mocks.h" #include "test/mocks/grpc/mocks.h" @@ -26,7 +26,6 @@ #include "gtest/gtest.h" #include "udpa/type/v1/typed_struct.pb.h" -using testing::_; using testing::Ref; using testing::Return; diff --git a/test/common/config/version_converter_test.cc b/test/common/config/version_converter_test.cc index 1c7e949fb625..0b29da956e0b 100644 --- a/test/common/config/version_converter_test.cc +++ b/test/common/config/version_converter_test.cc @@ -3,9 +3,9 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/config/version_converter.h" -#include "common/protobuf/well_known.h" +#include "source/common/config/api_version.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/well_known.h" #include "test/common/config/version_converter.pb.h" #include "test/test_common/utility.h" @@ -32,7 +32,6 @@ bool hasOriginalTypeInformation(const Protobuf::Message& message) { TEST(VersionConverterTest, Upgrade) { // Create a v2 Cluster message with some fields set. API_NO_BOOST(envoy::api::v2::Cluster) source; - source.add_hosts(); source.mutable_load_assignment()->set_cluster_name("bar"); source.mutable_eds_cluster_config()->set_service_name("foo"); source.set_drain_connections_on_host_removal(true); @@ -41,8 +40,6 @@ TEST(VersionConverterTest, Upgrade) { VersionConverter::upgrade(source, dst); // Verify fields in v3 Cluster. EXPECT_TRUE(hasOriginalTypeInformation(dst)); - EXPECT_FALSE(dst.hidden_envoy_deprecated_hosts().empty()); - EXPECT_FALSE(hasOriginalTypeInformation(dst.hidden_envoy_deprecated_hosts(0))); EXPECT_EQ("bar", dst.load_assignment().cluster_name()); EXPECT_FALSE(hasOriginalTypeInformation(dst.load_assignment())); EXPECT_EQ("foo", dst.eds_cluster_config().service_name()); diff --git a/test/common/config/watch_map_test.cc b/test/common/config/watch_map_test.cc index 644318011006..1d8398091b05 100644 --- a/test/common/config/watch_map_test.cc +++ b/test/common/config/watch_map_test.cc @@ -6,7 +6,7 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/watch_map.h" +#include "source/common/config/watch_map.h" #include "test/mocks/config/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/config/watched_directory_test.cc b/test/common/config/watched_directory_test.cc index 8988306d4ad4..b22dd7dbb983 100644 --- a/test/common/config/watched_directory_test.cc +++ b/test/common/config/watched_directory_test.cc @@ -1,6 +1,6 @@ #include "envoy/filesystem/watcher.h" -#include "common/config/watched_directory.h" +#include "source/common/config/watched_directory.h" #include "test/mocks/event/mocks.h" #include "test/mocks/filesystem/mocks.h" diff --git a/test/common/config/xds_context_params_test.cc b/test/common/config/xds_context_params_test.cc index 50d96431f501..825cc6b9b8b3 100644 --- a/test/common/config/xds_context_params_test.cc +++ b/test/common/config/xds_context_params_test.cc @@ -1,4 +1,4 @@ -#include "common/config/xds_context_params.h" +#include "source/common/config/xds_context_params.h" #include "test/common/config/xds_test_utility.h" #include "test/test_common/logging.h" diff --git a/test/common/config/xds_resource_test.cc b/test/common/config/xds_resource_test.cc index 4331f69d783f..0cbe0954743f 100644 --- a/test/common/config/xds_resource_test.cc +++ b/test/common/config/xds_resource_test.cc @@ -1,4 +1,4 @@ -#include "common/config/xds_resource.h" +#include "source/common/config/xds_resource.h" #include "test/common/config/xds_test_utility.h" #include "test/test_common/utility.h" diff --git a/test/common/conn_pool/conn_pool_base_test.cc b/test/common/conn_pool/conn_pool_base_test.cc index 4b756ede0d01..5d8d64d359db 100644 --- a/test/common/conn_pool/conn_pool_base_test.cc +++ b/test/common/conn_pool/conn_pool_base_test.cc @@ -1,4 +1,4 @@ -#include "common/conn_pool/conn_pool_base.h" +#include "source/common/conn_pool/conn_pool_base.h" #include "test/common/upstream/utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/crypto/get_sha_256_digest_fuzz_test.cc b/test/common/crypto/get_sha_256_digest_fuzz_test.cc index 085778d4e41c..7440deab1031 100644 --- a/test/common/crypto/get_sha_256_digest_fuzz_test.cc +++ b/test/common/crypto/get_sha_256_digest_fuzz_test.cc @@ -1,5 +1,5 @@ -#include "common/buffer/buffer_impl.h" -#include "common/crypto/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/crypto/utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/crypto/utility_test.cc b/test/common/crypto/utility_test.cc index 53390d77ccee..e30dda5bf767 100644 --- a/test/common/crypto/utility_test.cc +++ b/test/common/crypto/utility_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" - -#include "extensions/common/crypto/crypto_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" +#include "source/extensions/common/crypto/crypto_impl.h" #include "gtest/gtest.h" diff --git a/test/common/crypto/verify_signature_fuzz_test.cc b/test/common/crypto/verify_signature_fuzz_test.cc index c64fa2436ecb..153c04d5f5db 100644 --- a/test/common/crypto/verify_signature_fuzz_test.cc +++ b/test/common/crypto/verify_signature_fuzz_test.cc @@ -1,5 +1,5 @@ -#include "common/common/hex.h" -#include "common/crypto/utility.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" #include "test/common/crypto/verify_signature_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/event/BUILD b/test/common/event/BUILD index d5448366b593..c42e8e1aff1e 100644 --- a/test/common/event/BUILD +++ b/test/common/event/BUILD @@ -30,7 +30,7 @@ envoy_cc_test( name = "file_event_impl_test", srcs = ["file_event_impl_test.cc"], deps = [ - "//include/envoy/event:file_event_interface", + "//envoy/event:file_event_interface", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", "//source/common/stats:isolated_store_lib", diff --git a/test/common/event/dispatcher_impl_test.cc b/test/common/event/dispatcher_impl_test.cc index fab86c343f1b..240a9485196f 100644 --- a/test/common/event/dispatcher_impl_test.cc +++ b/test/common/event/dispatcher_impl_test.cc @@ -3,15 +3,15 @@ #include "envoy/common/scope_tracker.h" #include "envoy/thread/thread.h" -#include "common/api/api_impl.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/lock_guard.h" -#include "common/common/scope_tracker.h" -#include "common/common/utility.h" -#include "common/event/deferred_task.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/timer_impl.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/scope_tracker.h" +#include "source/common/common/utility.h" +#include "source/common/event/deferred_task.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/timer_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/mocks/server/watch_dog.h" @@ -593,7 +593,7 @@ TEST_F(DispatcherImplTest, Timer) { TEST_F(DispatcherImplTest, TimerWithScope) { TimerPtr timer; - MockScopedTrackedObject scope; + MockScopeTrackedObject scope; dispatcher_->post([this, &timer, &scope]() { { // Expect a call to dumpState. The timer will call onFatalError during diff --git a/test/common/event/file_event_impl_test.cc b/test/common/event/file_event_impl_test.cc index 64abdc349ea9..67986afab8da 100644 --- a/test/common/event/file_event_impl_test.cc +++ b/test/common/event/file_event_impl_test.cc @@ -2,9 +2,9 @@ #include "envoy/event/file_event.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/test_common/environment.h" @@ -35,6 +35,17 @@ class FileEventImplTest : public testing::Test { ASSERT_EQ(sizeof(data), static_cast(result.rc_)); } + void clearReadable() { + // Read the data from the socket so it is no longer readable. + char buffer[10]; + struct iovec vec { + buffer, sizeof(buffer) + }; + const Api::SysCallSizeResult result = os_sys_calls_.readv(fds_[0], &vec, 1); + EXPECT_LT(0, static_cast(result.rc_)); + EXPECT_GT(sizeof(buffer), static_cast(result.rc_)); + } + void TearDown() override { os_sys_calls_.close(fds_[0]); os_sys_calls_.close(fds_[1]); @@ -253,18 +264,17 @@ TEST_F(FileEventImplTest, EdgeTrigger) { #endif TEST_F(FileEventImplTest, LevelTrigger) { + testing::InSequence s; ReadyWatcher read_event; - EXPECT_CALL(read_event, ready()).Times(2); ReadyWatcher write_event; - EXPECT_CALL(write_event, ready()).Times(2); - int count = 2; + int count = 0; Event::FileEventPtr file_event = dispatcher_->createFileEvent( fds_[0], [&](uint32_t events) -> void { - if (count-- == 0) { + ASSERT(count > 0); + if (--count == 0) { dispatcher_->exit(); - return; } if (events & FileReadyType::Read) { read_event.ready(); @@ -276,14 +286,43 @@ TEST_F(FileEventImplTest, LevelTrigger) { }, FileTriggerType::Level, FileReadyType::Read | FileReadyType::Write); + // Expect events to be delivered twice since count=2 and level events are delivered on each + // iteration until the fd state changes. + EXPECT_CALL(read_event, ready()); + EXPECT_CALL(write_event, ready()); + EXPECT_CALL(read_event, ready()); + EXPECT_CALL(write_event, ready()); + count = 2; + dispatcher_->run(Event::Dispatcher::RunType::Block); + + // Change the event mask to just Write and verify that only that event is delivered. + EXPECT_CALL(read_event, ready()).Times(0); + EXPECT_CALL(write_event, ready()); + file_event->setEnabled(FileReadyType::Write); + count = 1; + dispatcher_->run(Event::Dispatcher::RunType::Block); + + // Activate read, and verify it is delivered despite not being part of the enabled event mask. + EXPECT_CALL(read_event, ready()); + EXPECT_CALL(write_event, ready()); + file_event->activate(FileReadyType::Read); + count = 1; + dispatcher_->run(Event::Dispatcher::RunType::Block); + + // Activate read and then call setEnabled. Verify that the read event is not delivered; setEnabled + // clears events from explicit calls to activate. + EXPECT_CALL(read_event, ready()).Times(0); + EXPECT_CALL(write_event, ready()); + file_event->activate(FileReadyType::Read); + file_event->setEnabled(FileReadyType::Write); + count = 1; dispatcher_->run(Event::Dispatcher::RunType::Block); } TEST_F(FileEventImplTest, SetEnabled) { + testing::InSequence s; ReadyWatcher read_event; - EXPECT_CALL(read_event, ready()).Times(2); ReadyWatcher write_event; - EXPECT_CALL(write_event, ready()).Times(2); const FileTriggerType trigger = Event::PlatformDefaultTriggerType; @@ -300,17 +339,125 @@ TEST_F(FileEventImplTest, SetEnabled) { }, trigger, FileReadyType::Read | FileReadyType::Write); + EXPECT_CALL(read_event, ready()); file_event->setEnabled(FileReadyType::Read); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + EXPECT_CALL(write_event, ready()); file_event->setEnabled(FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); file_event->setEnabled(0); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + EXPECT_CALL(read_event, ready()); + EXPECT_CALL(write_event, ready()); + file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Run a manual event to ensure that previous expectations are satisfied before moving on. + ReadyWatcher manual_event; + EXPECT_CALL(manual_event, ready()); + manual_event.ready(); + + clearReadable(); + + file_event->setEnabled(FileReadyType::Read); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(write_event, ready()); + file_event->setEnabled(FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(write_event, ready()); + file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Repeat the previous registration, verify that write event is delivered again. + EXPECT_CALL(write_event, ready()); file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Synthetic read events are delivered even if the active registration doesn't contain them. + EXPECT_CALL(read_event, ready()); + file_event->activate(FileReadyType::Read); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Run a manual event to ensure that previous expectations are satisfied before moving on. + EXPECT_CALL(manual_event, ready()); + manual_event.ready(); + + // Do a read activation followed setEnabled to verify that the activation is cleared. + EXPECT_CALL(write_event, ready()); + file_event->activate(FileReadyType::Read); + file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Repeat the previous steps but with the same input to setEnabled to verify that the activation + // is cleared even in cases where the setEnable mask hasn't changed. + EXPECT_CALL(write_event, ready()); + file_event->activate(FileReadyType::Read); + file_event->setEnabled(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); +} + +TEST_F(FileEventImplTest, RegisterIfEmulatedEdge) { + // Test only applies if using EmulatedEdge trigger mode + if constexpr (PlatformDefaultTriggerType != FileTriggerType::EmulatedEdge) { + return; + } + + testing::InSequence s; + ReadyWatcher read_event; + ReadyWatcher write_event; + + const FileTriggerType trigger = Event::PlatformDefaultTriggerType; + + Event::FileEventPtr file_event = dispatcher_->createFileEvent( + fds_[0], + [&](uint32_t events) -> void { + if (events & FileReadyType::Read) { + read_event.ready(); + } + + if (events & FileReadyType::Write) { + write_event.ready(); + } + }, + trigger, FileReadyType::Read | FileReadyType::Write); + + EXPECT_CALL(read_event, ready()).Times(0); + EXPECT_CALL(write_event, ready()).Times(0); + file_event->unregisterEventIfEmulatedEdge(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(read_event, ready()); + file_event->registerEventIfEmulatedEdge(FileReadyType::Read); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(write_event, ready()); + file_event->registerEventIfEmulatedEdge(FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(read_event, ready()); + file_event->registerEventIfEmulatedEdge(FileReadyType::Read | FileReadyType::Write); + file_event->unregisterEventIfEmulatedEdge(FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(read_event, ready()).Times(0); + EXPECT_CALL(write_event, ready()).Times(0); + file_event->unregisterEventIfEmulatedEdge(FileReadyType::Read); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + EXPECT_CALL(read_event, ready()); + EXPECT_CALL(write_event, ready()); + file_event->registerEventIfEmulatedEdge(FileReadyType::Read | FileReadyType::Write); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + + // Events are delivered once due to auto unregistration after they are delivered. + EXPECT_CALL(read_event, ready()).Times(0); + EXPECT_CALL(write_event, ready()).Times(0); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); } } // namespace diff --git a/test/common/event/scaled_range_timer_manager_impl_test.cc b/test/common/event/scaled_range_timer_manager_impl_test.cc index 90ad37070a86..dbd7ca897a12 100644 --- a/test/common/event/scaled_range_timer_manager_impl_test.cc +++ b/test/common/event/scaled_range_timer_manager_impl_test.cc @@ -3,8 +3,8 @@ #include "envoy/common/scope_tracker.h" #include "envoy/event/timer.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/scaled_range_timer_manager_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/scaled_range_timer_manager_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/wrapped_dispatcher.h" @@ -299,7 +299,7 @@ class ScaledRangeTimerManagerTestWithScope : public ScaledRangeTimerManagerTest, public testing::WithParamInterface { public: ScopeTrackedObject* getScope() { return GetParam() ? &scope_ : nullptr; } - MockScopedTrackedObject scope_; + MockScopeTrackedObject scope_; }; TEST_P(ScaledRangeTimerManagerTestWithScope, ReRegisterOnCallback) { diff --git a/test/common/filesystem/directory_test.cc b/test/common/filesystem/directory_test.cc index 0efd2d81543f..ec47699d6a89 100644 --- a/test/common/filesystem/directory_test.cc +++ b/test/common/filesystem/directory_test.cc @@ -3,7 +3,7 @@ #include #include -#include "common/filesystem/directory.h" +#include "source/common/filesystem/directory.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" diff --git a/test/common/filesystem/filesystem_impl_test.cc b/test/common/filesystem/filesystem_impl_test.cc index bc406b6d0f18..fe2129638814 100644 --- a/test/common/filesystem/filesystem_impl_test.cc +++ b/test/common/filesystem/filesystem_impl_test.cc @@ -2,9 +2,9 @@ #include #include -#include "common/common/assert.h" -#include "common/common/utility.h" -#include "common/filesystem/filesystem_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/filesystem_impl.h" #include "test/test_common/environment.h" diff --git a/test/common/filesystem/watcher_impl_test.cc b/test/common/filesystem/watcher_impl_test.cc index 7928de7d2b4f..d110ad4b8f25 100644 --- a/test/common/filesystem/watcher_impl_test.cc +++ b/test/common/filesystem/watcher_impl_test.cc @@ -1,9 +1,9 @@ #include #include -#include "common/common/assert.h" -#include "common/event/dispatcher_impl.h" -#include "common/filesystem/watcher_impl.h" +#include "source/common/common/assert.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/filesystem/watcher_impl.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" diff --git a/test/common/filter/http/filter_config_discovery_impl_test.cc b/test/common/filter/http/filter_config_discovery_impl_test.cc index 33cff50a2836..3446c4bc338f 100644 --- a/test/common/filter/http/filter_config_discovery_impl_test.cc +++ b/test/common/filter/http/filter_config_discovery_impl_test.cc @@ -8,9 +8,9 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/utility.h" -#include "common/filter/http/filter_config_discovery_impl.h" -#include "common/json/json_loader.h" +#include "source/common/config/utility.h" +#include "source/common/filter/http/filter_config_discovery_impl.h" +#include "source/common/json/json_loader.h" #include "test/mocks/init/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/common/formatter/command_extension.cc b/test/common/formatter/command_extension.cc index 724650d1811a..76c291a0700c 100644 --- a/test/common/formatter/command_extension.cc +++ b/test/common/formatter/command_extension.cc @@ -1,6 +1,6 @@ #include "test/common/formatter/command_extension.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Formatter { @@ -29,7 +29,10 @@ FormatterProviderPtr TestCommandParser::parse(const std::string& token, size_t, return nullptr; } -CommandParserPtr TestCommandFactory::createCommandParserFromProto(const Protobuf::Message&) { +CommandParserPtr +TestCommandFactory::createCommandParserFromProto(const Protobuf::Message& message) { + // Cast the config message to the actual type to test that it was constructed properly. + [[maybe_unused]] const auto config = dynamic_cast(message); return std::make_unique(); } @@ -66,7 +69,10 @@ FormatterProviderPtr AdditionalCommandParser::parse(const std::string& token, si return nullptr; } -CommandParserPtr AdditionalCommandFactory::createCommandParserFromProto(const Protobuf::Message&) { +CommandParserPtr +AdditionalCommandFactory::createCommandParserFromProto(const Protobuf::Message& message) { + // Cast the config message to the actual type to test that it was constructed properly. + [[maybe_unused]] const auto config = dynamic_cast(message); return std::make_unique(); } @@ -78,7 +84,10 @@ ProtobufTypes::MessagePtr AdditionalCommandFactory::createEmptyConfigProto() { std::string AdditionalCommandFactory::name() const { return "envoy.formatter.AdditionalFormatter"; } -CommandParserPtr FailCommandFactory::createCommandParserFromProto(const Protobuf::Message&) { +CommandParserPtr +FailCommandFactory::createCommandParserFromProto(const Protobuf::Message& message) { + // Cast the config message to the actual type to test that it was constructed properly. + [[maybe_unused]] const auto config = dynamic_cast(message); return nullptr; } diff --git a/test/common/formatter/command_extension.h b/test/common/formatter/command_extension.h index 2abba003d9b2..4a91f071630a 100644 --- a/test/common/formatter/command_extension.h +++ b/test/common/formatter/command_extension.h @@ -5,7 +5,7 @@ #include "envoy/config/typed_config.h" #include "envoy/registry/registry.h" -#include "common/formatter/substitution_formatter.h" +#include "source/common/formatter/substitution_formatter.h" namespace Envoy { namespace Formatter { diff --git a/test/common/formatter/substitution_format_string_test.cc b/test/common/formatter/substitution_format_string_test.cc index 31924dbd19f4..a7363479e008 100644 --- a/test/common/formatter/substitution_format_string_test.cc +++ b/test/common/formatter/substitution_format_string_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/core/v3/substitution_format_string.pb.validate.h" -#include "common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_format_string.h" #include "test/common/formatter/command_extension.h" #include "test/mocks/http/mocks.h" @@ -48,7 +48,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigText) { )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()); + auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("plain text, path=/bar/foo, code=200", formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_)); @@ -65,7 +65,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJson) { )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()); + auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_); @@ -94,7 +94,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestInvalidConfigs) { for (const auto& yaml : invalid_configs) { TestUtility::loadFromYaml(yaml, config_); EXPECT_THROW_WITH_MESSAGE( - SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()), EnvoyException, + SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), EnvoyException, "Only string values, nested structs and list values are supported in structured access log " "format."); } @@ -114,7 +114,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigFormatterExtension) )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()); + auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); EXPECT_EQ("plain text TestFormatter", formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_)); } @@ -134,7 +134,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, )EOF"; TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()), + EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), EnvoyException, "Failed to create command parser: envoy.formatter.FailFormatter"); } @@ -150,7 +150,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigFormatterExtensionU )EOF"; TestUtility::loadFromYaml(yaml, config_); - EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()), + EXPECT_THROW_WITH_MESSAGE(SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), EnvoyException, "Formatter not found: envoy.formatter.TestFormatterUnknown"); } @@ -173,7 +173,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJsonWithExtension) )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()); + auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_); @@ -209,7 +209,7 @@ TEST_F(SubstitutionFormatStringUtilsTest, TestFromProtoConfigJsonWithMultipleExt )EOF"; TestUtility::loadFromYaml(yaml, config_); - auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_.api()); + auto formatter = SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); const auto out_json = formatter->format(request_headers_, response_headers_, response_trailers_, stream_info_, body_); diff --git a/test/common/formatter/substitution_formatter_fuzz_test.cc b/test/common/formatter/substitution_formatter_fuzz_test.cc index afdbb48de80b..f92a34885023 100644 --- a/test/common/formatter/substitution_formatter_fuzz_test.cc +++ b/test/common/formatter/substitution_formatter_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/formatter/substitution_formatter.h" +#include "source/common/formatter/substitution_formatter.h" #include "test/common/formatter/substitution_formatter_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/formatter/substitution_formatter_speed_test.cc b/test/common/formatter/substitution_formatter_speed_test.cc index 8fbb0573e8c5..320bd7d8878f 100644 --- a/test/common/formatter/substitution_formatter_speed_test.cc +++ b/test/common/formatter/substitution_formatter_speed_test.cc @@ -1,5 +1,5 @@ -#include "common/formatter/substitution_formatter.h" -#include "common/network/address_impl.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/network/address_impl.h" #include "test/common/stream_info/test_util.h" #include "test/mocks/http/mocks.h" diff --git a/test/common/formatter/substitution_formatter_test.cc b/test/common/formatter/substitution_formatter_test.cc index df374eaef4a8..ed1d38fbbea9 100644 --- a/test/common/formatter/substitution_formatter_test.cc +++ b/test/common/formatter/substitution_formatter_test.cc @@ -7,14 +7,14 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/stream_info/stream_info.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/formatter/substitution_formatter.h" -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/string_accessor_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/formatter/substitution_formatter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/string_accessor_impl.h" #include "test/common/formatter/command_extension.h" #include "test/mocks/api/mocks.h" @@ -1403,6 +1403,18 @@ TEST(SubstitutionFormatterTest, DynamicMetadataFormatter) { } { DynamicMetadataFormatter formatter("com.test", {"test_key"}, absl::optional()); + EXPECT_EQ("test_value", formatter.format(request_headers, response_headers, response_trailers, + stream_info, body)); + EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, + stream_info, body), + ProtoEq(ValueUtil::stringValue("test_value"))); + } + // Disable string value unquoting and expect the same result as above but quoted. + { + TestScopedRuntime scoped_runtime; + Runtime::LoaderSingleton::getExisting()->mergeValues( + {{"envoy.reloadable_features.unquote_log_string_values", "false"}}); + DynamicMetadataFormatter formatter("com.test", {"test_key"}, absl::optional()); EXPECT_EQ("\"test_value\"", formatter.format(request_headers, response_headers, response_trailers, stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, @@ -1425,8 +1437,8 @@ TEST(SubstitutionFormatterTest, DynamicMetadataFormatter) { { DynamicMetadataFormatter formatter("com.test", {"test_obj", "inner_key"}, absl::optional()); - EXPECT_EQ("\"inner_value\"", formatter.format(request_headers, response_headers, - response_trailers, stream_info, body)); + EXPECT_EQ("inner_value", formatter.format(request_headers, response_headers, response_trailers, + stream_info, body)); EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, stream_info, body), ProtoEq(ValueUtil::stringValue("inner_value"))); @@ -1462,8 +1474,8 @@ TEST(SubstitutionFormatterTest, DynamicMetadataFormatter) { // size limit { DynamicMetadataFormatter formatter("com.test", {"test_key"}, absl::optional(5)); - EXPECT_EQ("\"test", formatter.format(request_headers, response_headers, response_trailers, - stream_info, body)); + EXPECT_EQ("test_", formatter.format(request_headers, response_headers, response_trailers, + stream_info, body)); // N.B. Does not truncate. EXPECT_THAT(formatter.formatValue(request_headers, response_headers, response_trailers, @@ -2135,9 +2147,9 @@ TEST(SubstitutionFormatterTest, StructFormatterDynamicMetadataTest) { EXPECT_CALL(Const(stream_info), dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); absl::node_hash_map expected_json_map = { - {"test_key", "\"test_value\""}, + {"test_key", "test_value"}, {"test_obj", "{\"inner_key\":\"inner_value\"}"}, - {"test_obj.inner_key", "\"inner_value\""}}; + {"test_obj.inner_key", "inner_value"}}; ProtobufWkt::Struct key_mapping; TestUtility::loadFromYaml(R"EOF( @@ -2200,9 +2212,9 @@ TEST(SubstitutionFormatterTest, StructFormatterClusterMetadataTest) { EXPECT_CALL(Const(stream_info), upstreamClusterInfo()).WillRepeatedly(ReturnPointee(cluster)); absl::node_hash_map expected_json_map = { - {"test_key", "\"test_value\""}, + {"test_key", "test_value"}, {"test_obj", "{\"inner_key\":\"inner_value\"}"}, - {"test_obj.inner_key", "\"inner_value\""}, + {"test_obj.inner_key", "inner_value"}, {"test_obj.non_existing_key", "-"}, }; @@ -2648,7 +2660,7 @@ TEST(SubstitutionFormatterTest, CompositeFormatterSuccess) { FormatterImpl formatter(format, false); EXPECT_EQ( - "\"test_value\"|{\"inner_key\":\"inner_value\"}|\"inner_value\"", + "test_value|{\"inner_key\":\"inner_value\"}|inner_value", formatter.format(request_header, response_header, response_trailer, stream_info, body)); } diff --git a/test/common/grpc/BUILD b/test/common/grpc/BUILD index ed8fb7f6170d..78fe8522438e 100644 --- a/test/common/grpc/BUILD +++ b/test/common/grpc/BUILD @@ -172,7 +172,6 @@ envoy_cc_test( deps = [ ":grpc_client_integration_test_harness_lib", "//source/common/grpc:async_client_lib", - "//source/extensions/grpc_credentials:well_known_names", "//source/extensions/grpc_credentials/example:config", ] + envoy_select_google_grpc(["//source/common/grpc:google_async_client_lib"]), ) diff --git a/test/common/grpc/async_client_impl_test.cc b/test/common/grpc/async_client_impl_test.cc index a2ef2f7a3420..0f67ac316d54 100644 --- a/test/common/grpc/async_client_impl_test.cc +++ b/test/common/grpc/async_client_impl_test.cc @@ -1,8 +1,8 @@ #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/grpc/async_client_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_impl.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/tracing/mocks.h" diff --git a/test/common/grpc/async_client_manager_impl_test.cc b/test/common/grpc/async_client_manager_impl_test.cc index 72d8507ed81e..9f748cac0427 100644 --- a/test/common/grpc/async_client_manager_impl_test.cc +++ b/test/common/grpc/async_client_manager_impl_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/api/api_impl.h" -#include "common/grpc/async_client_manager_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/grpc/async_client_manager_impl.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/thread_local/mocks.h" diff --git a/test/common/grpc/codec_fuzz_test.cc b/test/common/grpc/codec_fuzz_test.cc index 782ab1b1eba5..1d75425e7bbc 100644 --- a/test/common/grpc/codec_fuzz_test.cc +++ b/test/common/grpc/codec_fuzz_test.cc @@ -1,5 +1,5 @@ -#include "common/buffer/buffer_impl.h" -#include "common/grpc/codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/codec.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" diff --git a/test/common/grpc/codec_test.cc b/test/common/grpc/codec_test.cc index e85b973be4a9..c028559bc828 100644 --- a/test/common/grpc/codec_test.cc +++ b/test/common/grpc/codec_test.cc @@ -3,8 +3,8 @@ #include #include -#include "common/buffer/buffer_impl.h" -#include "common/grpc/codec.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/codec.h" #include "test/common/buffer/utility.h" #include "test/proto/helloworld.pb.h" diff --git a/test/common/grpc/common_test.cc b/test/common/grpc/common_test.cc index 4a54ee4b6bbb..259f39a9797f 100644 --- a/test/common/grpc/common_test.cc +++ b/test/common/grpc/common_test.cc @@ -1,9 +1,9 @@ #include "envoy/common/platform.h" -#include "common/grpc/common.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" #include "test/mocks/stream_info/mocks.h" #include "test/proto/helloworld.pb.h" diff --git a/test/common/grpc/context_impl_test.cc b/test/common/grpc/context_impl_test.cc index c7ccd3476803..02b76d8ac6c5 100644 --- a/test/common/grpc/context_impl_test.cc +++ b/test/common/grpc/context_impl_test.cc @@ -1,11 +1,11 @@ #include "envoy/common/platform.h" -#include "common/grpc/common.h" -#include "common/grpc/context_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/mocks/upstream/cluster_info.h" #include "test/test_common/global.h" diff --git a/test/common/grpc/google_async_client_cache_test.cc b/test/common/grpc/google_async_client_cache_test.cc index 6d36ff2efb74..6646efc7bc49 100644 --- a/test/common/grpc/google_async_client_cache_test.cc +++ b/test/common/grpc/google_async_client_cache_test.cc @@ -1,4 +1,4 @@ -#include "common/grpc/google_async_client_cache.h" +#include "source/common/grpc/google_async_client_cache.h" #include "test/mocks/server/factory_context.h" diff --git a/test/common/grpc/google_async_client_impl_test.cc b/test/common/grpc/google_async_client_impl_test.cc index c54e2d2aea5b..977d734e2fff 100644 --- a/test/common/grpc/google_async_client_impl_test.cc +++ b/test/common/grpc/google_async_client_impl_test.cc @@ -1,12 +1,12 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/stats/scope.h" -#include "common/api/api_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/grpc/google_async_client_impl.h" -#include "common/network/address_impl.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/grpc/google_async_client_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/tracing/mocks.h" diff --git a/test/common/grpc/google_grpc_creds_test.cc b/test/common/grpc/google_grpc_creds_test.cc index 8c3b4efdefd4..e405adc834d7 100644 --- a/test/common/grpc/google_grpc_creds_test.cc +++ b/test/common/grpc/google_grpc_creds_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/grpc/google_grpc_creds_impl.h" +#include "source/common/grpc/google_grpc_creds_impl.h" #include "test/common/grpc/utility.h" #include "test/mocks/stats/mocks.h" diff --git a/test/common/grpc/google_grpc_utils_test.cc b/test/common/grpc/google_grpc_utils_test.cc index 5bf3264a329a..0724577e883e 100644 --- a/test/common/grpc/google_grpc_utils_test.cc +++ b/test/common/grpc/google_grpc_utils_test.cc @@ -1,6 +1,6 @@ #include "envoy/common/platform.h" -#include "common/grpc/google_grpc_utils.h" +#include "source/common/grpc/google_grpc_utils.h" #include "test/proto/helloworld.pb.h" #include "test/test_common/utility.h" diff --git a/test/common/grpc/grpc_client_integration.h b/test/common/grpc/grpc_client_integration.h index 112b73f96545..0c559cf69924 100644 --- a/test/common/grpc/grpc_client_integration.h +++ b/test/common/grpc/grpc_client_integration.h @@ -2,7 +2,7 @@ #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" diff --git a/test/common/grpc/grpc_client_integration_test.cc b/test/common/grpc/grpc_client_integration_test.cc index 0f3ff252a589..96be74c4871a 100644 --- a/test/common/grpc/grpc_client_integration_test.cc +++ b/test/common/grpc/grpc_client_integration_test.cc @@ -1,9 +1,7 @@ #ifdef ENVOY_GOOGLE_GRPC #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/grpc/google_async_client_impl.h" - -#include "extensions/grpc_credentials/well_known_names.h" +#include "source/common/grpc/google_async_client_impl.h" #endif @@ -452,8 +450,7 @@ INSTANTIATE_TEST_SUITE_P(SslIpVersionsClientType, GrpcAccessTokenClientIntegrati TEST_P(GrpcAccessTokenClientIntegrationTest, AccessTokenAuthRequest) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; + credentials_factory_name_ = "envoy.grpc_credentials.access_token_example"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -464,8 +461,7 @@ TEST_P(GrpcAccessTokenClientIntegrationTest, AccessTokenAuthRequest) { TEST_P(GrpcAccessTokenClientIntegrationTest, AccessTokenAuthStream) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; + credentials_factory_name_ = "envoy.grpc_credentials.access_token_example"; initialize(); auto stream = createStream(empty_metadata_); stream->sendServerInitialMetadata(empty_metadata_); @@ -480,8 +476,7 @@ TEST_P(GrpcAccessTokenClientIntegrationTest, MultipleAccessTokens) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; access_token_value_2_ = "accesstokenvalue2"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; + credentials_factory_name_ = "envoy.grpc_credentials.access_token_example"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -493,8 +488,7 @@ TEST_P(GrpcAccessTokenClientIntegrationTest, ExtraCredentialParams) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); access_token_value_ = "accesstokenvalue"; refresh_token_value_ = "refreshtokenvalue"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; + credentials_factory_name_ = "envoy.grpc_credentials.access_token_example"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -504,8 +498,7 @@ TEST_P(GrpcAccessTokenClientIntegrationTest, ExtraCredentialParams) { // Validate that no access token still works TEST_P(GrpcAccessTokenClientIntegrationTest, NoAccessTokens) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().AccessTokenExample; + credentials_factory_name_ = "envoy.grpc_credentials.access_token_example"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); diff --git a/test/common/grpc/grpc_client_integration_test_harness.h b/test/common/grpc/grpc_client_integration_test_harness.h index 7a611435607c..619c2b4d13cb 100644 --- a/test/common/grpc/grpc_client_integration_test_harness.h +++ b/test/common/grpc/grpc_client_integration_test_harness.h @@ -7,26 +7,26 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/stats/scope.h" -#include "common/api/api_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/grpc/async_client_impl.h" -#include "common/grpc/context_impl.h" -#include "common/http/context_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/grpc/async_client_impl.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/context_impl.h" #ifdef ENVOY_GOOGLE_GRPC -#include "common/grpc/google_async_client_impl.h" +#include "source/common/grpc/google_async_client_impl.h" #endif -#include "common/http/async_client_impl.h" -#include "common/http/codes.h" -#include "common/http/http2/conn_pool.h" -#include "common/network/connection_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/router/context_impl.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/http/codes.h" +#include "source/common/http/http2/conn_pool.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/router/context_impl.h" +#include "source/common/stats/symbol_table_impl.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/common/grpc/utility.h" @@ -246,7 +246,7 @@ class GrpcClientIntegrationTest : public GrpcClientIntegrationParamTest { virtual void initialize() { if (fake_upstream_ == nullptr) { FakeUpstreamConfig config(test_time_.timeSystem()); - config.upstream_protocol_ = FakeHttpConnection::Type::HTTP2; + config.upstream_protocol_ = Http::CodecType::HTTP2; fake_upstream_ = std::make_unique(0, ipVersion(), config); } switch (clientType()) { @@ -305,7 +305,7 @@ class GrpcClientIntegrationTest : public GrpcClientIntegrationParamTest { Upstream::ResourcePriority::Default, nullptr, nullptr, state_); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillRepeatedly(Return(http_conn_pool_.get())); + .WillRepeatedly(Return(Upstream::HttpPoolData([]() {}, http_conn_pool_.get()))); http_async_client_ = std::make_unique( cm_.thread_local_cluster_.cluster_.info_, *stats_store_, *dispatcher_, local_info_, cm_, runtime_, random_, std::move(shadow_writer_ptr_), http_context_, router_context_); @@ -524,7 +524,7 @@ class GrpcSslClientIntegrationTest : public GrpcClientIntegrationTest { async_client_transport_socket_ = mock_host_description_->socket_factory_->createTransportSocket(nullptr); FakeUpstreamConfig config(test_time_.timeSystem()); - config.upstream_protocol_ = FakeHttpConnection::Type::HTTP2; + config.upstream_protocol_ = Http::CodecType::HTTP2; fake_upstream_ = std::make_unique(createUpstreamSslContext(), 0, ipVersion(), config); diff --git a/test/common/html/utility_test.cc b/test/common/html/utility_test.cc index 8eb83bc3cc60..410e24b8bb22 100644 --- a/test/common/html/utility_test.cc +++ b/test/common/html/utility_test.cc @@ -1,4 +1,4 @@ -#include "common/html/utility.h" +#include "source/common/html/utility.h" #include "gtest/gtest.h" diff --git a/test/common/http/BUILD b/test/common/http/BUILD index ee91fd614c68..df4b5763d249 100644 --- a/test/common/http/BUILD +++ b/test/common/http/BUILD @@ -156,8 +156,8 @@ envoy_cc_test_library( srcs = ["common.cc"], hdrs = ["common.h"], deps = [ - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:header_map_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:header_map_interface", "//source/common/http:codec_client_lib", "//test/mocks:common_lib", "//test/mocks/event:event_mocks", @@ -214,7 +214,8 @@ envoy_cc_test( ], shard_count = 3, deps = [ - ":ip_detection_extensions_lib", + ":custom_header_extension_lib", + ":xff_extension_lib", "//source/common/http:conn_manager_lib", "//source/common/http:context_lib", "//source/extensions/access_loggers/common:file_access_log_lib", @@ -239,7 +240,8 @@ envoy_cc_test( name = "conn_manager_utility_test", srcs = ["conn_manager_utility_test.cc"], deps = [ - ":ip_detection_extensions_lib", + ":custom_header_extension_lib", + ":xff_extension_lib", "//source/common/common:random_generator_lib", "//source/common/event:dispatcher_lib", "//source/common/http:conn_manager_lib", @@ -418,8 +420,6 @@ envoy_cc_test( ], ) -# TODO(alyssawilk): The conn pool grid should work correctly without H3. Circle back and figure -# out the right way of handling the lack of H3 in the build. envoy_cc_test( name = "conn_pool_grid_test", srcs = envoy_select_enable_http3(["conn_pool_grid_test.cc"]), @@ -436,6 +436,7 @@ envoy_cc_test( "//test/mocks/router:router_mocks", "//test/mocks/runtime:runtime_mocks", "//test/mocks/stats:stats_mocks", + "//test/mocks/server:transport_socket_factory_context_mocks", "//source/common/quic:quic_factory_lib", "//source/common/quic:quic_transport_socket_factory_lib", "//source/common/quic:client_connection_factory_lib", @@ -497,11 +498,19 @@ envoy_cc_fuzz_test( ) envoy_cc_test_library( - name = "ip_detection_extensions_lib", - srcs = ["ip_detection_extensions.cc"], - hdrs = ["ip_detection_extensions.h"], + name = "custom_header_extension_lib", + srcs = ["custom_header_extension.cc"], + hdrs = ["custom_header_extension.h"], deps = [ "//source/extensions/http/original_ip_detection/custom_header:custom_header_lib", + ], +) + +envoy_cc_test_library( + name = "xff_extension_lib", + srcs = ["xff_extension.cc"], + hdrs = ["xff_extension.h"], + deps = [ "//source/extensions/http/original_ip_detection/xff:xff_lib", ], ) diff --git a/test/common/http/alternate_protocols_cache_impl_test.cc b/test/common/http/alternate_protocols_cache_impl_test.cc index dc0f95848d2b..4abc98ddb5be 100644 --- a/test/common/http/alternate_protocols_cache_impl_test.cc +++ b/test/common/http/alternate_protocols_cache_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/http/alternate_protocols_cache_impl.h" +#include "source/common/http/alternate_protocols_cache_impl.h" #include "test/test_common/simulated_time_system.h" @@ -23,29 +23,31 @@ class AlternateProtocolsCacheImplTest : public testing::Test, public Event::Test const std::string alpn1_ = "alpn1"; const std::string alpn2_ = "alpn2"; + const MonotonicTime expiration1_ = simTime().monotonicTime() + Seconds(5); + const MonotonicTime expiration2_ = simTime().monotonicTime() + Seconds(10); + const AlternateProtocolsCacheImpl::Origin origin1_ = {https_, hostname1_, port1_}; const AlternateProtocolsCacheImpl::Origin origin2_ = {https_, hostname2_, port2_}; - const AlternateProtocolsCacheImpl::AlternateProtocol protocol1_ = {alpn1_, hostname1_, port1_}; - const AlternateProtocolsCacheImpl::AlternateProtocol protocol2_ = {alpn2_, hostname2_, port2_}; + const AlternateProtocolsCacheImpl::AlternateProtocol protocol1_ = {alpn1_, hostname1_, port1_, + expiration1_}; + const AlternateProtocolsCacheImpl::AlternateProtocol protocol2_ = {alpn2_, hostname2_, port2_, + expiration2_}; const std::vector protocols1_ = {protocol1_}; const std::vector protocols2_ = {protocol2_}; - - const MonotonicTime expiration1_ = simTime().monotonicTime() + Seconds(5); - const MonotonicTime expiration2_ = simTime().monotonicTime() + Seconds(10); }; TEST_F(AlternateProtocolsCacheImplTest, Init) { EXPECT_EQ(0, protocols_.size()); } TEST_F(AlternateProtocolsCacheImplTest, SetAlternatives) { EXPECT_EQ(0, protocols_.size()); - protocols_.setAlternatives(origin1_, protocols1_, expiration1_); + protocols_.setAlternatives(origin1_, protocols1_); EXPECT_EQ(1, protocols_.size()); } TEST_F(AlternateProtocolsCacheImplTest, FindAlternatives) { - protocols_.setAlternatives(origin1_, protocols1_, expiration1_); + protocols_.setAlternatives(origin1_, protocols1_); OptRef> protocols = protocols_.findAlternatives(origin1_); ASSERT_TRUE(protocols.has_value()); @@ -53,8 +55,8 @@ TEST_F(AlternateProtocolsCacheImplTest, FindAlternatives) { } TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterReplacement) { - protocols_.setAlternatives(origin1_, protocols1_, expiration1_); - protocols_.setAlternatives(origin1_, protocols2_, expiration2_); + protocols_.setAlternatives(origin1_, protocols1_); + protocols_.setAlternatives(origin1_, protocols2_); OptRef> protocols = protocols_.findAlternatives(origin1_); ASSERT_TRUE(protocols.has_value()); @@ -63,8 +65,8 @@ TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterReplacement) { } TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesForMultipleOrigins) { - protocols_.setAlternatives(origin1_, protocols1_, expiration1_); - protocols_.setAlternatives(origin2_, protocols2_, expiration2_); + protocols_.setAlternatives(origin1_, protocols1_); + protocols_.setAlternatives(origin2_, protocols2_); OptRef> protocols = protocols_.findAlternatives(origin1_); ASSERT_TRUE(protocols.has_value()); @@ -75,7 +77,7 @@ TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesForMultipleOrigins) { } TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterExpiration) { - protocols_.setAlternatives(origin1_, protocols1_, expiration1_); + protocols_.setAlternatives(origin1_, protocols1_); simTime().setMonotonicTime(expiration1_ + Seconds(1)); OptRef> protocols = protocols_.findAlternatives(origin1_); @@ -83,6 +85,37 @@ TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterExpiration) { EXPECT_EQ(0, protocols_.size()); } +TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterPartialExpiration) { + protocols_.setAlternatives(origin1_, {protocol1_, protocol2_}); + simTime().setMonotonicTime(expiration1_ + Seconds(1)); + OptRef> protocols = + protocols_.findAlternatives(origin1_); + ASSERT_TRUE(protocols.has_value()); + EXPECT_EQ(protocols2_.size(), protocols->size()); + EXPECT_EQ(protocols2_, protocols.ref()); +} + +TEST_F(AlternateProtocolsCacheImplTest, FindAlternativesAfterTruncation) { + AlternateProtocolsCacheImpl::AlternateProtocol protocol = protocol1_; + + std::vector expected_protocols; + for (size_t i = 0; i < 10; ++i) { + protocol.port_++; + expected_protocols.push_back(protocol); + } + std::vector full_protocols = expected_protocols; + protocol.port_++; + full_protocols.push_back(protocol); + full_protocols.push_back(protocol); + + protocols_.setAlternatives(origin1_, full_protocols); + OptRef> protocols = + protocols_.findAlternatives(origin1_); + ASSERT_TRUE(protocols.has_value()); + EXPECT_EQ(10, protocols->size()); + EXPECT_EQ(expected_protocols, protocols.ref()); +} + } // namespace } // namespace Http } // namespace Envoy diff --git a/test/common/http/alternate_protocols_cache_manager_test.cc b/test/common/http/alternate_protocols_cache_manager_test.cc index 7eb16ef48c8d..c26570eac76f 100644 --- a/test/common/http/alternate_protocols_cache_manager_test.cc +++ b/test/common/http/alternate_protocols_cache_manager_test.cc @@ -1,5 +1,5 @@ -#include "common/http/alternate_protocols_cache_manager_impl.h" -#include "common/singleton/manager_impl.h" +#include "source/common/http/alternate_protocols_cache_manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "test/mocks/thread_local/mocks.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/http/async_client_impl_test.cc b/test/common/http/async_client_impl_test.cc index cbff548d733a..ea81164f1cc4 100644 --- a/test/common/http/async_client_impl_test.cc +++ b/test/common/http/async_client_impl_test.cc @@ -6,12 +6,12 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/route/v3/route_components.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/async_client_impl.h" -#include "common/http/context_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/router/context_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/async_client_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/router/context_impl.h" #include "test/common/http/common.h" #include "test/mocks/buffer/mocks.h" @@ -53,6 +53,7 @@ class AsyncClientImplTest : public testing::Test { ON_CALL(*cm_.thread_local_cluster_.conn_pool_.host_, locality()) .WillByDefault(ReturnRef(envoy::config::core::v3::Locality().default_instance())); cm_.initializeThreadLocalClusters({"fake_cluster"}); + HttpTestUtility::addDefaultHeaders(headers_); } virtual void expectSuccess(AsyncClient::Request* sent_request, uint64_t code) { @@ -75,6 +76,7 @@ class AsyncClientImplTest : public testing::Test { })); } + TestRequestHeaderMapImpl headers_{}; RequestMessagePtr message_{new RequestMessageImpl()}; Stats::MockIsolatedStatsStore stats_store_; MockAsyncClientCallbacks callbacks_; @@ -311,12 +313,11 @@ TEST_F(AsyncClientImplTest, BasicHashPolicy) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) .WillOnce( - Invoke([&](Upstream::ResourcePriority, auto, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { + Invoke([&](Upstream::ResourcePriority, auto, Upstream::LoadBalancerContext* context) { // this is the hash of :path header value "/" // the hash stability across releases is expected, so test the hash value directly here. EXPECT_EQ(16761507700594825962UL, context->computeHashKey().value()); - return &cm_.thread_local_cluster_.conn_pool_; + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); })); TestRequestHeaderMapImpl copy(message_->headers()); @@ -356,12 +357,11 @@ TEST_F(AsyncClientImplTest, WithoutMetadata) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(context->metadataMatchCriteria(), nullptr); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(context->metadataMatchCriteria(), nullptr); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); TestRequestHeaderMapImpl copy(message_->headers()); copy.addCopy("x-envoy-internal", "true"); @@ -400,14 +400,13 @@ TEST_F(AsyncClientImplTest, WithMetadata) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_NE(context->metadataMatchCriteria(), nullptr); - EXPECT_EQ(context->metadataMatchCriteria()->metadataMatchCriteria().at(0)->name(), - "fake_test_key"); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_NE(context->metadataMatchCriteria(), nullptr); + EXPECT_EQ(context->metadataMatchCriteria()->metadataMatchCriteria().at(0)->name(), + "fake_test_key"); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); TestRequestHeaderMapImpl copy(message_->headers()); copy.addCopy("x-envoy-internal", "true"); @@ -1491,10 +1490,8 @@ TEST_F(AsyncClientImplTest, MultipleDataStream) { } TEST_F(AsyncClientImplTest, WatermarkCallbacks) { - TestRequestHeaderMapImpl headers; - HttpTestUtility::addDefaultHeaders(headers); AsyncClient::Stream* stream = client_.start(stream_callbacks_, AsyncClient::StreamOptions()); - stream->sendHeaders(headers, false); + stream->sendHeaders(headers_, false); Http::StreamDecoderFilterCallbacks* filter_callbacks = static_cast(stream); filter_callbacks->onDecoderFilterAboveWriteBufferHighWatermark(); @@ -1509,10 +1506,8 @@ TEST_F(AsyncClientImplTest, WatermarkCallbacks) { } TEST_F(AsyncClientImplTest, RdsGettersTest) { - TestRequestHeaderMapImpl headers; - HttpTestUtility::addDefaultHeaders(headers); AsyncClient::Stream* stream = client_.start(stream_callbacks_, AsyncClient::StreamOptions()); - stream->sendHeaders(headers, false); + stream->sendHeaders(headers_, false); Http::StreamDecoderFilterCallbacks* filter_callbacks = static_cast(stream); auto route = filter_callbacks->route(); @@ -1525,7 +1520,7 @@ TEST_F(AsyncClientImplTest, RdsGettersTest) { const auto& route_config = route_entry->virtualHost().routeConfig(); EXPECT_EQ("", route_config.name()); EXPECT_EQ(0, route_config.internalOnlyHeaders().size()); - EXPECT_EQ(nullptr, route_config.route(headers, stream_info_, 0)); + EXPECT_EQ(nullptr, route_config.route(headers_, stream_info_, 0)); auto cluster_info = filter_callbacks->clusterInfo(); ASSERT_NE(nullptr, cluster_info); EXPECT_EQ(cm_.thread_local_cluster_.cluster_.info_, cluster_info); @@ -1533,8 +1528,6 @@ TEST_F(AsyncClientImplTest, RdsGettersTest) { } TEST_F(AsyncClientImplTest, DumpState) { - TestRequestHeaderMapImpl headers; - HttpTestUtility::addDefaultHeaders(headers); AsyncClient::Stream* stream = client_.start(stream_callbacks_, AsyncClient::StreamOptions()); Http::StreamDecoderFilterCallbacks* filter_callbacks = static_cast(stream); diff --git a/test/common/http/async_client_utility_test.cc b/test/common/http/async_client_utility_test.cc index afcfc0ef0d0e..fc4e64bc793f 100644 --- a/test/common/http/async_client_utility_test.cc +++ b/test/common/http/async_client_utility_test.cc @@ -1,4 +1,4 @@ -#include "common/http/async_client_utility.h" +#include "source/common/http/async_client_utility.h" #include "test/mocks/http/mocks.h" diff --git a/test/common/http/codec_client_test.cc b/test/common/http/codec_client_test.cc index 4f601a5a4561..25a854defb3b 100644 --- a/test/common/http/codec_client_test.cc +++ b/test/common/http/codec_client_test.cc @@ -1,13 +1,13 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/http/codec_client.h" -#include "common/http/exception.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/utility.h" -#include "common/stream_info/stream_info_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/exception.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" @@ -34,7 +34,6 @@ using testing::Pointee; using testing::Ref; using testing::Return; using testing::ReturnRef; -using testing::Throw; namespace Envoy { namespace Http { @@ -57,8 +56,8 @@ class CodecClientTest : public Event::TestUsingSimulatedTime, public testing::Te Network::ClientConnectionPtr connection{connection_}; EXPECT_CALL(dispatcher_, createTimer_(_)); - client_ = std::make_unique(CodecClient::Type::HTTP1, std::move(connection), - codec_, nullptr, host_, dispatcher_); + client_ = std::make_unique(CodecType::HTTP1, std::move(connection), codec_, + nullptr, host_, dispatcher_); ON_CALL(*connection_, streamInfo()).WillByDefault(ReturnRef(stream_info_)); } @@ -88,8 +87,8 @@ TEST_F(CodecClientTest, NotCallDetectEarlyCloseWhenReadDiabledUsingHttp3) { auto codec = new Http::MockClientConnection(); EXPECT_CALL(dispatcher_, createTimer_(_)); - client_ = std::make_unique(CodecClient::Type::HTTP3, std::move(connection), - codec, nullptr, host_, dispatcher_); + client_ = std::make_unique(CodecType::HTTP3, std::move(connection), codec, + nullptr, host_, dispatcher_); } TEST_F(CodecClientTest, BasicHeaderOnlyResponse) { @@ -309,9 +308,8 @@ class CodecNetworkTest : public Event::TestUsingSimulatedTime, client_connection_->addConnectionCallbacks(client_callbacks_); codec_ = new Http::MockClientConnection(); - client_ = - std::make_unique(CodecClient::Type::HTTP1, std::move(client_connection), - codec_, nullptr, host_, *dispatcher_); + client_ = std::make_unique(CodecType::HTTP1, std::move(client_connection), + codec_, nullptr, host_, *dispatcher_); int expected_callbacks = 2; EXPECT_CALL(listener_callbacks_, onAccept_(_)) diff --git a/test/common/http/codec_impl_corpus/clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5766628005642240 b/test/common/http/codec_impl_corpus/clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5766628005642240 new file mode 100644 index 000000000000..584b156e01ec --- /dev/null +++ b/test/common/http/codec_impl_corpus/clusterfuzz-testcase-minimized-codec_impl_fuzz_test-5766628005642240 @@ -0,0 +1,192 @@ +actions { + server_drain { + } +} +actions { + new_stream { + request_headers { + headers { + key: ":method" + value: "GET" + } + headers { + key: ":path" + value: "/" + } + headers { + key: ":scheme" + value: "E" + } + headers { + key: ":authority" + value: "V" + } + } + } +} +actions { + server_drain { + } +} +actions { + client_drain { + } +} +actions { + swap_buffer { + } +} +actions { + swap_buffer { + } +} +actions { + client_drain { + } +} +actions { + server_drain { + } +} +actions { + server_drain { + } +} +actions { + stream_action { + response { + headers { + } + } + } +} +actions { + server_drain { + } +} +actions { + stream_action { + response { + data: 1751212400 + } + } +} +actions { + swap_buffer { + } +} +actions { + stream_action { + response { + data: 8963 + } + } +} +actions { + quiesce_drain { + } +} +actions { + stream_action { + response { + data: 9 + } + } +} +actions { + stream_action { + response { + data: 9 + } + } +} +actions { + client_drain { + } +} +actions { + stream_action { + response { + data: 3 + } + } +} +actions { + quiesce_drain { + } +} +actions { + quiesce_drain { + } +} +actions { + stream_action { + response { + data: 3 + } + } +} +actions { + stream_action { + request { + data: 0 + } + } +} +actions { + quiesce_drain { + } +} +actions { + stream_action { + response { + data: 9 + end_stream: true + } + } +} +actions { + quiesce_drain { + } +} +actions { + stream_action { + response { + data: 3 + } + } +} +actions { + client_drain { + } +} +actions { + stream_action { + request { + data: 7 + } + } +} +actions { + stream_action { + stream_id: 2097152 + response { + data: 9 + } + } +} +actions { + stream_action { + response { + data: 0 + } + } +} +actions { + mutate { + } +} +actions { + swap_buffer { + } +} diff --git a/test/common/http/codec_impl_corpus/send_request_after_response_closed b/test/common/http/codec_impl_corpus/send_request_after_response_closed new file mode 100644 index 000000000000..98183d850e7c --- /dev/null +++ b/test/common/http/codec_impl_corpus/send_request_after_response_closed @@ -0,0 +1,38 @@ +actions { + new_stream { + request_headers { + headers { + key: ":method" + value: "HEAD" + } + headers { + key: ":path" + value: "/" + } + } + } +} +actions { + quiesce_drain { + } +} +actions { + stream_action { + response { + headers { + } + } + } +} +actions { + server_drain { + } +} +actions { + stream_action { + request { + trailers { + } + } + } +} diff --git a/test/common/http/codec_impl_fuzz_test.cc b/test/common/http/codec_impl_fuzz_test.cc index d0fbdca11a4f..61e8bbd736ce 100644 --- a/test/common/http/codec_impl_fuzz_test.cc +++ b/test/common/http/codec_impl_fuzz_test.cc @@ -9,13 +9,13 @@ #include -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/conn_manager_utility.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/conn_manager_utility.h" #include "test/common/http/codec_impl_fuzz.pb.validate.h" #include "test/common/http/http2/codec_impl_test_util.h" @@ -135,6 +135,13 @@ class HttpStream : public LinkedObject { stream_state_ = StreamState::Closed; } } + + void closeLocalAndRemote() { + remote_closed_ = true; + local_closed_ = true; + stream_state_ = StreamState::Closed; + } + } request_, response_; HttpStream(ClientConnection& client, const TestRequestHeaderMapImpl& request_headers, @@ -176,11 +183,11 @@ class HttpStream : public LinkedObject { request_.closeRemote(); })); ON_CALL(response_.response_decoder_, decodeHeaders_(_, true)) - .WillByDefault(InvokeWithoutArgs([this] { response_.closeRemote(); })); + .WillByDefault(InvokeWithoutArgs([this] { response_.closeLocalAndRemote(); })); ON_CALL(response_.response_decoder_, decodeData(_, true)) - .WillByDefault(InvokeWithoutArgs([this] { response_.closeRemote(); })); + .WillByDefault(InvokeWithoutArgs([this] { response_.closeLocalAndRemote(); })); ON_CALL(response_.response_decoder_, decodeTrailers_(_)) - .WillByDefault(InvokeWithoutArgs([this] { response_.closeRemote(); })); + .WillByDefault(InvokeWithoutArgs([this] { response_.closeLocalAndRemote(); })); if (!end_stream) { request_.request_encoder_->getStream().addCallbacks(request_.stream_callbacks_); } @@ -361,7 +368,13 @@ class HttpStream : public LinkedObject { } } // Perform the stream action. - directionalAction(request_, stream_action.request()); + // The request_.request_encoder_ is initialized from the response_.response_decoder_. + // Fuzz test codec_impl_fuzz_test-5766628005642240 created a situation where the response + // stream was in closed state leading to the state.request_encoder_ in directionalAction() + // kData case no longer being a valid address. + if (response_.stream_state_ != HttpStream::StreamState::Closed) { + directionalAction(request_, stream_action.request()); + } break; } case test::common::http::StreamAction::kResponse: { diff --git a/test/common/http/codec_wrappers_test.cc b/test/common/http/codec_wrappers_test.cc index 02e47262da65..c2599039112f 100644 --- a/test/common/http/codec_wrappers_test.cc +++ b/test/common/http/codec_wrappers_test.cc @@ -1,4 +1,4 @@ -#include "common/http/codec_wrappers.h" +#include "source/common/http/codec_wrappers.h" #include "test/mocks/http/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/http/codes_speed_test.cc b/test/common/http/codes_speed_test.cc index f6730603abc6..fc1d5f4ffac3 100644 --- a/test/common/http/codes_speed_test.cc +++ b/test/common/http/codes_speed_test.cc @@ -8,9 +8,9 @@ #include "envoy/stats/stats.h" -#include "common/http/codes.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/http/codes.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "benchmark/benchmark.h" @@ -35,7 +35,7 @@ template class CodeUtilitySpeedTest { global_store_, cluster_scope_, prefix_, code, internal_request, request_vhost_name, request_vcluster_name, from_az, to_az, canary}; - code_stats_.chargeResponseStat(info); + code_stats_.chargeResponseStat(info, false); } void addResponses() { diff --git a/test/common/http/codes_test.cc b/test/common/http/codes_test.cc index b55876a3e340..98f80b7483da 100644 --- a/test/common/http/codes_test.cc +++ b/test/common/http/codes_test.cc @@ -5,9 +5,9 @@ #include "envoy/stats/stats.h" -#include "common/common/empty_string.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/printers.h" @@ -41,7 +41,7 @@ class CodeUtilityTest : public testing::Test { global_store_, cluster_scope_, prefix, code, internal_request, vhost_name, vcluster_name, from_zone, to_zone, canary}; - code_stats_.chargeResponseStat(info); + code_stats_.chargeResponseStat(info, false); } Stats::TestUtil::TestSymbolTable symbol_table_; diff --git a/test/common/http/common.h b/test/common/http/common.h index 3a28e9b369b8..b23c14535845 100644 --- a/test/common/http/common.h +++ b/test/common/http/common.h @@ -4,7 +4,7 @@ #include "envoy/http/conn_pool.h" -#include "common/http/codec_client.h" +#include "source/common/http/codec_client.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" @@ -17,7 +17,7 @@ namespace Envoy { class CodecClientForTest : public Http::CodecClient { public: using DestroyCb = std::function; - CodecClientForTest(CodecClient::Type type, Network::ClientConnectionPtr&& connection, + CodecClientForTest(Http::CodecType type, Network::ClientConnectionPtr&& connection, Http::ClientConnection* codec, DestroyCb destroy_cb, Upstream::HostDescriptionConstSharedPtr host, Event::Dispatcher& dispatcher) : CodecClient(type, std::move(connection), host, dispatcher), destroy_cb_(destroy_cb) { diff --git a/test/common/http/conn_manager_impl_fuzz_test.cc b/test/common/http/conn_manager_impl_fuzz_test.cc index a62a208315ae..6af101e44ee9 100644 --- a/test/common/http/conn_manager_impl_fuzz_test.cc +++ b/test/common/http/conn_manager_impl_fuzz_test.cc @@ -14,14 +14,14 @@ // * Fuzz config settings #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/common/empty_string.h" -#include "common/http/conn_manager_impl.h" -#include "common/http/context_impl.h" -#include "common/http/date_provider_impl.h" -#include "common/http/exception.h" -#include "common/http/header_utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "test/common/http/conn_manager_impl_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" @@ -198,6 +198,7 @@ class FuzzConfig : public ConnectionManagerConfig { const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return false; } bool shouldMergeSlashes() const override { return false; } + bool shouldStripTrailingHostDot() const override { return false; } Http::StripPortType stripPortType() const override { return Http::StripPortType::None; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headersWithUnderscoresAction() const override { diff --git a/test/common/http/conn_manager_impl_test.cc b/test/common/http/conn_manager_impl_test.cc index 7f34287cf2ec..08f56b0a338f 100644 --- a/test/common/http/conn_manager_impl_test.cc +++ b/test/common/http/conn_manager_impl_test.cc @@ -7,7 +7,6 @@ using testing::An; using testing::AnyNumber; using testing::AtLeast; using testing::Eq; -using testing::HasSubstr; using testing::InSequence; using testing::Invoke; using testing::InvokeWithoutArgs; @@ -291,6 +290,30 @@ TEST_F(HttpConnectionManagerImplTest, 100ContinueResponseWithDecoderPause) { EXPECT_EQ(2U, listener_stats_.downstream_rq_completed_.value()); } +// When create new stream, the stream info will be populated from the connection. +TEST_F(HttpConnectionManagerImplTest, PopulateStreamInfo) { + setup(true, "", false); + + absl::string_view server_name = "fake-server"; + EXPECT_CALL(filter_callbacks_.connection_, id()).WillRepeatedly(Return(1234)); + EXPECT_CALL(filter_callbacks_.connection_, requestedServerName()) + .WillRepeatedly(Return(server_name)); + + // Set up the codec. + Buffer::OwnedImpl fake_input("input"); + conn_manager_->createCodec(fake_input); + + decoder_ = &conn_manager_->newStream(response_encoder_); + + EXPECT_EQ(requestIDExtension().get(), decoder_->streamInfo().getRequestIDProvider()); + EXPECT_EQ(ssl_connection_, decoder_->streamInfo().downstreamSslConnection()); + EXPECT_EQ(1234U, decoder_->streamInfo().connectionID()); + EXPECT_EQ(server_name, decoder_->streamInfo().requestedServerName()); + + // Clean up. + filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); +} + // By default, Envoy will set the server header to the server name, here "custom-value" TEST_F(HttpConnectionManagerImplTest, ServerHeaderOverwritten) { setup(false, "custom-value", false); @@ -1194,6 +1217,47 @@ TEST_F(HttpConnectionManagerImplTest, RouteShouldUseNormalizedHost) { filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); } +// Observe that we strip the trailing dot. +TEST_F(HttpConnectionManagerImplTest, StripTrailingHostDot) { + setup(false, ""); + // Enable removal of host's trailing dot. + strip_trailing_host_dot_ = true; + const std::string original_host = "host."; + const std::string updated_host = "host"; + // Set up the codec. + Buffer::OwnedImpl fake_input("1234"); + conn_manager_->createCodec(fake_input); + // Create a new stream. + decoder_ = &conn_manager_->newStream(response_encoder_); + RequestHeaderMapPtr headers{new TestRequestHeaderMapImpl{ + {":authority", original_host}, {":path", "/"}, {":method", "GET"}}}; + RequestHeaderMap* updated_headers = headers.get(); + decoder_->decodeHeaders(std::move(headers), true); + EXPECT_EQ(updated_host, updated_headers->getHostValue()); + // Clean up. + filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); +} + +TEST_F(HttpConnectionManagerImplTest, HostWithoutTrailingDot) { + setup(false, ""); + // Enable removal of host's trailing dot. + strip_trailing_host_dot_ = true; + const std::string original_host = "host"; + const std::string updated_host = "host"; + // Set up the codec. + Buffer::OwnedImpl fake_input("1234"); + conn_manager_->createCodec(fake_input); + // Create a new stream. + decoder_ = &conn_manager_->newStream(response_encoder_); + RequestHeaderMapPtr headers{new TestRequestHeaderMapImpl{ + {":authority", original_host}, {":path", "/"}, {":method", "GET"}}}; + RequestHeaderMap* updated_headers = headers.get(); + decoder_->decodeHeaders(std::move(headers), true); + EXPECT_EQ(updated_host, updated_headers->getHostValue()); + // Clean up. + filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); +} + TEST_F(HttpConnectionManagerImplTest, DateHeaderNotPresent) { setup(false, ""); setUpEncoderAndDecoder(false, false); diff --git a/test/common/http/conn_manager_impl_test_2.cc b/test/common/http/conn_manager_impl_test_2.cc index f66028601513..82e09cee54e9 100644 --- a/test/common/http/conn_manager_impl_test_2.cc +++ b/test/common/http/conn_manager_impl_test_2.cc @@ -1,5 +1,5 @@ #include "test/common/http/conn_manager_impl_test_base.h" -#include "test/common/http/ip_detection_extensions.h" +#include "test/common/http/custom_header_extension.h" #include "test/test_common/logging.h" #include "test/test_common/test_runtime.h" @@ -2630,196 +2630,6 @@ TEST_F(HttpConnectionManagerImplTest, NewConnection) { EXPECT_EQ(1U, stats_.named_.downstream_cx_http3_active_.value()); } -TEST_F(HttpConnectionManagerImplTest, TestUpstreamRequestHeadersSize) { - // Test with Headers only request, No Data, No response. - setup(false, ""); - EXPECT_CALL(*codec_, dispatch(_)).WillOnce(Invoke([&](Buffer::Instance&) -> Http::Status { - decoder_ = &conn_manager_->newStream(response_encoder_); - RequestHeaderMapPtr headers{ - new TestRequestHeaderMapImpl{{":authority", "host"}, {":path", "/"}, {":method", "GET"}}}; - decoder_->decodeHeaders(std::move(headers), true); - return Http::okStatus(); - })); - - setupFilterChain(1, 0); - - EXPECT_CALL(*decoder_filters_[0], decodeHeaders(_, true)) - .WillOnce(Return(FilterHeadersStatus::StopIteration)); - EXPECT_CALL(*decoder_filters_[0], decodeComplete()); - - std::shared_ptr> host_{ - new NiceMock()}; - filter_callbacks_.upstreamHost(host_); - - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 30)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 0)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 0)); - - Buffer::OwnedImpl fake_input("1234"); - conn_manager_->onData(fake_input, false); - - expectOnDestroy(); - filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); -} - -TEST_F(HttpConnectionManagerImplTest, TestUpstreamRequestBodySize) { - // Test Request with Headers and Data, No response. - setup(false, ""); - EXPECT_CALL(*codec_, dispatch(_)).WillOnce(Invoke([&](Buffer::Instance&) -> Http::Status { - decoder_ = &conn_manager_->newStream(response_encoder_); - RequestHeaderMapPtr headers{ - new TestRequestHeaderMapImpl{{":authority", "host"}, {":path", "/"}, {":method", "GET"}}}; - decoder_->decodeHeaders(std::move(headers), false); - - Buffer::OwnedImpl fake_data("12345"); - decoder_->decodeData(fake_data, true); - return Http::okStatus(); - })); - - setupFilterChain(1, 0); - - EXPECT_CALL(*decoder_filters_[0], decodeHeaders(_, false)) - .WillOnce(Return(FilterHeadersStatus::StopIteration)); - EXPECT_CALL(*decoder_filters_[0], decodeData(_, true)) - .WillOnce(Return(FilterDataStatus::StopIterationNoBuffer)); - - EXPECT_CALL(*decoder_filters_[0], decodeComplete()); - - std::shared_ptr> host_{ - new NiceMock()}; - filter_callbacks_.upstreamHost(host_); - - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 30)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 5)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 0)); - - Buffer::OwnedImpl fake_input("1234"); - conn_manager_->onData(fake_input, false); - - expectOnDestroy(); - filter_callbacks_.connection_.raiseEvent(Network::ConnectionEvent::RemoteClose); -} - -TEST_F(HttpConnectionManagerImplTest, TestUpstreamResponseHeadersSize) { - // Test with Header only response. - setup(false, ""); - - EXPECT_CALL(*codec_, dispatch(_)).WillOnce(Invoke([&](Buffer::Instance&) -> Http::Status { - decoder_ = &conn_manager_->newStream(response_encoder_); - RequestHeaderMapPtr headers{ - new TestRequestHeaderMapImpl{{":authority", "host"}, {":path", "/"}, {":method", "GET"}}}; - decoder_->decodeHeaders(std::move(headers), false); - - Buffer::OwnedImpl fake_data("1234"); - decoder_->decodeData(fake_data, true); - - return Http::okStatus(); - })); - - setupFilterChain(1, 0); - - EXPECT_CALL(*decoder_filters_[0], decodeHeaders(_, false)) - .WillOnce(Return(FilterHeadersStatus::StopIteration)); - EXPECT_CALL(*decoder_filters_[0], decodeData(_, true)) - .WillOnce(Return(FilterDataStatus::StopIterationNoBuffer)); - - EXPECT_CALL(*decoder_filters_[0], decodeComplete()); - - std::shared_ptr> host_{ - new NiceMock()}; - filter_callbacks_.upstreamHost(host_); - - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 30)); - - // Response headers are internally mutated and we record final response headers. - // for example in the below test case, response headers are modified as - // {':status', '200' 'date', 'Mon, 06 Jul 2020 06:08:55 GMT' 'server', ''} - // whose size is 49 instead of original response headers size 10({":status", "200"}). - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_headers_size"), 49)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 4)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 0)); - - Buffer::OwnedImpl fake_input("1234"); - conn_manager_->onData(fake_input, false); - - EXPECT_CALL(response_encoder_, encodeHeaders(_, true)); - expectOnDestroy(); - - decoder_filters_[0]->callbacks_->streamInfo().setResponseCodeDetails(""); - decoder_filters_[0]->callbacks_->encodeHeaders( - ResponseHeaderMapPtr{new TestResponseHeaderMapImpl{{":status", "200"}}}, true, "details"); -} - -TEST_F(HttpConnectionManagerImplTest, TestUpstreamResponseBodySize) { - // Test with response headers and body. - setup(false, ""); - - EXPECT_CALL(*codec_, dispatch(_)).WillOnce(Invoke([&](Buffer::Instance&) -> Http::Status { - decoder_ = &conn_manager_->newStream(response_encoder_); - RequestHeaderMapPtr headers{ - new TestRequestHeaderMapImpl{{":authority", "host"}, {":path", "/"}, {":method", "GET"}}}; - decoder_->decodeHeaders(std::move(headers), false); - - Buffer::OwnedImpl fake_data("1234"); - decoder_->decodeData(fake_data, true); - - return Http::okStatus(); - })); - - setupFilterChain(1, 0); - - EXPECT_CALL(*decoder_filters_[0], decodeHeaders(_, false)) - .WillOnce(Return(FilterHeadersStatus::StopIteration)); - EXPECT_CALL(*decoder_filters_[0], decodeData(_, true)) - .WillOnce(Return(FilterDataStatus::StopIterationNoBuffer)); - - EXPECT_CALL(*decoder_filters_[0], decodeComplete()); - - std::shared_ptr> host_{ - new NiceMock()}; - filter_callbacks_.upstreamHost(host_); - - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 30)); - EXPECT_CALL( - host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_headers_size"), 49)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 4)); - EXPECT_CALL(host_->cluster_.request_response_size_stats_store_, - deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 11)); - - Buffer::OwnedImpl fake_input("1234"); - conn_manager_->onData(fake_input, false); - - EXPECT_CALL(response_encoder_, encodeHeaders(_, false)); - - decoder_filters_[0]->callbacks_->streamInfo().setResponseCodeDetails(""); - decoder_filters_[0]->callbacks_->encodeHeaders( - ResponseHeaderMapPtr{new TestResponseHeaderMapImpl{{":status", "200"}}}, false, "details"); - - EXPECT_CALL(response_encoder_, encodeData(_, true)); - expectOnDestroy(); - - Buffer::OwnedImpl fake_response("hello-world"); - decoder_filters_[0]->callbacks_->encodeData(fake_response, true); -} - TEST_F(HttpConnectionManagerImplTest, HeaderOnlyRequestAndResponseUsingHttp3) { setup(false, "envoy-custom-server", false); diff --git a/test/common/http/conn_manager_impl_test_base.cc b/test/common/http/conn_manager_impl_test_base.cc index cd9fa25b98e6..5cce6546afe8 100644 --- a/test/common/http/conn_manager_impl_test_base.cc +++ b/test/common/http/conn_manager_impl_test_base.cc @@ -1,8 +1,8 @@ #include "test/common/http/conn_manager_impl_test_base.h" -#include "extensions/request_id/uuid/config.h" +#include "source/extensions/request_id/uuid/config.h" -#include "test/common/http/ip_detection_extensions.h" +#include "test/common/http/xff_extension.h" using testing::AtLeast; using testing::InSequence; diff --git a/test/common/http/conn_manager_impl_test_base.h b/test/common/http/conn_manager_impl_test_base.h index c8e174853fb4..98a4b95b6e6f 100644 --- a/test/common/http/conn_manager_impl_test_base.h +++ b/test/common/http/conn_manager_impl_test_base.h @@ -1,11 +1,10 @@ #pragma once -#include "common/http/conn_manager_impl.h" -#include "common/http/context_impl.h" -#include "common/http/date_provider_impl.h" -#include "common/network/address_impl.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/common/http/conn_manager_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/event/mocks.h" @@ -136,6 +135,7 @@ class HttpConnectionManagerImplTest : public testing::Test, public ConnectionMan const Http::Http1Settings& http1Settings() const override { return http1_settings_; } bool shouldNormalizePath() const override { return normalize_path_; } bool shouldMergeSlashes() const override { return merge_slashes_; } + bool shouldStripTrailingHostDot() const override { return strip_trailing_host_dot_; } Http::StripPortType stripPortType() const override { return strip_port_type_; } const RequestIDExtensionSharedPtr& requestIDExtension() override { return request_id_extension_; } envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction @@ -197,7 +197,7 @@ class HttpConnectionManagerImplTest : public testing::Test, public ConnectionMan std::make_shared>()}; TracingConnectionManagerConfigPtr tracing_config_; SlowDateProviderImpl date_provider_{test_time_.timeSystem()}; - MockStream stream_; + NiceMock stream_; Http::StreamCallbacks* stream_callbacks_{nullptr}; NiceMock cluster_manager_; NiceMock overload_manager_; @@ -230,6 +230,7 @@ class HttpConnectionManagerImplTest : public testing::Test, public ConnectionMan PathWithEscapedSlashesAction path_with_escaped_slashes_action_{ envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: KEEP_UNCHANGED}; + bool strip_trailing_host_dot_ = false; }; } // namespace Http diff --git a/test/common/http/conn_manager_utility_test.cc b/test/common/http/conn_manager_utility_test.cc index 7dc2a957ebad..7948e3d19def 100644 --- a/test/common/http/conn_manager_utility_test.cc +++ b/test/common/http/conn_manager_utility_test.cc @@ -4,17 +4,17 @@ #include "envoy/http/request_id_extension.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/random_generator.h" -#include "common/http/conn_manager_utility.h" -#include "common/http/header_utility.h" -#include "common/http/headers.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/runtime/runtime_impl.h" - -#include "extensions/request_id/uuid/config.h" - -#include "test/common/http/ip_detection_extensions.h" +#include "source/common/common/random_generator.h" +#include "source/common/http/conn_manager_utility.h" +#include "source/common/http/header_utility.h" +#include "source/common/http/headers.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/extensions/request_id/uuid/config.h" + +#include "test/common/http/custom_header_extension.h" +#include "test/common/http/xff_extension.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/network/mocks.h" @@ -1502,6 +1502,51 @@ TEST_F(ConnectionManagerUtilityTest, RemovePort) { EXPECT_EQ(header_map_none.getHostValue(), "host:9999"); } +// maybeNormalizeHost() removes trailing dot of host from host header. +TEST_F(ConnectionManagerUtilityTest, RemoveTrailingDot) { + ON_CALL(config_, shouldStripTrailingHostDot()).WillByDefault(Return(true)); + TestRequestHeaderMapImpl original_headers; + original_headers.setHost("host."); + + TestRequestHeaderMapImpl header_map(original_headers); + ConnectionManagerUtility::maybeNormalizeHost(header_map, config_, 0); + EXPECT_EQ(header_map.getHostValue(), "host"); + + ON_CALL(config_, stripPortType()).WillByDefault(Return(Http::StripPortType::None)); + ON_CALL(config_, shouldStripTrailingHostDot()).WillByDefault(Return(true)); + TestRequestHeaderMapImpl original_headers_with_port; + original_headers_with_port.setHost("host.:443"); + + TestRequestHeaderMapImpl header_map_with_port(original_headers_with_port); + ConnectionManagerUtility::maybeNormalizeHost(header_map_with_port, config_, 443); + EXPECT_EQ(header_map_with_port.getHostValue(), "host:443"); + + ON_CALL(config_, stripPortType()).WillByDefault(Return(Http::StripPortType::MatchingHost)); + ON_CALL(config_, shouldStripTrailingHostDot()).WillByDefault(Return(true)); + TestRequestHeaderMapImpl original_headers_strip_port; + original_headers_strip_port.setHost("host.:443"); + + TestRequestHeaderMapImpl header_map_strip_port(original_headers_strip_port); + ConnectionManagerUtility::maybeNormalizeHost(header_map_strip_port, config_, 443); + EXPECT_EQ(header_map_strip_port.getHostValue(), "host"); + + ON_CALL(config_, shouldStripTrailingHostDot()).WillByDefault(Return(true)); + TestRequestHeaderMapImpl original_headers_no_dot; + original_headers_no_dot.setHost("host"); + + TestRequestHeaderMapImpl header_map_no_dot(original_headers_no_dot); + ConnectionManagerUtility::maybeNormalizeHost(header_map_no_dot, config_, 0); + EXPECT_EQ(header_map_no_dot.getHostValue(), "host"); + + ON_CALL(config_, shouldStripTrailingHostDot()).WillByDefault(Return(false)); + TestRequestHeaderMapImpl original_headers_none; + original_headers_none.setHost("host."); + + TestRequestHeaderMapImpl header_map_none(original_headers_none); + ConnectionManagerUtility::maybeNormalizeHost(header_map_none, config_, 0); + EXPECT_EQ(header_map_none.getHostValue(), "host."); +} + // maybeNormalizePath() does not touch escaped slashes when configured to KEEP_UNCHANGED. TEST_F(ConnectionManagerUtilityTest, KeepEscapedSlashesWhenConfigured) { ON_CALL(config_, pathWithEscapedSlashesAction()) diff --git a/test/common/http/conn_pool_grid_test.cc b/test/common/http/conn_pool_grid_test.cc index e25551aaaf5d..87bd04276380 100644 --- a/test/common/http/conn_pool_grid_test.cc +++ b/test/common/http/conn_pool_grid_test.cc @@ -1,7 +1,7 @@ #include "envoy/http/alternate_protocols_cache.h" -#include "common/http/alternate_protocols_cache_impl.h" -#include "common/http/conn_pool_grid.h" +#include "source/common/http/alternate_protocols_cache_impl.h" +#include "source/common/http/conn_pool_grid.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" @@ -122,9 +122,8 @@ class ConnectivityGridTestBase : public Event::TestUsingSimulatedTime, public te void addHttp3AlternateProtocol() { AlternateProtocolsCacheImpl::Origin origin("https", "hostname", 9000); const std::vector protocols = { - {"h3-29", "", origin.port_}}; - alternate_protocols_->setAlternatives(origin, protocols, - simTime().monotonicTime() + Seconds(5)); + {"h3-29", "", origin.port_, simTime().monotonicTime() + Seconds(5)}}; + alternate_protocols_->setAlternatives(origin, protocols); } const Network::ConnectionSocket::OptionsSharedPtr socket_options_; @@ -513,8 +512,8 @@ TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3) TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithExpiredHttp3) { AlternateProtocolsCacheImpl::Origin origin("https", "hostname", 9000); const std::vector protocols = { - {"h3-29", "", origin.port_}}; - alternate_protocols_->setAlternatives(origin, protocols, simTime().monotonicTime() + Seconds(5)); + {"h3-29", "", origin.port_, simTime().monotonicTime() + Seconds(5)}}; + alternate_protocols_->setAlternatives(origin, protocols); simTime().setMonotonicTime(simTime().monotonicTime() + Seconds(10)); EXPECT_EQ(grid_.first(), nullptr); @@ -536,8 +535,8 @@ TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithExpiredHt TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3NoMatchingHostname) { AlternateProtocolsCacheImpl::Origin origin("https", "hostname", 9000); const std::vector protocols = { - {"h3-29", "otherhostname", origin.port_}}; - alternate_protocols_->setAlternatives(origin, protocols, simTime().monotonicTime() + Seconds(5)); + {"h3-29", "otherhostname", origin.port_, simTime().monotonicTime() + Seconds(5)}}; + alternate_protocols_->setAlternatives(origin, protocols); EXPECT_EQ(grid_.first(), nullptr); @@ -557,8 +556,8 @@ TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3N TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3NoMatchingPort) { AlternateProtocolsCacheImpl::Origin origin("https", "hostname", 9000); const std::vector protocols = { - {"h3-29", "", origin.port_ + 1}}; - alternate_protocols_->setAlternatives(origin, protocols, simTime().monotonicTime() + Seconds(5)); + {"h3-29", "", origin.port_ + 1, simTime().monotonicTime() + Seconds(5)}}; + alternate_protocols_->setAlternatives(origin, protocols); EXPECT_EQ(grid_.first(), nullptr); @@ -577,8 +576,8 @@ TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3N TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3NoMatchingAlpn) { AlternateProtocolsCacheImpl::Origin origin("https", "hostname", 9000); const std::vector protocols = { - {"http/2", "", origin.port_}}; - alternate_protocols_->setAlternatives(origin, protocols, simTime().monotonicTime() + Seconds(5)); + {"http/2", "", origin.port_, simTime().monotonicTime() + Seconds(5)}}; + alternate_protocols_->setAlternatives(origin, protocols); EXPECT_EQ(grid_.first(), nullptr); @@ -593,12 +592,14 @@ TEST_F(ConnectivityGridWithAlternateProtocolsCacheImplTest, SuccessWithoutHttp3N grid_.callbacks()->onPoolReady(encoder_, host_, info_, absl::nullopt); } -#ifdef ENVOY_ENABLE_QUICHE +#ifdef ENVOY_ENABLE_QUIC } // namespace } // namespace Http } // namespace Envoy -#include "extensions/quic_listeners/quiche/quic_transport_socket_factory.h" + +#include "test/mocks/server/transport_socket_factory_context.h" +#include "source/common/quic/quic_transport_socket_factory.h" namespace Envoy { namespace Http { namespace { @@ -608,7 +609,9 @@ TEST_F(ConnectivityGridTest, RealGrid) { dispatcher_.allow_null_callback_ = true; // Set the cluster up to have a quic transport socket. Envoy::Ssl::ClientContextConfigPtr config(new NiceMock()); - auto factory = std::make_unique(std::move(config)); + NiceMock factory_context; + auto factory = + std::make_unique(std::move(config), factory_context); factory->initialize(); ASSERT_FALSE(factory->usesProxyProtocolOptions()); auto& matcher = @@ -617,10 +620,10 @@ TEST_F(ConnectivityGridTest, RealGrid) { .WillRepeatedly( Return(Upstream::TransportSocketMatcher::MatchData(*factory, matcher.stats_, "test"))); - ConnectivityGrid grid(dispatcher_, random_, - Upstream::makeTestHost(cluster_, "tcp://127.0.0.1:9000", simTime()), - Upstream::ResourcePriority::Default, socket_options_, - transport_socket_options_, state_, simTime(), options_); + ConnectivityGrid grid( + dispatcher_, random_, Upstream::makeTestHost(cluster_, "tcp://127.0.0.1:9000", simTime()), + Upstream::ResourcePriority::Default, socket_options_, transport_socket_options_, state_, + simTime(), alternate_protocols_, std::chrono::milliseconds(300), options_); // Create the HTTP/3 pool. auto optional_it1 = ConnectivityGridForTest::forceCreateNextPool(grid); diff --git a/test/common/http/ip_detection_extensions.cc b/test/common/http/custom_header_extension.cc similarity index 66% rename from test/common/http/ip_detection_extensions.cc rename to test/common/http/custom_header_extension.cc index 95c2abec8488..c49dcbac0f8c 100644 --- a/test/common/http/ip_detection_extensions.cc +++ b/test/common/http/custom_header_extension.cc @@ -1,14 +1,9 @@ -#include "ip_detection_extensions.h" +#include "test/common/http/custom_header_extension.h" -#include "extensions/http/original_ip_detection/custom_header/custom_header.h" -#include "extensions/http/original_ip_detection/xff/xff.h" +#include "source/extensions/http/original_ip_detection/custom_header/custom_header.h" namespace Envoy { -Http::OriginalIPDetectionSharedPtr getXFFExtension(uint32_t hops) { - return std::make_shared(hops); -} - Http::OriginalIPDetectionSharedPtr getCustomHeaderExtension(const std::string& header_name) { return std::make_shared< Extensions::Http::OriginalIPDetection::CustomHeader::CustomHeaderIPDetection>(header_name); diff --git a/test/common/http/ip_detection_extensions.h b/test/common/http/custom_header_extension.h similarity index 86% rename from test/common/http/ip_detection_extensions.h rename to test/common/http/custom_header_extension.h index 32863f20a1a1..638f291eb0f4 100644 --- a/test/common/http/ip_detection_extensions.h +++ b/test/common/http/custom_header_extension.h @@ -5,7 +5,6 @@ // This helper is used to escape namespace pollution issues. namespace Envoy { -Http::OriginalIPDetectionSharedPtr getXFFExtension(uint32_t hops); Http::OriginalIPDetectionSharedPtr getCustomHeaderExtension(const std::string& header_name); Http::OriginalIPDetectionSharedPtr getCustomHeaderExtension(const std::string& header_name, diff --git a/test/common/http/date_provider_impl_test.cc b/test/common/http/date_provider_impl_test.cc index 42312ad6af6e..176483304d16 100644 --- a/test/common/http/date_provider_impl_test.cc +++ b/test/common/http/date_provider_impl_test.cc @@ -1,7 +1,7 @@ #include -#include "common/http/date_provider_impl.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/http/header_map_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/thread_local/mocks.h" diff --git a/test/common/http/filter_manager_test.cc b/test/common/http/filter_manager_test.cc index b90a099367ef..8587b0f50ac8 100644 --- a/test/common/http/filter_manager_test.cc +++ b/test/common/http/filter_manager_test.cc @@ -4,12 +4,12 @@ #include "envoy/matcher/matcher.h" #include "envoy/stream_info/filter_state.h" -#include "common/http/filter_manager.h" -#include "common/http/matching/inputs.h" -#include "common/matcher/exact_map_matcher.h" -#include "common/matcher/matcher.h" -#include "common/stream_info/filter_state_impl.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/http/filter_manager.h" +#include "source/common/http/matching/inputs.h" +#include "source/common/matcher/exact_map_matcher.h" +#include "source/common/matcher/matcher.h" +#include "source/common/stream_info/filter_state_impl.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/http/mocks.h" @@ -28,8 +28,8 @@ class FilterManagerTest : public testing::Test { public: void initialize() { filter_manager_ = std::make_unique( - filter_manager_callbacks_, dispatcher_, connection_, 0, true, 10000, filter_factory_, - local_reply_, protocol_, time_source_, filter_state_, + filter_manager_callbacks_, dispatcher_, connection_, 0, nullptr, true, 10000, + filter_factory_, local_reply_, protocol_, time_source_, filter_state_, StreamInfo::FilterState::LifeSpan::Connection); } diff --git a/test/common/http/header_map_impl_fuzz_test.cc b/test/common/http/header_map_impl_fuzz_test.cc index abbe77e6ca1c..d769eb225879 100644 --- a/test/common/http/header_map_impl_fuzz_test.cc +++ b/test/common/http/header_map_impl_fuzz_test.cc @@ -1,8 +1,8 @@ #include -#include "common/common/assert.h" -#include "common/common/logger.h" -#include "common/http/header_map_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" +#include "source/common/http/header_map_impl.h" #include "test/common/http/header_map_impl_fuzz.pb.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/http/header_map_impl_speed_test.cc b/test/common/http/header_map_impl_speed_test.cc index b5a0d985387f..e131ecd9e5e9 100644 --- a/test/common/http/header_map_impl_speed_test.cc +++ b/test/common/http/header_map_impl_speed_test.cc @@ -1,5 +1,5 @@ -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" #include "benchmark/benchmark.h" diff --git a/test/common/http/header_map_impl_test.cc b/test/common/http/header_map_impl_test.cc index 9a1fef624145..36ca86676e45 100644 --- a/test/common/http/header_map_impl_test.cc +++ b/test/common/http/header_map_impl_test.cc @@ -2,9 +2,9 @@ #include #include -#include "common/http/header_list_view.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" +#include "source/common/http/header_list_view.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" #include "test/test_common/printers.h" #include "test/test_common/test_runtime.h" diff --git a/test/common/http/header_utility_test.cc b/test/common/http/header_utility_test.cc index a529f7011b01..59a52bd5c3ae 100644 --- a/test/common/http/header_utility_test.cc +++ b/test/common/http/header_utility_test.cc @@ -5,8 +5,8 @@ #include "envoy/http/protocol.h" #include "envoy/json/json_object.h" -#include "common/http/header_utility.h" -#include "common/json/json_loader.h" +#include "source/common/http/header_utility.h" +#include "source/common/json/json_loader.h" #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" @@ -114,6 +114,34 @@ TEST_F(HeaderUtilityTest, RemovePortsFromHostConnectLegacy) { } } +// Host's trailing dot from host header get removed. +TEST_F(HeaderUtilityTest, RemoveTrailingDotFromHost) { + const std::vector> host_headers{ + {"localhost", "localhost"}, // w/o dot + {"localhost.", "localhost"}, // name w/ dot + {"", ""}, // empty + {"192.168.1.1", "192.168.1.1"}, // ipv4 + {"abc.com", "abc.com"}, // dns w/o dot + {"abc.com.", "abc.com"}, // dns w/ dot + {"abc.com:443", "abc.com:443"}, // dns port w/o dot + {"abc.com.:443", "abc.com:443"}, // dns port w/ dot + {"[fc00::1]", "[fc00::1]"}, // ipv6 + {":", ":"}, // malformed string #1 + {"]:", "]:"}, // malformed string #2 + {":abc", ":abc"}, // malformed string #3 + {".", ""}, // malformed string #4 + {"..", "."}, // malformed string #5 + {".123", ".123"}, // malformed string #6 + {".:.", ".:"} // malformed string #7 + }; + + for (const auto& host_pair : host_headers) { + auto& host_header = hostHeaderEntry(host_pair.first); + HeaderUtility::stripTrailingHostDot(headers_); + EXPECT_EQ(host_header.value().getStringView(), host_pair.second); + } +} + TEST(GetAllOfHeaderAsStringTest, All) { const LowerCaseString test_header("test"); { @@ -187,21 +215,6 @@ exact_match: value EXPECT_EQ("value", header_data.value_); } -TEST(HeaderDataConstructorTest, DEPRECATED_FEATURE_TEST(RegexMatchSpecifier)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml = R"EOF( -name: test-header -regex_match: value - )EOF"; - - HeaderUtility::HeaderData header_data = - HeaderUtility::HeaderData(parseHeaderMatcherFromYaml(yaml)); - - EXPECT_EQ("test-header", header_data.name_.get()); - EXPECT_EQ(HeaderUtility::HeaderMatchType::Regex, header_data.header_match_type_); - EXPECT_EQ("", header_data.value_); -} - TEST(HeaderDataConstructorTest, RangeMatchSpecifier) { const std::string yaml = R"EOF( name: test-header @@ -292,13 +305,14 @@ invert_match: true EXPECT_EQ(true, header_data.invert_match_); } -TEST(MatchHeadersTest, DEPRECATED_FEATURE_TEST(MayMatchOneOrMoreRequestHeader)) { - TestDeprecatedV2Api _deprecated_v2_api; +TEST(MatchHeadersTest, MayMatchOneOrMoreRequestHeader) { TestRequestHeaderMapImpl headers{{"some-header", "a"}, {"other-header", "b"}}; const std::string yaml = R"EOF( name: match-header -regex_match: (a|b) +safe_regex_match: + google_re2: {} + regex: (a|b) )EOF"; std::vector header_data; @@ -400,23 +414,6 @@ invert_match: true EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); } -TEST(MatchHeadersTest, DEPRECATED_FEATURE_TEST(HeaderRegexMatch)) { - TestDeprecatedV2Api _deprecated_v2_api; - TestRequestHeaderMapImpl matching_headers{{"match-header", "123"}}; - TestRequestHeaderMapImpl unmatching_headers{{"match-header", "1234"}, - {"match-header", "123.456"}}; - const std::string yaml = R"EOF( -name: match-header -regex_match: \d{3} - )EOF"; - - std::vector header_data; - header_data.push_back( - std::make_unique(parseHeaderMatcherFromYaml(yaml))); - EXPECT_TRUE(HeaderUtility::matchHeaders(matching_headers, header_data)); - EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); -} - TEST(MatchHeadersTest, HeaderSafeRegexMatch) { TestRequestHeaderMapImpl matching_headers{{"match-header", "123"}}; TestRequestHeaderMapImpl unmatching_headers{{"match-header", "1234"}, @@ -435,14 +432,16 @@ name: match-header EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); } -TEST(MatchHeadersTest, DEPRECATED_FEATURE_TEST(HeaderRegexInverseMatch)) { +TEST(MatchHeadersTest, HeaderSafeRegexInverseMatch) { TestDeprecatedV2Api _deprecated_v2_api; TestRequestHeaderMapImpl matching_headers{{"match-header", "1234"}, {"match-header", "123.456"}}; TestRequestHeaderMapImpl unmatching_headers{{"match-header", "123"}}; const std::string yaml = R"EOF( name: match-header -regex_match: \d{3} +safe_regex_match: + google_re2: {} + regex: \d{3} invert_match: true )EOF"; @@ -495,7 +494,9 @@ invert_match: true EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); } -TEST(MatchHeadersTest, HeaderPresentMatch) { +// Test the case present_match is true. Expected true when +// header matched, expected false when no header matched. +TEST(MatchHeadersTest, HeaderPresentMatchWithTrueValue) { TestRequestHeaderMapImpl matching_headers{{"match-header", "123"}}; TestRequestHeaderMapImpl unmatching_headers{{"nonmatch-header", "1234"}, {"other-nonmatch-header", "123.456"}}; @@ -512,7 +513,28 @@ present_match: true EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); } -TEST(MatchHeadersTest, HeaderPresentInverseMatch) { +// Test the case present_match is false. Expected false when +// header matched, expected true when no header matched. +TEST(MatchHeadersTest, HeaderPresentMatchWithFalseValue) { + TestRequestHeaderMapImpl matching_headers{{"match-header", "123"}}; + TestRequestHeaderMapImpl unmatching_headers{{"nonmatch-header", "1234"}, + {"other-nonmatch-header", "123.456"}}; + + const std::string yaml = R"EOF( +name: match-header +present_match: false + )EOF"; + + std::vector header_data; + header_data.push_back( + std::make_unique(parseHeaderMatcherFromYaml(yaml))); + EXPECT_FALSE(HeaderUtility::matchHeaders(matching_headers, header_data)); + EXPECT_TRUE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); +} + +// Test the case present_match is true and invert_match is true. Expected true when +// no header matched, expected false when header matched. +TEST(MatchHeadersTest, HeaderPresentInverseMatchWithTrueValue) { TestRequestHeaderMapImpl unmatching_headers{{"match-header", "123"}}; TestRequestHeaderMapImpl matching_headers{{"nonmatch-header", "1234"}, {"other-nonmatch-header", "123.456"}}; @@ -530,6 +552,26 @@ invert_match: true EXPECT_FALSE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); } +// Test the case present_match is true and invert_match is true. Expected false when +// no header matched, expected true when header matched. +TEST(MatchHeadersTest, HeaderPresentInverseMatchWithFalseValue) { + TestRequestHeaderMapImpl unmatching_headers{{"match-header", "123"}}; + TestRequestHeaderMapImpl matching_headers{{"nonmatch-header", "1234"}, + {"other-nonmatch-header", "123.456"}}; + + const std::string yaml = R"EOF( +name: match-header +present_match: false +invert_match: true + )EOF"; + + std::vector header_data; + header_data.push_back( + std::make_unique(parseHeaderMatcherFromYaml(yaml))); + EXPECT_FALSE(HeaderUtility::matchHeaders(matching_headers, header_data)); + EXPECT_TRUE(HeaderUtility::matchHeaders(unmatching_headers, header_data)); +} + TEST(MatchHeadersTest, HeaderPrefixMatch) { TestRequestHeaderMapImpl matching_headers{{"match-header", "value123"}}; TestRequestHeaderMapImpl unmatching_headers{{"match-header", "123value"}}; diff --git a/test/common/http/http1/BUILD b/test/common/http/http1/BUILD index bb66b74b8ffd..200909ceeb1e 100644 --- a/test/common/http/http1/BUILD +++ b/test/common/http/http1/BUILD @@ -20,8 +20,8 @@ envoy_cc_test( name = "codec_impl_test", srcs = ["codec_impl_test.cc"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:dispatcher_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", "//source/common/event:dispatcher_lib", "//source/common/http:exception_lib", diff --git a/test/common/http/http1/codec_impl_test.cc b/test/common/http/http1/codec_impl_test.cc index 5131df348125..59f8e1dc0dd1 100644 --- a/test/common/http/http1/codec_impl_test.cc +++ b/test/common/http/http1/codec_impl_test.cc @@ -7,12 +7,12 @@ #include "envoy/event/dispatcher.h" #include "envoy/http/codec.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/utility.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/http1/codec_impl.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/runtime/runtime_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/buffer/mocks.h" @@ -1423,6 +1423,121 @@ TEST_F(Http1ServerConnectionImplTest, HeaderOnlyResponseTrainProperHeaders) { output); } +TEST_F(Http1ServerConnectionImplTest, 304ResponseTransferEncodingNotAddedWhenContentLengthPresent) { + initialize(); + + NiceMock decoder; + Http::ResponseEncoder* response_encoder = nullptr; + EXPECT_CALL(callbacks_, newStream(_, _)) + .WillOnce(Invoke([&](ResponseEncoder& encoder, bool) -> RequestDecoder& { + response_encoder = &encoder; + return decoder; + })); + + Buffer::OwnedImpl buffer("GET / HTTP/1.1\r\nif-none-match: \"1234567890\"\r\n\r\n"); + auto status = codec_->dispatch(buffer); + EXPECT_TRUE(status.ok()); + EXPECT_EQ(0U, buffer.length()); + + std::string output; + ON_CALL(connection_, write(_, _)).WillByDefault(AddBufferToString(&output)); + + TestResponseHeaderMapImpl headers{ + {":status", "304"}, {"etag", "\"1234567890\""}, {"content-length", "123"}}; + response_encoder->encodeHeaders(headers, true); + EXPECT_EQ("HTTP/1.1 304 Not Modified\r\netag: \"1234567890\"\r\ncontent-length: 123\r\n\r\n", + output); +} + +// Upstream response 304 without content-length header +// 304 Response does not need to have Transfer-Encoding added even it's allowed by RFC 7230, +// Section 3.3.1. Both GET and HEAD response are the same and consistent +TEST_F(Http1ServerConnectionImplTest, + 304ResponseTransferEncodingContentLengthNotAddedWhenContentLengthNotPresent) { + initialize(); + + NiceMock decoder; + Http::ResponseEncoder* response_encoder = nullptr; + EXPECT_CALL(callbacks_, newStream(_, _)) + .Times(2) + .WillRepeatedly(Invoke([&](ResponseEncoder& encoder, bool) -> RequestDecoder& { + response_encoder = &encoder; + return decoder; + })); + + Buffer::OwnedImpl buffer("GET / HTTP/1.1\r\nif-none-match: \"1234567890\"\r\n\r\n"); + auto status = codec_->dispatch(buffer); + EXPECT_TRUE(status.ok()); + EXPECT_EQ(0U, buffer.length()); + + std::string output; + ON_CALL(connection_, write(_, _)).WillByDefault(AddBufferToString(&output)); + + TestResponseHeaderMapImpl headers{{":status", "304"}, {"etag", "\"1234567890\""}}; + response_encoder->encodeHeaders(headers, true); + EXPECT_EQ("HTTP/1.1 304 Not Modified\r\netag: \"1234567890\"\r\n\r\n", output); + + buffer.add("HEAD / HTTP/1.1\r\nif-none-match: \"1234567890\"\r\n\r\n"); + status = codec_->dispatch(buffer); + EXPECT_TRUE(status.ok()); + EXPECT_EQ(0U, buffer.length()); + + output.clear(); + ON_CALL(connection_, write(_, _)).WillByDefault(AddBufferToString(&output)); + + response_encoder->encodeHeaders(headers, true); + EXPECT_EQ("HTTP/1.1 304 Not Modified\r\netag: \"1234567890\"\r\n\r\n", output); +} + +// Upstream response 304 without content-length header +// The legacy behavior returns different headers for GET and HEAD requests +// For GET, it adds "content-length: 0" +// For HEAD, it adds "transfer-encoding: chunked" +TEST_F(Http1ServerConnectionImplTest, + 304ResponseTransferEncodingContentLengthNotAddedWhenContentLengthNotPresentLegacy) { + // Testing old behavior with no_chunked_encoding_header_for_304 turned off + // GET and HEAD returns different headers + TestScopedRuntime scoped_runtime; + Runtime::LoaderSingleton::getExisting()->mergeValues( + {{"envoy.reloadable_features.no_chunked_encoding_header_for_304", "false"}}); + initialize(); + + NiceMock decoder; + Http::ResponseEncoder* response_encoder = nullptr; + EXPECT_CALL(callbacks_, newStream(_, _)) + .Times(2) + .WillRepeatedly(Invoke([&](ResponseEncoder& encoder, bool) -> RequestDecoder& { + response_encoder = &encoder; + return decoder; + })); + + Buffer::OwnedImpl buffer("GET / HTTP/1.1\r\nif-none-match: \"1234567890\"\r\n\r\n"); + auto status = codec_->dispatch(buffer); + EXPECT_TRUE(status.ok()); + EXPECT_EQ(0U, buffer.length()); + + std::string output; + ON_CALL(connection_, write(_, _)).WillByDefault(AddBufferToString(&output)); + + TestResponseHeaderMapImpl headers{{":status", "304"}, {"etag", "\"1234567890\""}}; + response_encoder->encodeHeaders(headers, true); + EXPECT_EQ("HTTP/1.1 304 Not Modified\r\netag: \"1234567890\"\r\ncontent-length: 0\r\n\r\n", + output); + + buffer.add("HEAD / HTTP/1.1\r\nif-none-match: \"1234567890\"\r\n\r\n"); + status = codec_->dispatch(buffer); + EXPECT_TRUE(status.ok()); + EXPECT_EQ(0U, buffer.length()); + + output.clear(); + ON_CALL(connection_, write(_, _)).WillByDefault(AddBufferToString(&output)); + + response_encoder->encodeHeaders(headers, true); + EXPECT_EQ( + "HTTP/1.1 304 Not Modified\r\netag: \"1234567890\"\r\ntransfer-encoding: chunked\r\n\r\n", + output); +} + TEST_F(Http1ServerConnectionImplTest, HeaderOnlyResponseWith204) { initialize(); diff --git a/test/common/http/http1/conn_pool_test.cc b/test/common/http/http1/conn_pool_test.cc index fee006d726d3..809ceb21e514 100644 --- a/test/common/http/http1/conn_pool_test.cc +++ b/test/common/http/http1/conn_pool_test.cc @@ -4,14 +4,14 @@ #include "envoy/http/codec.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/http/codec_client.h" -#include "common/http/http1/conn_pool.h" -#include "common/http/utility.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/http1/conn_pool.h" +#include "source/common/http/utility.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" @@ -106,7 +106,7 @@ class ConnPoolImplForTest : public Event::TestUsingSimulatedTime, public FixedHt test_client.client_dispatcher_ = api_->allocateDispatcher("test_thread"); Network::ClientConnectionPtr connection{test_client.connection_}; test_client.codec_client_ = new CodecClientForTest( - CodecClient::Type::HTTP1, std::move(connection), test_client.codec_, + CodecType::HTTP1, std::move(connection), test_client.codec_, [this](CodecClient* codec_client) -> void { for (auto i = test_clients_.begin(); i != test_clients_.end(); i++) { if (i->codec_client_ == codec_client) { diff --git a/test/common/http/http1/header_formatter_test.cc b/test/common/http/http1/header_formatter_test.cc index d5ce38f1bfcf..ba2abdf3e741 100644 --- a/test/common/http/http1/header_formatter_test.cc +++ b/test/common/http/http1/header_formatter_test.cc @@ -1,4 +1,4 @@ -#include "common/http/http1/header_formatter.h" +#include "source/common/http/http1/header_formatter.h" #include "gtest/gtest.h" diff --git a/test/common/http/http2/BUILD b/test/common/http/http2/BUILD index e9648e1aebea..075f7607ea42 100644 --- a/test/common/http/http2/BUILD +++ b/test/common/http/http2/BUILD @@ -81,7 +81,7 @@ envoy_cc_test_library( "nghttp2", ], deps = [ - "//include/envoy/http:metadata_interface_with_external_headers", + "//envoy/http:metadata_interface_with_external_headers", "//source/common/buffer:buffer_lib", "//source/common/common:assert_lib", "//source/common/common:hex_lib", @@ -144,7 +144,7 @@ envoy_cc_test( name = "http2_frame_test", srcs = ["http2_frame_test.cc"], deps = [ - "//include/envoy/http:metadata_interface", + "//envoy/http:metadata_interface", "//source/common/http/http2:metadata_encoder_lib", "//test/common/http/http2:http2_frame", ], diff --git a/test/common/http/http2/codec_impl_test.cc b/test/common/http/http2/codec_impl_test.cc index 5572f3f5dcb0..6db02497e428 100644 --- a/test/common/http/http2/codec_impl_test.cc +++ b/test/common/http/http2/codec_impl_test.cc @@ -5,11 +5,11 @@ #include "envoy/http/codec.h" #include "envoy/stats/scope.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/utility.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/http2/codec_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http2/codec_impl.h" #include "test/common/http/common.h" #include "test/common/http/http2/http2_frame.h" @@ -80,12 +80,18 @@ class Http2CodecImplTestFixture { struct ConnectionWrapper { Http::Status dispatch(const Buffer::Instance& data, ConnectionImpl& connection) { + connection_ = &connection; Http::Status status = Http::okStatus(); buffer_.add(data); + return dispatchBufferedData(); + } + + Http::Status dispatchBufferedData() { + Http::Status status = Http::okStatus(); if (!dispatching_) { while (buffer_.length() > 0) { dispatching_ = true; - status = connection.dispatch(buffer_); + status = connection_->dispatch(buffer_); if (!status.ok()) { // Exit early if we hit an error status. return status; @@ -98,6 +104,7 @@ class Http2CodecImplTestFixture { bool dispatching_{}; Buffer::OwnedImpl buffer_; + ConnectionImpl* connection_{}; }; enum SettingsTupleIndex { @@ -923,8 +930,8 @@ TEST_P(Http2CodecImplTest, ConnectionKeepalive) { client_http2_options_.mutable_connection_keepalive()->mutable_timeout()->set_nanos(timeout_ms * 1000 * 1000); client_http2_options_.mutable_connection_keepalive()->mutable_interval_jitter()->set_value(0); - auto timeout_timer = new Event::MockTimer(&client_connection_.dispatcher_); /* */ - auto send_timer = new Event::MockTimer(&client_connection_.dispatcher_); + auto timeout_timer = new NiceMock(&client_connection_.dispatcher_); + auto send_timer = new NiceMock(&client_connection_.dispatcher_); EXPECT_CALL(*timeout_timer, disableTimer()); EXPECT_CALL(*send_timer, enableTimer(std::chrono::milliseconds(interval_ms), _)); initialize(); @@ -934,11 +941,11 @@ TEST_P(Http2CodecImplTest, ConnectionKeepalive) { EXPECT_CALL(*timeout_timer, enableTimer(std::chrono::milliseconds(timeout_ms), _)); EXPECT_CALL(*timeout_timer, disableTimer()); // This indicates that an ACK was received. EXPECT_CALL(*send_timer, enableTimer(std::chrono::milliseconds(interval_ms), _)); - send_timer->callback_(); + send_timer->invokeCallback(); // Test that a timeout closes the connection. EXPECT_CALL(client_connection_, close(Network::ConnectionCloseType::NoFlush)); - timeout_timer->callback_(); + timeout_timer->invokeCallback(); } // Validate that jitter is added as expected based on configuration. @@ -947,7 +954,7 @@ TEST_P(Http2CodecImplTest, ConnectionKeepaliveJitter) { client_http2_options_.mutable_connection_keepalive()->mutable_timeout()->set_seconds(1); client_http2_options_.mutable_connection_keepalive()->mutable_interval_jitter()->set_value(10); /*auto timeout_timer = */ new NiceMock(&client_connection_.dispatcher_); - auto send_timer = new Event::MockTimer(&client_connection_.dispatcher_); + auto send_timer = new NiceMock(&client_connection_.dispatcher_); constexpr std::chrono::milliseconds min_expected(1000); constexpr std::chrono::milliseconds max_expected(1099); // 1000ms + 10% @@ -955,22 +962,60 @@ TEST_P(Http2CodecImplTest, ConnectionKeepaliveJitter) { std::chrono::milliseconds max_observed(0); EXPECT_CALL(*send_timer, enableTimer(_, _)) .WillRepeatedly(Invoke([&](const std::chrono::milliseconds& ms, const ScopeTrackedObject*) { + send_timer->enabled_ = true; EXPECT_GE(ms, std::chrono::milliseconds(1000)); EXPECT_LE(ms, std::chrono::milliseconds(1100)); max_observed = std::max(max_observed, ms); min_observed = std::min(min_observed, ms); })); initialize(); + ASSERT_TRUE(send_timer->enabled()); + // Don't allow synchronous dispatch, it results in receiving the ping under + // the stack of sending it. for (uint64_t i = 0; i < 250; i++) { + client_wrapper_.dispatching_ = true; + EXPECT_CALL(random_, random()).WillOnce(Return(i)); - send_timer->callback_(); + ASSERT_TRUE(send_timer->enabled()); + send_timer->invokeCallback(); + + client_wrapper_.dispatching_ = false; + client_wrapper_.dispatchBufferedData().IgnoreError(); + client_wrapper_.dispatching_ = true; } EXPECT_EQ(min_observed.count(), min_expected.count()); EXPECT_EQ(max_observed.count(), max_expected.count()); } +TEST_P(Http2CodecImplTest, IdlePing) { + client_http2_options_.mutable_connection_keepalive() + ->mutable_connection_idle_interval() + ->set_seconds(1); + client_http2_options_.mutable_connection_keepalive()->mutable_timeout()->set_seconds(1); + client_http2_options_.mutable_connection_keepalive()->mutable_interval_jitter()->set_value(10); + auto timeout_timer = new NiceMock(&client_connection_.dispatcher_); + + initialize(); + + // Given the initial stream is close to connection establishment, no ping is + // sent. + EXPECT_CALL(*timeout_timer, enableTimer(_, _)).Times(0); + TestRequestHeaderMapImpl request_headers; + HttpTestUtility::addDefaultHeaders(request_headers); + EXPECT_CALL(request_decoder_, decodeHeaders_(_, true)); + EXPECT_TRUE(request_encoder_->encodeHeaders(request_headers, true).ok()); + + // Advance time past 1s. This time the ping should be sent, and the timeout + // alarm enabled. + RequestEncoder* request_encoder2 = &client_->newStream(response_decoder_); + client_connection_.dispatcher_.time_system_.advanceTimeAsyncImpl(std::chrono::seconds(2)); + EXPECT_CALL(*timeout_timer, enableTimer(_, _)).Times(0); + EXPECT_CALL(request_decoder_, decodeHeaders_(_, true)); + EXPECT_TRUE(request_encoder2->encodeHeaders(request_headers, true).ok()); +} + TEST_P(Http2CodecImplTest, DumpsStreamlessConnectionWithoutAllocatingMemory) { initialize(); std::array buffer; @@ -1213,7 +1258,7 @@ TEST_P(Http2CodecImplDeferredResetTest, DeferredResetServer) { response_encoder_->encodeHeaders(response_headers, false); Buffer::OwnedImpl body(std::string(1024 * 1024, 'a')); EXPECT_CALL(server_stream_callbacks_, onAboveWriteBufferHighWatermark()).Times(AnyNumber()); - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); response_encoder_->encodeData(body, true); EXPECT_CALL(server_stream_callbacks_, onResetStream(StreamResetReason::LocalReset, _)); @@ -1278,7 +1323,7 @@ TEST_P(Http2CodecImplFlowControlTest, TestFlowControlInPendingSendData) { // Now that the flow control window is full, further data causes the send buffer to back up. Buffer::OwnedImpl more_long_data(std::string(initial_stream_window, 'a')); request_encoder_->encodeData(more_long_data, false); - EXPECT_EQ(initial_stream_window, client_->getStream(1)->pending_send_data_.length()); + EXPECT_EQ(initial_stream_window, client_->getStream(1)->pending_send_data_->length()); EXPECT_EQ(initial_stream_window, TestUtility::findGauge(client_stats_store_, "http2.pending_send_bytes")->value()); EXPECT_EQ(initial_stream_window, server_->getStream(1)->unconsumed_bytes_); @@ -1287,7 +1332,7 @@ TEST_P(Http2CodecImplFlowControlTest, TestFlowControlInPendingSendData) { EXPECT_CALL(callbacks, onAboveWriteBufferHighWatermark()); Buffer::OwnedImpl last_byte("!"); request_encoder_->encodeData(last_byte, false); - EXPECT_EQ(initial_stream_window + 1, client_->getStream(1)->pending_send_data_.length()); + EXPECT_EQ(initial_stream_window + 1, client_->getStream(1)->pending_send_data_->length()); EXPECT_EQ(initial_stream_window + 1, TestUtility::findGauge(client_stats_store_, "http2.pending_send_bytes")->value()); @@ -1332,7 +1377,7 @@ TEST_P(Http2CodecImplFlowControlTest, TestFlowControlInPendingSendData) { EXPECT_CALL(callbacks2, onBelowWriteBufferLowWatermark()).Times(0); EXPECT_CALL(callbacks3, onBelowWriteBufferLowWatermark()); server_->getStream(1)->readDisable(false); - EXPECT_EQ(0, client_->getStream(1)->pending_send_data_.length()); + EXPECT_EQ(0, client_->getStream(1)->pending_send_data_->length()); EXPECT_EQ(0, TestUtility::findGauge(client_stats_store_, "http2.pending_send_bytes")->value()); // The extra 1 byte sent won't trigger another window update, so the final window should be the // initial window minus the last 1 byte flush from the client to server. @@ -1445,7 +1490,7 @@ TEST_P(Http2CodecImplFlowControlTest, TrailingHeadersLargeServerBody) { response_encoder_->encodeHeaders(response_headers, false); EXPECT_CALL(server_stream_callbacks_, onAboveWriteBufferHighWatermark()); EXPECT_CALL(response_decoder_, decodeData(_, false)).Times(AtLeast(1)); - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); Buffer::OwnedImpl body(std::string(1024 * 1024, 'a')); response_encoder_->encodeData(body, false); @@ -1482,7 +1527,7 @@ TEST_P(Http2CodecImplFlowControlTest, TrailingHeadersLargeServerBodyFlushTimeout response_encoder_->encodeHeaders(response_headers, false); EXPECT_CALL(server_stream_callbacks_, onAboveWriteBufferHighWatermark()); EXPECT_CALL(response_decoder_, decodeData(_, false)).Times(AtLeast(1)); - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); Buffer::OwnedImpl body(std::string(1024 * 1024, 'a')); response_encoder_->encodeData(body, false); @@ -1516,7 +1561,7 @@ TEST_P(Http2CodecImplFlowControlTest, LargeServerBodyFlushTimeout) { EXPECT_CALL(response_decoder_, decodeHeaders_(_, false)); response_encoder_->encodeHeaders(response_headers, false); EXPECT_CALL(response_decoder_, decodeData(_, false)).Times(AtLeast(1)); - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); Buffer::OwnedImpl body(std::string(1024 * 1024, 'a')); response_encoder_->encodeData(body, true); @@ -1549,7 +1594,7 @@ TEST_P(Http2CodecImplFlowControlTest, LargeServerBodyFlushTimeoutAfterGoaway) { EXPECT_CALL(response_decoder_, decodeHeaders_(_, false)); response_encoder_->encodeHeaders(response_headers, false); EXPECT_CALL(response_decoder_, decodeData(_, false)).Times(AtLeast(1)); - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); Buffer::OwnedImpl body(std::string(1024 * 1024, 'a')); response_encoder_->encodeData(body, true); @@ -1663,7 +1708,7 @@ TEST_P(Http2CodecImplFlowControlTest, RstStreamOnPendingFlushTimeoutFlood) { // client stream windows should have 5535 bytes left and the next frame should overflow it. // nghttp2 sends 1 DATA frame for the remainder of the client window and it should make // outbound frame queue 1 away from overflow. - auto flush_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto flush_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*flush_timer, enableTimer(std::chrono::milliseconds(30000), _)); Buffer::OwnedImpl large_body(std::string(6 * 1024, '1')); response_encoder_->encodeData(large_body, true); @@ -1759,6 +1804,98 @@ TEST_P(Http2CodecImplStreamLimitTest, MaxClientStreams) { } } +TEST_P(Http2CodecImplStreamLimitTest, LazyDecreaseMaxConcurrentStreamsConsumeError) { + TestScopedRuntime scoped_runtime; + Runtime::LoaderSingleton::getExisting()->mergeValues( + {{"envoy.reloadable_features.http2_consume_stream_refused_errors", "true"}}); + + http2OptionsFromTuple(client_http2_options_, ::testing::get<0>(GetParam())); + http2OptionsFromTuple(server_http2_options_, ::testing::get<1>(GetParam())); + client_ = std::make_unique( + client_connection_, client_callbacks_, client_stats_store_, client_http2_options_, random_, + max_request_headers_kb_, max_response_headers_count_, ProdNghttp2SessionFactory::get()); + server_ = std::make_unique( + server_connection_, server_callbacks_, server_stats_store_, server_http2_options_, random_, + max_request_headers_kb_, max_request_headers_count_, headers_with_underscores_action_); + + request_encoder_ = &client_->newStream(response_decoder_); + setupDefaultConnectionMocks(); + EXPECT_CALL(server_callbacks_, newStream(_, _)) + .WillOnce(Invoke([&](ResponseEncoder& encoder, bool) -> RequestDecoder& { + response_encoder_ = &encoder; + encoder.getStream().addCallbacks(server_stream_callbacks_); + return request_decoder_; + })); + + TestRequestHeaderMapImpl request_headers; + HttpTestUtility::addDefaultHeaders(request_headers); + EXPECT_CALL(request_decoder_, decodeHeaders_(_, true)); + EXPECT_TRUE(request_encoder_->encodeHeaders(request_headers, true).ok()); + + // This causes the next stream creation to fail with a "invalid frame: Stream was refused" error. + absl::InlinedVector settings{ + {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 1}}; + EXPECT_EQ(0, nghttp2_submit_settings(server_->session(), NGHTTP2_FLAG_NONE, settings.data(), + settings.size())); + + request_encoder_ = &client_->newStream(response_decoder_); + setupDefaultConnectionMocks(); + EXPECT_TRUE(request_encoder_->encodeHeaders(request_headers, true).ok()); + + EXPECT_EQ(1, server_stats_store_.counter("http2.stream_refused_errors").value()); + EXPECT_EQ(1, server_stats_store_.counter("http2.tx_reset").value()); + EXPECT_EQ(1, TestUtility::findGauge(client_stats_store_, "http2.streams_active")->value()); + EXPECT_EQ(1, TestUtility::findGauge(server_stats_store_, "http2.streams_active")->value()); +} + +TEST_P(Http2CodecImplStreamLimitTest, LazyDecreaseMaxConcurrentStreamsIgnoreError) { + TestScopedRuntime scoped_runtime; + Runtime::LoaderSingleton::getExisting()->mergeValues( + {{"envoy.reloadable_features.http2_consume_stream_refused_errors", "false"}}); + + http2OptionsFromTuple(client_http2_options_, ::testing::get<0>(GetParam())); + http2OptionsFromTuple(server_http2_options_, ::testing::get<1>(GetParam())); + client_ = std::make_unique( + client_connection_, client_callbacks_, client_stats_store_, client_http2_options_, random_, + max_request_headers_kb_, max_response_headers_count_, ProdNghttp2SessionFactory::get()); + server_ = std::make_unique( + server_connection_, server_callbacks_, server_stats_store_, server_http2_options_, random_, + max_request_headers_kb_, max_request_headers_count_, headers_with_underscores_action_); + + request_encoder_ = &client_->newStream(response_decoder_); + setupDefaultConnectionMocks(); + EXPECT_CALL(server_callbacks_, newStream(_, _)) + .WillOnce(Invoke([&](ResponseEncoder& encoder, bool) -> RequestDecoder& { + response_encoder_ = &encoder; + encoder.getStream().addCallbacks(server_stream_callbacks_); + return request_decoder_; + })); + + TestRequestHeaderMapImpl request_headers; + HttpTestUtility::addDefaultHeaders(request_headers); + EXPECT_CALL(request_decoder_, decodeHeaders_(_, true)); + EXPECT_TRUE(request_encoder_->encodeHeaders(request_headers, true).ok()); + + // This causes the next stream creation to fail with a "invalid frame: Stream was refused" error. + absl::InlinedVector settings{ + {NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS, 1}}; + EXPECT_EQ(0, nghttp2_submit_settings(server_->session(), NGHTTP2_FLAG_NONE, settings.data(), + settings.size())); + + request_encoder_ = &client_->newStream(response_decoder_); + setupDefaultConnectionMocks(); + EXPECT_THROW_WITH_MESSAGE(request_encoder_->encodeHeaders(request_headers, true).IgnoreError(), + ServerCodecError, "The user callback function failed"); + + EXPECT_EQ(0, server_stats_store_.counter("http2.stream_refused_errors").value()); + EXPECT_EQ(0, server_stats_store_.counter("http2.tx_reset").value()); + + // Not verifying the http2.streams_active server/client gauges here as the + // EXPECT_THROW_WITH_MESSAGE above doesn't let us fully capture the behavior of the real system. + // In the real world, the status returned from dispatch would trigger a connection close which + // would result in the active stream gauges to go down to 0. +} + #define HTTP2SETTINGS_SMALL_WINDOW_COMBINE \ ::testing::Combine( \ ::testing::Values(CommonUtility::OptionsLimits::DEFAULT_HPACK_TABLE_SIZE), \ @@ -2719,8 +2856,8 @@ TEST_P(Http2CodecImplTest, KeepAliveCausesOutboundFlood) { server_http2_options_.mutable_connection_keepalive()->mutable_timeout()->set_nanos(timeout_ms * 1000 * 1000); server_http2_options_.mutable_connection_keepalive()->mutable_interval_jitter()->set_value(0); - auto timeout_timer = new Event::MockTimer(&server_connection_.dispatcher_); /* */ - auto send_timer = new Event::MockTimer(&server_connection_.dispatcher_); + auto timeout_timer = new NiceMock(&server_connection_.dispatcher_); + auto send_timer = new NiceMock(&server_connection_.dispatcher_); EXPECT_CALL(*timeout_timer, disableTimer()); EXPECT_CALL(*send_timer, enableTimer(std::chrono::milliseconds(interval_ms), _)); @@ -2754,7 +2891,7 @@ TEST_P(Http2CodecImplTest, KeepAliveCausesOutboundFlood) { // Trigger sending a PING, which should overflow the outbound frame queue and cause // client to be disconnected - send_timer->callback_(); + send_timer->invokeCallback(); EXPECT_TRUE(violation_callback->enabled_); EXPECT_CALL(server_connection_, close(Envoy::Network::ConnectionCloseType::NoFlush)); diff --git a/test/common/http/http2/codec_impl_test_util.h b/test/common/http/http2/codec_impl_test_util.h index 3273ad221f6a..2188b011aa8a 100644 --- a/test/common/http/http2/codec_impl_test_util.h +++ b/test/common/http/http2/codec_impl_test_util.h @@ -2,8 +2,8 @@ #include "envoy/http/codec.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/utility.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/utility.h" #include "test/mocks/common.h" @@ -77,6 +77,7 @@ class TestServerConnectionImpl : public TestCodecStatsProvider, nghttp2_session* session() { return session_; } using ServerConnectionImpl::getStream; + using ServerConnectionImpl::sendPendingFrames; protected: // Overrides ServerConnectionImpl::onSettings(). diff --git a/test/common/http/http2/conn_pool_test.cc b/test/common/http/http2/conn_pool_test.cc index d8b34b43b63d..e83eaabf9486 100644 --- a/test/common/http/http2/conn_pool_test.cc +++ b/test/common/http/http2/conn_pool_test.cc @@ -2,11 +2,11 @@ #include #include -#include "common/event/dispatcher_impl.h" -#include "common/http/http2/conn_pool.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/http/http2/conn_pool.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" @@ -131,7 +131,7 @@ class Http2ConnPoolImplTest : public Event::TestUsingSimulatedTime, public testi auto cluster = std::make_shared>(); Network::ClientConnectionPtr connection{test_client.connection_}; test_client.codec_client_ = new CodecClientForTest( - CodecClient::Type::HTTP1, std::move(connection), test_client.codec_, + CodecType::HTTP1, std::move(connection), test_client.codec_, [this](CodecClient*) -> void { onClientDestroy(); }, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", simTime()), *test_client.client_dispatcher_); diff --git a/test/common/http/http2/frame_replay.cc b/test/common/http/http2/frame_replay.cc index b0aa61e14ff0..8a604884330f 100644 --- a/test/common/http/http2/frame_replay.cc +++ b/test/common/http/http2/frame_replay.cc @@ -1,8 +1,8 @@ #include "test/common/http/http2/frame_replay.h" -#include "common/common/hex.h" -#include "common/common/macros.h" -#include "common/http/utility.h" +#include "source/common/common/hex.h" +#include "source/common/common/macros.h" +#include "source/common/http/utility.h" #include "test/common/http/common.h" #include "test/test_common/environment.h" diff --git a/test/common/http/http2/frame_replay.h b/test/common/http/http2/frame_replay.h index e07f18fa7436..17b2958f7f86 100644 --- a/test/common/http/http2/frame_replay.h +++ b/test/common/http/http2/frame_replay.h @@ -4,7 +4,7 @@ #include #include -#include "common/stats/isolated_store_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/mocks/http/mocks.h" diff --git a/test/common/http/http2/frame_replay_test.cc b/test/common/http/http2/frame_replay_test.cc index 91a2ba4894e1..b9914633939e 100644 --- a/test/common/http/http2/frame_replay_test.cc +++ b/test/common/http/http2/frame_replay_test.cc @@ -1,4 +1,4 @@ -#include "common/http/exception.h" +#include "source/common/http/exception.h" #include "test/common/http/common.h" #include "test/common/http/http2/codec_impl_test_util.h" diff --git a/test/common/http/http2/http2_frame.cc b/test/common/http/http2/http2_frame.cc index 266f7680dc45..4a1c4b17b767 100644 --- a/test/common/http/http2/http2_frame.cc +++ b/test/common/http/http2/http2_frame.cc @@ -4,7 +4,7 @@ #include "envoy/common/platform.h" -#include "common/common/hex.h" +#include "source/common/common/hex.h" #include "nghttp2/nghttp2.h" diff --git a/test/common/http/http2/http2_frame.h b/test/common/http/http2/http2_frame.h index 370316fc787c..54f8fe5491bb 100644 --- a/test/common/http/http2/http2_frame.h +++ b/test/common/http/http2/http2_frame.h @@ -6,7 +6,7 @@ #include "envoy/http/metadata_interface.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/strings/string_view.h" diff --git a/test/common/http/http2/http2_frame_test.cc b/test/common/http/http2/http2_frame_test.cc index 7de8769d8cd3..b559e5b640dd 100644 --- a/test/common/http/http2/http2_frame_test.cc +++ b/test/common/http/http2/http2_frame_test.cc @@ -2,7 +2,7 @@ #include "envoy/http/metadata_interface.h" -#include "common/http/http2/metadata_encoder.h" +#include "source/common/http/http2/metadata_encoder.h" #include "test/common/http/http2/http2_frame.h" diff --git a/test/common/http/http2/metadata_encoder_decoder_test.cc b/test/common/http/http2/metadata_encoder_decoder_test.cc index ffcea4f85212..d954778be171 100644 --- a/test/common/http/http2/metadata_encoder_decoder_test.cc +++ b/test/common/http/http2/metadata_encoder_decoder_test.cc @@ -1,10 +1,10 @@ #include "envoy/http/metadata_interface.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/logger.h" -#include "common/common/random_generator.h" -#include "common/http/http2/metadata_decoder.h" -#include "common/http/http2/metadata_encoder.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/random_generator.h" +#include "source/common/http/http2/metadata_decoder.h" +#include "source/common/http/http2/metadata_encoder.h" #include "test/test_common/logging.h" diff --git a/test/common/http/http2/protocol_constraints_test.cc b/test/common/http/http2/protocol_constraints_test.cc index f3308759b9e9..c31c3a254a1c 100644 --- a/test/common/http/http2/protocol_constraints_test.cc +++ b/test/common/http/http2/protocol_constraints_test.cc @@ -1,5 +1,5 @@ -#include "common/common/utility.h" -#include "common/http/http2/protocol_constraints.h" +#include "source/common/common/utility.h" +#include "source/common/http/http2/protocol_constraints.h" #include "test/common/stats/stat_test_utility.h" diff --git a/test/common/http/http2/request_header_corpus/clusterfuzz-testcase-headers_with_end_stream_followed_by_headers_on_same_stream b/test/common/http/http2/request_header_corpus/clusterfuzz-testcase-headers_with_end_stream_followed_by_headers_on_same_stream new file mode 100644 index 000000000000..f0e077f11b06 Binary files /dev/null and b/test/common/http/http2/request_header_corpus/clusterfuzz-testcase-headers_with_end_stream_followed_by_headers_on_same_stream differ diff --git a/test/common/http/http2/request_header_fuzz_test.cc b/test/common/http/http2/request_header_fuzz_test.cc index 90b8cdd758e3..dc8d2a094adf 100644 --- a/test/common/http/http2/request_header_fuzz_test.cc +++ b/test/common/http/http2/request_header_fuzz_test.cc @@ -2,7 +2,7 @@ // stateless and focuses only on HEADERS. This technique also plays well with // uncompressed HEADERS fuzzing. -#include "common/http/exception.h" +#include "source/common/http/exception.h" #include "test/common/http/http2/codec_impl_test_util.h" #include "test/common/http/http2/frame_replay.h" diff --git a/test/common/http/http2/response_header_fuzz_test.cc b/test/common/http/http2/response_header_fuzz_test.cc index 93e1baff480b..0935ab0017ef 100644 --- a/test/common/http/http2/response_header_fuzz_test.cc +++ b/test/common/http/http2/response_header_fuzz_test.cc @@ -2,7 +2,7 @@ // stateless and focuses only on HEADERS. This technique also plays well with // uncompressed HEADERS fuzzing. -#include "common/http/exception.h" +#include "source/common/http/exception.h" #include "test/common/http/common.h" #include "test/common/http/http2/codec_impl_test_util.h" diff --git a/test/common/http/http3/BUILD b/test/common/http/http3/BUILD new file mode 100644 index 000000000000..b2ab320ff0af --- /dev/null +++ b/test/common/http/http3/BUILD @@ -0,0 +1,33 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_cc_test", + "envoy_package", + "envoy_select_enable_http3", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_cc_test( + name = "conn_pool_test", + srcs = envoy_select_enable_http3(["conn_pool_test.cc"]), + tags = ["nofips"], + deps = envoy_select_enable_http3([ + "//source/common/event:dispatcher_lib", + "//source/common/http/http3:conn_pool_lib", + "//source/common/network:utility_lib", + "//source/common/upstream:upstream_includes", + "//source/common/upstream:upstream_lib", + "//test/common/http:common_lib", + "//test/common/upstream:utility_lib", + "//test/mocks/event:event_mocks", + "//test/mocks/http:http_mocks", + "//test/mocks/network:network_mocks", + "//test/mocks/runtime:runtime_mocks", + "//test/mocks/server:transport_socket_factory_context_mocks", + "//test/mocks/upstream:cluster_info_mocks", + "//test/mocks/upstream:transport_socket_match_mocks", + "//test/test_common:test_runtime_lib", + ]), +) diff --git a/test/common/http/http3/conn_pool_test.cc b/test/common/http/http3/conn_pool_test.cc new file mode 100644 index 000000000000..547aa28be636 --- /dev/null +++ b/test/common/http/http3/conn_pool_test.cc @@ -0,0 +1,89 @@ +#include "source/common/http/http3/conn_pool.h" +#include "source/common/quic/quic_transport_socket_factory.h" + +#include "test/common/upstream/utility.h" +#include "test/mocks/common.h" +#include "test/mocks/event/mocks.h" +#include "test/mocks/server/transport_socket_factory_context.h" +#include "test/mocks/ssl/mocks.h" +#include "test/mocks/upstream/cluster_info.h" +#include "test/mocks/upstream/host.h" +#include "test/test_common/simulated_time_system.h" + +using testing::NiceMock; +using testing::Return; + +namespace Envoy { +namespace Http { +namespace Http3 { + +TEST(Convert, Basic) { + NiceMock cluster_info; + quic::QuicConfig config; + + EXPECT_CALL(cluster_info, connectTimeout).WillOnce(Return(std::chrono::milliseconds(42))); + auto* protocol_options = cluster_info.http3_options_.mutable_quic_protocol_options(); + protocol_options->mutable_max_concurrent_streams()->set_value(43); + protocol_options->mutable_initial_stream_window_size()->set_value(65555); + + Http3ConnPoolImpl::setQuicConfigFromClusterConfig(cluster_info, config); + + EXPECT_EQ(config.max_time_before_crypto_handshake(), quic::QuicTime::Delta::FromMilliseconds(42)); + EXPECT_EQ(config.GetMaxBidirectionalStreamsToSend(), + protocol_options->max_concurrent_streams().value()); + EXPECT_EQ(config.GetMaxUnidirectionalStreamsToSend(), + protocol_options->max_concurrent_streams().value()); + EXPECT_EQ(config.GetInitialMaxStreamDataBytesIncomingBidirectionalToSend(), + protocol_options->initial_stream_window_size().value()); +} + +class Http3ConnPoolImplTest : public Event::TestUsingSimulatedTime, public testing::Test { +public: + void initialize() { + EXPECT_CALL(mockHost(), address()).WillRepeatedly(Return(test_address_)); + EXPECT_CALL(mockHost(), transportSocketFactory()).WillRepeatedly(testing::ReturnRef(factory_)); + new Event::MockSchedulableCallback(&dispatcher_); + Network::ConnectionSocket::OptionsSharedPtr options; + Network::TransportSocketOptionsSharedPtr transport_options; + pool_ = allocateConnPool(dispatcher_, random_, host_, Upstream::ResourcePriority::Default, + options, transport_options, state_, simTime()); + } + + Upstream::MockHost& mockHost() { return static_cast(*host_); } + + NiceMock dispatcher_; + std::shared_ptr cluster_{new NiceMock()}; + Upstream::HostSharedPtr host_{new NiceMock}; + NiceMock random_; + Upstream::ClusterConnectivityState state_; + Network::Address::InstanceConstSharedPtr test_address_ = + Network::Utility::resolveUrl("tcp://127.0.0.1:3000"); + NiceMock context_; + Quic::QuicClientTransportSocketFactory factory_{ + std::unique_ptr(new NiceMock), + context_}; + ConnectionPool::InstancePtr pool_; +}; + +TEST_F(Http3ConnPoolImplTest, CreationWithBufferLimits) { + EXPECT_CALL(mockHost().cluster_, perConnectionBufferLimitBytes); + initialize(); +} + +TEST_F(Http3ConnPoolImplTest, CreationWithConfig) { + // Set a couple of options from setQuicConfigFromClusterConfig to make sure they are applied. + auto* options = mockHost().cluster_.http3_options_.mutable_quic_protocol_options(); + options->mutable_max_concurrent_streams()->set_value(15); + options->mutable_initial_stream_window_size()->set_value(65555); + initialize(); + + Quic::PersistentQuicInfoImpl& info = static_cast(pool_.get())->quicInfo(); + EXPECT_EQ(info.quic_config_.GetMaxUnidirectionalStreamsToSend(), + options->max_concurrent_streams().value()); + EXPECT_EQ(info.quic_config_.GetInitialMaxStreamDataBytesIncomingBidirectionalToSend(), + options->initial_stream_window_size().value()); +} + +} // namespace Http3 +} // namespace Http +} // namespace Envoy diff --git a/test/common/http/http3_status_tracker_test.cc b/test/common/http/http3_status_tracker_test.cc index 0fce5f482172..774612a15fbf 100644 --- a/test/common/http/http3_status_tracker_test.cc +++ b/test/common/http/http3_status_tracker_test.cc @@ -1,4 +1,4 @@ -#include "common/http/http3_status_tracker.h" +#include "source/common/http/http3_status_tracker.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/http/match_wrapper/config_test.cc b/test/common/http/match_wrapper/config_test.cc index 3a79a21b01ae..f89f1a1f458a 100644 --- a/test/common/http/match_wrapper/config_test.cc +++ b/test/common/http/match_wrapper/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/server/factory_context.h" #include "envoy/server/filter_config.h" -#include "common/http/match_wrapper/config.h" +#include "source/common/http/match_wrapper/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/registry.h" @@ -164,7 +164,7 @@ TEST(MatchWrapper, WithMatcherInvalidDataInput) { )EOF"); MatchWrapperConfig match_wrapper_config; - EXPECT_THROW_WITH_MESSAGE( + EXPECT_THROW_WITH_REGEX( match_wrapper_config.createFilterFactoryFromProto(config, "", factory_context), EnvoyException, "requirement violation while creating match tree: INVALID_ARGUMENT: data input typeUrl " diff --git a/test/common/http/matching/inputs_test.cc b/test/common/http/matching/inputs_test.cc index e7697d2e83bc..951b0bdda7df 100644 --- a/test/common/http/matching/inputs_test.cc +++ b/test/common/http/matching/inputs_test.cc @@ -1,7 +1,7 @@ #include "envoy/http/filter.h" -#include "common/http/matching/data_impl.h" -#include "common/http/matching/inputs.h" +#include "source/common/http/matching/data_impl.h" +#include "source/common/http/matching/inputs.h" #include "test/test_common/utility.h" @@ -9,16 +9,29 @@ namespace Envoy { namespace Http { namespace Matching { -// Provides test coverage for retrieving a header value multiple times from the same input class. -TEST(HttpHeadersDataInputBase, Idempotence) { +TEST(HttpHeadersDataInputBase, ReturnValueNotPersistedBetweenCalls) { HttpRequestHeadersDataInput input("header"); - HttpMatchingDataImpl data; - TestRequestHeaderMapImpl request_headers({{"header", "bar"}}); - data.onRequestHeaders(request_headers); - EXPECT_EQ(input.get(data).data_, "bar"); - EXPECT_EQ(input.get(data).data_, "bar"); + { + TestRequestHeaderMapImpl request_headers({{"header", "bar"}}); + data.onRequestHeaders(request_headers); + + EXPECT_EQ(input.get(data).data_, "bar"); + } + + { + TestRequestHeaderMapImpl request_headers({{"header", "baz"}}); + data.onRequestHeaders(request_headers); + EXPECT_EQ(input.get(data).data_, "baz"); + } + + TestRequestHeaderMapImpl request_headers({{"not-header", "baz"}}); + data.onRequestHeaders(request_headers); + auto result = input.get(data); + EXPECT_EQ(result.data_availability_, + Matcher::DataInputGetResult::DataAvailability::AllDataAvailable); + EXPECT_EQ(result.data_, absl::nullopt); } } // namespace Matching } // namespace Http diff --git a/test/common/http/mixed_conn_pool_test.cc b/test/common/http/mixed_conn_pool_test.cc index e5fa9c30887b..3f22bfc5b876 100644 --- a/test/common/http/mixed_conn_pool_test.cc +++ b/test/common/http/mixed_conn_pool_test.cc @@ -1,7 +1,7 @@ #include -#include "common/http/mixed_conn_pool.h" -#include "common/http/utility.h" +#include "source/common/http/mixed_conn_pool.h" +#include "source/common/http/utility.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" diff --git a/test/common/http/path_utility_fuzz_test.cc b/test/common/http/path_utility_fuzz_test.cc index 3ae691e7ecf7..654ad5097369 100644 --- a/test/common/http/path_utility_fuzz_test.cc +++ b/test/common/http/path_utility_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/http/path_utility.h" +#include "source/common/http/path_utility.h" #include "test/common/http/path_utility_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" @@ -33,7 +33,7 @@ DEFINE_PROTO_FUZZER(const test::common::http::PathUtilityTestCase& input) { case test::common::http::PathUtilityTestCase::kRemoveQueryAndFragment: { auto path = input.remove_query_and_fragment().path(); auto sanitized_path = Http::PathUtil::removeQueryAndFragment(path); - ASSERT(path.find(sanitized_path) != std::string::npos); + ASSERT(path.find(std::string(sanitized_path)) != std::string::npos); break; } default: diff --git a/test/common/http/path_utility_test.cc b/test/common/http/path_utility_test.cc index 3934b1469ed5..b1384e957393 100644 --- a/test/common/http/path_utility_test.cc +++ b/test/common/http/path_utility_test.cc @@ -2,7 +2,7 @@ #include #include -#include "common/http/path_utility.h" +#include "source/common/http/path_utility.h" #include "test/test_common/utility.h" diff --git a/test/common/http/status_test.cc b/test/common/http/status_test.cc index 152cc1925fa6..1d70d91684ad 100644 --- a/test/common/http/status_test.cc +++ b/test/common/http/status_test.cc @@ -1,4 +1,4 @@ -#include "common/http/status.h" +#include "source/common/http/status.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/http/user_agent_test.cc b/test/common/http/user_agent_test.cc index 26d01b81a4a1..2a9c40481216 100644 --- a/test/common/http/user_agent_test.cc +++ b/test/common/http/user_agent_test.cc @@ -1,5 +1,5 @@ -#include "common/http/header_map_impl.h" -#include "common/http/user_agent.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/user_agent.h" #include "test/mocks/common.h" #include "test/mocks/stats/mocks.h" diff --git a/test/common/http/utility_fuzz_test.cc b/test/common/http/utility_fuzz_test.cc index 2b665893f50f..ca362680fb9f 100644 --- a/test/common/http/utility_fuzz_test.cc +++ b/test/common/http/utility_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/http/utility.h" +#include "source/common/http/utility.h" #include "test/common/http/utility_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/http/utility_test.cc b/test/common/http/utility_test.cc index c8c9d311af5f..18fe7de3c6ca 100644 --- a/test/common/http/utility_test.cc +++ b/test/common/http/utility_test.cc @@ -6,12 +6,12 @@ #include "envoy/config/core/v3/protocol.pb.h" #include "envoy/config/core/v3/protocol.pb.validate.h" -#include "common/common/fmt.h" -#include "common/http/exception.h" -#include "common/http/header_map_impl.h" -#include "common/http/http1/settings.h" -#include "common/http/utility.h" -#include "common/network/address_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/http/exception.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http1/settings.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/protobuf/mocks.h" @@ -870,11 +870,8 @@ TEST(HttpUtility, ResetReasonToString) { Utility::resetReasonToString(Http::StreamResetReason::RemoteRefusedStreamReset)); EXPECT_EQ("remote error with CONNECT request", Utility::resetReasonToString(Http::StreamResetReason::ConnectError)); -} - -// Verify that it resolveMostSpecificPerFilterConfigGeneric works with nil routes. -TEST(HttpUtility, ResolveMostSpecificPerFilterConfigNilRoute) { - EXPECT_EQ(nullptr, Utility::resolveMostSpecificPerFilterConfigGeneric("envoy.filter", nullptr)); + EXPECT_EQ("overload manager reset", + Utility::resetReasonToString(Http::StreamResetReason::OverloadManager)); } class TestConfig : public Router::RouteSpecificFilterConfig { @@ -883,26 +880,15 @@ class TestConfig : public Router::RouteSpecificFilterConfig { void merge(const TestConfig& other) { state_ += other.state_; } }; -// Verify that resolveMostSpecificPerFilterConfig works and we get back the original type. -TEST(HttpUtility, ResolveMostSpecificPerFilterConfig) { - TestConfig testConfig; - - const std::string filter_name = "envoy.filter"; - NiceMock filter_callbacks; - - // make the file callbacks return our test config - ON_CALL(*filter_callbacks.route_, perFilterConfig(filter_name)) - .WillByDefault(Return(&testConfig)); - - // test the we get the same object back (as this goes through the dynamic_cast) - auto resolved_filter_config = Utility::resolveMostSpecificPerFilterConfig( - filter_name, filter_callbacks.route()); - EXPECT_EQ(&testConfig, resolved_filter_config); +// Verify that it resolveMostSpecificPerFilterConfig works with nil routes. +TEST(HttpUtility, ResolveMostSpecificPerFilterConfigNilRoute) { + EXPECT_EQ(nullptr, + Utility::resolveMostSpecificPerFilterConfig("envoy.filter", nullptr)); } -// Verify that resolveMostSpecificPerFilterConfigGeneric indeed returns the most specific per +// Verify that resolveMostSpecificPerFilterConfig indeed returns the most specific per // filter config. -TEST(HttpUtility, ResolveMostSpecificPerFilterConfigGeneric) { +TEST(HttpUtility, ResolveMostSpecificPerFilterConfig) { const std::string filter_name = "envoy.filter"; NiceMock filter_callbacks; @@ -911,28 +897,34 @@ TEST(HttpUtility, ResolveMostSpecificPerFilterConfigGeneric) { const Router::RouteSpecificFilterConfig three; // Test when there's nothing on the route - EXPECT_EQ(nullptr, Utility::resolveMostSpecificPerFilterConfigGeneric(filter_name, - filter_callbacks.route())); + EXPECT_EQ(nullptr, Utility::resolveMostSpecificPerFilterConfig( + filter_name, filter_callbacks.route())); // Testing in reverse order, so that the method always returns the last object. + // Testing per-virtualhost typed filter config ON_CALL(filter_callbacks.route_->route_entry_.virtual_host_, perFilterConfig(filter_name)) .WillByDefault(Return(&one)); - EXPECT_EQ(&one, Utility::resolveMostSpecificPerFilterConfigGeneric(filter_name, - filter_callbacks.route())); + EXPECT_EQ(&one, Utility::resolveMostSpecificPerFilterConfig( + filter_name, filter_callbacks.route())); + // Testing per-route typed filter config ON_CALL(*filter_callbacks.route_, perFilterConfig(filter_name)).WillByDefault(Return(&two)); - EXPECT_EQ(&two, Utility::resolveMostSpecificPerFilterConfigGeneric(filter_name, - filter_callbacks.route())); + ON_CALL(filter_callbacks.route_->route_entry_, perFilterConfig(filter_name)) + .WillByDefault(Invoke( + [&](const std::string& name) { return filter_callbacks.route_->perFilterConfig(name); })); + EXPECT_EQ(&two, Utility::resolveMostSpecificPerFilterConfig( + filter_name, filter_callbacks.route())); + // Testing per-route entry typed filter config ON_CALL(filter_callbacks.route_->route_entry_, perFilterConfig(filter_name)) .WillByDefault(Return(&three)); - EXPECT_EQ(&three, Utility::resolveMostSpecificPerFilterConfigGeneric(filter_name, - filter_callbacks.route())); + EXPECT_EQ(&three, Utility::resolveMostSpecificPerFilterConfig( + filter_name, filter_callbacks.route())); // Cover the case of no route entry ON_CALL(*filter_callbacks.route_, routeEntry()).WillByDefault(Return(nullptr)); - EXPECT_EQ(&two, Utility::resolveMostSpecificPerFilterConfigGeneric(filter_name, - filter_callbacks.route())); + EXPECT_EQ(nullptr, Utility::resolveMostSpecificPerFilterConfig( + filter_name, filter_callbacks.route())); } // Verify that traversePerFilterConfigGeneric traverses in the order of specificity. @@ -1477,5 +1469,30 @@ TEST(PercentEncoding, Encoding) { EXPECT_EQ(Utility::PercentEncoding::encode("too%!large/", "%!/"), "too%25%21large%2F"); } +TEST(CheckRequiredHeaders, Request) { + EXPECT_EQ(Http::okStatus(), HeaderUtility::checkRequiredRequestHeaders( + TestRequestHeaderMapImpl{{":method", "GET"}, {":path", "/"}})); + EXPECT_EQ(Http::okStatus(), HeaderUtility::checkRequiredRequestHeaders(TestRequestHeaderMapImpl{ + {":method", "CONNECT"}, {":authority", "localhost:1234"}})); + EXPECT_EQ(absl::InvalidArgumentError("missing required header: :method"), + HeaderUtility::checkRequiredRequestHeaders(TestRequestHeaderMapImpl{})); + EXPECT_EQ( + absl::InvalidArgumentError("missing required header: :path"), + HeaderUtility::checkRequiredRequestHeaders(TestRequestHeaderMapImpl{{":method", "GET"}})); + EXPECT_EQ( + absl::InvalidArgumentError("missing required header: :authority"), + HeaderUtility::checkRequiredRequestHeaders(TestRequestHeaderMapImpl{{":method", "CONNECT"}})); +} + +TEST(CheckRequiredHeaders, Response) { + EXPECT_EQ(Http::okStatus(), HeaderUtility::checkRequiredResponseHeaders( + TestResponseHeaderMapImpl{{":status", "200"}})); + EXPECT_EQ(absl::InvalidArgumentError("missing required header: :status"), + HeaderUtility::checkRequiredResponseHeaders(TestResponseHeaderMapImpl{})); + EXPECT_EQ( + absl::InvalidArgumentError("missing required header: :status"), + HeaderUtility::checkRequiredResponseHeaders(TestResponseHeaderMapImpl{{":status", "abcd"}})); +} + } // namespace Http } // namespace Envoy diff --git a/test/common/http/xff_extension.cc b/test/common/http/xff_extension.cc new file mode 100644 index 000000000000..1c07e6804cef --- /dev/null +++ b/test/common/http/xff_extension.cc @@ -0,0 +1,11 @@ +#include "test/common/http/xff_extension.h" + +#include "source/extensions/http/original_ip_detection/xff/xff.h" + +namespace Envoy { + +Http::OriginalIPDetectionSharedPtr getXFFExtension(uint32_t hops) { + return std::make_shared(hops); +} + +} // namespace Envoy diff --git a/test/common/http/xff_extension.h b/test/common/http/xff_extension.h new file mode 100644 index 000000000000..a8b203848452 --- /dev/null +++ b/test/common/http/xff_extension.h @@ -0,0 +1,10 @@ +#pragma once + +#include "envoy/http/original_ip_detection.h" + +// This helper is used to escape namespace pollution issues. +namespace Envoy { + +Http::OriginalIPDetectionSharedPtr getXFFExtension(uint32_t hops); + +} // namespace Envoy diff --git a/test/common/init/manager_impl_test.cc b/test/common/init/manager_impl_test.cc index 28465b1d2a16..d2fc77f5a589 100644 --- a/test/common/init/manager_impl_test.cc +++ b/test/common/init/manager_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/init/manager_impl.h" +#include "source/common/init/manager_impl.h" #include "test/mocks/init/mocks.h" diff --git a/test/common/json/json_fuzz_test.cc b/test/common/json/json_fuzz_test.cc index 40087ae74355..bcc062f3c460 100644 --- a/test/common/json/json_fuzz_test.cc +++ b/test/common/json/json_fuzz_test.cc @@ -1,5 +1,5 @@ -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" diff --git a/test/common/json/json_loader_test.cc b/test/common/json/json_loader_test.cc index e26fa010c835..232f4b57c494 100644 --- a/test/common/json/json_loader_test.cc +++ b/test/common/json/json_loader_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/json/json_loader.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/local_info/local_info_impl_test.cc b/test/common/local_info/local_info_impl_test.cc index dbfcb4573086..87743f138422 100644 --- a/test/common/local_info/local_info_impl_test.cc +++ b/test/common/local_info/local_info_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/local_info/local_info_impl.h" +#include "source/common/local_info/local_info_impl.h" #include "test/common/stats/stat_test_utility.h" diff --git a/test/common/local_reply/local_reply_test.cc b/test/common/local_reply/local_reply_test.cc index 64afad622bd1..854eb24bcb98 100644 --- a/test/common/local_reply/local_reply_test.cc +++ b/test/common/local_reply/local_reply_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.validate.h" #include "envoy/http/codes.h" -#include "common/http/header_utility.h" -#include "common/local_reply/local_reply.h" +#include "source/common/http/header_utility.h" +#include "source/common/local_reply/local_reply.h" #include "test/mocks/http/mocks.h" #include "test/mocks/server/factory_context.h" diff --git a/test/common/matcher/exact_map_matcher_test.cc b/test/common/matcher/exact_map_matcher_test.cc index 0d7745a4cb95..354ae67682c1 100644 --- a/test/common/matcher/exact_map_matcher_test.cc +++ b/test/common/matcher/exact_map_matcher_test.cc @@ -2,8 +2,8 @@ #include "envoy/config/core/v3/extension.pb.h" -#include "common/matcher/exact_map_matcher.h" -#include "common/matcher/matcher.h" +#include "source/common/matcher/exact_map_matcher.h" +#include "source/common/matcher/matcher.h" #include "test/common/matcher/test_utility.h" diff --git a/test/common/matcher/field_matcher_test.cc b/test/common/matcher/field_matcher_test.cc index 133da5ae8a4f..44c40d8c8624 100644 --- a/test/common/matcher/field_matcher_test.cc +++ b/test/common/matcher/field_matcher_test.cc @@ -1,7 +1,7 @@ #include "envoy/matcher/matcher.h" -#include "common/matcher/field_matcher.h" -#include "common/matcher/matcher.h" +#include "source/common/matcher/field_matcher.h" +#include "source/common/matcher/matcher.h" #include "test/common/matcher/test_utility.h" diff --git a/test/common/matcher/list_matcher_test.cc b/test/common/matcher/list_matcher_test.cc index f9f4f3a89f6b..760028756e81 100644 --- a/test/common/matcher/list_matcher_test.cc +++ b/test/common/matcher/list_matcher_test.cc @@ -1,6 +1,6 @@ #include "envoy/matcher/matcher.h" -#include "common/matcher/list_matcher.h" +#include "source/common/matcher/list_matcher.h" #include "test/common/matcher/test_utility.h" diff --git a/test/common/matcher/matcher_test.cc b/test/common/matcher/matcher_test.cc index 1bbc39580678..99558fc1af9e 100644 --- a/test/common/matcher/matcher_test.cc +++ b/test/common/matcher/matcher_test.cc @@ -6,9 +6,9 @@ #include "envoy/matcher/matcher.h" #include "envoy/registry/registry.h" -#include "common/matcher/list_matcher.h" -#include "common/matcher/matcher.h" -#include "common/protobuf/utility.h" +#include "source/common/matcher/list_matcher.h" +#include "source/common/matcher/matcher.h" +#include "source/common/protobuf/utility.h" #include "test/common/matcher/test_utility.h" #include "test/mocks/matcher/mocks.h" @@ -74,7 +74,7 @@ TEST_F(MatcherTest, TestMatcher) { .Times(2); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_TRUE(result.on_match_.has_value()); EXPECT_NE(result.on_match_->action_cb_, nullptr); @@ -109,7 +109,7 @@ TEST_F(MatcherTest, CustomGenericInput) { auto common_input_factory = TestCommonProtocolInputFactory("generic", "foo"); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_TRUE(result.on_match_.has_value()); EXPECT_NE(result.on_match_->action_cb_, nullptr); @@ -150,7 +150,7 @@ TEST_F(MatcherTest, CustomMatcher) { performDataInputValidation(_, "type.googleapis.com/google.protobuf.StringValue")); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_FALSE(result.on_match_.has_value()); } @@ -208,7 +208,7 @@ TEST_F(MatcherTest, TestAndMatcher) { .Times(3); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_TRUE(result.on_match_.has_value()); EXPECT_NE(result.on_match_->action_cb_, nullptr); @@ -267,7 +267,7 @@ TEST_F(MatcherTest, TestOrMatcher) { .Times(3); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_TRUE(result.on_match_.has_value()); EXPECT_NE(result.on_match_->action_cb_, nullptr); @@ -308,7 +308,7 @@ TEST_F(MatcherTest, TestNotMatcher) { performDataInputValidation(_, "type.googleapis.com/google.protobuf.StringValue")); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_FALSE(result.on_match_.has_value()); } @@ -360,12 +360,12 @@ TEST_F(MatcherTest, TestRecursiveMatcher) { .Times(2); auto match_tree = factory.create(matcher); - const auto result = match_tree->match(TestData()); + const auto result = match_tree()->match(TestData()); EXPECT_EQ(result.match_state_, MatchState::MatchComplete); EXPECT_TRUE(result.on_match_.has_value()); EXPECT_EQ(result.on_match_->action_cb_, nullptr); - const auto recursive_result = evaluateMatch(*match_tree, TestData()); + const auto recursive_result = evaluateMatch(*(match_tree()), TestData()); EXPECT_EQ(recursive_result.match_state_, MatchState::MatchComplete); EXPECT_NE(recursive_result.result_, nullptr); } diff --git a/test/common/matcher/test_utility.h b/test/common/matcher/test_utility.h index 46dcd4bf5935..08d1debbf0e6 100644 --- a/test/common/matcher/test_utility.h +++ b/test/common/matcher/test_utility.h @@ -3,7 +3,7 @@ #include "envoy/matcher/matcher.h" #include "envoy/protobuf/message_validator.h" -#include "common/matcher/matcher.h" +#include "source/common/matcher/matcher.h" #include "test/test_common/registry.h" #include "test/test_common/utility.h" @@ -19,7 +19,7 @@ struct TestData { // A CommonProtocolInput that returns the configured value every time. struct CommonProtocolTestInput : public CommonProtocolInput { explicit CommonProtocolTestInput(const std::string& data) : data_(data) {} - absl::optional get() override { return data_; } + absl::optional get() override { return data_; } const std::string data_; }; @@ -28,10 +28,10 @@ class TestCommonProtocolInputFactory : public CommonProtocolInputFactory { TestCommonProtocolInputFactory(absl::string_view factory_name, absl::string_view data) : factory_name_(std::string(factory_name)), value_(std::string(data)), injection_(*this) {} - CommonProtocolInputPtr - createCommonProtocolInput(const Protobuf::Message&, - Server::Configuration::FactoryContext&) override { - return std::make_unique(value_); + CommonProtocolInputFactoryCb + createCommonProtocolInputFactoryCb(const Protobuf::Message&, + Server::Configuration::FactoryContext&) override { + return [&]() { return std::make_unique(value_); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { @@ -48,7 +48,7 @@ class TestCommonProtocolInputFactory : public CommonProtocolInputFactory { // A DataInput that returns the configured value every time. struct TestInput : public DataInput { explicit TestInput(DataInputGetResult result) : result_(result) {} - DataInputGetResult get(const TestData&) override { return result_; } + DataInputGetResult get(const TestData&) const override { return result_; } DataInputGetResult result_; }; @@ -59,10 +59,13 @@ class TestDataInputFactory : public DataInputFactory { TestDataInputFactory(absl::string_view factory_name, absl::string_view data) : factory_name_(std::string(factory_name)), value_(std::string(data)), injection_(*this) {} - DataInputPtr createDataInput(const Protobuf::Message&, - Server::Configuration::FactoryContext&) override { - return std::make_unique( - DataInputGetResult{DataInputGetResult::DataAvailability::AllDataAvailable, value_}); + DataInputFactoryCb + createDataInputFactoryCb(const Protobuf::Message&, + Server::Configuration::FactoryContext&) override { + return [&]() { + return std::make_unique( + DataInputGetResult{DataInputGetResult::DataAvailability::AllDataAvailable, value_}); + }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { @@ -132,9 +135,10 @@ class NeverMatchFactory : public InputMatcherFactory { public: NeverMatchFactory() : inject_factory_(*this) {} - InputMatcherPtr createInputMatcher(const Protobuf::Message&, - Server::Configuration::FactoryContext&) override { - return std::make_unique(); + InputMatcherFactoryCb + createInputMatcherFactoryCb(const Protobuf::Message&, + Server::Configuration::FactoryContext&) override { + return []() { return std::make_unique(); }; } ProtobufTypes::MessagePtr createEmptyConfigProto() override { @@ -158,7 +162,8 @@ createSingleMatcher(absl::optional input, DataInputGetResult::DataAvailability availability = DataInputGetResult::DataAvailability::AllDataAvailable) { return std::make_unique>( - std::make_unique(DataInputGetResult{availability, input}), + std::make_unique(DataInputGetResult{ + availability, input ? absl::make_optional(std::string(*input)) : absl::nullopt}), std::make_unique(predicate)); } diff --git a/test/common/matcher/value_input_matcher_test.cc b/test/common/matcher/value_input_matcher_test.cc index ebad39332489..e9d080d31efc 100644 --- a/test/common/matcher/value_input_matcher_test.cc +++ b/test/common/matcher/value_input_matcher_test.cc @@ -1,4 +1,4 @@ -#include "common/matcher/value_input_matcher.h" +#include "source/common/matcher/value_input_matcher.h" #include "gtest/gtest.h" diff --git a/test/common/memory/debug_test.cc b/test/common/memory/debug_test.cc index bd33b91f51e1..ce137b79613e 100644 --- a/test/common/memory/debug_test.cc +++ b/test/common/memory/debug_test.cc @@ -1,4 +1,4 @@ -#include "common/memory/stats.h" +#include "source/common/memory/stats.h" #include "gtest/gtest.h" diff --git a/test/common/memory/heap_shrinker_test.cc b/test/common/memory/heap_shrinker_test.cc index 346a74899ff9..c6c7780a53b8 100644 --- a/test/common/memory/heap_shrinker_test.cc +++ b/test/common/memory/heap_shrinker_test.cc @@ -1,6 +1,6 @@ -#include "common/event/dispatcher_impl.h" -#include "common/memory/heap_shrinker.h" -#include "common/memory/stats.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/memory/heap_shrinker.h" +#include "source/common/memory/stats.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/network/BUILD b/test/common/network/BUILD index e38f0aa74ff2..ce5f097cd5f5 100644 --- a/test/common/network/BUILD +++ b/test/common/network/BUILD @@ -105,10 +105,10 @@ envoy_cc_test( }), external_deps = ["abseil_synchronization"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:dns_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:dns_interface", "//source/common/event:dispatcher_includes", - "//include/envoy/event:file_event_interface", + "//envoy/event:file_event_interface", "//source/common/stats:isolated_store_lib", "//source/common/event:dispatcher_lib", "//source/common/network:address_lib", @@ -139,9 +139,9 @@ envoy_cc_test( # https://gist.github.com/wrowe/24fe5b93b58bb444bce7ecc134905395 tags = ["fails_on_clang_cl"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:dns_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:address_interface", + "//envoy/network:dns_interface", "//source/common/buffer:buffer_lib", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", diff --git a/test/common/network/addr_family_aware_socket_option_impl_test.cc b/test/common/network/addr_family_aware_socket_option_impl_test.cc index 14a2ea9dd808..cdea9a34f480 100644 --- a/test/common/network/addr_family_aware_socket_option_impl_test.cc +++ b/test/common/network/addr_family_aware_socket_option_impl_test.cc @@ -1,10 +1,10 @@ #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/network/addr_family_aware_socket_option_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/socket_interface.h" -#include "common/network/utility.h" +#include "source/common/network/addr_family_aware_socket_option_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/utility.h" #include "test/common/network/socket_option_test.h" diff --git a/test/common/network/address_impl_speed_test.cc b/test/common/network/address_impl_speed_test.cc index 2d7f61af838b..c4005ac4c86c 100644 --- a/test/common/network/address_impl_speed_test.cc +++ b/test/common/network/address_impl_speed_test.cc @@ -1,5 +1,5 @@ -#include "common/common/fmt.h" -#include "common/network/address_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/network/address_impl.h" #include "benchmark/benchmark.h" diff --git a/test/common/network/address_impl_test.cc b/test/common/network/address_impl_test.cc index 5284464bb165..3eb42caf7fd2 100644 --- a/test/common/network/address_impl_test.cc +++ b/test/common/network/address_impl_test.cc @@ -5,12 +5,12 @@ #include "envoy/common/exception.h" #include "envoy/common/platform.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/utility.h" #include "test/mocks/api/mocks.h" #include "test/test_common/environment.h" @@ -466,15 +466,15 @@ TEST(AddressFromSockAddrDeathTest, IPv4) { EXPECT_EQ(1, inet_pton(AF_INET, "1.2.3.4", &sin.sin_addr)); sin.sin_port = htons(6502); - EXPECT_DEATH(addressFromSockAddr(ss, 1), "ss_len"); - EXPECT_DEATH(addressFromSockAddr(ss, sizeof(sockaddr_in) - 1), "ss_len"); - EXPECT_DEATH(addressFromSockAddr(ss, sizeof(sockaddr_in) + 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, sizeof(sockaddr_in) - 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, sizeof(sockaddr_in) + 1), "ss_len"); - EXPECT_EQ("1.2.3.4:6502", addressFromSockAddr(ss, sizeof(sockaddr_in))->asString()); + EXPECT_EQ("1.2.3.4:6502", (*addressFromSockAddr(ss, sizeof(sockaddr_in)))->asString()); // Invalid family. sin.sin_family = AF_UNSPEC; - EXPECT_THROW(addressFromSockAddr(ss, sizeof(sockaddr_in)), EnvoyException); + EXPECT_FALSE(addressFromSockAddr(ss, sizeof(sockaddr_in)).ok()); } TEST(AddressFromSockAddrDeathTest, IPv6) { @@ -485,20 +485,22 @@ TEST(AddressFromSockAddrDeathTest, IPv6) { EXPECT_EQ(1, inet_pton(AF_INET6, "01:023::00Ef", &sin6.sin6_addr)); sin6.sin6_port = htons(32000); - EXPECT_DEATH(addressFromSockAddr(ss, 1), "ss_len"); - EXPECT_DEATH(addressFromSockAddr(ss, sizeof(sockaddr_in6) - 1), "ss_len"); - EXPECT_DEATH(addressFromSockAddr(ss, sizeof(sockaddr_in6) + 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, sizeof(sockaddr_in6) - 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, sizeof(sockaddr_in6) + 1), "ss_len"); - EXPECT_EQ("[1:23::ef]:32000", addressFromSockAddr(ss, sizeof(sockaddr_in6))->asString()); + EXPECT_EQ("[1:23::ef]:32000", (*addressFromSockAddr(ss, sizeof(sockaddr_in6)))->asString()); // Test that IPv4-mapped IPv6 address is returned as an Ipv4Instance when 'v6only' parameter is // 'false', but not otherwise. EXPECT_EQ(1, inet_pton(AF_INET6, "::ffff:192.0.2.128", &sin6.sin6_addr)); - EXPECT_EQ(IpVersion::v4, addressFromSockAddr(ss, sizeof(sockaddr_in6), false)->ip()->version()); - EXPECT_EQ("192.0.2.128:32000", addressFromSockAddr(ss, sizeof(sockaddr_in6), false)->asString()); - EXPECT_EQ(IpVersion::v6, addressFromSockAddr(ss, sizeof(sockaddr_in6), true)->ip()->version()); + EXPECT_EQ(IpVersion::v4, + (*addressFromSockAddr(ss, sizeof(sockaddr_in6), false))->ip()->version()); + EXPECT_EQ("192.0.2.128:32000", + (*addressFromSockAddr(ss, sizeof(sockaddr_in6), false))->asString()); + EXPECT_EQ(IpVersion::v6, (*addressFromSockAddr(ss, sizeof(sockaddr_in6), true))->ip()->version()); EXPECT_EQ("[::ffff:192.0.2.128]:32000", - addressFromSockAddr(ss, sizeof(sockaddr_in6), true)->asString()); + (*addressFromSockAddr(ss, sizeof(sockaddr_in6), true))->asString()); } TEST(AddressFromSockAddrDeathTest, Pipe) { @@ -508,20 +510,20 @@ TEST(AddressFromSockAddrDeathTest, Pipe) { StringUtil::strlcpy(sun.sun_path, "/some/path", sizeof sun.sun_path); - EXPECT_DEATH(addressFromSockAddr(ss, 1), "ss_len"); - EXPECT_DEATH(addressFromSockAddr(ss, offsetof(struct sockaddr_un, sun_path)), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, 1), "ss_len"); + EXPECT_DEATH(*addressFromSockAddr(ss, offsetof(struct sockaddr_un, sun_path)), "ss_len"); socklen_t ss_len = offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sun.sun_path); - EXPECT_EQ("/some/path", addressFromSockAddr(ss, ss_len)->asString()); + EXPECT_EQ("/some/path", (*addressFromSockAddr(ss, ss_len))->asString()); // Abstract socket namespace. StringUtil::strlcpy(&sun.sun_path[1], "/some/abstract/path", sizeof sun.sun_path); sun.sun_path[0] = '\0'; ss_len = offsetof(struct sockaddr_un, sun_path) + 1 + strlen("/some/abstract/path"); #if defined(__linux__) - EXPECT_EQ("@/some/abstract/path", addressFromSockAddr(ss, ss_len)->asString()); + EXPECT_EQ("@/some/abstract/path", (*addressFromSockAddr(ss, ss_len))->asString()); #else - EXPECT_THROW(addressFromSockAddr(ss, ss_len), EnvoyException); + EXPECT_FALSE(addressFromSockAddr(ss, ss_len).ok()); #endif } diff --git a/test/common/network/apple_dns_impl_test.cc b/test/common/network/apple_dns_impl_test.cc index 66cc2921300b..d2f00c15cdb2 100644 --- a/test/common/network/apple_dns_impl_test.cc +++ b/test/common/network/apple_dns_impl_test.cc @@ -10,11 +10,11 @@ #include "envoy/network/address.h" #include "envoy/network/dns.h" -#include "common/common/random_generator.h" -#include "common/network/address_impl.h" -#include "common/network/apple_dns_impl.h" -#include "common/network/utility.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/apple_dns_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/event/mocks.h" #include "test/test_common/environment.h" @@ -62,7 +62,9 @@ class AppleDnsImplTest : public testing::Test { AppleDnsImplTest() : api_(Api::createApiForTest()), dispatcher_(api_->allocateDispatcher("test_thread")) {} - void SetUp() override { resolver_ = dispatcher_->createDnsResolver({}, false); } + void SetUp() override { + resolver_ = dispatcher_->createDnsResolver({}, envoy::config::core::v3::DnsResolverOptions()); + } ActiveDnsQuery* resolveWithExpectations(const std::string& address, const DnsLookupFamily lookup_family, @@ -118,12 +120,14 @@ class AppleDnsImplTest : public testing::Test { }; TEST_F(AppleDnsImplTest, InvalidConfigOptions) { + auto dns_resolver_options = envoy::config::core::v3::DnsResolverOptions(); EXPECT_DEATH( - dispatcher_->createDnsResolver({}, true), - "using TCP for DNS lookups is not possible when using Apple APIs for DNS resolution"); - EXPECT_DEATH( - dispatcher_->createDnsResolver({nullptr}, false), + dispatcher_->createDnsResolver({nullptr}, dns_resolver_options), "defining custom resolvers is not possible when using Apple APIs for DNS resolution"); + dns_resolver_options.set_use_tcp_for_dns_lookups(true); + EXPECT_DEATH( + dispatcher_->createDnsResolver({}, dns_resolver_options), + "using TCP for DNS lookups is not possible when using Apple APIs for DNS resolution"); } // Validate that when AppleDnsResolverImpl is destructed with outstanding requests, diff --git a/test/common/network/cidr_range_test.cc b/test/common/network/cidr_range_test.cc index 29e48106e885..6232e910ddfb 100644 --- a/test/common/network/cidr_range_test.cc +++ b/test/common/network/cidr_range_test.cc @@ -4,11 +4,11 @@ #include "envoy/common/exception.h" #include "envoy/common/platform.h" -#include "common/common/fmt.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/network/cidr_range.h" -#include "common/network/utility.h" +#include "source/common/common/fmt.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/utility.h" #include "gtest/gtest.h" diff --git a/test/common/network/connection_impl_test.cc b/test/common/network/connection_impl_test.cc index b4109d17fb6f..63f5a10898ae 100644 --- a/test/common/network/connection_impl_test.cc +++ b/test/common/network/connection_impl_test.cc @@ -7,18 +7,18 @@ #include "envoy/event/scaled_range_timer_manager.h" #include "envoy/network/address.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/address_impl.h" -#include "common/network/connection_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/utility.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/runtime/runtime_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/buffer/mocks.h" diff --git a/test/common/network/dns_impl_test.cc b/test/common/network/dns_impl_test.cc index 47476fa76a32..e3c1401c673b 100644 --- a/test/common/network/dns_impl_test.cc +++ b/test/common/network/dns_impl_test.cc @@ -9,15 +9,15 @@ #include "envoy/network/address.h" #include "envoy/network/dns.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/utility.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/address_impl.h" -#include "common/network/dns_impl.h" -#include "common/network/filter_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/utility.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/utility.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/dns_impl.h" +#include "source/common/network/filter_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/mocks/network/mocks.h" #include "test/test_common/environment.h" @@ -348,6 +348,7 @@ class DnsImplConstructor : public testing::Test { Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; + envoy::config::core::v3::DnsResolverOptions dns_resolver_options_; }; TEST_F(DnsImplConstructor, SupportsCustomResolvers) { @@ -357,7 +358,7 @@ TEST_F(DnsImplConstructor, SupportsCustomResolvers) { auto addr4 = Network::Utility::parseInternetAddressAndPort("127.0.0.1:54"); char addr6str[INET6_ADDRSTRLEN]; auto addr6 = Network::Utility::parseInternetAddressAndPort("[::1]:54"); - auto resolver = dispatcher_->createDnsResolver({addr4, addr6}, false); + auto resolver = dispatcher_->createDnsResolver({addr4, addr6}, dns_resolver_options_); auto peer = std::make_unique(dynamic_cast(resolver.get())); ares_addr_port_node* resolvers; int result = ares_get_servers_ports(peer->channel(), &resolvers); @@ -408,7 +409,7 @@ class CustomInstance : public Address::Instance { TEST_F(DnsImplConstructor, SupportCustomAddressInstances) { auto test_instance(std::make_shared("127.0.0.1", 45)); EXPECT_EQ(test_instance->asString(), "127.0.0.1:borked_port_45"); - auto resolver = dispatcher_->createDnsResolver({test_instance}, false); + auto resolver = dispatcher_->createDnsResolver({test_instance}, dns_resolver_options_); auto peer = std::make_unique(dynamic_cast(resolver.get())); ares_addr_port_node* resolvers; int result = ares_get_servers_ports(peer->channel(), &resolvers); @@ -424,8 +425,8 @@ TEST_F(DnsImplConstructor, BadCustomResolvers) { envoy::config::core::v3::Address pipe_address; pipe_address.mutable_pipe()->set_path("foo"); auto pipe_instance = Network::Utility::protobufAddressToAddress(pipe_address); - EXPECT_THROW_WITH_MESSAGE(dispatcher_->createDnsResolver({pipe_instance}, false), EnvoyException, - "DNS resolver 'foo' is not an IP address"); + EXPECT_THROW_WITH_MESSAGE(dispatcher_->createDnsResolver({pipe_instance}, dns_resolver_options_), + EnvoyException, "DNS resolver 'foo' is not an IP address"); } class DnsImplTest : public testing::TestWithParam { @@ -439,12 +440,12 @@ class DnsImplTest : public testing::TestWithParam { socket_ = std::make_shared( Network::Test::getCanonicalLoopbackAddress(GetParam()), nullptr, true); listener_ = dispatcher_->createListener(socket_, *server_, true, ENVOY_TCP_BACKLOG_SIZE); - + updateDnsResolverOptions(); if (setResolverInConstructor()) { resolver_ = dispatcher_->createDnsResolver({socket_->addressProvider().localAddress()}, - useTcpForDnsLookups()); + dns_resolver_options_); } else { - resolver_ = dispatcher_->createDnsResolver({}, useTcpForDnsLookups()); + resolver_ = dispatcher_->createDnsResolver({}, dns_resolver_options_); } // Point c-ares at the listener with no search domains and TCP-only. @@ -547,7 +548,7 @@ class DnsImplTest : public testing::TestWithParam { // Should the DnsResolverImpl use a zero timeout for c-ares queries? virtual bool zeroTimeout() const { return false; } virtual bool tcpOnly() const { return true; } - virtual bool useTcpForDnsLookups() const { return false; } + virtual void updateDnsResolverOptions(){}; virtual bool setResolverInConstructor() const { return false; } std::unique_ptr server_; std::unique_ptr peer_; @@ -556,6 +557,7 @@ class DnsImplTest : public testing::TestWithParam { Api::ApiPtr api_; Event::DispatcherPtr dispatcher_; DnsResolverSharedPtr resolver_; + envoy::config::core::v3::DnsResolverOptions dns_resolver_options_; }; // Parameterize the DNS test server socket address. @@ -876,7 +878,7 @@ TEST_P(DnsImplTest, PendingTimerEnable) { Event::MockDispatcher dispatcher; Event::MockTimer* timer = new NiceMock(); EXPECT_CALL(dispatcher, createTimer_(_)).WillOnce(Return(timer)); - resolver_ = std::make_shared(dispatcher, vec, false); + resolver_ = std::make_shared(dispatcher, vec, dns_resolver_options_); Event::FileEvent* file_event = new NiceMock(); EXPECT_CALL(dispatcher, createFileEvent_(_, _, _, _)).WillOnce(Return(file_event)); EXPECT_CALL(*timer, enableTimer(_, _)); @@ -907,7 +909,9 @@ TEST_P(DnsImplZeroTimeoutTest, Timeout) { class DnsImplAresFlagsForTcpTest : public DnsImplTest { protected: bool tcpOnly() const override { return false; } - bool useTcpForDnsLookups() const override { return true; } + void updateDnsResolverOptions() override { + dns_resolver_options_.set_use_tcp_for_dns_lookups(true); + } }; // Parameterize the DNS test server socket address. @@ -918,14 +922,41 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, DnsImplAresFlagsForTcpTest, // Validate that c_ares flag `ARES_FLAG_USEVC` is set when boolean property // `use_tcp_for_dns_lookups` is enabled. TEST_P(DnsImplAresFlagsForTcpTest, TcpLookupsEnabled) { - server_->addCName("root.cnam.domain", "result.cname.domain"); + server_->addCName("root.cname.domain", "result.cname.domain"); server_->addHosts("result.cname.domain", {"201.134.56.7"}, RecordType::A); ares_options opts{}; int optmask = 0; EXPECT_EQ(ARES_SUCCESS, ares_save_options(peer_->channel(), &opts, &optmask)); EXPECT_TRUE((opts.flags & ARES_FLAG_USEVC) == ARES_FLAG_USEVC); EXPECT_NE(nullptr, - resolveWithUnreferencedParameters("root.cnam.domain", DnsLookupFamily::Auto, true)); + resolveWithUnreferencedParameters("root.cname.domain", DnsLookupFamily::Auto, true)); + ares_destroy_options(&opts); +} + +class DnsImplAresFlagsForNoDefaultSearchDomainTest : public DnsImplTest { +protected: + bool tcpOnly() const override { return false; } + void updateDnsResolverOptions() override { + dns_resolver_options_.set_no_default_search_domain(true); + } +}; + +// Parameterize the DNS test server socket address. +INSTANTIATE_TEST_SUITE_P(IpVersions, DnsImplAresFlagsForNoDefaultSearchDomainTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +// Validate that c_ares flag `ARES_FLAG_NOSEARCH` is set when boolean property +// `no_default_search_domain` is enabled. +TEST_P(DnsImplAresFlagsForNoDefaultSearchDomainTest, NoDefaultSearchDomainSet) { + server_->addCName("root.cname.domain", "result.cname.domain"); + server_->addHosts("result.cname.domain", {"201.134.56.7"}, RecordType::A); + ares_options opts{}; + int optmask = 0; + EXPECT_EQ(ARES_SUCCESS, ares_save_options(peer_->channel(), &opts, &optmask)); + EXPECT_TRUE((opts.flags & ARES_FLAG_NOSEARCH) == ARES_FLAG_NOSEARCH); + EXPECT_NE(nullptr, + resolveWithUnreferencedParameters("root.cname.domain", DnsLookupFamily::Auto, true)); ares_destroy_options(&opts); } @@ -942,20 +973,47 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, DnsImplAresFlagsForUdpTest, // Validate that c_ares flag `ARES_FLAG_USEVC` is not set when boolean property // `use_tcp_for_dns_lookups` is disabled. TEST_P(DnsImplAresFlagsForUdpTest, UdpLookupsEnabled) { - server_->addCName("root.cnam.domain", "result.cname.domain"); + server_->addCName("root.cname.domain", "result.cname.domain"); server_->addHosts("result.cname.domain", {"201.134.56.7"}, RecordType::A); ares_options opts{}; int optmask = 0; EXPECT_EQ(ARES_SUCCESS, ares_save_options(peer_->channel(), &opts, &optmask)); EXPECT_FALSE((opts.flags & ARES_FLAG_USEVC) == ARES_FLAG_USEVC); EXPECT_NE(nullptr, - resolveWithUnreferencedParameters("root.cnam.domain", DnsLookupFamily::Auto, true)); + resolveWithUnreferencedParameters("root.cname.domain", DnsLookupFamily::Auto, true)); + ares_destroy_options(&opts); +} + +class DnsImplAresFlagsForDefaultSearchDomainTest : public DnsImplTest { +protected: + bool tcpOnly() const override { return false; } + void updateDnsResolverOptions() override {} +}; + +// Parameterize the DNS test server socket address. +INSTANTIATE_TEST_SUITE_P(IpVersions, DnsImplAresFlagsForDefaultSearchDomainTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +// Validate that c_ares flag `ARES_FLAG_NOSEARCH` is not set when boolean property +// `no_default_search_domain` is disabled. +TEST_P(DnsImplAresFlagsForDefaultSearchDomainTest, NoDefaultSearchDomainNotSet) { + server_->addCName("root.cname.domain", "result.cname.domain"); + server_->addHosts("result.cname.domain", {"201.134.56.7"}, RecordType::A); + ares_options opts{}; + int optmask = 0; + EXPECT_EQ(ARES_SUCCESS, ares_save_options(peer_->channel(), &opts, &optmask)); + EXPECT_FALSE((opts.flags & ARES_FLAG_NOSEARCH) == ARES_FLAG_NOSEARCH); + EXPECT_NE(nullptr, + resolveWithUnreferencedParameters("root.cname.domain", DnsLookupFamily::Auto, true)); ares_destroy_options(&opts); } class DnsImplCustomResolverTest : public DnsImplTest { bool tcpOnly() const override { return false; } - bool useTcpForDnsLookups() const override { return true; } + void updateDnsResolverOptions() override { + dns_resolver_options_.set_use_tcp_for_dns_lookups(true); + } bool setResolverInConstructor() const override { return true; } }; diff --git a/test/common/network/filter_manager_impl_test.cc b/test/common/network/filter_manager_impl_test.cc index 34c7e407d203..4016b3ae82a4 100644 --- a/test/common/network/filter_manager_impl_test.cc +++ b/test/common/network/filter_manager_impl_test.cc @@ -4,12 +4,11 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/filter_manager_impl.h" -#include "common/tcp_proxy/tcp_proxy.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/filters/network/ratelimit/ratelimit.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/filter_manager_impl.h" +#include "source/common/tcp_proxy/tcp_proxy.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/filters/network/ratelimit/ratelimit.h" #include "test/common/upstream/utility.h" #include "test/extensions/filters/common/ratelimit/mocks.h" @@ -416,7 +415,7 @@ stat_prefix: name EXPECT_EQ(manager.initializeReadFilters(), true); EXPECT_CALL(factory_context.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(&conn_pool)); + .WillOnce(Return(Upstream::TcpPoolData([]() {}, &conn_pool))); request_callbacks->complete(Extensions::Filters::Common::RateLimit::LimitStatus::OK, nullptr, nullptr, nullptr, "", nullptr); diff --git a/test/common/network/filter_matcher_test.cc b/test/common/network/filter_matcher_test.cc index 0039642c0cba..30208c83dc79 100644 --- a/test/common/network/filter_matcher_test.cc +++ b/test/common/network/filter_matcher_test.cc @@ -1,5 +1,5 @@ -#include "common/network/address_impl.h" -#include "common/network/filter_matcher.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/filter_matcher.h" #include "test/mocks/network/mocks.h" diff --git a/test/common/network/io_socket_handle_impl_integration_test.cc b/test/common/network/io_socket_handle_impl_integration_test.cc index 93d563999ab8..31d8ac67de94 100644 --- a/test/common/network/io_socket_handle_impl_integration_test.cc +++ b/test/common/network/io_socket_handle_impl_integration_test.cc @@ -1,5 +1,5 @@ -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" #include "test/test_common/environment.h" diff --git a/test/common/network/io_socket_handle_impl_test.cc b/test/common/network/io_socket_handle_impl_test.cc index 86bdd8df5d18..6ce655b63029 100644 --- a/test/common/network/io_socket_handle_impl_test.cc +++ b/test/common/network/io_socket_handle_impl_test.cc @@ -1,8 +1,8 @@ -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_error_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" #include "test/mocks/api/mocks.h" #include "test/test_common/environment.h" diff --git a/test/common/network/lc_trie_speed_test.cc b/test/common/network/lc_trie_speed_test.cc index 24d52fe0fcaa..7a524fe0f135 100644 --- a/test/common/network/lc_trie_speed_test.cc +++ b/test/common/network/lc_trie_speed_test.cc @@ -1,5 +1,5 @@ -#include "common/network/lc_trie.h" -#include "common/network/utility.h" +#include "source/common/network/lc_trie.h" +#include "source/common/network/utility.h" #include "benchmark/benchmark.h" diff --git a/test/common/network/lc_trie_test.cc b/test/common/network/lc_trie_test.cc index e0cf9ac43532..c2da7417c96d 100644 --- a/test/common/network/lc_trie_test.cc +++ b/test/common/network/lc_trie_test.cc @@ -1,9 +1,9 @@ #include -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/cidr_range.h" -#include "common/network/lc_trie.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/cidr_range.h" +#include "source/common/network/lc_trie.h" #include "test/test_common/utility.h" diff --git a/test/common/network/listen_socket_impl_test.cc b/test/common/network/listen_socket_impl_test.cc index 789441ca571f..7e787507020f 100644 --- a/test/common/network/listen_socket_impl_test.cc +++ b/test/common/network/listen_socket_impl_test.cc @@ -1,12 +1,15 @@ +#include + #include "envoy/common/platform.h" #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" #include "envoy/network/socket.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_interface_impl.h" +#include "source/common/network/utility.h" #include "test/mocks/network/mocks.h" #include "test/test_common/environment.h" @@ -22,6 +25,18 @@ namespace Envoy { namespace Network { namespace { +class MockSingleFamilySocketInterface : public SocketInterfaceImpl { +public: + explicit MockSingleFamilySocketInterface(Address::IpVersion version) : version_(version) {} + MOCK_METHOD(IoHandlePtr, socket, (Socket::Type, Address::Type, Address::IpVersion, bool), + (const)); + MOCK_METHOD(IoHandlePtr, socket, (Socket::Type, const Address::InstanceConstSharedPtr), (const)); + bool ipFamilySupported(int domain) override { + return (version_ == Address::IpVersion::v4) ? domain == AF_INET : domain == AF_INET6; + } + const Address::IpVersion version_; +}; + TEST(ConnectionSocketImplTest, LowerCaseRequestedServerName) { absl::string_view serverName("www.EXAMPLE.com"); absl::string_view expectedServerName("www.example.com"); @@ -182,6 +197,40 @@ TEST_P(ListenSocketImplTestTcp, CheckIpVersionWithNullLocalAddress) { EXPECT_EQ(Address::IpVersion::v4, socket.ipVersion()); } +TEST_P(ListenSocketImplTestTcp, SupportedIpFamilyVirtualSocketIsCreatedWithNoBsdSocketCreated) { + auto mock_interface = std::make_unique(version_); + auto* mock_interface_ptr = mock_interface.get(); + auto any_address = version_ == Address::IpVersion::v4 ? Utility::getIpv4AnyAddress() + : Utility::getIpv6AnyAddress(); + + StackedScopedInjectableLoader new_interface(std::move(mock_interface)); + + { + EXPECT_CALL(*mock_interface_ptr, socket(_, _)).Times(0); + EXPECT_CALL(*mock_interface_ptr, socket(_, _, _, _)).Times(0); + TcpListenSocket virtual_listener_socket(any_address, nullptr, + /*bind_to_port*/ false); + } +} + +TEST_P(ListenSocketImplTestTcp, DeathAtUnSupportedIpFamilyListenSocket) { + auto mock_interface = std::make_unique(version_); + auto* mock_interface_ptr = mock_interface.get(); + auto the_other_address = version_ == Address::IpVersion::v4 ? Utility::getIpv6AnyAddress() + : Utility::getIpv4AnyAddress(); + StackedScopedInjectableLoader new_interface(std::move(mock_interface)); + { + EXPECT_CALL(*mock_interface_ptr, socket(_, _)).Times(0); + EXPECT_CALL(*mock_interface_ptr, socket(_, _, _, _)).Times(0); + EXPECT_DEATH( + { + TcpListenSocket virtual_listener_socket(the_other_address, nullptr, + /*bind_to_port*/ false); + }, + ".*"); + } +} + TEST_P(ListenSocketImplTestUdp, BindSpecificPort) { testBindSpecificPort(); } // Validate that we get port allocation when binding to port zero. diff --git a/test/common/network/listener_impl_test.cc b/test/common/network/listener_impl_test.cc index cea2b1ed13f0..15deae2a4321 100644 --- a/test/common/network/listener_impl_test.cc +++ b/test/common/network/listener_impl_test.cc @@ -3,10 +3,10 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/exception.h" -#include "common/network/address_impl.h" -#include "common/network/tcp_listener_impl.h" -#include "common/network/utility.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/tcp_listener_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/common/network/listener_impl_test_base.h" #include "test/mocks/network/mocks.h" diff --git a/test/common/network/listener_impl_test_base.h b/test/common/network/listener_impl_test_base.h index 8f3ee21b8727..a00ae01b67b5 100644 --- a/test/common/network/listener_impl_test_base.h +++ b/test/common/network/listener_impl_test_base.h @@ -1,8 +1,8 @@ #pragma once -#include "common/event/dispatcher_impl.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "test/test_common/network_utility.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/common/network/raw_buffer_socket_test.cc b/test/common/network/raw_buffer_socket_test.cc index f28e54f53bc9..4304277b1b2d 100644 --- a/test/common/network/raw_buffer_socket_test.cc +++ b/test/common/network/raw_buffer_socket_test.cc @@ -1,4 +1,4 @@ -#include "common/network/raw_buffer_socket.h" +#include "source/common/network/raw_buffer_socket.h" #include "test/test_common/network_utility.h" diff --git a/test/common/network/resolver_impl_test.cc b/test/common/network/resolver_impl_test.cc index c9d9b3fce901..77b0ec258314 100644 --- a/test/common/network/resolver_impl_test.cc +++ b/test/common/network/resolver_impl_test.cc @@ -7,9 +7,9 @@ #include "envoy/network/resolver.h" #include "envoy/registry/registry.h" -#include "common/common/thread.h" -#include "common/network/address_impl.h" -#include "common/network/resolver_impl.h" +#include "source/common/common/thread.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/resolver_impl.h" #include "test/mocks/network/mocks.h" #include "test/test_common/environment.h" diff --git a/test/common/network/socket_option_factory_test.cc b/test/common/network/socket_option_factory_test.cc index 30ee22cd15c1..a32fae30b85a 100644 --- a/test/common/network/socket_option_factory_test.cc +++ b/test/common/network/socket_option_factory_test.cc @@ -1,8 +1,8 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/common/network/socket_option_test.h b/test/common/network/socket_option_test.h index e780c3e2ec2a..c2a60bc1bf37 100644 --- a/test/common/network/socket_option_test.h +++ b/test/common/network/socket_option_test.h @@ -2,9 +2,9 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/common/network/transport_socket_options_impl_test.cc b/test/common/network/transport_socket_options_impl_test.cc index 213c6778b037..8bf0b4bd2f16 100644 --- a/test/common/network/transport_socket_options_impl_test.cc +++ b/test/common/network/transport_socket_options_impl_test.cc @@ -1,10 +1,10 @@ -#include "common/http/utility.h" -#include "common/network/address_impl.h" -#include "common/network/application_protocol.h" -#include "common/network/proxy_protocol_filter_state.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/proxy_protocol_filter_state.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/stream_info/filter_state_impl.h" #include "gtest/gtest.h" diff --git a/test/common/network/udp_fuzz.cc b/test/common/network/udp_fuzz.cc index 792f1f93286b..f1768976306f 100644 --- a/test/common/network/udp_fuzz.cc +++ b/test/common/network/udp_fuzz.cc @@ -2,13 +2,13 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/network/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/utility.h" #include "test/common/network/udp_listener_impl_test_base.h" #include "test/fuzz/fuzz_runner.h" @@ -44,6 +44,7 @@ class FuzzUdpListenerCallbacks : public Network::UdpListenerCallbacks { void onDatagramsDropped(uint32_t dropped) override; uint32_t workerIndex() const override; Network::UdpPacketWriter& udpPacketWriter() override; + size_t numPacketsExpectedPerEventLoop() const override; private: UdpFuzz* my_upf_; @@ -178,6 +179,10 @@ void FuzzUdpListenerCallbacks::onDatagramsDropped(uint32_t dropped) { UNREFERENCED_PARAMETER(dropped); } +size_t FuzzUdpListenerCallbacks::numPacketsExpectedPerEventLoop() const { + return Network::MAX_NUM_PACKETS_PER_EVENT_LOOP; +} + DEFINE_FUZZER(const uint8_t* buf, size_t len) { UdpFuzz udp_instance(buf, len); } } // namespace } // namespace Envoy diff --git a/test/common/network/udp_listener_impl_batch_writer_test.cc b/test/common/network/udp_listener_impl_batch_writer_test.cc index f69c3146a965..817553ef1018 100644 --- a/test/common/network/udp_listener_impl_batch_writer_test.cc +++ b/test/common/network/udp_listener_impl_batch_writer_test.cc @@ -21,13 +21,13 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/utility.h" -#include "common/quic/udp_gso_batch_writer.h" +#include "source/common/quic/udp_gso_batch_writer.h" #include "test/common/network/udp_listener_impl_test_base.h" #include "test/mocks/api/mocks.h" @@ -230,23 +230,12 @@ TEST_P(UdpListenerImplBatchWriterTest, WriteBlocked) { // shorter than initial payload EXPECT_TRUE(send_result.ok()); EXPECT_EQ(send_result.rc_, following_payload.length()); - EXPECT_FALSE(udp_packet_writer_->isWriteBlocked()); + EXPECT_TRUE(udp_packet_writer_->isWriteBlocked()); internal_buffer.append(following_payload); - // Send another packet and verify that writer gets blocked later - EXPECT_CALL(os_sys_calls, Sendmsg(_, _, _)) - .WillOnce(Invoke([](int /*sockfd*/, const msghdr* /*msg*/, int /*flags*/) { - errno = EWOULDBLOCK; - return -1; - })); - following_buffer->add(following_payload); - UdpSendData final_send_data{send_to_addr_->ip(), - *server_socket_->addressProvider().localAddress(), - *following_buffer}; - send_result = listener_->send(final_send_data); + } else { + EXPECT_FALSE(send_result.ok()); + EXPECT_EQ(send_result.rc_, 0); } - - EXPECT_FALSE(send_result.ok()); - EXPECT_EQ(send_result.rc_, 0); EXPECT_TRUE(udp_packet_writer_->isWriteBlocked()); EXPECT_EQ(listener_config_.listenerScope().counterFromString("total_bytes_sent").value(), total_bytes_sent); diff --git a/test/common/network/udp_listener_impl_test.cc b/test/common/network/udp_listener_impl_test.cc index d200af1a0a17..7c22ca61c626 100644 --- a/test/common/network/udp_listener_impl_test.cc +++ b/test/common/network/udp_listener_impl_test.cc @@ -6,13 +6,13 @@ #include "envoy/api/os_sys_calls.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/network/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/utility.h" #include "test/common/network/udp_listener_impl_test_base.h" #include "test/mocks/api/mocks.h" @@ -56,6 +56,8 @@ class UdpListenerImplTest : public UdpListenerImplTestBase { // Return the real version by default. ON_CALL(override_syscall_, supportsMmsg()) .WillByDefault(Return(os_calls.latched().supportsMmsg())); + ON_CALL(listener_callbacks_, numPacketsExpectedPerEventLoop()) + .WillByDefault(Return(MAX_NUM_PACKETS_PER_EVENT_LOOP)); // Set listening socket options. server_socket_->addOptions(SocketOptionFactory::buildIpPacketInfoOptions()); @@ -63,6 +65,12 @@ class UdpListenerImplTest : public UdpListenerImplTestBase { if (Api::OsSysCallsSingleton::get().supportsUdpGro()) { server_socket_->addOptions(SocketOptionFactory::buildUdpGroOptions()); } + std::unique_ptr options = + std::make_unique(); + options->push_back(std::make_shared( + envoy::config::core::v3::SocketOption::STATE_BOUND, + ENVOY_MAKE_SOCKET_OPTION_NAME(SOL_SOCKET, SO_RCVBUF), 4 * 1024 * 1024)); + server_socket_->addOptions(std::move(options)); envoy::config::core::v3::UdpSocketConfig config; if (prefer_gro) { config.mutable_prefer_gro()->set_value(prefer_gro); @@ -71,11 +79,22 @@ class UdpListenerImplTest : public UdpListenerImplTestBase { std::make_unique(dispatcherImpl(), server_socket_, listener_callbacks_, dispatcherImpl().timeSource(), config); udp_packet_writer_ = std::make_unique(server_socket_->ioHandle()); + int get_recvbuf_size = 0; + socklen_t int_size = static_cast(sizeof(get_recvbuf_size)); + const Api::SysCallIntResult result2 = + server_socket_->getSocketOption(SOL_SOCKET, SO_RCVBUF, &get_recvbuf_size, &int_size); + EXPECT_EQ(0, result2.rc_); + // Kernel increases the buffer size to allow bookkeeping overhead. + if (get_recvbuf_size < 4 * 1024 * 1024) { + recvbuf_large_enough_ = false; + } + ON_CALL(listener_callbacks_, udpPacketWriter()).WillByDefault(ReturnRef(*udp_packet_writer_)); } NiceMock override_syscall_; TestThreadsafeSingletonInjector os_calls{&override_syscall_}; + bool recvbuf_large_enough_{true}; }; INSTANTIATE_TEST_SUITE_P(IpVersions, UdpListenerImplTest, @@ -123,15 +142,13 @@ TEST_P(UdpListenerImplTest, UseActualDstUdp) { EXPECT_CALL(listener_callbacks_, onReadReady()); EXPECT_CALL(listener_callbacks_, onData(_)) .WillOnce(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams(data, Api::OsSysCallsSingleton::get().supportsMmsg() - ? NUM_DATAGRAMS_PER_MMSG_RECEIVE - : 1u); + validateRecvCallbackParams( + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); EXPECT_EQ(data.buffer_->toString(), first); })) .WillOnce(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams(data, Api::OsSysCallsSingleton::get().supportsMmsg() - ? NUM_DATAGRAMS_PER_MMSG_RECEIVE - : 1u); + validateRecvCallbackParams( + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); EXPECT_EQ(data.buffer_->toString(), second); dispatcher_->exit(); @@ -145,7 +162,7 @@ TEST_P(UdpListenerImplTest, UseActualDstUdp) { dispatcher_->run(Event::Dispatcher::RunType::Block); } -// Test a large datagram that gets dropped using recvmmsg if supported. +// Test a large datagram that gets dropped using recvmsg or recvmmsg if supported. TEST_P(UdpListenerImplTest, LargeDatagramRecvmmsg) { setup(); @@ -162,7 +179,7 @@ TEST_P(UdpListenerImplTest, LargeDatagramRecvmmsg) { EXPECT_CALL(listener_callbacks_, onDatagramsDropped(_)).Times(AtLeast(1)); EXPECT_CALL(listener_callbacks_, onData(_)).WillOnce(Invoke([&](const UdpRecvData& data) -> void { validateRecvCallbackParams( - data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_MMSG_RECEIVE : 1u); + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); EXPECT_EQ(data.buffer_->toString(), second); dispatcher_->exit(); @@ -172,33 +189,75 @@ TEST_P(UdpListenerImplTest, LargeDatagramRecvmmsg) { EXPECT_EQ(2, listener_->packetsDropped()); } -// Test a large datagram that gets dropped using recvmsg. -TEST_P(UdpListenerImplTest, LargeDatagramRecvmsg) { +TEST_P(UdpListenerImplTest, LimitNumberOfReadsPerLoop) { setup(); + if (!Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit")) { + return; + } + const uint64_t num_packets_per_read = + Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u; + + size_t num_packets_expected_per_loop{32u}; + // These packets should be read in more than 3 loops. + const std::string payload1(10, 'a'); + for (uint64_t i = 0; i < 2 * num_packets_expected_per_loop; ++i) { + client_.write(payload1, *send_to_addr_); + } + const std::string last_piece("bbb"); + client_.write(last_piece, *send_to_addr_); - ON_CALL(override_syscall_, supportsMmsg()).WillByDefault(Return(false)); - - // This will get dropped. - const std::string first(4096, 'a'); - client_.write(first, *send_to_addr_); - const std::string second("second"); - client_.write(second, *send_to_addr_); - // This will get dropped. - const std::string third(4096, 'b'); - client_.write(third, *send_to_addr_); + EXPECT_CALL(listener_callbacks_, onReadReady()).Times(testing::AtLeast(3u)); + EXPECT_CALL(listener_callbacks_, numPacketsExpectedPerEventLoop()) + .WillRepeatedly(Return(num_packets_expected_per_loop)); + EXPECT_CALL(listener_callbacks_, onData(_)) + .WillRepeatedly(Invoke([&](const UdpRecvData& data) -> void { + validateRecvCallbackParams(data, num_packets_per_read); + if (last_piece == data.buffer_->toString()) { + dispatcher_->exit(); + } + })); + dispatcher_->run(Event::Dispatcher::RunType::Block); + num_packets_received_by_listener_ = 0u; + num_packets_expected_per_loop = 0u; + std::string payload2(10, 'c'); + // This packet should be read. + client_.write(payload2, *send_to_addr_); EXPECT_CALL(listener_callbacks_, onReadReady()); - EXPECT_CALL(listener_callbacks_, onDatagramsDropped(_)).Times(AtLeast(1)); + EXPECT_CALL(listener_callbacks_, numPacketsExpectedPerEventLoop()) + .WillRepeatedly(Return(num_packets_expected_per_loop)); EXPECT_CALL(listener_callbacks_, onData(_)).WillOnce(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams( - data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_MMSG_RECEIVE : 1u); - EXPECT_EQ(data.buffer_->toString(), second); - + validateRecvCallbackParams(data, num_packets_per_read); + EXPECT_EQ(payload2, data.buffer_->toString()); dispatcher_->exit(); })); + dispatcher_->run(Event::Dispatcher::RunType::Block); + if (!recvbuf_large_enough_) { + // If SO_RCVBUF failed to enlarge receive buffer to 4MB, the rest of test will likely to fail + // because packets may be easily dropped. Skip the rest of the test. + return; + } + num_packets_received_by_listener_ = 0u; + // Though the mocked callback wants to read more, only 6000 reads maximum are allowed. + num_packets_expected_per_loop = MAX_NUM_PACKETS_PER_EVENT_LOOP + 1u; + std::string payload3(10, 'd'); + for (uint64_t i = 0; i < num_packets_expected_per_loop; ++i) { + client_.write(payload3, *send_to_addr_); + } + std::string really_last_piece("eee"); + client_.write(really_last_piece, *send_to_addr_); + EXPECT_CALL(listener_callbacks_, onReadReady()).Times(testing::AtLeast(2u)); + EXPECT_CALL(listener_callbacks_, numPacketsExpectedPerEventLoop()) + .WillRepeatedly(Return(num_packets_expected_per_loop)); + EXPECT_CALL(listener_callbacks_, onData(_)) + .WillRepeatedly(Invoke([&](const UdpRecvData& data) -> void { + validateRecvCallbackParams(data, num_packets_per_read); + if (really_last_piece == data.buffer_->toString()) { + dispatcher_->exit(); + } + })); dispatcher_->run(Event::Dispatcher::RunType::Block); - EXPECT_EQ(2, listener_->packetsDropped()); } #ifdef UDP_GRO @@ -247,9 +306,8 @@ TEST_P(UdpListenerImplTest, UdpEcho) { EXPECT_CALL(listener_callbacks_, onReadReady()); EXPECT_CALL(listener_callbacks_, onData(_)) .WillOnce(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams(data, Api::OsSysCallsSingleton::get().supportsMmsg() - ? NUM_DATAGRAMS_PER_MMSG_RECEIVE - : 1u); + validateRecvCallbackParams( + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); test_peer_address = data.addresses_.peer_; @@ -259,9 +317,8 @@ TEST_P(UdpListenerImplTest, UdpEcho) { server_received_data.push_back(data_str); })) .WillRepeatedly(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams(data, Api::OsSysCallsSingleton::get().supportsMmsg() - ? NUM_DATAGRAMS_PER_MMSG_RECEIVE - : 1u); + validateRecvCallbackParams( + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); const std::string data_str = data.buffer_->toString(); EXPECT_EQ(data_str, client_data[num_packets_received_by_listener_ - 1]); @@ -339,9 +396,8 @@ TEST_P(UdpListenerImplTest, UdpListenerEnableDisable) { .Times(2) .WillOnce(Return()) .WillOnce(Invoke([&](const UdpRecvData& data) -> void { - validateRecvCallbackParams(data, Api::OsSysCallsSingleton::get().supportsMmsg() - ? NUM_DATAGRAMS_PER_MMSG_RECEIVE - : 1u); + validateRecvCallbackParams( + data, Api::OsSysCallsSingleton::get().supportsMmsg() ? NUM_DATAGRAMS_PER_RECEIVE : 1u); EXPECT_EQ(data.buffer_->toString(), second); @@ -380,13 +436,16 @@ TEST_P(UdpListenerImplTest, UdpListenerRecvMsgError) { EXPECT_CALL(listener_callbacks_, onReceiveError(_)) .WillOnce(Invoke([&](Api::IoError::IoErrorCode err) -> void { ASSERT_EQ(Api::IoError::IoErrorCode::NoSupport, err); - dispatcher_->exit(); })); // Inject mocked OsSysCalls implementation to mock a read failure. Api::MockOsSysCalls os_sys_calls; TestThreadsafeSingletonInjector os_calls(&os_sys_calls); - EXPECT_CALL(os_sys_calls, supportsMmsg()); + EXPECT_CALL(os_sys_calls, supportsMmsg()) + .Times( + (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit") + ? 2u + : 1u)); EXPECT_CALL(os_sys_calls, recvmsg(_, _, _)) .WillOnce(Return(Api::SysCallSizeResult{-1, SOCKET_ERROR_NOT_SUP})); diff --git a/test/common/network/udp_listener_impl_test_base.h b/test/common/network/udp_listener_impl_test_base.h index 671a30b56370..527018259cfa 100644 --- a/test/common/network/udp_listener_impl_test_base.h +++ b/test/common/network/udp_listener_impl_test_base.h @@ -7,12 +7,12 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/network/address_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/network/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/utility.h" #include "test/common/network/listener_impl_test_base.h" #include "test/mocks/api/mocks.h" diff --git a/test/common/network/utility_fuzz_test.cc b/test/common/network/utility_fuzz_test.cc index 8d49667a24e0..1302614c7a8f 100644 --- a/test/common/network/utility_fuzz_test.cc +++ b/test/common/network/utility_fuzz_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/core/v3/address.pb.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/network/utility_test.cc b/test/common/network/utility_test.cc index 45c196f56314..f75b8b33bbf8 100644 --- a/test/common/network/utility_test.cc +++ b/test/common/network/utility_test.cc @@ -6,9 +6,10 @@ #include "envoy/common/exception.h" #include "envoy/config/core/v3/address.pb.h" -#include "common/common/thread.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/common/thread.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/utility.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" @@ -579,6 +580,56 @@ TEST(ResolvedUdpSocketConfig, Warning) { ResolvedUdpSocketConfig resolved_config(envoy::config::core::v3::UdpSocketConfig(), true)); } +#ifndef WIN32 +TEST(PacketLoss, LossTest) { + // Create and bind a UDP socket. + auto version = TestEnvironment::getIpVersionsForTest()[0]; + auto kernel_version = version == Network::Address::IpVersion::v4 ? AF_INET : AF_INET6; + int fd = socket(kernel_version, SOCK_DGRAM | SOCK_NONBLOCK, IPPROTO_UDP); + ASSERT_NE(fd, 0); + sockaddr_storage storage; + auto& sin = reinterpret_cast(storage); + sin.sin_family = kernel_version; + sin.sin_port = 0; + EXPECT_EQ(1, + inet_pton(kernel_version, Network::Test::getLoopbackAddressUrlString(version).c_str(), + &sin.sin_addr)); + ASSERT_EQ(0, bind(fd, reinterpret_cast(&storage), sizeof(storage))); + + // Get the port. + socklen_t storage_len = sizeof(storage); + ASSERT_EQ(0, getsockname(fd, reinterpret_cast(&storage), &storage_len)); + + // Set the buffer size artificially small. + int receive_buffer_size = 1000; + ASSERT_EQ( + 0, setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &receive_buffer_size, sizeof(receive_buffer_size))); + + // Send a packet. + char buf[2048]; + memset(buf, 0, ABSL_ARRAYSIZE(buf)); + EXPECT_EQ(ABSL_ARRAYSIZE(buf), sendto(fd, buf, ABSL_ARRAYSIZE(buf), 0, + reinterpret_cast(&storage), sizeof(storage))); + + // Verify the packet is dropped. + IoSocketHandleImpl handle(fd); + auto address = Network::Test::getCanonicalLoopbackAddress(version); + NiceMock processor; + MonotonicTime time(std::chrono::seconds(0)); + uint32_t packets_dropped = 0; + Utility::readFromSocket(handle, *address, processor, time, false, &packets_dropped); + EXPECT_EQ(1, packets_dropped); + + // Send another packet. + EXPECT_EQ(ABSL_ARRAYSIZE(buf), sendto(fd, buf, ABSL_ARRAYSIZE(buf), 0, + reinterpret_cast(&storage), sizeof(storage))); + + // Make sure the drop count is now 2. + Utility::readFromSocket(handle, *address, processor, time, false, &packets_dropped); + EXPECT_EQ(2, packets_dropped); +} +#endif + } // namespace } // namespace Network } // namespace Envoy diff --git a/test/common/network/win32_redirect_records_option_test.cc b/test/common/network/win32_redirect_records_option_test.cc index 643cfd4fab32..405e7df3a936 100644 --- a/test/common/network/win32_redirect_records_option_test.cc +++ b/test/common/network/win32_redirect_records_option_test.cc @@ -1,8 +1,8 @@ -#include "common/common/scalar_to_byte_vector.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/socket_interface.h" -#include "common/network/utility.h" -#include "common/network/win32_redirect_records_option_impl.h" +#include "source/common/common/scalar_to_byte_vector.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/utility.h" +#include "source/common/network/win32_redirect_records_option_impl.h" #include "test/common/network/socket_option_test.h" diff --git a/test/common/protobuf/message_validator_impl_test.cc b/test/common/protobuf/message_validator_impl_test.cc index d558799cc440..73dd2dbcba6b 100644 --- a/test/common/protobuf/message_validator_impl_test.cc +++ b/test/common/protobuf/message_validator_impl_test.cc @@ -1,7 +1,7 @@ #include "envoy/common/exception.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/logging.h" diff --git a/test/common/protobuf/utility_test.cc b/test/common/protobuf/utility_test.cc index 97b25a67bcad..92480788872d 100644 --- a/test/common/protobuf/utility_test.cc +++ b/test/common/protobuf/utility_test.cc @@ -14,12 +14,12 @@ #include "envoy/extensions/health_checkers/redis/v3/redis.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/base64.h" -#include "common/config/api_version.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/common/base64.h" +#include "source/common/config/api_version.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/init/mocks.h" @@ -41,9 +41,7 @@ using namespace std::chrono_literals; namespace Envoy { -using testing::AllOf; using testing::HasSubstr; -using testing::Property; class RuntimeStatsHelper : public TestScopedRuntime { public: @@ -1187,6 +1185,11 @@ TEST_F(ProtobufUtilityTest, ValueUtilLoadFromYamlObject) { "struct_value { fields { key: \"foo\" value { string_value: \"bar\" } } }"); } +TEST_F(ProtobufUtilityTest, ValueUtilLoadFromYamlObjectWithIgnoredEntries) { + EXPECT_EQ(ValueUtil::loadFromYaml("!ignore foo: bar\nbaz: qux").ShortDebugString(), + "struct_value { fields { key: \"baz\" value { string_value: \"qux\" } } }"); +} + TEST(LoadFromYamlExceptionTest, BadConversion) { std::string bad_yaml = R"EOF( admin: @@ -2018,4 +2021,100 @@ TEST(TypeUtilTest, TypeUrlHelperFunction) { TypeUtil::descriptorFullNameToTypeUrl("envoy.config.filter.http.ip_tagging.v2.IPTagging")); } +class StructUtilTest : public ProtobufUtilityTest { +protected: + ProtobufWkt::Struct updateSimpleStruct(const ProtobufWkt::Value& v0, + const ProtobufWkt::Value& v1) { + ProtobufWkt::Struct obj, with; + (*obj.mutable_fields())["key"] = v0; + (*with.mutable_fields())["key"] = v1; + StructUtil::update(obj, with); + EXPECT_EQ(obj.fields().size(), 1); + return obj; + } +}; + +TEST_F(StructUtilTest, StructUtilUpdateScalars) { + { + const auto obj = updateSimpleStruct(ValueUtil::stringValue("v0"), ValueUtil::stringValue("v1")); + EXPECT_EQ(obj.fields().at("key").string_value(), "v1"); + } + + { + const auto obj = updateSimpleStruct(ValueUtil::numberValue(0), ValueUtil::numberValue(1)); + EXPECT_EQ(obj.fields().at("key").number_value(), 1); + } + + { + const auto obj = updateSimpleStruct(ValueUtil::boolValue(false), ValueUtil::boolValue(true)); + EXPECT_EQ(obj.fields().at("key").bool_value(), true); + } + + { + const auto obj = updateSimpleStruct(ValueUtil::nullValue(), ValueUtil::nullValue()); + EXPECT_EQ(obj.fields().at("key").kind_case(), ProtobufWkt::Value::KindCase::kNullValue); + } +} + +TEST_F(StructUtilTest, StructUtilUpdateDifferentKind) { + { + const auto obj = updateSimpleStruct(ValueUtil::stringValue("v0"), ValueUtil::numberValue(1)); + auto& val = obj.fields().at("key"); + EXPECT_EQ(val.kind_case(), ProtobufWkt::Value::KindCase::kNumberValue); + EXPECT_EQ(val.number_value(), 1); + } + + { + const auto obj = + updateSimpleStruct(ValueUtil::structValue(MessageUtil::keyValueStruct("subkey", "v0")), + ValueUtil::stringValue("v1")); + auto& val = obj.fields().at("key"); + EXPECT_EQ(val.kind_case(), ProtobufWkt::Value::KindCase::kStringValue); + EXPECT_EQ(val.string_value(), "v1"); + } +} + +TEST_F(StructUtilTest, StructUtilUpdateList) { + ProtobufWkt::Struct obj, with; + auto& list = *(*obj.mutable_fields())["key"].mutable_list_value(); + list.add_values()->set_string_value("v0"); + + auto& with_list = *(*with.mutable_fields())["key"].mutable_list_value(); + with_list.add_values()->set_number_value(1); + const auto v2 = MessageUtil::keyValueStruct("subkey", "str"); + *with_list.add_values()->mutable_struct_value() = v2; + + StructUtil::update(obj, with); + ASSERT_THAT(obj.fields().size(), 1); + const auto& list_vals = list.values(); + EXPECT_TRUE(ValueUtil::equal(list_vals[0], ValueUtil::stringValue("v0"))); + EXPECT_TRUE(ValueUtil::equal(list_vals[1], ValueUtil::numberValue(1))); + EXPECT_TRUE(ValueUtil::equal(list_vals[2], ValueUtil::structValue(v2))); +} + +TEST_F(StructUtilTest, StructUtilUpdateNewKey) { + ProtobufWkt::Struct obj, with; + (*obj.mutable_fields())["key0"].set_number_value(1); + (*with.mutable_fields())["key1"].set_number_value(1); + StructUtil::update(obj, with); + + const auto& fields = obj.fields(); + EXPECT_TRUE(ValueUtil::equal(fields.at("key0"), ValueUtil::numberValue(1))); + EXPECT_TRUE(ValueUtil::equal(fields.at("key1"), ValueUtil::numberValue(1))); +} + +TEST_F(StructUtilTest, StructUtilUpdateRecursiveStruct) { + ProtobufWkt::Struct obj, with; + *(*obj.mutable_fields())["tags"].mutable_struct_value() = + MessageUtil::keyValueStruct("tag0", "1"); + *(*with.mutable_fields())["tags"].mutable_struct_value() = + MessageUtil::keyValueStruct("tag1", "1"); + StructUtil::update(obj, with); + + ASSERT_EQ(obj.fields().at("tags").kind_case(), ProtobufWkt::Value::KindCase::kStructValue); + const auto& tags = obj.fields().at("tags").struct_value().fields(); + EXPECT_TRUE(ValueUtil::equal(tags.at("tag0"), ValueUtil::stringValue("1"))); + EXPECT_TRUE(ValueUtil::equal(tags.at("tag1"), ValueUtil::stringValue("1"))); +} + } // namespace Envoy diff --git a/test/common/protobuf/value_util_fuzz_test.cc b/test/common/protobuf/value_util_fuzz_test.cc index fec766f9e505..1999427d5ca9 100644 --- a/test/common/protobuf/value_util_fuzz_test.cc +++ b/test/common/protobuf/value_util_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/quic/BUILD b/test/common/quic/BUILD index 9f432b55c200..943fd4b24147 100644 --- a/test/common/quic/BUILD +++ b/test/common/quic/BUILD @@ -54,6 +54,18 @@ envoy_cc_test( ], ) +envoy_cc_test( + name = "quic_stat_names_test", + srcs = ["quic_stat_names_test.cc"], + tags = ["nofips"], + deps = [ + "//source/common/quic:quic_stat_names_lib", + "//source/common/stats:stats_lib", + "//test/mocks/stats:stats_mocks", + "//test/test_common:utility_lib", + ], +) + envoy_cc_test( name = "envoy_quic_session_cache_test", srcs = ["envoy_quic_session_cache_test.cc"], @@ -129,7 +141,7 @@ envoy_cc_test( ":quic_test_utils_for_envoy_lib", ":test_proof_source_lib", ":test_utils_lib", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/quic:codec_lib", "//source/common/quic:envoy_quic_alarm_factory_lib", "//source/common/quic:envoy_quic_connection_helper_lib", @@ -157,12 +169,13 @@ envoy_cc_test( deps = [ ":quic_test_utils_for_envoy_lib", ":test_utils_lib", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/quic:codec_lib", "//source/common/quic:envoy_quic_alarm_factory_lib", "//source/common/quic:envoy_quic_client_connection_lib", "//source/common/quic:envoy_quic_client_session_lib", "//source/common/quic:envoy_quic_connection_helper_lib", + "//source/extensions/quic/crypto_stream:envoy_quic_crypto_client_stream_lib", "//test/mocks/http:http_mocks", "//test/mocks/http:stream_decoder_mock", "//test/mocks/network:network_mocks", @@ -184,6 +197,8 @@ envoy_cc_test( "//source/common/quic:active_quic_listener_lib", "//source/common/quic:envoy_quic_utils_lib", "//source/common/quic:udp_gso_batch_writer_lib", + "//source/extensions/quic/crypto_stream:envoy_quic_crypto_server_stream_lib", + "//source/extensions/quic/proof_source:envoy_quic_proof_source_factory_impl_lib", "//source/server:configuration_lib", "//test/mocks/network:network_mocks", "//test/mocks/server:instance_mocks", @@ -202,12 +217,13 @@ envoy_cc_test( ":quic_test_utils_for_envoy_lib", ":test_proof_source_lib", ":test_utils_lib", - "//include/envoy/stats:stats_macros", + "//envoy/stats:stats_macros", "//source/common/quic:envoy_quic_alarm_factory_lib", "//source/common/quic:envoy_quic_connection_helper_lib", "//source/common/quic:envoy_quic_dispatcher_lib", "//source/common/quic:envoy_quic_proof_source_lib", "//source/common/quic:envoy_quic_server_session_lib", + "//source/extensions/quic/crypto_stream:envoy_quic_crypto_server_stream_lib", "//source/server:configuration_lib", "//test/mocks/event:event_mocks", "//test/mocks/http:http_mocks", diff --git a/test/common/quic/active_quic_listener_test.cc b/test/common/quic/active_quic_listener_test.cc index b9df504e88a4..1dbd90bb6009 100644 --- a/test/common/quic/active_quic_listener_test.cc +++ b/test/common/quic/active_quic_listener_test.cc @@ -20,14 +20,14 @@ #pragma GCC diagnostic pop #endif -#include "server/configuration_impl.h" -#include "common/common/logger.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/quic/active_quic_listener.h" -#include "common/http/utility.h" +#include "source/server/configuration_impl.h" +#include "source/common/common/logger.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/quic/active_quic_listener.h" +#include "source/common/http/utility.h" #include "test/common/quic/test_utils.h" #include "test/common/quic/test_proof_source.h" #include "test/test_common/simulated_time_system.h" @@ -40,9 +40,11 @@ #include "absl/time/time.h" #include "gtest/gtest.h" #include "gmock/gmock.h" -#include "common/quic/platform/envoy_quic_clock.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/udp_gso_batch_writer.h" +#include "source/common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/udp_gso_batch_writer.h" +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h" +#include "source/extensions/quic/proof_source/envoy_quic_proof_source_factory_impl.h" using testing::Return; using testing::ReturnRef; @@ -86,8 +88,10 @@ class ActiveQuicListenerTest : public QuicMultiVersionTest { } bool use_http3 = GetParam().second == QuicVersionType::Iquic; SetQuicReloadableFlag(quic_disable_version_draft_29, !use_http3); + SetQuicReloadableFlag(quic_enable_version_rfcv1, use_http3); return quic::CurrentSupportedVersions(); - }()[0]) {} + }()[0]), + quic_stat_names_(listener_config_.listenerScope().symbolTable()) {} template std::unique_ptr staticUniquePointerCast(std::unique_ptr&& source) { @@ -155,7 +159,8 @@ class ActiveQuicListenerTest : public QuicMultiVersionTest { Network::ActiveUdpListenerFactoryPtr createQuicListenerFactory(const std::string& yaml) { envoy::config::listener::v3::QuicProtocolOptions options; TestUtility::loadFromYamlAndValidate(yaml, options); - return std::make_unique(options, /*concurrency=*/1); + return std::make_unique(options, /*concurrency=*/1, + quic_stat_names_); } void maybeConfigureMocks(int connection_count) { @@ -193,6 +198,9 @@ class ActiveQuicListenerTest : public QuicMultiVersionTest { read_filters_.push_back(std::move(read_filter)); // A Sequence must be used to allow multiple EXPECT_CALL().WillOnce() // calls for the same object. + EXPECT_CALL(*filter_chain_, transportSocketFactory()) + .InSequence(seq) + .WillOnce(ReturnRef(transport_socket_factory_)); EXPECT_CALL(*filter_chain_, networkFilterFactories()) .InSequence(seq) .WillOnce(ReturnRef(filter_factories_.back())); @@ -267,6 +275,15 @@ class ActiveQuicListenerTest : public QuicMultiVersionTest { enabled: default_value: true runtime_key: quic.enabled + packets_to_read_to_connection_count_ratio: 50 + crypto_stream_config: + name: "envoy.quic.crypto_stream.server.quiche" + typed_config: + "@type": type.googleapis.com/envoy.extensions.quic.crypto_stream.v3.CryptoServerStreamConfig + proof_source_config: + name: "envoy.quic.proof_source.filter_chain" + typed_config: + "@type": type.googleapis.com/envoy.extensions.quic.proof_source.v3.ProofSourceConfig )EOF", connection_window_size_, stream_window_size_); } @@ -307,9 +324,11 @@ class ActiveQuicListenerTest : public QuicMultiVersionTest { // of elements are saved in expectations before new elements are added. std::list> filter_factories_; const Network::MockFilterChain* filter_chain_; + Network::MockTransportSocketFactory transport_socket_factory_; quic::ParsedQuicVersion quic_version_; uint32_t connection_window_size_{1024u}; uint32_t stream_window_size_{1024u}; + QuicStatNames quic_stat_names_; }; INSTANTIATE_TEST_SUITE_P(ActiveQuicListenerTests, ActiveQuicListenerTest, @@ -323,13 +342,15 @@ TEST_P(ActiveQuicListenerTest, FailSocketOptionUponCreation) { auto options = std::make_shared>(); options->emplace_back(std::move(option)); quic_listener_.reset(); - EXPECT_THROW_WITH_REGEX( - (void)std::make_unique( - 0, 1, *dispatcher_, connection_handler_, listen_socket_, listener_config_, quic_config_, - options, false, - ActiveQuicListenerFactoryPeer::runtimeEnabled( - static_cast(listener_factory_.get()))), - Network::CreateListenerException, "Failed to apply socket options."); + EnvoyQuicCryptoServerStreamFactoryImpl crypto_stream_factory; + EnvoyQuicProofSourceFactoryImpl proof_source_factory; + EXPECT_THROW_WITH_REGEX((void)std::make_unique( + 0, 1, *dispatcher_, connection_handler_, listen_socket_, + listener_config_, quic_config_, options, false, + ActiveQuicListenerFactoryPeer::runtimeEnabled( + static_cast(listener_factory_.get())), + quic_stat_names_, 32u, crypto_stream_factory, proof_source_factory), + Network::CreateListenerException, "Failed to apply socket options."); } TEST_P(ActiveQuicListenerTest, ReceiveCHLO) { @@ -342,6 +363,10 @@ TEST_P(ActiveQuicListenerTest, ReceiveCHLO) { dispatcher_->run(Event::Dispatcher::RunType::NonBlock); EXPECT_FALSE(buffered_packets->HasChlosBuffered()); EXPECT_NE(0u, quic_dispatcher_->NumSessions()); + if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit")) { + EXPECT_EQ(50 * quic_dispatcher_->NumSessions(), + quic_listener_->numPacketsExpectedPerEventLoop()); + } const quic::QuicSession* session = quic::test::QuicDispatcherPeer::FindSession(quic_dispatcher_, connection_id); ASSERT(session != nullptr); @@ -389,7 +414,15 @@ TEST_P(ActiveQuicListenerTest, ProcessBufferedChlos) { quic::QuicBufferedPacketStore* const buffered_packets = quic::test::QuicDispatcherPeer::GetBufferedPackets(quic_dispatcher_); const uint32_t count = (ActiveQuicListener::kNumSessionsToCreatePerLoop * 2) + 1; - maybeConfigureMocks(count); + if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit")) { + maybeConfigureMocks(count + 1); + // Create 1 session to increase number of packet to read in the next read event. + sendCHLO(quic::test::TestConnectionId()); + dispatcher_->run(Event::Dispatcher::RunType::NonBlock); + EXPECT_NE(0u, quic_dispatcher_->NumSessions()); + } else { + maybeConfigureMocks(count); + } // Generate one more CHLO than can be processed immediately. for (size_t i = 1; i <= count; ++i) { @@ -407,6 +440,11 @@ TEST_P(ActiveQuicListenerTest, ProcessBufferedChlos) { } EXPECT_FALSE(buffered_packets->HasChlosBuffered()); EXPECT_NE(0u, quic_dispatcher_->NumSessions()); + if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.udp_per_event_loop_read_limit")) { + EXPECT_EQ(50 * quic_dispatcher_->NumSessions(), + quic_listener_->numPacketsExpectedPerEventLoop()); + } + readFromClientSockets(); } diff --git a/test/common/quic/client_connection_factory_impl_test.cc b/test/common/quic/client_connection_factory_impl_test.cc index 87e6111cc870..2995db8e9858 100644 --- a/test/common/quic/client_connection_factory_impl_test.cc +++ b/test/common/quic/client_connection_factory_impl_test.cc @@ -1,5 +1,5 @@ -#include "common/quic/client_connection_factory_impl.h" -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/client_connection_factory_impl.h" +#include "source/common/quic/quic_transport_socket_factory.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" @@ -8,6 +8,8 @@ #include "test/mocks/ssl/mocks.h" #include "test/mocks/upstream/cluster_info.h" #include "test/mocks/upstream/host.h" +#include "test/test_common/environment.h" +#include "test/test_common/network_utility.h" #include "test/test_common/simulated_time_system.h" using testing::Return; @@ -18,6 +20,10 @@ namespace Quic { class QuicNetworkConnectionTest : public Event::TestUsingSimulatedTime, public testing::Test { protected: void initialize() { + test_address_ = Network::Utility::resolveUrl(absl::StrCat( + "tcp://", + Network::Test::getLoopbackAddressString(TestEnvironment::getIpVersionsForTest()[0]), + ":30")); Ssl::ClientContextSharedPtr context{new Ssl::MockClientContext()}; EXPECT_CALL(context_.context_manager_, createSslClientContext(_, _, _)) .WillOnce(Return(context)); @@ -27,13 +33,16 @@ class QuicNetworkConnectionTest : public Event::TestUsingSimulatedTime, public t context_); } + uint32_t highWatermark(EnvoyQuicClientSession* session) { + return session->write_buffer_watermark_simulation_.highWatermark(); + } + NiceMock dispatcher_; std::shared_ptr cluster_{new NiceMock()}; Upstream::HostSharedPtr host_{new NiceMock}; NiceMock random_; Upstream::ClusterConnectivityState state_; - Network::Address::InstanceConstSharedPtr test_address_ = - Network::Utility::resolveUrl("tcp://127.0.0.1:3000"); + Network::Address::InstanceConstSharedPtr test_address_; NiceMock context_; std::unique_ptr factory_; }; @@ -41,7 +50,8 @@ class QuicNetworkConnectionTest : public Event::TestUsingSimulatedTime, public t TEST_F(QuicNetworkConnectionTest, BufferLimits) { initialize(); - PersistentQuicInfoImpl info{dispatcher_, *factory_, simTime(), test_address_}; + quic::QuicConfig config; + PersistentQuicInfoImpl info{dispatcher_, *factory_, simTime(), test_address_, config, 45}; std::unique_ptr client_connection = createQuicNetworkConnection(info, dispatcher_, test_address_, test_address_); @@ -50,6 +60,7 @@ TEST_F(QuicNetworkConnectionTest, BufferLimits) { client_connection->connect(); EXPECT_TRUE(client_connection->connecting()); ASSERT(session != nullptr); + EXPECT_EQ(highWatermark(session), 45); EXPECT_EQ(absl::nullopt, session->unixSocketPeerCredentials()); EXPECT_EQ(absl::nullopt, session->lastRoundTripTime()); client_connection->close(Network::ConnectionCloseType::NoFlush); diff --git a/test/common/quic/envoy_quic_alarm_test.cc b/test/common/quic/envoy_quic_alarm_test.cc index 53fe6108bc5b..f90f8eb2a4e6 100644 --- a/test/common/quic/envoy_quic_alarm_test.cc +++ b/test/common/quic/envoy_quic_alarm_test.cc @@ -1,6 +1,6 @@ -#include "common/quic/envoy_quic_alarm.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/envoy_quic_alarm.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/platform/envoy_quic_clock.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" diff --git a/test/common/quic/envoy_quic_client_session_test.cc b/test/common/quic/envoy_quic_client_session_test.cc index fbcc51df8c5c..d377abd663a6 100644 --- a/test/common/quic/envoy_quic_client_session_test.cc +++ b/test/common/quic/envoy_quic_client_session_test.cc @@ -12,12 +12,14 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_client_session.h" -#include "common/quic/envoy_quic_client_connection.h" -#include "common/quic/codec_impl.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/codec_impl.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_client_stream.h" + #include "test/common/quic/test_utils.h" #include "envoy/stats/stats_macros.h" @@ -74,22 +76,17 @@ class TestQuicCryptoClientStream : public quic::QuicCryptoClientStream { bool encryption_established() const override { return true; } }; -class TestEnvoyQuicClientSession : public EnvoyQuicClientSession { +class TestQuicCryptoClientStreamFactory : public EnvoyQuicCryptoClientStreamFactoryInterface { public: - TestEnvoyQuicClientSession(const quic::QuicConfig& config, - const quic::ParsedQuicVersionVector& supported_versions, - std::unique_ptr connection, - const quic::QuicServerId& server_id, - std::shared_ptr crypto_config, - quic::QuicClientPushPromiseIndex* push_promise_index, - Event::Dispatcher& dispatcher, uint32_t send_buffer_limit) - : EnvoyQuicClientSession(config, supported_versions, std::move(connection), server_id, - crypto_config, push_promise_index, dispatcher, send_buffer_limit) {} - - std::unique_ptr CreateQuicCryptoStream() override { - return std::make_unique( - server_id(), this, crypto_config()->proof_verifier()->CreateDefaultContext(), - crypto_config(), this, true); + std::unique_ptr + createEnvoyQuicCryptoClientStream(const quic::QuicServerId& server_id, quic::QuicSession* session, + std::unique_ptr verify_context, + quic::QuicCryptoClientConfig* crypto_config, + quic::QuicCryptoClientStream::ProofHandler* proof_handler, + bool has_application_state) override { + return std::make_unique(server_id, session, + std::move(verify_context), crypto_config, + proof_handler, has_application_state); } }; @@ -100,6 +97,7 @@ class EnvoyQuicClientSessionTest : public testing::TestWithParam { dispatcher_(api_->allocateDispatcher("test_thread")), connection_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *connection_helper_.GetClock()), quic_version_([]() { SetQuicReloadableFlag(quic_disable_version_draft_29, !GetParam()); + SetQuicReloadableFlag(quic_enable_version_rfcv1, GetParam()); return quic::ParsedVersionOfIndex(quic::CurrentSupportedVersions(), 0); }()), peer_addr_(Network::Utility::getAddressWithPort(*Network::Utility::getIpv6LoopbackAddress(), @@ -115,7 +113,7 @@ class EnvoyQuicClientSessionTest : public testing::TestWithParam { std::unique_ptr(quic_connection_), quic::QuicServerId("example.com", 443, false), crypto_config_, nullptr, *dispatcher_, - /*send_buffer_limit*/ 1024 * 1024), + /*send_buffer_limit*/ 1024 * 1024, crypto_stream_factory_), stats_({ALL_HTTP3_CODEC_STATS(POOL_COUNTER_PREFIX(scope_, "http3."), POOL_GAUGE_PREFIX(scope_, "http3."))}), http_connection_(envoy_quic_session_, http_connection_callbacks_, stats_, http3_options_, @@ -175,7 +173,8 @@ class EnvoyQuicClientSessionTest : public testing::TestWithParam { TestEnvoyQuicClientConnection* quic_connection_; quic::QuicConfig quic_config_; std::shared_ptr crypto_config_; - TestEnvoyQuicClientSession envoy_quic_session_; + TestQuicCryptoClientStreamFactory crypto_stream_factory_; + EnvoyQuicClientSession envoy_quic_session_; Network::MockConnectionCallbacks network_connection_callbacks_; Http::MockServerConnectionCallbacks http_connection_callbacks_; testing::StrictMock read_total_; @@ -208,6 +207,45 @@ TEST_P(EnvoyQuicClientSessionTest, NewStream) { stream.OnStreamHeaderList(/*fin=*/true, headers.uncompressed_header_bytes(), headers); } +TEST_P(EnvoyQuicClientSessionTest, PacketLimits) { + // We always allow for reading packets, even if there's no stream. + EXPECT_EQ(0, envoy_quic_session_.GetNumActiveStreams()); + EXPECT_EQ(16, envoy_quic_session_.numPacketsExpectedPerEventLoop()); + + NiceMock response_decoder; + NiceMock stream_callbacks; + EnvoyQuicClientStream& stream = sendGetRequest(response_decoder, stream_callbacks); + + quic::QuicHeaderList headers; + headers.OnHeaderBlockStart(); + headers.OnHeader(":status", "200"); + headers.OnHeaderBlockEnd(/*uncompressed_header_bytes=*/0, /*compressed_header_bytes=*/0); + // Response headers should be propagated to decoder. + EXPECT_CALL(response_decoder, decodeHeaders_(_, /*end_stream=*/false)) + .WillOnce(Invoke([](const Http::ResponseHeaderMapPtr& decoded_headers, bool) { + EXPECT_EQ("200", decoded_headers->getStatusValue()); + })); + stream.OnStreamHeaderList(/*fin=*/false, headers.uncompressed_header_bytes(), headers); + // With one stream, still read 16 packets. + EXPECT_EQ(1, envoy_quic_session_.GetNumActiveStreams()); + EXPECT_EQ(16, envoy_quic_session_.numPacketsExpectedPerEventLoop()); + + EnvoyQuicClientStream& stream2 = sendGetRequest(response_decoder, stream_callbacks); + EXPECT_CALL(response_decoder, decodeHeaders_(_, /*end_stream=*/false)) + .WillOnce(Invoke([](const Http::ResponseHeaderMapPtr& decoded_headers, bool) { + EXPECT_EQ("200", decoded_headers->getStatusValue()); + })); + stream2.OnStreamHeaderList(/*fin=*/false, headers.uncompressed_header_bytes(), headers); + // With 2 streams, read 32 packets. + EXPECT_EQ(2, envoy_quic_session_.GetNumActiveStreams()); + EXPECT_EQ(32, envoy_quic_session_.numPacketsExpectedPerEventLoop()); + + EXPECT_CALL(*quic_connection_, + SendConnectionClosePacket(quic::QUIC_NO_ERROR, _, "Closed by application")); + EXPECT_CALL(network_connection_callbacks_, onEvent(Network::ConnectionEvent::LocalClose)); + envoy_quic_session_.close(Network::ConnectionCloseType::NoFlush); +} + TEST_P(EnvoyQuicClientSessionTest, OnResetFrame) { Http::MockResponseDecoder response_decoder; Http::MockStreamCallbacks stream_callbacks; @@ -260,5 +298,128 @@ TEST_P(EnvoyQuicClientSessionTest, ConnectionCloseWithActiveStream) { EXPECT_TRUE(stream.write_side_closed() && stream.reading_stopped()); } +class EnvoyQuicClientSessionAllQuicVersionTest + : public testing::TestWithParam { +public: + EnvoyQuicClientSessionAllQuicVersionTest() + : api_(Api::createApiForTest(time_system_)), + dispatcher_(api_->allocateDispatcher("test_thread")), connection_helper_(*dispatcher_), + alarm_factory_(*dispatcher_, *connection_helper_.GetClock()), + peer_addr_(Network::Utility::getAddressWithPort(*Network::Utility::getIpv6LoopbackAddress(), + 12345)), + self_addr_(Network::Utility::getAddressWithPort(*Network::Utility::getIpv6LoopbackAddress(), + 54321)), + quic_connection_(new TestEnvoyQuicClientConnection( + quic::test::TestConnectionId(), connection_helper_, alarm_factory_, writer_, + quic::test::SupportedVersions(GetParam()), *dispatcher_, + createConnectionSocket(peer_addr_, self_addr_, nullptr))), + crypto_config_(std::make_shared( + quic::test::crypto_test_utils::ProofVerifierForTesting())), + envoy_quic_session_(quic_config_, quic::test::SupportedVersions(GetParam()), + std::unique_ptr(quic_connection_), + quic::QuicServerId("example.com", 443, false), crypto_config_, nullptr, + *dispatcher_, + /*send_buffer_limit*/ 1024 * 1024, crypto_stream_factory_), + stats_({ALL_HTTP3_CODEC_STATS(POOL_COUNTER_PREFIX(scope_, "http3."), + POOL_GAUGE_PREFIX(scope_, "http3."))}), + http_connection_(envoy_quic_session_, http_connection_callbacks_, stats_, http3_options_, + 64 * 1024, 100) { + EXPECT_EQ(time_system_.systemTime(), envoy_quic_session_.streamInfo().startTime()); + EXPECT_EQ(EMPTY_STRING, envoy_quic_session_.nextProtocol()); + EXPECT_EQ(Http::Protocol::Http3, http_connection_.protocol()); + + time_system_.advanceTimeWait(std::chrono::milliseconds(1)); + ON_CALL(writer_, WritePacket(_, _, _, _, _)) + .WillByDefault(testing::Return(quic::WriteResult(quic::WRITE_STATUS_OK, 1))); + } + + void SetUp() override { + envoy_quic_session_.Initialize(); + setQuicConfigWithDefaultValues(envoy_quic_session_.config()); + envoy_quic_session_.OnConfigNegotiated(); + envoy_quic_session_.addConnectionCallbacks(network_connection_callbacks_); + envoy_quic_session_.setConnectionStats( + {read_total_, read_current_, write_total_, write_current_, nullptr, nullptr}); + EXPECT_EQ(&read_total_, &quic_connection_->connectionStats().read_total_); + } + + void TearDown() override { + if (quic_connection_->connected()) { + EXPECT_CALL(*quic_connection_, + SendConnectionClosePacket(quic::QUIC_NO_ERROR, _, "Closed by application")); + EXPECT_CALL(network_connection_callbacks_, onEvent(Network::ConnectionEvent::LocalClose)); + envoy_quic_session_.close(Network::ConnectionCloseType::NoFlush); + } + } + +protected: + Event::SimulatedTimeSystemHelper time_system_; + Api::ApiPtr api_; + Event::DispatcherPtr dispatcher_; + EnvoyQuicConnectionHelper connection_helper_; + EnvoyQuicAlarmFactory alarm_factory_; + testing::NiceMock writer_; + Network::Address::InstanceConstSharedPtr peer_addr_; + Network::Address::InstanceConstSharedPtr self_addr_; + TestEnvoyQuicClientConnection* quic_connection_; + quic::QuicConfig quic_config_; + std::shared_ptr crypto_config_; + TestQuicCryptoClientStreamFactory crypto_stream_factory_; + EnvoyQuicClientSession envoy_quic_session_; + Network::MockConnectionCallbacks network_connection_callbacks_; + Http::MockServerConnectionCallbacks http_connection_callbacks_; + testing::StrictMock read_total_; + testing::StrictMock read_current_; + testing::StrictMock write_total_; + testing::StrictMock write_current_; + Stats::IsolatedStoreImpl scope_; + Http::Http3::CodecStats stats_; + envoy::config::core::v3::Http3ProtocolOptions http3_options_; + QuicHttpClientConnectionImpl http_connection_; +}; + +INSTANTIATE_TEST_SUITE_P(EnvoyQuicClientSessionAllQuicVersionTests, + EnvoyQuicClientSessionAllQuicVersionTest, + testing::ValuesIn(quic::AllSupportedVersions())); + +TEST_P(EnvoyQuicClientSessionAllQuicVersionTest, ConnectionClosePopulatesQuicVersionStats) { + std::string error_details("dummy details"); + quic::QuicErrorCode error(quic::QUIC_INVALID_FRAME_DATA); + quic::QuicConnectionCloseFrame frame(GetParam().transport_version, error, + quic::NO_IETF_QUIC_ERROR, error_details, + /* transport_close_frame_type = */ 0); + EXPECT_CALL(network_connection_callbacks_, onEvent(Network::ConnectionEvent::RemoteClose)); + quic_connection_->OnConnectionCloseFrame(frame); + EXPECT_EQ(absl::StrCat(quic::QuicErrorCodeToString(error), " with details: ", error_details), + envoy_quic_session_.transportFailureReason()); + EXPECT_EQ(Network::Connection::State::Closed, envoy_quic_session_.state()); + std::string quic_version_stat_name; + switch (GetParam().transport_version) { + case quic::QUIC_VERSION_43: + quic_version_stat_name = "43"; + break; + case quic::QUIC_VERSION_46: + quic_version_stat_name = "46"; + break; + case quic::QUIC_VERSION_50: + quic_version_stat_name = "50"; + break; + case quic::QUIC_VERSION_51: + quic_version_stat_name = "51"; + break; + case quic::QUIC_VERSION_IETF_DRAFT_29: + quic_version_stat_name = "h3_29"; + break; + case quic::QUIC_VERSION_IETF_RFC_V1: + quic_version_stat_name = "rfc_v1"; + break; + default: + break; + } + EXPECT_EQ(1U, TestUtility::findCounter( + scope_, absl::StrCat("http3.quic_version_", quic_version_stat_name)) + ->value()); +} + } // namespace Quic } // namespace Envoy diff --git a/test/common/quic/envoy_quic_client_stream_test.cc b/test/common/quic/envoy_quic_client_stream_test.cc index 23b3f8aa8d77..a0e381e8e28a 100644 --- a/test/common/quic/envoy_quic_client_stream_test.cc +++ b/test/common/quic/envoy_quic_client_stream_test.cc @@ -1,8 +1,8 @@ -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_client_connection.h" -#include "common/quic/envoy_quic_client_stream.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/envoy_quic_client_stream.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_utils.h" #include "test/common/quic/test_utils.h" #include "test/mocks/http/mocks.h" @@ -19,6 +19,11 @@ namespace Quic { using testing::_; using testing::Invoke; +class MockDelegate : public PacketsToReadDelegate { +public: + MOCK_METHOD(size_t, numPacketsExpectedPerEventLoop, ()); +}; + class EnvoyQuicClientStreamTest : public testing::TestWithParam { public: EnvoyQuicClientStreamTest() @@ -26,6 +31,7 @@ class EnvoyQuicClientStreamTest : public testing::TestWithParam { connection_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *connection_helper_.GetClock()), quic_version_([]() { SetQuicReloadableFlag(quic_disable_version_draft_29, !GetParam()); + SetQuicReloadableFlag(quic_enable_version_rfcv1, GetParam()); return quic::CurrentSupportedVersions()[0]; }()), peer_addr_(Network::Utility::getAddressWithPort(*Network::Utility::getIpv6LoopbackAddress(), @@ -67,7 +73,7 @@ class EnvoyQuicClientStreamTest : public testing::TestWithParam { quic_connection_->setEnvoyConnection(quic_session_); setQuicConfigWithDefaultValues(quic_session_.config()); quic_session_.OnConfigNegotiated(); - quic_connection_->setUpConnectionSocket(); + quic_connection_->setUpConnectionSocket(delegate_); response_headers_.OnHeaderBlockStart(); response_headers_.OnHeader(":status", "200"); response_headers_.OnHeaderBlockEnd(/*uncompressed_header_bytes=*/0, @@ -137,6 +143,7 @@ class EnvoyQuicClientStreamTest : public testing::TestWithParam { quic::QuicConfig quic_config_; Network::Address::InstanceConstSharedPtr peer_addr_; Network::Address::InstanceConstSharedPtr self_addr_; + MockDelegate delegate_; EnvoyQuicClientConnection* quic_connection_; MockEnvoyQuicClientSession quic_session_; quic::QuicStreamId stream_id_; diff --git a/test/common/quic/envoy_quic_dispatcher_test.cc b/test/common/quic/envoy_quic_dispatcher_test.cc index f46bac22788c..f15072bd140f 100644 --- a/test/common/quic/envoy_quic_dispatcher_test.cc +++ b/test/common/quic/envoy_quic_dispatcher_test.cc @@ -10,7 +10,6 @@ #include "quiche/quic/test_tools/quic_dispatcher_peer.h" #include "quiche/quic/test_tools/crypto_test_utils.h" #include "quiche/quic/test_tools/quic_test_utils.h" -#include "quiche/common/platform/api/quiche_text_utils.h" #if defined(__GNUC__) #pragma GCC diagnostic pop @@ -18,22 +17,23 @@ #include -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/network/listen_socket_impl.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/network/listen_socket_impl.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/environment.h" #include "test/mocks/network/mocks.h" #include "test/test_common/utility.h" #include "test/test_common/network_utility.h" -#include "common/quic/platform/envoy_quic_clock.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/envoy_quic_dispatcher.h" -#include "common/quic/envoy_quic_server_session.h" +#include "source/common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_dispatcher.h" +#include "source/common/quic/envoy_quic_server_session.h" #include "test/common/quic/test_proof_source.h" #include "test/common/quic/test_utils.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_utils.h" -#include "server/configuration_impl.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/extensions/quic/crypto_stream/envoy_quic_crypto_server_stream.h" +#include "source/server/configuration_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" @@ -67,6 +67,7 @@ class EnvoyQuicDispatcherTest : public QuicMultiVersionTest, } bool use_http3 = GetParam().second == QuicVersionType::Iquic; SetQuicReloadableFlag(quic_disable_version_draft_29, !use_http3); + SetQuicReloadableFlag(quic_enable_version_rfcv1, use_http3); return quic::CurrentSupportedVersions(); }()), quic_version_(version_manager_.GetSupportedVersions()[0]), @@ -76,13 +77,15 @@ class EnvoyQuicDispatcherTest : public QuicMultiVersionTest, per_worker_stats_({ALL_PER_HANDLER_LISTENER_STATS( POOL_COUNTER_PREFIX(listener_config_.listenerScope(), "worker."), POOL_GAUGE_PREFIX(listener_config_.listenerScope(), "worker."))}), + quic_stat_names_(listener_config_.listenerScope().symbolTable()), connection_handler_(*dispatcher_, absl::nullopt), envoy_quic_dispatcher_( &crypto_config_, quic_config_, &version_manager_, std::make_unique(*dispatcher_), std::make_unique(*dispatcher_, *connection_helper_.GetClock()), quic::kQuicDefaultConnectionIdLength, connection_handler_, listener_config_, - listener_stats_, per_worker_stats_, *dispatcher_, *listen_socket_), + listener_stats_, per_worker_stats_, *dispatcher_, *listen_socket_, quic_stat_names_, + crypto_stream_factory_), connection_id_(quic::test::TestConnectionId(1)) { auto writer = new testing::NiceMock(); envoy_quic_dispatcher_.InitializeWithWriter(writer); @@ -203,12 +206,15 @@ class EnvoyQuicDispatcherTest : public QuicMultiVersionTest, EXPECT_EQ("h3-T051", socket.requestedApplicationProtocols()[0]); break; case QuicVersionType::Iquic: - EXPECT_EQ("h3-29", socket.requestedApplicationProtocols()[0]); + EXPECT_EQ("h3", socket.requestedApplicationProtocols()[0]); break; } EXPECT_EQ("test.example.org", socket.requestedServerName()); return &proof_source_->filterChain(); })); + Network::MockTransportSocketFactory transport_socket_factory; + EXPECT_CALL(proof_source_->filterChain(), transportSocketFactory()) + .WillOnce(ReturnRef(transport_socket_factory)); EXPECT_CALL(proof_source_->filterChain(), networkFilterFactories()) .WillOnce(ReturnRef(filter_factory)); EXPECT_CALL(listener_config_, filterChainFactory()); @@ -252,7 +258,9 @@ class EnvoyQuicDispatcherTest : public QuicMultiVersionTest, testing::NiceMock listener_config_; Server::ListenerStats listener_stats_; Server::PerHandlerListenerStats per_worker_stats_; + QuicStatNames quic_stat_names_; Server::ConnectionHandlerImpl connection_handler_; + EnvoyQuicCryptoServerStreamFactoryImpl crypto_stream_factory_; EnvoyQuicDispatcher envoy_quic_dispatcher_; const quic::QuicConnectionId connection_id_; }; @@ -285,6 +293,9 @@ TEST_P(EnvoyQuicDispatcherTest, CloseConnectionDuringFilterInstallation) { EXPECT_CALL(listener_config_, filterChainManager()).WillOnce(ReturnRef(filter_chain_manager)); EXPECT_CALL(filter_chain_manager, findFilterChain(_)) .WillOnce(Return(&proof_source_->filterChain())); + Network::MockTransportSocketFactory transport_socket_factory; + EXPECT_CALL(proof_source_->filterChain(), transportSocketFactory()) + .WillOnce(ReturnRef(transport_socket_factory)); EXPECT_CALL(proof_source_->filterChain(), networkFilterFactories()) .WillOnce(ReturnRef(filter_factory)); EXPECT_CALL(listener_config_, filterChainFactory()); diff --git a/test/common/quic/envoy_quic_proof_source_test.cc b/test/common/quic/envoy_quic_proof_source_test.cc index 960d385d2b2f..efcd16337872 100644 --- a/test/common/quic/envoy_quic_proof_source_test.cc +++ b/test/common/quic/envoy_quic_proof_source_test.cc @@ -2,11 +2,10 @@ #include #include -#include "common/quic/envoy_quic_proof_source.h" -#include "common/quic/envoy_quic_proof_verifier.h" -#include "common/quic/envoy_quic_utils.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/common/quic/envoy_quic_proof_source.h" +#include "source/common/quic/envoy_quic_proof_verifier.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/ssl/mocks.h" @@ -62,8 +61,6 @@ class TestGetProofCallback : public quic::ProofSource::Callback { ON_CALL(cert_validation_ctx_config_, certificateRevocationListPath()) .WillByDefault(ReturnRef(path_string)); const std::vector empty_string_list; - ON_CALL(cert_validation_ctx_config_, verifySubjectAltNameList()) - .WillByDefault(ReturnRef(empty_string_list)); const std::vector san_matchers; ON_CALL(cert_validation_ctx_config_, subjectAltNameMatchers()) .WillByDefault(ReturnRef(san_matchers)); diff --git a/test/common/quic/envoy_quic_proof_verifier_test.cc b/test/common/quic/envoy_quic_proof_verifier_test.cc index 6b42341fa685..442e9b867f96 100644 --- a/test/common/quic/envoy_quic_proof_verifier_test.cc +++ b/test/common/quic/envoy_quic_proof_verifier_test.cc @@ -1,9 +1,8 @@ #include #include -#include "common/quic/envoy_quic_proof_verifier.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/common/quic/envoy_quic_proof_verifier.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stats/mocks.h" @@ -58,8 +57,6 @@ class EnvoyQuicProofVerifierTest : public testing::Test { .WillRepeatedly(ReturnRef(empty_string_)); EXPECT_CALL(cert_validation_ctx_config_, certificateRevocationListPath()) .WillRepeatedly(ReturnRef(path_string_)); - EXPECT_CALL(cert_validation_ctx_config_, verifySubjectAltNameList()) - .WillRepeatedly(ReturnRef(empty_string_list_)); EXPECT_CALL(cert_validation_ctx_config_, subjectAltNameMatchers()) .WillRepeatedly(ReturnRef(san_matchers_)); EXPECT_CALL(cert_validation_ctx_config_, verifyCertificateHashList()) diff --git a/test/common/quic/envoy_quic_server_session_test.cc b/test/common/quic/envoy_quic_server_session_test.cc index 6f13cf9359b0..df7bf0c8c701 100644 --- a/test/common/quic/envoy_quic_server_session_test.cc +++ b/test/common/quic/envoy_quic_server_session_test.cc @@ -21,19 +21,19 @@ #include -#include "common/quic/envoy_quic_server_session.h" -#include "common/quic/envoy_quic_server_stream.h" -#include "common/quic/envoy_quic_server_connection.h" -#include "common/quic/codec_impl.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_server_session.h" +#include "source/common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/codec_impl.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_utils.h" #include "test/common/quic/test_proof_source.h" #include "test/common/quic/test_utils.h" #include "envoy/stats/stats_macros.h" -#include "common/event/libevent_scheduler.h" -#include "server/configuration_impl.h" +#include "source/common/event/libevent_scheduler.h" +#include "source/server/configuration_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/http/stream_decoder.h" #include "test/mocks/http/mocks.h" @@ -122,6 +122,30 @@ class TestEnvoyQuicTlsServerHandshaker : public quic::TlsServerHandshaker, quic::QuicReferenceCountedPointer params_; }; +class EnvoyQuicTestCryptoServerStreamFactory : public EnvoyQuicCryptoServerStreamFactoryInterface { +public: + ProtobufTypes::MessagePtr createEmptyConfigProto() override { return nullptr; } + std::string name() const override { return "quic.test_crypto_server_stream"; } + + std::unique_ptr createEnvoyQuicCryptoServerStream( + const quic::QuicCryptoServerConfig* crypto_config, + quic::QuicCompressedCertsCache* compressed_certs_cache, quic::QuicSession* session, + quic::QuicCryptoServerStreamBase::Helper* helper, + OptRef /*transport_socket_factory*/, + Event::Dispatcher& /*dispatcher*/) override { + switch (session->connection()->version().handshake_protocol) { + case quic::PROTOCOL_QUIC_CRYPTO: + return std::make_unique(crypto_config, compressed_certs_cache, + session, helper); + case quic::PROTOCOL_TLS1_3: + return std::make_unique(session, *crypto_config); + case quic::PROTOCOL_UNSUPPORTED: + ASSERT(false, "Unknown handshake protocol"); + } + return nullptr; + } +}; + class EnvoyQuicServerSessionTest : public testing::TestWithParam { public: EnvoyQuicServerSessionTest() @@ -129,8 +153,10 @@ class EnvoyQuicServerSessionTest : public testing::TestWithParam { dispatcher_(api_->allocateDispatcher("test_thread")), connection_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *connection_helper_.GetClock()), quic_version_([]() { SetQuicReloadableFlag(quic_disable_version_draft_29, !GetParam()); + SetQuicReloadableFlag(quic_enable_version_rfcv1, GetParam()); return quic::ParsedVersionOfIndex(quic::CurrentSupportedVersions(), 0); }()), + quic_stat_names_(listener_config_.listenerScope().symbolTable()), quic_connection_(new MockEnvoyQuicServerConnection( connection_helper_, alarm_factory_, writer_, quic_version_, *listener_config_.socket_)), crypto_config_(quic::QuicCryptoServerConfig::TESTING, quic::QuicRandom::GetInstance(), @@ -139,7 +165,10 @@ class EnvoyQuicServerSessionTest : public testing::TestWithParam { std::unique_ptr(quic_connection_), /*visitor=*/nullptr, &crypto_stream_helper_, &crypto_config_, &compressed_certs_cache_, *dispatcher_, - /*send_buffer_limit*/ quic::kDefaultFlowControlSendWindow * 1.5), + /*send_buffer_limit*/ quic::kDefaultFlowControlSendWindow * 1.5, + quic_stat_names_, listener_config_.listenerScope(), + crypto_stream_factory_, + makeOptRefFromPtr(nullptr)), stats_({ALL_HTTP3_CODEC_STATS( POOL_COUNTER_PREFIX(listener_config_.listenerScope(), "http3."), POOL_GAUGE_PREFIX(listener_config_.listenerScope(), "http3."))}) { @@ -167,21 +196,6 @@ class EnvoyQuicServerSessionTest : public testing::TestWithParam { envoy_quic_session_.OnConfigNegotiated(); quic::test::QuicConfigPeer::SetNegotiated(envoy_quic_session_.config(), true); quic::test::QuicConnectionPeer::SetAddressValidated(quic_connection_); - // Switch to a encryption forward secure crypto stream. - quic::test::QuicServerSessionBasePeer::SetCryptoStream(&envoy_quic_session_, nullptr); - quic::QuicCryptoServerStreamBase* crypto_stream = nullptr; - if (quic_version_[0].handshake_protocol == quic::PROTOCOL_QUIC_CRYPTO) { - auto test_crypto_stream = new TestQuicCryptoServerStream( - &crypto_config_, &compressed_certs_cache_, &envoy_quic_session_, &crypto_stream_helper_); - crypto_stream = test_crypto_stream; - crypto_stream_ = test_crypto_stream; - } else { - auto test_crypto_stream = - new TestEnvoyQuicTlsServerHandshaker(&envoy_quic_session_, crypto_config_); - crypto_stream = test_crypto_stream; - crypto_stream_ = test_crypto_stream; - } - quic::test::QuicServerSessionBasePeer::SetCryptoStream(&envoy_quic_session_, crypto_stream); quic_connection_->SetEncrypter( quic::ENCRYPTION_FORWARD_SECURE, std::make_unique(quic::Perspective::IS_SERVER)); @@ -246,11 +260,12 @@ class EnvoyQuicServerSessionTest : public testing::TestWithParam { quic::ParsedQuicVersionVector quic_version_; testing::NiceMock writer_; testing::NiceMock listener_config_; + QuicStatNames quic_stat_names_; MockEnvoyQuicServerConnection* quic_connection_; quic::QuicConfig quic_config_; quic::QuicCryptoServerConfig crypto_config_; testing::NiceMock crypto_stream_helper_; - ProofSourceDetailsSetter* crypto_stream_; + EnvoyQuicTestCryptoServerStreamFactory crypto_stream_factory_; TestEnvoyQuicServerSession envoy_quic_session_; quic::QuicCompressedCertsCache compressed_certs_cache_{100}; std::shared_ptr read_filter_; @@ -367,9 +382,8 @@ TEST_P(EnvoyQuicServerSessionTest, OnResetFrame) { EXPECT_EQ(quic::QUIC_RST_ACKNOWLEDGEMENT, frame.rst_stream_frame->error_code); return false; })); - } else { } - stream1->OnStreamReset(rst1); + envoy_quic_session_.OnRstStream(rst1); EXPECT_CALL(http_connection_callbacks_, newStream(_, false)) .WillOnce(Invoke([&request_decoder, &stream_callbacks](Http::ResponseEncoder& encoder, @@ -382,7 +396,16 @@ TEST_P(EnvoyQuicServerSessionTest, OnResetFrame) { /*bytes_written=*/0u); EXPECT_CALL(stream_callbacks, onResetStream(Http::StreamResetReason::RemoteRefusedStreamReset, _)); - stream2->OnStreamReset(rst2); + envoy_quic_session_.OnRstStream(rst2); + + EXPECT_EQ(1U, TestUtility::findCounter( + static_cast(listener_config_.listenerScope()), + "http3.downstream.rx.quic_reset_stream_error_code_QUIC_REFUSED_STREAM") + ->value()); + EXPECT_EQ(1U, TestUtility::findCounter( + static_cast(listener_config_.listenerScope()), + "http3.downstream.rx.quic_reset_stream_error_code_QUIC_ERROR_PROCESSING_STREAM") + ->value()); } TEST_P(EnvoyQuicServerSessionTest, ConnectionClose) { @@ -1090,6 +1113,11 @@ TEST_P(EnvoyQuicServerSessionTest, HeadersContributeToWatermarkGquic) { [this]() { http_connection_->onUnderlyingConnectionBelowWriteBufferLowWatermark(); })); EXPECT_CALL(stream_callbacks, onResetStream(Http::StreamResetReason::LocalReset, _)); stream1->resetStream(Http::StreamResetReason::LocalReset); + + EXPECT_EQ(1U, TestUtility::findCounter( + static_cast(listener_config_.listenerScope()), + "http3.downstream.tx.quic_reset_stream_error_code_QUIC_STREAM_CANCELLED") + ->value()); } TEST_P(EnvoyQuicServerSessionTest, OnCanWriteUpdateWatermarkGquic) { diff --git a/test/common/quic/envoy_quic_server_stream_test.cc b/test/common/quic/envoy_quic_server_stream_test.cc index 31738861bbd2..557975eb41b7 100644 --- a/test/common/quic/envoy_quic_server_stream_test.cc +++ b/test/common/quic/envoy_quic_server_stream_test.cc @@ -14,15 +14,15 @@ #pragma GCC diagnostic pop #endif -#include "common/event/libevent_scheduler.h" -#include "common/http/headers.h" -#include "server/active_listener_base.h" +#include "source/common/event/libevent_scheduler.h" +#include "source/common/http/headers.h" +#include "source/server/active_listener_base.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_server_connection.h" -#include "common/quic/envoy_quic_server_session.h" -#include "common/quic/envoy_quic_server_stream.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/envoy_quic_server_session.h" +#include "source/common/quic/envoy_quic_server_stream.h" #include "test/common/quic/test_utils.h" #include "test/mocks/http/mocks.h" @@ -46,6 +46,7 @@ class EnvoyQuicServerStreamTest : public testing::TestWithParam { connection_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *connection_helper_.GetClock()), quic_version_([]() { SetQuicReloadableFlag(quic_disable_version_draft_29, !GetParam()); + SetQuicReloadableFlag(quic_enable_version_rfcv1, GetParam()); return quic::CurrentSupportedVersions()[0]; }()), listener_stats_({ALL_LISTENER_STATS(POOL_COUNTER(listener_config_.listenerScope()), @@ -702,9 +703,6 @@ TEST_P(EnvoyQuicServerStreamTest, ConnectionCloseDuringEncoding) { // Though the stream send buffer is above high watermark, onAboveWriteBufferHighWatermark()) // shouldn't be called because the connection is closed. quic_stream_->encodeData(buffer, false); - EXPECT_GT(quic_session_.bytesToSend(), 0u); - // Clearing watermark buffer accounting takes effect is the next event loop. - dispatcher_->run(Event::Dispatcher::RunType::NonBlock); EXPECT_EQ(quic_session_.bytesToSend(), 0u); } diff --git a/test/common/quic/envoy_quic_session_cache_test.cc b/test/common/quic/envoy_quic_session_cache_test.cc index d2129d14cf10..5490b0d491af 100644 --- a/test/common/quic/envoy_quic_session_cache_test.cc +++ b/test/common/quic/envoy_quic_session_cache_test.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_session_cache.h" +#include "source/common/quic/envoy_quic_session_cache.h" #include "absl/strings/escaping.h" #include "gmock/gmock.h" diff --git a/test/common/quic/envoy_quic_simulated_watermark_buffer_test.cc b/test/common/quic/envoy_quic_simulated_watermark_buffer_test.cc index 8ef33da4392c..431c3de997ee 100644 --- a/test/common/quic/envoy_quic_simulated_watermark_buffer_test.cc +++ b/test/common/quic/envoy_quic_simulated_watermark_buffer_test.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_simulated_watermark_buffer.h" +#include "source/common/quic/envoy_quic_simulated_watermark_buffer.h" #include "gtest/gtest.h" diff --git a/test/common/quic/envoy_quic_utils_test.cc b/test/common/quic/envoy_quic_utils_test.cc index 7d032b425371..20a1dfe98969 100644 --- a/test/common/quic/envoy_quic_utils_test.cc +++ b/test/common/quic/envoy_quic_utils_test.cc @@ -1,4 +1,4 @@ -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" #if defined(__GNUC__) #pragma GCC diagnostic push diff --git a/test/common/quic/envoy_quic_writer_test.cc b/test/common/quic/envoy_quic_writer_test.cc index 87c345962c33..a0ee8b3ed5ed 100644 --- a/test/common/quic/envoy_quic_writer_test.cc +++ b/test/common/quic/envoy_quic_writer_test.cc @@ -3,10 +3,10 @@ #include #include -#include "common/network/address_impl.h" -#include "common/network/io_socket_error_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/quic/envoy_quic_packet_writer.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/quic/envoy_quic_packet_writer.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" @@ -33,10 +33,11 @@ class EnvoyQuicWriterTest : public ::testing::Test { } void verifySendData(const std::string& content, const msghdr* message) { - EXPECT_EQ(peer_address_.ToString(), Network::Address::addressFromSockAddr( - *reinterpret_cast(message->msg_name), - message->msg_namelen, /*v6only=*/false) - ->asString()); + EXPECT_EQ(peer_address_.ToString(), + (*Network::Address::addressFromSockAddr( + *reinterpret_cast(message->msg_name), message->msg_namelen, + /*v6only=*/false)) + ->asString()); cmsghdr* const cmsg = CMSG_FIRSTHDR(message); auto pktinfo = reinterpret_cast(CMSG_DATA(cmsg)); EXPECT_EQ(0, memcmp(self_address_.GetIPv6().s6_addr, pktinfo->ipi6_addr.s6_addr, diff --git a/test/common/quic/platform/BUILD b/test/common/quic/platform/BUILD index 56d9684c4034..ad15b0e73441 100644 --- a/test/common/quic/platform/BUILD +++ b/test/common/quic/platform/BUILD @@ -90,7 +90,7 @@ envoy_cc_test_library( deps = [ ":quic_platform_expect_bug_impl_lib", ":quic_platform_thread_impl_lib", - "//include/envoy/network:address_interface", + "//envoy/network:address_interface", "//source/common/quic/platform:quic_platform_base_impl_lib", "//test/test_common:environment_lib", ], @@ -143,18 +143,11 @@ envoy_cc_test_library( hdrs = ["quic_test_mem_slice_vector_impl.h"], tags = ["nofips"], deps = [ - "//include/envoy/buffer:buffer_interface", + "//envoy/buffer:buffer_interface", "@com_googlesource_quiche//:quic_platform_mem_slice_span", ], ) -envoy_cc_test_library( - name = "quic_platform_sleep_impl_lib", - hdrs = ["quic_sleep_impl.h"], - tags = ["nofips"], - deps = ["@com_googlesource_quiche//:quic_core_time_lib"], -) - envoy_cc_test_library( name = "quic_platform_system_event_loop_impl_lib", hdrs = ["quic_system_event_loop_impl.h"], @@ -166,7 +159,7 @@ envoy_cc_test_library( hdrs = ["quic_thread_impl.h"], tags = ["nofips"], deps = [ - "//include/envoy/thread:thread_interface", + "//envoy/thread:thread_interface", "//source/common/common:assert_lib", "//test/test_common:thread_factory_for_test_lib", ], diff --git a/test/common/quic/platform/envoy_quic_clock_test.cc b/test/common/quic/platform/envoy_quic_clock_test.cc index 8f5f7da8bb90..cc21b603ec00 100644 --- a/test/common/quic/platform/envoy_quic_clock_test.cc +++ b/test/common/quic/platform/envoy_quic_clock_test.cc @@ -1,6 +1,6 @@ #include -#include "common/quic/platform/envoy_quic_clock.h" +#include "source/common/quic/platform/envoy_quic_clock.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/test_time.h" diff --git a/test/common/quic/platform/epoll_bug_impl.h b/test/common/quic/platform/epoll_bug_impl.h index 82af224c5f3d..f8620b6f949a 100644 --- a/test/common/quic/platform/epoll_bug_impl.h +++ b/test/common/quic/platform/epoll_bug_impl.h @@ -6,6 +6,6 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quiche_bug_tracker_impl.h" +#include "source/common/quic/platform/quiche_bug_tracker_impl.h" #define EPOLL_BUG_IMPL QUICHE_BUG_IMPL diff --git a/test/common/quic/platform/epoll_logging_impl.h b/test/common/quic/platform/epoll_logging_impl.h index 6e71f936d800..60d79a5f3737 100644 --- a/test/common/quic/platform/epoll_logging_impl.h +++ b/test/common/quic/platform/epoll_logging_impl.h @@ -6,7 +6,7 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/quic/platform/quic_logging_impl.h" +#include "source/common/quic/platform/quic_logging_impl.h" namespace epoll_server { diff --git a/test/common/quic/platform/http2_platform_test.cc b/test/common/quic/platform/http2_platform_test.cc index 07d9ba011762..c25c0e1c0a84 100644 --- a/test/common/quic/platform/http2_platform_test.cc +++ b/test/common/quic/platform/http2_platform_test.cc @@ -7,7 +7,7 @@ #include #include -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/quic/platform/quiche_flags_impl.h" #include "test/test_common/logging.h" diff --git a/test/common/quic/platform/quic_mock_log_impl.h b/test/common/quic/platform/quic_mock_log_impl.h index 7af284120362..10970412086d 100644 --- a/test/common/quic/platform/quic_mock_log_impl.h +++ b/test/common/quic/platform/quic_mock_log_impl.h @@ -8,7 +8,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "gmock/gmock.h" #include "quiche/quic/platform/api/quic_logging.h" diff --git a/test/common/quic/platform/quic_platform_test.cc b/test/common/quic/platform/quic_platform_test.cc index cb4741bfc8c0..0d5308981595 100644 --- a/test/common/quic/platform/quic_platform_test.cc +++ b/test/common/quic/platform/quic_platform_test.cc @@ -8,10 +8,10 @@ #include -#include "common/memory/stats.h" -#include "common/network/socket_impl.h" -#include "common/network/utility.h" -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/quic/platform/quiche_flags_impl.h" #include "test/common/buffer/utility.h" #include "test/common/quic/platform/quic_epoll_clock.h" @@ -61,7 +61,6 @@ using testing::_; using testing::HasSubstr; -using testing::Return; namespace quic { namespace { @@ -140,24 +139,6 @@ TEST_F(QuicPlatformTest, QuicHostnameUtils) { EXPECT_EQ("quicwg.org", QuicHostnameUtils::NormalizeHostname("QUICWG.ORG")); } -TEST_F(QuicPlatformTest, QuicUnorderedMap) { - QuicUnorderedMap umap; - umap.insert({"foo", 2}); - EXPECT_EQ(2, umap["foo"]); -} - -TEST_F(QuicPlatformTest, QuicUnorderedSet) { - QuicUnorderedSet uset({"foo", "bar"}); - EXPECT_EQ(1, uset.count("bar")); - EXPECT_EQ(0, uset.count("qux")); -} - -TEST_F(QuicPlatformTest, QuicQueue) { - QuicQueue queue; - queue.push(10); - EXPECT_EQ(10, queue.back()); -} - TEST_F(QuicPlatformTest, QuicInlinedVector) { QuicInlinedVector vec; vec.push_back(3); @@ -175,14 +156,6 @@ TEST_F(QuicPlatformTest, QuicMapUtil) { EXPECT_TRUE(QuicContainsKey(stdmap, "one")); EXPECT_FALSE(QuicContainsKey(stdmap, "zero")); - QuicUnorderedMap umap = {{1, 1}, {2, 4}, {3, 9}}; - EXPECT_TRUE(QuicContainsKey(umap, 2)); - EXPECT_FALSE(QuicContainsKey(umap, 10)); - - QuicUnorderedSet uset({"foo", "bar"}); - EXPECT_TRUE(QuicContainsKey(uset, "foo")); - EXPECT_FALSE(QuicContainsKey(uset, "abc")); - std::vector stdvec = {1, 2, 3}; EXPECT_TRUE(QuicContainsValue(stdvec, 1)); EXPECT_FALSE(QuicContainsValue(stdvec, 0)); diff --git a/test/common/quic/platform/quic_port_utils_impl.cc b/test/common/quic/platform/quic_port_utils_impl.cc index 75f8709fb393..c67686bcc52f 100644 --- a/test/common/quic/platform/quic_port_utils_impl.cc +++ b/test/common/quic/platform/quic_port_utils_impl.cc @@ -8,8 +8,8 @@ #include "envoy/network/address.h" -#include "common/common/assert.h" -#include "common/network/utility.h" +#include "source/common/common/assert.h" +#include "source/common/network/utility.h" #include "test/test_common/environment.h" #include "test/test_common/network_utility.h" diff --git a/test/common/quic/platform/quic_sleep_impl.h b/test/common/quic/platform/quic_sleep_impl.h deleted file mode 100644 index 189cfc9d379e..000000000000 --- a/test/common/quic/platform/quic_sleep_impl.h +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once - -// NOLINT(namespace-envoy) -// -// This file is part of the QUICHE platform implementation, and is not to be -// consumed or referenced directly by other Envoy code. It serves purely as a -// porting layer for QUICHE. - -#include "absl/time/clock.h" -#include "absl/time/time.h" -#include "quiche/quic/core/quic_time.h" - -namespace quic { - -inline void QuicSleepImpl(QuicTime::Delta duration) { - absl::SleepFor(absl::Microseconds(duration.ToMicroseconds())); -} - -} // namespace quic diff --git a/test/common/quic/platform/quic_test_impl.h b/test/common/quic/platform/quic_test_impl.h index 3782acc9d8ff..8de91ce0e1e3 100644 --- a/test/common/quic/platform/quic_test_impl.h +++ b/test/common/quic/platform/quic_test_impl.h @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/common/quic/platform/quic_test_mem_slice_vector_impl.h b/test/common/quic/platform/quic_test_mem_slice_vector_impl.h index a2c5595b7bc4..1f727111d256 100644 --- a/test/common/quic/platform/quic_test_mem_slice_vector_impl.h +++ b/test/common/quic/platform/quic_test_mem_slice_vector_impl.h @@ -6,8 +6,8 @@ // consumed or referenced directly by other Envoy code. It serves purely as a // porting layer for QUICHE. -#include "common/buffer/buffer_impl.h" -#include "common/quic/platform/quic_mem_slice_span_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/quic/platform/quic_mem_slice_span_impl.h" namespace quic { namespace test { diff --git a/test/common/quic/platform/quic_thread_impl.h b/test/common/quic/platform/quic_thread_impl.h index e2d87917b1c3..0f692cc1e3d9 100644 --- a/test/common/quic/platform/quic_thread_impl.h +++ b/test/common/quic/platform/quic_thread_impl.h @@ -10,7 +10,7 @@ #include "envoy/thread/thread.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/common/quic/platform/spdy_platform_test.cc b/test/common/quic/platform/spdy_platform_test.cc index d79e1d86f0ae..a33572c1a697 100644 --- a/test/common/quic/platform/spdy_platform_test.cc +++ b/test/common/quic/platform/spdy_platform_test.cc @@ -1,7 +1,7 @@ #include #include -#include "common/quic/platform/quiche_flags_impl.h" +#include "source/common/quic/platform/quiche_flags_impl.h" #include "test/test_common/logging.h" diff --git a/test/common/quic/quic_io_handle_wrapper_test.cc b/test/common/quic/quic_io_handle_wrapper_test.cc index 2ef58610f06f..899f7903d589 100644 --- a/test/common/quic/quic_io_handle_wrapper_test.cc +++ b/test/common/quic/quic_io_handle_wrapper_test.cc @@ -3,8 +3,8 @@ #include "envoy/common/platform.h" -#include "common/network/address_impl.h" -#include "common/quic/quic_io_handle_wrapper.h" +#include "source/common/network/address_impl.h" +#include "source/common/quic/quic_io_handle_wrapper.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/io_handle.h" diff --git a/test/common/quic/quic_stat_names_test.cc b/test/common/quic/quic_stat_names_test.cc new file mode 100644 index 000000000000..ff5225208596 --- /dev/null +++ b/test/common/quic/quic_stat_names_test.cc @@ -0,0 +1,57 @@ +#include + +#include "source/common/quic/quic_stat_names.h" + +#include "test/mocks/stats/mocks.h" + +#include "gtest/gtest.h" + +namespace Envoy { +namespace Quic { + +class QuicStatNamesTest : public testing::Test { +public: + QuicStatNamesTest() : scope_(*symbol_table_), quic_stat_names_(*symbol_table_) {} + + Stats::TestUtil::TestSymbolTable symbol_table_; + Stats::TestUtil::TestStore scope_; + QuicStatNames quic_stat_names_; +}; + +TEST_F(QuicStatNamesTest, QuicConnectionCloseStats) { + quic_stat_names_.chargeQuicConnectionCloseStats(scope_, quic::QUIC_NO_ERROR, + quic::ConnectionCloseSource::FROM_SELF, false); + EXPECT_EQ( + 1U, + scope_.counter("http3.downstream.tx.quic_connection_close_error_code_QUIC_NO_ERROR").value()); +} + +TEST_F(QuicStatNamesTest, OutOfRangeQuicConnectionCloseStats) { + uint64_t bad_error_code = quic::QUIC_LAST_ERROR + 1; + quic_stat_names_.chargeQuicConnectionCloseStats(scope_, + static_cast(bad_error_code), + quic::ConnectionCloseSource::FROM_SELF, false); + EXPECT_EQ(1U, + scope_.counter("http3.downstream.tx.quic_connection_close_error_code_QUIC_LAST_ERROR") + .value()); +} + +TEST_F(QuicStatNamesTest, ResetStreamErrorStats) { + quic_stat_names_.chargeQuicResetStreamErrorStats(scope_, quic::QUIC_STREAM_CANCELLED, true, + false); + EXPECT_EQ(1U, + scope_.counter("http3.downstream.tx.quic_reset_stream_error_code_QUIC_STREAM_CANCELLED") + .value()); +} + +TEST_F(QuicStatNamesTest, OutOfRangeResetStreamErrorStats) { + uint64_t bad_error_code = quic::QUIC_STREAM_LAST_ERROR + 1; + quic_stat_names_.chargeQuicResetStreamErrorStats( + scope_, static_cast(bad_error_code), true, false); + EXPECT_EQ( + 1U, scope_.counter("http3.downstream.tx.quic_reset_stream_error_code_QUIC_STREAM_LAST_ERROR") + .value()); +} + +} // namespace Quic +} // namespace Envoy diff --git a/test/common/quic/test_proof_source.h b/test/common/quic/test_proof_source.h index 9fd60b6ec8df..b4a8a8348223 100644 --- a/test/common/quic/test_proof_source.h +++ b/test/common/quic/test_proof_source.h @@ -16,7 +16,7 @@ #include #include "test/mocks/network/mocks.h" -#include "common/quic/envoy_quic_proof_source_base.h" +#include "source/common/quic/envoy_quic_proof_source_base.h" namespace Envoy { namespace Quic { diff --git a/test/common/quic/test_proof_verifier.h b/test/common/quic/test_proof_verifier.h index eeb8e12124de..3a0596a87b31 100644 --- a/test/common/quic/test_proof_verifier.h +++ b/test/common/quic/test_proof_verifier.h @@ -1,6 +1,6 @@ #pragma once -#include "common/quic/envoy_quic_proof_verifier_base.h" +#include "source/common/quic/envoy_quic_proof_verifier_base.h" namespace Envoy { namespace Quic { diff --git a/test/common/quic/test_utils.h b/test/common/quic/test_utils.h index 0c54ed2eb4d8..ec7249ffd39e 100644 --- a/test/common/quic/test_utils.h +++ b/test/common/quic/test_utils.h @@ -1,8 +1,8 @@ #pragma once -#include "common/quic/envoy_quic_client_connection.h" -#include "common/quic/envoy_quic_server_connection.h" -#include "common/quic/quic_filter_manager_connection_impl.h" +#include "source/common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/envoy_quic_server_connection.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" #if defined(__GNUC__) #pragma GCC diagnostic push @@ -24,7 +24,7 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" #include "test/test_common/environment.h" namespace Envoy { diff --git a/test/common/router/BUILD b/test/common/router/BUILD index 858621a096c4..d3be91e2bf11 100644 --- a/test/common/router/BUILD +++ b/test/common/router/BUILD @@ -29,6 +29,7 @@ envoy_cc_test_library( "//source/common/http:header_map_lib", "//source/common/http:headers_lib", "//source/common/router:config_lib", + "//source/common/router:string_accessor_lib", "//source/common/stream_info:filter_state_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", "//test/fuzz:utility_lib", @@ -134,8 +135,8 @@ envoy_cc_test( "abseil_strings", ], deps = [ - "//include/envoy/config:subscription_interface", - "//include/envoy/init:manager_interface", + "//envoy/config:subscription_interface", + "//envoy/init:manager_interface", "//source/common/config:api_version_lib", "//source/common/config:utility_lib", "//source/common/http:message_lib", diff --git a/test/common/router/config_impl_headermap_benchmark_test.cc b/test/common/router/config_impl_headermap_benchmark_test.cc index 2e8bd3fcd2fa..755f858c8837 100644 --- a/test/common/router/config_impl_headermap_benchmark_test.cc +++ b/test/common/router/config_impl_headermap_benchmark_test.cc @@ -2,8 +2,8 @@ #include "envoy/config/route/v3/route.pb.validate.h" #include "envoy/config/route/v3/route_components.pb.h" -#include "common/http/header_map_impl.h" -#include "common/router/config_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/config_impl.h" #include "test/mocks/server/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/router/config_impl_speed_test.cc b/test/common/router/config_impl_speed_test.cc index 040513861565..8361844e8027 100644 --- a/test/common/router/config_impl_speed_test.cc +++ b/test/common/router/config_impl_speed_test.cc @@ -1,8 +1,8 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/config/route/v3/route.pb.validate.h" -#include "common/common/assert.h" -#include "common/router/config_impl.h" +#include "source/common/common/assert.h" +#include "source/common/router/config_impl.h" #include "test/mocks/server/instance.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/common/router/config_impl_test.cc b/test/common/router/config_impl_test.cc index 5911d90c50dd..38f3f0d65387 100644 --- a/test/common/router/config_impl_test.cc +++ b/test/common/router/config_impl_test.cc @@ -12,13 +12,14 @@ #include "envoy/server/filter_config.h" #include "envoy/type/v3/percent.pb.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/network/address_impl.h" -#include "common/router/config_impl.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/network/address_impl.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "test/common/router/route_fuzz.pb.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" @@ -330,172 +331,6 @@ most_specific_header_mutations_wins: {0} class RouteMatcherTest : public testing::Test, public ConfigImplTestBase {}; -// When removing legacy fields this test can be removed. -TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(TestLegacyRoutes)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml = R"EOF( -virtual_hosts: -- name: regex - domains: - - bat.com - routes: - - match: - regex: "/t[io]c" - route: - cluster: clock - - match: - safe_regex: - google_re2: {} - regex: "/baa+" - route: - cluster: sheep - - match: - regex: ".*/\\d{3}$" - route: - cluster: three_numbers - prefix_rewrite: "/rewrote" - - match: - regex: ".*" - route: - cluster: regex_default -- name: regex2 - domains: - - bat2.com - routes: - - match: - regex: '' - route: - cluster: nothingness - - match: - regex: ".*" - route: - cluster: regex_default -- name: default - domains: - - "*" - routes: - - match: - prefix: "/" - route: - cluster: instant-server - timeout: 30s - virtual_clusters: - - pattern: "^/rides$" - method: POST - name: ride_request - - pattern: "^/rides/\\d+$" - method: PUT - name: update_ride - - pattern: "^/users/\\d+/chargeaccounts$" - method: POST - name: cc_add - - pattern: "^/users/\\d+/chargeaccounts/(?!validate)\\w+$" - method: PUT - name: cc_add - - pattern: "^/users$" - method: POST - name: create_user_login - - pattern: "^/users/\\d+$" - method: PUT - name: update_user - )EOF"; - - NiceMock stream_info; - factory_context_.cluster_manager_.initializeClusters( - {"clock", "sheep", "three_numbers", "regex_default", "nothingness", "instant-server"}, {}); - TestConfigImpl config(parseRouteConfigurationFromYaml(yaml), factory_context_, true); - - // Regular Expression matching - EXPECT_EQ("clock", - config.route(genHeaders("bat.com", "/tic", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("clock", - config.route(genHeaders("bat.com", "/toc", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat.com", "/tac", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat.com", "", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat.com", "/tick", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat.com", "/tic/toc", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("sheep", - config.route(genHeaders("bat.com", "/baa", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ( - "sheep", - config.route(genHeaders("bat.com", "/baaaaaaaaaaaa", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat.com", "/ba", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("nothingness", - config.route(genHeaders("bat2.com", "", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat2.com", "/foo", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ("regex_default", - config.route(genHeaders("bat2.com", " ", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_TRUE(config.route(genPathlessHeaders("bat2.com", "GET"), 0) == nullptr); - - // Regular Expression matching with query string params - EXPECT_EQ( - "clock", - config.route(genHeaders("bat.com", "/tic?tac=true", "GET"), 0)->routeEntry()->clusterName()); - EXPECT_EQ( - "regex_default", - config.route(genHeaders("bat.com", "/tac?tic=true", "GET"), 0)->routeEntry()->clusterName()); - - // Virtual cluster testing. - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/rides", "GET"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/rides/blah", "POST"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/rides", "POST"); - EXPECT_EQ("ride_request", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/rides/123", "PUT"); - EXPECT_EQ("update_ride", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/rides/123/456", "POST"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = - genHeaders("api.lyft.com", "/users/123/chargeaccounts", "POST"); - EXPECT_EQ("cc_add", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = - genHeaders("api.lyft.com", "/users/123/chargeaccounts/hello123", "PUT"); - EXPECT_EQ("cc_add", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = - genHeaders("api.lyft.com", "/users/123/chargeaccounts/validate", "PUT"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/foo/bar", "PUT"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/users", "POST"); - EXPECT_EQ("create_user_login", - virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/users/123", "PUT"); - EXPECT_EQ("update_user", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("api.lyft.com", "/something/else", "GET"); - EXPECT_EQ("other", virtualClusterName(config.route(headers, 0)->routeEntry(), headers)); - } -} - TEST_F(RouteMatcherTest, TestConnectRoutes) { const std::string yaml = R"EOF( virtual_hosts: @@ -1314,41 +1149,6 @@ TEST_F(RouteMatcherTest, TestRoutesWithWildcardAndDefaultOnly) { config.route(genHeaders("example.com", "/", "GET"), 0)->routeEntry()->clusterName()); } -// When deprecating regex: this test can be removed. -TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(TestRoutesWithInvalidRegexLegacy)) { - TestDeprecatedV2Api _deprecated_v2_api; - std::string invalid_route = R"EOF( -virtual_hosts: - - name: regex - domains: ["*"] - routes: - - match: { regex: "/(+invalid)" } - route: { cluster: "regex" } - )EOF"; - - std::string invalid_virtual_cluster = R"EOF( -virtual_hosts: - - name: regex - domains: ["*"] - routes: - - match: { prefix: "/" } - route: { cluster: "regex" } - virtual_clusters: - - pattern: "^/(+invalid)" - name: "invalid" - )EOF"; - - NiceMock stream_info; - factory_context_.cluster_manager_.initializeClusters({"regex"}, {}); - EXPECT_THROW_WITH_REGEX( - TestConfigImpl(parseRouteConfigurationFromYaml(invalid_route), factory_context_, true), - EnvoyException, "Invalid regex '/\\(\\+invalid\\)':"); - - EXPECT_THROW_WITH_REGEX(TestConfigImpl(parseRouteConfigurationFromYaml(invalid_virtual_cluster), - factory_context_, true), - EnvoyException, "Invalid regex '\\^/\\(\\+invalid\\)':"); -} - TEST_F(RouteMatcherTest, TestRoutesWithInvalidRegex) { std::string invalid_route = R"EOF( virtual_hosts: @@ -1406,7 +1206,7 @@ TEST_F(RouteMatcherTest, TestRoutesWithInvalidVirtualCluster) { factory_context_.cluster_manager_.initializeClusters({"regex"}, {}); EXPECT_THROW_WITH_REGEX( TestConfigImpl(parseRouteConfigurationFromYaml(yaml), factory_context_, true), EnvoyException, - "virtual clusters must define either 'pattern' or 'headers'"); + "virtual clusters must define 'headers'"); } // Validates behavior of request_headers_to_add at router, vhost, and route levels. @@ -1790,6 +1590,52 @@ TEST_F(RouteMatcherTest, TestAddRemoveResponseHeadersAppendMostSpecificWins) { Http::LowerCaseString("x-vhost-remove"))); } +TEST_F(RouteMatcherTest, TestResponseHeaderTransformsDoFormatting) { + factory_context_.cluster_manager_.initializeClusters({"default"}, {}); + const std::string yaml = R"EOF( +virtual_hosts: + - name: default + domains: ["*"] + routes: + - match: + prefix: "/" + route: + cluster: "default" +response_headers_to_add: + - header: + key: x-has-variable + value: "%PER_REQUEST_STATE(testing)%" + append: false +)EOF"; + NiceMock stream_info; + + Envoy::StreamInfo::FilterStateSharedPtr filter_state( + std::make_shared( + Envoy::StreamInfo::FilterState::LifeSpan::FilterChain)); + filter_state->setData("testing", std::make_unique("test_value"), + StreamInfo::FilterState::StateType::ReadOnly, + StreamInfo::FilterState::LifeSpan::FilterChain); + ON_CALL(stream_info, filterState()).WillByDefault(ReturnRef(filter_state)); + ON_CALL(Const(stream_info), filterState()).WillByDefault(ReturnRef(*filter_state)); + + TestConfigImpl config(parseRouteConfigurationFromYaml(yaml), factory_context_, true); + + Http::TestRequestHeaderMapImpl req_headers = + genHeaders("www.lyft.com", "/new_endpoint/foo", "GET"); + const RouteEntry* route = config.route(req_headers, 0)->routeEntry(); + Http::TestResponseHeaderMapImpl headers; + route->finalizeResponseHeaders(headers, stream_info); + + auto transforms = route->responseHeaderTransforms(stream_info, /*do_formatting=*/true); + EXPECT_THAT(transforms.headers_to_overwrite, + ElementsAre(Pair(Http::LowerCaseString("x-has-variable"), "test_value"))); + + transforms = route->responseHeaderTransforms(stream_info, /*do_formatting=*/false); + EXPECT_THAT( + transforms.headers_to_overwrite, + ElementsAre(Pair(Http::LowerCaseString("x-has-variable"), "%PER_REQUEST_STATE(testing)%"))); +} + TEST_F(RouteMatcherTest, TestAddGlobalResponseHeaderRemoveFromRoute) { const std::string yaml = R"EOF( virtual_hosts: @@ -2119,45 +1965,6 @@ TEST_F(RouteMatcherTest, HeaderMatchedRouting) { } } -// Verify the fixes for https://github.com/envoyproxy/envoy/issues/2406 -// When removing regex_match this test can be removed entirely. -TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(InvalidHeaderMatchedRoutingConfigLegacy)) { - TestDeprecatedV2Api _deprecated_v2_api; - std::string value_with_regex_chars = R"EOF( -virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: - prefix: "/" - headers: - - name: test_header - exact_match: "(+not a regex)" - route: { cluster: "local_service" } - )EOF"; - - std::string invalid_regex = R"EOF( -virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: - prefix: "/" - headers: - - name: test_header - regex_match: "(+invalid regex)" - route: { cluster: "local_service" } - )EOF"; - - factory_context_.cluster_manager_.initializeClusters({"local_service"}, {}); - EXPECT_NO_THROW(TestConfigImpl(parseRouteConfigurationFromYaml(value_with_regex_chars), - factory_context_, true)); - - EXPECT_THROW_WITH_REGEX( - TestConfigImpl(parseRouteConfigurationFromYaml(invalid_regex), factory_context_, true), - EnvoyException, "Invalid regex"); -} - // Verify the fixes for https://github.com/envoyproxy/envoy/issues/2406 TEST_F(RouteMatcherTest, InvalidHeaderMatchedRoutingConfig) { std::string value_with_regex_chars = R"EOF( @@ -2197,9 +2004,7 @@ TEST_F(RouteMatcherTest, InvalidHeaderMatchedRoutingConfig) { EnvoyException, "no argument for repetition operator"); } -// When removing value: simply remove that section of the config and the relevant test. -TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { - TestDeprecatedV2Api _deprecated_v2_api; +TEST_F(RouteMatcherTest, QueryParamMatchedRouting) { const std::string yaml = R"EOF( virtual_hosts: - name: local_service @@ -2210,18 +2015,13 @@ TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { prefix: "/" query_parameters: - name: id - value: "\\d+[02468]" - regex: true + string_match: + safe_regex: + google_re2: {} + regex: "\\d+[02468]" - name: debug route: cluster: local_service_with_multiple_query_parameters - - match: - prefix: "/" - query_parameters: - - name: param - value: test - route: - cluster: local_service_with_query_parameter - match: prefix: "/" query_parameters: @@ -2251,7 +2051,7 @@ TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { )EOF"; factory_context_.cluster_manager_.initializeClusters( - {"local_service_with_multiple_query_parameters", "local_service_with_query_parameter", + {"local_service_with_multiple_query_parameters", "local_service_with_valueless_query_parameter", "local_service_with_present_match_query_parameter", "local_service_with_string_match_query_parameter", "local_service_without_query_parameters"}, @@ -2276,12 +2076,6 @@ TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { config.route(headers, 0)->routeEntry()->clusterName()); } - { - Http::TestRequestHeaderMapImpl headers = genHeaders("example.com", "/?param=test", "GET"); - EXPECT_EQ("local_service_with_query_parameter", - config.route(headers, 0)->routeEntry()->clusterName()); - } - { Http::TestRequestHeaderMapImpl headers = genHeaders("example.com", "/?debug", "GET"); EXPECT_EQ("local_service_with_valueless_query_parameter", @@ -2306,13 +2100,6 @@ TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { config.route(headers, 0)->routeEntry()->clusterName()); } - { - Http::TestRequestHeaderMapImpl headers = - genHeaders("example.com", "/?param=test&debug&id=01", "GET"); - EXPECT_EQ("local_service_with_query_parameter", - config.route(headers, 0)->routeEntry()->clusterName()); - } - { Http::TestRequestHeaderMapImpl headers = genHeaders("example.com", "/?param=test&debug&id=02", "GET"); @@ -2321,45 +2108,6 @@ TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(QueryParamMatchedRouting)) { } } -// When removing value: this test can be removed. -TEST_F(RouteMatcherTest, DEPRECATED_FEATURE_TEST(InvalidQueryParamMatchedRoutingConfig)) { - TestDeprecatedV2Api _deprecated_v2_api; - std::string value_with_regex_chars = R"EOF( -virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: - prefix: "/" - query_parameters: - - name: test_param - value: "(+not a regex)" - route: { cluster: "local_service" } - )EOF"; - - std::string invalid_regex = R"EOF( -virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: - prefix: "/" - query_parameters: - - name: test_param - value: "(+invalid regex)" - regex: true - route: { cluster: "local_service" } - )EOF"; - - factory_context_.cluster_manager_.initializeClusters({"local_service"}, {}); - EXPECT_NO_THROW(TestConfigImpl(parseRouteConfigurationFromYaml(value_with_regex_chars), - factory_context_, true)); - - EXPECT_THROW_WITH_REGEX( - TestConfigImpl(parseRouteConfigurationFromYaml(invalid_regex), factory_context_, true), - EnvoyException, "Invalid regex"); -} - class RouterMatcherHashPolicyTest : public testing::Test, public ConfigImplTestBase { protected: RouterMatcherHashPolicyTest() @@ -2453,7 +2201,7 @@ TEST_F(RouterMatcherHashPolicyTest, HashHeadersWithMultipleValues) { EXPECT_FALSE(generateHash({})); EXPECT_TRUE(generateHash({"bar"})); - EXPECT_NE(0, generateHash({"bar", "foo"})); + EXPECT_NE(0UL, generateHash({"bar", "foo"})); EXPECT_EQ(generateHash({"bar", "foo"}), generateHash({"bar", "foo"})); // deterministic EXPECT_EQ(generateHash({"bar", "foo"}), generateHash({"foo", "bar"})); // order independent EXPECT_NE(generateHash({"abcd", "ef"}), generateHash({"abc", "def"})); @@ -2502,7 +2250,7 @@ TEST_F(RouterMatcherHashPolicyTest, HashHeadersRegexSubstitutionWithMultipleValu EXPECT_FALSE(generateHash({})); EXPECT_TRUE(generateHash({"/bar"})); - EXPECT_NE(0, generateHash({"/bar", "/foo"})); + EXPECT_NE(0UL, generateHash({"/bar", "/foo"})); EXPECT_EQ(generateHash({"bar", "foo"}), generateHash({"/bar", "/foo"})); // deterministic EXPECT_EQ(generateHash({"bar", "foo"}), generateHash({"/foo", "/bar"})); // order independent EXPECT_NE(generateHash({"abcd", "ef"}), generateHash({"/abc", "/def"})); @@ -5838,18 +5586,12 @@ TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(ExcludeVHRateLimits)) { EXPECT_TRUE(config_ptr->route(headers, 0)->routeEntry()->includeVirtualHostRateLimits()); } -// When allow_origin: and allow_origin_regex: are removed, simply remove them -// and the relevant checks below. -TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(TestVHostCorsConfig)) { - TestDeprecatedV2Api _deprecated_v2_api; +TEST_F(RoutePropertyTest, TestVHostCorsConfig) { const std::string yaml = R"EOF( virtual_hosts: - name: "default" domains: ["*"] cors: - allow_origin: ["test-origin"] - allow_origin_regex: - - .*\.envoyproxy\.io allow_origin_string_match: - safe_regex: google_re2: {} @@ -5897,7 +5639,7 @@ TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(TestVHostCorsConfig)) { EXPECT_EQ(cors_policy->enabled(), false); EXPECT_EQ(cors_policy->shadowEnabled(), true); - EXPECT_EQ(3, cors_policy->allowOrigins().size()); + EXPECT_EQ(1, cors_policy->allowOrigins().size()); EXPECT_EQ(cors_policy->allowMethods(), "test-methods"); EXPECT_EQ(cors_policy->allowHeaders(), "test-headers"); EXPECT_EQ(cors_policy->exposeHeaders(), "test-expose-headers"); @@ -5961,87 +5703,6 @@ TEST_F(RoutePropertyTest, TestRouteCorsConfig) { EXPECT_EQ(cors_policy->allowCredentials(), true); } -// When allow-origin: is removed, this test can be removed. -TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(TestVHostCorsLegacyConfig)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml = R"EOF( -virtual_hosts: -- name: default - domains: - - "*" - cors: - allow_origin: - - test-origin - allow_methods: test-methods - allow_headers: test-headers - expose_headers: test-expose-headers - max_age: test-max-age - allow_credentials: true - routes: - - match: - prefix: "/api" - route: - cluster: ats -)EOF"; - - factory_context_.cluster_manager_.initializeClusters({"ats"}, {}); - TestConfigImpl config(parseRouteConfigurationFromYaml(yaml), factory_context_, true); - - const Router::CorsPolicy* cors_policy = - config.route(genHeaders("api.lyft.com", "/api", "GET"), 0) - ->routeEntry() - ->virtualHost() - .corsPolicy(); - - EXPECT_EQ(cors_policy->enabled(), true); - EXPECT_EQ(cors_policy->shadowEnabled(), false); - EXPECT_EQ(1, cors_policy->allowOrigins().size()); - EXPECT_EQ(cors_policy->allowMethods(), "test-methods"); - EXPECT_EQ(cors_policy->allowHeaders(), "test-headers"); - EXPECT_EQ(cors_policy->exposeHeaders(), "test-expose-headers"); - EXPECT_EQ(cors_policy->maxAge(), "test-max-age"); - EXPECT_EQ(cors_policy->allowCredentials(), true); -} - -// When allow-origin: is removed, this test can be removed. -TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(TestRouteCorsLegacyConfig)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml = R"EOF( -virtual_hosts: -- name: default - domains: - - "*" - routes: - - match: - prefix: "/api" - route: - cluster: ats - cors: - allow_origin: - - test-origin - allow_methods: test-methods - allow_headers: test-headers - expose_headers: test-expose-headers - max_age: test-max-age - allow_credentials: true -)EOF"; - - factory_context_.cluster_manager_.initializeClusters({"ats"}, {}); - TestConfigImpl config(parseRouteConfigurationFromYaml(yaml), factory_context_, true); - - const Router::CorsPolicy* cors_policy = - config.route(genHeaders("api.lyft.com", "/api", "GET"), 0)->routeEntry()->corsPolicy(); - - EXPECT_EQ(cors_policy->enabled(), true); - EXPECT_EQ(cors_policy->shadowEnabled(), false); - EXPECT_EQ(1, cors_policy->allowOrigins().size()); - EXPECT_EQ(cors_policy->allowMethods(), "test-methods"); - EXPECT_EQ(cors_policy->allowHeaders(), "test-headers"); - EXPECT_EQ(cors_policy->exposeHeaders(), "test-expose-headers"); - EXPECT_EQ(cors_policy->maxAge(), "test-max-age"); - EXPECT_EQ(cors_policy->allowCredentials(), true); -} - TEST_F(RoutePropertyTest, DEPRECATED_FEATURE_TEST(TestBadCorsConfig)) { TestDeprecatedV2Api _deprecated_v2_api; const std::string yaml = R"EOF( diff --git a/test/common/router/header_formatter_test.cc b/test/common/router/header_formatter_test.cc index 6ffb945b3948..f9ec6d274c75 100644 --- a/test/common/router/header_formatter_test.cc +++ b/test/common/router/header_formatter_test.cc @@ -6,14 +6,14 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/http/protocol.h" -#include "common/config/metadata.h" -#include "common/config/utility.h" -#include "common/http/header_utility.h" -#include "common/network/address_impl.h" -#include "common/router/header_formatter.h" -#include "common/router/header_parser.h" -#include "common/router/string_accessor_impl.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/config/utility.h" +#include "source/common/http/header_utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/router/header_formatter.h" +#include "source/common/router/header_parser.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "test/common/stream_info/test_int_accessor.h" #include "test/mocks/api/mocks.h" @@ -1438,7 +1438,7 @@ response_headers_to_remove: ["x-foo-header"] EXPECT_EQ("bar", header_map.get_("x-foo-header")); } -TEST(HeaderParserTest, GetHeaderTransforms) { +TEST(HeaderParserTest, GetHeaderTransformsWithFormatting) { const std::string yaml = R"EOF( match: { prefix: "/new_endpoint" } route: @@ -1452,6 +1452,10 @@ match: { prefix: "/new_endpoint" } key: "x-bar-header" value: "bar" append: false + - header: + key: "x-per-request-header" + value: "%PER_REQUEST_STATE(testing)%" + append: false response_headers_to_remove: ["x-baz-header"] )EOF"; @@ -1460,11 +1464,67 @@ response_headers_to_remove: ["x-baz-header"] HeaderParser::configure(route.response_headers_to_add(), route.response_headers_to_remove()); NiceMock stream_info; + Envoy::StreamInfo::FilterStateSharedPtr filter_state( + std::make_shared( + Envoy::StreamInfo::FilterState::LifeSpan::FilterChain)); + filter_state->setData("testing", std::make_unique("test_value"), + StreamInfo::FilterState::StateType::ReadOnly, + StreamInfo::FilterState::LifeSpan::FilterChain); + ON_CALL(stream_info, filterState()).WillByDefault(ReturnRef(filter_state)); + ON_CALL(Const(stream_info), filterState()).WillByDefault(ReturnRef(*filter_state)); + auto transforms = resp_header_parser->getHeaderTransforms(stream_info); EXPECT_THAT(transforms.headers_to_append, ElementsAre(Pair(Http::LowerCaseString("x-foo-header"), "foo"))); EXPECT_THAT(transforms.headers_to_overwrite, - ElementsAre(Pair(Http::LowerCaseString("x-bar-header"), "bar"))); + ElementsAre(Pair(Http::LowerCaseString("x-bar-header"), "bar"), + Pair(Http::LowerCaseString("x-per-request-header"), "test_value"))); + EXPECT_THAT(transforms.headers_to_remove, ElementsAre(Http::LowerCaseString("x-baz-header"))); +} + +TEST(HeaderParserTest, GetHeaderTransformsOriginalValues) { + const std::string yaml = R"EOF( +match: { prefix: "/new_endpoint" } +route: + cluster: www2 +response_headers_to_add: + - header: + key: "x-foo-header" + value: "foo" + append: true + - header: + key: "x-bar-header" + value: "bar" + append: false + - header: + key: "x-per-request-header" + value: "%PER_REQUEST_STATE(testing)%" + append: false +response_headers_to_remove: ["x-baz-header"] +)EOF"; + + const auto route = parseRouteFromV3Yaml(yaml); + HeaderParserPtr response_header_parser = + HeaderParser::configure(route.response_headers_to_add(), route.response_headers_to_remove()); + NiceMock stream_info; + + Envoy::StreamInfo::FilterStateSharedPtr filter_state( + std::make_shared( + Envoy::StreamInfo::FilterState::LifeSpan::FilterChain)); + filter_state->setData("testing", std::make_unique("test_value"), + StreamInfo::FilterState::StateType::ReadOnly, + StreamInfo::FilterState::LifeSpan::FilterChain); + ON_CALL(stream_info, filterState()).WillByDefault(ReturnRef(filter_state)); + ON_CALL(Const(stream_info), filterState()).WillByDefault(ReturnRef(*filter_state)); + + auto transforms = + response_header_parser->getHeaderTransforms(stream_info, /*do_formatting=*/false); + EXPECT_THAT(transforms.headers_to_append, + ElementsAre(Pair(Http::LowerCaseString("x-foo-header"), "foo"))); + EXPECT_THAT(transforms.headers_to_overwrite, + ElementsAre(Pair(Http::LowerCaseString("x-bar-header"), "bar"), + Pair(Http::LowerCaseString("x-per-request-header"), + "%PER_REQUEST_STATE(testing)%"))); EXPECT_THAT(transforms.headers_to_remove, ElementsAre(Http::LowerCaseString("x-baz-header"))); } diff --git a/test/common/router/header_parser_fuzz_test.cc b/test/common/router/header_parser_fuzz_test.cc index 172e67da9415..528846cf0691 100644 --- a/test/common/router/header_parser_fuzz_test.cc +++ b/test/common/router/header_parser_fuzz_test.cc @@ -1,5 +1,5 @@ -#include "common/http/header_map_impl.h" -#include "common/router/header_parser.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/header_parser.h" #include "test/common/router/header_parser_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/router/rds_impl_test.cc b/test/common/router/rds_impl_test.cc index e6fba0e46f5a..20e4f8ed863a 100644 --- a/test/common/router/rds_impl_test.cc +++ b/test/common/router/rds_impl_test.cc @@ -9,11 +9,10 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/utility.h" -#include "common/json/json_loader.h" -#include "common/router/rds_impl.h" - -#include "server/admin/admin.h" +#include "source/common/config/utility.h" +#include "source/common/json/json_loader.h" +#include "source/common/router/rds_impl.h" +#include "source/server/admin/admin.h" #include "test/mocks/init/mocks.h" #include "test/mocks/local_info/mocks.h" @@ -291,6 +290,7 @@ TEST_F(RdsImplTest, Basic) { // Old config use count should be 1 now. EXPECT_EQ(1, config.use_count()); EXPECT_EQ(2UL, scope_.counter("foo.rds.foo_route_config.config_reload").value()); + EXPECT_TRUE(scope_.findGaugeByString("foo.rds.foo_route_config.config_reload_time_ms")); } // validate there will be exception throw when unknown factory found for per virtualhost typed diff --git a/test/common/router/reset_header_parser_test.cc b/test/common/router/reset_header_parser_test.cc index bb6135390db4..059dcc861fd2 100644 --- a/test/common/router/reset_header_parser_test.cc +++ b/test/common/router/reset_header_parser_test.cc @@ -2,8 +2,8 @@ #include "envoy/http/protocol.h" #include "envoy/json/json_object.h" -#include "common/json/json_loader.h" -#include "common/router/reset_header_parser.h" +#include "source/common/json/json_loader.h" +#include "source/common/router/reset_header_parser.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" diff --git a/test/common/router/retry_state_impl_test.cc b/test/common/router/retry_state_impl_test.cc index 05221252b26e..fd0ed209c656 100644 --- a/test/common/router/retry_state_impl_test.cc +++ b/test/common/router/retry_state_impl_test.cc @@ -3,10 +3,10 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/stats/stats.h" -#include "common/http/header_map_impl.h" -#include "common/router/reset_header_parser.h" -#include "common/router/retry_state_impl.h" -#include "common/upstream/resource_manager_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/reset_header_parser.h" +#include "source/common/router/retry_state_impl.h" +#include "source/common/upstream/resource_manager_impl.h" #include "test/mocks/common.h" #include "test/mocks/router/mocks.h" diff --git a/test/common/router/route_fuzz_test.cc b/test/common/router/route_fuzz_test.cc index 2ab76c31756b..e74cbc4d233a 100644 --- a/test/common/router/route_fuzz_test.cc +++ b/test/common/router/route_fuzz_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/route/v3/route.pb.validate.h" #include "envoy/config/route/v3/route_components.pb.h" -#include "common/router/config_impl.h" +#include "source/common/router/config_impl.h" #include "test/common/router/route_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/router/router_2_test.cc b/test/common/router/router_2_test.cc index 450683b9410a..4458b143808a 100644 --- a/test/common/router/router_2_test.cc +++ b/test/common/router/router_2_test.cc @@ -1,4 +1,4 @@ -#include "common/tracing/http_tracer_impl.h" +#include "source/common/tracing/http_tracer_impl.h" #include "test/common/router/router_test_base.h" @@ -14,7 +14,7 @@ using testing::StartsWith; class RouterTestSuppressEnvoyHeaders : public RouterTestBase { public: RouterTestSuppressEnvoyHeaders() - : RouterTestBase(false, true, Protobuf::RepeatedPtrField{}) {} + : RouterTestBase(false, true, false, Protobuf::RepeatedPtrField{}) {} }; // We don't get x-envoy-expected-rq-timeout-ms or an indication to insert @@ -113,7 +113,7 @@ TEST_F(RouterTestSuppressEnvoyHeaders, EnvoyAttemptCountInResponseNotPresent) { class WatermarkTest : public RouterTestBase { public: - WatermarkTest() : RouterTestBase(false, false, Protobuf::RepeatedPtrField{}) { + WatermarkTest() : RouterTestBase(false, false, false, Protobuf::RepeatedPtrField{}) { EXPECT_CALL(callbacks_, activeSpan()).WillRepeatedly(ReturnRef(span_)); }; @@ -306,7 +306,8 @@ TEST_F(WatermarkTest, RetryRequestNotComplete) { class RouterTestChildSpan : public RouterTestBase { public: - RouterTestChildSpan() : RouterTestBase(true, false, Protobuf::RepeatedPtrField{}) {} + RouterTestChildSpan() + : RouterTestBase(true, false, false, Protobuf::RepeatedPtrField{}) {} }; // Make sure child spans start/inject/finish with a normal flow. @@ -556,7 +557,8 @@ Protobuf::RepeatedPtrField protobufStrList(const std::vector { public: - RouterTestStrictCheckOneHeader() : RouterTestBase(false, false, protobufStrList({GetParam()})){}; + RouterTestStrictCheckOneHeader() + : RouterTestBase(false, false, false, protobufStrList({GetParam()})){}; }; INSTANTIATE_TEST_SUITE_P(StrictHeaderCheck, RouterTestStrictCheckOneHeader, @@ -605,7 +607,8 @@ class RouterTestStrictCheckSomeHeaders : public RouterTestBase, public testing::WithParamInterface> { public: - RouterTestStrictCheckSomeHeaders() : RouterTestBase(false, false, protobufStrList(GetParam())){}; + RouterTestStrictCheckSomeHeaders() + : RouterTestBase(false, false, false, protobufStrList(GetParam())){}; }; INSTANTIATE_TEST_SUITE_P(StrictHeaderCheck, RouterTestStrictCheckSomeHeaders, @@ -638,7 +641,7 @@ class RouterTestStrictCheckAllHeaders public testing::WithParamInterface> { public: RouterTestStrictCheckAllHeaders() - : RouterTestBase(false, false, protobufStrList(SUPPORTED_STRICT_CHECKED_HEADERS)){}; + : RouterTestBase(false, false, false, protobufStrList(SUPPORTED_STRICT_CHECKED_HEADERS)){}; }; INSTANTIATE_TEST_SUITE_P(StrictHeaderCheck, RouterTestStrictCheckAllHeaders, @@ -707,5 +710,131 @@ TEST(RouterFilterUtilityTest, StrictCheckValidHeaders) { } } +class RouterTestSupressGRPCStatsEnabled : public RouterTestBase { +public: + RouterTestSupressGRPCStatsEnabled() + : RouterTestBase(false, false, true, Protobuf::RepeatedPtrField{}) {} +}; + +TEST_F(RouterTestSupressGRPCStatsEnabled, ExcludeTimeoutHttpStats) { + NiceMock encoder; + Http::ResponseDecoder* response_decoder = nullptr; + EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) + .WillOnce(Invoke( + [&](Http::ResponseDecoder& decoder, + Http::ConnectionPool::Callbacks& callbacks) -> Http::ConnectionPool::Cancellable* { + response_decoder = &decoder; + callbacks.onPoolReady(encoder, cm_.thread_local_cluster_.conn_pool_.host_, + upstream_stream_info_, Http::Protocol::Http10); + return nullptr; + })); + EXPECT_CALL(callbacks_.stream_info_, onUpstreamHostSelected(_)) + .WillOnce(Invoke([&](const Upstream::HostDescriptionConstSharedPtr host) -> void { + EXPECT_EQ(host_address_, host->address()); + })); + + expectResponseTimerCreate(); + + Http::TestRequestHeaderMapImpl headers{ + {"x-envoy-internal", "true"}, {"content-type", "application/grpc"}, {"grpc-timeout", "20S"}}; + HttpTestUtility::addDefaultHeaders(headers); + router_.decodeHeaders(headers, false); + Buffer::OwnedImpl data; + router_.decodeData(data, true); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_total_.value()); + + EXPECT_CALL(callbacks_.stream_info_, + setResponseFlag(StreamInfo::ResponseFlag::UpstreamRequestTimeout)); + EXPECT_CALL(encoder.stream_, resetStream(Http::StreamResetReason::LocalReset)); + Http::TestResponseHeaderMapImpl response_headers{ + {":status", "504"}, {"content-length", "24"}, {"content-type", "text/plain"}}; + EXPECT_CALL(callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), false)); + EXPECT_CALL(callbacks_, encodeData(_, true)); + EXPECT_CALL(*router_.retry_state_, shouldRetryReset(_, _)).Times(0); + EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::LocalOriginTimeout, _)); + response_timeout_->invokeCallback(); + + EXPECT_EQ(1U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_timeout") + .value()); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_timeout_.value()); + EXPECT_EQ(1UL, cm_.thread_local_cluster_.conn_pool_.host_->stats().rq_timeout_.value()); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_timeout_.value()); + + EXPECT_EQ( + 0U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_504").value()); + EXPECT_EQ( + 0U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_5xx").value()); +} + +class RouterTestSupressGRPCStatsDisabled : public RouterTestBase { +public: + RouterTestSupressGRPCStatsDisabled() + : RouterTestBase(false, false, false, Protobuf::RepeatedPtrField{}) {} +}; + +TEST_F(RouterTestSupressGRPCStatsDisabled, IncludeHttpTimeoutStats) { + NiceMock encoder; + Http::ResponseDecoder* response_decoder = nullptr; + EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) + .WillOnce(Invoke( + [&](Http::ResponseDecoder& decoder, + Http::ConnectionPool::Callbacks& callbacks) -> Http::ConnectionPool::Cancellable* { + response_decoder = &decoder; + callbacks.onPoolReady(encoder, cm_.thread_local_cluster_.conn_pool_.host_, + upstream_stream_info_, Http::Protocol::Http10); + return nullptr; + })); + EXPECT_CALL(callbacks_.stream_info_, onUpstreamHostSelected(_)) + .WillOnce(Invoke([&](const Upstream::HostDescriptionConstSharedPtr host) -> void { + EXPECT_EQ(host_address_, host->address()); + })); + + expectResponseTimerCreate(); + + Http::TestRequestHeaderMapImpl headers{ + {"x-envoy-internal", "true"}, {"content-type", "application/grpc"}, {"grpc-timeout", "20S"}}; + HttpTestUtility::addDefaultHeaders(headers); + router_.decodeHeaders(headers, false); + Buffer::OwnedImpl data; + router_.decodeData(data, true); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_total_.value()); + + EXPECT_CALL(callbacks_.stream_info_, + setResponseFlag(StreamInfo::ResponseFlag::UpstreamRequestTimeout)); + EXPECT_CALL(encoder.stream_, resetStream(Http::StreamResetReason::LocalReset)); + Http::TestResponseHeaderMapImpl response_headers{ + {":status", "504"}, {"content-length", "24"}, {"content-type", "text/plain"}}; + EXPECT_CALL(callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), false)); + EXPECT_CALL(callbacks_, encodeData(_, true)); + EXPECT_CALL(*router_.retry_state_, shouldRetryReset(_, _)).Times(0); + EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::LocalOriginTimeout, _)); + response_timeout_->invokeCallback(); + + EXPECT_EQ(1U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_timeout") + .value()); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_timeout_.value()); + EXPECT_EQ(1UL, cm_.thread_local_cluster_.conn_pool_.host_->stats().rq_timeout_.value()); + EXPECT_EQ(1U, + callbacks_.route_->route_entry_.virtual_cluster_.stats().upstream_rq_timeout_.value()); + + EXPECT_EQ( + 1U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_504").value()); + EXPECT_EQ( + 1U, + cm_.thread_local_cluster_.cluster_.info_->stats_store_.counter("upstream_rq_5xx").value()); +} + } // namespace Router } // namespace Envoy diff --git a/test/common/router/router_ratelimit_test.cc b/test/common/router/router_ratelimit_test.cc index 7532eeecade7..01127c1a0797 100644 --- a/test/common/router/router_ratelimit_test.cc +++ b/test/common/router/router_ratelimit_test.cc @@ -6,11 +6,11 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/config/route/v3/route_components.pb.validate.h" -#include "common/http/header_map_impl.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/config_impl.h" -#include "common/router/router_ratelimit.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/router_ratelimit.h" #include "test/mocks/http/mocks.h" #include "test/mocks/ratelimit/mocks.h" diff --git a/test/common/router/router_test.cc b/test/common/router/router_test.cc index 9ffbd3eab416..2ed7e399842f 100644 --- a/test/common/router/router_test.cc +++ b/test/common/router/router_test.cc @@ -11,24 +11,24 @@ #include "envoy/extensions/upstreams/tcp/generic/v3/generic_connection_pool.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/http/context_impl.h" -#include "common/network/application_protocol.h" -#include "common/network/socket_option_factory.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_socket_options_filter_state.h" -#include "common/network/upstream_subject_alt_names.h" -#include "common/network/utility.h" -#include "common/network/win32_redirect_records_option_impl.h" -#include "common/router/config_impl.h" -#include "common/router/debug_config.h" -#include "common/router/router.h" -#include "common/stream_info/uint32_accessor_impl.h" -#include "common/tracing/http_tracer_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/http/context_impl.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_socket_options_filter_state.h" +#include "source/common/network/upstream_subject_alt_names.h" +#include "source/common/network/utility.h" +#include "source/common/network/win32_redirect_records_option_impl.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/debug_config.h" +#include "source/common/router/router.h" +#include "source/common/stream_info/uint32_accessor_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/common/router/router_test_base.h" @@ -51,10 +51,6 @@ #include "gtest/gtest.h" using testing::_; -using testing::AnyNumber; -using testing::AssertionFailure; -using testing::AssertionResult; -using testing::AssertionSuccess; using testing::AtLeast; using testing::Eq; using testing::InSequence; @@ -70,9 +66,81 @@ namespace Router { class RouterTest : public RouterTestBase { public: - RouterTest() : RouterTestBase(false, false, Protobuf::RepeatedPtrField{}) { + RouterTest() : RouterTestBase(false, false, false, Protobuf::RepeatedPtrField{}) { EXPECT_CALL(callbacks_, activeSpan()).WillRepeatedly(ReturnRef(span_)); }; + + void testRequestResponseSize(bool with_trailers) { + NiceMock encoder; + Http::ResponseDecoder* response_decoder = nullptr; + + EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) + .WillOnce(Invoke( + [&](Http::ResponseDecoder& decoder, + Http::ConnectionPool::Callbacks& callbacks) -> Http::ConnectionPool::Cancellable* { + response_decoder = &decoder; + callbacks.onPoolReady(encoder, cm_.thread_local_cluster_.conn_pool_.host_, + upstream_stream_info_, Http::Protocol::Http10); + return nullptr; + })); + + cm_.thread_local_cluster_.cluster_.info_->upstream_config_ = + absl::make_optional(); + envoy::extensions::upstreams::http::generic::v3::GenericConnectionPoolProto generic_config; + cm_.thread_local_cluster_.cluster_.info_->upstream_config_.value() + .mutable_typed_config() + ->PackFrom(generic_config); + callbacks_.route_->route_entry_.connect_config_ = + absl::make_optional(); + + EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)); + + Http::TestRequestHeaderMapImpl headers; + HttpTestUtility::addDefaultHeaders(headers); + headers.setMethod("POST"); + + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 74ull)); + router_.decodeHeaders(headers, false); + + EXPECT_CALL(callbacks_.dispatcher_, createTimer_); + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 5ull)); + Buffer::InstancePtr body_data(new Buffer::OwnedImpl("hello")); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, + router_.decodeData(*body_data, !with_trailers)); + + if (with_trailers) { + Http::TestRequestTrailerMapImpl trailers{{"some", "trailer"}}; + router_.decodeTrailers(trailers); + } + + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_headers_size"), 10ull)); + Http::ResponseHeaderMapPtr response_headers( + new Http::TestResponseHeaderMapImpl{{":status", "200"}}); + // NOLINTNEXTLINE: Silence null pointer access warning + response_decoder->decodeHeaders(std::move(response_headers), false); + + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 7ull)); + Buffer::OwnedImpl response_data("goodbye"); + // NOLINTNEXTLINE: Silence null pointer access warning + response_decoder->decodeData(response_data, !with_trailers); + + if (with_trailers) { + Http::ResponseTrailerMapPtr response_trailers( + new Http::TestResponseTrailerMapImpl{{"some-trailer", "13"}}); + // NOLINTNEXTLINE: Silence null pointer access warning + response_decoder->decodeTrailers(std::move(response_trailers)); + } + + router_.onDestroy(); + } }; TEST_F(RouterTest, UpdateServerNameFilterState) { @@ -169,12 +237,13 @@ TEST_F(RouterTest, MissingRequiredHeaders) { EXPECT_CALL(encoder, encodeHeaders(_, _)) .WillOnce(Invoke([](const Http::RequestHeaderMap& headers, bool) -> Http::Status { - return Http::HeaderUtility::checkRequiredHeaders(headers); + return Http::HeaderUtility::checkRequiredRequestHeaders(headers); })); - EXPECT_CALL(callbacks_, - sendLocalReply(Http::Code::ServiceUnavailable, - testing::Eq("missing required header: :method"), _, _, - "filter_removed_required_headers{missing required header: :method}")) + EXPECT_CALL( + callbacks_, + sendLocalReply(Http::Code::ServiceUnavailable, + testing::Eq("missing required header: :method"), _, _, + "filter_removed_required_request_headers{missing required header: :method}")) .WillOnce(testing::InvokeWithoutArgs([] {})); router_.decodeHeaders(headers, true); router_.onDestroy(); @@ -347,12 +416,11 @@ TEST_F(RouterTest, HashPolicy) { EXPECT_CALL(callbacks_.route_->route_entry_.hash_policy_, generateHash(_, _, _, _)) .WillOnce(Return(absl::optional(10))); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(10UL, context->computeHashKey().value()); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(10UL, context->computeHashKey().value()); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); expectResponseTimerCreate(); @@ -375,12 +443,11 @@ TEST_F(RouterTest, HashPolicyNoHash) { EXPECT_CALL(callbacks_.route_->route_entry_.hash_policy_, generateHash(_, _, _, _)) .WillOnce(Return(absl::optional())); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, &router_)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_FALSE(context->computeHashKey()); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_FALSE(context->computeHashKey()); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); expectResponseTimerCreate(); @@ -419,12 +486,11 @@ TEST_F(RouterTest, AddCookie) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(10UL, context->computeHashKey().value()); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(10UL, context->computeHashKey().value()); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); std::string cookie_value; EXPECT_CALL(callbacks_.route_->route_entry_.hash_policy_, generateHash(_, _, _, _)) @@ -472,12 +538,11 @@ TEST_F(RouterTest, AddCookieNoDuplicate) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(10UL, context->computeHashKey().value()); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(10UL, context->computeHashKey().value()); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(callbacks_.route_->route_entry_.hash_policy_, generateHash(_, _, _, _)) .WillOnce(Invoke([&](const Network::Address::Instance*, const Http::HeaderMap&, @@ -524,12 +589,11 @@ TEST_F(RouterTest, AddMultipleCookies) { })); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(10UL, context->computeHashKey().value()); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(10UL, context->computeHashKey().value()); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); std::string choco_c, foo_c; EXPECT_CALL(callbacks_.route_->route_entry_.hash_policy_, generateHash(_, _, _, _)) @@ -572,13 +636,12 @@ TEST_F(RouterTest, MetadataMatchCriteria) { ON_CALL(callbacks_.route_->route_entry_, metadataMatchCriteria()) .WillByDefault(Return(&callbacks_.route_->route_entry_.metadata_matches_criteria_)); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(context->metadataMatchCriteria(), - &callbacks_.route_->route_entry_.metadata_matches_criteria_); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(context->metadataMatchCriteria(), + &callbacks_.route_->route_entry_.metadata_matches_criteria_); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); expectResponseTimerCreate(); @@ -603,12 +666,11 @@ TEST_F(RouterTest, MetadataMatchCriteriaFromRequestNoRouteEntryMatch) { TEST_F(RouterTest, NoMetadataMatchCriteria) { ON_CALL(callbacks_.route_->route_entry_, metadataMatchCriteria()).WillByDefault(Return(nullptr)); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - EXPECT_EQ(context->metadataMatchCriteria(), nullptr); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + EXPECT_EQ(context->metadataMatchCriteria(), nullptr); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); expectResponseTimerCreate(); @@ -640,7 +702,7 @@ TEST_F(RouterTest, CancelBeforeBoundToPool) { } TEST_F(RouterTest, NoHost) { - EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(nullptr)); + EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(absl::nullopt)); Http::TestResponseHeaderMapImpl response_headers{ {":status", "503"}, {"content-length", "19"}, {"content-type", "text/plain"}}; @@ -2158,6 +2220,24 @@ TEST_F(RouterTest, HedgedPerTryTimeoutResetsOnBadHeaders) { TEST_F(RouterTest, HedgedPerTryTimeoutThirdRequestSucceeds) { enableHedgeOnPerTryTimeout(); + // Verify cluster request/response sizes are accounted for all requests/responses. + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_headers_size"), 73ull)) + .Times(3); + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rq_body_size"), 0ull)) + .Times(3); + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_headers_size"), 10ull)) + .Times(2); + EXPECT_CALL( + cm_.thread_local_cluster_.cluster_.info_->request_response_size_stats_store_, + deliverHistogramToSinks(Property(&Stats::Metric::name, "upstream_rs_body_size"), 0ull)) + .Times(2); + NiceMock encoder1; Http::ResponseDecoder* response_decoder1 = nullptr; EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) @@ -2193,6 +2273,7 @@ TEST_F(RouterTest, HedgedPerTryTimeoutThirdRequestSucceeds) { EXPECT_CALL(encoder1.stream_, resetStream(_)).Times(0); EXPECT_CALL(callbacks_, encodeHeaders_(_, _)).Times(0); router_.retry_state_->expectHeadersRetry(); + // NOLINTNEXTLINE: Silence null pointer access warning response_decoder1->decodeHeaders(std::move(response_headers1), true); NiceMock encoder2; @@ -2256,6 +2337,7 @@ TEST_F(RouterTest, HedgedPerTryTimeoutThirdRequestSucceeds) { EXPECT_TRUE(end_stream); })); EXPECT_CALL(*router_.retry_state_, shouldRetryHeaders(_, _)).WillOnce(Return(RetryStatus::No)); + // NOLINTNEXTLINE: Silence null pointer access warning response_decoder3->decodeHeaders(std::move(response_headers2), true); EXPECT_TRUE(verifyHostUpstreamStats(1, 1)); @@ -3147,7 +3229,7 @@ TEST_F(RouterTest, RetryNoneHealthy) { putResult(Upstream::Outlier::Result::LocalOriginConnectFailed, _)); encoder1.stream_.resetStream(Http::StreamResetReason::LocalReset); - EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(nullptr)); + EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(absl::nullopt)); Http::TestResponseHeaderMapImpl response_headers{ {":status", "503"}, {"content-length", "19"}, {"content-type", "text/plain"}}; EXPECT_CALL(callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), false)); @@ -5779,18 +5861,17 @@ TEST_F(RouterTest, ApplicationProtocols) { StreamInfo::FilterState::StateType::ReadOnly, StreamInfo::FilterState::LifeSpan::FilterChain); EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - Network::TransportSocketOptionsSharedPtr transport_socket_options = - context->upstreamTransportSocketOptions(); - EXPECT_NE(transport_socket_options, nullptr); - EXPECT_FALSE(transport_socket_options->applicationProtocolListOverride().empty()); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride().size(), 2); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[0], "foo"); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[1], "bar"); - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + Network::TransportSocketOptionsSharedPtr transport_socket_options = + context->upstreamTransportSocketOptions(); + EXPECT_NE(transport_socket_options, nullptr); + EXPECT_FALSE(transport_socket_options->applicationProtocolListOverride().empty()); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride().size(), 2); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[0], "foo"); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[1], "bar"); + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); @@ -5979,5 +6060,13 @@ TEST_F(RouterTest, PostHttpUpstream) { router_.onDestroy(); } + +// Test that request/response header/body sizes are properly recorded. +TEST_F(RouterTest, RequestResponseSize) { testRequestResponseSize(false); } + +// Test that request/response header/body sizes are properly recorded +// when there are trailers in both the request/response. +TEST_F(RouterTest, RequestResponseSizeWithTrailers) { testRequestResponseSize(true); } + } // namespace Router } // namespace Envoy diff --git a/test/common/router/router_test_base.cc b/test/common/router/router_test_base.cc index 77e4fa378d6c..6a8a3d0c2446 100644 --- a/test/common/router/router_test_base.cc +++ b/test/common/router/router_test_base.cc @@ -1,6 +1,6 @@ #include "test/common/router/router_test_base.h" -#include "common/router/debug_config.h" +#include "source/common/router/debug_config.h" namespace Envoy { namespace Router { @@ -9,13 +9,14 @@ using ::testing::AnyNumber; using ::testing::ReturnRef; RouterTestBase::RouterTestBase(bool start_child_span, bool suppress_envoy_headers, + bool suppress_grpc_request_failure_code_stats, Protobuf::RepeatedPtrField strict_headers_to_check) : pool_(stats_store_.symbolTable()), http_context_(stats_store_.symbolTable()), router_context_(stats_store_.symbolTable()), shadow_writer_(new MockShadowWriter()), config_(pool_.add("test"), local_info_, stats_store_, cm_, runtime_, random_, ShadowWriterPtr{shadow_writer_}, true, start_child_span, suppress_envoy_headers, - false, std::move(strict_headers_to_check), test_time_.timeSystem(), http_context_, - router_context_), + false, suppress_grpc_request_failure_code_stats, std::move(strict_headers_to_check), + test_time_.timeSystem(), http_context_, router_context_), router_(config_) { router_.setDecoderFilterCallbacks(callbacks_); upstream_locality_.set_zone("to_az"); @@ -98,31 +99,30 @@ void RouterTestBase::verifyMetadataMatchCriteriaFromRequest(bool route_entry_has } EXPECT_CALL(cm_.thread_local_cluster_, httpConnPool(_, _, _)) - .WillOnce( - Invoke([&](Upstream::ResourcePriority, absl::optional, - Upstream::LoadBalancerContext* context) -> Http::ConnectionPool::Instance* { - auto match = context->metadataMatchCriteria()->metadataMatchCriteria(); - EXPECT_EQ(match.size(), 2); - auto it = match.begin(); - - // Note: metadataMatchCriteria() keeps its entries sorted, so the order for checks - // below matters. - - // `stage` was only set by the request, not by the route entry. - EXPECT_EQ((*it)->name(), "stage"); - EXPECT_EQ((*it)->value().value().string_value(), "devel"); - it++; - - // `version` should be what came from the request, overriding the route entry. - EXPECT_EQ((*it)->name(), "version"); - EXPECT_EQ((*it)->value().value().string_value(), "v3.1"); - - // When metadataMatchCriteria() is computed from dynamic metadata, the result should - // be cached. - EXPECT_EQ(context->metadataMatchCriteria(), context->metadataMatchCriteria()); - - return &cm_.thread_local_cluster_.conn_pool_; - })); + .WillOnce(Invoke([&](Upstream::ResourcePriority, absl::optional, + Upstream::LoadBalancerContext* context) { + auto match = context->metadataMatchCriteria()->metadataMatchCriteria(); + EXPECT_EQ(match.size(), 2); + auto it = match.begin(); + + // Note: metadataMatchCriteria() keeps its entries sorted, so the order for checks + // below matters. + + // `stage` was only set by the request, not by the route entry. + EXPECT_EQ((*it)->name(), "stage"); + EXPECT_EQ((*it)->value().value().string_value(), "devel"); + it++; + + // `version` should be what came from the request, overriding the route entry. + EXPECT_EQ((*it)->name(), "version"); + EXPECT_EQ((*it)->value().value().string_value(), "v3.1"); + + // When metadataMatchCriteria() is computed from dynamic metadata, the result should + // be cached. + EXPECT_EQ(context->metadataMatchCriteria(), context->metadataMatchCriteria()); + + return Upstream::HttpPoolData([]() {}, &cm_.thread_local_cluster_.conn_pool_); + })); EXPECT_CALL(cm_.thread_local_cluster_.conn_pool_, newStream(_, _)) .WillOnce(Return(&cancellable_)); expectResponseTimerCreate(); diff --git a/test/common/router/router_test_base.h b/test/common/router/router_test_base.h index fdff1e8a0a28..a212f2932570 100644 --- a/test/common/router/router_test_base.h +++ b/test/common/router/router_test_base.h @@ -1,8 +1,8 @@ #pragma once -#include "common/http/context_impl.h" -#include "common/router/router.h" -#include "common/stream_info/uint32_accessor_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/router/router.h" +#include "source/common/stream_info/uint32_accessor_impl.h" #include "test/common/http/common.h" #include "test/mocks/common.h" @@ -51,6 +51,7 @@ class RouterTestFilter : public Filter { class RouterTestBase : public testing::Test { public: RouterTestBase(bool start_child_span, bool suppress_envoy_headers, + bool suppress_grpc_request_failure_code_stats, Protobuf::RepeatedPtrField strict_headers_to_check); void expectResponseTimerCreate(); diff --git a/test/common/router/router_upstream_log_test.cc b/test/common/router/router_upstream_log_test.cc index a16c05fd6ba2..e9d2260504d9 100644 --- a/test/common/router/router_upstream_log_test.cc +++ b/test/common/router/router_upstream_log_test.cc @@ -6,9 +6,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/router/v3/router.pb.h" -#include "common/network/utility.h" -#include "common/router/router.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/network/utility.h" +#include "source/common/router/router.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/common/router/scoped_config_impl_test.cc b/test/common/router/scoped_config_impl_test.cc index cc7adfd1adcb..adc94be82b90 100644 --- a/test/common/router/scoped_config_impl_test.cc +++ b/test/common/router/scoped_config_impl_test.cc @@ -4,7 +4,7 @@ #include "envoy/config/route/v3/scoped_route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/router/scoped_config_impl.h" +#include "source/common/router/scoped_config_impl.h" #include "test/mocks/router/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/router/scoped_rds_test.cc b/test/common/router/scoped_rds_test.cc index db6a53878587..2277495a54d5 100644 --- a/test/common/router/scoped_rds_test.cc +++ b/test/common/router/scoped_rds_test.cc @@ -13,10 +13,10 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/api_version.h" -#include "common/config/grpc_mux_impl.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/router/scoped_rds.h" +#include "source/common/config/api_version.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/router/scoped_rds.h" #include "test/mocks/config/mocks.h" #include "test/mocks/protobuf/mocks.h" @@ -384,6 +384,9 @@ route_configuration_name: foo_routes EXPECT_EQ(2UL, server_factory_context_.scope_.counter("foo.scoped_rds.foo_scoped_routes.config_reload") .value()); + EXPECT_TRUE(server_factory_context_.scope_.findGaugeByString( + "foo.scoped_rds.foo_scoped_routes.config_reload_time_ms")); + // now scope key "x-bar-key" points to nowhere. EXPECT_THAT(getScopedRdsProvider()->config()->getRouteConfig( TestRequestHeaderMapImpl{{"Addr", "x-foo-key;x-bar-key"}}), diff --git a/test/common/router/shadow_writer_impl_test.cc b/test/common/router/shadow_writer_impl_test.cc index 7a5f000ebc5a..e1e680e36b27 100644 --- a/test/common/router/shadow_writer_impl_test.cc +++ b/test/common/router/shadow_writer_impl_test.cc @@ -1,9 +1,9 @@ #include #include -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/router/shadow_writer_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/router/shadow_writer_impl.h" #include "test/mocks/upstream/cluster_manager.h" diff --git a/test/common/router/string_accessor_impl_test.cc b/test/common/router/string_accessor_impl_test.cc index 558782b4b845..57ba334da163 100644 --- a/test/common/router/string_accessor_impl_test.cc +++ b/test/common/router/string_accessor_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/router/string_accessor_impl.h" +#include "source/common/router/string_accessor_impl.h" #include "absl/strings/string_view.h" #include "gtest/gtest.h" diff --git a/test/common/router/upstream_request_test.cc b/test/common/router/upstream_request_test.cc index 638249e92c7b..312d5f0c99d6 100644 --- a/test/common/router/upstream_request_test.cc +++ b/test/common/router/upstream_request_test.cc @@ -1,6 +1,6 @@ -#include "common/common/utility.h" -#include "common/network/utility.h" -#include "common/router/upstream_request.h" +#include "source/common/common/utility.h" +#include "source/common/network/utility.h" +#include "source/common/router/upstream_request.h" #include "test/common/http/common.h" #include "test/mocks/router/router_filter_interface.h" @@ -19,6 +19,13 @@ namespace { class UpstreamRequestTest : public testing::Test { public: + UpstreamRequestTest() { + HttpTestUtility::addDefaultHeaders(downstream_request_header_map_); + ON_CALL(router_filter_interface_, downstreamHeaders()) + .WillByDefault(Return(&downstream_request_header_map_)); + } + + Http::TestRequestHeaderMapImpl downstream_request_header_map_{}; NiceMock router_filter_interface_; UpstreamRequest upstream_request_{router_filter_interface_, std::make_unique>()}; @@ -57,11 +64,6 @@ TEST_F(UpstreamRequestTest, DumpsStateWithoutAllocatingMemory) { address_provider->setLocalAddress(Network::Utility::parseInternetAddressAndPort("5.6.7.8:5678")); address_provider->setDirectRemoteAddressForTest( Network::Utility::parseInternetAddressAndPort("1.2.3.4:5678")); - Http::TestRequestHeaderMapImpl downstream_request_header_map; - HttpTestUtility::addDefaultHeaders(downstream_request_header_map); - - EXPECT_CALL(router_filter_interface_, downstreamHeaders()) - .WillOnce(Return(&downstream_request_header_map)); // Dump State std::array buffer; diff --git a/test/common/router/vhds_test.cc b/test/common/router/vhds_test.cc index e819381f1e2a..28e933675b18 100644 --- a/test/common/router/vhds_test.cc +++ b/test/common/router/vhds_test.cc @@ -7,11 +7,10 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/router/rds_impl.h" - -#include "server/admin/admin.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/router/rds_impl.h" +#include "source/server/admin/admin.h" #include "test/mocks/config/mocks.h" #include "test/mocks/init/mocks.h" diff --git a/test/common/runtime/runtime_flag_override_noop_test.cc b/test/common/runtime/runtime_flag_override_noop_test.cc index ab19fac7293b..47dc3c61ded5 100644 --- a/test/common/runtime/runtime_flag_override_noop_test.cc +++ b/test/common/runtime/runtime_flag_override_noop_test.cc @@ -1,4 +1,4 @@ -#include "common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_features.h" #include "gmock/gmock.h" diff --git a/test/common/runtime/runtime_flag_override_test.cc b/test/common/runtime/runtime_flag_override_test.cc index 6d90407e3857..19d64c30fe5a 100644 --- a/test/common/runtime/runtime_flag_override_test.cc +++ b/test/common/runtime/runtime_flag_override_test.cc @@ -1,4 +1,4 @@ -#include "common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_features.h" #include "gmock/gmock.h" diff --git a/test/common/runtime/runtime_impl_test.cc b/test/common/runtime/runtime_impl_test.cc index 0f220455ef21..1a47f278903d 100644 --- a/test/common/runtime/runtime_impl_test.cc +++ b/test/common/runtime/runtime_impl_test.cc @@ -7,9 +7,9 @@ #include "envoy/service/runtime/v3/rtds.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/config/runtime_utility.h" -#include "common/runtime/runtime_features.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/config/runtime_utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" @@ -29,7 +29,7 @@ #include "gtest/gtest.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/envoy_quic_utils.h" +#include "source/common/quic/envoy_quic_utils.h" #endif using testing::_; diff --git a/test/common/runtime/runtime_protos_test.cc b/test/common/runtime/runtime_protos_test.cc index 95cdf87dee84..bc0e4d956ba7 100644 --- a/test/common/runtime/runtime_protos_test.cc +++ b/test/common/runtime/runtime_protos_test.cc @@ -4,7 +4,7 @@ #include "envoy/config/core/v3/base.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "common/runtime/runtime_protos.h" +#include "source/common/runtime/runtime_protos.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/utility.h" diff --git a/test/common/runtime/utility.h b/test/common/runtime/utility.h index ba1bb9f1b398..a61b28a8ee19 100644 --- a/test/common/runtime/utility.h +++ b/test/common/runtime/utility.h @@ -1,7 +1,7 @@ #pragma once -#include "common/runtime/runtime_features.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/runtime/runtime_features.h" +#include "source/common/runtime/runtime_impl.h" namespace Envoy { namespace Runtime { diff --git a/test/common/secret/sds_api_test.cc b/test/common/secret/sds_api_test.cc index 1c8b495fd6a5..84e0d6159153 100644 --- a/test/common/secret/sds_api_test.cc +++ b/test/common/secret/sds_api_test.cc @@ -6,11 +6,11 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/service/secret/v3/sds.pb.h" -#include "common/config/datasource.h" -#include "common/config/filesystem_subscription_impl.h" -#include "common/secret/sds_api.h" -#include "common/ssl/certificate_validation_context_config_impl.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/config/datasource.h" +#include "source/common/config/filesystem_subscription_impl.h" +#include "source/common/secret/sds_api.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/config/mocks.h" diff --git a/test/common/secret/secret_manager_impl_test.cc b/test/common/secret/secret_manager_impl_test.cc index 58304e1a1106..cf9d9fb2d960 100644 --- a/test/common/secret/secret_manager_impl_test.cc +++ b/test/common/secret/secret_manager_impl_test.cc @@ -6,13 +6,13 @@ #include "envoy/config/grpc_credential/v2alpha/file_based_metadata.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/common/base64.h" -#include "common/common/logger.h" -#include "common/config/api_version.h" -#include "common/secret/sds_api.h" -#include "common/secret/secret_manager_impl.h" -#include "common/ssl/certificate_validation_context_config_impl.h" -#include "common/ssl/tls_certificate_config_impl.h" +#include "source/common/common/base64.h" +#include "source/common/common/logger.h" +#include "source/common/config/api_version.h" +#include "source/common/secret/sds_api.h" +#include "source/common/secret/secret_manager_impl.h" +#include "source/common/ssl/certificate_validation_context_config_impl.h" +#include "source/common/ssl/tls_certificate_config_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/server/config_tracker.h" @@ -25,7 +25,6 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" -using testing::Return; using testing::ReturnRef; namespace Envoy { diff --git a/test/common/shared_pool/shared_pool_test.cc b/test/common/shared_pool/shared_pool_test.cc index 8fbb56418852..c82f6d2dcfda 100644 --- a/test/common/shared_pool/shared_pool_test.cc +++ b/test/common/shared_pool/shared_pool_test.cc @@ -1,7 +1,7 @@ #include -#include "common/event/timer_impl.h" -#include "common/shared_pool/shared_pool.h" +#include "source/common/event/timer_impl.h" +#include "source/common/shared_pool/shared_pool.h" #include "test/mocks/event/mocks.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/common/signal/fatal_action_test.cc b/test/common/signal/fatal_action_test.cc index 1e276f016e4a..5565c592eee5 100644 --- a/test/common/signal/fatal_action_test.cc +++ b/test/common/signal/fatal_action_test.cc @@ -3,8 +3,8 @@ #include "envoy/common/scope_tracker.h" #include "envoy/server/fatal_action_config.h" -#include "common/signal/fatal_action.h" -#include "common/signal/fatal_error_handler.h" +#include "source/common/signal/fatal_action.h" +#include "source/common/signal/fatal_error_handler.h" #include "test/mocks/server/instance.h" #include "test/test_common/utility.h" diff --git a/test/common/signal/signals_test.cc b/test/common/signal/signals_test.cc index f2e5ddde8c8d..659595900021 100644 --- a/test/common/signal/signals_test.cc +++ b/test/common/signal/signals_test.cc @@ -5,8 +5,8 @@ #include "envoy/common/scope_tracker.h" -#include "common/signal/fatal_error_handler.h" -#include "common/signal/signal_action.h" +#include "source/common/signal/fatal_error_handler.h" +#include "source/common/signal/signal_action.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/utility.h" diff --git a/test/common/singleton/manager_impl_test.cc b/test/common/singleton/manager_impl_test.cc index aa5796ae79c1..d3184bae8f58 100644 --- a/test/common/singleton/manager_impl_test.cc +++ b/test/common/singleton/manager_impl_test.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "common/singleton/manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/singleton/threadsafe_singleton_test.cc b/test/common/singleton/threadsafe_singleton_test.cc index a6dba199526e..3ec2bfe718bd 100644 --- a/test/common/singleton/threadsafe_singleton_test.cc +++ b/test/common/singleton/threadsafe_singleton_test.cc @@ -1,9 +1,9 @@ #include -#include "common/common/lock_guard.h" -#include "common/common/thread.h" -#include "common/singleton/threadsafe_singleton.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/common/singleton/threadsafe_singleton.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/test_common/threadsafe_singleton_injector.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/BUILD b/test/common/stats/BUILD index 53f7d41fc446..e7b87df99471 100644 --- a/test/common/stats/BUILD +++ b/test/common/stats/BUILD @@ -99,7 +99,7 @@ envoy_cc_test_library( "abseil_strings", ], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/common:assert_lib", "//source/common/memory:stats_lib", "//source/common/stats:isolated_store_lib", @@ -131,7 +131,7 @@ envoy_cc_test( envoy_cc_test( name = "refcount_ptr_test", srcs = ["refcount_ptr_test.cc"], - deps = ["//include/envoy/stats:refcount_ptr_interface"], + deps = ["//envoy/stats:refcount_ptr_interface"], ) envoy_cc_test( diff --git a/test/common/stats/allocator_impl_test.cc b/test/common/stats/allocator_impl_test.cc index 571e53fd6810..83fb85d68ea8 100644 --- a/test/common/stats/allocator_impl_test.cc +++ b/test/common/stats/allocator_impl_test.cc @@ -1,6 +1,6 @@ #include -#include "common/stats/allocator_impl.h" +#include "source/common/stats/allocator_impl.h" #include "test/test_common/logging.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/common/stats/histogram_impl_test.cc b/test/common/stats/histogram_impl_test.cc index 085e3d9a5a1a..b55f25c83497 100644 --- a/test/common/stats/histogram_impl_test.cc +++ b/test/common/stats/histogram_impl_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/stats/histogram_impl.h" +#include "source/common/stats/histogram_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/isolated_store_impl_test.cc b/test/common/stats/isolated_store_impl_test.cc index 3e2c6dd083a1..f3a3e0a31dcd 100644 --- a/test/common/stats/isolated_store_impl_test.cc +++ b/test/common/stats/isolated_store_impl_test.cc @@ -2,9 +2,9 @@ #include "envoy/stats/stats_macros.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stats/null_counter.h" -#include "common/stats/null_gauge.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/null_counter.h" +#include "source/common/stats/null_gauge.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" diff --git a/test/common/stats/make_elements_helper.cc b/test/common/stats/make_elements_helper.cc index d7d453824804..2999ade8dcf4 100644 --- a/test/common/stats/make_elements_helper.cc +++ b/test/common/stats/make_elements_helper.cc @@ -1,4 +1,4 @@ -#include "common/stats/utility.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Stats { diff --git a/test/common/stats/make_elements_helper.h b/test/common/stats/make_elements_helper.h index 218fa6f7aec6..bf08331cd9af 100644 --- a/test/common/stats/make_elements_helper.h +++ b/test/common/stats/make_elements_helper.h @@ -1,6 +1,6 @@ #pragma once -#include "common/stats/utility.h" +#include "source/common/stats/utility.h" namespace Envoy { namespace Stats { diff --git a/test/common/stats/metric_impl_test.cc b/test/common/stats/metric_impl_test.cc index 30f20a61ee3a..dfa2656696d3 100644 --- a/test/common/stats/metric_impl_test.cc +++ b/test/common/stats/metric_impl_test.cc @@ -1,7 +1,7 @@ #include -#include "common/stats/allocator_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/allocator_impl.h" +#include "source/common/stats/utility.h" #include "test/test_common/logging.h" diff --git a/test/common/stats/recent_lookups_speed_test.cc b/test/common/stats/recent_lookups_speed_test.cc index 2d3c0f5e4ef3..a39327db0875 100644 --- a/test/common/stats/recent_lookups_speed_test.cc +++ b/test/common/stats/recent_lookups_speed_test.cc @@ -20,9 +20,9 @@ // BM_LookupsNoEvictions 45662 ns 45662 ns 15329 // BM_LookupsAllEvictions 83015 ns 83015 ns 8435 -#include "common/common/random_generator.h" -#include "common/runtime/runtime_impl.h" -#include "common/stats/recent_lookups.h" +#include "source/common/common/random_generator.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stats/recent_lookups.h" #include "absl/strings/str_cat.h" #include "benchmark/benchmark.h" diff --git a/test/common/stats/recent_lookups_test.cc b/test/common/stats/recent_lookups_test.cc index 3e9bed9ff236..1ac2e7ffeb0a 100644 --- a/test/common/stats/recent_lookups_test.cc +++ b/test/common/stats/recent_lookups_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/common/utility.h" -#include "common/stats/recent_lookups.h" +#include "source/common/common/utility.h" +#include "source/common/stats/recent_lookups.h" #include "test/test_common/logging.h" diff --git a/test/common/stats/stat_merger_corpus/clusterfuzz-testcase-minimized-stat_merger_fuzz_test-5675276891717632 b/test/common/stats/stat_merger_corpus/clusterfuzz-testcase-minimized-stat_merger_fuzz_test-5675276891717632 new file mode 100644 index 000000000000..d565d75ac8ee --- /dev/null +++ b/test/common/stats/stat_merger_corpus/clusterfuzz-testcase-minimized-stat_merger_fuzz_test-5675276891717632 @@ -0,0 +1 @@ +ÿö .. \ No newline at end of file diff --git a/test/common/stats/stat_merger_fuzz_test.cc b/test/common/stats/stat_merger_fuzz_test.cc index f3e84f14f632..947c484a1ff5 100644 --- a/test/common/stats/stat_merger_fuzz_test.cc +++ b/test/common/stats/stat_merger_fuzz_test.cc @@ -1,6 +1,6 @@ #include -#include "common/stats/stat_merger.h" +#include "source/common/stats/stat_merger.h" #include "test/common/stats/stat_test_utility.h" #include "test/fuzz/fuzz_runner.h" @@ -39,7 +39,7 @@ void testDynamicEncoding(absl::string_view data, SymbolTable& symbol_table) { // TODO(#10008): We should remove the "1 +" below, so we can get empty // segments, which trigger some inconsistent handling as described in that // bug. - uint32_t num_bytes = (1 + data[index]) & 0x7; + uint32_t num_bytes = 1 + (data[index] & 0x7); // Carve out the segment and use the 4th bit from the control-byte to // determine whether to treat this segment symbolic or not. diff --git a/test/common/stats/stat_merger_test.cc b/test/common/stats/stat_merger_test.cc index 092fc531597b..ae9ff052dab1 100644 --- a/test/common/stats/stat_merger_test.cc +++ b/test/common/stats/stat_merger_test.cc @@ -1,8 +1,8 @@ #include -#include "common/stats/isolated_store_impl.h" -#include "common/stats/stat_merger.h" -#include "common/stats/thread_local_store.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/stat_merger.h" +#include "source/common/stats/thread_local_store.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/stat_test_utility.cc b/test/common/stats/stat_test_utility.cc index 4b8b678a115e..9f9438a7bf9a 100644 --- a/test/common/stats/stat_test_utility.cc +++ b/test/common/stats/stat_test_utility.cc @@ -1,7 +1,7 @@ #include "test/common/stats/stat_test_utility.h" -#include "common/common/assert.h" -#include "common/memory/stats.h" +#include "source/common/common/assert.h" +#include "source/common/memory/stats.h" namespace Envoy { namespace Stats { diff --git a/test/common/stats/stat_test_utility.h b/test/common/stats/stat_test_utility.h index 745f4900f217..213775d4bb21 100644 --- a/test/common/stats/stat_test_utility.h +++ b/test/common/stats/stat_test_utility.h @@ -2,9 +2,9 @@ #include "envoy/stats/store.h" -#include "common/common/logger.h" -#include "common/memory/stats.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/common/logger.h" +#include "source/common/memory/stats.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/test_common/global.h" diff --git a/test/common/stats/stats_matcher_impl_test.cc b/test/common/stats/stats_matcher_impl_test.cc index 9f78387eaa4f..87b806cd9f13 100644 --- a/test/common/stats/stats_matcher_impl_test.cc +++ b/test/common/stats/stats_matcher_impl_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/stats/stats_matcher_impl.h" +#include "source/common/stats/stats_matcher_impl.h" #include "test/test_common/utility.h" @@ -68,7 +68,7 @@ TEST_F(StatsMatcherTest, CheckNotRejectAll) { } TEST_F(StatsMatcherTest, CheckIncludeAll) { - inclusionList()->set_hidden_envoy_deprecated_regex(".*"); + inclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*")); initMatcher(); expectAccepted({"foo", "bar", "foo.bar", "foo.bar.baz"}); // It really does accept all, but the impl doesn't know it. @@ -77,7 +77,7 @@ TEST_F(StatsMatcherTest, CheckIncludeAll) { } TEST_F(StatsMatcherTest, CheckExcludeAll) { - exclusionList()->set_hidden_envoy_deprecated_regex(".*"); + exclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*")); initMatcher(); expectDenied({"foo", "bar", "foo.bar", "foo.bar.baz"}); EXPECT_FALSE(stats_matcher_impl_->acceptsAll()); @@ -149,7 +149,7 @@ TEST_F(StatsMatcherTest, CheckExcludeSuffix) { // Single regex matchers. TEST_F(StatsMatcherTest, CheckIncludeRegex) { - inclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); + inclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); initMatcher(); expectAccepted({"envoy.matchers.requests", "stats.envoy.2xx", "regex.envoy.matchers"}); expectDenied({"foo", "Envoy", "EnvoyProxy"}); @@ -158,7 +158,7 @@ TEST_F(StatsMatcherTest, CheckIncludeRegex) { } TEST_F(StatsMatcherTest, CheckExcludeRegex) { - exclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); + exclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); initMatcher(); expectAccepted({"foo", "Envoy", "EnvoyProxy"}); expectDenied({"envoy.matchers.requests", "stats.envoy.2xx", "regex.envoy.matchers"}); @@ -237,8 +237,8 @@ TEST_F(StatsMatcherTest, CheckMultipleExcludeSuffix) { // Multiple regex matchers. TEST_F(StatsMatcherTest, CheckMultipleIncludeRegex) { - inclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); - inclusionList()->set_hidden_envoy_deprecated_regex(".*absl.*"); + inclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); + inclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*absl.*")); initMatcher(); expectAccepted({"envoy.matchers.requests", "stats.absl.2xx", "absl.envoy.matchers"}); expectDenied({"Abseil", "EnvoyProxy"}); @@ -247,8 +247,8 @@ TEST_F(StatsMatcherTest, CheckMultipleIncludeRegex) { } TEST_F(StatsMatcherTest, CheckMultipleExcludeRegex) { - exclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); - exclusionList()->set_hidden_envoy_deprecated_regex(".*absl.*"); + exclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); + exclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*absl.*")); initMatcher(); expectAccepted({"Abseil", "EnvoyProxy"}); expectDenied({"envoy.matchers.requests", "stats.absl.2xx", "absl.envoy.matchers"}); @@ -262,7 +262,7 @@ TEST_F(StatsMatcherTest, CheckMultipleExcludeRegex) { // whichever the case may be. TEST_F(StatsMatcherTest, CheckMultipleAssortedInclusionMatchers) { - inclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); + inclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); inclusionList()->set_suffix("requests"); inclusionList()->set_exact("regex"); initMatcher(); @@ -273,7 +273,7 @@ TEST_F(StatsMatcherTest, CheckMultipleAssortedInclusionMatchers) { } TEST_F(StatsMatcherTest, CheckMultipleAssortedExclusionMatchers) { - exclusionList()->set_hidden_envoy_deprecated_regex(".*envoy.*"); + exclusionList()->MergeFrom(TestUtility::createRegexMatcher(".*envoy.*")); exclusionList()->set_suffix("requests"); exclusionList()->set_exact("regex"); initMatcher(); diff --git a/test/common/stats/symbol_table_fuzz_test.cc b/test/common/stats/symbol_table_fuzz_test.cc index 3d5ac4df99bc..cab1bda492c2 100644 --- a/test/common/stats/symbol_table_fuzz_test.cc +++ b/test/common/stats/symbol_table_fuzz_test.cc @@ -1,8 +1,8 @@ #include -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/stats/symbol_table_impl_test.cc b/test/common/stats/symbol_table_impl_test.cc index 7fd540803a15..0f8dd73fedae 100644 --- a/test/common/stats/symbol_table_impl_test.cc +++ b/test/common/stats/symbol_table_impl_test.cc @@ -1,9 +1,9 @@ #include -#include "common/common/macros.h" -#include "common/common/mutex_tracer_impl.h" -#include "common/memory/stats.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/common/macros.h" +#include "source/common/common/mutex_tracer_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/logging.h" diff --git a/test/common/stats/symbol_table_speed_test.cc b/test/common/stats/symbol_table_speed_test.cc index f5806c69964e..c5450bb98a5f 100644 --- a/test/common/stats/symbol_table_speed_test.cc +++ b/test/common/stats/symbol_table_speed_test.cc @@ -3,11 +3,11 @@ // // NOLINT(namespace-envoy) -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/utility.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/utility.h" #include "test/common/stats/make_elements_helper.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/tag_extractor_impl_speed_test.cc b/test/common/stats/tag_extractor_impl_speed_test.cc index b9dd469db754..d391a96f1b8f 100644 --- a/test/common/stats/tag_extractor_impl_speed_test.cc +++ b/test/common/stats/tag_extractor_impl_speed_test.cc @@ -42,9 +42,9 @@ #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/common/assert.h" -#include "common/config/well_known_names.h" -#include "common/stats/tag_producer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/config/well_known_names.h" +#include "source/common/stats/tag_producer_impl.h" #include "benchmark/benchmark.h" diff --git a/test/common/stats/tag_extractor_impl_test.cc b/test/common/stats/tag_extractor_impl_test.cc index e798c0df9522..b259b461663b 100644 --- a/test/common/stats/tag_extractor_impl_test.cc +++ b/test/common/stats/tag_extractor_impl_test.cc @@ -3,9 +3,9 @@ #include "envoy/common/exception.h" #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/config/well_known_names.h" -#include "common/stats/tag_extractor_impl.h" -#include "common/stats/tag_producer_impl.h" +#include "source/common/config/well_known_names.h" +#include "source/common/stats/tag_extractor_impl.h" +#include "source/common/stats/tag_producer_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/tag_producer_impl_test.cc b/test/common/stats/tag_producer_impl_test.cc index 9ac1902354fa..db7be62da02f 100644 --- a/test/common/stats/tag_producer_impl_test.cc +++ b/test/common/stats/tag_producer_impl_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/config/well_known_names.h" -#include "common/stats/tag_producer_impl.h" +#include "source/common/config/well_known_names.h" +#include "source/common/stats/tag_producer_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/stats/thread_local_store_speed_test.cc b/test/common/stats/thread_local_store_speed_test.cc index 5208fdaed9f5..8ce08a84d052 100644 --- a/test/common/stats/thread_local_store_speed_test.cc +++ b/test/common/stats/thread_local_store_speed_test.cc @@ -3,14 +3,14 @@ #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/event/dispatcher_impl.h" -#include "common/stats/allocator_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/tag_producer_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/thread_local/thread_local_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/allocator_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/tag_producer_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/thread_local/thread_local_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/simulated_time_system.h" @@ -29,17 +29,16 @@ class ThreadLocalStorePerf { store_.setTagProducer(std::make_unique(stats_config_)); Stats::TestUtil::forEachSampleStat(1000, [this](absl::string_view name) { - stat_names_.push_back(std::make_unique(name, symbol_table_)); + stat_names_.push_back(std::make_unique(name, symbol_table_)); }); } ~ThreadLocalStorePerf() { - for (auto& stat_name_storage : stat_names_) { - stat_name_storage->free(symbol_table_); + if (tls_) { + tls_->shutdownGlobalThreading(); } store_.shutdownThreading(); if (tls_) { - tls_->shutdownGlobalThreading(); tls_->shutdownThread(); } if (dispatcher_) { @@ -72,7 +71,7 @@ class ThreadLocalStorePerf { Stats::ThreadLocalStoreImpl store_; Api::ApiPtr api_; envoy::config::metrics::v3::StatsConfig stats_config_; - std::vector> stat_names_; + std::vector> stat_names_; }; } // namespace Envoy diff --git a/test/common/stats/thread_local_store_test.cc b/test/common/stats/thread_local_store_test.cc index 6d8de94d0463..b6ee2c6a1a4f 100644 --- a/test/common/stats/thread_local_store_test.cc +++ b/test/common/stats/thread_local_store_test.cc @@ -5,14 +5,14 @@ #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/stats/histogram.h" -#include "common/common/c_smart_ptr.h" -#include "common/event/dispatcher_impl.h" -#include "common/memory/stats.h" -#include "common/stats/stats_matcher_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/tag_producer_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/thread_local/thread_local_impl.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/stats/stats_matcher_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/tag_producer_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/thread_local/thread_local_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" @@ -69,6 +69,8 @@ class StatsThreadLocalStoreTest : public testing::Test { store_->addSink(sink_); } + ~StatsThreadLocalStoreTest() override { tls_.shutdownGlobalThreading(); } + void resetStoreWithAlloc(Allocator& alloc) { store_ = std::make_unique(alloc); store_->addSink(sink_); @@ -128,6 +130,7 @@ class HistogramTest : public testing::Test { } void TearDown() override { + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -318,6 +321,7 @@ TEST_F(StatsThreadLocalStoreTest, Tls) { EXPECT_EQ(&t1, store_->textReadouts().front().get()); // front() ok when size()==1 EXPECT_EQ(2UL, store_->textReadouts().front().use_count()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); @@ -415,6 +419,7 @@ TEST_F(StatsThreadLocalStoreTest, BasicScope) { Stats::Histogram::Unit::Unspecified)); } + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); scope1->deliverHistogramToSinks(h1, 100); scope1->deliverHistogramToSinks(h2, 200); @@ -460,6 +465,7 @@ TEST_F(StatsThreadLocalStoreTest, HistogramScopeOverlap) { EXPECT_EQ(0, store_->histograms().size()); EXPECT_EQ(0, numTlsHistograms()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); store_->histogramFromString("histogram_after_shutdown", Histogram::Unit::Unspecified); @@ -476,6 +482,7 @@ TEST_F(StatsThreadLocalStoreTest, SanitizePrefix) { Counter& c1 = scope1->counterFromString("c1"); EXPECT_EQ("scope1___foo.c1", c1.name()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -499,13 +506,14 @@ TEST_F(StatsThreadLocalStoreTest, ScopeDelete) { EXPECT_EQ("scope1.c1", c1->name()); EXPECT_CALL(main_thread_dispatcher_, post(_)); - EXPECT_CALL(tls_, runOnAllThreads(_, _)); + EXPECT_CALL(tls_, runOnAllThreads(_, _)).Times(testing::AtLeast(1)); scope1.reset(); EXPECT_EQ(0UL, store_->counters().size()); EXPECT_EQ(1L, c1.use_count()); c1.reset(); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -541,6 +549,7 @@ TEST_F(StatsThreadLocalStoreTest, NestedScopes) { TextReadout& t1 = scope2->textReadoutFromString("some_string"); EXPECT_EQ("scope1.foo.some_string", t1.name()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -605,6 +614,7 @@ TEST_F(StatsThreadLocalStoreTest, OverlappingScopes) { EXPECT_EQ("abc", t2.value()); EXPECT_EQ(1UL, store_->textReadouts().size()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -650,6 +660,7 @@ TEST_F(StatsThreadLocalStoreTest, TextReadoutAllLengths) { t.set(""); EXPECT_EQ("", t.value()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -805,6 +816,7 @@ TEST_F(StatsMatcherTLSTest, TestNoOpStatImpls) { store_->histogramFromString("noop_histogram_2", Stats::Histogram::Unit::Unspecified); EXPECT_EQ(&noop_histogram, &noop_histogram_2); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); } @@ -816,10 +828,8 @@ TEST_F(StatsMatcherTLSTest, TestExclusionRegex) { // Expected to alloc lowercase_counter, lowercase_gauge, valid_counter, valid_gauge // Will block all stats containing any capital alphanumeric letter. - stats_config_.mutable_stats_matcher() - ->mutable_exclusion_list() - ->add_patterns() - ->set_hidden_envoy_deprecated_regex(".*[A-Z].*"); + stats_config_.mutable_stats_matcher()->mutable_exclusion_list()->add_patterns()->MergeFrom( + TestUtility::createRegexMatcher(".*[A-Z].*")); store_->setStatsMatcher(std::make_unique(stats_config_)); // The creation of counters/gauges/histograms which have no uppercase letters should succeed. @@ -919,6 +929,7 @@ TEST_F(StatsMatcherTLSTest, TestExclusionRegex) { EXPECT_EQ("", invalid_string_2.value()); // Expected to free lowercase_counter, lowercase_gauge, valid_counter, valid_gauge + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); } @@ -938,6 +949,7 @@ class RememberStatsMatcherTest : public testing::TestWithParam { } ~RememberStatsMatcherTest() override { + tls_.shutdownGlobalThreading(); store_.shutdownThreading(); tls_.shutdownThread(); } @@ -1111,6 +1123,7 @@ TEST_F(StatsThreadLocalStoreTest, RemoveRejectedStats) { EXPECT_CALL(sink_, onHistogramComplete(Ref(histogram), 42)); histogram.recordValue(42); textReadout.set("fortytwo"); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -1127,6 +1140,7 @@ TEST_F(StatsThreadLocalStoreTest, NonHotRestartNoTruncation) { // This works fine, and we can find it by its long name because heap-stats do not // get truncated. EXPECT_NE(nullptr, TestUtility::findCounter(*store_, name_1).get()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -1143,6 +1157,7 @@ class StatsThreadLocalStoreTestNoFixture : public testing::Test { ~StatsThreadLocalStoreTestNoFixture() override { if (threading_enabled_) { + tls_.shutdownGlobalThreading(); store_.shutdownThreading(); tls_.shutdownThread(); } @@ -1189,6 +1204,7 @@ TEST_F(StatsThreadLocalStoreTest, ShuttingDown) { store_->counterFromString("c1"); store_->gaugeFromString("g1", Gauge::ImportMode::Accumulate); store_->textReadoutFromString("t1"); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); store_->counterFromString("c2"); store_->gaugeFromString("g2", Gauge::ImportMode::Accumulate); @@ -1208,6 +1224,7 @@ TEST_F(StatsThreadLocalStoreTest, ShuttingDown) { EXPECT_EQ(2L, TestUtility::findGauge(*store_, "g2").use_count()); EXPECT_EQ(2L, TestUtility::findTextReadout(*store_, "t2").use_count()); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -1222,6 +1239,7 @@ TEST_F(StatsThreadLocalStoreTest, MergeDuringShutDown) { EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 1)); h1.recordValue(1); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); // Validate that merge callback is called during shutdown and there is no ASSERT. @@ -1229,6 +1247,7 @@ TEST_F(StatsThreadLocalStoreTest, MergeDuringShutDown) { store_->mergeHistograms([&merge_called]() -> void { merge_called = true; }); EXPECT_TRUE(merge_called); + tls_.shutdownGlobalThreading(); store_->shutdownThreading(); tls_.shutdownThread(); } @@ -1243,7 +1262,9 @@ TEST(ThreadLocalStoreThreadTest, ConstructDestruct) { store.initializeThreading(*dispatcher, tls); { ScopePtr scope1 = store.createScope("scope1."); } + tls.shutdownGlobalThreading(); store.shutdownThreading(); + tls.shutdownThread(); } // Histogram tests @@ -1502,15 +1523,7 @@ class ThreadLocalRealThreadsTestBase : public ThreadLocalStoreNoMocksTestBase { } ~ThreadLocalRealThreadsTestBase() override { - { - BlockingBarrier blocking_barrier(1); - main_dispatcher_->post(blocking_barrier.run([this]() { - store_->shutdownThreading(); - tls_->shutdownGlobalThreading(); - tls_->shutdownThread(); - })); - } - + shutdownThreading(); for (Event::DispatcherPtr& dispatcher : thread_dispatchers_) { dispatcher->post([&dispatcher]() { dispatcher->exit(); }); } @@ -1527,6 +1540,17 @@ class ThreadLocalRealThreadsTestBase : public ThreadLocalStoreNoMocksTestBase { main_thread_->join(); } + void shutdownThreading() { + BlockingBarrier blocking_barrier(1); + main_dispatcher_->post(blocking_barrier.run([this]() { + if (!tls_->isShutdown()) { + tls_->shutdownGlobalThreading(); + } + store_->shutdownThreading(); + tls_->shutdownThread(); + })); + } + void workerThreadFn(uint32_t thread_index, BlockingBarrier& blocking_barrier) { thread_dispatchers_[thread_index] = api_->allocateDispatcher(absl::StrCat("test_worker_", thread_index)); @@ -1766,8 +1790,7 @@ TEST_F(HistogramThreadTest, ScopeOverlap) { EXPECT_EQ(0, store_->histograms().size()); EXPECT_EQ(0, numTlsHistograms()); - store_->shutdownThreading(); - + shutdownThreading(); store_->histogramFromString("histogram_after_shutdown", Histogram::Unit::Unspecified); } diff --git a/test/common/stats/utility_fuzz_test.cc b/test/common/stats/utility_fuzz_test.cc index eebdceab396d..7c302624c740 100644 --- a/test/common/stats/utility_fuzz_test.cc +++ b/test/common/stats/utility_fuzz_test.cc @@ -1,8 +1,8 @@ #include #include -#include "common/stats/isolated_store_impl.h" -#include "common/stats/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/utility.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/common/stats/utility_test.cc b/test/common/stats/utility_test.cc index 3c4bda7d122d..ccd88004e000 100644 --- a/test/common/stats/utility_test.cc +++ b/test/common/stats/utility_test.cc @@ -2,10 +2,10 @@ #include "envoy/stats/stats_macros.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stats/null_counter.h" -#include "common/stats/null_gauge.h" -#include "common/stats/thread_local_store.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/null_counter.h" +#include "source/common/stats/null_gauge.h" +#include "source/common/stats/thread_local_store.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" diff --git a/test/common/stream_info/BUILD b/test/common/stream_info/BUILD index 8f2a194a22cd..92d905fa1c82 100644 --- a/test/common/stream_info/BUILD +++ b/test/common/stream_info/BUILD @@ -23,8 +23,8 @@ envoy_cc_test( srcs = ["stream_info_impl_test.cc"], deps = [ ":test_int_accessor_lib", - "//include/envoy/http:protocol_interface", - "//include/envoy/upstream:host_description_interface", + "//envoy/http:protocol_interface", + "//envoy/upstream:host_description_interface", "//source/common/stream_info:stream_info_lib", "//test/mocks/router:router_mocks", "//test/mocks/ssl:ssl_mocks", @@ -38,7 +38,7 @@ envoy_cc_test_library( name = "test_int_accessor_lib", hdrs = ["test_int_accessor.h"], deps = [ - "//include/envoy/stream_info:filter_state_interface", + "//envoy/stream_info:filter_state_interface", ], ) @@ -46,8 +46,8 @@ envoy_cc_test_library( name = "test_util", hdrs = ["test_util.h"], deps = [ - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/stream_info:stream_info_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/stream_info:stream_info_interface", "//source/common/common:assert_lib", "//source/common/common:random_generator_lib", "//source/common/runtime:runtime_lib", diff --git a/test/common/stream_info/filter_state_impl_test.cc b/test/common/stream_info/filter_state_impl_test.cc index 24590fa7c371..f9e6a538d8e5 100644 --- a/test/common/stream_info/filter_state_impl_test.cc +++ b/test/common/stream_info/filter_state_impl_test.cc @@ -1,6 +1,6 @@ #include "envoy/common/exception.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/stream_info/stream_info_impl_test.cc b/test/common/stream_info/stream_info_impl_test.cc index c9dce6241f3d..88b2c04fb38c 100644 --- a/test/common/stream_info/stream_info_impl_test.cc +++ b/test/common/stream_info/stream_info_impl_test.cc @@ -5,9 +5,9 @@ #include "envoy/stream_info/filter_state.h" #include "envoy/upstream/host_description.h" -#include "common/common/fmt.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/common/stream_info/test_int_accessor.h" #include "test/mocks/router/mocks.h" diff --git a/test/common/stream_info/test_util.h b/test/common/stream_info/test_util.h index ba4324645ee3..8335d6317b74 100644 --- a/test/common/stream_info/test_util.h +++ b/test/common/stream_info/test_util.h @@ -3,12 +3,11 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/stream_info/stream_info.h" -#include "common/common/assert.h" -#include "common/common/random_generator.h" -#include "common/network/socket_impl.h" -#include "common/stream_info/filter_state_impl.h" - -#include "extensions/request_id/uuid/config.h" +#include "source/common/common/assert.h" +#include "source/common/common/random_generator.h" +#include "source/common/network/socket_impl.h" +#include "source/common/stream_info/filter_state_impl.h" +#include "source/extensions/request_id/uuid/config.h" #include "test/test_common/simulated_time_system.h" @@ -225,7 +224,7 @@ class TestStreamInfo : public StreamInfo::StreamInfo { absl::optional connectionID() const override { return connection_id_; } void setFilterChainName(absl::string_view filter_chain_name) override { - filter_chain_name_ = filter_chain_name; + filter_chain_name_ = std::string(filter_chain_name); } const std::string& filterChainName() const override { return filter_chain_name_; } diff --git a/test/common/stream_info/uint32_accessor_impl_test.cc b/test/common/stream_info/uint32_accessor_impl_test.cc index f9979892dbd3..156d89a3e3ca 100644 --- a/test/common/stream_info/uint32_accessor_impl_test.cc +++ b/test/common/stream_info/uint32_accessor_impl_test.cc @@ -1,4 +1,4 @@ -#include "common/stream_info/uint32_accessor_impl.h" +#include "source/common/stream_info/uint32_accessor_impl.h" #include "gtest/gtest.h" diff --git a/test/common/stream_info/utility_test.cc b/test/common/stream_info/utility_test.cc index 05ace2109433..2cf533db8560 100644 --- a/test/common/stream_info/utility_test.cc +++ b/test/common/stream_info/utility_test.cc @@ -1,5 +1,5 @@ -#include "common/network/address_impl.h" -#include "common/stream_info/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/stream_info/utility.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/common/tcp/conn_pool_test.cc b/test/common/tcp/conn_pool_test.cc index 1b7796b8e6fc..fab429254d5f 100644 --- a/test/common/tcp/conn_pool_test.cc +++ b/test/common/tcp/conn_pool_test.cc @@ -1,12 +1,12 @@ #include #include -#include "common/event/dispatcher_impl.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/utility.h" -#include "common/tcp/conn_pool.h" -#include "common/tcp/original_conn_pool.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/utility.h" +#include "source/common/tcp/conn_pool.h" +#include "source/common/tcp/original_conn_pool.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" @@ -59,7 +59,7 @@ struct ConnPoolCallbacks : public Tcp::ConnectionPool::Callbacks { pool_ready_.ready(); } - void onPoolFailure(ConnectionPool::PoolFailureReason reason, + void onPoolFailure(ConnectionPool::PoolFailureReason reason, absl::string_view, Upstream::HostDescriptionConstSharedPtr host) override { reason_ = reason; host_ = host; diff --git a/test/common/tcp_proxy/BUILD b/test/common/tcp_proxy/BUILD index b84cdb0c6d6a..4105647647b6 100644 --- a/test/common/tcp_proxy/BUILD +++ b/test/common/tcp_proxy/BUILD @@ -26,7 +26,6 @@ envoy_cc_test_library( "//source/common/tcp_proxy", "//source/common/upstream:upstream_includes", "//source/common/upstream:upstream_lib", - "//source/extensions/access_loggers:well_known_names", "//source/extensions/access_loggers/file:config", "//source/extensions/upstreams/http/generic:config", "//test/common/upstream:utility_lib", diff --git a/test/common/tcp_proxy/config_test.cc b/test/common/tcp_proxy/config_test.cc index 98f29fdbfb86..5ea8c2c3a3e3 100644 --- a/test/common/tcp_proxy/config_test.cc +++ b/test/common/tcp_proxy/config_test.cc @@ -773,7 +773,7 @@ TEST(ConfigTest, HashWithSourceIpDefaultConfig) { TEST(ConfigTest, AccessLogConfig) { envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy config; envoy::config::accesslog::v3::AccessLog* log = config.mutable_access_log()->Add(); - log->set_name(Extensions::AccessLoggers::AccessLogNames::get().File); + log->set_name("envoy.access_loggers.file"); { envoy::extensions::access_loggers::file::v3::FileAccessLog file_access_log; file_access_log.set_path("some_path"); @@ -783,7 +783,7 @@ TEST(ConfigTest, AccessLogConfig) { } log = config.mutable_access_log()->Add(); - log->set_name(Extensions::AccessLoggers::AccessLogNames::get().File); + log->set_name("envoy.access_loggers.file"); { envoy::extensions::access_loggers::file::v3::FileAccessLog file_access_log; file_access_log.set_path("another path"); @@ -847,7 +847,7 @@ TEST_F(TcpProxyRoutingTest, DEPRECATED_FEATURE_TEST(NonRoutableConnection)) { // Expect filter to try to open a connection to the fallback cluster. EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); filter_->onNewConnection(); @@ -870,7 +870,7 @@ TEST_F(TcpProxyRoutingTest, DEPRECATED_FEATURE_TEST(RoutableConnection)) { // Expect filter to try to open a connection to specified cluster. EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); filter_->onNewConnection(); @@ -891,7 +891,7 @@ TEST_F(TcpProxyRoutingTest, DEPRECATED_FEATURE_TEST(UseClusterFromPerConnectionC // Expect filter to try to open a connection to specified cluster. EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); filter_->onNewConnection(); } @@ -910,16 +910,14 @@ TEST_F(TcpProxyRoutingTest, DEPRECATED_FEATURE_TEST(UpstreamServerName)) { // Expect filter to try to open a connection to a cluster with the transport socket options with // override-server-name EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce( - Invoke([](Upstream::ResourcePriority, - Upstream::LoadBalancerContext* context) -> Tcp::ConnectionPool::Instance* { - Network::TransportSocketOptionsSharedPtr transport_socket_options = - context->upstreamTransportSocketOptions(); - EXPECT_NE(transport_socket_options, nullptr); - EXPECT_TRUE(transport_socket_options->serverNameOverride().has_value()); - EXPECT_EQ(transport_socket_options->serverNameOverride().value(), "www.example.com"); - return nullptr; - })); + .WillOnce(Invoke([](Upstream::ResourcePriority, Upstream::LoadBalancerContext* context) { + Network::TransportSocketOptionsSharedPtr transport_socket_options = + context->upstreamTransportSocketOptions(); + EXPECT_NE(transport_socket_options, nullptr); + EXPECT_TRUE(transport_socket_options->serverNameOverride().has_value()); + EXPECT_EQ(transport_socket_options->serverNameOverride().value(), "www.example.com"); + return absl::nullopt; + })); // Port 9999 is within the specified destination port range. connection_.stream_info_.downstream_address_provider_->setLocalAddress( @@ -942,18 +940,16 @@ TEST_F(TcpProxyRoutingTest, DEPRECATED_FEATURE_TEST(ApplicationProtocols)) { // Expect filter to try to open a connection to a cluster with the transport socket options with // override-application-protocol EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce( - Invoke([](Upstream::ResourcePriority, - Upstream::LoadBalancerContext* context) -> Tcp::ConnectionPool::Instance* { - Network::TransportSocketOptionsSharedPtr transport_socket_options = - context->upstreamTransportSocketOptions(); - EXPECT_NE(transport_socket_options, nullptr); - EXPECT_FALSE(transport_socket_options->applicationProtocolListOverride().empty()); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride().size(), 2); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[0], "foo"); - EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[1], "bar"); - return nullptr; - })); + .WillOnce(Invoke([](Upstream::ResourcePriority, Upstream::LoadBalancerContext* context) { + Network::TransportSocketOptionsSharedPtr transport_socket_options = + context->upstreamTransportSocketOptions(); + EXPECT_NE(transport_socket_options, nullptr); + EXPECT_FALSE(transport_socket_options->applicationProtocolListOverride().empty()); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride().size(), 2); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[0], "foo"); + EXPECT_EQ(transport_socket_options->applicationProtocolListOverride()[1], "bar"); + return absl::nullopt; + })); // Port 9999 is within the specified destination port range. connection_.stream_info_.downstream_address_provider_->setLocalAddress( @@ -986,7 +982,7 @@ TEST_F(TcpProxyNonDeprecatedConfigRoutingTest, ClusterNameSet) { // Expect filter to try to open a connection to specified cluster. EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); absl::optional cluster_info; EXPECT_CALL(connection_.stream_info_, setUpstreamClusterInfo(_)) .WillOnce( @@ -1036,12 +1032,10 @@ TEST_F(TcpProxyHashingTest, HashWithSourceIp) { setup(); initializeFilter(); EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce( - Invoke([](Upstream::ResourcePriority, - Upstream::LoadBalancerContext* context) -> Tcp::ConnectionPool::Instance* { - EXPECT_TRUE(context->computeHashKey().has_value()); - return nullptr; - })); + .WillOnce(Invoke([](Upstream::ResourcePriority, Upstream::LoadBalancerContext* context) { + EXPECT_TRUE(context->computeHashKey().has_value()); + return absl::nullopt; + })); connection_.stream_info_.downstream_address_provider_->setRemoteAddress( std::make_shared("1.2.3.4", 1111)); diff --git a/test/common/tcp_proxy/tcp_proxy_test.cc b/test/common/tcp_proxy/tcp_proxy_test.cc index 43447d35a411..3fd3d169f290 100644 --- a/test/common/tcp_proxy/tcp_proxy_test.cc +++ b/test/common/tcp_proxy/tcp_proxy_test.cc @@ -12,19 +12,17 @@ #include "envoy/extensions/upstreams/http/generic/v3/generic_connection_pool.pb.h" #include "envoy/extensions/upstreams/tcp/generic/v3/generic_connection_pool.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/application_protocol.h" -#include "common/network/socket_option_factory.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/network/upstream_socket_options_filter_state.h" -#include "common/network/win32_redirect_records_option_impl.h" -#include "common/router/metadatamatchcriteria_impl.h" -#include "common/tcp_proxy/tcp_proxy.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/network/upstream_socket_options_filter_state.h" +#include "source/common/network/win32_redirect_records_option_impl.h" +#include "source/common/router/metadatamatchcriteria_impl.h" +#include "source/common/tcp_proxy/tcp_proxy.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/tcp_proxy/tcp_proxy_test_base.h" #include "test/common/upstream/utility.h" @@ -86,7 +84,7 @@ class TcpProxyTest : public TcpProxyTestBase { testing::InSequence sequence; for (uint32_t i = 0; i < connections; i++) { EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(&conn_pool_)) + .WillOnce(Return(Upstream::TcpPoolData([]() {}, &conn_pool_))) .RetiresOnSaturation(); EXPECT_CALL(conn_pool_, newConnection(_)) .WillOnce(Invoke( @@ -98,7 +96,7 @@ class TcpProxyTest : public TcpProxyTestBase { .RetiresOnSaturation(); } EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillRepeatedly(Return(nullptr)); + .WillRepeatedly(Return(absl::nullopt)); } { @@ -553,7 +551,7 @@ TEST_F(TcpProxyTest, WeightedClusterWithMetadataMatch) { EXPECT_CALL(factory_context_.api_.random_, random()).WillOnce(Return(0)); EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(DoAll(SaveArg<1>(&context), Return(nullptr))); + .WillOnce(DoAll(SaveArg<1>(&context), Return(absl::nullopt))); EXPECT_EQ(Network::FilterStatus::StopIteration, filter_->onNewConnection()); EXPECT_NE(nullptr, context); @@ -577,7 +575,7 @@ TEST_F(TcpProxyTest, WeightedClusterWithMetadataMatch) { EXPECT_CALL(factory_context_.api_.random_, random()).WillOnce(Return(2)); EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(DoAll(SaveArg<1>(&context), Return(nullptr))); + .WillOnce(DoAll(SaveArg<1>(&context), Return(absl::nullopt))); EXPECT_EQ(Network::FilterStatus::StopIteration, filter_->onNewConnection()); EXPECT_NE(nullptr, context); @@ -616,7 +614,7 @@ TEST_F(TcpProxyTest, StreamInfoDynamicMetadata) { Upstream::LoadBalancerContext* context; EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(DoAll(SaveArg<1>(&context), Return(nullptr))); + .WillOnce(DoAll(SaveArg<1>(&context), Return(absl::nullopt))); EXPECT_EQ(Network::FilterStatus::StopIteration, filter_->onNewConnection()); EXPECT_NE(nullptr, context); @@ -670,7 +668,7 @@ TEST_F(TcpProxyTest, StreamInfoDynamicMetadataAndConfigMerged) { Upstream::LoadBalancerContext* context; EXPECT_CALL(factory_context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(DoAll(SaveArg<1>(&context), Return(nullptr))); + .WillOnce(DoAll(SaveArg<1>(&context), Return(absl::nullopt))); EXPECT_EQ(Network::FilterStatus::StopIteration, filter_->onNewConnection()); EXPECT_NE(nullptr, context); diff --git a/test/common/tcp_proxy/tcp_proxy_test_base.h b/test/common/tcp_proxy/tcp_proxy_test_base.h index 7c3d5d717670..37676f5bbced 100644 --- a/test/common/tcp_proxy/tcp_proxy_test_base.h +++ b/test/common/tcp_proxy/tcp_proxy_test_base.h @@ -14,16 +14,14 @@ #include "envoy/extensions/upstreams/http/generic/v3/generic_connection_pool.pb.h" #include "envoy/extensions/upstreams/tcp/generic/v3/generic_connection_pool.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/application_protocol.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/upstream_server_name.h" -#include "common/router/metadatamatchcriteria_impl.h" -#include "common/tcp_proxy/tcp_proxy.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/application_protocol.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/upstream_server_name.h" +#include "source/common/router/metadatamatchcriteria_impl.h" +#include "source/common/tcp_proxy/tcp_proxy.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/buffer/mocks.h" @@ -110,7 +108,7 @@ class TcpProxyTestBase : public testing::Test { accessLogConfig(const std::string& access_log_format) { envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy config = defaultConfig(); envoy::config::accesslog::v3::AccessLog* access_log = config.mutable_access_log()->Add(); - access_log->set_name(Extensions::AccessLoggers::AccessLogNames::get().File); + access_log->set_name("envoy.access_loggers.file"); envoy::extensions::access_loggers::file::v3::FileAccessLog file_access_log; file_access_log.set_path("unused"); file_access_log.mutable_log_format()->mutable_text_format_source()->set_inline_string( @@ -152,7 +150,7 @@ class TcpProxyTestBase : public testing::Test { void raiseEventUpstreamConnectFailed(uint32_t conn_index, ConnectionPool::PoolFailureReason reason) { - conn_pool_callbacks_.at(conn_index)->onPoolFailure(reason, upstream_hosts_.at(conn_index)); + conn_pool_callbacks_.at(conn_index)->onPoolFailure(reason, "", upstream_hosts_.at(conn_index)); } Tcp::ConnectionPool::Cancellable* onNewConnection(Tcp::ConnectionPool::Cancellable* connection) { diff --git a/test/common/tcp_proxy/upstream_test.cc b/test/common/tcp_proxy/upstream_test.cc index 9040bab968d7..ce4184067be5 100644 --- a/test/common/tcp_proxy/upstream_test.cc +++ b/test/common/tcp_proxy/upstream_test.cc @@ -1,6 +1,6 @@ #include -#include "common/tcp_proxy/upstream.h" +#include "source/common/tcp_proxy/upstream.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/http/mocks.h" @@ -46,7 +46,7 @@ template class HttpUpstreamTest : public testing::Test { using testing::Types; -typedef Types Implementations; +using Implementations = Types; TYPED_TEST_SUITE(HttpUpstreamTest, Implementations); diff --git a/test/common/thread_local/thread_local_impl_test.cc b/test/common/thread_local/thread_local_impl_test.cc index 89a13a6263ef..f6937240803d 100644 --- a/test/common/thread_local/thread_local_impl_test.cc +++ b/test/common/thread_local/thread_local_impl_test.cc @@ -1,7 +1,7 @@ -#include "common/common/thread.h" -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" -#include "common/thread_local/thread_local_impl.h" +#include "source/common/common/thread.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/thread_local/thread_local_impl.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/tracing/http_tracer_impl_test.cc b/test/common/tracing/http_tracer_impl_test.cc index 7942815006ec..256270dffe70 100644 --- a/test/common/tracing/http_tracer_impl_test.cc +++ b/test/common/tracing/http_tracer_impl_test.cc @@ -5,13 +5,13 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/type/tracing/v3/custom_tag.pb.h" -#include "common/common/base64.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/tracing/http_tracer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/tracing/http_tracer_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/common/tracing/http_tracer_manager_impl_test.cc b/test/common/tracing/http_tracer_manager_impl_test.cc index 2b49433879b4..a7c564d4eb2f 100644 --- a/test/common/tracing/http_tracer_manager_impl_test.cc +++ b/test/common/tracing/http_tracer_manager_impl_test.cc @@ -1,6 +1,6 @@ -#include "common/tracing/http_tracer_impl.h" -#include "common/tracing/http_tracer_manager_impl.h" -#include "common/tracing/tracer_config_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/common/tracing/http_tracer_manager_impl.h" +#include "source/common/tracing/tracer_config_impl.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/tracer_factory.h" diff --git a/test/common/upstream/BUILD b/test/common/upstream/BUILD index c4964177d10f..16fd761aa739 100644 --- a/test/common/upstream/BUILD +++ b/test/common/upstream/BUILD @@ -71,7 +71,7 @@ envoy_cc_test( name = "conn_pool_map_impl_test", srcs = ["conn_pool_map_impl_test.cc"], deps = [ - "//include/envoy/http:conn_pool_interface", + "//envoy/http:conn_pool_interface", "//source/common/upstream:conn_pool_map_impl_lib", "//test/mocks:common_lib", "//test/mocks/event:event_mocks", @@ -210,7 +210,7 @@ envoy_cc_test( name = "host_stats_test", srcs = ["host_stats_test.cc"], deps = [ - "//include/envoy/upstream:host_description_interface", + "//envoy/upstream:host_description_interface", ], ) @@ -425,7 +425,7 @@ envoy_cc_test( external_deps = ["abseil_optional"], deps = [ ":utility_lib", - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/network:utility_lib", "//source/common/upstream:outlier_detection_lib", "//source/common/upstream:upstream_includes", @@ -449,7 +449,7 @@ envoy_cc_test( name = "priority_conn_pool_map_impl_test", srcs = ["priority_conn_pool_map_impl_test.cc"], deps = [ - "//include/envoy/http:conn_pool_interface", + "//envoy/http:conn_pool_interface", "//source/common/upstream:priority_conn_pool_map_impl_lib", "//test/mocks:common_lib", "//test/mocks/event:event_mocks", @@ -463,7 +463,7 @@ envoy_cc_test( name = "resource_manager_impl_test", srcs = ["resource_manager_impl_test.cc"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/upstream:resource_manager_lib", "//test/mocks/runtime:runtime_mocks", "//test/mocks/stats:stats_mocks", @@ -475,7 +475,7 @@ envoy_cc_test( srcs = ["ring_hash_lb_test.cc"], deps = [ ":utility_lib", - "//include/envoy/router:router_interface", + "//envoy/router:router_interface", "//source/common/network:utility_lib", "//source/common/upstream:ring_hash_lb_lib", "//source/common/upstream:upstream_includes", @@ -574,7 +574,7 @@ envoy_cc_test( name = "transport_socket_matcher_test", srcs = ["transport_socket_matcher_test.cc"], deps = [ - "//include/envoy/api:api_interface", + "//envoy/api:api_interface", "//source/common/config:metadata_lib", "//source/common/network:transport_socket_options_lib", "//source/common/upstream:transport_socket_match_lib", @@ -598,9 +598,9 @@ envoy_cc_test( "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto", - "//include/envoy/api:api_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/api:api_interface", + "//envoy/http:codec_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/config:metadata_lib", "//source/common/event:dispatcher_lib", "//source/common/network:utility_lib", @@ -635,7 +635,7 @@ envoy_cc_test_library( name = "utility_lib", hdrs = ["utility.h"], deps = [ - "//include/envoy/stats:stats_interface", + "//envoy/stats:stats_interface", "//source/common/json:json_loader_lib", "//source/common/network:utility_lib", "//source/common/stats:stats_lib", @@ -654,8 +654,8 @@ envoy_cc_test_library( hdrs = ["test_cluster_manager.h"], deps = [ ":utility_lib", - "//include/envoy/stats:stats_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/stats:stats_interface", + "//envoy/upstream:upstream_interface", "//source/common/api:api_lib", "//source/common/config:utility_lib", "//source/common/event:dispatcher_lib", @@ -698,10 +698,10 @@ envoy_cc_test( srcs = ["cluster_factory_impl_test.cc"], deps = [ ":utility_lib", - "//include/envoy/api:api_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/api:api_interface", + "//envoy/http:codec_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/config:metadata_lib", "//source/common/event:dispatcher_lib", "//source/common/json:json_loader_lib", diff --git a/test/common/upstream/bounded_load_hlb_test.cc b/test/common/upstream/bounded_load_hlb_test.cc index 312d45fc34b9..c9d0b9a7899b 100644 --- a/test/common/upstream/bounded_load_hlb_test.cc +++ b/test/common/upstream/bounded_load_hlb_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/upstream/thread_aware_lb_impl.h" +#include "source/common/upstream/thread_aware_lb_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/upstream/mocks.h" diff --git a/test/common/upstream/cds_api_impl_test.cc b/test/common/upstream/cds_api_impl_test.cc index 9fd535fa7204..33eaee18fa92 100644 --- a/test/common/upstream/cds_api_impl_test.cc +++ b/test/common/upstream/cds_api_impl_test.cc @@ -7,9 +7,9 @@ #include "envoy/config/core/v3/config_source.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" -#include "common/upstream/cds_api_impl.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/cds_api_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/protobuf/mocks.h" diff --git a/test/common/upstream/cluster_factory_impl_test.cc b/test/common/upstream/cluster_factory_impl_test.cc index 883bd761f012..8ae0c5cad5f5 100644 --- a/test/common/upstream/cluster_factory_impl_test.cc +++ b/test/common/upstream/cluster_factory_impl_test.cc @@ -10,11 +10,10 @@ #include "envoy/http/codec.h" #include "envoy/upstream/cluster_manager.h" -#include "common/network/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/cluster_factory_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/network/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/upstream/utility.h" #include "test/integration/clusters/cluster_factory_config.pb.validate.h" diff --git a/test/common/upstream/cluster_manager_impl_test.cc b/test/common/upstream/cluster_manager_impl_test.cc index d15250242ab6..7fed2c6567b4 100644 --- a/test/common/upstream/cluster_manager_impl_test.cc +++ b/test/common/upstream/cluster_manager_impl_test.cc @@ -4,12 +4,13 @@ #include "envoy/config/cluster/v3/cluster.pb.validate.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/network/raw_buffer_socket.h" -#include "common/router/context_impl.h" - -#include "extensions/transport_sockets/raw_buffer/config.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/router/context_impl.h" +#include "source/extensions/transport_sockets/raw_buffer/config.h" #include "test/common/upstream/test_cluster_manager.h" +#include "test/mocks/http/conn_pool.h" #include "test/mocks/upstream/cds_api.h" #include "test/mocks/upstream/cluster_priority_set.h" #include "test/mocks/upstream/cluster_real_priority_set.h" @@ -21,6 +22,23 @@ namespace Envoy { namespace Upstream { + +class HttpPoolDataPeer { +public: + static Http::ConnectionPool::MockInstance* getPool(absl::optional data) { + ASSERT(data.has_value()); + return dynamic_cast(data.value().pool_); + } +}; + +class TcpPoolDataPeer { +public: + static Tcp::ConnectionPool::MockInstance* getPool(absl::optional data) { + ASSERT(data.has_value()); + return dynamic_cast(data.value().pool_); + } +}; + namespace { using ::testing::_; @@ -155,6 +173,10 @@ class ClusterManagerImplTest : public testing::Test { Router::ContextImpl router_context_; }; +MATCHER_P(CustomDnsResolversSizeEquals, expectedResolvers, "") { + return expectedResolvers.size() == arg.size(); +} + envoy::config::bootstrap::v3::Bootstrap defaultConfig() { const std::string yaml = R"EOF( static_resources: @@ -1604,13 +1626,14 @@ TEST_F(ClusterManagerImplTest, DynamicAddRemove) { EXPECT_EQ(1UL, cluster_manager_->clusters().active_clusters_.size()); Http::ConnectionPool::MockInstance* cp = new Http::ConnectionPool::MockInstance(); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(cp)); - EXPECT_EQ(cp, cluster_manager_->getThreadLocalCluster("fake_cluster") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); + EXPECT_EQ(cp, HttpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("fake_cluster") + ->httpConnPool(ResourcePriority::Default, + Http::Protocol::Http11, nullptr))); Tcp::ConnectionPool::MockInstance* cp2 = new Tcp::ConnectionPool::MockInstance(); EXPECT_CALL(factory_, allocateTcpConnPool_(_)).WillOnce(Return(cp2)); - EXPECT_EQ(cp2, cluster_manager_->getThreadLocalCluster("fake_cluster") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + EXPECT_EQ(cp2, TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("fake_cluster") + ->tcpConnPool(ResourcePriority::Default, nullptr))); Network::MockClientConnection* connection = new Network::MockClientConnection(); ON_CALL(*cluster2->info_, features()) @@ -1991,10 +2014,11 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemove) { connect_timeout: 0.250s type: STRICT_DNS lb_policy: ROUND_ROBIN - dns_resolvers: - - socket_address: - address: 1.2.3.4 - port_value: 80 + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 load_assignment: cluster_name: cluster_1 endpoints: @@ -2039,16 +2063,16 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemove) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts. - Http::ConnectionPool::MockInstance* cp1 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp2 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp2 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp1_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp2_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp2_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); @@ -2066,18 +2090,18 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemove) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts. - Tcp::ConnectionPool::MockInstance* tcp1 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp2 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp1_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp2_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp2 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp2_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); EXPECT_NE(tcp1, tcp2); EXPECT_NE(tcp1_high, tcp2_high); @@ -2103,21 +2127,21 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemove) { tcp_drained_cb_high = nullptr; // Make sure we get back the same connection pool for the 2nd host as we did before the change. - Http::ConnectionPool::MockInstance* cp3 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp3 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp3_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp3_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); EXPECT_EQ(cp2, cp3); EXPECT_EQ(cp2_high, cp3_high); - Tcp::ConnectionPool::MockInstance* tcp3 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp3_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp3 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp3_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); EXPECT_EQ(tcp2, tcp3); EXPECT_EQ(tcp2_high, tcp3_high); @@ -2136,10 +2160,11 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveWithTls) { - name: cluster_1 connect_timeout: 0.250s type: STRICT_DNS - dns_resolvers: - - socket_address: - address: 1.2.3.4 - port_value: 80 + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 lb_policy: ROUND_ROBIN load_assignment: cluster_name: cluster_1 @@ -2203,16 +2228,16 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveWithTls) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts. - Http::ConnectionPool::MockInstance* cp1 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp2 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp2 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp1_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp2_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp2_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); @@ -2230,36 +2255,32 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveWithTls) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts, and for different SNIs - Tcp::ConnectionPool::MockInstance* tcp1 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp2 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp1_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp2_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp2 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp2_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); Tcp::ConnectionPool::MockInstance* tcp1_example_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &example_com_context)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &example_com_context)); Tcp::ConnectionPool::MockInstance* tcp2_example_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &example_com_context)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &example_com_context)); Tcp::ConnectionPool::MockInstance* tcp1_ibm_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); Tcp::ConnectionPool::MockInstance* tcp2_ibm_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); EXPECT_NE(tcp1, tcp2); EXPECT_NE(tcp1_high, tcp2_high); @@ -2322,38 +2343,34 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveWithTls) { tcp_drained_cb_ibm_com = nullptr; // Make sure we get back the same connection pool for the 2nd host as we did before the change. - Http::ConnectionPool::MockInstance* cp3 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp3 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Http::ConnectionPool::MockInstance* cp3_high = dynamic_cast( + Http::ConnectionPool::MockInstance* cp3_high = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::High, Http::Protocol::Http11, nullptr)); EXPECT_EQ(cp2, cp3); EXPECT_EQ(cp2_high, cp3_high); - Tcp::ConnectionPool::MockInstance* tcp3 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp3_high = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::High, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp3 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp3_high = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::High, nullptr)); Tcp::ConnectionPool::MockInstance* tcp3_example_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &example_com_context)); - Tcp::ConnectionPool::MockInstance* tcp3_example_com_with_san = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &example_com_context_with_san)); - Tcp::ConnectionPool::MockInstance* tcp3_example_com_with_san2 = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &example_com_context_with_san2)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &example_com_context)); + Tcp::ConnectionPool::MockInstance* tcp3_example_com_with_san = TcpPoolDataPeer::getPool( + cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &example_com_context_with_san)); + Tcp::ConnectionPool::MockInstance* tcp3_example_com_with_san2 = TcpPoolDataPeer::getPool( + cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &example_com_context_with_san2)); Tcp::ConnectionPool::MockInstance* tcp3_ibm_com = - dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &ibm_com_context)); EXPECT_EQ(tcp2, tcp3); EXPECT_EQ(tcp2_high, tcp3_high); @@ -2374,10 +2391,14 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveWithTls) { } // Test that default DNS resolver with TCP lookups is used, when there are no DNS custom resolvers -// configured per cluster and `use_tcp_for_dns_lookups` is set in bootstrap config. +// configured per cluster and `dns_resolver_options.use_tcp_for_dns_lookups` is set in bootstrap +// config. TEST_F(ClusterManagerImplTest, UseTcpInDefaultDnsResolver) { const std::string yaml = R"EOF( - use_tcp_for_dns_lookups: true + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: true + no_default_search_domain: true static_resources: clusters: - name: cluster_1 @@ -2398,9 +2419,9 @@ TEST_F(ClusterManagerImplTest, UseTcpInDefaultDnsResolver) { factory_.tls_.shutdownThread(); } -// Test that custom DNS resolver with UDP lookups is used, when custom resolver is configured -// per cluster and `use_tcp_for_dns_lookups` is not specified. -TEST_F(ClusterManagerImplTest, UseUdpWithCustomDnsResolver) { +// Test that custom DNS resolver is used, when custom resolver is configured +// per cluster and deprecated field `dns_resolvers` is specified. +TEST_F(ClusterManagerImplTest, CustomDnsResolverSpecifiedViaDeprecatedField) { const std::string yaml = R"EOF( static_resources: clusters: @@ -2414,20 +2435,96 @@ TEST_F(ClusterManagerImplTest, UseUdpWithCustomDnsResolver) { )EOF"; std::shared_ptr dns_resolver(new Network::MockDnsResolver()); - // `false` here stands for using udp - EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, false)).WillOnce(Return(dns_resolver)); + auto resolvers = envoy::config::core::v3::Address(); + resolvers.mutable_socket_address()->set_address("1.2.3.4"); + resolvers.mutable_socket_address()->set_port_value(80); + std::vector expectedDnsResolvers; + expectedDnsResolvers.push_back(Network::Address::resolveProtoAddress(resolvers)); + + // As custom resolver is specified via deprecated field `dns_resolvers` in clusters + // config, the method `createDnsResolver` is called once. + EXPECT_CALL(factory_.dispatcher_, + createDnsResolver(CustomDnsResolversSizeEquals(expectedDnsResolvers), _)) + .WillOnce(Return(dns_resolver)); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver is used, when custom resolver is configured per cluster. +TEST_F(ClusterManagerImplTest, CustomDnsResolverSpecified) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + auto resolvers = envoy::config::core::v3::Address(); + resolvers.mutable_socket_address()->set_address("1.2.3.4"); + resolvers.mutable_socket_address()->set_port_value(80); + std::vector expectedDnsResolvers; + expectedDnsResolvers.push_back(Network::Address::resolveProtoAddress(resolvers)); + + // As custom resolver is specified via field `dns_resolution_config.resolvers` in clusters + // config, the method `createDnsResolver` is called once. + EXPECT_CALL(factory_.dispatcher_, + createDnsResolver(CustomDnsResolversSizeEquals(expectedDnsResolvers), _)) + .WillOnce(Return(dns_resolver)); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with UDP lookups is used, when custom resolver is configured +// per cluster and `use_tcp_for_dns_lookups` is not specified. +TEST_F(ClusterManagerImplTest, UseUdpWithCustomDnsResolver) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); Network::DnsResolver::ResolveCb dns_callback; Network::MockActiveDnsQuery active_dns_query; EXPECT_CALL(*dns_resolver, resolve(_, _, _)) .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); create(parseBootstrapFromV3Yaml(yaml)); + // `false` here means use_tcp_for_dns_lookups is not being set via bootstrap config + EXPECT_EQ(false, dns_resolver_options.use_tcp_for_dns_lookups()); factory_.tls_.shutdownThread(); } // Test that custom DNS resolver with TCP lookups is used, when custom resolver is configured -// per cluster and `use_tcp_for_dns_lookups` is enabled for that cluster. -TEST_F(ClusterManagerImplTest, UseTcpWithCustomDnsResolver) { +// per cluster and `use_tcp_for_dns_lookups` (deprecated field) is specified as true. +TEST_F(ClusterManagerImplTest, UseTcpWithCustomDnsResolverViaDeprecatedField) { const std::string yaml = R"EOF( static_resources: clusters: @@ -2442,14 +2539,218 @@ TEST_F(ClusterManagerImplTest, UseTcpWithCustomDnsResolver) { )EOF"; std::shared_ptr dns_resolver(new Network::MockDnsResolver()); - // `true` here stands for using tcp - EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, true)).WillOnce(Return(dns_resolver)); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `true` here means use_tcp_for_dns_lookups is set to true + EXPECT_EQ(true, dns_resolver_options.use_tcp_for_dns_lookups()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with UDP lookups is used, when custom resolver is configured +// per cluster and `use_tcp_for_dns_lookups` is specified as true but is overridden +// by dns_resolution_config.dns_resolver_options.use_tcp_for_dns_lookups which is set as false. +TEST_F(ClusterManagerImplTest, UseUdpWithCustomDnsResolverDeprecatedFieldOverridden) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + use_tcp_for_dns_lookups: true + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: false + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); Network::DnsResolver::ResolveCb dns_callback; Network::MockActiveDnsQuery active_dns_query; EXPECT_CALL(*dns_resolver, resolve(_, _, _)) .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); create(parseBootstrapFromV3Yaml(yaml)); + // `false` here means dns_resolver_options.use_tcp_for_dns_lookups is set to false. + EXPECT_EQ(false, dns_resolver_options.use_tcp_for_dns_lookups()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with TCP lookups is used, when custom resolver is configured +// per cluster and `use_tcp_for_dns_lookups` is specified as false but is overridden +// by dns_resolution_config.dns_resolver_options.use_tcp_for_dns_lookups which is specified as true. +TEST_F(ClusterManagerImplTest, UseTcpWithCustomDnsResolverDeprecatedFieldOverridden) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + use_tcp_for_dns_lookups: false + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: true + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `true` here means dns_resolver_options.use_tcp_for_dns_lookups is set to true. + EXPECT_EQ(true, dns_resolver_options.use_tcp_for_dns_lookups()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with TCP lookups is used, when custom resolver is configured +// per cluster and `dns_resolution_config.dns_resolver_options.use_tcp_for_dns_lookups` is enabled +// for that cluster. +TEST_F(ClusterManagerImplTest, UseTcpWithCustomDnsResolver) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: true + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `true` here means dns_resolver_options.use_tcp_for_dns_lookups is set to true. + EXPECT_EQ(true, dns_resolver_options.use_tcp_for_dns_lookups()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with default search domain, when custom resolver is configured +// per cluster and `no_default_search_domain` is not specified. +TEST_F(ClusterManagerImplTest, DefaultSearchDomainWithCustomDnsResolver) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `false` here means no_default_search_domain is not being set via bootstrap config + EXPECT_EQ(false, dns_resolver_options.no_default_search_domain()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with default search domain, when custom resolver is configured +// per cluster and `no_default_search_domain` is specified as false. +TEST_F(ClusterManagerImplTest, DefaultSearchDomainWithCustomDnsResolverWithConfig) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + dns_resolver_options: + no_default_search_domain: false + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `false` here means dns_resolver_options.no_default_search_domain is set to false. + EXPECT_EQ(false, dns_resolver_options.no_default_search_domain()); + factory_.tls_.shutdownThread(); +} + +// Test that custom DNS resolver with no default search domain, when custom resolver is +// configured per cluster and `no_default_search_domain` is specified as true. +TEST_F(ClusterManagerImplTest, NoDefaultSearchDomainWithCustomDnsResolver) { + const std::string yaml = R"EOF( + static_resources: + clusters: + - name: cluster_1 + connect_timeout: 0.250s + type: STRICT_DNS + dns_resolution_config: + dns_resolver_options: + no_default_search_domain: true + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 + )EOF"; + + std::shared_ptr dns_resolver(new Network::MockDnsResolver()); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(factory_.dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(dns_resolver))); + + Network::DnsResolver::ResolveCb dns_callback; + Network::MockActiveDnsQuery active_dns_query; + EXPECT_CALL(*dns_resolver, resolve(_, _, _)) + .WillRepeatedly(DoAll(SaveArg<2>(&dns_callback), Return(&active_dns_query))); + create(parseBootstrapFromV3Yaml(yaml)); + // `true` here means dns_resolver_options.no_default_search_domain is set to true. + EXPECT_EQ(true, dns_resolver_options.no_default_search_domain()); factory_.tls_.shutdownThread(); } @@ -2464,10 +2765,11 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveDefaultPriority) { - name: cluster_1 connect_timeout: 0.250s type: STRICT_DNS - dns_resolvers: - - socket_address: - address: 1.2.3.4 - port_value: 80 + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 lb_policy: ROUND_ROBIN load_assignment: cluster_name: cluster_1 @@ -2504,13 +2806,13 @@ TEST_F(ClusterManagerImplTest, DynamicHostRemoveDefaultPriority) { EXPECT_CALL(factory_, allocateTcpConnPool_(_)) .WillOnce(ReturnNew()); - Http::ConnectionPool::MockInstance* cp = dynamic_cast( + Http::ConnectionPool::MockInstance* cp = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); // Immediate drain, since this can happen with the HTTP codecs. EXPECT_CALL(*cp, addDrainedCallback(_)) @@ -2550,10 +2852,11 @@ TEST_F(ClusterManagerImplTest, ConnPoolDestroyWithDraining) { - name: cluster_1 connect_timeout: 0.250s type: STRICT_DNS - dns_resolvers: - - socket_address: - address: 1.2.3.4 - port_value: 80 + dns_resolution_config: + resolvers: + - socket_address: + address: 1.2.3.4 + port_value: 80 lb_policy: ROUND_ROBIN load_assignment: cluster_name: cluster_1 @@ -2590,13 +2893,13 @@ TEST_F(ClusterManagerImplTest, ConnPoolDestroyWithDraining) { MockTcpConnPoolWithDestroy* mock_tcp = new MockTcpConnPoolWithDestroy(); EXPECT_CALL(factory_, allocateTcpConnPool_(_)).WillOnce(Return(mock_tcp)); - Http::ConnectionPool::MockInstance* cp = dynamic_cast( + Http::ConnectionPool::MockInstance* cp = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); // Remove the first host, this should lead to the cp being drained. Http::ConnectionPool::Instance::DrainedCb drained_cb; @@ -2641,11 +2944,11 @@ TEST_F(ClusterManagerImplTest, OriginalDstInitialization) { EXPECT_FALSE(all_clusters.active_clusters_.at("cluster_1").get().info()->addedViaApi()); // Test for no hosts returning the correct values before we have hosts. - EXPECT_EQ(nullptr, + EXPECT_EQ(absl::nullopt, cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - EXPECT_EQ(nullptr, cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + EXPECT_EQ(absl::nullopt, cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); EXPECT_EQ(nullptr, cluster_manager_->getThreadLocalCluster("cluster_1")->tcpConn(nullptr).connection_); EXPECT_EQ(3UL, factory_.stats_.counter("cluster.cluster_1.upstream_cx_none_healthy").value()); @@ -3041,9 +3344,9 @@ TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsPassedToTcpConnPool) { EXPECT_CALL(context, upstreamSocketOptions()).WillOnce(Return(options_to_return)); EXPECT_CALL(factory_, allocateTcpConnPool_(_)).WillOnce(Return(to_create)); - Tcp::ConnectionPool::Instance* cp = cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, &context); - EXPECT_NE(nullptr, cp); + auto opt_cp = cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, &context); + EXPECT_TRUE(opt_cp.has_value()); } TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsPassedToConnPool) { @@ -3057,11 +3360,9 @@ TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsPassedToConnPool) { EXPECT_CALL(context, upstreamSocketOptions()).WillOnce(Return(options_to_return)); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(to_create)); - Http::ConnectionPool::Instance* cp = - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context); - - EXPECT_NE(nullptr, cp); + auto opt_cp = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context); + EXPECT_TRUE(opt_cp.has_value()); } TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsUsedInConnPoolHash) { @@ -3080,21 +3381,23 @@ TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsUsedInConnPoolHash) { EXPECT_CALL(context2, upstreamSocketOptions()).WillRepeatedly(Return(options2)); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(to_create1)); - Http::ConnectionPool::Instance* cp1 = + Http::ConnectionPool::Instance* cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context1); + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context1)); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(to_create2)); - Http::ConnectionPool::Instance* cp2 = + Http::ConnectionPool::Instance* cp2 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context2); + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context2)); - Http::ConnectionPool::Instance* should_be_cp1 = + Http::ConnectionPool::Instance* should_be_cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context1); - Http::ConnectionPool::Instance* should_be_cp2 = + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context1)); + EXPECT_NE(nullptr, cp1); + EXPECT_NE(nullptr, cp2); + Http::ConnectionPool::Instance* should_be_cp2 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context2); + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context2)); // The different upstream options should lead to different hashKeys, thus different pools. EXPECT_NE(cp1, cp2); @@ -3114,11 +3417,30 @@ TEST_F(ClusterManagerImplTest, UpstreamSocketOptionsNullIsOkay) { EXPECT_CALL(context, upstreamSocketOptions()).WillOnce(Return(options_to_return)); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(to_create)); - Http::ConnectionPool::Instance* cp = - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context); + auto opt_cp = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context); + EXPECT_TRUE(opt_cp.has_value()); +} + +TEST_F(ClusterManagerImplTest, HttpPoolDataForwardsCallsToConnectionPool) { + createWithLocalClusterUpdate(); + NiceMock context; + + Http::ConnectionPool::MockInstance* pool_mock = new Http::ConnectionPool::MockInstance(); + Network::Socket::OptionsSharedPtr options_to_return = nullptr; - EXPECT_NE(nullptr, cp); + EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)).WillOnce(Return(pool_mock)); + + auto opt_cp = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &context); + ASSERT_TRUE(opt_cp.has_value()); + + EXPECT_CALL(*pool_mock, hasActiveConnections()).WillOnce(Return(true)); + opt_cp.value().hasActiveConnections(); + + ConnectionPool::Instance::DrainedCb drained_cb = []() {}; + EXPECT_CALL(*pool_mock, addDrainedCallback(_)); + opt_cp.value().addDrainedCallback(drained_cb); } class TestUpstreamNetworkFilter : public Network::WriteFilter { @@ -4002,11 +4324,11 @@ TEST_F(ClusterManagerImplTest, ConnPoolsDrainedOnHostSetChange) { EXPECT_FALSE(all_clusters.active_clusters_.at("cluster_1").get().info()->addedViaApi()); // Verify that we get no hosts when the HostSet is empty. - EXPECT_EQ(nullptr, + EXPECT_EQ(absl::nullopt, cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - EXPECT_EQ(nullptr, cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + EXPECT_EQ(absl::nullopt, cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); EXPECT_EQ(nullptr, cluster_manager_->getThreadLocalCluster("cluster_1")->tcpConn(nullptr).connection_); @@ -4037,21 +4359,21 @@ TEST_F(ClusterManagerImplTest, ConnPoolsDrainedOnHostSetChange) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts. - Http::ConnectionPool::MockInstance* cp1 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); // Create persistent connection for host2. - Http::ConnectionPool::MockInstance* cp2 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp2 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http2, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp1 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp2 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp2 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); EXPECT_NE(cp1, cp2); EXPECT_NE(tcp1, tcp2); @@ -4077,13 +4399,12 @@ TEST_F(ClusterManagerImplTest, ConnPoolsDrainedOnHostSetChange) { hosts_removed, 100); // Recreate connection pool for host1. - cp1 = dynamic_cast( + cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - tcp1 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + tcp1 = TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); HostSharedPtr host3 = makeTestHost(cluster.info(), "tcp://127.0.0.1:82", time_system_); @@ -4145,13 +4466,13 @@ TEST_F(ClusterManagerImplTest, ConnPoolsNotDrainedOnHostSetChange) { .WillRepeatedly(ReturnNew()); // This should provide us a CP for each of the above hosts. - Http::ConnectionPool::MockInstance* cp1 = dynamic_cast( + Http::ConnectionPool::MockInstance* cp1 = HttpPoolDataPeer::getPool( cluster_manager_->getThreadLocalCluster("cluster_1") ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr)); - Tcp::ConnectionPool::MockInstance* tcp1 = dynamic_cast( - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr)); + Tcp::ConnectionPool::MockInstance* tcp1 = + TcpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr)); HostSharedPtr host2 = makeTestHost(cluster.info(), "tcp://127.0.0.1:82", time_system_); HostVector hosts_added; @@ -4279,8 +4600,9 @@ TEST_F(ClusterManagerImplTest, ConnectionPoolPerDownstreamConnection) { EXPECT_CALL(downstream_connection, hashKey) .WillOnce(Invoke([i](std::vector& hash_key) { hash_key.push_back(i); })); EXPECT_EQ(conn_pool_vector.back(), - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &lb_context)); + HttpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, + Http::Protocol::Http11, &lb_context))); } // Check that the first entry is still in the pool map @@ -4288,8 +4610,9 @@ TEST_F(ClusterManagerImplTest, ConnectionPoolPerDownstreamConnection) { hash_key.push_back(0); })); EXPECT_EQ(conn_pool_vector.front(), - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, &lb_context)); + HttpPoolDataPeer::getPool(cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, + Http::Protocol::Http11, &lb_context))); } class PreconnectTest : public ClusterManagerImplTest { @@ -4346,6 +4669,9 @@ class PreconnectTest : public ClusterManagerImplTest { HostSharedPtr host2_; HostSharedPtr host3_; HostSharedPtr host4_; + Http::MockResponseDecoder decoder_; + Http::ConnectionPool::MockCallbacks http_callbacks_; + Tcp::ConnectionPool::MockCallbacks tcp_callbacks_; }; TEST_F(PreconnectTest, PreconnectOff) { @@ -4354,33 +4680,39 @@ TEST_F(PreconnectTest, PreconnectOff) { initialize(0); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)) .Times(1) - .WillRepeatedly(ReturnNew()); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + .WillRepeatedly(ReturnNew>()); + auto http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); EXPECT_CALL(factory_, allocateTcpConnPool_(_)) .Times(1) - .WillRepeatedly(ReturnNew()); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr); + .WillRepeatedly(ReturnNew>()); + auto tcp_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr); + ASSERT_TRUE(tcp_handle.has_value()); + tcp_handle.value().newConnection(tcp_callbacks_); } TEST_F(PreconnectTest, PreconnectOn) { - // With preconnect set to 1.1, each request for a connection pool will kick off + // With preconnect set to 1.1, maybePreconnect will kick off // preconnecting, so create the pool for both the current connection and the // anticipated one. initialize(1.1); EXPECT_CALL(factory_, allocateConnPool_(_, _, _, _, _)) .Times(2) .WillRepeatedly(ReturnNew>()); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + auto http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); EXPECT_CALL(factory_, allocateTcpConnPool_(_)) .Times(2) .WillRepeatedly(ReturnNew>()); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr); + auto tcp_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr); + ASSERT_TRUE(tcp_handle.has_value()); + tcp_handle.value().newConnection(tcp_callbacks_); } TEST_F(PreconnectTest, PreconnectHighHttp) { @@ -4397,8 +4729,9 @@ TEST_F(PreconnectTest, PreconnectHighHttp) { })); return ret; })); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + auto http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); // Expect preconnect to be called 3 times across the four hosts. EXPECT_EQ(3, http_preconnect); } @@ -4417,8 +4750,9 @@ TEST_F(PreconnectTest, PreconnectHighTcp) { })); return ret; })); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->tcpConnPool(ResourcePriority::Default, nullptr); + auto tcp_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->tcpConnPool(ResourcePriority::Default, nullptr); + tcp_handle.value().newConnection(tcp_callbacks_); // Expect preconnect to be called 3 times across the four hosts. EXPECT_EQ(3, tcp_preconnect); } @@ -4437,8 +4771,9 @@ TEST_F(PreconnectTest, PreconnectCappedAt3) { })); return ret; })); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + auto http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); // Expect preconnect to be called 3 times across the four hosts. EXPECT_EQ(3, http_preconnect); @@ -4447,8 +4782,9 @@ TEST_F(PreconnectTest, PreconnectCappedAt3) { // do the full 3 as the number of outstanding preconnects is limited by the // number of healthy hosts. http_preconnect = 0; - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); EXPECT_EQ(2, http_preconnect); } @@ -4467,8 +4803,9 @@ TEST_F(PreconnectTest, PreconnectCappedByMaybePreconnect) { })); return ret; })); - cluster_manager_->getThreadLocalCluster("cluster_1") - ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + auto http_handle = cluster_manager_->getThreadLocalCluster("cluster_1") + ->httpConnPool(ResourcePriority::Default, Http::Protocol::Http11, nullptr); + http_handle.value().newStream(decoder_, http_callbacks_); // Expect preconnect to be called once and then preconnecting is stopped. EXPECT_EQ(1, http_preconnect_calls); } diff --git a/test/common/upstream/cluster_update_tracker_test.cc b/test/common/upstream/cluster_update_tracker_test.cc index 7081841e0ae7..c97ac7831db1 100644 --- a/test/common/upstream/cluster_update_tracker_test.cc +++ b/test/common/upstream/cluster_update_tracker_test.cc @@ -1,4 +1,4 @@ -#include "common/upstream/cluster_update_tracker.h" +#include "source/common/upstream/cluster_update_tracker.h" #include "test/mocks/upstream/cluster_manager.h" #include "test/mocks/upstream/thread_local_cluster.h" diff --git a/test/common/upstream/conn_pool_map_impl_test.cc b/test/common/upstream/conn_pool_map_impl_test.cc index 64c518b2fc68..6ce14d2becd6 100644 --- a/test/common/upstream/conn_pool_map_impl_test.cc +++ b/test/common/upstream/conn_pool_map_impl_test.cc @@ -3,7 +3,7 @@ #include "envoy/http/conn_pool.h" -#include "common/upstream/conn_pool_map_impl.h" +#include "source/common/upstream/conn_pool_map_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/upstream/edf_scheduler_test.cc b/test/common/upstream/edf_scheduler_test.cc index a0f0b92168c8..7eac13bc8153 100644 --- a/test/common/upstream/edf_scheduler_test.cc +++ b/test/common/upstream/edf_scheduler_test.cc @@ -1,4 +1,4 @@ -#include "common/upstream/edf_scheduler.h" +#include "source/common/upstream/edf_scheduler.h" #include "gtest/gtest.h" diff --git a/test/common/upstream/eds_speed_test.cc b/test/common/upstream/eds_speed_test.cc index 32e94e7d1e44..e6da3c12a1ec 100644 --- a/test/common/upstream/eds_speed_test.cc +++ b/test/common/upstream/eds_speed_test.cc @@ -8,14 +8,13 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/grpc_mux_impl.h" -#include "common/config/grpc_subscription_impl.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/config/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/eds.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/config/grpc_mux_impl.h" +#include "source/common/config/grpc_subscription_impl.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/eds.h" +#include "source/server/transport_socket_config_impl.h" #include "test/benchmark/main.h" #include "test/common/upstream/utility.h" diff --git a/test/common/upstream/eds_test.cc b/test/common/upstream/eds_test.cc index 0a25e8436eda..93a31a2b6095 100644 --- a/test/common/upstream/eds_test.cc +++ b/test/common/upstream/eds_test.cc @@ -7,11 +7,10 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/eds.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/config/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/eds.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/common/upstream/utility.h" diff --git a/test/common/upstream/hds_test.cc b/test/common/upstream/hds_test.cc index 0dfa0fc64af6..7f0801af4a6f 100644 --- a/test/common/upstream/hds_test.cc +++ b/test/common/upstream/hds_test.cc @@ -5,13 +5,12 @@ #include "envoy/service/health/v3/hds.pb.h" #include "envoy/type/v3/http.pb.h" -#include "common/protobuf/protobuf.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/health_discovery_service.h" -#include "common/upstream/transport_socket_match_impl.h" - -#include "extensions/transport_sockets/raw_buffer/config.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/health_discovery_service.h" +#include "source/common/upstream/transport_socket_match_impl.h" +#include "source/extensions/transport_sockets/raw_buffer/config.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/upstream/health_check_fuzz.cc b/test/common/upstream/health_check_fuzz.cc index d2e37392b296..e0f3d3ad094a 100644 --- a/test/common/upstream/health_check_fuzz.cc +++ b/test/common/upstream/health_check_fuzz.cc @@ -3,7 +3,7 @@ #include #include -#include "common/grpc/common.h" +#include "source/common/grpc/common.h" #include "test/common/upstream/utility.h" #include "test/fuzz/utility.h" @@ -343,9 +343,9 @@ void GrpcHealthCheckFuzz::initialize(test::common::upstream::HealthCheckTestCase Event::MockDispatcher dispatcher_; auto time_source = std::make_unique>(); test_session.codec_client_ = new CodecClientForTest( - Http::CodecClient::Type::HTTP1, std::move(conn_data.connection_), - test_session.codec_, nullptr, - Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", *time_source), dispatcher_); + Http::CodecType::HTTP1, std::move(conn_data.connection_), test_session.codec_, + nullptr, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", *time_source), + dispatcher_); return test_session.codec_client_; })); expectStreamCreate(); diff --git a/test/common/upstream/health_check_fuzz_test_utils.cc b/test/common/upstream/health_check_fuzz_test_utils.cc index e67e5f7a6cf0..0bfae721dca7 100644 --- a/test/common/upstream/health_check_fuzz_test_utils.cc +++ b/test/common/upstream/health_check_fuzz_test_utils.cc @@ -52,8 +52,8 @@ void HttpHealthCheckerImplTestBase::expectClientCreate( new NiceMock()}; Event::MockDispatcher dispatcher_; test_session.codec_client_ = new CodecClientForTest( - Http::CodecClient::Type::HTTP1, std::move(conn_data.connection_), - test_session.codec_, nullptr, + Http::CodecType::HTTP1, std::move(conn_data.connection_), test_session.codec_, + nullptr, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", dispatcher_.timeSource()), dispatcher_); return test_session.codec_client_; @@ -129,8 +129,8 @@ void GrpcHealthCheckerImplTestBaseUtils::expectClientCreate(size_t index) { Event::MockDispatcher dispatcher_; test_session.codec_client_ = new CodecClientForTest( - Http::CodecClient::Type::HTTP1, std::move(conn_data.connection_), - test_session.codec_, nullptr, + Http::CodecType::HTTP1, std::move(conn_data.connection_), test_session.codec_, + nullptr, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", dispatcher_.timeSource()), dispatcher_); return test_session.codec_client_; diff --git a/test/common/upstream/health_check_fuzz_test_utils.h b/test/common/upstream/health_check_fuzz_test_utils.h index afc9b0a86cf1..936e51cc5322 100644 --- a/test/common/upstream/health_check_fuzz_test_utils.h +++ b/test/common/upstream/health_check_fuzz_test_utils.h @@ -2,7 +2,7 @@ #include -#include "common/upstream/health_checker_impl.h" +#include "source/common/upstream/health_checker_impl.h" #include "test/common/http/common.h" #include "test/mocks/common.h" @@ -37,7 +37,7 @@ class TestHttpHealthCheckerImpl : public HttpHealthCheckerImpl { // HttpHealthCheckerImpl MOCK_METHOD(Http::CodecClient*, createCodecClient_, (Upstream::Host::CreateConnectionData&)); - Http::CodecClient::Type codecClientType() { return codec_client_type_; } + Http::CodecType codecClientType() { return codec_client_type_; } }; class HttpHealthCheckerImplTestBase : public HealthCheckerTestBase { diff --git a/test/common/upstream/health_checker_impl_test.cc b/test/common/upstream/health_checker_impl_test.cc index efb4b3b6c961..35e224aa2875 100644 --- a/test/common/upstream/health_checker_impl_test.cc +++ b/test/common/upstream/health_checker_impl_test.cc @@ -10,15 +10,15 @@ #include "envoy/data/core/v3/health_check_event.pb.h" #include "envoy/upstream/health_check_host_monitor.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/common.h" -#include "common/http/headers.h" -#include "common/json/json_loader.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/upstream/health_checker_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/http/headers.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/common.h" #include "test/common/upstream/utility.h" @@ -124,7 +124,7 @@ class TestHttpHealthCheckerImpl : public HttpHealthCheckerImpl { // HttpHealthCheckerImpl MOCK_METHOD(Http::CodecClient*, createCodecClient_, (Upstream::Host::CreateConnectionData&)); - Http::CodecClient::Type codecClientType() { return codec_client_type_; } + Http::CodecType codecClientType() { return codec_client_type_; } }; class HttpHealthCheckerImplTest : public Event::TestUsingSimulatedTime, @@ -584,9 +584,9 @@ class HttpHealthCheckerImplTest : public Event::TestUsingSimulatedTime, new NiceMock()}; Event::MockDispatcher dispatcher_; test_session.codec_client_ = new CodecClientForTest( - Http::CodecClient::Type::HTTP1, std::move(conn_data.connection_), - test_session.codec_, nullptr, - Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", simTime()), dispatcher_); + Http::CodecType::HTTP1, std::move(conn_data.connection_), test_session.codec_, + nullptr, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", simTime()), + dispatcher_); return test_session.codec_client_; })); } @@ -2530,7 +2530,7 @@ TEST_F(HttpHealthCheckerImplTest, SuccessWithMultipleHostsAndAltPort) { TEST_F(HttpHealthCheckerImplTest, Http2ClusterUseHttp2CodecClient) { setupNoServiceValidationHCWithHttp2(); - EXPECT_EQ(Http::CodecClient::Type::HTTP2, health_checker_->codecClientType()); + EXPECT_EQ(Http::CodecType::HTTP2, health_checker_->codecClientType()); } MATCHER_P(MetadataEq, expected, "") { @@ -3006,7 +3006,7 @@ class ProdHttpHealthCheckerTest : public testing::Test, public HealthCheckerTest TEST_F(ProdHttpHealthCheckerTest, ProdHttpHealthCheckerH1HealthChecking) { setupNoServiceValidationHC(); - EXPECT_EQ(Http::CodecClient::Type::HTTP1, + EXPECT_EQ(Http::CodecType::HTTP1, health_checker_->createCodecClientForTest(std::move(connection_))->type()); } @@ -3028,7 +3028,7 @@ TEST_F(HttpHealthCheckerImplTest, DEPRECATED_FEATURE_TEST(Http1CodecClient)) { allocHealthChecker(yaml, false); addCompletionCallback(); - EXPECT_EQ(Http::CodecClient::Type::HTTP1, health_checker_->codecClientType()); + EXPECT_EQ(Http::CodecType::HTTP1, health_checker_->codecClientType()); } TEST_F(HttpHealthCheckerImplTest, DEPRECATED_FEATURE_TEST(Http2CodecClient)) { @@ -3049,7 +3049,7 @@ TEST_F(HttpHealthCheckerImplTest, DEPRECATED_FEATURE_TEST(Http2CodecClient)) { allocHealthChecker(yaml, false); addCompletionCallback(); - EXPECT_EQ(Http::CodecClient::Type::HTTP2, health_checker_->codecClientType()); + EXPECT_EQ(Http::CodecType::HTTP2, health_checker_->codecClientType()); } TEST_F(HttpHealthCheckerImplTest, DEPRECATED_FEATURE_TEST(ServiceNameMatch)) { @@ -3120,7 +3120,7 @@ TEST_F(HttpHealthCheckerImplTest, DEPRECATED_FEATURE_TEST(ServiceNameMismatch)) TEST_F(ProdHttpHealthCheckerTest, ProdHttpHealthCheckerH2HealthChecking) { setupNoServiceValidationHCWithHttp2(); - EXPECT_EQ(Http::CodecClient::Type::HTTP2, + EXPECT_EQ(Http::CodecType::HTTP2, health_checker_->createCodecClientForTest(std::move(connection_))->type()); } @@ -4122,9 +4122,9 @@ class GrpcHealthCheckerImplTestBase : public Event::TestUsingSimulatedTime, Event::MockDispatcher dispatcher_; test_session.codec_client_ = new CodecClientForTest( - Http::CodecClient::Type::HTTP1, std::move(conn_data.connection_), - test_session.codec_, nullptr, - Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", simTime()), dispatcher_); + Http::CodecType::HTTP1, std::move(conn_data.connection_), test_session.codec_, + nullptr, Upstream::makeTestHost(cluster, "tcp://127.0.0.1:9000", simTime()), + dispatcher_); return test_session.codec_client_; })); } diff --git a/test/common/upstream/host_utility_test.cc b/test/common/upstream/host_utility_test.cc index 3e4e81d7bbb1..f31ee62514ce 100644 --- a/test/common/upstream/host_utility_test.cc +++ b/test/common/upstream/host_utility_test.cc @@ -1,6 +1,6 @@ -#include "common/network/utility.h" -#include "common/upstream/host_utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/host_utility.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/load_balancer_benchmark.cc b/test/common/upstream/load_balancer_benchmark.cc index 4d536e187b64..22f58f0f9337 100644 --- a/test/common/upstream/load_balancer_benchmark.cc +++ b/test/common/upstream/load_balancer_benchmark.cc @@ -4,12 +4,12 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/common/random_generator.h" -#include "common/memory/stats.h" -#include "common/upstream/maglev_lb.h" -#include "common/upstream/ring_hash_lb.h" -#include "common/upstream/subset_lb.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/memory/stats.h" +#include "source/common/upstream/maglev_lb.h" +#include "source/common/upstream/ring_hash_lb.h" +#include "source/common/upstream/subset_lb.h" +#include "source/common/upstream/upstream_impl.h" #include "test/benchmark/main.h" #include "test/common/upstream/utility.h" @@ -538,7 +538,7 @@ class SubsetLbTester : public BaseTester { envoy::config::cluster::v3::Cluster::LbSubsetConfig::ANY_ENDPOINT); auto* selector = subset_config.mutable_subset_selectors()->Add(); selector->set_single_host_per_subset(single_host_per_subset); - *selector->mutable_keys()->Add() = metadata_key; + *selector->mutable_keys()->Add() = std::string(metadata_key); subset_info_ = std::make_unique(subset_config); lb_ = std::make_unique(LoadBalancerType::Random, priority_set_, diff --git a/test/common/upstream/load_balancer_fuzz_base.h b/test/common/upstream/load_balancer_fuzz_base.h index d478cffcf3c0..727da689047b 100644 --- a/test/common/upstream/load_balancer_fuzz_base.h +++ b/test/common/upstream/load_balancer_fuzz_base.h @@ -2,7 +2,7 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/upstream/load_balancer_impl.h" #include "test/common/upstream/load_balancer_fuzz.pb.validate.h" #include "test/fuzz/random.h" diff --git a/test/common/upstream/load_balancer_impl_test.cc b/test/common/upstream/load_balancer_impl_test.cc index 6135f6f9534a..77b391e6e090 100644 --- a/test/common/upstream/load_balancer_impl_test.cc +++ b/test/common/upstream/load_balancer_impl_test.cc @@ -6,9 +6,9 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/network/utility.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/load_balancer_simulation_test.cc b/test/common/upstream/load_balancer_simulation_test.cc index ef431232f63b..28ded32dd029 100644 --- a/test/common/upstream/load_balancer_simulation_test.cc +++ b/test/common/upstream/load_balancer_simulation_test.cc @@ -7,11 +7,11 @@ #include "envoy/config/core/v3/health_check.pb.h" #include "envoy/config/endpoint/v3/endpoint_components.pb.h" -#include "common/common/fmt.h" -#include "common/common/random_generator.h" -#include "common/network/utility.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/random_generator.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/load_stats_reporter_test.cc b/test/common/upstream/load_stats_reporter_test.cc index 46105592c00a..81edc2ed4377 100644 --- a/test/common/upstream/load_stats_reporter_test.cc +++ b/test/common/upstream/load_stats_reporter_test.cc @@ -3,7 +3,7 @@ #include "envoy/config/endpoint/v3/load_report.pb.h" #include "envoy/service/load_stats/v3/lrs.pb.h" -#include "common/upstream/load_stats_reporter.h" +#include "source/common/upstream/load_stats_reporter.h" #include "test/mocks/event/mocks.h" #include "test/mocks/grpc/mocks.h" diff --git a/test/common/upstream/logical_dns_cluster_test.cc b/test/common/upstream/logical_dns_cluster_test.cc index 095ec4974c30..ce94bf6e2184 100644 --- a/test/common/upstream/logical_dns_cluster_test.cc +++ b/test/common/upstream/logical_dns_cluster_test.cc @@ -10,11 +10,10 @@ #include "envoy/stats/scope.h" #include "envoy/upstream/health_check_host_monitor.h" -#include "common/network/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/logical_dns_cluster.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/network/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/logical_dns_cluster.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/maglev_lb_test.cc b/test/common/upstream/maglev_lb_test.cc index 8dd1de142c54..46315da016db 100644 --- a/test/common/upstream/maglev_lb_test.cc +++ b/test/common/upstream/maglev_lb_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/upstream/maglev_lb.h" +#include "source/common/upstream/maglev_lb.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/original_dst_cluster_test.cc b/test/common/upstream/original_dst_cluster_test.cc index 1a9743ebd595..9b5cb0db5abe 100644 --- a/test/common/upstream/original_dst_cluster_test.cc +++ b/test/common/upstream/original_dst_cluster_test.cc @@ -8,13 +8,12 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/stats/scope.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/original_dst_cluster.h" -#include "common/upstream/upstream_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/original_dst_cluster.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" @@ -142,28 +141,8 @@ TEST_F(OriginalDstClusterTest, BadConfigWithLoadAssignment) { port_value: 8000 )EOF"; - EXPECT_THROW_WITH_MESSAGE( - setupFromYaml(yaml), EnvoyException, - "ORIGINAL_DST clusters must have no load assignment or hosts configured"); -} - -TEST_F(OriginalDstClusterTest, DEPRECATED_FEATURE_TEST(BadConfigWithDeprecatedHosts)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml = R"EOF( - name: name - connect_timeout: 0.25s - type: ORIGINAL_DST - lb_policy: ORIGINAL_DST_LB - cleanup_interval: 1s - hosts: - - socket_address: - address: 127.0.0.1 - port_value: 8000 - )EOF"; - - EXPECT_THROW_WITH_MESSAGE( - setupFromYaml(yaml, false), EnvoyException, - "ORIGINAL_DST clusters must have no load assignment or hosts configured"); + EXPECT_THROW_WITH_MESSAGE(setupFromYaml(yaml), EnvoyException, + "ORIGINAL_DST clusters must have no load assignment configured"); } TEST_F(OriginalDstClusterTest, CleanupInterval) { diff --git a/test/common/upstream/outlier_detection_impl_test.cc b/test/common/upstream/outlier_detection_impl_test.cc index a5641f643f22..46e3166c77a7 100644 --- a/test/common/upstream/outlier_detection_impl_test.cc +++ b/test/common/upstream/outlier_detection_impl_test.cc @@ -8,9 +8,9 @@ #include "envoy/config/cluster/v3/outlier_detection.pb.h" #include "envoy/data/cluster/v3/outlier_detection_event.pb.h" -#include "common/network/utility.h" -#include "common/upstream/outlier_detection_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/outlier_detection_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/common/upstream/priority_conn_pool_map_impl_test.cc b/test/common/upstream/priority_conn_pool_map_impl_test.cc index fbe98e4d17e1..60252e332c58 100644 --- a/test/common/upstream/priority_conn_pool_map_impl_test.cc +++ b/test/common/upstream/priority_conn_pool_map_impl_test.cc @@ -2,7 +2,7 @@ #include "envoy/http/conn_pool.h" -#include "common/upstream/priority_conn_pool_map_impl.h" +#include "source/common/upstream/priority_conn_pool_map_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/upstream/resource_manager_impl_test.cc b/test/common/upstream/resource_manager_impl_test.cc index f92cf3009d63..726a7f41eb74 100644 --- a/test/common/upstream/resource_manager_impl_test.cc +++ b/test/common/upstream/resource_manager_impl_test.cc @@ -1,7 +1,7 @@ #include "envoy/stats/stats.h" #include "envoy/upstream/upstream.h" -#include "common/upstream/resource_manager_impl.h" +#include "source/common/upstream/resource_manager_impl.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/common/upstream/ring_hash_lb_test.cc b/test/common/upstream/ring_hash_lb_test.cc index 7e8ff95141ab..e9071eb1f5a2 100644 --- a/test/common/upstream/ring_hash_lb_test.cc +++ b/test/common/upstream/ring_hash_lb_test.cc @@ -6,9 +6,9 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/router/router.h" -#include "common/network/utility.h" -#include "common/upstream/ring_hash_lb.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/ring_hash_lb.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/common/upstream/subset_lb_test.cc b/test/common/upstream/subset_lb_test.cc index 3ab29348bc9d..8d5204287ea5 100644 --- a/test/common/upstream/subset_lb_test.cc +++ b/test/common/upstream/subset_lb_test.cc @@ -8,10 +8,10 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/config/core/v3/base.pb.h" -#include "common/common/logger.h" -#include "common/config/metadata.h" -#include "common/upstream/subset_lb.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/logger.h" +#include "source/common/config/metadata.h" +#include "source/common/upstream/subset_lb.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/common/upstream/test_cluster_manager.h b/test/common/upstream/test_cluster_manager.h index 55b51ee3e01f..03a7cf951d4c 100644 --- a/test/common/upstream/test_cluster_manager.h +++ b/test/common/upstream/test_cluster_manager.h @@ -10,20 +10,19 @@ #include "envoy/network/listen_socket.h" #include "envoy/upstream/upstream.h" -#include "common/api/api_impl.h" -#include "common/config/utility.h" -#include "common/http/context_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/socket_option_impl.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/cluster_manager_impl.h" -#include "common/upstream/subset_lb.h" - -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/config/utility.h" +#include "source/common/http/context_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/cluster_manager_impl.h" +#include "source/common/upstream/subset_lb.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/common/upstream/utility.h" diff --git a/test/common/upstream/transport_socket_matcher_test.cc b/test/common/upstream/transport_socket_matcher_test.cc index b564192f860e..caa0adc9c73e 100644 --- a/test/common/upstream/transport_socket_matcher_test.cc +++ b/test/common/upstream/transport_socket_matcher_test.cc @@ -8,11 +8,10 @@ #include "envoy/network/transport_socket.h" #include "envoy/stats/scope.h" -#include "common/config/metadata.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/upstream/transport_socket_match_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/upstream/transport_socket_match_impl.h" +#include "source/server/transport_socket_config_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/transport_socket_factory_context.h" diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc index ef1e342c7a7d..ed7586497ae4 100644 --- a/test/common/upstream/upstream_impl_test.cc +++ b/test/common/upstream/upstream_impl_test.cc @@ -16,13 +16,12 @@ #include "envoy/upstream/health_check_host_monitor.h" #include "envoy/upstream/upstream.h" -#include "common/config/metadata.h" -#include "common/network/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/static_cluster.h" -#include "common/upstream/strict_dns_cluster.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/network/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/static_cluster.h" +#include "source/common/upstream/strict_dns_cluster.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/common/upstream/utility.h" @@ -1300,6 +1299,13 @@ TEST_F(HostImplTest, HealthPipeAddress) { EnvoyException, "Invalid host configuration: non-zero port for non-IP address"); } +TEST_F(HostImplTest, HostAddressList) { + MockClusterMockPrioritySet cluster; + HostSharedPtr host = makeTestHost(cluster.info_, "tcp://10.0.0.1:1234", simTime(), 1); + const std::vector address_list = {}; + EXPECT_EQ(address_list, host->addressList()); +} + // Test that hostname flag from the health check config propagates. TEST_F(HostImplTest, HealthcheckHostname) { std::shared_ptr info{new NiceMock()}; @@ -2343,22 +2349,22 @@ TEST_F(ClusterInfoImplTest, RetryBudgetDefaultPopulation) { std::tie(budget_percent, min_retry_concurrency) = RetryBudgetTestClusterInfo::getRetryBudgetParams(threshold[1]); EXPECT_EQ(budget_percent, 20.0); - EXPECT_EQ(min_retry_concurrency, 3); + EXPECT_EQ(min_retry_concurrency, 3UL); std::tie(budget_percent, min_retry_concurrency) = RetryBudgetTestClusterInfo::getRetryBudgetParams(threshold[2]); EXPECT_EQ(budget_percent, 20.0); - EXPECT_EQ(min_retry_concurrency, 3); + EXPECT_EQ(min_retry_concurrency, 3UL); std::tie(budget_percent, min_retry_concurrency) = RetryBudgetTestClusterInfo::getRetryBudgetParams(threshold[3]); EXPECT_EQ(budget_percent, 42.0); - EXPECT_EQ(min_retry_concurrency, 3); + EXPECT_EQ(min_retry_concurrency, 3UL); std::tie(budget_percent, min_retry_concurrency) = RetryBudgetTestClusterInfo::getRetryBudgetParams(threshold[4]); EXPECT_EQ(budget_percent, 20.0); - EXPECT_EQ(min_retry_concurrency, 123); + EXPECT_EQ(min_retry_concurrency, 123UL); } // Eds service_name is populated. diff --git a/test/common/upstream/utility.h b/test/common/upstream/utility.h index 3ea7b6139135..e3f3a18a11f7 100644 --- a/test/common/upstream/utility.h +++ b/test/common/upstream/utility.h @@ -8,12 +8,12 @@ #include "envoy/config/endpoint/v3/endpoint_components.pb.h" #include "envoy/upstream/upstream.h" -#include "common/common/utility.h" -#include "common/config/metadata.h" -#include "common/config/well_known_names.h" -#include "common/json/json_loader.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/metadata.h" +#include "source/common/config/well_known_names.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" #include "test/test_common/utility.h" diff --git a/test/common/watchdog/BUILD b/test/common/watchdog/BUILD index 85edbe118222..e1539697f667 100644 --- a/test/common/watchdog/BUILD +++ b/test/common/watchdog/BUILD @@ -15,9 +15,9 @@ envoy_cc_test( "abseil_synchronization", ], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/registry", - "//include/envoy/server:guarddog_config_interface", + "//envoy/common:time_interface", + "//envoy/registry", + "//envoy/server:guarddog_config_interface", "//source/common/watchdog:abort_action_config", "//source/common/watchdog:abort_action_lib", "//test/common/stats:stat_test_utility_lib", @@ -31,8 +31,8 @@ envoy_cc_test( name = "abort_action_config_test", srcs = ["abort_action_config_test.cc"], deps = [ - "//include/envoy/registry", - "//include/envoy/server:guarddog_config_interface", + "//envoy/registry", + "//envoy/server:guarddog_config_interface", "//source/common/watchdog:abort_action_config", "//source/common/watchdog:abort_action_lib", "//test/common/stats:stat_test_utility_lib", diff --git a/test/common/watchdog/abort_action_config_test.cc b/test/common/watchdog/abort_action_config_test.cc index 9bec9ec8133a..f456687abc02 100644 --- a/test/common/watchdog/abort_action_config_test.cc +++ b/test/common/watchdog/abort_action_config_test.cc @@ -2,7 +2,7 @@ #include "envoy/server/guarddog_config.h" #include "envoy/watchdog/v3alpha/abort_action.pb.h" -#include "common/watchdog/abort_action_config.h" +#include "source/common/watchdog/abort_action_config.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/common/watchdog/abort_action_test.cc b/test/common/watchdog/abort_action_test.cc index 7f2f1bf4606e..ebdbb8c87031 100644 --- a/test/common/watchdog/abort_action_test.cc +++ b/test/common/watchdog/abort_action_test.cc @@ -8,8 +8,8 @@ #include "envoy/thread/thread.h" #include "envoy/watchdog/v3alpha/abort_action.pb.h" -#include "common/watchdog/abort_action.h" -#include "common/watchdog/abort_action_config.h" +#include "source/common/watchdog/abort_action.h" +#include "source/common/watchdog/abort_action_config.h" #include "test/common/stats/stat_test_utility.h" #include "test/test_common/utility.h" diff --git a/test/config/integration/google_com_proxy_port_0.yaml b/test/config/integration/google_com_proxy_port_0.yaml index 5f0fc0980216..7cd32030991b 100644 --- a/test/config/integration/google_com_proxy_port_0.yaml +++ b/test/config/integration/google_com_proxy_port_0.yaml @@ -29,18 +29,18 @@ static_resources: - name: local_service domains: ["*"] routes: - - match: { prefix: "/" } - route: { host_rewrite_literal: www.google.com, cluster: service_google } + - match: {prefix: "/"} + route: {host_rewrite_literal: www.google.com, cluster: service_google} clusters: - name: service_google connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks - dns_lookup_family: {{ dns_lookup_family }} + dns_lookup_family: "{{ dns_lookup_family }}" lb_policy: ROUND_ROBIN load_assignment: cluster_name: service_google endpoints: - lb_endpoints: - endpoint: - address: { socket_address: { address: google.com, port_value: 443 }} + address: {socket_address: {address: google.com, port_value: 443}} diff --git a/test/config/integration/server.yaml b/test/config/integration/server.yaml index 6a8d7562e763..85bc2fac1f7c 100644 --- a/test/config/integration/server.yaml +++ b/test/config/integration/server.yaml @@ -2,9 +2,9 @@ static_resources: listeners: - address: socket_address: - address: {{ ip_loopback_address }} + address: "{{ ip_loopback_address }}" port_value: 0 - reuse_port: {{ reuse_port }} + reuse_port: "{{ reuse_port }}" filter_chains: - filters: - name: http @@ -15,24 +15,24 @@ static_resources: virtual_hosts: - require_tls: all routes: - - route: { cluster: cluster_1 } - match: { prefix: "/" } + - route: {cluster: cluster_1} + match: {prefix: "/"} domains: - www.redirect.com name: redirect - routes: - - match: { prefix: "/" } + - match: {prefix: "/"} route: cluster: cluster_1 - - match: { prefix: "/test/long/url" } + - match: {prefix: "/test/long/url"} route: rate_limits: - actions: - destination_cluster: {} cluster: cluster_1 - - match: { prefix: "/test/" } - route: { cluster: cluster_2 } - - match: { prefix: "/websocket/test" } + - match: {prefix: "/test/"} + route: {cluster: cluster_2} + - match: {prefix: "/websocket/test"} route: prefix_rewrite: "/websocket" cluster: cluster_1 @@ -53,7 +53,7 @@ static_resources: - name: accesslog typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" filter: or_filter: filters: @@ -79,8 +79,8 @@ static_resources: - endpoint: address: socket_address: - address: {{ ip_loopback_address }} - port_value: {{ upstream_0 }} + address: "{{ ip_loopback_address }}" + port_value: "{{ upstream_0 }}" dns_lookup_family: "{{ dns_lookup_family }}" - name: cluster_2 type: STRICT_DNS @@ -93,7 +93,7 @@ static_resources: address: socket_address: address: localhost - port_value: {{ upstream_1 }} + port_value: "{{ upstream_1 }}" dns_lookup_family: "{{ dns_lookup_family }}" - name: cluster_3 connect_timeout: 5s @@ -105,8 +105,8 @@ static_resources: - endpoint: address: socket_address: - address: {{ ip_loopback_address }} - port_value: {{ upstream_0 }} + address: "{{ ip_loopback_address }}" + port_value: "{{ upstream_0 }}" dns_lookup_family: "{{ dns_lookup_family }}" - name: statsd type: STRICT_DNS @@ -145,7 +145,7 @@ stats_sinks: "@type": type.googleapis.com/envoy.config.metrics.v3.StatsdSink address: socket_address: - address: {{ ip_loopback_address }} + address: "{{ ip_loopback_address }}" port_value: 8125 - name: tcp_stats typed_config: @@ -154,17 +154,17 @@ stats_sinks: watchdog: {} layered_runtime: layers: - - name: root - disk_layer: - symlink_root: "{{ test_tmpdir }}/test/common/runtime/test_data/current" - subdirectory: envoy - - name: override - disk_layer: - symlink_root: "{{ test_tmpdir }}/test/common/runtime/test_data/current" - subdirectory: envoy_override - append_service_cluster: true - - name: admin - admin_layer: {} + - name: root + disk_layer: + symlink_root: "{{ test_tmpdir }}/test/common/runtime/test_data/current" + subdirectory: envoy + - name: override + disk_layer: + symlink_root: "{{ test_tmpdir }}/test/common/runtime/test_data/current" + subdirectory: envoy_override + append_service_cluster: true + - name: admin + admin_layer: {} admin: access_log: - name: envoy.access_loggers.file @@ -174,5 +174,5 @@ admin: profile_path: "{{ test_tmpdir }}/envoy.prof" address: socket_address: - address: {{ ip_loopback_address }} + address: "{{ ip_loopback_address }}" port_value: 0 diff --git a/test/config/integration/server_unix_listener.yaml b/test/config/integration/server_unix_listener.yaml index 3f89f25483ab..50301659febc 100644 --- a/test/config/integration/server_unix_listener.yaml +++ b/test/config/integration/server_unix_listener.yaml @@ -21,8 +21,8 @@ static_resources: - "*" name: vhost_0 routes: - - match: { prefix: "/" } - route: { cluster: cluster_0 } + - match: {prefix: "/"} + route: {cluster: cluster_0} clusters: - name: cluster_0 connect_timeout: 5s diff --git a/test/config/integration/server_xds.bootstrap.udpa.yaml b/test/config/integration/server_xds.bootstrap.udpa.yaml index 67bb71339fa2..edc3c0b0e2de 100644 --- a/test/config/integration/server_xds.bootstrap.udpa.yaml +++ b/test/config/integration/server_xds.bootstrap.udpa.yaml @@ -1,8 +1,8 @@ dynamic_resources: - lds_resources_locator: file:///{{ lds_json_path }} + lds_resources_locator: "file:///{{ lds_json_path }}" cds_config: resource_api_version: V3 - path: {{ cds_json_path }} + path: "{{ cds_json_path }}" admin: access_log: - name: envoy.access_loggers.file @@ -11,5 +11,5 @@ admin: path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 diff --git a/test/config/integration/server_xds.bootstrap.yaml b/test/config/integration/server_xds.bootstrap.yaml index 71cbb44399c4..4600631b064b 100644 --- a/test/config/integration/server_xds.bootstrap.yaml +++ b/test/config/integration/server_xds.bootstrap.yaml @@ -1,10 +1,10 @@ dynamic_resources: lds_config: resource_api_version: V3 - path: {{ lds_json_path }} + path: "{{ lds_json_path }}" cds_config: resource_api_version: V3 - path: {{ cds_json_path }} + path: "{{ cds_json_path }}" admin: access_log: - name: envoy.access_loggers.file @@ -13,5 +13,5 @@ admin: path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 diff --git a/test/config/integration/server_xds.cds.with_unknown_field.yaml b/test/config/integration/server_xds.cds.with_unknown_field.yaml index 7b94528c68d0..872e1f838aa6 100644 --- a/test/config/integration/server_xds.cds.with_unknown_field.yaml +++ b/test/config/integration/server_xds.cds.with_unknown_field.yaml @@ -2,18 +2,19 @@ version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster name: cluster_1 - connect_timeout: { seconds: 5 } + connect_timeout: {seconds: 5} type: EDS eds_cluster_config: eds_config: resource_api_version: V3 - path: {{ eds_json_path }} + path: "{{ eds_json_path }}" lb_policy: ROUND_ROBIN typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions explicit_http_config: http2_protocol_options: {} + typed_extension_protocol_options: envoy.test.dynamic_validation: "@type": type.googleapis.com/google.protobuf.Struct diff --git a/test/config/integration/server_xds.cds.yaml b/test/config/integration/server_xds.cds.yaml index 84694a9b7d25..afab3501382a 100644 --- a/test/config/integration/server_xds.cds.yaml +++ b/test/config/integration/server_xds.cds.yaml @@ -2,12 +2,12 @@ version_info: "0" resources: - "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster name: cluster_1 - connect_timeout: { seconds: 5 } + connect_timeout: {seconds: 5} type: EDS eds_cluster_config: eds_config: resource_api_version: V3 - path: {{ eds_json_path }} + path: "{{ eds_json_path }}" lb_policy: ROUND_ROBIN typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: diff --git a/test/config/integration/server_xds.eds.ads_cluster.yaml b/test/config/integration/server_xds.eds.ads_cluster.yaml index 238cf06945ac..236fcd1e747b 100644 --- a/test/config/integration/server_xds.eds.ads_cluster.yaml +++ b/test/config/integration/server_xds.eds.ads_cluster.yaml @@ -7,5 +7,5 @@ resources: - endpoint: address: socket_address: - address: {{ ntop_ip_loopback_address }} - port_value: {{ upstream_0 }} + address: "{{ ntop_ip_loopback_address }}" + port_value: "{{ upstream_0 }}" diff --git a/test/config/integration/server_xds.eds.with_unknown_field.yaml b/test/config/integration/server_xds.eds.with_unknown_field.yaml index 982e5851671a..2343b889bb11 100644 --- a/test/config/integration/server_xds.eds.with_unknown_field.yaml +++ b/test/config/integration/server_xds.eds.with_unknown_field.yaml @@ -8,5 +8,5 @@ resources: - endpoint: address: socket_address: - address: {{ ntop_ip_loopback_address }} - port_value: {{ upstream_0 }} + address: "{{ ntop_ip_loopback_address }}" + port_value: "{{ upstream_0 }}" diff --git a/test/config/integration/server_xds.eds.yaml b/test/config/integration/server_xds.eds.yaml index 0499334e60c6..ab0e4a2bbe22 100644 --- a/test/config/integration/server_xds.eds.yaml +++ b/test/config/integration/server_xds.eds.yaml @@ -7,5 +7,5 @@ resources: - endpoint: address: socket_address: - address: {{ ntop_ip_loopback_address }} - port_value: {{ upstream_0 }} + address: "{{ ntop_ip_loopback_address }}" + port_value: "{{ upstream_0 }}" diff --git a/test/config/integration/server_xds.lds.typed_struct.yaml b/test/config/integration/server_xds.lds.typed_struct.yaml index 9e704231cb01..27e29f620979 100644 --- a/test/config/integration/server_xds.lds.typed_struct.yaml +++ b/test/config/integration/server_xds.lds.typed_struct.yaml @@ -4,7 +4,7 @@ resources: name: listener_0 address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: @@ -20,5 +20,5 @@ resources: route_config_name: route_config_0 config_source: resource_api_version: V3 - path: {{ rds_json_path }} - http_filters: [{ name: envoy.filters.http.router }] + path: "{{ rds_json_path }}" + http_filters: [{name: envoy.filters.http.router}] diff --git a/test/config/integration/server_xds.lds.udpa.list_collection.yaml b/test/config/integration/server_xds.lds.udpa.list_collection.yaml index cd134ea54831..d7b48248c25d 100644 --- a/test/config/integration/server_xds.lds.udpa.list_collection.yaml +++ b/test/config/integration/server_xds.lds.udpa.list_collection.yaml @@ -10,7 +10,7 @@ resource: name: listener_0 address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: @@ -24,5 +24,5 @@ resource: route_config_name: route_config_0 config_source: resource_api_version: V3 - path: {{ rds_json_path }} - http_filters: [{ name: envoy.filters.http.router }] + path: "{{ rds_json_path }}" + http_filters: [{name: envoy.filters.http.router}] diff --git a/test/config/integration/server_xds.lds.with_unknown_field.typed_struct.yaml b/test/config/integration/server_xds.lds.with_unknown_field.typed_struct.yaml index f68b3e46d9b7..5da3e5cb9439 100644 --- a/test/config/integration/server_xds.lds.with_unknown_field.typed_struct.yaml +++ b/test/config/integration/server_xds.lds.with_unknown_field.typed_struct.yaml @@ -4,7 +4,7 @@ resources: name: listener_0 address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: @@ -20,6 +20,6 @@ resources: route_config_name: route_config_0 config_source: resource_api_version: V3 - path: {{ rds_json_path }} - http_filters: [{ name: envoy.filters.http.router }] + path: "{{ rds_json_path }}" + http_filters: [{name: envoy.filters.http.router}] foo: bar diff --git a/test/config/integration/server_xds.lds.with_unknown_field.yaml b/test/config/integration/server_xds.lds.with_unknown_field.yaml index a759f06a2408..b191a5bae8ce 100644 --- a/test/config/integration/server_xds.lds.with_unknown_field.yaml +++ b/test/config/integration/server_xds.lds.with_unknown_field.yaml @@ -4,7 +4,7 @@ resources: name: listener_0 address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: @@ -19,6 +19,6 @@ resources: transport_api_version: V3 config_source: resource_api_version: V3 - path: {{ rds_json_path }} - http_filters: [{ name: envoy.filters.http.router }] + path: "{{ rds_json_path }}" + http_filters: [{name: envoy.filters.http.router}] foo: bar diff --git a/test/config/integration/server_xds.lds.yaml b/test/config/integration/server_xds.lds.yaml index 0bebb732ecd4..1e195ba21065 100644 --- a/test/config/integration/server_xds.lds.yaml +++ b/test/config/integration/server_xds.lds.yaml @@ -4,7 +4,7 @@ resources: name: listener_0 address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: @@ -18,5 +18,5 @@ resources: route_config_name: route_config_0 config_source: resource_api_version: V3 - path: {{ rds_json_path }} - http_filters: [{ name: envoy.filters.http.router }] + path: "{{ rds_json_path }}" + http_filters: [{name: envoy.filters.http.router}] diff --git a/test/config/integration/server_xds.rds.with_unknown_field.yaml b/test/config/integration/server_xds.rds.with_unknown_field.yaml index f0f5c84e87d2..172d77ae6b33 100644 --- a/test/config/integration/server_xds.rds.with_unknown_field.yaml +++ b/test/config/integration/server_xds.rds.with_unknown_field.yaml @@ -4,8 +4,8 @@ resources: name: route_config_0 virtual_hosts: - name: integration - domains: [ "*" ] + domains: ["*"] routes: - - match: { prefix: "/test/long/url" } - route: { cluster: cluster_1 } + - match: {prefix: "/test/long/url"} + route: {cluster: cluster_1} foo: bar diff --git a/test/config/integration/server_xds.rds.yaml b/test/config/integration/server_xds.rds.yaml index ca849add15b3..5b429ec9a788 100644 --- a/test/config/integration/server_xds.rds.yaml +++ b/test/config/integration/server_xds.rds.yaml @@ -4,7 +4,7 @@ resources: name: route_config_0 virtual_hosts: - name: integration - domains: [ "*" ] + domains: ["*"] routes: - - match: { prefix: "/test/long/url" } - route: { cluster: cluster_1 } + - match: {prefix: "/test/long/url"} + route: {cluster: cluster_1} diff --git a/test/config/utility.cc b/test/config/utility.cc index 0ce0a4313b5a..10ad584efcbc 100644 --- a/test/config/utility.cc +++ b/test/config/utility.cc @@ -15,9 +15,9 @@ #include "envoy/http/codec.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/common/assert.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" #include "test/config/integration/certs/client_ecdsacert_hash.h" #include "test/config/integration/certs/clientcert_hash.h" @@ -610,9 +610,6 @@ ConfigHelper::ConfigHelper(const Network::Address::IpVersion version, Api::Api& for (int i = 0; i < static_resources->clusters_size(); ++i) { auto* cluster = static_resources->mutable_clusters(i); - RELEASE_ASSERT( - cluster->hidden_envoy_deprecated_hosts().empty(), - "Hosts should be specified via load_assignment() in the integration test framework."); for (int j = 0; j < cluster->load_assignment().endpoints_size(); ++j) { auto* locality_lb = cluster->mutable_load_assignment()->mutable_endpoints(j); for (int k = 0; k < locality_lb->lb_endpoints_size(); ++k) { @@ -696,8 +693,10 @@ void ConfigHelper::applyConfigModifiers() { config_modifiers_.clear(); } -void ConfigHelper::configureUpstreamTls(bool use_alpn, bool http3) { - addConfigModifier([use_alpn, http3](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { +void ConfigHelper::configureUpstreamTls(bool use_alpn, bool http3, + bool use_alternate_protocols_cache) { + addConfigModifier([use_alpn, http3, use_alternate_protocols_cache]( + envoy::config::bootstrap::v3::Bootstrap& bootstrap) { auto* cluster = bootstrap.mutable_static_resources()->mutable_clusters(0); ConfigHelper::HttpProtocolOptions protocol_options; @@ -727,6 +726,11 @@ void ConfigHelper::configureUpstreamTls(bool use_alpn, bool http3) { new_protocol_options.mutable_auto_config()->mutable_http3_protocol_options()->MergeFrom( old_protocol_options.explicit_http_config().http3_protocol_options()); } + if (use_alternate_protocols_cache) { + new_protocol_options.mutable_auto_config() + ->mutable_alternate_protocols_cache_options() + ->set_name("default_alternate_protocols_cache"); + } (*cluster->mutable_typed_extension_protocol_options()) ["envoy.extensions.upstreams.http.v3.HttpProtocolOptions"] .PackFrom(new_protocol_options); @@ -824,9 +828,6 @@ void ConfigHelper::finalize(const std::vector& ports) { custom_cluster = true; } else { // Assign ports to statically defined load_assignment hosts. - RELEASE_ASSERT( - cluster->hidden_envoy_deprecated_hosts().empty(), - "Hosts should be specified via load_assignment() in the integration test framework."); for (int j = 0; j < cluster->load_assignment().endpoints_size(); ++j) { auto locality_lb = cluster->mutable_load_assignment()->mutable_endpoints(j); for (int k = 0; k < locality_lb->lb_endpoints_size(); ++k) { @@ -1150,8 +1151,7 @@ bool ConfigHelper::setAccessLog( if (!formatters.empty()) { for (const auto& formatter : formatters) { auto* added_formatter = log_format->add_formatters(); - added_formatter->set_name(formatter.name()); - added_formatter->mutable_typed_config()->PackFrom(formatter.typed_config()); + added_formatter->CopyFrom(formatter); } } } @@ -1384,6 +1384,27 @@ void ConfigHelper::adjustUpstreamTimeoutForTsan( timeout->set_seconds(TSAN_TIMEOUT_FACTOR * timeout_ms / 1000); } +envoy::config::core::v3::Http3ProtocolOptions ConfigHelper::http2ToHttp3ProtocolOptions( + const envoy::config::core::v3::Http2ProtocolOptions& http2_options, + size_t http3_max_stream_receive_window) { + envoy::config::core::v3::Http3ProtocolOptions http3_options; + if (http2_options.has_initial_stream_window_size() && + http2_options.initial_stream_window_size().value() < http3_max_stream_receive_window) { + // Set http3 stream flow control window only if the configured http2 stream flow control + // window is smaller than the upper limit of flow control window supported by QUICHE which is + // also the default for http3 streams. + http3_options.mutable_quic_protocol_options()->mutable_initial_stream_window_size()->set_value( + http2_options.initial_stream_window_size().value()); + } + if (http2_options.has_override_stream_error_on_invalid_http_message()) { + http3_options.mutable_override_stream_error_on_invalid_http_message()->set_value( + http2_options.override_stream_error_on_invalid_http_message().value()); + } else if (http2_options.stream_error_on_invalid_http_messaging()) { + http3_options.mutable_override_stream_error_on_invalid_http_message()->set_value(true); + } + return http3_options; +} + CdsHelper::CdsHelper() : cds_path_(TestEnvironment::writeStringToFileForTest("cds.pb_text", "")) {} void CdsHelper::setCds(const std::vector& clusters) { diff --git a/test/config/utility.h b/test/config/utility.h index f2b6ccc38b28..17d634eb1caf 100644 --- a/test/config/utility.h +++ b/test/config/utility.h @@ -17,10 +17,10 @@ #include "envoy/extensions/upstreams/http/v3/http_protocol_options.pb.h" #include "envoy/http/codes.h" -#include "common/config/api_version.h" -#include "common/network/address_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/integration/server_stats.h" @@ -243,7 +243,7 @@ class ConfigHelper { void addSslConfig() { addSslConfig({}); } // Add the default SSL configuration for QUIC downstream. - void addQuicDownstreamTransportSocketConfig(bool resuse_port); + void addQuicDownstreamTransportSocketConfig(bool reuse_port); // Set the HTTP access log for the first HCM (if present) to a given file. The default is // the platform's null device. @@ -294,7 +294,8 @@ class ConfigHelper { void applyConfigModifiers(); // Configure Envoy to do TLS to upstream. - void configureUpstreamTls(bool use_alpn = false, bool http3 = false); + void configureUpstreamTls(bool use_alpn = false, bool http3 = false, + bool use_alternate_protocols_cache = false); // Skip validation that ensures that all upstream ports are referenced by the // configuration generated in ConfigHelper::finalize. @@ -328,6 +329,11 @@ class ConfigHelper { HttpProtocolOptions& protocol_options); static void setHttp2(envoy::config::cluster::v3::Cluster& cluster); + // Populate and return a Http3ProtocolOptions instance based on http2_options. + static envoy::config::core::v3::Http3ProtocolOptions + http2ToHttp3ProtocolOptions(const envoy::config::core::v3::Http2ProtocolOptions& http2_options, + size_t http3_max_stream_receive_window); + private: static bool shouldBoost(envoy::config::core::v3::ApiVersion api_version) { return api_version == envoy::config::core::v3::ApiVersion::V2; diff --git a/test/config_test/config_test.cc b/test/config_test/config_test.cc index 61cb500c1253..3c8acc2592c6 100644 --- a/test/config_test/config_test.cc +++ b/test/config_test/config_test.cc @@ -6,13 +6,12 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" -#include "common/common/fmt.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_features.h" - -#include "server/config_validation/server.h" -#include "server/configuration_impl.h" -#include "server/options_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_features.h" +#include "source/server/config_validation/server.h" +#include "source/server/configuration_impl.h" +#include "source/server/options_impl.h" #include "test/integration/server.h" #include "test/mocks/server/instance.h" @@ -214,7 +213,7 @@ uint32_t run(const std::string& directory) { ENVOY_LOG_MISC(info, "testing {}.\n", filename); if (std::find_if(unsuported_win32_configs.begin(), unsuported_win32_configs.end(), [filename](const absl::string_view& s) { - return filename.find(s) != std::string::npos; + return filename.find(std::string(s)) != std::string::npos; }) == unsuported_win32_configs.end()) { OptionsImpl options( Envoy::Server::createTestOptionsImpl(filename, "", Network::Address::IpVersion::v6)); diff --git a/test/config_test/example_configs_test.cc b/test/config_test/example_configs_test.cc index ca52b4b768ba..37e0d561d8dc 100644 --- a/test/config_test/example_configs_test.cc +++ b/test/config_test/example_configs_test.cc @@ -1,4 +1,4 @@ -#include "common/filesystem/filesystem_impl.h" +#include "source/common/filesystem/filesystem_impl.h" #include "test/config_test/config_test.h" #include "test/test_common/environment.h" diff --git a/test/exe/main_common_test.cc b/test/exe/main_common_test.cc index c814950b3771..70c3ad4a4b2c 100644 --- a/test/exe/main_common_test.cc +++ b/test/exe/main_common_test.cc @@ -1,15 +1,13 @@ #include "envoy/common/platform.h" -#include "common/common/lock_guard.h" -#include "common/common/mutex_tracer_impl.h" -#include "common/common/random_generator.h" -#include "common/common/thread.h" -#include "common/runtime/runtime_impl.h" - -#include "exe/main_common.h" -#include "exe/platform_impl.h" - -#include "server/options_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/mutex_tracer_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/common/thread.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/exe/main_common.h" +#include "source/exe/platform_impl.h" +#include "source/server/options_impl.h" #include "test/mocks/common.h" #include "test/test_common/contention.h" @@ -20,7 +18,7 @@ #include "gtest/gtest.h" #ifdef ENVOY_HANDLE_SIGNALS -#include "common/signal/signal_action.h" +#include "source/common/signal/signal_action.h" #endif #include "absl/synchronization/notification.h" diff --git a/test/exe/platform_impl_test.cc b/test/exe/platform_impl_test.cc index 955a55710eb8..862631309b35 100644 --- a/test/exe/platform_impl_test.cc +++ b/test/exe/platform_impl_test.cc @@ -1,4 +1,4 @@ -#include "exe/platform_impl.h" +#include "source/exe/platform_impl.h" #include "test/mocks/common.h" #include "test/test_common/utility.h" diff --git a/test/exe/terminate_handler_test.cc b/test/exe/terminate_handler_test.cc index d48782242ae9..501f8218ccaf 100644 --- a/test/exe/terminate_handler_test.cc +++ b/test/exe/terminate_handler_test.cc @@ -1,4 +1,4 @@ -#include "exe/terminate_handler.h" +#include "source/exe/terminate_handler.h" #include "test/test_common/utility.h" diff --git a/test/extensions/access_loggers/common/access_log_base_test.cc b/test/extensions/access_loggers/common/access_log_base_test.cc index 4b43d05dfbaf..021459669616 100644 --- a/test/extensions/access_loggers/common/access_log_base_test.cc +++ b/test/extensions/access_loggers/common/access_log_base_test.cc @@ -1,4 +1,4 @@ -#include "extensions/access_loggers/common/access_log_base.h" +#include "source/extensions/access_loggers/common/access_log_base.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/access_loggers/common/grpc_access_logger_test.cc b/test/extensions/access_loggers/common/grpc_access_logger_test.cc index 0b3d1aaa9f6f..992803c3fd7e 100644 --- a/test/extensions/access_loggers/common/grpc_access_logger_test.cc +++ b/test/extensions/access_loggers/common/grpc_access_logger_test.cc @@ -5,12 +5,11 @@ #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/service/accesslog/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/typed_async_client.h" -#include "common/network/address_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/grpc_access_logger.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/typed_async_client.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/grpc_access_logger.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/grpc/mocks.h" @@ -20,7 +19,6 @@ #include "test/test_common/test_runtime.h" using testing::_; -using testing::AnyNumber; using testing::InSequence; using testing::Invoke; using testing::NiceMock; diff --git a/test/extensions/access_loggers/file/config_test.cc b/test/extensions/access_loggers/file/config_test.cc index 3cdaeca9c7b9..4126b865e7ef 100644 --- a/test/extensions/access_loggers/file/config_test.cc +++ b/test/extensions/access_loggers/file/config_test.cc @@ -2,12 +2,10 @@ #include "envoy/extensions/access_loggers/file/v3/file.pb.h" #include "envoy/registry/registry.h" -#include "common/access_log/access_log_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" -#include "extensions/access_loggers/file/config.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" +#include "source/extensions/access_loggers/file/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/access_loggers/grpc/grpc_access_log_impl_test.cc b/test/extensions/access_loggers/grpc/grpc_access_log_impl_test.cc index e470423856db..65fe0cd6185b 100644 --- a/test/extensions/access_loggers/grpc/grpc_access_log_impl_test.cc +++ b/test/extensions/access_loggers/grpc/grpc_access_log_impl_test.cc @@ -5,9 +5,8 @@ #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" #include "envoy/service/accesslog/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" - -#include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/extensions/access_loggers/grpc/grpc_access_log_utils_test.cc b/test/extensions/access_loggers/grpc/grpc_access_log_utils_test.cc index e24d70df36b0..c91799947621 100644 --- a/test/extensions/access_loggers/grpc/grpc_access_log_utils_test.cc +++ b/test/extensions/access_loggers/grpc/grpc_access_log_utils_test.cc @@ -1,6 +1,6 @@ #include "envoy/data/accesslog/v3/accesslog.pb.h" -#include "extensions/access_loggers/grpc/grpc_access_log_utils.h" +#include "source/extensions/access_loggers/grpc/grpc_access_log_utils.h" #include "test/mocks/stream_info/mocks.h" @@ -47,6 +47,7 @@ TEST(UtilityResponseFlagsToAccessLogResponseFlagsTest, All) { common_access_log_expected.mutable_response_flags()->set_duration_timeout(true); common_access_log_expected.mutable_response_flags()->set_upstream_protocol_error(true); common_access_log_expected.mutable_response_flags()->set_no_cluster_found(true); + common_access_log_expected.mutable_response_flags()->set_overload_manager(true); EXPECT_EQ(common_access_log_expected.DebugString(), common_access_log.DebugString()); } diff --git a/test/extensions/access_loggers/grpc/http_config_test.cc b/test/extensions/access_loggers/grpc/http_config_test.cc index 1b4a1956a341..c4d7db133a78 100644 --- a/test/extensions/access_loggers/grpc/http_config_test.cc +++ b/test/extensions/access_loggers/grpc/http_config_test.cc @@ -4,8 +4,7 @@ #include "envoy/server/access_log_config.h" #include "envoy/stats/scope.h" -#include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "test/mocks/server/factory_context.h" @@ -26,7 +25,7 @@ class HttpGrpcAccessLogConfigTest : public testing::Test { void SetUp() override { factory_ = Registry::FactoryRegistry::getFactory( - AccessLogNames::get().HttpGrpc); + "envoy.access_loggers.http_grpc"); ASSERT_NE(nullptr, factory_); message_ = factory_->createEmptyConfigProto(); diff --git a/test/extensions/access_loggers/grpc/http_grpc_access_log_impl_test.cc b/test/extensions/access_loggers/grpc/http_grpc_access_log_impl_test.cc index b475d85155a3..42969c35dfa4 100644 --- a/test/extensions/access_loggers/grpc/http_grpc_access_log_impl_test.cc +++ b/test/extensions/access_loggers/grpc/http_grpc_access_log_impl_test.cc @@ -3,12 +3,11 @@ #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/network/address_impl.h" -#include "common/router/string_accessor_impl.h" -#include "common/stream_info/uint32_accessor_impl.h" - -#include "extensions/access_loggers/grpc/http_grpc_access_log_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/common/stream_info/uint32_accessor_impl.h" +#include "source/extensions/access_loggers/grpc/http_grpc_access_log_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/grpc/mocks.h" diff --git a/test/extensions/access_loggers/grpc/http_grpc_access_log_integration_test.cc b/test/extensions/access_loggers/grpc/http_grpc_access_log_integration_test.cc index eb594fd1b993..0699fc5e81f9 100644 --- a/test/extensions/access_loggers/grpc/http_grpc_access_log_integration_test.cc +++ b/test/extensions/access_loggers/grpc/http_grpc_access_log_integration_test.cc @@ -3,10 +3,10 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/accesslog/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/version/version.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/version/version.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -22,11 +22,11 @@ namespace { class AccessLogIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - AccessLogIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + AccessLogIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initialize() override { diff --git a/test/extensions/access_loggers/grpc/tcp_grpc_access_log_integration_test.cc b/test/extensions/access_loggers/grpc/tcp_grpc_access_log_integration_test.cc index 51fc54f02d78..2bec4fd81fcc 100644 --- a/test/extensions/access_loggers/grpc/tcp_grpc_access_log_integration_test.cc +++ b/test/extensions/access_loggers/grpc/tcp_grpc_access_log_integration_test.cc @@ -4,10 +4,10 @@ #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/service/accesslog/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/version/version.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/version/version.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -34,7 +34,7 @@ class TcpGrpcAccessLogIntegrationTest : public Grpc::VersionedGrpcClientIntegrat void createUpstreams() override { BaseIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initialize() override { diff --git a/test/extensions/access_loggers/open_telemetry/BUILD b/test/extensions/access_loggers/open_telemetry/BUILD index 12b6b55caf82..765d9005a967 100644 --- a/test/extensions/access_loggers/open_telemetry/BUILD +++ b/test/extensions/access_loggers/open_telemetry/BUILD @@ -33,7 +33,7 @@ envoy_extension_cc_test( srcs = ["access_log_impl_test.cc"], extension_name = "envoy.access_loggers.open_telemetry", deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/protobuf", "//source/common/router:string_accessor_lib", "//source/extensions/access_loggers/open_telemetry:access_log_lib", diff --git a/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc b/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc index 5cce3f6e8f0f..933daaf8ed71 100644 --- a/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc +++ b/test/extensions/access_loggers/open_telemetry/access_log_impl_test.cc @@ -5,12 +5,11 @@ #include "envoy/data/accesslog/v3/accesslog.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/network/address_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/router/string_accessor_impl.h" - -#include "extensions/access_loggers/open_telemetry/access_log_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/grpc/mocks.h" diff --git a/test/extensions/access_loggers/open_telemetry/access_log_integration_test.cc b/test/extensions/access_loggers/open_telemetry/access_log_integration_test.cc index 107572c662d6..66c62fccf311 100644 --- a/test/extensions/access_loggers/open_telemetry/access_log_integration_test.cc +++ b/test/extensions/access_loggers/open_telemetry/access_log_integration_test.cc @@ -3,10 +3,10 @@ #include "envoy/extensions/access_loggers/open_telemetry/v3alpha/logs_service.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/version/version.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/version/version.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -49,11 +49,11 @@ namespace { class AccessLogIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - AccessLogIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + AccessLogIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initialize() override { diff --git a/test/extensions/access_loggers/open_telemetry/config_test.cc b/test/extensions/access_loggers/open_telemetry/config_test.cc index ed7070680c8e..35017d283154 100644 --- a/test/extensions/access_loggers/open_telemetry/config_test.cc +++ b/test/extensions/access_loggers/open_telemetry/config_test.cc @@ -4,9 +4,8 @@ #include "envoy/server/access_log_config.h" #include "envoy/stats/scope.h" -#include "extensions/access_loggers/open_telemetry/access_log_impl.h" -#include "extensions/access_loggers/open_telemetry/config.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/extensions/access_loggers/open_telemetry/access_log_impl.h" +#include "source/extensions/access_loggers/open_telemetry/config.h" #include "test/mocks/server/factory_context.h" @@ -27,7 +26,7 @@ class OpenTelemetryAccessLogConfigTest : public testing::Test { void SetUp() override { factory_ = Registry::FactoryRegistry::getFactory( - AccessLogNames::get().OpenTelemetry); + "envoy.access_loggers.open_telemetry"); ASSERT_NE(nullptr, factory_); message_ = factory_->createEmptyConfigProto(); diff --git a/test/extensions/access_loggers/open_telemetry/grpc_access_log_impl_test.cc b/test/extensions/access_loggers/open_telemetry/grpc_access_log_impl_test.cc index 5a5c9e70a885..4b42d1e5de54 100644 --- a/test/extensions/access_loggers/open_telemetry/grpc_access_log_impl_test.cc +++ b/test/extensions/access_loggers/open_telemetry/grpc_access_log_impl_test.cc @@ -3,9 +3,8 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/extensions/access_loggers/grpc/v3/als.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" - -#include "extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/extensions/access_loggers/open_telemetry/grpc_access_log_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/extensions/access_loggers/stream/stream_test_base.h b/test/extensions/access_loggers/stream/stream_test_base.h index 57b1c04f1e82..6a55c3c81f03 100644 --- a/test/extensions/access_loggers/stream/stream_test_base.h +++ b/test/extensions/access_loggers/stream/stream_test_base.h @@ -1,12 +1,10 @@ #include "envoy/extensions/access_loggers/stream/v3/stream.pb.h" #include "envoy/registry/registry.h" -#include "common/access_log/access_log_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" -#include "extensions/access_loggers/stream/config.h" -#include "extensions/access_loggers/well_known_names.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" +#include "source/extensions/access_loggers/stream/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/access_loggers/wasm/config_test.cc b/test/extensions/access_loggers/wasm/config_test.cc index 85cdde6141e0..690834d707a8 100644 --- a/test/extensions/access_loggers/wasm/config_test.cc +++ b/test/extensions/access_loggers/wasm/config_test.cc @@ -1,13 +1,11 @@ #include "envoy/extensions/access_loggers/wasm/v3/wasm.pb.h" #include "envoy/registry/registry.h" -#include "common/access_log/access_log_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/access_loggers/wasm/config.h" -#include "extensions/access_loggers/wasm/wasm_access_log_impl.h" -#include "extensions/access_loggers/well_known_names.h" -#include "extensions/common/wasm/wasm.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/access_loggers/wasm/config.h" +#include "source/extensions/access_loggers/wasm/wasm_access_log_impl.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/server/mocks.h" @@ -42,7 +40,7 @@ INSTANTIATE_TEST_SUITE_P(Runtimes, WasmAccessLogConfigTest, TEST_P(WasmAccessLogConfigTest, CreateWasmFromEmpty) { auto factory = Registry::FactoryRegistry::getFactory( - AccessLogNames::get().Wasm); + "envoy.access_loggers.wasm"); ASSERT_NE(factory, nullptr); ProtobufTypes::MessagePtr message = factory->createEmptyConfigProto(); @@ -66,7 +64,7 @@ TEST_P(WasmAccessLogConfigTest, CreateWasmFromWASM) { #endif auto factory = Registry::FactoryRegistry::getFactory( - AccessLogNames::get().Wasm); + "envoy.access_loggers.wasm"); ASSERT_NE(factory, nullptr); envoy::extensions::access_loggers::wasm::v3::WasmAccessLog config; diff --git a/test/extensions/access_loggers/wasm/test_data/BUILD b/test/extensions/access_loggers/wasm/test_data/BUILD index f49006867f2f..ca3e8f847472 100644 --- a/test/extensions/access_loggers/wasm/test_data/BUILD +++ b/test/extensions/access_loggers/wasm/test_data/BUILD @@ -22,7 +22,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", ], ) diff --git a/test/extensions/bootstrap/wasm/BUILD b/test/extensions/bootstrap/wasm/BUILD index e5fa8e7895d2..39623df4f769 100644 --- a/test/extensions/bootstrap/wasm/BUILD +++ b/test/extensions/bootstrap/wasm/BUILD @@ -71,7 +71,7 @@ envoy_extension_cc_test( ]), extension_name = "envoy.bootstrap.wasm", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/stats:isolated_store_lib", "//source/extensions/bootstrap/wasm:config", "//source/extensions/common/wasm:wasm_lib", diff --git a/test/extensions/bootstrap/wasm/config_test.cc b/test/extensions/bootstrap/wasm/config_test.cc index c956e3abec49..2995eedc00eb 100644 --- a/test/extensions/bootstrap/wasm/config_test.cc +++ b/test/extensions/bootstrap/wasm/config_test.cc @@ -2,9 +2,8 @@ #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/bootstrap/wasm/config.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/bootstrap/wasm/config.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/event/mocks.h" diff --git a/test/extensions/bootstrap/wasm/test_data/BUILD b/test/extensions/bootstrap/wasm/test_data/BUILD index 7256f0e7f0de..ba016610e703 100644 --- a/test/extensions/bootstrap/wasm/test_data/BUILD +++ b/test/extensions/bootstrap/wasm/test_data/BUILD @@ -31,7 +31,6 @@ envoy_cc_library( "//source/common/common:assert_lib", "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", ], ) @@ -49,7 +48,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", ], ) @@ -66,7 +64,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", ], ) diff --git a/test/extensions/bootstrap/wasm/test_data/speed_cpp.cc b/test/extensions/bootstrap/wasm/test_data/speed_cpp.cc index 7aef81d60638..a0415847c16f 100644 --- a/test/extensions/bootstrap/wasm/test_data/speed_cpp.cc +++ b/test/extensions/bootstrap/wasm/test_data/speed_cpp.cc @@ -79,14 +79,17 @@ std::string base64Encode(const uint8_t* start, const uint8_t* end) { } bool base64Decode(const std::basic_string& input, std::vector* output) { - if (input.length() % 4) + if (input.length() % 4) { return false; + } size_t padding = 0; if (input.length()) { - if (input[input.length() - 1] == padCharacter) + if (input[input.length() - 1] == padCharacter) { padding++; - if (input[input.length() - 2] == padCharacter) + } + if (input[input.length() - 2] == padCharacter) { padding++; + } } // Setup a vector to hold the result std::vector decodedBytes; @@ -96,17 +99,17 @@ bool base64Decode(const std::basic_string& input, std::vector* ou while (cursor < input.end()) { for (size_t quantumPosition = 0; quantumPosition < 4; quantumPosition++) { temp <<= 6; - if (*cursor >= 0x41 && *cursor <= 0x5A) // This area will need tweaking if - temp |= *cursor - 0x41; // you are using an alternate alphabet - else if (*cursor >= 0x61 && *cursor <= 0x7A) + if (*cursor >= 0x41 && *cursor <= 0x5A) { // This area will need tweaking if + temp |= *cursor - 0x41; // you are using an alternate alphabet + } else if (*cursor >= 0x61 && *cursor <= 0x7A) { temp |= *cursor - 0x47; - else if (*cursor >= 0x30 && *cursor <= 0x39) + } else if (*cursor >= 0x30 && *cursor <= 0x39) { temp |= *cursor + 0x04; - else if (*cursor == 0x2B) + } else if (*cursor == 0x2B) { temp |= 0x3E; // change to 0x2D for URL alphabet - else if (*cursor == 0x2F) + } else if (*cursor == 0x2F) { temp |= 0x3F; // change to 0x5F for URL alphabet - else if (*cursor == padCharacter) { // pad + } else if (*cursor == padCharacter) { // pad switch (input.end() - cursor) { case 1: // One pad character decodedBytes.push_back((temp >> 16) & 0x000000FF); @@ -118,8 +121,9 @@ bool base64Decode(const std::basic_string& input, std::vector* ou default: return false; } - } else + } else { return false; + } cursor++; } decodedBytes.push_back((temp >> 16) & 0x000000FF); diff --git a/test/extensions/bootstrap/wasm/wasm_integration_test.cc b/test/extensions/bootstrap/wasm/wasm_integration_test.cc index 197a45c24ca3..e2bff1c817be 100644 --- a/test/extensions/bootstrap/wasm/wasm_integration_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_integration_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/integration/http_protocol_integration.h" @@ -13,11 +13,11 @@ namespace { class WasmIntegrationTest : public HttpIntegrationTest, public testing::TestWithParam { public: WasmIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, Network::Address::IpVersion::v4) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, Network::Address::IpVersion::v4) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); } void cleanup() { diff --git a/test/extensions/bootstrap/wasm/wasm_speed_test.cc b/test/extensions/bootstrap/wasm/wasm_speed_test.cc index b5f72096de0f..075e150f0e95 100644 --- a/test/extensions/bootstrap/wasm/wasm_speed_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_speed_test.cc @@ -4,10 +4,9 @@ * Run with: * `bazel run --config=libc++ -c opt //test/extensions/bootstrap/wasm:wasm_speed_test` */ -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/mocks/server/mocks.h" #include "test/mocks/upstream/mocks.h" @@ -33,8 +32,8 @@ class TestRoot : public Envoy::Extensions::Common::Wasm::Context { : Envoy::Extensions::Common::Wasm::Context(wasm, plugin) {} using Envoy::Extensions::Common::Wasm::Context::log; - proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { - log_(static_cast(level), message); + proxy_wasm::WasmResult log(uint32_t level, std::string_view message) override { + log_(static_cast(level), toAbslStringView(message)); return proxy_wasm::WasmResult::Ok; } MOCK_METHOD(void, log_, (spdlog::level::level_enum level, absl::string_view message)); @@ -66,7 +65,8 @@ static void bmWasmSimpleCallSpeedTest(benchmark::State& state, std::string test, TestEnvironment::runfilesPath("test/extensions/bootstrap/wasm/test_data/speed_cpp.wasm")); } EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Extensions::Common::Wasm::Wasm* wasm, @@ -79,19 +79,25 @@ static void bmWasmSimpleCallSpeedTest(benchmark::State& state, std::string test, } } -#if defined(ENVOY_WASM_V8) +#if defined(PROXY_WASM_HAS_RUNTIME_V8) #define B(_t) \ BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, NullSpeedTest_##_t, std::string(#_t), \ std::string("null")); \ BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, WasmSpeedTest_##_t, std::string(#_t), \ std::string("v8")); -#elif defined(ENVOY_WASM_WAVM) +#elif defined(PROXY_WASM_HAS_RUNTIME_WAMR) +#define B(_t) \ + BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, NullSpeedTest_##_t, std::string(#_t), \ + std::string("null")); \ + BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, WasmSpeedTest_##_t, std::string(#_t), \ + std::string("wamr")); +#elif defined(PROXY_WASM_HAS_RUNTIME_WAVM) #define B(_t) \ BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, NullSpeedTest_##_t, std::string(#_t), \ std::string("null")); \ BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, WasmSpeedTest_##_t, std::string(#_t), \ std::string("wavm")); -#elif defined(ENVOY_WASM_WASMTIME) +#elif defined(PROXY_WASM_HAS_RUNTIME_WASMTIME) #define B(_t) \ BENCHMARK_CAPTURE(bmWasmSimpleCallSpeedTest, NullSpeedTest_##_t, std::string(#_t), \ std::string("null")); \ diff --git a/test/extensions/bootstrap/wasm/wasm_test.cc b/test/extensions/bootstrap/wasm/wasm_test.cc index 3550045fd555..f073c6289322 100644 --- a/test/extensions/bootstrap/wasm/wasm_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_test.cc @@ -1,7 +1,6 @@ -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/server/mocks.h" @@ -27,9 +26,9 @@ class TestContext : public Extensions::Common::Wasm::Context { : Extensions::Common::Wasm::Context(wasm, plugin) {} ~TestContext() override = default; using Extensions::Common::Wasm::Context::log; - proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { - std::cerr << std::string(message) << "\n"; - log_(static_cast(level), message); + proxy_wasm::WasmResult log(uint32_t level, std::string_view message) override { + std::cerr << message << "\n"; + log_(static_cast(level), toAbslStringView(message)); return proxy_wasm::WasmResult::Ok; } MOCK_METHOD(void, log_, (spdlog::level::level_enum level, absl::string_view message)); @@ -105,7 +104,8 @@ class WasmNullTest : public WasmTestBase, public testing::TestWithParaminitialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_TRUE(wasm_->initialize()); } }; @@ -142,7 +142,8 @@ TEST_P(WasmTestMatrix, LoggingWithEnvVars) { auto wasm_weak = std::weak_ptr(wasm_); auto wasm_handler = std::make_unique(std::move(wasm_)); - EXPECT_TRUE(wasm_weak.lock()->initialize(code_, false)); + EXPECT_TRUE(wasm_weak.lock()->load(code_, false)); + EXPECT_TRUE(wasm_weak.lock()->initialize()); auto context = static_cast(wasm_weak.lock()->start(plugin_)); if (std::get<1>(GetParam()) == "cpp") { EXPECT_CALL(*context, log_(spdlog::level::info, Eq("printf stdout test"))); @@ -179,7 +180,8 @@ TEST_P(WasmTest, BadSignature) { const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/bootstrap/wasm/test_data/bad_signature_cpp.wasm")); EXPECT_FALSE(code.empty()); - EXPECT_FALSE(wasm_->initialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_FALSE(wasm_->initialize()); EXPECT_TRUE(wasm_->isFailed()); } @@ -194,7 +196,8 @@ TEST_P(WasmTest, Segv) { const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/bootstrap/wasm/test_data/segv_cpp.wasm")); EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm_->initialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_TRUE(wasm_->initialize()); auto context = static_cast(wasm_->start(plugin_)); EXPECT_CALL(*context, log_(spdlog::level::err, Eq("before badptr"))); EXPECT_FALSE(wasm_->configure(context, plugin_)); @@ -212,7 +215,8 @@ TEST_P(WasmTest, DivByZero) { const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/bootstrap/wasm/test_data/segv_cpp.wasm")); EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm_->initialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_TRUE(wasm_->initialize()); auto context = static_cast(wasm_->start(plugin_)); EXPECT_CALL(*context, log_(spdlog::level::err, Eq("before div by zero"))); context->onLog(); @@ -230,7 +234,8 @@ TEST_P(WasmTest, IntrinsicGlobals) { const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/bootstrap/wasm/test_data/emscripten_cpp.wasm")); EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm_->initialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_TRUE(wasm_->initialize()); auto context = static_cast(wasm_->start(plugin_)); EXPECT_CALL(*context, log_(spdlog::level::info, Eq("NaN nan"))); EXPECT_CALL(*context, log_(spdlog::level::warn, Eq("inf inf"))).Times(3); @@ -254,7 +259,8 @@ TEST_P(WasmTest, Asm2Wasm) { const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/bootstrap/wasm/test_data/asm2wasm_cpp.wasm")); EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm_->initialize(code, false)); + EXPECT_TRUE(wasm_->load(code, false)); + EXPECT_TRUE(wasm_->initialize()); auto context = static_cast(wasm_->start(plugin_)); EXPECT_CALL(*context, log_(spdlog::level::info, Eq("out 0 0 0"))); EXPECT_TRUE(wasm_->configure(context, plugin_)); diff --git a/test/extensions/clusters/aggregate/cluster_integration_test.cc b/test/extensions/clusters/aggregate/cluster_integration_test.cc index 16a1297d0a4d..e7dbaecfbbcc 100644 --- a/test/extensions/clusters/aggregate/cluster_integration_test.cc +++ b/test/extensions/clusters/aggregate/cluster_integration_test.cc @@ -2,9 +2,9 @@ #include "envoy/grpc/status.h" #include "envoy/stats/scope.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -124,8 +124,7 @@ const std::string& config() { class AggregateIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - AggregateIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam(), config()) { + AggregateIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam(), config()) { use_lds_ = false; } @@ -133,14 +132,14 @@ class AggregateIntegrationTest : public testing::TestWithParamlocalAddress()->ip()->port(), Network::Test::getLoopbackAddressString(GetParam())); diff --git a/test/extensions/clusters/aggregate/cluster_test.cc b/test/extensions/clusters/aggregate/cluster_test.cc index 02e765cae956..4842befab521 100644 --- a/test/extensions/clusters/aggregate/cluster_test.cc +++ b/test/extensions/clusters/aggregate/cluster_test.cc @@ -2,9 +2,8 @@ #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.h" -#include "common/singleton/manager_impl.h" - -#include "extensions/clusters/aggregate/cluster.h" +#include "source/common/singleton/manager_impl.h" +#include "source/extensions/clusters/aggregate/cluster.h" #include "test/common/upstream/utility.h" #include "test/mocks/protobuf/mocks.h" diff --git a/test/extensions/clusters/aggregate/cluster_update_test.cc b/test/extensions/clusters/aggregate/cluster_update_test.cc index 853793ddfa60..90e23cc8ee68 100644 --- a/test/extensions/clusters/aggregate/cluster_update_test.cc +++ b/test/extensions/clusters/aggregate/cluster_update_test.cc @@ -2,12 +2,11 @@ #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.h" #include "envoy/extensions/clusters/aggregate/v3/cluster.pb.validate.h" -#include "common/router/context_impl.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/cluster_factory_impl.h" -#include "common/upstream/cluster_manager_impl.h" - -#include "extensions/clusters/aggregate/cluster.h" +#include "source/common/router/context_impl.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/common/upstream/cluster_manager_impl.h" +#include "source/extensions/clusters/aggregate/cluster.h" #include "test/common/upstream/test_cluster_manager.h" #include "test/common/upstream/utility.h" diff --git a/test/extensions/clusters/dynamic_forward_proxy/cluster_test.cc b/test/extensions/clusters/dynamic_forward_proxy/cluster_test.cc index 875be42f3e1f..2f0550321a85 100644 --- a/test/extensions/clusters/dynamic_forward_proxy/cluster_test.cc +++ b/test/extensions/clusters/dynamic_forward_proxy/cluster_test.cc @@ -2,10 +2,9 @@ #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.h" #include "envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.pb.validate.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/cluster_factory_impl.h" - -#include "extensions/clusters/dynamic_forward_proxy/cluster.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/extensions/clusters/dynamic_forward_proxy/cluster.h" #include "test/common/upstream/utility.h" #include "test/extensions/common/dynamic_forward_proxy/mocks.h" @@ -255,34 +254,8 @@ connect_timeout: 0.25s filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" )EOF"); - EXPECT_THROW_WITH_MESSAGE( - createCluster(yaml_config, false), EnvoyException, - "dynamic_forward_proxy cluster cannot configure 'sni' or 'verify_subject_alt_name'"); -} - -// Verify that using 'verify_subject_alt_name' causes a failure. -TEST_F(ClusterFactoryTest, DEPRECATED_FEATURE_TEST(InvalidVerifySubjectAltName)) { - TestDeprecatedV2Api _deprecated_v2_api; - const std::string yaml_config = TestEnvironment::substitute(R"EOF( -name: name -connect_timeout: 0.25s -cluster_type: - name: dynamic_forward_proxy - typed_config: - "@type": type.googleapis.com/envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig - dns_cache_config: - name: foo -tls_context: - common_tls_context: - validation_context: - trusted_ca: - filename: "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/ca_cert.pem" - verify_subject_alt_name: [api.lyft.com] -)EOF"); - - EXPECT_THROW_WITH_MESSAGE( - createCluster(yaml_config, false), EnvoyException, - "dynamic_forward_proxy cluster cannot configure 'sni' or 'verify_subject_alt_name'"); + EXPECT_THROW_WITH_MESSAGE(createCluster(yaml_config, false), EnvoyException, + "dynamic_forward_proxy cluster cannot configure 'sni'"); } TEST_F(ClusterFactoryTest, InvalidUpstreamHttpProtocolOptions) { diff --git a/test/extensions/clusters/redis/BUILD b/test/extensions/clusters/redis/BUILD index 47ee1e321d2a..1da66450566d 100644 --- a/test/extensions/clusters/redis/BUILD +++ b/test/extensions/clusters/redis/BUILD @@ -56,7 +56,7 @@ envoy_extension_cc_test( srcs = ["redis_cluster_lb_test.cc"], extension_name = "envoy.clusters.redis", deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/event:dispatcher_lib", "//source/common/network:utility_lib", "//source/common/upstream:cluster_factory_lib", @@ -107,7 +107,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:upstream_lib", "//source/extensions/clusters/redis:redis_cluster", diff --git a/test/extensions/clusters/redis/redis_cluster_integration_test.cc b/test/extensions/clusters/redis/redis_cluster_integration_test.cc index a91ba22a3206..960c8d1f9338 100644 --- a/test/extensions/clusters/redis/redis_cluster_integration_test.cc +++ b/test/extensions/clusters/redis/redis_cluster_integration_test.cc @@ -3,9 +3,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/common/macros.h" - -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/common/common/macros.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "test/integration/integration.h" diff --git a/test/extensions/clusters/redis/redis_cluster_lb_test.cc b/test/extensions/clusters/redis/redis_cluster_lb_test.cc index 1b7abc6bb942..bcf65ba83376 100644 --- a/test/extensions/clusters/redis/redis_cluster_lb_test.cc +++ b/test/extensions/clusters/redis/redis_cluster_lb_test.cc @@ -1,8 +1,7 @@ #include #include "source/extensions/clusters/redis/redis_cluster_lb.h" - -#include "extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/client.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" diff --git a/test/extensions/clusters/redis/redis_cluster_test.cc b/test/extensions/clusters/redis/redis_cluster_test.cc index a42aed2c0589..4bc85dd7150f 100644 --- a/test/extensions/clusters/redis/redis_cluster_test.cc +++ b/test/extensions/clusters/redis/redis_cluster_test.cc @@ -11,10 +11,9 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" #include "envoy/stats/scope.h" -#include "common/network/utility.h" -#include "common/singleton/manager_impl.h" -#include "common/upstream/logical_dns_cluster.h" - +#include "source/common/network/utility.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/upstream/logical_dns_cluster.h" #include "source/extensions/clusters/redis/redis_cluster.h" #include "test/common/upstream/utility.h" diff --git a/test/extensions/common/aws/aws_metadata_fetcher_integration_test.cc b/test/extensions/common/aws/aws_metadata_fetcher_integration_test.cc index a180f9ef16a8..ee2c03595080 100644 --- a/test/extensions/common/aws/aws_metadata_fetcher_integration_test.cc +++ b/test/extensions/common/aws/aws_metadata_fetcher_integration_test.cc @@ -1,6 +1,5 @@ -#include "common/common/fmt.h" - -#include "extensions/common/aws/utility.h" +#include "source/common/common/fmt.h" +#include "source/extensions/common/aws/utility.h" #include "test/integration/integration.h" #include "test/integration/utility.h" diff --git a/test/extensions/common/aws/credentials_provider_impl_test.cc b/test/extensions/common/aws/credentials_provider_impl_test.cc index 8c92d9e3b9f1..6e4cc0819c9c 100644 --- a/test/extensions/common/aws/credentials_provider_impl_test.cc +++ b/test/extensions/common/aws/credentials_provider_impl_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/aws/credentials_provider_impl.h" +#include "source/extensions/common/aws/credentials_provider_impl.h" #include "test/extensions/common/aws/mocks.h" #include "test/mocks/api/mocks.h" diff --git a/test/extensions/common/aws/credentials_provider_test.cc b/test/extensions/common/aws/credentials_provider_test.cc index e2aff11b2f52..8a4ee220f3f6 100644 --- a/test/extensions/common/aws/credentials_provider_test.cc +++ b/test/extensions/common/aws/credentials_provider_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/aws/credentials_provider.h" +#include "source/extensions/common/aws/credentials_provider.h" #include "gtest/gtest.h" diff --git a/test/extensions/common/aws/mocks.h b/test/extensions/common/aws/mocks.h index 05f756219710..d990409b4327 100644 --- a/test/extensions/common/aws/mocks.h +++ b/test/extensions/common/aws/mocks.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/common/aws/credentials_provider.h" -#include "extensions/common/aws/signer.h" +#include "source/extensions/common/aws/credentials_provider.h" +#include "source/extensions/common/aws/signer.h" #include "gmock/gmock.h" diff --git a/test/extensions/common/aws/region_provider_impl_test.cc b/test/extensions/common/aws/region_provider_impl_test.cc index 8ab728258616..8ea7b6386817 100644 --- a/test/extensions/common/aws/region_provider_impl_test.cc +++ b/test/extensions/common/aws/region_provider_impl_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/aws/region_provider_impl.h" +#include "source/extensions/common/aws/region_provider_impl.h" #include "test/test_common/environment.h" diff --git a/test/extensions/common/aws/signer_impl_test.cc b/test/extensions/common/aws/signer_impl_test.cc index fb8625febbfc..b3c060529ff8 100644 --- a/test/extensions/common/aws/signer_impl_test.cc +++ b/test/extensions/common/aws/signer_impl_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" -#include "common/http/message_impl.h" - -#include "extensions/common/aws/signer_impl.h" -#include "extensions/common/aws/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/message_impl.h" +#include "source/extensions/common/aws/signer_impl.h" +#include "source/extensions/common/aws/utility.h" #include "test/extensions/common/aws/mocks.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/common/aws/utility_test.cc b/test/extensions/common/aws/utility_test.cc index 040bca0272fd..1f115d9baff2 100644 --- a/test/extensions/common/aws/utility_test.cc +++ b/test/extensions/common/aws/utility_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/aws/utility.h" +#include "source/extensions/common/aws/utility.h" #include "test/test_common/utility.h" diff --git a/test/extensions/common/dynamic_forward_proxy/BUILD b/test/extensions/common/dynamic_forward_proxy/BUILD index 6c2e4d91d737..b280556cba0c 100644 --- a/test/extensions/common/dynamic_forward_proxy/BUILD +++ b/test/extensions/common/dynamic_forward_proxy/BUILD @@ -23,6 +23,7 @@ envoy_cc_test( "//test/test_common:simulated_time_system_lib", "//test/test_common:test_runtime_lib", "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/common/dynamic_forward_proxy/v3:pkg_cc_proto", ], ) diff --git a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc index bf887397a504..215e391d5fb6 100644 --- a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc +++ b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc @@ -1,10 +1,11 @@ #include "envoy/config/cluster/v3/cluster.pb.h" +#include "envoy/config/core/v3/resolver.pb.h" #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" -#include "common/config/utility.h" - -#include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" +#include "source/common/config/utility.h" +#include "source/common/network/resolver_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_manager_impl.h" #include "test/extensions/common/dynamic_forward_proxy/mocks.h" #include "test/mocks/network/mocks.h" @@ -14,6 +15,7 @@ #include "test/test_common/test_runtime.h" #include "test/test_common/utility.h" +using testing::DoAll; using testing::InSequence; using testing::Return; using testing::SaveArg; @@ -26,9 +28,17 @@ namespace { class DnsCacheImplTest : public testing::Test, public Event::TestUsingSimulatedTime { public: - void initialize() { + void initialize(std::vector preresolve_hostnames = {}, uint32_t max_hosts = 1024) { config_.set_name("foo"); config_.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY); + config_.mutable_max_hosts()->set_value(max_hosts); + if (!preresolve_hostnames.empty()) { + for (const auto& hostname : preresolve_hostnames) { + envoy::config::core::v3::SocketAddress* address = config_.add_preresolve_hostnames(); + address->set_address(hostname); + address->set_port_value(443); + } + } EXPECT_CALL(dispatcher_, isThreadSafe).WillRepeatedly(Return(true)); @@ -92,6 +102,38 @@ MATCHER_P3(DnsHostInfoEquals, address, resolved_host, is_ip_address, "") { MATCHER(DnsHostInfoAddressIsNull, "") { return arg->address() == nullptr; } +MATCHER_P(CustomDnsResolversSizeEquals, expected_resolvers, "") { + return expected_resolvers.size() == arg.size(); +} + +TEST_F(DnsCacheImplTest, PreresolveSuccess) { + Network::DnsResolver::ResolveCb resolve_cb; + EXPECT_CALL(*resolver_, resolve("bar.baz.com", _, _)) + .WillOnce(DoAll(SaveArg<2>(&resolve_cb), Return(&resolver_->active_query_))); + EXPECT_CALL( + update_callbacks_, + onDnsHostAddOrUpdate("bar.baz.com", DnsHostInfoEquals("10.0.0.1:443", "bar.baz.com", false))); + + initialize({"bar.baz.com"} /* preresolve_hostnames */); + + resolve_cb(Network::DnsResolver::ResolutionStatus::Success, + TestUtility::makeDnsResponse({"10.0.0.1"})); + checkStats(1 /* attempt */, 1 /* success */, 0 /* failure */, 1 /* address changed */, + 1 /* added */, 0 /* removed */, 1 /* num hosts */); + + MockLoadDnsCacheEntryCallbacks callbacks; + auto result = dns_cache_->loadDnsCacheEntry("bar.baz.com", 80, callbacks); + EXPECT_EQ(DnsCache::LoadDnsCacheEntryStatus::InCache, result.status_); + EXPECT_EQ(result.handle_, nullptr); + EXPECT_NE(absl::nullopt, result.host_info_); +} + +TEST_F(DnsCacheImplTest, PreresolveFailure) { + EXPECT_THROW_WITH_MESSAGE( + initialize({"bar.baz.com"} /* preresolve_hostnames */, 0 /* max_hosts */), EnvoyException, + "DNS Cache [foo] configured with preresolve_hostnames=1 larger than max_hosts=0"); +} + // Basic successful resolution and then re-resolution. TEST_F(DnsCacheImplTest, ResolveSuccess) { initialize(); @@ -692,8 +734,7 @@ TEST_F(DnsCacheImplTest, InvalidPort) { // Max host overflow. TEST_F(DnsCacheImplTest, MaxHostOverflow) { - config_.mutable_max_hosts()->set_value(0); - initialize(); + initialize({} /* preresolve_hostnames */, 0 /* max_hosts */); InSequence s; MockLoadDnsCacheEntryCallbacks callbacks; @@ -720,32 +761,61 @@ TEST_F(DnsCacheImplTest, DnsCacheCircuitBreakersOverflow) { EXPECT_EQ(1, TestUtility::findCounter(store_, "dns_cache.foo.dns_rq_pending_overflow")->value()); } -TEST(DnsCacheImplOptionsTest, UseTcpForDnsLookupsOptionSet) { - NiceMock dispatcher; - std::shared_ptr resolver{std::make_shared()}; - NiceMock tls; - NiceMock random; - NiceMock loader; - Stats::IsolatedStoreImpl store; +TEST_F(DnsCacheImplTest, UseTcpForDnsLookupsOptionSetDeprecatedField) { + initialize(); + config_.set_use_tcp_for_dns_lookups(true); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(resolver_))); + DnsCacheImpl dns_cache_(dispatcher_, tls_, random_, loader_, store_, config_); + // `true` here means dns_resolver_options.use_tcp_for_dns_lookups is set to true. + EXPECT_EQ(true, dns_resolver_options.use_tcp_for_dns_lookups()); +} - envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config; - config.set_use_tcp_for_dns_lookups(true); - EXPECT_CALL(dispatcher, createDnsResolver(_, true)).WillOnce(Return(resolver)); - DnsCacheImpl dns_cache_(dispatcher, tls, random, loader, store, config); +TEST_F(DnsCacheImplTest, UseTcpForDnsLookupsOptionSet) { + initialize(); + config_.mutable_dns_resolution_config() + ->mutable_dns_resolver_options() + ->set_use_tcp_for_dns_lookups(true); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(resolver_))); + DnsCacheImpl dns_cache_(dispatcher_, tls_, random_, loader_, store_, config_); + // `true` here means dns_resolver_options.use_tcp_for_dns_lookups is set to true. + EXPECT_EQ(true, dns_resolver_options.use_tcp_for_dns_lookups()); } -TEST(DnsCacheImplOptionsTest, UseTcpForDnsLookupsOptionUnSet) { - NiceMock dispatcher; - std::shared_ptr resolver{std::make_shared()}; - NiceMock tls; - NiceMock random; - NiceMock loader; - Stats::IsolatedStoreImpl store; +TEST_F(DnsCacheImplTest, NoDefaultSearchDomainOptionSet) { + initialize(); + config_.mutable_dns_resolution_config() + ->mutable_dns_resolver_options() + ->set_no_default_search_domain(true); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(resolver_))); + DnsCacheImpl dns_cache_(dispatcher_, tls_, random_, loader_, store_, config_); + // `true` here means dns_resolver_options.no_default_search_domain is set to true. + EXPECT_EQ(true, dns_resolver_options.no_default_search_domain()); +} - envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config; - config.set_use_tcp_for_dns_lookups(false); - EXPECT_CALL(dispatcher, createDnsResolver(_, false)).WillOnce(Return(resolver)); - DnsCacheImpl dns_cache_(dispatcher, tls, random, loader, store, config); +TEST_F(DnsCacheImplTest, UseTcpForDnsLookupsOptionUnSet) { + initialize(); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(resolver_))); + DnsCacheImpl dns_cache_(dispatcher_, tls_, random_, loader_, store_, config_); + // `false` here means dns_resolver_options.use_tcp_for_dns_lookups is set to false. + EXPECT_EQ(false, dns_resolver_options.use_tcp_for_dns_lookups()); +} + +TEST_F(DnsCacheImplTest, NoDefaultSearchDomainOptionUnSet) { + initialize(); + envoy::config::core::v3::DnsResolverOptions dns_resolver_options; + EXPECT_CALL(dispatcher_, createDnsResolver(_, _)) + .WillOnce(DoAll(SaveArg<1>(&dns_resolver_options), Return(resolver_))); + DnsCacheImpl dns_cache_(dispatcher_, tls_, random_, loader_, store_, config_); + // `false` here means dns_resolver_options.no_default_search_domain is set to false. + EXPECT_EQ(false, dns_resolver_options.no_default_search_domain()); } // DNS cache manager config tests. @@ -780,6 +850,43 @@ TEST(DnsCacheManagerImplTest, LoadViaConfig) { "config specified DNS cache 'foo' with different settings"); } +TEST(DnsCacheConfigOptionsTest, EmtpyDnsResolutionConfig) { + NiceMock dispatcher; + std::shared_ptr resolver{std::make_shared()}; + NiceMock tls; + NiceMock random; + NiceMock loader; + Stats::IsolatedStoreImpl store; + + envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config; + std::vector expected_empty_dns_resolvers; + EXPECT_CALL(dispatcher, createDnsResolver(expected_empty_dns_resolvers, _)) + .WillOnce(Return(resolver)); + DnsCacheImpl dns_cache_(dispatcher, tls, random, loader, store, config); +} + +TEST(DnsCacheConfigOptionsTest, NonEmptyDnsResolutionConfig) { + NiceMock dispatcher; + std::shared_ptr resolver{std::make_shared()}; + NiceMock tls; + NiceMock random; + NiceMock loader; + Stats::IsolatedStoreImpl store; + envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config; + + envoy::config::core::v3::Address* dns_resolvers = + config.mutable_dns_resolution_config()->add_resolvers(); + dns_resolvers->mutable_socket_address()->set_address("1.2.3.4"); + dns_resolvers->mutable_socket_address()->set_port_value(8080); + + std::vector expected_dns_resolvers; + expected_dns_resolvers.push_back(Network::Address::resolveProtoAddress(*dns_resolvers)); + EXPECT_CALL(dispatcher, + createDnsResolver(CustomDnsResolversSizeEquals(expected_dns_resolvers), _)) + .WillOnce(Return(resolver)); + DnsCacheImpl dns_cache_(dispatcher, tls, random, loader, store, config); +} + // Note: this test is done here, rather than a TYPED_TEST_SUITE in // //test/common/config:utility_test, because we did not want to include an extension type in // non-extension test suites. diff --git a/test/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager_test.cc b/test/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager_test.cc index 5ed57a7b4606..d6b07242ee0e 100644 --- a/test/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager_test.cc +++ b/test/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" -#include "common/config/utility.h" - -#include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" +#include "source/common/config/utility.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h" #include "test/extensions/common/dynamic_forward_proxy/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/common/dynamic_forward_proxy/mocks.h b/test/extensions/common/dynamic_forward_proxy/mocks.h index 064864f93f82..d65583e21c59 100644 --- a/test/extensions/common/dynamic_forward_proxy/mocks.h +++ b/test/extensions/common/dynamic_forward_proxy/mocks.h @@ -2,7 +2,7 @@ #include "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.pb.h" -#include "extensions/common/dynamic_forward_proxy/dns_cache_impl.h" +#include "source/extensions/common/dynamic_forward_proxy/dns_cache_impl.h" #include "test/mocks/upstream/basic_resource_limit.h" diff --git a/test/extensions/common/matcher/matcher_test.cc b/test/extensions/common/matcher/matcher_test.cc index 28f6752eb24a..6531884fe830 100644 --- a/test/extensions/common/matcher/matcher_test.cc +++ b/test/extensions/common/matcher/matcher_test.cc @@ -1,8 +1,7 @@ #include "envoy/config/common/matcher/v3/matcher.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/common/matcher/matcher.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/common/matcher/matcher.h" #include "test/test_common/utility.h" diff --git a/test/extensions/common/proxy_protocol/proxy_protocol_header_test.cc b/test/extensions/common/proxy_protocol/proxy_protocol_header_test.cc index 86461d510781..ca334234a4ef 100644 --- a/test/extensions/common/proxy_protocol/proxy_protocol_header_test.cc +++ b/test/extensions/common/proxy_protocol/proxy_protocol_header_test.cc @@ -1,8 +1,7 @@ #include "envoy/network/address.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" #include "test/mocks/network/connection.h" #include "test/test_common/utility.h" diff --git a/test/extensions/common/proxy_protocol/proxy_protocol_regression_test.cc b/test/extensions/common/proxy_protocol/proxy_protocol_regression_test.cc index 537665926a91..f739c187f0da 100644 --- a/test/extensions/common/proxy_protocol/proxy_protocol_regression_test.cc +++ b/test/extensions/common/proxy_protocol/proxy_protocol_regression_test.cc @@ -1,15 +1,13 @@ #include "envoy/network/address.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/basic_resource_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/listen_socket_impl.h" - -#include "server/connection_handler_impl.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/basic_resource_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/server/connection_handler_impl.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/common/redis/cluster_refresh_manager_test.cc b/test/extensions/common/redis/cluster_refresh_manager_test.cc index ea07e1624384..e54c77037d82 100644 --- a/test/extensions/common/redis/cluster_refresh_manager_test.cc +++ b/test/extensions/common/redis/cluster_refresh_manager_test.cc @@ -1,12 +1,10 @@ #include #include -#include "common/common/lock_guard.h" -#include "common/common/thread.h" - -#include "exe/platform_impl.h" - -#include "extensions/common/redis/cluster_refresh_manager_impl.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/exe/platform_impl.h" +#include "source/extensions/common/redis/cluster_refresh_manager_impl.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/extensions/filters/network/redis_proxy/mocks.h" diff --git a/test/extensions/common/redis/mocks.h b/test/extensions/common/redis/mocks.h index 9c90c98703e7..7c90754f9948 100644 --- a/test/extensions/common/redis/mocks.h +++ b/test/extensions/common/redis/mocks.h @@ -1,6 +1,6 @@ #pragma once -#include "extensions/common/redis/cluster_refresh_manager.h" +#include "source/extensions/common/redis/cluster_refresh_manager.h" #include "gmock/gmock.h" diff --git a/test/extensions/common/sqlutils/sqlutils_test.cc b/test/extensions/common/sqlutils/sqlutils_test.cc index 2ab95360367f..ad73ebe47bb7 100644 --- a/test/extensions/common/sqlutils/sqlutils_test.cc +++ b/test/extensions/common/sqlutils/sqlutils_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/sqlutils/sqlutils.h" +#include "source/extensions/common/sqlutils/sqlutils.h" #include "gtest/gtest.h" diff --git a/test/extensions/common/tap/admin_test.cc b/test/extensions/common/tap/admin_test.cc index 020f563600d5..58cfe3da4d94 100644 --- a/test/extensions/common/tap/admin_test.cc +++ b/test/extensions/common/tap/admin_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/tap/v3/common.pb.h" -#include "extensions/common/tap/admin.h" +#include "source/extensions/common/tap/admin.h" #include "test/mocks/server/admin.h" #include "test/mocks/server/admin_stream.h" diff --git a/test/extensions/common/tap/common.h b/test/extensions/common/tap/common.h index 6429527f1a9a..6e5cdfcb75b4 100644 --- a/test/extensions/common/tap/common.h +++ b/test/extensions/common/tap/common.h @@ -2,9 +2,8 @@ #include "envoy/data/tap/v3/wrapper.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/common/tap/tap.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/common/tap/tap.h" #include "test/test_common/utility.h" diff --git a/test/extensions/common/tap/tap_config_base_test.cc b/test/extensions/common/tap/tap_config_base_test.cc index 75ccec5a1595..1216a756fd3a 100644 --- a/test/extensions/common/tap/tap_config_base_test.cc +++ b/test/extensions/common/tap/tap_config_base_test.cc @@ -4,9 +4,8 @@ #include "envoy/data/tap/v3/common.pb.h" #include "envoy/data/tap/v3/wrapper.pb.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/common/tap/tap_config_base.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/common/tap/tap_config_base.h" #include "gtest/gtest.h" diff --git a/test/extensions/common/utility_test.cc b/test/extensions/common/utility_test.cc index 562a19537042..7a61dc486302 100644 --- a/test/extensions/common/utility_test.cc +++ b/test/extensions/common/utility_test.cc @@ -1,4 +1,4 @@ -#include "extensions/common/utility.h" +#include "source/extensions/common/utility.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/logging.h" diff --git a/test/extensions/common/wasm/BUILD b/test/extensions/common/wasm/BUILD index 4eafd90e53c9..54e6b7a24fcd 100644 --- a/test/extensions/common/wasm/BUILD +++ b/test/extensions/common/wasm/BUILD @@ -92,6 +92,7 @@ envoy_cc_test_library( deps = [ "//source/extensions/wasm_runtime/null:config", "//source/extensions/wasm_runtime/v8:config", + "//source/extensions/wasm_runtime/wamr:config", "//source/extensions/wasm_runtime/wasmtime:config", "//source/extensions/wasm_runtime/wavm:config", ], diff --git a/test/extensions/common/wasm/plugin_test.cc b/test/extensions/common/wasm/plugin_test.cc index 47c72822de1a..b5c15da51605 100644 --- a/test/extensions/common/wasm/plugin_test.cc +++ b/test/extensions/common/wasm/plugin_test.cc @@ -2,8 +2,7 @@ #include "envoy/common/exception.h" -#include "extensions/common/wasm/plugin.h" -#include "extensions/common/wasm/well_known_names.h" +#include "source/extensions/common/wasm/plugin.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" @@ -74,7 +73,7 @@ TEST(TestWasmConfig, EnvKeyException) { TEST(TestWasmConfig, NullVMEnv) { envoy::extensions::wasm::v3::PluginConfig plugin_config; - plugin_config.mutable_vm_config()->set_runtime(WasmRuntimeNames::get().Null); + plugin_config.mutable_vm_config()->set_runtime("envoy.wasm.runtime.null"); (*plugin_config.mutable_vm_config() ->mutable_environment_variables() ->mutable_key_values())["key"] = "value"; diff --git a/test/extensions/common/wasm/test_data/BUILD b/test/extensions/common/wasm/test_data/BUILD index 9160fe94f739..95db303869db 100644 --- a/test/extensions/common/wasm/test_data/BUILD +++ b/test/extensions/common/wasm/test_data/BUILD @@ -28,7 +28,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", ], ) @@ -45,7 +44,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", "//source/extensions/common/wasm/ext:envoy_null_plugin", ], ) @@ -63,7 +61,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", "//source/extensions/common/wasm/ext:envoy_null_plugin", ], ) diff --git a/test/extensions/common/wasm/test_data/test_context_cpp.cc b/test/extensions/common/wasm/test_data/test_context_cpp.cc index c89164e43f11..e790fd1011b3 100644 --- a/test/extensions/common/wasm/test_data/test_context_cpp.cc +++ b/test/extensions/common/wasm/test_data/test_context_cpp.cc @@ -8,7 +8,7 @@ #include "proxy_wasm_intrinsics.h" #include "source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(CommonWasmTestContextCpp) @@ -58,7 +58,7 @@ bool TestRootContext::onDone() { // Null VM fails on nullptr. void TestRootContext::onTick() { - if (envoy_resolve_dns(0, 1, &dns_token_) != WasmResult::InvalidMemoryAccess) { + if (envoy_resolve_dns(nullptr, 1, &dns_token_) != WasmResult::InvalidMemoryAccess) { logInfo("resolve_dns should report invalid memory access"); } if (envoy_resolve_dns("example.com", sizeof("example.com") - 1, nullptr) != diff --git a/test/extensions/common/wasm/test_data/test_cpp.cc b/test/extensions/common/wasm/test_data/test_cpp.cc index a344eace4943..47750500e544 100644 --- a/test/extensions/common/wasm/test_data/test_cpp.cc +++ b/test/extensions/common/wasm/test_data/test_cpp.cc @@ -76,6 +76,7 @@ WASM_EXPORT(uint32_t, proxy_on_vm_start, (uint32_t context_id, uint32_t configur std::string message = "before badptr"; proxy_log(LogLevel::error, message.c_str(), message.size()); ::free(const_cast(reinterpret_cast(configuration_ptr))); + configuration_ptr = nullptr; *badptr = 1; message = "after badptr"; proxy_log(LogLevel::error, message.c_str(), message.size()); @@ -83,6 +84,7 @@ WASM_EXPORT(uint32_t, proxy_on_vm_start, (uint32_t context_id, uint32_t configur std::string message = "before div by zero"; proxy_log(LogLevel::error, message.c_str(), message.size()); ::free(const_cast(reinterpret_cast(configuration_ptr))); + configuration_ptr = nullptr; int zero = context_id & 0x100000; message = "divide by zero: " + std::to_string(100 / zero); proxy_log(LogLevel::error, message.c_str(), message.size()); diff --git a/test/extensions/common/wasm/wasm_runtime.cc b/test/extensions/common/wasm/wasm_runtime.cc index 95711f0e1024..df1db99f4392 100644 --- a/test/extensions/common/wasm/wasm_runtime.cc +++ b/test/extensions/common/wasm/wasm_runtime.cc @@ -13,13 +13,16 @@ std::vector runtimes() { std::vector sandboxRuntimes() { std::vector runtimes; -#if defined(ENVOY_WASM_V8) +#if defined(PROXY_WASM_HAS_RUNTIME_V8) runtimes.push_back("v8"); #endif -#if defined(ENVOY_WASM_WAVM) +#if defined(PROXY_WASM_HAS_RUNTIME_WAVM) runtimes.push_back("wavm"); #endif -#if defined(ENVOY_WASM_WASMTIME) +#if defined(PROXY_WASM_HAS_RUNTIME_WAMR) + runtimes.push_back("wamr"); +#endif +#if defined(PROXY_WASM_HAS_RUNTIME_WASMTIME) runtimes.push_back("wasmtime"); #endif return runtimes; diff --git a/test/extensions/common/wasm/wasm_speed_test.cc b/test/extensions/common/wasm/wasm_speed_test.cc index a71102453f95..d9e65579547d 100644 --- a/test/extensions/common/wasm/wasm_speed_test.cc +++ b/test/extensions/common/wasm/wasm_speed_test.cc @@ -1,7 +1,6 @@ -#include "common/common/thread.h" -#include "common/common/thread_synchronizer.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/common/thread.h" +#include "source/common/common/thread_synchronizer.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/mocks/server/mocks.h" #include "test/mocks/upstream/mocks.h" diff --git a/test/extensions/common/wasm/wasm_test.cc b/test/extensions/common/wasm/wasm_test.cc index 795ab9f77fd6..1314503e3da0 100644 --- a/test/extensions/common/wasm/wasm_test.cc +++ b/test/extensions/common/wasm/wasm_test.cc @@ -1,10 +1,9 @@ #include "envoy/server/lifecycle_notifier.h" -#include "common/common/hex.h" -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/common/hex.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/server/mocks.h" @@ -73,9 +72,9 @@ class TestContext : public ::Envoy::Extensions::Common::Wasm::Context { using ::Envoy::Extensions::Common::Wasm::Context::Context; ~TestContext() override = default; using ::Envoy::Extensions::Common::Wasm::Context::log; - proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { - std::cerr << std::string(message) << "\n"; - log_(static_cast(level), message); + proxy_wasm::WasmResult log(uint32_t level, std::string_view message) override { + std::cerr << message << "\n"; + log_(static_cast(level), toAbslStringView(message)); Extensions::Common::Wasm::Context::log(static_cast(level), message); return proxy_wasm::WasmResult::Ok; } @@ -203,7 +202,8 @@ TEST_P(WasmCommonTest, Logging) { EXPECT_EQ(std::unique_ptr(wasm->createContext(plugin)), nullptr); auto wasm_weak = std::weak_ptr(wasm); auto wasm_handle = std::make_shared(std::move(wasm)); - EXPECT_TRUE(wasm_weak.lock()->initialize(code, false)); + EXPECT_TRUE(wasm_weak.lock()->load(code, false)); + EXPECT_TRUE(wasm_weak.lock()->initialize()); auto thread_local_wasm = std::make_shared(wasm_handle, *dispatcher); thread_local_wasm.reset(); @@ -269,7 +269,8 @@ TEST_P(WasmCommonTest, BadSignature) { auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, cluster_manager, *dispatcher); - EXPECT_FALSE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_FALSE(wasm->initialize()); EXPECT_TRUE(wasm->isFailed()); } @@ -303,7 +304,8 @@ TEST_P(WasmCommonTest, Segv) { auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, cluster_manager, *dispatcher); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); TestContext* root_context = nullptr; wasm->setCreateContextForTesting( nullptr, [&root_context](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { @@ -354,7 +356,8 @@ TEST_P(WasmCommonTest, DivByZero) { cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -398,7 +401,8 @@ TEST_P(WasmCommonTest, IntrinsicGlobals) { cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -443,7 +447,8 @@ TEST_P(WasmCommonTest, Utilities) { cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -516,7 +521,8 @@ TEST_P(WasmCommonTest, Stats) { cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -564,7 +570,8 @@ TEST_P(WasmCommonTest, Foreign) { code = "CommonWasmTestCpp"; } EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -613,7 +620,8 @@ TEST_P(WasmCommonTest, OnForeign) { code = "CommonWasmTestCpp"; } EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); TestContext* test_context = nullptr; wasm->setCreateContextForTesting( nullptr, [&test_context](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { @@ -664,7 +672,8 @@ TEST_P(WasmCommonTest, WASI) { code = "CommonWasmTestCpp"; } EXPECT_FALSE(code.empty()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { auto root_context = new TestContext(wasm, plugin); @@ -693,8 +702,6 @@ TEST_P(WasmCommonTest, VmCache) { absl::StrCat("envoy.wasm.runtime.", GetParam()); plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); plugin_config.mutable_configuration()->set_value(plugin_configuration); - auto plugin = std::make_shared( - plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); ServerLifecycleNotifier::StageCallbackWithCompletion lifecycle_callback; EXPECT_CALL(lifecycle_notifier, registerCallback2(_, _)) @@ -724,6 +731,9 @@ TEST_P(WasmCommonTest, VmCache) { } EXPECT_FALSE(code.empty()); vm_config->mutable_code()->mutable_local()->set_inline_bytes(code); + auto plugin = std::make_shared( + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + WasmHandleSharedPtr wasm_handle; createWasm(plugin, scope, cluster_manager, init_manager, *dispatcher, *api, lifecycle_notifier, remote_data_provider, @@ -797,31 +807,38 @@ TEST_P(WasmCommonTest, RemoteCode) { auto vm_configuration = "vm_cache"; auto plugin_configuration = "done"; - envoy::extensions::wasm::v3::PluginConfig plugin_config; - *plugin_config.mutable_vm_config()->mutable_runtime() = - absl::StrCat("envoy.wasm.runtime.", GetParam()); - plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); - plugin_config.mutable_configuration()->set_value(plugin_configuration); - auto plugin = std::make_shared( - plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - std::string code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( absl::StrCat("{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm"))); - auto vm_config = plugin_config.mutable_vm_config(); - vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); - ProtobufWkt::BytesValue vm_configuration_bytes; - vm_configuration_bytes.set_value(vm_configuration); - vm_config->mutable_configuration()->PackFrom(vm_configuration_bytes); - std::string sha256 = Extensions::Common::Wasm::sha256(code); - std::string sha256Hex = - Hex::encode(reinterpret_cast(&*sha256.begin()), sha256.size()); - vm_config->mutable_code()->mutable_remote()->set_sha256(sha256Hex); - vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( - "http://example.com/test.wasm"); - vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); - vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds( - 5); + Extensions::Common::Wasm::PluginSharedPtr plugin; + { + // plugin_config is only valid in this scope. + // test that the proto_config parameter is released after the factory is created + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + plugin_config.mutable_configuration()->set_value(plugin_configuration); + + auto vm_config = plugin_config.mutable_vm_config(); + vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); + ProtobufWkt::BytesValue vm_configuration_bytes; + vm_configuration_bytes.set_value(vm_configuration); + vm_config->mutable_configuration()->PackFrom(vm_configuration_bytes); + std::string sha256 = Extensions::Common::Wasm::sha256(code); + std::string sha256Hex = + Hex::encode(reinterpret_cast(&*sha256.begin()), sha256.size()); + vm_config->mutable_code()->mutable_remote()->set_sha256(sha256Hex); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( + "http://example.com/test.wasm"); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds( + 5); + + plugin = std::make_shared( + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + } + WasmHandleSharedPtr wasm_handle; NiceMock client; NiceMock request(&client); @@ -915,8 +932,6 @@ TEST_P(WasmCommonTest, RemoteCodeMultipleRetry) { absl::StrCat("envoy.wasm.runtime.", GetParam()); plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); plugin_config.mutable_configuration()->set_value(plugin_configuration); - auto plugin = std::make_shared( - plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); std::string code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( absl::StrCat("{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm"))); @@ -941,6 +956,9 @@ TEST_P(WasmCommonTest, RemoteCodeMultipleRetry) { ->mutable_retry_policy() ->mutable_num_retries() ->set_value(num_retries); + auto plugin = std::make_shared( + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + WasmHandleSharedPtr wasm_handle; NiceMock client; NiceMock request(&client); @@ -1057,7 +1075,8 @@ TEST_P(WasmCommonTest, RestrictCapabilities) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); // expect no call because proxy_on_vm_start is restricted wasm->setCreateContextForTesting( @@ -1114,7 +1133,8 @@ TEST_P(WasmCommonTest, AllowOnVmStart) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); // proxy_on_vm_start will trigger proxy_log and fd_write, but expect no call because both are // restricted @@ -1177,7 +1197,8 @@ TEST_P(WasmCommonTest, AllowLog) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); // Expect proxy_log since allowed, but no call to WASI since restricted wasm->setCreateContextForTesting( @@ -1235,7 +1256,8 @@ TEST_P(WasmCommonTest, AllowWASI) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); wasm->setCreateContextForTesting( nullptr, [](Wasm* wasm, const std::shared_ptr& plugin) -> ContextBase* { @@ -1294,7 +1316,8 @@ TEST_P(WasmCommonTest, AllowOnContextCreate) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); // Expect two calls to proxy_log, from proxy_on_vm_start and from proxy_on_context_create wasm->setCreateContextForTesting( @@ -1353,14 +1376,15 @@ TEST_P(WasmCommonTest, ThreadLocalCopyRetainsEnforcement) { EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); - EXPECT_TRUE(wasm->initialize(code, false)); + EXPECT_TRUE(wasm->load(code, false)); + EXPECT_TRUE(wasm->initialize()); auto wasm_handle = std::make_shared(std::move(wasm)); auto thread_local_wasm = std::make_shared(wasm_handle, *dispatcher); EXPECT_NE(thread_local_wasm, nullptr); context = std::make_unique(thread_local_wasm.get()); - EXPECT_TRUE(thread_local_wasm->initialize(code, false)); + EXPECT_TRUE(thread_local_wasm->initialize()); EXPECT_TRUE(thread_local_wasm->capabilityAllowed("proxy_on_vm_start")); EXPECT_FALSE(thread_local_wasm->capabilityAllowed("proxy_log")); diff --git a/test/extensions/common/wasm/wasm_vm_test.cc b/test/extensions/common/wasm/wasm_vm_test.cc index 46edd6dfe3ca..f812bc88cbe2 100644 --- a/test/extensions/common/wasm/wasm_vm_test.cc +++ b/test/extensions/common/wasm/wasm_vm_test.cc @@ -1,14 +1,14 @@ #include "envoy/registry/registry.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/common/wasm/wasm_vm.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/common/wasm/wasm_vm.h" #include "test/test_common/environment.h" #include "test/test_common/utility.h" #include "gmock/gmock.h" #include "gtest/gtest.h" +#include "include/proxy-wasm/bytecode_util.h" #include "include/proxy-wasm/null_vm_plugin.h" using proxy_wasm::Cloneable; // NOLINT @@ -100,7 +100,7 @@ class MockHostFunctions { MOCK_METHOD(uint32_t, random, (), (const)); }; -#if defined(ENVOY_WASM_V8) +#if defined(PROXY_WASM_HAS_RUNTIME_V8) MockHostFunctions* g_host_functions; void pong(void*, Word value) { g_host_functions->pong(convertWordToUint32(value)); } @@ -125,152 +125,169 @@ class WasmVmTest : public testing::TestWithParam { } void TearDown() override { delete g_host_functions; } + bool init(std::string code = {}) { + wasm_vm_ = createWasmVm("envoy.wasm.runtime.v8"); + if (wasm_vm_.get() == nullptr) { + return false; + } + + if (code.empty()) { + code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( + "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); + } + + // clang-format off + std::string_view precompiled = {}; + // clang-format on + + // Load precompiled module on Linux-x86_64, since it's only support there. +#if defined(__linux__) && defined(__x86_64__) + if (GetParam() /* allow_precompiled */) { + // Section name is expected to be available in the tested runtimes. + const auto section_name = wasm_vm_->getPrecompiledSectionName(); + if (section_name.empty()) { + return false; + } + if (!proxy_wasm::BytecodeUtil::getCustomSection(code, section_name, precompiled)) { + return false; + } + // Precompiled module is expected to be available in the test file. + if (precompiled.empty()) { + return false; + } + } +#endif + + std::string stripped; + if (!proxy_wasm::BytecodeUtil::getStrippedSource(code, stripped)) { + return false; + } + + return wasm_vm_->load(stripped, precompiled, {}); + } + protected: Stats::IsolatedStoreImpl stats_store; Stats::ScopeSharedPtr scope_; + WasmVmPtr wasm_vm_; }; -INSTANTIATE_TEST_SUITE_P(AllowPrecompiled, WasmVmTest, testing::Values(false, true)); - -TEST_P(WasmVmTest, V8BadCode) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); - - EXPECT_FALSE(wasm_vm->load("bad code", GetParam())); -} - -TEST_P(WasmVmTest, V8Code) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); - EXPECT_TRUE(wasm_vm->runtime() == "v8"); +INSTANTIATE_TEST_SUITE_P(AllowPrecompiled, WasmVmTest, +#if defined(__linux__) && defined(__x86_64__) + testing::Values(false, true) +#else + testing::Values(false) +#endif +); - auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( - "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); - EXPECT_TRUE(wasm_vm->load(code, GetParam())); +TEST_P(WasmVmTest, V8BadCode) { ASSERT_FALSE(init("bad code")); } - EXPECT_TRUE(wasm_vm->cloneable() == Cloneable::CompiledBytecode); - EXPECT_TRUE(wasm_vm->clone() != nullptr); +TEST_P(WasmVmTest, V8Load) { + ASSERT_TRUE(init()); + EXPECT_TRUE(wasm_vm_->runtime() == "v8"); + EXPECT_TRUE(wasm_vm_->cloneable() == Cloneable::CompiledBytecode); + EXPECT_TRUE(wasm_vm_->clone() != nullptr); } TEST_P(WasmVmTest, V8BadHostFunctions) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); - - auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( - "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); - EXPECT_TRUE(wasm_vm->load(code, GetParam())); + ASSERT_TRUE(init()); - wasm_vm->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); - EXPECT_FALSE(wasm_vm->link("test")); + wasm_vm_->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); + EXPECT_FALSE(wasm_vm_->link("test")); - wasm_vm->registerCallback("env", "pong", &bad_pong1, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong1)); - EXPECT_FALSE(wasm_vm->link("test")); + wasm_vm_->registerCallback("env", "pong", &bad_pong1, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong1)); + EXPECT_FALSE(wasm_vm_->link("test")); - wasm_vm->registerCallback("env", "pong", &bad_pong2, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong2)); - EXPECT_FALSE(wasm_vm->link("test")); + wasm_vm_->registerCallback("env", "pong", &bad_pong2, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong2)); + EXPECT_FALSE(wasm_vm_->link("test")); - wasm_vm->registerCallback("env", "pong", &bad_pong3, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong3)); - EXPECT_FALSE(wasm_vm->link("test")); + wasm_vm_->registerCallback("env", "pong", &bad_pong3, CONVERT_FUNCTION_WORD_TO_UINT32(bad_pong3)); + EXPECT_FALSE(wasm_vm_->link("test")); } TEST_P(WasmVmTest, V8BadModuleFunctions) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); + ASSERT_TRUE(init()); - auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( - "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); - EXPECT_TRUE(wasm_vm->load(code, GetParam())); - - wasm_vm->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); - wasm_vm->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); - wasm_vm->link("test"); + wasm_vm_->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); + wasm_vm_->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); + wasm_vm_->link("test"); WasmCallVoid<1> ping; WasmCallWord<3> sum; - wasm_vm->getFunction("nonexistent", &ping); + wasm_vm_->getFunction("nonexistent", &ping); EXPECT_TRUE(ping == nullptr); - wasm_vm->getFunction("nonexistent", &sum); + wasm_vm_->getFunction("nonexistent", &sum); EXPECT_TRUE(sum == nullptr); - wasm_vm->getFunction("ping", &sum); - EXPECT_TRUE(wasm_vm->isFailed()); + wasm_vm_->getFunction("ping", &sum); + EXPECT_TRUE(wasm_vm_->isFailed()); - wasm_vm->getFunction("sum", &ping); - EXPECT_TRUE(wasm_vm->isFailed()); + wasm_vm_->getFunction("sum", &ping); + EXPECT_TRUE(wasm_vm_->isFailed()); } TEST_P(WasmVmTest, V8FunctionCalls) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); - - auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( - "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); - EXPECT_TRUE(wasm_vm->load(code, GetParam())); + ASSERT_TRUE(init()); - wasm_vm->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); - wasm_vm->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); - wasm_vm->link("test"); + wasm_vm_->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); + wasm_vm_->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); + wasm_vm_->link("test"); WasmCallVoid<1> ping; - wasm_vm->getFunction("ping", &ping); + wasm_vm_->getFunction("ping", &ping); EXPECT_CALL(*g_host_functions, pong(42)); ping(nullptr /* no context */, 42); WasmCallWord<1> lucky; - wasm_vm->getFunction("lucky", &lucky); + wasm_vm_->getFunction("lucky", &lucky); EXPECT_CALL(*g_host_functions, random()).WillRepeatedly(Return(42)); EXPECT_EQ(0, lucky(nullptr /* no context */, 1).u64_); EXPECT_EQ(1, lucky(nullptr /* no context */, 42).u64_); WasmCallWord<3> sum; - wasm_vm->getFunction("sum", &sum); + wasm_vm_->getFunction("sum", &sum); EXPECT_EQ(42, sum(nullptr /* no context */, 13, 14, 15).u64_); WasmCallWord<2> div; - wasm_vm->getFunction("div", &div); + wasm_vm_->getFunction("div", &div); div(nullptr /* no context */, 42, 0); - EXPECT_TRUE(wasm_vm->isFailed()); + EXPECT_TRUE(wasm_vm_->isFailed()); WasmCallVoid<0> abort; - wasm_vm->getFunction("abort", &abort); + wasm_vm_->getFunction("abort", &abort); abort(nullptr /* no context */); - EXPECT_TRUE(wasm_vm->isFailed()); + EXPECT_TRUE(wasm_vm_->isFailed()); } TEST_P(WasmVmTest, V8Memory) { - auto wasm_vm = createWasmVm("envoy.wasm.runtime.v8"); - ASSERT_TRUE(wasm_vm != nullptr); - - auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( - "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_rust.wasm")); - EXPECT_TRUE(wasm_vm->load(code, GetParam())); + ASSERT_TRUE(init()); - wasm_vm->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); - wasm_vm->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); - wasm_vm->link("test"); + wasm_vm_->registerCallback("env", "pong", &pong, CONVERT_FUNCTION_WORD_TO_UINT32(pong)); + wasm_vm_->registerCallback("env", "random", &random, CONVERT_FUNCTION_WORD_TO_UINT32(random)); + wasm_vm_->link("test"); - EXPECT_EQ(wasm_vm->getMemorySize(), 65536 /* stack size requested at the build-time */); + EXPECT_EQ(wasm_vm_->getMemorySize(), 65536 /* stack size requested at the build-time */); const uint64_t test_addr = 128; std::string set = "test"; - EXPECT_TRUE(wasm_vm->setMemory(test_addr, set.size(), set.data())); - auto got = wasm_vm->getMemory(test_addr, set.size()).value(); + EXPECT_TRUE(wasm_vm_->setMemory(test_addr, set.size(), set.data())); + auto got = wasm_vm_->getMemory(test_addr, set.size()).value(); EXPECT_EQ(sizeof("test") - 1, got.size()); EXPECT_STREQ("test", got.data()); - EXPECT_FALSE(wasm_vm->setMemory(1024 * 1024 /* out of bound */, 1 /* size */, nullptr)); - EXPECT_FALSE(wasm_vm->getMemory(1024 * 1024 /* out of bound */, 1 /* size */).has_value()); + EXPECT_FALSE(wasm_vm_->setMemory(1024 * 1024 /* out of bound */, 1 /* size */, nullptr)); + EXPECT_FALSE(wasm_vm_->getMemory(1024 * 1024 /* out of bound */, 1 /* size */).has_value()); Word word(0); - EXPECT_TRUE(wasm_vm->setWord(test_addr, std::numeric_limits::max())); - EXPECT_TRUE(wasm_vm->getWord(test_addr, &word)); + EXPECT_TRUE(wasm_vm_->setWord(test_addr, std::numeric_limits::max())); + EXPECT_TRUE(wasm_vm_->getWord(test_addr, &word)); EXPECT_EQ(std::numeric_limits::max(), word.u64_); - EXPECT_FALSE(wasm_vm->setWord(1024 * 1024 /* out of bound */, 1)); - EXPECT_FALSE(wasm_vm->getWord(1024 * 1024 /* out of bound */, &word)); + EXPECT_FALSE(wasm_vm_->setWord(1024 * 1024 /* out of bound */, 1)); + EXPECT_FALSE(wasm_vm_->getWord(1024 * 1024 /* out of bound */, &word)); } #endif diff --git a/test/extensions/compression/brotli/compressor/brotli_compressor_impl_test.cc b/test/extensions/compression/brotli/compressor/brotli_compressor_impl_test.cc index 8a26cd53e125..1e6949eb8918 100644 --- a/test/extensions/compression/brotli/compressor/brotli_compressor_impl_test.cc +++ b/test/extensions/compression/brotli/compressor/brotli_compressor_impl_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/compression/brotli/compressor/config.h" -#include "extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/compression/brotli/compressor/config.h" +#include "source/extensions/compression/brotli/decompressor/brotli_decompressor_impl.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/compression/brotli/decompressor/brotli_decompressor_impl_test.cc b/test/extensions/compression/brotli/decompressor/brotli_decompressor_impl_test.cc index cd5d3ee1fd2a..c03884f35f9f 100644 --- a/test/extensions/compression/brotli/decompressor/brotli_decompressor_impl_test.cc +++ b/test/extensions/compression/brotli/decompressor/brotli_decompressor_impl_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/compression/brotli/compressor/brotli_compressor_impl.h" -#include "extensions/compression/brotli/decompressor/config.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/compression/brotli/compressor/brotli_compressor_impl.h" +#include "source/extensions/compression/brotli/decompressor/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/compression/gzip/compressor/zlib_compressor_impl_test.cc b/test/extensions/compression/gzip/compressor/zlib_compressor_impl_test.cc index 7d5046e1c744..2e4670913ba0 100644 --- a/test/extensions/compression/gzip/compressor/zlib_compressor_impl_test.cc +++ b/test/extensions/compression/gzip/compressor/zlib_compressor_impl_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" -#include "common/common/hex.h" - -#include "extensions/compression/gzip/compressor/config.h" -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/hex.h" +#include "source/extensions/compression/gzip/compressor/config.h" +#include "source/extensions/compression/gzip/compressor/zlib_compressor_impl.h" #include "test/test_common/utility.h" diff --git a/test/extensions/compression/gzip/compressor_fuzz_test.cc b/test/extensions/compression/gzip/compressor_fuzz_test.cc index bdaa5283e53a..73c592cb1f81 100644 --- a/test/extensions/compression/gzip/compressor_fuzz_test.cc +++ b/test/extensions/compression/gzip/compressor_fuzz_test.cc @@ -1,9 +1,8 @@ -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/compression/gzip/compressor/zlib_compressor_impl.h" +#include "source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/extensions/compression/gzip/decompressor/zlib_decompressor_impl_test.cc b/test/extensions/compression/gzip/decompressor/zlib_decompressor_impl_test.cc index 43ae89d42fd0..0346118a2b22 100644 --- a/test/extensions/compression/gzip/decompressor/zlib_decompressor_impl_test.cc +++ b/test/extensions/compression/gzip/decompressor/zlib_decompressor_impl_test.cc @@ -1,9 +1,8 @@ -#include "common/buffer/buffer_impl.h" -#include "common/common/hex.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/hex.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/compression/gzip/compressor/zlib_compressor_impl.h" +#include "source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/common/expr/context_test.cc b/test/extensions/filters/common/expr/context_test.cc index 5d949add5b93..dc3e58b62bbb 100644 --- a/test/extensions/filters/common/expr/context_test.cc +++ b/test/extensions/filters/common/expr/context_test.cc @@ -1,10 +1,9 @@ -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/router/string_accessor_impl.h" -#include "common/stream_info/filter_state_impl.h" - -#include "extensions/filters/common/expr/cel_state.h" -#include "extensions/filters/common/expr/context.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/common/stream_info/filter_state_impl.h" +#include "source/extensions/filters/common/expr/cel_state.h" +#include "source/extensions/filters/common/expr/context.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/common/expr/evaluator_fuzz_test.cc b/test/extensions/filters/common/expr/evaluator_fuzz_test.cc index 6c3867747ede..108e7211a36d 100644 --- a/test/extensions/filters/common/expr/evaluator_fuzz_test.cc +++ b/test/extensions/filters/common/expr/evaluator_fuzz_test.cc @@ -1,6 +1,5 @@ -#include "common/network/utility.h" - -#include "extensions/filters/common/expr/evaluator.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/expr/evaluator.h" #include "test/common/stream_info/test_util.h" #include "test/extensions/filters/common/expr/evaluator_fuzz.pb.validate.h" diff --git a/test/extensions/filters/common/expr/evaluator_test.cc b/test/extensions/filters/common/expr/evaluator_test.cc index ab4da05f04f7..784462960246 100644 --- a/test/extensions/filters/common/expr/evaluator_test.cc +++ b/test/extensions/filters/common/expr/evaluator_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/expr/evaluator.h" +#include "source/extensions/filters/common/expr/evaluator.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/common/ext_authz/check_request_utils_test.cc b/test/extensions/filters/common/ext_authz/check_request_utils_test.cc index ff72b173d61e..b85ae8e15b24 100644 --- a/test/extensions/filters/common/ext_authz/check_request_utils_test.cc +++ b/test/extensions/filters/common/ext_authz/check_request_utils_test.cc @@ -1,10 +1,9 @@ #include "envoy/service/auth/v3/external_auth.pb.h" -#include "common/network/address_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/common/ext_authz/check_request_utils.h" -#include "extensions/filters/common/ext_authz/ext_authz.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/common/ext_authz/check_request_utils.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" #include "test/mocks/http/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/common/ext_authz/ext_authz_grpc_impl_test.cc b/test/extensions/filters/common/ext_authz/ext_authz_grpc_impl_test.cc index 2601533b8d70..f771573698d1 100644 --- a/test/extensions/filters/common/ext_authz/ext_authz_grpc_impl_test.cc +++ b/test/extensions/filters/common/ext_authz/ext_authz_grpc_impl_test.cc @@ -1,11 +1,10 @@ #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/type/v3/http_status.pb.h" -#include "common/grpc/common.h" -#include "common/http/headers.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/http/headers.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/extensions/filters/common/ext_authz/test_common.h" diff --git a/test/extensions/filters/common/ext_authz/ext_authz_http_impl_test.cc b/test/extensions/filters/common/ext_authz/ext_authz_http_impl_test.cc index 97e51e11a505..96d0be2f7b17 100644 --- a/test/extensions/filters/common/ext_authz/ext_authz_http_impl_test.cc +++ b/test/extensions/filters/common/ext_authz/ext_authz_http_impl_test.cc @@ -1,13 +1,12 @@ #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" -#include "common/common/empty_string.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/common/ext_authz/ext_authz_http_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_http_impl.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/extensions/filters/common/ext_authz/test_common.h" diff --git a/test/extensions/filters/common/ext_authz/mocks.h b/test/extensions/filters/common/ext_authz/mocks.h index 900d64d7d0fd..1a3462d532f6 100644 --- a/test/extensions/filters/common/ext_authz/mocks.h +++ b/test/extensions/filters/common/ext_authz/mocks.h @@ -5,7 +5,7 @@ #include "envoy/service/auth/v3/external_auth.pb.h" -#include "extensions/filters/common/ext_authz/ext_authz.h" +#include "source/extensions/filters/common/ext_authz/ext_authz.h" #include "gmock/gmock.h" diff --git a/test/extensions/filters/common/ext_authz/test_common.h b/test/extensions/filters/common/ext_authz/test_common.h index 358f3a9a5fb8..5d1e72222713 100644 --- a/test/extensions/filters/common/ext_authz/test_common.h +++ b/test/extensions/filters/common/ext_authz/test_common.h @@ -4,9 +4,8 @@ #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/type/v3/http_status.pb.h" -#include "common/http/headers.h" - -#include "extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/common/ext_authz/ext_authz_grpc_impl.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/common/fault/fault_config_test.cc b/test/extensions/filters/common/fault/fault_config_test.cc index 784aa2d88ab4..053d10284274 100644 --- a/test/extensions/filters/common/fault/fault_config_test.cc +++ b/test/extensions/filters/common/fault/fault_config_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/filters/common/fault/v3/fault.pb.h" -#include "extensions/filters/common/fault/fault_config.h" +#include "source/extensions/filters/common/fault/fault_config.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/common/local_ratelimit/local_ratelimit_test.cc b/test/extensions/filters/common/local_ratelimit/local_ratelimit_test.cc index f35cf5b325b5..c857bbe74a1c 100644 --- a/test/extensions/filters/common/local_ratelimit/local_ratelimit_test.cc +++ b/test/extensions/filters/common/local_ratelimit/local_ratelimit_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" +#include "source/extensions/filters/common/local_ratelimit/local_ratelimit_impl.h" #include "test/mocks/event/mocks.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/common/lua/lua_test.cc b/test/extensions/filters/common/lua/lua_test.cc index ab7ef7da3baf..473a280022a6 100644 --- a/test/extensions/filters/common/lua/lua_test.cc +++ b/test/extensions/filters/common/lua/lua_test.cc @@ -1,8 +1,7 @@ #include -#include "common/thread_local/thread_local_impl.h" - -#include "extensions/filters/common/lua/lua.h" +#include "source/common/thread_local/thread_local_impl.h" +#include "source/extensions/filters/common/lua/lua.h" #include "test/mocks/common.h" #include "test/mocks/thread_local/mocks.h" diff --git a/test/extensions/filters/common/lua/lua_wrappers.h b/test/extensions/filters/common/lua/lua_wrappers.h index c129f34544cf..b7c1dfb4bb50 100644 --- a/test/extensions/filters/common/lua/lua_wrappers.h +++ b/test/extensions/filters/common/lua/lua_wrappers.h @@ -2,7 +2,7 @@ #include -#include "extensions/filters/common/lua/lua.h" +#include "source/extensions/filters/common/lua/lua.h" #include "test/mocks/thread_local/mocks.h" diff --git a/test/extensions/filters/common/lua/wrappers_test.cc b/test/extensions/filters/common/lua/wrappers_test.cc index bbb334ef4d3d..565843d7e14c 100644 --- a/test/extensions/filters/common/lua/wrappers_test.cc +++ b/test/extensions/filters/common/lua/wrappers_test.cc @@ -1,8 +1,7 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/common/lua/wrappers.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/common/lua/wrappers.h" #include "test/extensions/filters/common/lua/lua_wrappers.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/common/original_src/original_src_socket_option_test.cc b/test/extensions/filters/common/original_src/original_src_socket_option_test.cc index eed0724bc198..7159e3227365 100644 --- a/test/extensions/filters/common/original_src/original_src_socket_option_test.cc +++ b/test/extensions/filters/common/original_src/original_src_socket_option_test.cc @@ -1,9 +1,8 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/network/address.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/original_src/original_src_socket_option.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/original_src/original_src_socket_option.h" #include "test/mocks/common.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/common/ratelimit/BUILD b/test/extensions/filters/common/ratelimit/BUILD index 8a11ca96f8e6..ace59c86ebd8 100644 --- a/test/extensions/filters/common/ratelimit/BUILD +++ b/test/extensions/filters/common/ratelimit/BUILD @@ -29,7 +29,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/ratelimit:ratelimit_interface", + "//envoy/ratelimit:ratelimit_interface", "//source/extensions/filters/common/ratelimit:ratelimit_client_interface", ], ) diff --git a/test/extensions/filters/common/ratelimit/mocks.h b/test/extensions/filters/common/ratelimit/mocks.h index 325f61cc79d7..57b5246d69be 100644 --- a/test/extensions/filters/common/ratelimit/mocks.h +++ b/test/extensions/filters/common/ratelimit/mocks.h @@ -6,7 +6,7 @@ #include "envoy/ratelimit/ratelimit.h" #include "envoy/stream_info/stream_info.h" -#include "extensions/filters/common/ratelimit/ratelimit.h" +#include "source/extensions/filters/common/ratelimit/ratelimit.h" #include "gmock/gmock.h" diff --git a/test/extensions/filters/common/ratelimit/ratelimit_impl_test.cc b/test/extensions/filters/common/ratelimit/ratelimit_impl_test.cc index c4cd2b9d420e..00c87f500904 100644 --- a/test/extensions/filters/common/ratelimit/ratelimit_impl_test.cc +++ b/test/extensions/filters/common/ratelimit/ratelimit_impl_test.cc @@ -6,11 +6,10 @@ #include "envoy/service/ratelimit/v3/rls.pb.h" #include "envoy/stats/scope.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/common/rbac/engine_impl_test.cc b/test/extensions/filters/common/rbac/engine_impl_test.cc index ec9f787f3575..87e10cfb23d6 100644 --- a/test/extensions/filters/common/rbac/engine_impl_test.cc +++ b/test/extensions/filters/common/rbac/engine_impl_test.cc @@ -2,9 +2,8 @@ #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/config/rbac/v3/rbac.pb.validate.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/rbac/engine_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/ssl/mocks.h" diff --git a/test/extensions/filters/common/rbac/matchers_test.cc b/test/extensions/filters/common/rbac/matchers_test.cc index 78ead6d94766..ed39ff132283 100644 --- a/test/extensions/filters/common/rbac/matchers_test.cc +++ b/test/extensions/filters/common/rbac/matchers_test.cc @@ -4,10 +4,9 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/type/matcher/v3/metadata.pb.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/expr/evaluator.h" -#include "extensions/filters/common/rbac/matchers.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/expr/evaluator.h" +#include "source/extensions/filters/common/rbac/matchers.h" #include "test/mocks/network/mocks.h" #include "test/mocks/ssl/mocks.h" @@ -316,7 +315,7 @@ TEST(AuthenticatedMatcher, AnySSLSubject) { envoy::config::rbac::v3::Principal::Authenticated auth; checkMatcher(AuthenticatedMatcher(auth), true, conn); - auth.mutable_principal_name()->set_hidden_envoy_deprecated_regex(".*"); + auth.mutable_principal_name()->MergeFrom(TestUtility::createRegexMatcher(".*")); checkMatcher(AuthenticatedMatcher(auth), true, conn); } diff --git a/test/extensions/filters/common/rbac/mocks.h b/test/extensions/filters/common/rbac/mocks.h index a99e97aa9ea6..354a1e5dab15 100644 --- a/test/extensions/filters/common/rbac/mocks.h +++ b/test/extensions/filters/common/rbac/mocks.h @@ -2,7 +2,7 @@ #include "envoy/config/rbac/v3/rbac.pb.h" -#include "extensions/filters/common/rbac/engine_impl.h" +#include "source/extensions/filters/common/rbac/engine_impl.h" #include "gmock/gmock.h" diff --git a/test/extensions/filters/common/rbac/utility_test.cc b/test/extensions/filters/common/rbac/utility_test.cc index 35e3aad87140..1bc4f7de1754 100644 --- a/test/extensions/filters/common/rbac/utility_test.cc +++ b/test/extensions/filters/common/rbac/utility_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/common/rbac/utility.h" +#include "source/extensions/filters/common/rbac/utility.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.cc b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.cc index 893512059cf5..4d1231966960 100644 --- a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.cc +++ b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.cc @@ -1,6 +1,6 @@ #include "test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" #include "test/integration/http_integration.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.h b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.h index 264469ff43e1..35a107450298 100644 --- a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.h +++ b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_integration_test.h @@ -36,12 +36,11 @@ class AdaptiveConcurrencyIntegrationTest public Event::TestUsingSimulatedTime, public HttpIntegrationTest { public: - AdaptiveConcurrencyIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) {} + AdaptiveConcurrencyIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) {} void customInit() { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); config_helper_.addFilter(ADAPTIVE_CONCURRENCY_CONFIG); initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); diff --git a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_test.cc b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_test.cc index e05cbea0ce56..c8df10baca50 100644 --- a/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_test.cc +++ b/test/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter_test.cc @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" -#include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" +#include "source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" #include "test/mocks/http/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/http/adaptive_concurrency/controller/gradient_controller_test.cc b/test/extensions/filters/http/adaptive_concurrency/controller/gradient_controller_test.cc index 43246c1c3df0..9dbe2187e50e 100644 --- a/test/extensions/filters/http/adaptive_concurrency/controller/gradient_controller_test.cc +++ b/test/extensions/filters/http/adaptive_concurrency/controller/gradient_controller_test.cc @@ -5,11 +5,10 @@ #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.h" #include "envoy/extensions/filters/http/adaptive_concurrency/v3/adaptive_concurrency.pb.validate.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" -#include "extensions/filters/http/adaptive_concurrency/controller/controller.h" -#include "extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/http/adaptive_concurrency/adaptive_concurrency_filter.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/controller.h" +#include "source/extensions/filters/http/adaptive_concurrency/controller/gradient_controller.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/common.h" diff --git a/test/extensions/filters/http/admission_control/admission_control_filter_test.cc b/test/extensions/filters/http/admission_control/admission_control_filter_test.cc index 847c0c0bb8a9..eaea6c0c5cbd 100644 --- a/test/extensions/filters/http/admission_control/admission_control_filter_test.cc +++ b/test/extensions/filters/http/admission_control/admission_control_filter_test.cc @@ -4,12 +4,11 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" #include "envoy/grpc/status.h" -#include "common/common/enum_to_int.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/http/admission_control/admission_control.h" -#include "extensions/filters/http/admission_control/evaluators/response_evaluator.h" -#include "extensions/filters/http/admission_control/thread_local_controller.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/http/admission_control/admission_control.h" +#include "source/extensions/filters/http/admission_control/evaluators/response_evaluator.h" +#include "source/extensions/filters/http/admission_control/thread_local_controller.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/server/factory_context.h" @@ -37,6 +36,7 @@ class MockThreadLocalController : public ThreadLocal::ThreadLocalObject, MOCK_METHOD(RequestData, requestCounts, ()); MOCK_METHOD(void, recordSuccess, ()); MOCK_METHOD(void, recordFailure, ()); + MOCK_METHOD(uint32_t, averageRps, (), (const)); }; class MockResponseEvaluator : public ResponseEvaluator { @@ -142,6 +142,10 @@ sampling_window: 10s aggression: default_value: 1.0 runtime_key: "foo.aggression" +max_rejection_probability: + default_value: + value: 100.0 + runtime_key: "foo.max_rejection_probability" success_criteria: http_criteria: grpc_criteria: @@ -171,6 +175,7 @@ sampling_window: 10s // The filter is bypassed via runtime. EXPECT_CALL(controller_, requestCounts()).Times(0); + EXPECT_CALL(controller_, averageRps()).Times(0); // We expect no rejections. Http::TestRequestHeaderMapImpl request_headers; @@ -189,6 +194,7 @@ TEST_F(AdmissionControlTest, DisregardHealthChecks) { // We do not make admission decisions for health checks, so we expect no lookup of request success // counts. EXPECT_CALL(controller_, requestCounts()).Times(0); + EXPECT_CALL(controller_, averageRps()).Times(0); Http::TestRequestHeaderMapImpl request_headers; Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}}; @@ -206,6 +212,7 @@ TEST_F(AdmissionControlTest, HttpFailureBehavior) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 0))); EXPECT_CALL(*evaluator_, isHttpSuccess(500)).WillRepeatedly(Return(false)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, @@ -225,6 +232,7 @@ TEST_F(AdmissionControlTest, HttpSuccessBehavior) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 100))); EXPECT_CALL(*evaluator_, isHttpSuccess(200)).WillRepeatedly(Return(true)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, true)); @@ -242,6 +250,7 @@ TEST_F(AdmissionControlTest, GrpcFailureBehavior) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 0))); EXPECT_CALL(*evaluator_, isGrpcSuccess(7)).WillRepeatedly(Return(false)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, @@ -261,6 +270,7 @@ TEST_F(AdmissionControlTest, GrpcSuccessBehaviorTrailer) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 100))); EXPECT_CALL(*evaluator_, isGrpcSuccess(0)).WillRepeatedly(Return(true)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, true)); @@ -279,6 +289,7 @@ TEST_F(AdmissionControlTest, GrpcFailureBehaviorTrailer) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 0))); EXPECT_CALL(*evaluator_, isGrpcSuccess(7)).WillRepeatedly(Return(false)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, @@ -298,6 +309,7 @@ TEST_F(AdmissionControlTest, GrpcSuccessBehavior) { EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 100))); EXPECT_CALL(*evaluator_, isGrpcSuccess(0)).WillRepeatedly(Return(true)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(99)); Http::TestRequestHeaderMapImpl request_headers; EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, true)); @@ -321,6 +333,10 @@ sampling_window: 10s aggression: default_value: 1.0 runtime_key: "foo.aggression" +max_rejection_probability: + default_value: + value: 80.0 + runtime_key: "foo.max_rejection_probability" success_criteria: http_criteria: grpc_criteria: @@ -336,6 +352,8 @@ sampling_window: 10s // Increase aggression and expect higher rejection probabilities for the same values. EXPECT_CALL(runtime_.snapshot_, getDouble("foo.aggression", 1.0)).WillRepeatedly(Return(2.0)); EXPECT_CALL(runtime_.snapshot_, getDouble("foo.threshold", 100.0)).WillRepeatedly(Return(100.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 80.0)) + .WillRepeatedly(Return(80.0)); verifyProbabilities(100, 0.0); verifyProbabilities(95, 0.22); verifyProbabilities(75, 0.5); @@ -344,12 +362,113 @@ sampling_window: 10s // from there. EXPECT_CALL(runtime_.snapshot_, getDouble("foo.aggression", 1.0)).WillRepeatedly(Return(1.0)); EXPECT_CALL(runtime_.snapshot_, getDouble("foo.threshold", 100.0)).WillRepeatedly(Return(95.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 80.0)) + .WillRepeatedly(Return(80.0)); verifyProbabilities(100, 0.0); verifyProbabilities(98, 0.0); verifyProbabilities(95, 0.0); verifyProbabilities(90, 0.05); verifyProbabilities(75, 0.20); verifyProbabilities(50, 0.46); + + // Validate max rejection probability + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.aggression", 1.0)).WillRepeatedly(Return(1.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.threshold", 100.0)).WillRepeatedly(Return(100.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 80.0)) + .WillRepeatedly(Return(10.0)); + + verifyProbabilities(100, 0.0); + verifyProbabilities(95, 0.05); + verifyProbabilities(80, 0.1); + verifyProbabilities(0, 0.1); +} + +// Validate RPS threshold. +TEST_F(AdmissionControlTest, RpsThreshold) { + std::string yaml = R"EOF( +enabled: + default_value: true + runtime_key: "foo.enabled" +sampling_window: 10s +aggression: + default_value: 1.0 + runtime_key: "foo.aggression" +rps_threshold: + default_value: 0 + runtime_key: "foo.rps_threshold" +max_rejection_probability: + default_value: + value: 100.0 + runtime_key: "foo.max_rejection_probability" +success_criteria: + http_criteria: + grpc_criteria: +)EOF"; + + auto config = makeConfig(yaml); + setupFilter(config); + + EXPECT_CALL(runtime_.snapshot_, getInteger("foo.rps_threshold", 0)).WillRepeatedly(Return(10)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(1)); + EXPECT_CALL(controller_, requestCounts()).Times(0); + + // Continue expected. + Http::TestRequestHeaderMapImpl request_headers; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, true)); + + EXPECT_CALL(runtime_.snapshot_, getInteger("foo.rps_threshold", 0)).WillRepeatedly(Return(10)); + EXPECT_CALL(controller_, averageRps()).WillRepeatedly(Return(100)); + + // We expect rejection counter to increment upon failure. + TestUtility::waitForCounterEq(scope_, "test_prefix.rq_rejected", 0, time_system_); + + EXPECT_CALL(controller_, requestCounts()).WillRepeatedly(Return(RequestData(100, 0))); + EXPECT_CALL(*evaluator_, isHttpSuccess(500)).WillRepeatedly(Return(false)); + + // StopIteration expected. + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, + filter_->decodeHeaders(request_headers, true)); + sampleHttpRequest("500"); + + TestUtility::waitForCounterEq(scope_, "test_prefix.rq_rejected", 1, time_system_); +} + +// Validate max rejection probability. +TEST_F(AdmissionControlTest, MaxRejectionProbability) { + std::string yaml = R"EOF( +enabled: + default_value: true + runtime_key: "foo.enabled" +sampling_window: 10s +sr_threshold: + default_value: + value: 100.0 + runtime_key: "foo.threshold" +aggression: + default_value: 1.0 + runtime_key: "foo.aggression" +max_rejection_probability: + default_value: + value: 80.0 + runtime_key: "foo.max_rejection_probability" +success_criteria: + http_criteria: + grpc_criteria: +)EOF"; + + auto config = makeConfig(yaml); + setupFilter(config); + + // Validate max rejection probability + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.aggression", 1.0)).WillRepeatedly(Return(1.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.threshold", 100.0)).WillRepeatedly(Return(100.0)); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 80.0)) + .WillRepeatedly(Return(10.0)); + + verifyProbabilities(100, 0.0); + verifyProbabilities(95, 0.05); + verifyProbabilities(80, 0.1); + verifyProbabilities(0, 0.1); } } // namespace diff --git a/test/extensions/filters/http/admission_control/admission_control_integration_test.cc b/test/extensions/filters/http/admission_control/admission_control_integration_test.cc index 3535a136f58b..ca3c07098b1e 100644 --- a/test/extensions/filters/http/admission_control/admission_control_integration_test.cc +++ b/test/extensions/filters/http/admission_control/admission_control_integration_test.cc @@ -1,4 +1,4 @@ -#include "common/grpc/common.h" +#include "source/common/grpc/common.h" #include "test/integration/autonomous_upstream.h" #include "test/integration/http_integration.h" @@ -33,8 +33,7 @@ class AdmissionControlIntegrationTest : public Event::TestUsingSimulatedTime, public testing::TestWithParam, public HttpIntegrationTest { public: - AdmissionControlIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + AdmissionControlIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void SetUp() override {} @@ -118,9 +117,9 @@ TEST_P(AdmissionControlIntegrationTest, HttpTest) { ++request_count; } - // Given the current throttling rate formula with an aggression of 1, it should result in a ~98% - // throttling rate. Allowing an error of 5%. - EXPECT_NEAR(throttle_count / request_count, 0.98, 0.05); + // Given the current throttling rate formula with an aggression of 1, it should result in a ~80% + // throttling rate (default max_rejection_probability). Allowing an error of 10%. + EXPECT_NEAR(throttle_count / request_count, 0.80, 0.10); // We now wait for the history to become stale. timeSystem().advanceTimeWait(std::chrono::seconds(120)); @@ -133,7 +132,7 @@ TEST_P(AdmissionControlIntegrationTest, HttpTest) { TEST_P(AdmissionControlIntegrationTest, GrpcTest) { autonomous_upstream_ = true; - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); initialize(); // Drop the success rate to a very low value. @@ -158,9 +157,9 @@ TEST_P(AdmissionControlIntegrationTest, GrpcTest) { ++request_count; } - // Given the current throttling rate formula with an aggression of 1, it should result in a ~98% - // throttling rate. Allowing an error of 5%. - EXPECT_NEAR(throttle_count / request_count, 0.98, 0.05); + // Given the current throttling rate formula with an aggression of 1, it should result in a ~80% + // throttling rate (default max_rejection_probability). Allowing an error of 10%. + EXPECT_NEAR(throttle_count / request_count, 0.80, 0.10); // We now wait for the history to become stale. timeSystem().advanceTimeWait(std::chrono::seconds(120)); diff --git a/test/extensions/filters/http/admission_control/config_test.cc b/test/extensions/filters/http/admission_control/config_test.cc index 13d73551462e..80e1d9ce81ae 100644 --- a/test/extensions/filters/http/admission_control/config_test.cc +++ b/test/extensions/filters/http/admission_control/config_test.cc @@ -3,11 +3,10 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/http/admission_control/admission_control.h" -#include "extensions/filters/http/admission_control/config.h" -#include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/http/admission_control/admission_control.h" +#include "source/extensions/filters/http/admission_control/config.h" +#include "source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/server/factory_context.h" @@ -119,6 +118,13 @@ sampling_window: 1337s aggression: default_value: 4.2 runtime_key: "foo.aggression" +rps_threshold: + default_value: 5 + runtime_key: "foo.rps_threshold" +max_rejection_probability: + default_value: + value: 70.0 + runtime_key: "foo.max_rejection_probability" success_criteria: http_criteria: grpc_criteria: @@ -129,6 +135,8 @@ sampling_window: 1337s EXPECT_FALSE(config->filterEnabled()); EXPECT_EQ(4.2, config->aggression()); EXPECT_EQ(0.92, config->successRateThreshold()); + EXPECT_EQ(5, config->rpsThreshold()); + EXPECT_EQ(0.7, config->maxRejectionProbability()); } // Verify the config defaults when not specified. @@ -146,6 +154,8 @@ TEST_F(AdmissionControlConfigTest, BasicTestMinimumConfigured) { EXPECT_TRUE(config->filterEnabled()); EXPECT_EQ(1.0, config->aggression()); EXPECT_EQ(0.95, config->successRateThreshold()); + EXPECT_EQ(0, config->rpsThreshold()); + EXPECT_EQ(0.8, config->maxRejectionProbability()); } // Ensure runtime fields are honored. @@ -162,6 +172,13 @@ sampling_window: 1337s aggression: default_value: 4.2 runtime_key: "foo.aggression" +rps_threshold: + default_value: 5 + runtime_key: "foo.rps_threshold" +max_rejection_probability: + default_value: + value: 70.0 + runtime_key: "foo.max_rejection_probability" success_criteria: http_criteria: grpc_criteria: @@ -175,12 +192,25 @@ sampling_window: 1337s EXPECT_EQ(1.3, config->aggression()); EXPECT_CALL(runtime_.snapshot_, getDouble("foo.sr_threshold", 92)).WillOnce(Return(24.0)); EXPECT_EQ(0.24, config->successRateThreshold()); + EXPECT_CALL(runtime_.snapshot_, getInteger("foo.rps_threshold", 5)).WillOnce(Return(12)); + EXPECT_EQ(12, config->rpsThreshold()); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 70.0)) + .WillOnce(Return(32.0)); + EXPECT_EQ(0.32, config->maxRejectionProbability()); // Verify bogus runtime thresholds revert to the default value. EXPECT_CALL(runtime_.snapshot_, getDouble("foo.sr_threshold", 92)).WillOnce(Return(250.0)); EXPECT_EQ(0.92, config->successRateThreshold()); EXPECT_CALL(runtime_.snapshot_, getDouble("foo.sr_threshold", 92)).WillOnce(Return(-1.0)); EXPECT_EQ(0.92, config->successRateThreshold()); + EXPECT_CALL(runtime_.snapshot_, getInteger("foo.rps_threshold", 5)).WillOnce(Return(99ull << 40)); + EXPECT_EQ(5, config->rpsThreshold()); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 70.0)) + .WillOnce(Return(-2.0)); + EXPECT_EQ(0.7, config->maxRejectionProbability()); + EXPECT_CALL(runtime_.snapshot_, getDouble("foo.max_rejection_probability", 70.0)) + .WillOnce(Return(300.0)); + EXPECT_EQ(0.7, config->maxRejectionProbability()); } } // namespace diff --git a/test/extensions/filters/http/admission_control/controller_test.cc b/test/extensions/filters/http/admission_control/controller_test.cc index bf88a7037431..2b7428251903 100644 --- a/test/extensions/filters/http/admission_control/controller_test.cc +++ b/test/extensions/filters/http/admission_control/controller_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" -#include "extensions/filters/http/admission_control/thread_local_controller.h" +#include "source/extensions/filters/http/admission_control/thread_local_controller.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" @@ -100,6 +100,37 @@ TEST_F(ThreadLocalControllerTest, VerifyMemoryUsage) { EXPECT_EQ(RequestData(3, 3), tlc_.requestCounts()); } +// Test for function: averageRps. +TEST_F(ThreadLocalControllerTest, AverageRps) { + // Validate that historical_data_ is empty. + EXPECT_EQ(0, tlc_.averageRps()); + + // Validate that global_data_.requests equals to zero. + tlc_.requestCounts(); + EXPECT_EQ(0, tlc_.averageRps()); + + // Validate the value in one second. + tlc_.recordSuccess(); + tlc_.recordFailure(); + EXPECT_EQ(2, tlc_.averageRps()); + + // Validate that the sampling window is not full. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + tlc_.recordSuccess(); + EXPECT_EQ(3, tlc_.averageRps()); + + // Now clean up the sampling window to validate that the sampling window is full. + time_system_.advanceTimeWait(std::chrono::seconds(10)); + for (int tick = 0; tick < window_.count(); ++tick) { + // 1 + 3 + 5 + 7 + 9 + for (int record_count = 0; record_count <= tick * 2; ++record_count) { + tlc_.recordSuccess(); + } + time_system_.advanceTimeWait(std::chrono::seconds(1)); + } + EXPECT_EQ(5, tlc_.averageRps()); +} + } // namespace } // namespace AdmissionControl } // namespace HttpFilters diff --git a/test/extensions/filters/http/admission_control/success_criteria_evaluator_test.cc b/test/extensions/filters/http/admission_control/success_criteria_evaluator_test.cc index 888497a1363e..7e3725daed47 100644 --- a/test/extensions/filters/http/admission_control/success_criteria_evaluator_test.cc +++ b/test/extensions/filters/http/admission_control/success_criteria_evaluator_test.cc @@ -3,10 +3,9 @@ #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.h" #include "envoy/extensions/filters/http/admission_control/v3alpha/admission_control.pb.validate.h" -#include "common/common/enum_to_int.h" - -#include "extensions/filters/http/admission_control/admission_control.h" -#include "extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" +#include "source/common/common/enum_to_int.h" +#include "source/extensions/filters/http/admission_control/admission_control.h" +#include "source/extensions/filters/http/admission_control/evaluators/success_criteria_evaluator.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/alternate_protocols_cache/BUILD b/test/extensions/filters/http/alternate_protocols_cache/BUILD new file mode 100644 index 000000000000..92e277132b3d --- /dev/null +++ b/test/extensions/filters/http/alternate_protocols_cache/BUILD @@ -0,0 +1,43 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) +load( + "//test/extensions:extensions_build_system.bzl", + "envoy_extension_cc_test", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_extension_cc_test( + name = "filter_test", + srcs = ["filter_test.cc"], + extension_name = "envoy.filters.http.alternate_protocols_cache", + deps = [ + "//source/extensions/filters/http/alternate_protocols_cache:config", + "//test/mocks/http:alternate_protocols_cache_mocks", + "//test/mocks/http:http_mocks", + "//test/mocks/network:network_mocks", + "@envoy_api//envoy/extensions/filters/http/alternate_protocols_cache/v3:pkg_cc_proto", + ], +) + +envoy_extension_cc_test( + name = "filter_integration_test", + srcs = ["filter_integration_test.cc"], + data = [ + "//test/config/integration/certs", + ], + extension_name = "envoy.filters.http.alternate_protocols_cache", + deps = [ + "//source/extensions/filters/http/alternate_protocols_cache:config", + "//test/integration:http_integration_lib", + "//test/integration:http_protocol_integration_lib", + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", + ], +) diff --git a/test/extensions/filters/http/alternate_protocols_cache/filter_integration_test.cc b/test/extensions/filters/http/alternate_protocols_cache/filter_integration_test.cc new file mode 100644 index 000000000000..344da0f9bf0b --- /dev/null +++ b/test/extensions/filters/http/alternate_protocols_cache/filter_integration_test.cc @@ -0,0 +1,87 @@ +#include "envoy/config/bootstrap/v3/bootstrap.pb.h" +#include "envoy/config/cluster/v3/cluster.pb.h" +#include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" +#include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" + +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" + +#include "test/integration/http_integration.h" +#include "test/integration/http_protocol_integration.h" +#include "test/integration/ssl_utility.h" + +namespace Envoy { +namespace { + +#ifdef ENVOY_ENABLE_QUIC + +class FilterIntegrationTest : public HttpProtocolIntegrationTest { +protected: + void initialize() override { + const std::string filter = R"EOF( +name: alternate_protocols_cache +typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.alternate_protocols_cache.v3.FilterConfig + alternate_protocols_cache_options: + name: default_alternate_protocols_cache +)EOF"; + config_helper_.addFilter(filter); + + upstream_tls_ = true; + config_helper_.configureUpstreamTls(/*use_alpn=*/true, /*http3=*/true, + /*use_alternate_protocols_cache=*/true); + + HttpProtocolIntegrationTest::initialize(); + } + + void createUpstreams() override { + // The integration test infrastructure does not know how to create mixed protocol upstreams. + // It will have created an HTTP/3 upstream, so the test needs to create an additional + // HTTP/2 upstream manually. + ASSERT_EQ(upstreamProtocol(), Http::CodecType::HTTP3); + ASSERT_EQ(fake_upstreams_count_, 1); + ASSERT_FALSE(autonomous_upstream_); + + auto config = configWithType(Http::CodecType::HTTP2); + Network::TransportSocketFactoryPtr factory = createUpstreamTlsContext(config); + addFakeUpstream(std::move(factory), Http::CodecType::HTTP2); + } +}; + +TEST_P(FilterIntegrationTest, AltSvc) { + const uint64_t request_size = 0; + const uint64_t response_size = 0; + const std::chrono::milliseconds timeout = TestUtility::DefaultTimeout; + + initialize(); + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + + Http::TestRequestHeaderMapImpl request_headers{ + {":method", "POST"}, {":path", "/test/long/url"}, {":scheme", "http"}, + {":authority", "host"}, {"x-lyft-user-id", "123"}, {"x-forwarded-for", "10.0.0.1"}}; + int port = fake_upstreams_[0]->localAddress()->ip()->port(); + std::string alt_svc = absl::StrCat("h3-29=\":", port, "\"; ma=86400"); + Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}, {"alt-svc", alt_svc}}; + + // First request should go out over HTTP/2. The response includes an Alt-Svc header. + auto response = sendRequestAndWaitForResponse(request_headers, request_size, response_headers, + response_size, 0, timeout); + checkSimpleRequestSuccess(request_size, response_size, response.get()); + test_server_->waitForCounterEq("cluster.cluster_0.upstream_cx_http2_total", 1); + + // Second request should go out over HTTP/3 because of the Alt-Svc information. + auto response2 = sendRequestAndWaitForResponse(request_headers, request_size, response_headers, + response_size, 0, timeout); + checkSimpleRequestSuccess(request_size, response_size, response2.get()); + test_server_->waitForCounterEq("cluster.cluster_0.upstream_cx_http3_total", 1); +} + +INSTANTIATE_TEST_SUITE_P(Protocols, FilterIntegrationTest, + testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( + {Http::CodecType::HTTP2}, {Http::CodecType::HTTP3})), + HttpProtocolIntegrationTest::protocolTestParamsToString); + +#endif + +} // namespace +} // namespace Envoy diff --git a/test/extensions/filters/http/alternate_protocols_cache/filter_test.cc b/test/extensions/filters/http/alternate_protocols_cache/filter_test.cc new file mode 100644 index 000000000000..951978299620 --- /dev/null +++ b/test/extensions/filters/http/alternate_protocols_cache/filter_test.cc @@ -0,0 +1,132 @@ +#include "envoy/extensions/filters/http/alternate_protocols_cache/v3/alternate_protocols_cache.pb.h" + +#include "source/extensions/filters/http/alternate_protocols_cache/filter.h" + +#include "test/mocks/http/alternate_protocols_cache.h" +#include "test/mocks/http/mocks.h" +#include "test/mocks/network/mocks.h" +#include "test/test_common/simulated_time_system.h" + +using testing::Return; +using testing::ReturnRef; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace AlternateProtocolsCache { +namespace { + +class FilterTest : public testing::Test, public Event::TestUsingSimulatedTime { +public: + FilterTest() + : alternate_protocols_cache_manager_( + std::make_shared()), + alternate_protocols_cache_(std::make_shared()) { + initialize(true); + } + + void initialize(bool populate_config) { + EXPECT_CALL(alternate_protocols_cache_manager_factory_, get()) + .WillOnce(Return(alternate_protocols_cache_manager_)); + + envoy::extensions::filters::http::alternate_protocols_cache::v3::FilterConfig proto_config; + if (populate_config) { + proto_config.mutable_alternate_protocols_cache_options()->set_name("foo"); + EXPECT_CALL(*alternate_protocols_cache_manager_, getCache(_)) + .WillOnce(Return(alternate_protocols_cache_)); + } + filter_config_ = std::make_shared( + proto_config, alternate_protocols_cache_manager_factory_, simTime()); + filter_ = std::make_unique(filter_config_); + filter_->setEncoderFilterCallbacks(callbacks_); + } + + Http::MockAlternateProtocolsCacheManagerFactory alternate_protocols_cache_manager_factory_; + std::shared_ptr alternate_protocols_cache_manager_; + std::shared_ptr alternate_protocols_cache_; + FilterConfigSharedPtr filter_config_; + std::unique_ptr filter_; + Http::MockStreamEncoderFilterCallbacks callbacks_; + Http::TestRequestHeaderMapImpl request_headers_{{":authority", "foo"}}; +}; + +std::string dumpOrigin(const Http::AlternateProtocolsCache::Origin& origin) { + return "{ scheme: '" + origin.scheme_ + "' host: '" + origin.hostname_ + + "' port: " + absl::StrCat(origin.port_) + " }\n"; +} + +std::string dumpAlternative(const Http::AlternateProtocolsCache::AlternateProtocol& origin) { + return "{ alpn: '" + origin.alpn_ + "' host: '" + origin.hostname_ + + "' port: " + absl::StrCat(origin.port_) + " }\n"; +} + +TEST_F(FilterTest, NoCache) { + initialize(false); + + Http::TestResponseHeaderMapImpl headers{ + {":status", "200"}, {"alt-svc", "h3-29=\":443\"; ma=86400, h3=\":443\"; ma=60"}}; + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + filter_->onDestroy(); +} + +TEST_F(FilterTest, NoAltSvc) { + Http::TestResponseHeaderMapImpl headers{{":status", "200"}}; + Http::AlternateProtocolsCache::Origin expected_origin("https", "host1", 443); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + filter_->onDestroy(); +} + +TEST_F(FilterTest, InvalidAltSvc) { + Http::TestResponseHeaderMapImpl headers{{":status", "200"}, {"alt-svc", "garbage"}}; + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + filter_->onDestroy(); +} + +TEST_F(FilterTest, ValidAltSvc) { + Http::TestResponseHeaderMapImpl headers{ + {":status", "200"}, {"alt-svc", "h3-29=\":443\"; ma=86400, h3=\":443\"; ma=60"}}; + Http::AlternateProtocolsCache::Origin expected_origin("https", "host1", 443); + MonotonicTime now = simTime().monotonicTime(); + const std::vector expected_protocols = { + Http::AlternateProtocolsCache::AlternateProtocol("h3-29", "", 443, + now + std::chrono::seconds(86400)), + Http::AlternateProtocolsCache::AlternateProtocol("h3", "", 443, + now + std::chrono::seconds(60)), + }; + + std::shared_ptr address = + std::make_shared("1.2.3.4:443", "1.2.3.4:443"); + Network::MockIp ip; + std::string hostname = "host1"; + std::shared_ptr hd = + std::make_shared(); + StreamInfo::MockStreamInfo stream_info; + EXPECT_CALL(callbacks_, streamInfo()).WillOnce(ReturnRef(stream_info)); + EXPECT_CALL(stream_info, upstreamHost()).WillOnce(testing::Return(hd)); + EXPECT_CALL(*hd, hostname()).WillOnce(ReturnRef(hostname)); + EXPECT_CALL(*hd, address()).WillOnce(Return(address)); + EXPECT_CALL(*address, ip()).WillOnce(Return(&ip)); + EXPECT_CALL(ip, port()).WillOnce(Return(443)); + EXPECT_CALL(*alternate_protocols_cache_, setAlternatives(_, _)) + .WillOnce(testing::DoAll( + testing::WithArg<0>(Invoke([expected_origin](auto& actual_origin) { + EXPECT_EQ(expected_origin, actual_origin) + << dumpOrigin(expected_origin) << dumpOrigin(actual_origin); + })), + testing::WithArg<1>(Invoke([expected_protocols](auto& actual_protocols) { + EXPECT_EQ(expected_protocols, actual_protocols) << dumpAlternative(actual_protocols[0]); + ; + })))); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + filter_->onDestroy(); +} + +} // namespace +} // namespace AlternateProtocolsCache +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/aws_lambda/arn_test.cc b/test/extensions/filters/http/aws_lambda/arn_test.cc index 8f20f9af7767..f8b580c5ed6b 100644 --- a/test/extensions/filters/http/aws_lambda/arn_test.cc +++ b/test/extensions/filters/http/aws_lambda/arn_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" +#include "source/extensions/filters/http/aws_lambda/aws_lambda_filter.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" diff --git a/test/extensions/filters/http/aws_lambda/aws_lambda_filter_integration_test.cc b/test/extensions/filters/http/aws_lambda/aws_lambda_filter_integration_test.cc index 5f5816a7de6a..db3227d9a2df 100644 --- a/test/extensions/filters/http/aws_lambda/aws_lambda_filter_integration_test.cc +++ b/test/extensions/filters/http/aws_lambda/aws_lambda_filter_integration_test.cc @@ -16,15 +16,14 @@ namespace { class AwsLambdaFilterIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - AwsLambdaFilterIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) {} + AwsLambdaFilterIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) {} void SetUp() override { // Set these environment variables to quickly sign credentials instead of attempting to query // instance metadata and timing-out. TestEnvironment::setEnvVar("AWS_ACCESS_KEY_ID", "aws-user", 1 /*overwrite*/); TestEnvironment::setEnvVar("AWS_SECRET_ACCESS_KEY", "secret", 1 /*overwrite*/); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); } void TearDown() override { fake_upstream_connection_.reset(); } diff --git a/test/extensions/filters/http/aws_lambda/aws_lambda_filter_test.cc b/test/extensions/filters/http/aws_lambda/aws_lambda_filter_test.cc index d8fb873cf297..ad4c1dbd93b2 100644 --- a/test/extensions/filters/http/aws_lambda/aws_lambda_filter_test.cc +++ b/test/extensions/filters/http/aws_lambda/aws_lambda_filter_test.cc @@ -3,11 +3,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/http/filter.h" +#include "source/extensions/filters/http/aws_lambda/aws_lambda_filter.h" #include "source/extensions/filters/http/aws_lambda/request_response.pb.validate.h" -#include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" -#include "extensions/filters/http/well_known_names.h" - #include "test/extensions/common/aws/mocks.h" #include "test/mocks/http/mocks.h" @@ -102,8 +100,7 @@ TEST_F(AwsLambdaFilterTest, PerRouteConfigWrongClusterMetadata) { setupFilter({arn_, InvocationMode::Synchronous, true /*passthrough*/}); FilterSettings route_settings{arn_, InvocationMode::Synchronous, true /*passthrough*/}; - ON_CALL(decoder_callbacks_.route_->route_entry_, - perFilterConfig(HttpFilterNames::get().AwsLambda)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.aws_lambda")) .WillByDefault(Return(&route_settings)); ON_CALL(*decoder_callbacks_.cluster_info_, metadata()).WillByDefault(ReturnRef(metadata)); @@ -125,8 +122,7 @@ TEST_F(AwsLambdaFilterTest, PerRouteConfigWrongClusterMetadata) { TEST_F(AwsLambdaFilterTest, PerRouteConfigCorrectClusterMetadata) { setupFilter({arn_, InvocationMode::Synchronous, true /*passthrough*/}); FilterSettings route_settings{arn_, InvocationMode::Synchronous, true /*passthrough*/}; - ON_CALL(decoder_callbacks_.route_->route_entry_, - perFilterConfig(HttpFilterNames::get().AwsLambda)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.aws_lambda")) .WillByDefault(Return(&route_settings)); Http::TestRequestHeaderMapImpl headers; @@ -519,6 +515,7 @@ TEST_F(AwsLambdaFilterTest, EncodeDataJsonModeTransformToHttp) { EXPECT_FALSE(headers.has(":other")); EXPECT_EQ("awesome value", headers.get_("x-awesome-header")); + EXPECT_EQ("application/json", headers.get_("content-type")); std::vector cookies; headers.iterate([&cookies](const Http::HeaderEntry& entry) { @@ -531,6 +528,40 @@ TEST_F(AwsLambdaFilterTest, EncodeDataJsonModeTransformToHttp) { EXPECT_THAT(cookies, ElementsAre("session-id=42; Secure; HttpOnly", "user=joe")); } +/** + * encodeData() data in JSON mode should respect content-type header. + */ +TEST_F(AwsLambdaFilterTest, EncodeDataJsonModeContentTypeHeader) { + setupFilter({arn_, InvocationMode::Synchronous, false /*passthrough*/}); + filter_->resolveSettings(); + Http::TestResponseHeaderMapImpl headers; + headers.setStatus(200); + filter_->encodeHeaders(headers, false /*end_stream*/); + + constexpr auto json_response = R"EOF( + { + "statusCode": 201, + "headers": {"content-type": "text/plain"} + } + )EOF"; + + Buffer::OwnedImpl encoded_buf; + encoded_buf.add(json_response); + auto on_modify_encoding_buffer = [&encoded_buf](std::function cb) { + cb(encoded_buf); + }; + EXPECT_CALL(encoder_callbacks_, encodingBuffer).WillRepeatedly(Return(&encoded_buf)); + EXPECT_CALL(encoder_callbacks_, modifyEncodingBuffer) + .WillRepeatedly(Invoke(on_modify_encoding_buffer)); + + auto result = filter_->encodeData(encoded_buf, true /*end_stream*/); + EXPECT_EQ(Http::FilterDataStatus::Continue, result); + + ASSERT_NE(nullptr, headers.Status()); + EXPECT_EQ("201", headers.getStatusValue()); + EXPECT_EQ("text/plain", headers.get_("content-type")); +} + /** * encodeData() in JSON mode with a non-empty body should translate the body to plain text if it was * base64-encoded. diff --git a/test/extensions/filters/http/aws_lambda/config_test.cc b/test/extensions/filters/http/aws_lambda/config_test.cc index 752f763292b6..c889caec2659 100644 --- a/test/extensions/filters/http/aws_lambda/config_test.cc +++ b/test/extensions/filters/http/aws_lambda/config_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.h" #include "envoy/extensions/filters/http/aws_lambda/v3/aws_lambda.pb.validate.h" -#include "extensions/filters/http/aws_lambda/aws_lambda_filter.h" -#include "extensions/filters/http/aws_lambda/config.h" +#include "source/extensions/filters/http/aws_lambda/aws_lambda_filter.h" +#include "source/extensions/filters/http/aws_lambda/config.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/aws_request_signing/aws_request_signing_filter_test.cc b/test/extensions/filters/http/aws_request_signing/aws_request_signing_filter_test.cc index 2e730a8a7040..a8343b6d3722 100644 --- a/test/extensions/filters/http/aws_request_signing/aws_request_signing_filter_test.cc +++ b/test/extensions/filters/http/aws_request_signing/aws_request_signing_filter_test.cc @@ -1,7 +1,7 @@ #include "envoy/http/filter.h" -#include "extensions/common/aws/signer.h" -#include "extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" +#include "source/extensions/common/aws/signer.h" +#include "source/extensions/filters/http/aws_request_signing/aws_request_signing_filter.h" #include "test/extensions/common/aws/mocks.h" #include "test/mocks/http/mocks.h" diff --git a/test/extensions/filters/http/aws_request_signing/config_test.cc b/test/extensions/filters/http/aws_request_signing/config_test.cc index 7d86e759b77e..58842ca8fd4d 100644 --- a/test/extensions/filters/http/aws_request_signing/config_test.cc +++ b/test/extensions/filters/http/aws_request_signing/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.h" #include "envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.pb.validate.h" -#include "extensions/filters/http/aws_request_signing/config.h" +#include "source/extensions/filters/http/aws_request_signing/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/bandwidth_limit/BUILD b/test/extensions/filters/http/bandwidth_limit/BUILD new file mode 100644 index 000000000000..ec46a1a91780 --- /dev/null +++ b/test/extensions/filters/http/bandwidth_limit/BUILD @@ -0,0 +1,38 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) +load( + "//test/extensions:extensions_build_system.bzl", + "envoy_extension_cc_test", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_extension_cc_test( + name = "filter_test", + srcs = ["filter_test.cc"], + extension_name = "envoy.filters.http.bandwidth_limit", + deps = [ + "//source/common/common:utility_lib", + "//source/common/http:header_utility_lib", + "//source/common/http:headers_lib", + "//source/common/router:header_parser_lib", + "//source/common/runtime:runtime_lib", + "//source/extensions/filters/http/bandwidth_limit:bandwidth_limit_lib", + "//test/mocks/server:server_mocks", + "@envoy_api//envoy/extensions/filters/http/bandwidth_limit/v3alpha:pkg_cc_proto", + ], +) + +envoy_extension_cc_test( + name = "config_test", + srcs = ["config_test.cc"], + extension_name = "envoy.filters.http.bandwidth_limit", + deps = [ + "//source/extensions/filters/http/bandwidth_limit:config", + "//test/mocks/server:server_mocks", + ], +) diff --git a/test/extensions/filters/http/bandwidth_limit/config_test.cc b/test/extensions/filters/http/bandwidth_limit/config_test.cc new file mode 100644 index 000000000000..b98ea7ca4d67 --- /dev/null +++ b/test/extensions/filters/http/bandwidth_limit/config_test.cc @@ -0,0 +1,119 @@ +#include "source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h" +#include "source/extensions/filters/http/bandwidth_limit/config.h" + +#include "test/mocks/server/mocks.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +using EnableMode = + envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit_EnableMode; + +TEST(Factory, GlobalEmptyConfig) { + const std::string yaml = R"( + stat_prefix: test + )"; + + BandwidthLimitFilterConfig factory; + ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); + TestUtility::loadFromYaml(yaml, *proto_config); + + NiceMock context; + + EXPECT_CALL(context.dispatcher_, createTimer_(_)).Times(0); + auto callback = factory.createFilterFactoryFromProto(*proto_config, "stats", context); + Http::MockFilterChainFactoryCallbacks filter_callback; + EXPECT_CALL(filter_callback, addStreamFilter(_)); + callback(filter_callback); +} + +TEST(Factory, RouteSpecificFilterConfig) { + const std::string config_yaml = R"( + stat_prefix: test + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 10 + fill_interval: 0.1s + )"; + + BandwidthLimitFilterConfig factory; + ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); + TestUtility::loadFromYaml(config_yaml, *proto_config); + + NiceMock context; + + EXPECT_CALL(context.dispatcher_, createTimer_(_)).Times(0); + const auto route_config = factory.createRouteSpecificFilterConfig( + *proto_config, context, ProtobufMessage::getNullValidationVisitor()); + const auto* config = dynamic_cast(route_config.get()); + EXPECT_EQ(config->limit(), 10); + EXPECT_EQ(config->fillInterval().count(), 100); + EXPECT_EQ(config->enableMode(), EnableMode::BandwidthLimit_EnableMode_REQUEST_AND_RESPONSE); + EXPECT_FALSE(config->tokenBucket() == nullptr); +} + +TEST(Factory, RouteSpecificFilterConfigDisabledByDefault) { + const std::string config_yaml = R"( + stat_prefix: test + limit_kbps: 10 + fill_interval: 0.1s + )"; + + BandwidthLimitFilterConfig factory; + ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); + TestUtility::loadFromYaml(config_yaml, *proto_config); + + NiceMock context; + + EXPECT_CALL(context.dispatcher_, createTimer_(_)).Times(0); + const auto route_config = factory.createRouteSpecificFilterConfig( + *proto_config, context, ProtobufMessage::getNullValidationVisitor()); + const auto* config = dynamic_cast(route_config.get()); + EXPECT_EQ(config->enableMode(), EnableMode::BandwidthLimit_EnableMode_DISABLED); + EXPECT_EQ(config->limit(), 10); + EXPECT_EQ(config->fillInterval().count(), 100); +} + +TEST(Factory, RouteSpecificFilterConfigDefaultFillInterval) { + const std::string config_yaml = R"( + stat_prefix: test + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 10 + )"; + + BandwidthLimitFilterConfig factory; + ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); + TestUtility::loadFromYaml(config_yaml, *proto_config); + + NiceMock context; + + EXPECT_CALL(context.dispatcher_, createTimer_(_)).Times(0); + const auto route_config = factory.createRouteSpecificFilterConfig( + *proto_config, context, ProtobufMessage::getNullValidationVisitor()); + const auto* config = dynamic_cast(route_config.get()); + EXPECT_EQ(config->limit(), 10); + EXPECT_EQ(config->fillInterval().count(), 50); +} + +TEST(Factory, PerRouteConfigNoLimits) { + const std::string config_yaml = R"( + stat_prefix: test + )"; + + BandwidthLimitFilterConfig factory; + ProtobufTypes::MessagePtr proto_config = factory.createEmptyRouteConfigProto(); + TestUtility::loadFromYaml(config_yaml, *proto_config); + + NiceMock context; + EXPECT_THROW(factory.createRouteSpecificFilterConfig(*proto_config, context, + ProtobufMessage::getNullValidationVisitor()), + EnvoyException); +} +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/bandwidth_limit/filter_test.cc b/test/extensions/filters/http/bandwidth_limit/filter_test.cc new file mode 100644 index 000000000000..daffe9076ea3 --- /dev/null +++ b/test/extensions/filters/http/bandwidth_limit/filter_test.cc @@ -0,0 +1,558 @@ +#include "envoy/extensions/filters/http/bandwidth_limit/v3alpha/bandwidth_limit.pb.h" + +#include "source/extensions/filters/http/bandwidth_limit/bandwidth_limit.h" + +#include "test/mocks/http/mocks.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +using testing::_; +using testing::AnyNumber; +using testing::NiceMock; +using testing::Return; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace BandwidthLimitFilter { + +class FilterTest : public testing::Test { +public: + FilterTest() = default; + + void setup(const std::string& yaml) { + envoy::extensions::filters::http::bandwidth_limit::v3alpha::BandwidthLimit config; + TestUtility::loadFromYaml(yaml, config); + config_ = std::make_shared(config, stats_, runtime_, time_system_, true); + filter_ = std::make_shared(config_); + filter_->setDecoderFilterCallbacks(decoder_filter_callbacks_); + filter_->setEncoderFilterCallbacks(encoder_filter_callbacks_); + + EXPECT_CALL(decoder_filter_callbacks_.dispatcher_, pushTrackedObject(_)).Times(AnyNumber()); + EXPECT_CALL(decoder_filter_callbacks_.dispatcher_, popTrackedObject(_)).Times(AnyNumber()); + EXPECT_CALL(encoder_filter_callbacks_.dispatcher_, pushTrackedObject(_)).Times(AnyNumber()); + EXPECT_CALL(encoder_filter_callbacks_.dispatcher_, popTrackedObject(_)).Times(AnyNumber()); + } + + uint64_t findCounter(const std::string& name) { + const auto counter = TestUtility::findCounter(stats_, name); + return counter != nullptr ? counter->value() : 0; + } + + uint64_t findGauge(const std::string& name) { + const auto gauge = TestUtility::findGauge(stats_, name); + return gauge != nullptr ? gauge->value() : 0; + } + + NiceMock stats_; + NiceMock decoder_filter_callbacks_; + NiceMock encoder_filter_callbacks_; + NiceMock runtime_; + std::shared_ptr config_; + std::shared_ptr filter_; + Http::TestRequestHeaderMapImpl request_headers_; + Http::TestRequestTrailerMapImpl request_trailers_; + Http::TestResponseHeaderMapImpl response_headers_; + Http::TestResponseTrailerMapImpl response_trailers_; + Buffer::OwnedImpl data_; + Event::SimulatedTimeSystem time_system_; +}; + +TEST_F(FilterTest, Disabled) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: false + runtime_key: foo_key + enable_mode: DISABLED + limit_kbps: 10 + fill_interval: 1s + )"; + setup(fmt::format(config_yaml, "1")); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, false)); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->decodeData(data_, false)); + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(request_trailers_)); + EXPECT_EQ(0U, findCounter("test.http_bandwidth_limit.request_enabled")); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers_, false)); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(response_trailers_)); + EXPECT_EQ(0U, findCounter("test.http_bandwidth_limit.response_enabled")); +} + +TEST_F(FilterTest, LimitOnDecode) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: true + runtime_key: foo_key + enable_mode: REQUEST + limit_kbps: 1 + )"; + setup(fmt::format(config_yaml, "1")); + + ON_CALL(decoder_filter_callbacks_, decoderBufferLimit()).WillByDefault(Return(1100)); + Event::MockTimer* token_timer = + new NiceMock(&decoder_filter_callbacks_.dispatcher_); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, true)); + + EXPECT_EQ(1U, findCounter("test.http_bandwidth_limit.request_enabled")); + EXPECT_EQ(1UL, config_->limit()); + EXPECT_EQ(50UL, config_->fillInterval().count()); + + // Send a small amount of data which should be within limit. + Buffer::OwnedImpl data1("hello"); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(data1, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(5, findGauge("test.http_bandwidth_limit.request_incoming_size")); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual("hello"), false)); + token_timer->invokeCallback(); + EXPECT_EQ(5, findGauge("test.http_bandwidth_limit.request_allowed_size")); + + // Advance time by 1s which should refill all tokens. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + + // Send 1126 bytes of data which is 1s + 2 refill cycles of data. + EXPECT_CALL(decoder_filter_callbacks_, onDecoderFilterAboveWriteBufferHighWatermark()); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + Buffer::OwnedImpl data2(std::string(1126, 'a')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(data2, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(1126, findGauge("test.http_bandwidth_limit.request_incoming_size")); + + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, onDecoderFilterBelowWriteBufferLowWatermark()); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(1024, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.request_allowed_size")); + EXPECT_EQ(1126, findGauge("test.http_bandwidth_limit.request_incoming_size")); + + // Fire timer, also advance time. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.request_allowed_size")); + EXPECT_EQ(1126, findGauge("test.http_bandwidth_limit.request_incoming_size")); + + // Get new data with current data buffered, not end_stream. + Buffer::OwnedImpl data3(std::string(51, 'b')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(data3, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.request_incoming_size")); + + // Fire timer, also advance time. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.request_allowed_size")); + + // Fire timer, also advance time. No timer enable because there is nothing + // buffered. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'b')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.request_allowed_size")); + + // Advance time by 1s for a full refill. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + + // Now send 1024 in one shot with end_stream true which should go through and + // end the stream. + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + Buffer::OwnedImpl data4(std::string(1024, 'c')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(data4, true)); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.request_incoming_size")); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(1024, 'c')), true)); + token_timer->invokeCallback(); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.request_allowed_size")); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.request_pending")); + + filter_->onDestroy(); +} + +TEST_F(FilterTest, LimitOnEncode) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: true + runtime_key: foo_key + enable_mode: RESPONSE + limit_kbps: 1 + )"; + setup(fmt::format(config_yaml, "1")); + + ON_CALL(encoder_filter_callbacks_, encoderBufferLimit()).WillByDefault(Return(1100)); + Event::MockTimer* token_timer = + new NiceMock(&encoder_filter_callbacks_.dispatcher_); + + EXPECT_EQ(1UL, config_->limit()); + EXPECT_EQ(50UL, config_->fillInterval().count()); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, + filter_->encode100ContinueHeaders(response_headers_)); + Http::MetadataMap metadata_map; + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers_, false)); + EXPECT_EQ(1U, findCounter("test.http_bandwidth_limit.response_enabled")); + + // Send a small amount of data which should be within limit. + Buffer::OwnedImpl data1("hello"); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(data1, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_EQ(5, findGauge("test.http_bandwidth_limit.response_incoming_size")); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual("hello"), false)); + token_timer->invokeCallback(); + EXPECT_EQ(5, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + // Advance time by 1s which should refill all tokens. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + + // Send 1126 bytes of data which is 1s + 2 refill cycles of data. + EXPECT_CALL(encoder_filter_callbacks_, onEncoderFilterAboveWriteBufferHighWatermark()); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + Buffer::OwnedImpl data2(std::string(1126, 'a')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(data2, false)); + EXPECT_EQ(1126, findGauge("test.http_bandwidth_limit.response_incoming_size")); + + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, onEncoderFilterBelowWriteBufferLowWatermark()); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(1024, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_EQ(1126, findGauge("test.http_bandwidth_limit.response_incoming_size")); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + // Fire timer, also advance time. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + // Get new data with current data buffered, not end_stream. + Buffer::OwnedImpl data3(std::string(51, 'b')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(data3, false)); + + // Fire timer, also advance time. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'a')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + // Fire timer, also advance time. No time enable because there is nothing + // buffered. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'b')), false)); + token_timer->invokeCallback(); + EXPECT_EQ(51, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + // Advance time by 1s for a full refill. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + + // Now send 1024 in one shot with end_stream true which should go through and + // end the stream. + EXPECT_CALL(*token_timer, enableTimer(std::chrono::milliseconds(0), _)); + Buffer::OwnedImpl data4(std::string(1024, 'c')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(data4, true)); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.response_incoming_size")); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(1024, 'c')), true)); + token_timer->invokeCallback(); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_EQ(1024, findGauge("test.http_bandwidth_limit.response_allowed_size")); + + filter_->onDestroy(); +} + +TEST_F(FilterTest, LimitOnDecodeAndEncode) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: true + runtime_key: foo_key + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 1 + )"; + setup(fmt::format(config_yaml, "1")); + + ON_CALL(decoder_filter_callbacks_, decoderBufferLimit()).WillByDefault(Return(1050)); + ON_CALL(encoder_filter_callbacks_, encoderBufferLimit()).WillByDefault(Return(1100)); + Event::MockTimer* request_timer = + new NiceMock(&decoder_filter_callbacks_.dispatcher_); + Event::MockTimer* response_timer = + new NiceMock(&encoder_filter_callbacks_.dispatcher_); + + EXPECT_EQ(1UL, config_->limit()); + EXPECT_EQ(50UL, config_->fillInterval().count()); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, + filter_->encode100ContinueHeaders(response_headers_)); + Http::MetadataMap metadata_map; + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->decodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, false)); + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers_, false)); + + // Send small amount of data from both sides which should be within initial + // bucket limit. + Buffer::OwnedImpl dec_data1("hello"); + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(dec_data1, false)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual("hello"), false)); + request_timer->invokeCallback(); + + Buffer::OwnedImpl enc_data1("world!"); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(enc_data1, false)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual("world!"), false)); + response_timer->invokeCallback(); + + // Advance time by 1s which should refill all tokens. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + // Send 1075 bytes of data on request path which is 1s + 1 refill cycle of + // data. Send 102 bytes of data on response path which is 2 refill cycles of + // data. + Buffer::OwnedImpl dec_data2(std::string(1075, 'd')); + Buffer::OwnedImpl enc_data2(std::string(102, 'e')); + + EXPECT_CALL(decoder_filter_callbacks_, onDecoderFilterAboveWriteBufferHighWatermark()); + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(dec_data2, false)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(enc_data2, false)); + + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, onDecoderFilterBelowWriteBufferLowWatermark()); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(1024, 'd')), false)); + request_timer->invokeCallback(); + + // Encoder will not be able to write any bytes due to insufficient tokens. + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string("")), false)); + response_timer->invokeCallback(); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), false)); + request_timer->invokeCallback(); + // Encoder will not be able to write any bytes due to insufficient tokens. + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string("")), false)); + response_timer->invokeCallback(); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'e')), false)); + response_timer->invokeCallback(); + + // Get new data with current data buffered, not end_stream. + Buffer::OwnedImpl data3(std::string(51, 'b')); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(data3, false)); + + // Fire timer, also advance time. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'e')), false)); + response_timer->invokeCallback(); + + // Fire timer, also advance time. No time enable because there is nothing + // buffered. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'b')), false)); + response_timer->invokeCallback(); + + // Advance time by 1s for a full refill. + time_system_.advanceTimeWait(std::chrono::seconds(1)); + + // Now send 1024 in total with end_stream true which should go through and end + // the streams. + Buffer::OwnedImpl enc_data4(std::string(960, 'e')); + Buffer::OwnedImpl dec_data4(std::string(51, 'd')); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(dec_data4, true)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(enc_data4, true)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), true)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(960, 'e')), true)); + response_timer->invokeCallback(); + request_timer->invokeCallback(); + + filter_->onDestroy(); +} + +TEST_F(FilterTest, WithTrailers) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: true + runtime_key: foo_key + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 1 + )"; + setup(fmt::format(config_yaml, "1")); + + ON_CALL(decoder_filter_callbacks_, decoderBufferLimit()).WillByDefault(Return(1050)); + ON_CALL(encoder_filter_callbacks_, encoderBufferLimit()).WillByDefault(Return(1100)); + Event::MockTimer* request_timer = + new NiceMock(&decoder_filter_callbacks_.dispatcher_); + Event::MockTimer* response_timer = + new NiceMock(&encoder_filter_callbacks_.dispatcher_); + + EXPECT_EQ(1UL, config_->limit()); + EXPECT_EQ(50UL, config_->fillInterval().count()); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, + filter_->encode100ContinueHeaders(response_headers_)); + Http::MetadataMap metadata_map; + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->decodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, false)); + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers_, false)); + + Buffer::OwnedImpl dec_data(std::string(102, 'd')); + Buffer::OwnedImpl enc_data(std::string(56, 'e')); + + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(dec_data, false)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(enc_data, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), false)); + EXPECT_EQ(Http::FilterTrailersStatus::StopIteration, filter_->decodeTrailers(request_trailers_)); + request_timer->invokeCallback(); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), false)); + request_timer->invokeCallback(); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.request_pending")); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'e')), false)); + response_timer->invokeCallback(); + EXPECT_EQ(Http::FilterTrailersStatus::StopIteration, filter_->encodeTrailers(response_trailers_)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(5, 'e')), false)); + response_timer->invokeCallback(); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.response_pending")); +} + +TEST_F(FilterTest, WithTrailersNoEndStream) { + const std::string config_yaml = R"( + stat_prefix: test + runtime_enabled: + default_value: true + runtime_key: foo_key + enable_mode: REQUEST_AND_RESPONSE + limit_kbps: 1 + )"; + setup(fmt::format(config_yaml, "1")); + + ON_CALL(decoder_filter_callbacks_, decoderBufferLimit()).WillByDefault(Return(1050)); + ON_CALL(encoder_filter_callbacks_, encoderBufferLimit()).WillByDefault(Return(1100)); + Event::MockTimer* request_timer = + new NiceMock(&decoder_filter_callbacks_.dispatcher_); + Event::MockTimer* response_timer = + new NiceMock(&encoder_filter_callbacks_.dispatcher_); + + EXPECT_EQ(1UL, config_->limit()); + EXPECT_EQ(50UL, config_->fillInterval().count()); + + EXPECT_EQ(Http::FilterHeadersStatus::Continue, + filter_->encode100ContinueHeaders(response_headers_)); + Http::MetadataMap metadata_map; + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->decodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, false)); + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers_, false)); + + Buffer::OwnedImpl dec_data(std::string(102, 'd')); + Buffer::OwnedImpl enc_data(std::string(56, 'e')); + + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(0), _)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->decodeData(dec_data, false)); + EXPECT_EQ(Http::FilterDataStatus::StopIterationNoBuffer, filter_->encodeData(enc_data, false)); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + + EXPECT_CALL(*request_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), false)); + request_timer->invokeCallback(); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(decoder_filter_callbacks_, + injectDecodedDataToFilterChain(BufferStringEqual(std::string(51, 'd')), false)); + request_timer->invokeCallback(); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.request_pending")); + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(request_trailers_)); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.request_pending")); + + // Fire timer, also advance time by 1 unit. + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(*response_timer, enableTimer(std::chrono::milliseconds(50), _)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(51, 'e')), false)); + response_timer->invokeCallback(); + + time_system_.advanceTimeWait(std::chrono::milliseconds(50)); + EXPECT_CALL(encoder_filter_callbacks_, + injectEncodedDataToFilterChain(BufferStringEqual(std::string(5, 'e')), false)); + response_timer->invokeCallback(); + EXPECT_EQ(1, findGauge("test.http_bandwidth_limit.response_pending")); + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(response_trailers_)); + EXPECT_EQ(0, findGauge("test.http_bandwidth_limit.response_pending")); +} + +} // namespace BandwidthLimitFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/buffer/BUILD b/test/extensions/filters/http/buffer/BUILD index e635afb7ce09..cf7467c62b2b 100644 --- a/test/extensions/filters/http/buffer/BUILD +++ b/test/extensions/filters/http/buffer/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["buffer_filter_test.cc"], extension_name = "envoy.filters.http.buffer", deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/http:header_map_lib", "//source/common/stats:stats_lib", "//source/extensions/filters/http/buffer:buffer_filter_lib", diff --git a/test/extensions/filters/http/buffer/buffer_filter_integration_test.cc b/test/extensions/filters/http/buffer/buffer_filter_integration_test.cc index 48f58baed8e7..cb910c2d1779 100644 --- a/test/extensions/filters/http/buffer/buffer_filter_integration_test.cc +++ b/test/extensions/filters/http/buffer/buffer_filter_integration_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "test/integration/http_protocol_integration.h" diff --git a/test/extensions/filters/http/buffer/buffer_filter_test.cc b/test/extensions/filters/http/buffer/buffer_filter_test.cc index 34ce1e2211b6..1f58977e864d 100644 --- a/test/extensions/filters/http/buffer/buffer_filter_test.cc +++ b/test/extensions/filters/http/buffer/buffer_filter_test.cc @@ -4,11 +4,9 @@ #include "envoy/event/dispatcher.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" -#include "common/http/header_map_impl.h" -#include "common/runtime/runtime_impl.h" - -#include "extensions/filters/http/buffer/buffer_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/extensions/filters/http/buffer/buffer_filter.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/http/mocks.h" @@ -41,10 +39,10 @@ class BufferFilterTest : public testing::Test { void routeLocalConfig(const Router::RouteSpecificFilterConfig* route_settings, const Router::RouteSpecificFilterConfig* vhost_settings) { - ON_CALL(callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Buffer)) + ON_CALL(callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.buffer")) .WillByDefault(Return(route_settings)); ON_CALL(callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().Buffer)) + perFilterConfig("envoy.filters.http.buffer")) .WillByDefault(Return(vhost_settings)); } diff --git a/test/extensions/filters/http/buffer/config_test.cc b/test/extensions/filters/http/buffer/config_test.cc index 268fe142931b..912210a0df4b 100644 --- a/test/extensions/filters/http/buffer/config_test.cc +++ b/test/extensions/filters/http/buffer/config_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.validate.h" -#include "extensions/filters/http/buffer/buffer_filter.h" -#include "extensions/filters/http/buffer/config.h" +#include "source/extensions/filters/http/buffer/buffer_filter.h" +#include "source/extensions/filters/http/buffer/config.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/cache/BUILD b/test/extensions/filters/http/cache/BUILD index 5b5398ab23aa..38c7a634ffce 100644 --- a/test/extensions/filters/http/cache/BUILD +++ b/test/extensions/filters/http/cache/BUILD @@ -24,7 +24,7 @@ envoy_extension_cc_test( extension_name = "envoy.filters.http.cache", deps = [ ":common", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/http:header_map_lib", "//source/extensions/filters/http/cache:cache_headers_utils_lib", "//test/test_common:simulated_time_system_lib", diff --git a/test/extensions/filters/http/cache/cache_custom_headers_test.cc b/test/extensions/filters/http/cache/cache_custom_headers_test.cc index 2b939613b16e..f7d54b16cb43 100644 --- a/test/extensions/filters/http/cache/cache_custom_headers_test.cc +++ b/test/extensions/filters/http/cache/cache_custom_headers_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cache/cache_custom_headers.h" +#include "source/extensions/filters/http/cache/cache_custom_headers.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/cache/cache_filter_test.cc b/test/extensions/filters/http/cache/cache_filter_test.cc index 1a75379b0c99..ff8357b0d4f0 100644 --- a/test/extensions/filters/http/cache/cache_filter_test.cc +++ b/test/extensions/filters/http/cache/cache_filter_test.cc @@ -1,9 +1,8 @@ #include "envoy/event/dispatcher.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/cache/cache_filter.h" -#include "extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/cache/cache_filter.h" +#include "source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" #include "test/extensions/filters/http/cache/common.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/cache/cache_headers_utils_test.cc b/test/extensions/filters/http/cache/cache_headers_utils_test.cc index 14a2c10282ce..2c0795195efe 100644 --- a/test/extensions/filters/http/cache/cache_headers_utils_test.cc +++ b/test/extensions/filters/http/cache/cache_headers_utils_test.cc @@ -4,12 +4,11 @@ #include "envoy/common/time.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/header_utility.h" - -#include "extensions/filters/http/cache/cache_headers_utils.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/header_utility.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" #include "test/extensions/filters/http/cache/common.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/filters/http/cache/cacheability_utils_test.cc b/test/extensions/filters/http/cache/cacheability_utils_test.cc index 797f8e685803..79b4b3f836a9 100644 --- a/test/extensions/filters/http/cache/cacheability_utils_test.cc +++ b/test/extensions/filters/http/cache/cacheability_utils_test.cc @@ -1,6 +1,6 @@ #include "envoy/http/header_map.h" -#include "extensions/filters/http/cache/cacheability_utils.h" +#include "source/extensions/filters/http/cache/cacheability_utils.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/cache/common.h b/test/extensions/filters/http/cache/common.h index d5c9c2bdd40e..7b81ac7618c0 100644 --- a/test/extensions/filters/http/cache/common.h +++ b/test/extensions/filters/http/cache/common.h @@ -1,8 +1,8 @@ #pragma once -#include "extensions/filters/http/cache/cache_headers_utils.h" -#include "extensions/filters/http/cache/http_cache.h" -#include "extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" +#include "source/extensions/filters/http/cache/http_cache.h" +#include "source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/http/cache/config_test.cc b/test/extensions/filters/http/cache/config_test.cc index e254044455a0..0991f842a2f7 100644 --- a/test/extensions/filters/http/cache/config_test.cc +++ b/test/extensions/filters/http/cache/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/cache/simple_http_cache/v3alpha/config.pb.h" -#include "extensions/filters/http/cache/cache_filter.h" -#include "extensions/filters/http/cache/config.h" +#include "source/extensions/filters/http/cache/cache_filter.h" +#include "source/extensions/filters/http/cache/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/cache/http_cache_test.cc b/test/extensions/filters/http/cache/http_cache_test.cc index a68708da301c..9ccc413033f9 100644 --- a/test/extensions/filters/http/cache/http_cache_test.cc +++ b/test/extensions/filters/http/cache/http_cache_test.cc @@ -1,8 +1,8 @@ #include #include -#include "extensions/filters/http/cache/cache_headers_utils.h" -#include "extensions/filters/http/cache/http_cache.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" +#include "source/extensions/filters/http/cache/http_cache.h" #include "test/extensions/filters/http/cache/common.h" #include "test/mocks/http/mocks.h" diff --git a/test/extensions/filters/http/cache/simple_http_cache/simple_http_cache_test.cc b/test/extensions/filters/http/cache/simple_http_cache/simple_http_cache_test.cc index cd534b1c6fe3..0e895d0c6efa 100644 --- a/test/extensions/filters/http/cache/simple_http_cache/simple_http_cache_test.cc +++ b/test/extensions/filters/http/cache/simple_http_cache/simple_http_cache_test.cc @@ -1,10 +1,9 @@ #include "envoy/http/header_map.h" #include "envoy/registry/registry.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/cache/cache_headers_utils.h" -#include "extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/cache/cache_headers_utils.h" +#include "source/extensions/filters/http/cache/simple_http_cache/simple_http_cache.h" #include "test/extensions/filters/http/cache/common.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/filters/http/cdn_loop/BUILD b/test/extensions/filters/http/cdn_loop/BUILD index d39c244e72a9..288d89e90399 100644 --- a/test/extensions/filters/http/cdn_loop/BUILD +++ b/test/extensions/filters/http/cdn_loop/BUILD @@ -42,8 +42,8 @@ envoy_cc_test( name = "filter_test", srcs = ["filter_test.cc"], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:filter_interface", + "//envoy/http:codes_interface", + "//envoy/http:filter_interface", "//source/extensions/filters/http/cdn_loop:filter_lib", "//test/mocks/http:http_mocks", "//test/test_common:utility_lib", diff --git a/test/extensions/filters/http/cdn_loop/config_test.cc b/test/extensions/filters/http/cdn_loop/config_test.cc index 288936bb2abb..ffcc776c9004 100644 --- a/test/extensions/filters/http/cdn_loop/config_test.cc +++ b/test/extensions/filters/http/cdn_loop/config_test.cc @@ -2,8 +2,8 @@ #include "envoy/extensions/filters/http/cdn_loop/v3alpha/cdn_loop.pb.h" -#include "extensions/filters/http/cdn_loop/config.h" -#include "extensions/filters/http/cdn_loop/filter.h" +#include "source/extensions/filters/http/cdn_loop/config.h" +#include "source/extensions/filters/http/cdn_loop/filter.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/cdn_loop/filter_integration_test.cc b/test/extensions/filters/http/cdn_loop/filter_integration_test.cc index a5db631c5c1a..5e61749d0bf2 100644 --- a/test/extensions/filters/http/cdn_loop/filter_integration_test.cc +++ b/test/extensions/filters/http/cdn_loop/filter_integration_test.cc @@ -178,10 +178,10 @@ TEST_P(CdnLoopFilterIntegrationTest, CdnLoop2Allowed3Seen) { INSTANTIATE_TEST_SUITE_P(Protocols, CdnLoopFilterIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, // Upstream doesn't matter, so by testing only 1, // the test is twice as fast. - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); } // namespace diff --git a/test/extensions/filters/http/cdn_loop/filter_test.cc b/test/extensions/filters/http/cdn_loop/filter_test.cc index a4bd33ef3d04..e71661ee5a37 100644 --- a/test/extensions/filters/http/cdn_loop/filter_test.cc +++ b/test/extensions/filters/http/cdn_loop/filter_test.cc @@ -1,7 +1,7 @@ #include "envoy/http/codes.h" #include "envoy/http/filter.h" -#include "extensions/filters/http/cdn_loop/filter.h" +#include "source/extensions/filters/http/cdn_loop/filter.h" #include "test/mocks/http/mocks.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/cdn_loop/parser_fuzz_test.cc b/test/extensions/filters/http/cdn_loop/parser_fuzz_test.cc index 7d5f53f8bbc4..cac7480dab7f 100644 --- a/test/extensions/filters/http/cdn_loop/parser_fuzz_test.cc +++ b/test/extensions/filters/http/cdn_loop/parser_fuzz_test.cc @@ -1,6 +1,5 @@ -#include "common/common/statusor.h" - -#include "extensions/filters/http/cdn_loop/parser.h" +#include "source/common/common/statusor.h" +#include "source/extensions/filters/http/cdn_loop/parser.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" diff --git a/test/extensions/filters/http/cdn_loop/parser_test.cc b/test/extensions/filters/http/cdn_loop/parser_test.cc index cdd43ebfa224..0adbf02a2cfc 100644 --- a/test/extensions/filters/http/cdn_loop/parser_test.cc +++ b/test/extensions/filters/http/cdn_loop/parser_test.cc @@ -1,6 +1,6 @@ #include -#include "extensions/filters/http/cdn_loop/parser.h" +#include "source/extensions/filters/http/cdn_loop/parser.h" #include "test/test_common/status_utility.h" diff --git a/test/extensions/filters/http/cdn_loop/utils_test.cc b/test/extensions/filters/http/cdn_loop/utils_test.cc index 95a4ab1415a3..a27ee285baa1 100644 --- a/test/extensions/filters/http/cdn_loop/utils_test.cc +++ b/test/extensions/filters/http/cdn_loop/utils_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/cdn_loop/utils.h" +#include "source/extensions/filters/http/cdn_loop/utils.h" #include "test/test_common/status_utility.h" diff --git a/test/extensions/filters/http/common/BUILD b/test/extensions/filters/http/common/BUILD index 2462cf2b7857..94ac2e75954b 100644 --- a/test/extensions/filters/http/common/BUILD +++ b/test/extensions/filters/http/common/BUILD @@ -32,7 +32,7 @@ envoy_cc_test_library( name = "empty_http_filter_config_lib", hdrs = ["empty_http_filter_config.h"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", ], ) @@ -56,7 +56,7 @@ envoy_cc_test( name = "stream_rate_limiter_test", srcs = ["stream_rate_limiter_test.cc"], deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:header_map_lib", diff --git a/test/extensions/filters/http/common/compressor/BUILD b/test/extensions/filters/http/common/compressor/BUILD deleted file mode 100644 index 6d984e2245ed..000000000000 --- a/test/extensions/filters/http/common/compressor/BUILD +++ /dev/null @@ -1,72 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_benchmark_test", - "envoy_cc_benchmark_binary", - "envoy_cc_test", - "envoy_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_package() - -envoy_cc_test( - name = "compressor_filter_test", - srcs = ["compressor_filter_test.cc"], - deps = [ - "//source/common/protobuf:utility_lib", - "//source/extensions/compression/gzip/compressor:config", - "//source/extensions/filters/http/common/compressor:compressor_lib", - "//test/mocks/compression/compressor:compressor_mocks", - "//test/mocks/http:http_mocks", - "//test/mocks/protobuf:protobuf_mocks", - "//test/mocks/runtime:runtime_mocks", - "//test/test_common:test_runtime_lib", - "//test/test_common:utility_lib", - "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", - ], -) - -envoy_cc_benchmark_binary( - name = "compressor_filter_speed_test", - srcs = ["compressor_filter_speed_test.cc"], - external_deps = [ - "benchmark", - "googletest", - ], - deps = [ - "//source/common/protobuf:utility_lib", - "//source/extensions/compression/gzip/compressor:compressor_lib", - "//source/extensions/filters/http/common/compressor:compressor_lib", - "//test/mocks/http:http_mocks", - "//test/mocks/protobuf:protobuf_mocks", - "//test/mocks/runtime:runtime_mocks", - "//test/test_common:printers_lib", - "//test/test_common:utility_lib", - "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", - ], -) - -envoy_cc_test( - name = "compressor_integration_tests", - srcs = [ - "compressor_integration_tests.cc", - "compressor_integration_tests.h", - ], - deps = [ - "//source/common/http:header_map_lib", - "//source/extensions/access_loggers/file:config", - "//source/extensions/compression/gzip/compressor:config", - "//source/extensions/filters/http/buffer:config", - "//source/extensions/filters/http/compressor:config", - "//test/integration:http_protocol_integration_lib", - "//test/test_common:utility_lib", - "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", - "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", - ], -) - -envoy_benchmark_test( - name = "compressor_filter_speed_test_benchmark_test", - benchmark_binary = "compressor_filter_speed_test", -) diff --git a/test/extensions/filters/http/common/compressor/compressor_filter_test.cc b/test/extensions/filters/http/common/compressor/compressor_filter_test.cc deleted file mode 100644 index 37513d45a968..000000000000 --- a/test/extensions/filters/http/common/compressor/compressor_filter_test.cc +++ /dev/null @@ -1,832 +0,0 @@ -#include - -#include "envoy/extensions/filters/http/compressor/v3/compressor.pb.h" - -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/common/compressor/compressor.h" - -#include "test/mocks/compression/compressor/mocks.h" -#include "test/mocks/http/mocks.h" -#include "test/mocks/protobuf/mocks.h" -#include "test/mocks/runtime/mocks.h" -#include "test/mocks/stats/mocks.h" -#include "test/test_common/test_runtime.h" -#include "test/test_common/utility.h" - -#include "gtest/gtest.h" - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Common { -namespace Compressors { - -using testing::_; -using testing::Return; - -class TestCompressorFilterConfig : public CompressorFilterConfig { -public: - TestCompressorFilterConfig( - const envoy::extensions::filters::http::compressor::v3::Compressor& compressor, - const std::string& stats_prefix, Stats::Scope& scope, Runtime::Loader& runtime, - const std::string& compressor_name) - : CompressorFilterConfig(compressor, stats_prefix + compressor_name + ".", scope, runtime, - compressor_name) {} - - Envoy::Compression::Compressor::CompressorPtr makeCompressor() override { - auto compressor = std::make_unique(); - EXPECT_CALL(*compressor, compress(_, _)).Times(expected_compress_calls_); - return compressor; - } - - void setExpectedCompressCalls(uint32_t calls) { expected_compress_calls_ = calls; } - -private: - uint32_t expected_compress_calls_{1}; -}; - -class CompressorFilterTest : public testing::Test { -public: - CompressorFilterTest() { - ON_CALL(runtime_.snapshot_, featureEnabled("test.filter_enabled", 100)) - .WillByDefault(Return(true)); - } - - void SetUp() override { - setUpFilter(R"EOF( -{ - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - } - - // CompressorFilterTest Helpers - void setUpFilter(std::string&& json) { - envoy::extensions::filters::http::compressor::v3::Compressor compressor; - TestUtility::loadFromJson(json, compressor); - config_ = - std::make_shared(compressor, "test.", stats_, runtime_, "test"); - filter_ = std::make_unique(config_); - filter_->setDecoderFilterCallbacks(decoder_callbacks_); - filter_->setEncoderFilterCallbacks(encoder_callbacks_); - } - - void verifyCompressedData() { - EXPECT_EQ( - expected_str_.length(), - stats_.counter(fmt::format("test.test.{}total_uncompressed_bytes", response_stats_prefix_)) - .value()); - EXPECT_EQ( - data_.length(), - stats_.counter(fmt::format("test.test.{}total_compressed_bytes", response_stats_prefix_)) - .value()); - } - - void populateBuffer(uint64_t size) { - data_.drain(data_.length()); - TestUtility::feedBufferWithRandomCharacters(data_, size); - expected_str_ = data_.toString(); - } - - void doRequestCompression(Http::TestRequestHeaderMapImpl&& headers, bool with_trailers) { - doRequest(headers, true, with_trailers); - } - - void doRequestNoCompression(Http::TestRequestHeaderMapImpl&& headers) { - doRequest(headers, false, false); - } - - void doRequest(Http::TestRequestHeaderMapImpl& headers, bool with_compression, - bool with_trailers) { - uint64_t buffer_content_size; - if (!absl::SimpleAtoi(headers.get_("content-length"), &buffer_content_size)) { - buffer_content_size = 5; - } - populateBuffer(buffer_content_size); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, false)); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->decodeData(data_, false)); - if (with_compression) { - if (with_trailers) { - EXPECT_CALL(decoder_callbacks_, addDecodedData(_, true)) - .WillOnce(Invoke([&](Buffer::Instance& data, bool) { data_.move(data); })); - Http::TestRequestTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(trailers)); - } - EXPECT_EQ(expected_str_.length(), - stats_.counter("test.test.request.total_uncompressed_bytes").value()); - EXPECT_EQ(data_.length(), stats_.counter("test.test.request.total_compressed_bytes").value()); - EXPECT_EQ(1, stats_.counter("test.test.request.compressed").value()); - } else { - EXPECT_EQ(1, stats_.counter("test.test.request.not_compressed").value()); - } - } - - void doResponseCompression(Http::TestResponseHeaderMapImpl& headers, bool with_trailers) { - doResponse(headers, true, with_trailers); - } - - void doResponseNoCompression(Http::TestResponseHeaderMapImpl& headers) { - doResponse(headers, false, false); - } - - void doResponse(Http::TestResponseHeaderMapImpl& headers, bool with_compression, - bool with_trailers) { - uint64_t buffer_content_size; - if (!absl::SimpleAtoi(headers.get_("content-length"), &buffer_content_size)) { - buffer_content_size = 1000; - } - populateBuffer(buffer_content_size); - Http::TestResponseHeaderMapImpl continue_headers; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, - filter_->encode100ContinueHeaders(continue_headers)); - Http::MetadataMap metadata_map{{"metadata", "metadata"}}; - EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - - if (with_compression) { - EXPECT_EQ("", headers.get_("content-length")); - EXPECT_EQ("test", headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, !with_trailers)); - if (with_trailers) { - EXPECT_CALL(encoder_callbacks_, addEncodedData(_, true)) - .WillOnce(Invoke([&](Buffer::Instance& data, bool) { data_.move(data); })); - Http::TestResponseTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(trailers)); - } - verifyCompressedData(); - EXPECT_EQ( - 1, stats_.counter(fmt::format("test.test.{}compressed", response_stats_prefix_)).value()); - } else { - EXPECT_EQ("", headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); - EXPECT_EQ(1, stats_.counter(fmt::format("test.test.{}not_compressed", response_stats_prefix_)) - .value()); - } - } - - std::shared_ptr config_; - std::unique_ptr filter_; - Buffer::OwnedImpl data_; - std::string expected_str_; - std::string response_stats_prefix_{}; - Stats::TestUtil::TestStore stats_; - NiceMock runtime_; - NiceMock decoder_callbacks_; - NiceMock encoder_callbacks_; -}; - -// Test if Runtime Feature is Disabled -TEST_F(CompressorFilterTest, DecodeHeadersWithRuntimeDisabled) { - setUpFilter(R"EOF( -{ - "response_direction_config": { - "common_config": { - "enabled": { - "default_value": true, - "runtime_key": "foo_key" - } - } - }, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - response_stats_prefix_ = "response."; - EXPECT_CALL(runtime_.snapshot_, getBoolean("foo_key", true)) - .Times(2) - .WillRepeatedly(Return(false)); - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - doResponseNoCompression(headers); - EXPECT_FALSE(headers.has("vary")); -} - -// Default config values. -TEST_F(CompressorFilterTest, DefaultConfigValues) { - EXPECT_EQ(30, config_->responseDirectionConfig().minimumLength()); - EXPECT_EQ(30, config_->requestDirectionConfig().minimumLength()); - EXPECT_EQ(false, config_->responseDirectionConfig().disableOnEtagHeader()); - EXPECT_EQ(false, config_->responseDirectionConfig().removeAcceptEncodingHeader()); - EXPECT_EQ(18, config_->responseDirectionConfig().contentTypeValues().size()); - EXPECT_EQ(18, config_->requestDirectionConfig().contentTypeValues().size()); -} - -TEST_F(CompressorFilterTest, CompressRequest) { - setUpFilter(R"EOF( -{ - "request_direction_config": {}, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - doRequestCompression({{":method", "post"}, {"content-length", "256"}}, false); - Http::TestResponseHeaderMapImpl headers{{":method", "post"}, {"content-length", "256"}}; - doResponseNoCompression(headers); -} - -TEST_F(CompressorFilterTest, CompressRequestAndResponseNoContentLength) { - setUpFilter(R"EOF( -{ - "request_direction_config": {}, - "response_direction_config": {}, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - response_stats_prefix_ = "response."; - doRequestCompression({{":method", "post"}, {"accept-encoding", "deflate, test"}}, false); - Http::TestResponseHeaderMapImpl headers{{":status", "200"}}; - doResponseCompression(headers, false); -} - -TEST_F(CompressorFilterTest, CompressRequestAndResponseNoContentLengthRuntimeDisabled) { - setUpFilter(R"EOF( -{ - "request_direction_config": {}, - "response_direction_config": {}, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - TestScopedRuntime scoped_runtime; - Runtime::LoaderSingleton::getExisting()->mergeValues( - {{"envoy.reloadable_features.enable_compression_without_content_length_header", "false"}}); - response_stats_prefix_ = "response."; - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); - Http::TestResponseHeaderMapImpl headers{{":status", "200"}}; - doResponseNoCompression(headers); -} - -TEST_F(CompressorFilterTest, CompressRequestWithTrailers) { - setUpFilter(R"EOF( -{ - "request_direction_config": {}, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - config_->setExpectedCompressCalls(2); - doRequestCompression({{":method", "post"}, {"content-length", "256"}}, true); - Http::TestResponseHeaderMapImpl headers{{":method", "post"}, {"content-length", "256"}}; - doResponseNoCompression(headers); -} - -// Acceptance Testing with default configuration. -TEST_F(CompressorFilterTest, AcceptanceTestEncoding) { - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); - - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - doResponseCompression(headers, false); -} - -TEST_F(CompressorFilterTest, AcceptanceTestEncodingWithTrailers) { - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - config_->setExpectedCompressCalls(2); - doResponseCompression(headers, true); -} - -TEST_F(CompressorFilterTest, NoAcceptEncodingHeader) { - doRequestNoCompression({{":method", "get"}, {}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - doResponseNoCompression(headers); - EXPECT_EQ(1, stats_.counter("test.test.no_accept_header").value()); - EXPECT_EQ("Accept-Encoding", headers.get_("vary")); -} - -TEST_F(CompressorFilterTest, CacheIdentityDecision) { - // check if identity stat is increased twice (the second time via the cached path). - config_->setExpectedCompressCalls(0); - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "identity"}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ(1, stats_.counter("test.test.header_identity").value()); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ(2, stats_.counter("test.test.header_identity").value()); -} - -TEST_F(CompressorFilterTest, CacheHeaderNotValidDecision) { - // check if not_valid stat is increased twice (the second time via the cached path). - config_->setExpectedCompressCalls(0); - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test;q=invalid"}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ(1, stats_.counter("test.test.header_not_valid").value()); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ(2, stats_.counter("test.test.header_not_valid").value()); -} - -// Content-Encoding: upstream response is already encoded. -TEST_F(CompressorFilterTest, ContentEncodingAlreadyEncoded) { - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); - Http::TestResponseHeaderMapImpl response_headers{ - {":method", "get"}, {"content-length", "256"}, {"content-encoding", "deflate, gzip"}}; - populateBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers, false)); - EXPECT_TRUE(response_headers.has("content-length")); - EXPECT_FALSE(response_headers.has("transfer-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); - EXPECT_EQ(1U, stats_.counter("test.test.not_compressed").value()); -} - -// No compression when upstream response is empty. -TEST_F(CompressorFilterTest, EmptyResponse) { - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {":status", "204"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, true)); - EXPECT_EQ("", headers.get_("content-length")); - EXPECT_EQ("", headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, true)); -} - -// Verify removeAcceptEncoding header. -TEST_F(CompressorFilterTest, RemoveAcceptEncodingHeader) { - { - Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, test, gzip, br"}}; - setUpFilter(R"EOF( -{ - "remove_accept_encoding_header": true, - "compressor_library": { - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); - EXPECT_FALSE(headers.has("accept-encoding")); - } - { - Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, test, gzip, br"}}; - setUpFilter(R"EOF( -{ - "compressor_library": { - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); - EXPECT_TRUE(headers.has("accept-encoding")); - EXPECT_EQ("deflate, test, gzip, br", headers.get_("accept-encoding")); - } -} - -class IsAcceptEncodingAllowedTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P( - IsAcceptEncodingAllowedTestSuite, IsAcceptEncodingAllowedTest, - testing::Values(std::make_tuple("deflate, test, br", true, 1, 0, 0, 0), - std::make_tuple("deflate, test;q=1.0, *;q=0.5", true, 1, 0, 0, 0), - std::make_tuple("\tdeflate\t, test\t ; q\t =\t 1.0,\t * ;q=0.5", true, 1, 0, 0, - 0), - std::make_tuple("deflate,test;q=1.0,*;q=0", true, 1, 0, 0, 0), - std::make_tuple("deflate, test;q=0.2, br;q=1", true, 1, 0, 0, 0), - std::make_tuple("*", true, 0, 1, 0, 0), - std::make_tuple("*;q=1", true, 0, 1, 0, 0), - std::make_tuple("xyz;q=1, br;q=0.2, *", true, 0, 1, 0, 0), - std::make_tuple("deflate, test;Q=.5, br", true, 1, 0, 0, 0), - std::make_tuple("test;q=0,*;q=1", false, 0, 0, 1, 0), - std::make_tuple("identity, *;q=0", false, 0, 0, 0, 1), - std::make_tuple("identity", false, 0, 0, 0, 1), - std::make_tuple("identity, *;q=0", false, 0, 0, 0, 1), - std::make_tuple("identity;q=1", false, 0, 0, 0, 1), - std::make_tuple("identity;q=0", false, 0, 0, 1, 0), - std::make_tuple("identity;Q=0", false, 0, 0, 1, 0), - std::make_tuple("identity;q=0.5, *;q=0", false, 0, 0, 0, 1), - std::make_tuple("identity;q=0, *;q=0", false, 0, 0, 1, 0), - std::make_tuple("xyz;q=1, br;q=0.2, *;q=0", false, 0, 0, 1, 0), - std::make_tuple("xyz;q=1, br;q=0.2", false, 0, 0, 1, 0), - std::make_tuple("", false, 0, 0, 1, 0), - std::make_tuple("test;q=invalid", false, 0, 0, 1, 0))); - -TEST_P(IsAcceptEncodingAllowedTest, Validate) { - const std::string& accept_encoding = std::get<0>(GetParam()); - const bool is_compression_expected = std::get<1>(GetParam()); - const int compressor_used = std::get<2>(GetParam()); - const int wildcard = std::get<3>(GetParam()); - const int not_valid = std::get<4>(GetParam()); - const int identity = std::get<5>(GetParam()); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", accept_encoding}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - doResponse(headers, is_compression_expected, false); - EXPECT_EQ(compressor_used, stats_.counter("test.test.header_compressor_used").value()); - EXPECT_EQ(wildcard, stats_.counter("test.test.header_wildcard").value()); - EXPECT_EQ(not_valid, stats_.counter("test.test.header_not_valid").value()); - EXPECT_EQ(identity, stats_.counter("test.test.header_identity").value()); - // Even if compression is disallowed by a client we must let her know the resource is - // compressible. - EXPECT_EQ("Accept-Encoding", headers.get_("vary")); -} - -class IsContentTypeAllowedTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P( - IsContentTypeAllowedTestSuite, IsContentTypeAllowedTest, - testing::Values( - std::make_tuple("text/html", true, false), std::make_tuple("text/xml", true, false), - std::make_tuple("text/plain", true, false), std::make_tuple("text/css", true, false), - std::make_tuple("application/javascript", true, false), - std::make_tuple("application/x-javascript", true, false), - std::make_tuple("text/javascript", true, false), - std::make_tuple("text/x-javascript", true, false), - std::make_tuple("text/ecmascript", true, false), std::make_tuple("text/js", true, false), - std::make_tuple("text/jscript", true, false), std::make_tuple("text/x-js", true, false), - std::make_tuple("application/ecmascript", true, false), - std::make_tuple("application/x-json", true, false), - std::make_tuple("application/xml", true, false), - std::make_tuple("application/json", true, false), - std::make_tuple("image/svg+xml", true, false), - std::make_tuple("application/xhtml+xml", true, false), - std::make_tuple("application/json;charset=utf-8", true, false), - std::make_tuple("Application/XHTML+XML", true, false), - std::make_tuple("\ttext/html\t", true, false), std::make_tuple("image/jpeg", false, false), - std::make_tuple("xyz/svg+xml", true, true), std::make_tuple("xyz/false", false, true), - std::make_tuple("image/jpeg", false, true), - std::make_tuple("test/insensitive", true, true))); - -TEST_P(IsContentTypeAllowedTest, Validate) { - const std::string& content_type = std::get<0>(GetParam()); - const bool should_compress = std::get<1>(GetParam()); - const bool is_custom_config = std::get<2>(GetParam()); - - if (is_custom_config) { - setUpFilter(R"EOF( - { - "content_type": [ - "text/html", - "xyz/svg+xml", - "Test/INSENSITIVE" - ], - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } - } - )EOF"); - } - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {"content-type", content_type}}; - doResponse(headers, should_compress, false); - EXPECT_EQ(should_compress ? 0 : 1, stats_.counter("test.test.header_not_valid").value()); - EXPECT_EQ(should_compress, headers.has("vary")); -} - -class CompressWithEtagTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P( - CompressWithEtagSuite, CompressWithEtagTest, - testing::Values(std::make_tuple("etag", R"EOF(W/"686897696a7c876b7e")EOF", true), - std::make_tuple("etag", R"EOF(w/"686897696a7c876b7e")EOF", true), - std::make_tuple("etag", "686897696a7c876b7e", false), - std::make_tuple("x-garbage", "garbagevalue", false))); - -TEST_P(CompressWithEtagTest, CompressionIsEnabledOnEtag) { - const std::string& header_name = std::get<0>(GetParam()); - const std::string& header_value = std::get<1>(GetParam()); - const bool is_weak_etag = std::get<2>(GetParam()); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; - doResponseCompression(headers, false); - EXPECT_EQ(0, stats_.counter("test.test.not_compressed_etag").value()); - EXPECT_EQ("test", headers.get_("content-encoding")); - if (is_weak_etag) { - EXPECT_EQ(header_value, headers.get_("etag")); - } else { - EXPECT_FALSE(headers.has("etag")); - } -} - -TEST_P(CompressWithEtagTest, CompressionIsDisabledOnEtag) { - const std::string& header_name = std::get<0>(GetParam()); - const std::string& header_value = std::get<1>(GetParam()); - - setUpFilter(R"EOF( -{ - "disable_on_etag_header": true, - "compressor_library": { - "name": "test", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF"); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; - if (StringUtil::CaseInsensitiveCompare()("etag", header_name)) { - doResponseNoCompression(headers); - EXPECT_EQ(1, stats_.counter("test.test.not_compressed_etag").value()); - EXPECT_FALSE(headers.has("vary")); - EXPECT_TRUE(headers.has("etag")); - } else { - doResponseCompression(headers, false); - EXPECT_EQ(0, stats_.counter("test.test.not_compressed_etag").value()); - EXPECT_EQ("test", headers.get_("content-encoding")); - EXPECT_TRUE(headers.has("vary")); - EXPECT_FALSE(headers.has("etag")); - } -} - -class HasCacheControlNoTransformTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P(HasCacheControlNoTransformTestSuite, HasCacheControlNoTransformTest, - testing::Values(std::make_tuple("no-cache", true), - std::make_tuple("no-transform", false), - std::make_tuple("No-Transform", false))); - -TEST_P(HasCacheControlNoTransformTest, Validate) { - const std::string& cache_control = std::get<0>(GetParam()); - const bool is_compression_expected = std::get<1>(GetParam()); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {"cache-control", cache_control}}; - doResponse(headers, is_compression_expected, false); - EXPECT_EQ(is_compression_expected, headers.has("vary")); -} - -class IsMinimumContentLengthTest - : public CompressorFilterTest, - public testing::WithParamInterface> { -}; - -INSTANTIATE_TEST_SUITE_P( - IsMinimumContentLengthTestSuite, IsMinimumContentLengthTest, - testing::Values(std::make_tuple("content-length", "31", "", true), - std::make_tuple("content-length", "29", "", false), - std::make_tuple("", "", "\"content_length\": 500,", true), - std::make_tuple("content-length", "501", "\"content_length\": 500,", true), - std::make_tuple("content-length", "499", "\"content_length\": 500,", false))); - -TEST_P(IsMinimumContentLengthTest, Validate) { - const std::string& header_name = std::get<0>(GetParam()); - const std::string& header_value = std::get<1>(GetParam()); - const std::string& content_length_config = std::get<2>(GetParam()); - const bool is_compression_expected = std::get<3>(GetParam()); - - setUpFilter(fmt::format(R"EOF( -{{ - {} - "compressor_library": {{ - "name": "test", - "typed_config": {{ - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - }} - }} -}} -)EOF", - content_length_config)); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {header_name, header_value}}; - doResponse(headers, is_compression_expected, false); - EXPECT_EQ(is_compression_expected, headers.has("vary")); -} - -class IsTransferEncodingAllowedTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P( - IsTransferEncodingAllowedSuite, IsTransferEncodingAllowedTest, - testing::Values(std::make_tuple("transfer-encoding", "deflate", false), - std::make_tuple("transfer-encoding", "Deflate", false), - std::make_tuple("transfer-encoding", "test", false), - std::make_tuple("transfer-encoding", "chunked, test", false), - std::make_tuple("transfer-encoding", "test, chunked", false), - std::make_tuple("transfer-encoding", "test\t, chunked\t", false), - std::make_tuple("x-garbage", "no_value", true))); - -TEST_P(IsTransferEncodingAllowedTest, Validate) { - const std::string& header_name = std::get<0>(GetParam()); - const std::string& header_value = std::get<1>(GetParam()); - const bool is_compression_expected = std::get<2>(GetParam()); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; - doResponse(headers, is_compression_expected, false); - EXPECT_EQ("Accept-Encoding", headers.get_("vary")); -} - -class InsertVaryHeaderTest - : public CompressorFilterTest, - public testing::WithParamInterface> {}; - -INSTANTIATE_TEST_SUITE_P( - InsertVaryHeaderTestSuite, InsertVaryHeaderTest, - testing::Values(std::make_tuple("x-garbage", "Cookie", "Accept-Encoding"), - std::make_tuple("vary", "Cookie", "Cookie, Accept-Encoding"), - std::make_tuple("vary", "accept-encoding", "accept-encoding, Accept-Encoding"), - std::make_tuple("vary", "Accept-Encoding, Cookie", "Accept-Encoding, Cookie"), - std::make_tuple("vary", "User-Agent, Cookie", - "User-Agent, Cookie, Accept-Encoding"), - std::make_tuple("vary", "Accept-Encoding", "Accept-Encoding"))); - -TEST_P(InsertVaryHeaderTest, Validate) { - const std::string& header_name = std::get<0>(GetParam()); - const std::string& header_value = std::get<1>(GetParam()); - const std::string& expected = std::get<2>(GetParam()); - - doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); - Http::TestResponseHeaderMapImpl headers{ - {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; - doResponseCompression(headers, false); - EXPECT_EQ(expected, headers.get_("vary")); -} - -class MultipleFiltersTest : public testing::Test { -protected: - void SetUp() override { - envoy::extensions::filters::http::compressor::v3::Compressor compressor; - TestUtility::loadFromJson(R"EOF( -{ - "compressor_library": { - "name": "test1", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF", - compressor); - auto config1 = std::make_shared(compressor, "test1.", stats1_, - runtime_, "test1"); - config1->setExpectedCompressCalls(0); - filter1_ = std::make_unique(config1); - - TestUtility::loadFromJson(R"EOF( -{ - "compressor_library": { - "name": "test2", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF", - compressor); - auto config2 = std::make_shared(compressor, "test2.", stats2_, - runtime_, "test2"); - config2->setExpectedCompressCalls(0); - filter2_ = std::make_unique(config2); - } - - NiceMock runtime_; - Stats::TestUtil::TestStore stats1_; - Stats::TestUtil::TestStore stats2_; - std::unique_ptr filter1_; - std::unique_ptr filter2_; -}; - -TEST_F(MultipleFiltersTest, IndependentFilters) { - // The compressor "test1" from an independent filter chain should not overshadow "test2". - // The independence is simulated with different instances of DecoderFilterCallbacks set for - // "test1" and "test2". - NiceMock decoder_callbacks1; - filter1_->setDecoderFilterCallbacks(decoder_callbacks1); - NiceMock decoder_callbacks2; - filter2_->setDecoderFilterCallbacks(decoder_callbacks2); - - Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, - {"accept-encoding", "test1;Q=.5,test2;q=0.75"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); - Http::TestResponseHeaderMapImpl headers1{{":method", "get"}, {"content-length", "256"}}; - Http::TestResponseHeaderMapImpl headers2{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers1, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers2, false)); - EXPECT_EQ(0, stats1_.counter("test1.test1.header_compressor_overshadowed").value()); - EXPECT_EQ(0, stats2_.counter("test2.test2.header_compressor_overshadowed").value()); - EXPECT_EQ(1, stats1_.counter("test1.test1.compressed").value()); - EXPECT_EQ(1, stats1_.counter("test1.test1.header_compressor_used").value()); - EXPECT_EQ(1, stats2_.counter("test2.test2.compressed").value()); - EXPECT_EQ(1, stats2_.counter("test2.test2.header_compressor_used").value()); -} - -TEST_F(MultipleFiltersTest, CacheEncodingDecision) { - // Test that encoding decision is cached when used by multiple filters. - NiceMock decoder_callbacks; - filter1_->setDecoderFilterCallbacks(decoder_callbacks); - filter2_->setDecoderFilterCallbacks(decoder_callbacks); - - Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, - {"accept-encoding", "test1;Q=.5,test2;q=0.75"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers, false)); - EXPECT_EQ(1, stats1_.counter("test1.test1.header_compressor_overshadowed").value()); - EXPECT_EQ(1, stats2_.counter("test2.test2.header_compressor_used").value()); - // Reset headers as content-length got removed by filter2. - headers = {{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers, false)); - EXPECT_EQ(2, stats1_.counter("test1.test1.header_compressor_overshadowed").value()); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers, false)); - EXPECT_EQ(2, stats2_.counter("test2.test2.header_compressor_used").value()); -} - -TEST_F(MultipleFiltersTest, UseFirstRegisteredFilterWhenWildcard) { - // Test that first registered filter is used when handling wildcard. - NiceMock decoder_callbacks; - filter1_->setDecoderFilterCallbacks(decoder_callbacks); - filter2_->setDecoderFilterCallbacks(decoder_callbacks); - - Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, {"accept-encoding", "*"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); - Http::TestResponseHeaderMapImpl headers1{{":method", "get"}, {"content-length", "256"}}; - Http::TestResponseHeaderMapImpl headers2{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers1, false)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers2, false)); - EXPECT_EQ(1, stats1_.counter("test1.test1.compressed").value()); - EXPECT_EQ(0, stats2_.counter("test2.test2.compressed").value()); - EXPECT_EQ(1, stats1_.counter("test1.test1.header_wildcard").value()); - EXPECT_EQ(1, stats2_.counter("test2.test2.header_wildcard").value()); -} - -TEST(LegacyTest, GzipStats) { - // check if the legacy "header_gzip" counter is incremented for gzip compression filter - Stats::TestUtil::TestStore stats; - NiceMock runtime; - envoy::extensions::filters::http::compressor::v3::Compressor compressor; - TestUtility::loadFromJson(R"EOF( -{ - "compressor_library": { - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" - } - } -} -)EOF", - compressor); - auto config = - std::make_shared(compressor, "test.", stats, runtime, "gzip"); - config->setExpectedCompressCalls(0); - auto gzip_filter = std::make_unique(config); - NiceMock decoder_callbacks; - gzip_filter->setDecoderFilterCallbacks(decoder_callbacks); - Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, - {"accept-encoding", "gzip;q=0.75"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, gzip_filter->decodeHeaders(req_headers, false)); - Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, gzip_filter->encodeHeaders(headers, false)); - EXPECT_EQ(1, stats.counter("test.gzip.header_gzip").value()); - EXPECT_EQ(1, stats.counter("test.gzip.compressed").value()); - // Reset headers as content-length got removed by gzip_filter. - headers = {{":method", "get"}, {"content-length", "256"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, gzip_filter->encodeHeaders(headers, false)); - EXPECT_EQ(2, stats.counter("test.gzip.header_gzip").value()); - EXPECT_EQ(2, stats.counter("test.gzip.compressed").value()); -} - -} // namespace Compressors -} // namespace Common -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/test/extensions/filters/http/common/empty_http_filter_config.h b/test/extensions/filters/http/common/empty_http_filter_config.h index 1baa88a90504..45f59857829d 100644 --- a/test/extensions/filters/http/common/empty_http_filter_config.h +++ b/test/extensions/filters/http/common/empty_http_filter_config.h @@ -4,7 +4,7 @@ #include "envoy/server/filter_config.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/http/common/fuzz/BUILD b/test/extensions/filters/http/common/fuzz/BUILD index e647e4354c4b..ad1be79cf341 100644 --- a/test/extensions/filters/http/common/fuzz/BUILD +++ b/test/extensions/filters/http/common/fuzz/BUILD @@ -27,7 +27,7 @@ envoy_cc_test_library( name = "http_filter_fuzzer_lib", hdrs = ["http_filter_fuzzer.h"], deps = [ - "//include/envoy/http:filter_interface", + "//envoy/http:filter_interface", "//source/common/http:utility_lib", "//test/fuzz:common_proto_cc_proto", "//test/fuzz:utility_lib", @@ -49,7 +49,6 @@ envoy_cc_test_library( "//source/common/http:utility_lib", "//source/common/protobuf:utility_lib", "//source/common/tracing:http_tracer_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/common:utility_lib", "//test/mocks/buffer:buffer_mocks", "//test/mocks/http:http_mocks", diff --git a/test/extensions/filters/http/common/fuzz/filter_fuzz_test.cc b/test/extensions/filters/http/common/fuzz/filter_fuzz_test.cc index 429e34191ba1..a4f2e5a9cea9 100644 --- a/test/extensions/filters/http/common/fuzz/filter_fuzz_test.cc +++ b/test/extensions/filters/http/common/fuzz/filter_fuzz_test.cc @@ -1,7 +1,5 @@ -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" #include "test/config/utility.h" #include "test/extensions/filters/http/common/fuzz/filter_fuzz.pb.validate.h" diff --git a/test/extensions/filters/http/common/fuzz/http_filter_fuzzer.h b/test/extensions/filters/http/common/fuzz/http_filter_fuzzer.h index dba20989d343..861c50f4220a 100644 --- a/test/extensions/filters/http/common/fuzz/http_filter_fuzzer.h +++ b/test/extensions/filters/http/common/fuzz/http_filter_fuzzer.h @@ -2,7 +2,7 @@ #include "envoy/http/filter.h" -#include "common/http/utility.h" +#include "source/common/http/utility.h" #include "test/fuzz/common.pb.h" #include "test/fuzz/utility.h" diff --git a/test/extensions/filters/http/common/fuzz/uber_filter.cc b/test/extensions/filters/http/common/fuzz/uber_filter.cc index d43c2f403c77..748c84b311cc 100644 --- a/test/extensions/filters/http/common/fuzz/uber_filter.cc +++ b/test/extensions/filters/http/common/fuzz/uber_filter.cc @@ -1,11 +1,11 @@ #include "test/extensions/filters/http/common/fuzz/uber_filter.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/http/message_impl.h" -#include "common/http/utility.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/http/message_impl.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/common/fuzz/uber_per_filter.cc b/test/extensions/filters/http/common/fuzz/uber_per_filter.cc index 11a2c7bc1a1f..ce6720a2d2bf 100644 --- a/test/extensions/filters/http/common/fuzz/uber_per_filter.cc +++ b/test/extensions/filters/http/common/fuzz/uber_per_filter.cc @@ -3,10 +3,8 @@ #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/tap/v3/tap.pb.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/filters/http/common/utility.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/filters/http/common/utility.h" #include "test/extensions/filters/http/common/fuzz/uber_filter.h" #include "test/proto/bookstore.pb.h" @@ -110,12 +108,12 @@ void UberFilterFuzzer::cleanFuzzedConfig(absl::string_view filter_name, const std::string name = Extensions::HttpFilters::Common::FilterNameUtil::canonicalFilterName( std::string(filter_name)); // Map filter name to clean-up function. - if (filter_name == HttpFilterNames::get().GrpcJsonTranscoder) { + if (filter_name == "envoy.filters.http.grpc_json_transcoder") { // Add a valid service proto descriptor. addBookstoreProtoDescriptor(message); - } else if (name == HttpFilterNames::get().Squash) { + } else if (name == "envoy.filters.http.squash") { cleanAttachmentTemplate(message); - } else if (name == HttpFilterNames::get().Tap) { + } else if (name == "envoy.filters.http.tap") { // TapDS oneof field and OutputSinkType StreamingGrpc not implemented cleanTapConfig(message); } diff --git a/test/extensions/filters/http/common/jwks_fetcher_test.cc b/test/extensions/filters/http/common/jwks_fetcher_test.cc index cd3604aa40bf..aad2ac07b636 100644 --- a/test/extensions/filters/http/common/jwks_fetcher_test.cc +++ b/test/extensions/filters/http/common/jwks_fetcher_test.cc @@ -3,10 +3,9 @@ #include "envoy/config/core/v3/http_uri.pb.h" -#include "common/http/message_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/common/jwks_fetcher.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" #include "test/extensions/filters/http/common/mock.h" #include "test/mocks/http/mocks.h" diff --git a/test/extensions/filters/http/common/mock.h b/test/extensions/filters/http/common/mock.h index 53b35de15b10..3aa0bb3b2b04 100644 --- a/test/extensions/filters/http/common/mock.h +++ b/test/extensions/filters/http/common/mock.h @@ -2,9 +2,8 @@ #include "envoy/config/core/v3/http_uri.pb.h" -#include "common/http/message_impl.h" - -#include "extensions/filters/http/common/jwks_fetcher.h" +#include "source/common/http/message_impl.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" #include "test/mocks/upstream/mocks.h" diff --git a/test/extensions/filters/http/common/stream_rate_limiter_test.cc b/test/extensions/filters/http/common/stream_rate_limiter_test.cc index d2e57de2d4f9..97f18f5957ca 100644 --- a/test/extensions/filters/http/common/stream_rate_limiter_test.cc +++ b/test/extensions/filters/http/common/stream_rate_limiter_test.cc @@ -1,9 +1,8 @@ #include "envoy/event/dispatcher.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" - -#include "extensions/filters/http/common/stream_rate_limiter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/extensions/filters/http/common/stream_rate_limiter.h" #include "test/common/http/common.h" #include "test/mocks/http/mocks.h" @@ -142,6 +141,9 @@ TEST_F(StreamRateLimiterTest, RateLimitOnSingleStream) { EXPECT_CALL(decoder_callbacks_, injectDecodedDataToFilterChain(BufferStringEqual(std::string(1024, 'c')), true)); token_timer->invokeCallback(); + + limiter_->destroy(); + EXPECT_EQ(limiter_->destroyed(), true); } } // namespace Common diff --git a/test/extensions/filters/http/common/utility_test.cc b/test/extensions/filters/http/common/utility_test.cc index 7b8923309180..0aa3a35cad86 100644 --- a/test/extensions/filters/http/common/utility_test.cc +++ b/test/extensions/filters/http/common/utility_test.cc @@ -1,5 +1,4 @@ -#include "extensions/filters/http/common/utility.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/common/utility.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/utility.h" @@ -21,8 +20,8 @@ namespace { TEST(FilterNameUtilTest, TestIgnoreCanonicalName) { NiceMock runtime; - EXPECT_EQ(HttpFilterNames::get().Buffer, - FilterNameUtil::canonicalFilterName(HttpFilterNames::get().Buffer, &runtime)); + EXPECT_EQ("envoy.filters.http.buffer", + FilterNameUtil::canonicalFilterName("envoy.filters.http.buffer", &runtime)); EXPECT_EQ("canonical.name", FilterNameUtil::canonicalFilterName("canonical.name", &runtime)); } @@ -35,9 +34,9 @@ TEST(FilterNameUtilTest, DEPRECATED_FEATURE_TEST(TestDeprecatedName)) { deprecatedFeatureEnabled("envoy.deprecated_features.allow_deprecated_extension_names", _)) .WillRepeatedly(Return(true)); - EXPECT_EQ(HttpFilterNames::get().Buffer, + EXPECT_EQ("envoy.filters.http.buffer", FilterNameUtil::canonicalFilterName("envoy.buffer", &runtime)); - EXPECT_EQ(HttpFilterNames::get().Squash, + EXPECT_EQ("envoy.filters.http.squash", FilterNameUtil::canonicalFilterName("envoy.squash", &runtime)); } diff --git a/test/extensions/filters/http/composite/BUILD b/test/extensions/filters/http/composite/BUILD index 0768e292c173..242fef53136d 100644 --- a/test/extensions/filters/http/composite/BUILD +++ b/test/extensions/filters/http/composite/BUILD @@ -19,6 +19,7 @@ envoy_extension_cc_test( "//source/common/http:header_map_lib", "//source/extensions/filters/http/composite:config", "//source/extensions/filters/http/composite:filter_lib", + "//test/mocks/access_log:access_log_mocks", "//test/mocks/http:http_mocks", ], ) diff --git a/test/extensions/filters/http/composite/composite_filter_integration_test.cc b/test/extensions/filters/http/composite/composite_filter_integration_test.cc index de0abba85a07..b639e8cf3a7b 100644 --- a/test/extensions/filters/http/composite/composite_filter_integration_test.cc +++ b/test/extensions/filters/http/composite/composite_filter_integration_test.cc @@ -11,8 +11,7 @@ namespace Envoy { class CompositeFilterIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - CompositeFilterIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + CompositeFilterIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { config_helper_.addRuntimeOverride("envoy.reloadable_features.experimental_matching_api", diff --git a/test/extensions/filters/http/composite/filter_test.cc b/test/extensions/filters/http/composite/filter_test.cc index 019d303aae29..f6591d75f964 100644 --- a/test/extensions/filters/http/composite/filter_test.cc +++ b/test/extensions/filters/http/composite/filter_test.cc @@ -2,8 +2,9 @@ #include "envoy/http/metadata_interface.h" -#include "extensions/filters/http/composite/filter.h" +#include "source/extensions/filters/http/composite/filter.h" +#include "test/mocks/access_log/mocks.h" #include "test/mocks/http/mocks.h" #include "gtest/gtest.h" @@ -275,6 +276,36 @@ TEST_F(FilterTest, StreamFilterDelegationMultipleEncodeFilterWithMatchTree) { filter_.onDestroy(); } +// Adding a encoder filter and an access loggers should be permitted and delegate to the access +// logger. +TEST_F(FilterTest, StreamFilterDelegationMultipleAccessLoggers) { + auto encode_filter = std::make_shared(); + auto access_log_1 = std::make_shared(); + auto access_log_2 = std::make_shared(); + + auto factory_callback = [&](Http::FilterChainFactoryCallbacks& cb) { + cb.addStreamEncoderFilter(encode_filter); + cb.addAccessLogHandler(access_log_1); + cb.addAccessLogHandler(access_log_2); + }; + + ExecuteFilterAction action(factory_callback); + EXPECT_CALL(*encode_filter, setEncoderFilterCallbacks(_)); + EXPECT_CALL(success_counter_, inc()); + filter_.onMatchCallback(action); + + doAllDecodingCallbacks(); + expectDelegatedEncoding(*encode_filter); + doAllEncodingCallbacks(); + + EXPECT_CALL(*encode_filter, onDestroy()); + filter_.onDestroy(); + + EXPECT_CALL(*access_log_1, log(_, _, _, _)); + EXPECT_CALL(*access_log_2, log(_, _, _, _)); + filter_.log(nullptr, nullptr, nullptr, StreamInfo::MockStreamInfo()); +} + } // namespace } // namespace Composite } // namespace HttpFilters diff --git a/test/extensions/filters/http/compressor/BUILD b/test/extensions/filters/http/compressor/BUILD index c215ff078fb4..c7523bd22bdb 100644 --- a/test/extensions/filters/http/compressor/BUILD +++ b/test/extensions/filters/http/compressor/BUILD @@ -1,5 +1,8 @@ load( "//bazel:envoy_build_system.bzl", + "envoy_benchmark_test", + "envoy_cc_benchmark_binary", + "envoy_cc_test", "envoy_package", "envoy_proto_library", ) @@ -19,9 +22,12 @@ envoy_extension_cc_test( ], extension_name = "envoy.filters.http.compressor", deps = [ + "//source/extensions/compression/gzip/compressor:config", "//source/extensions/filters/http/compressor:compressor_filter_lib", "//test/mocks/compression/compressor:compressor_mocks", + "//test/mocks/http:http_mocks", "//test/mocks/runtime:runtime_mocks", + "//test/test_common:test_runtime_lib", "//test/test_common:utility_lib", ], ) @@ -61,3 +67,50 @@ envoy_extension_cc_test( "//test/test_common:utility_lib", ], ) + +envoy_cc_benchmark_binary( + name = "compressor_filter_speed_test", + srcs = ["compressor_filter_speed_test.cc"], + external_deps = [ + "benchmark", + "googletest", + ], + deps = [ + "//envoy/compression/compressor:compressor_factory_interface", + "//source/common/protobuf:utility_lib", + "//source/extensions/compression/gzip/compressor:compressor_lib", + "//source/extensions/filters/http/compressor:compressor_filter_lib", + "//test/mocks/http:http_mocks", + "//test/mocks/protobuf:protobuf_mocks", + "//test/mocks/runtime:runtime_mocks", + "//test/test_common:printers_lib", + "//test/test_common:utility_lib", + "@envoy_api//envoy/extensions/filters/http/compressor/v3:pkg_cc_proto", + ], +) + +envoy_benchmark_test( + name = "compressor_filter_speed_test_benchmark_test", + benchmark_binary = "compressor_filter_speed_test", + # TODO(envoyproxy/windows-dev): diagnose clang-cl build test failure + tags = ["fails_on_windows"], +) + +envoy_cc_test( + name = "compressor_integration_tests", + srcs = [ + "compressor_integration_tests.cc", + "compressor_integration_tests.h", + ], + deps = [ + "//source/common/http:header_map_lib", + "//source/extensions/access_loggers/file:config", + "//source/extensions/compression/gzip/compressor:config", + "//source/extensions/filters/http/buffer:config", + "//source/extensions/filters/http/compressor:config", + "//test/integration:http_protocol_integration_lib", + "//test/test_common:utility_lib", + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + ], +) diff --git a/test/extensions/filters/http/compressor/compressor_filter_integration_test.cc b/test/extensions/filters/http/compressor/compressor_filter_integration_test.cc index aaaf2908facf..598870b32f86 100644 --- a/test/extensions/filters/http/compressor/compressor_filter_integration_test.cc +++ b/test/extensions/filters/http/compressor/compressor_filter_integration_test.cc @@ -1,6 +1,6 @@ #include "envoy/event/timer.h" -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" +#include "source/extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" #include "test/integration/http_integration.h" #include "test/test_common/simulated_time_system.h" @@ -14,7 +14,7 @@ class CompressorIntegrationTest : public testing::TestWithParam(); compressor->init(level_, strategy_, window_bits_, memory_level_); return compressor; } + const std::string& statsPrefix() const override { CONSTRUCT_ON_FIRST_USE(std::string, "test."); } + const std::string& contentEncoding() const override { + return Http::CustomHeaders::get().ContentEncodingValues.Gzip; + } + +private: const Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel level_; const Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy strategy_; const int64_t window_bits_; @@ -100,8 +101,10 @@ static Result compressWith(std::vector&& chunks, CompressionP const auto strategy = std::get<1>(params); const auto window_bits = std::get<2>(params); const auto memory_level = std::get<3>(params); - CompressorFilterConfigSharedPtr config = std::make_shared( - compressor, "test.", stats, runtime, "gzip", level, strategy, window_bits, memory_level); + Envoy::Compression::Compressor::CompressorFactoryPtr compressor_factory = + std::make_unique(level, strategy, window_bits, memory_level); + CompressorFilterConfigSharedPtr config = std::make_shared( + compressor, "test.", stats, runtime, std::move(compressor_factory)); ON_CALL(runtime.snapshot_, featureEnabled("test.filter_enabled", 100)) .WillByDefault(Return(true)); @@ -134,11 +137,11 @@ static Result compressWith(std::vector&& chunks, CompressionP } EXPECT_EQ(res.total_uncompressed_bytes, - stats.counterFromString("test.gzip.total_uncompressed_bytes").value()); + stats.counterFromString("test.compressor..test.total_uncompressed_bytes").value()); EXPECT_EQ(res.total_compressed_bytes, - stats.counterFromString("test.gzip.total_compressed_bytes").value()); + stats.counterFromString("test.compressor..test.total_compressed_bytes").value()); - EXPECT_EQ(1U, stats.counterFromString("test.gzip.compressed").value()); + EXPECT_EQ(1U, stats.counterFromString("test.compressor..test.compressed").value()); auto end = std::chrono::high_resolution_clock::now(); const auto elapsed = std::chrono::duration_cast>(end - start); state.SetIterationTime(elapsed.count()); @@ -286,8 +289,7 @@ static void compressChunks1024(benchmark::State& state) { } BENCHMARK(compressChunks1024)->DenseRange(0, 8, 1)->UseManualTime()->Unit(benchmark::kMillisecond); -} // namespace Compressors -} // namespace Common +} // namespace Compressor } // namespace HttpFilters } // namespace Extensions } // namespace Envoy diff --git a/test/extensions/filters/http/compressor/compressor_filter_test.cc b/test/extensions/filters/http/compressor/compressor_filter_test.cc index 7f209da033ef..cefb918c0f21 100644 --- a/test/extensions/filters/http/compressor/compressor_filter_test.cc +++ b/test/extensions/filters/http/compressor/compressor_filter_test.cc @@ -1,8 +1,11 @@ -#include "extensions/filters/http/compressor/compressor_filter.h" +#include "source/extensions/filters/http/compressor/compressor_filter.h" #include "test/mocks/compression/compressor/mocks.h" +#include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/stats/mocks.h" +#include "test/test_common/test_runtime.h" +#include "test/test_common/utility.h" #include "gtest/gtest.h" @@ -13,6 +16,790 @@ namespace Compressor { namespace { using testing::NiceMock; +using testing::Return; + +class TestCompressorFactory : public Envoy::Compression::Compressor::CompressorFactory { +public: + TestCompressorFactory(const std::string& content_encoding) + : content_encoding_(content_encoding) {} + + Envoy::Compression::Compressor::CompressorPtr createCompressor() override { + auto compressor = std::make_unique(); + EXPECT_CALL(*compressor, compress(_, _)).Times(expected_compress_calls_); + return compressor; + } + const std::string& statsPrefix() const override { CONSTRUCT_ON_FIRST_USE(std::string, "test."); } + const std::string& contentEncoding() const override { return content_encoding_; } + + void setExpectedCompressCalls(uint32_t calls) { expected_compress_calls_ = calls; } + +private: + uint32_t expected_compress_calls_{1}; + const std::string content_encoding_; +}; + +class CompressorFilterTest : public testing::Test { +public: + CompressorFilterTest() { + ON_CALL(runtime_.snapshot_, featureEnabled("test.filter_enabled", 100)) + .WillByDefault(Return(true)); + } + + void SetUp() override { + setUpFilter(R"EOF( +{ + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + } + + // CompressorFilterTest Helpers + void setUpFilter(std::string&& json) { + envoy::extensions::filters::http::compressor::v3::Compressor compressor; + TestUtility::loadFromJson(json, compressor); + auto compressor_factory = std::make_unique("test"); + compressor_factory_ = compressor_factory.get(); + config_ = std::make_shared(compressor, "test.", stats_, runtime_, + std::move(compressor_factory)); + filter_ = std::make_unique(config_); + filter_->setDecoderFilterCallbacks(decoder_callbacks_); + filter_->setEncoderFilterCallbacks(encoder_callbacks_); + } + + void verifyCompressedData() { + EXPECT_EQ(expected_str_.length(), + stats_ + .counter(fmt::format("test.compressor.test.test.{}total_uncompressed_bytes", + response_stats_prefix_)) + .value()); + EXPECT_EQ(data_.length(), + stats_ + .counter(fmt::format("test.compressor.test.test.{}total_compressed_bytes", + response_stats_prefix_)) + .value()); + } + + void populateBuffer(uint64_t size) { + data_.drain(data_.length()); + TestUtility::feedBufferWithRandomCharacters(data_, size); + expected_str_ = data_.toString(); + } + + void doRequestCompression(Http::TestRequestHeaderMapImpl&& headers, bool with_trailers) { + doRequest(headers, true, with_trailers); + } + + void doRequestNoCompression(Http::TestRequestHeaderMapImpl&& headers) { + doRequest(headers, false, false); + } + + void doRequest(Http::TestRequestHeaderMapImpl& headers, bool with_compression, + bool with_trailers) { + uint64_t buffer_content_size; + if (!absl::SimpleAtoi(headers.get_("content-length"), &buffer_content_size)) { + buffer_content_size = 5; + } + populateBuffer(buffer_content_size); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, false)); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->decodeData(data_, false)); + if (with_compression) { + if (with_trailers) { + EXPECT_CALL(decoder_callbacks_, addDecodedData(_, true)) + .WillOnce(Invoke([&](Buffer::Instance& data, bool) { data_.move(data); })); + Http::TestRequestTrailerMapImpl trailers; + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(trailers)); + } + EXPECT_EQ( + expected_str_.length(), + stats_.counter("test.compressor.test.test.request.total_uncompressed_bytes").value()); + EXPECT_EQ(data_.length(), + stats_.counter("test.compressor.test.test.request.total_compressed_bytes").value()); + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.request.compressed").value()); + } else { + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.request.not_compressed").value()); + } + } + + void doResponseCompression(Http::TestResponseHeaderMapImpl& headers, bool with_trailers) { + doResponse(headers, true, with_trailers); + } + + void doResponseNoCompression(Http::TestResponseHeaderMapImpl& headers) { + doResponse(headers, false, false); + } + + void doResponse(Http::TestResponseHeaderMapImpl& headers, bool with_compression, + bool with_trailers) { + uint64_t buffer_content_size; + if (!absl::SimpleAtoi(headers.get_("content-length"), &buffer_content_size)) { + buffer_content_size = 1000; + } + populateBuffer(buffer_content_size); + Http::TestResponseHeaderMapImpl continue_headers; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, + filter_->encode100ContinueHeaders(continue_headers)); + Http::MetadataMap metadata_map{{"metadata", "metadata"}}; + EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + + if (with_compression) { + EXPECT_EQ("", headers.get_("content-length")); + EXPECT_EQ("test", headers.get_("content-encoding")); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, !with_trailers)); + if (with_trailers) { + EXPECT_CALL(encoder_callbacks_, addEncodedData(_, true)) + .WillOnce(Invoke([&](Buffer::Instance& data, bool) { data_.move(data); })); + Http::TestResponseTrailerMapImpl trailers; + EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(trailers)); + } + verifyCompressedData(); + EXPECT_EQ(1, stats_ + .counter(fmt::format("test.compressor.test.test.{}compressed", + response_stats_prefix_)) + .value()); + } else { + EXPECT_EQ("", headers.get_("content-encoding")); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); + EXPECT_EQ(1, stats_ + .counter(fmt::format("test.compressor.test.test.{}not_compressed", + response_stats_prefix_)) + .value()); + } + } + + TestCompressorFactory* compressor_factory_; + std::shared_ptr config_; + std::unique_ptr filter_; + Buffer::OwnedImpl data_; + std::string expected_str_; + std::string response_stats_prefix_{}; + Stats::TestUtil::TestStore stats_; + NiceMock runtime_; + NiceMock decoder_callbacks_; + NiceMock encoder_callbacks_; +}; + +// Test if Runtime Feature is Disabled +TEST_F(CompressorFilterTest, DecodeHeadersWithRuntimeDisabled) { + setUpFilter(R"EOF( +{ + "response_direction_config": { + "common_config": { + "enabled": { + "default_value": true, + "runtime_key": "foo_key" + } + } + }, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + response_stats_prefix_ = "response."; + EXPECT_CALL(runtime_.snapshot_, getBoolean("foo_key", true)) + .Times(2) + .WillRepeatedly(Return(false)); + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + doResponseNoCompression(headers); + EXPECT_FALSE(headers.has("vary")); +} + +// Default config values. +TEST_F(CompressorFilterTest, DefaultConfigValues) { + EXPECT_EQ(30, config_->responseDirectionConfig().minimumLength()); + EXPECT_EQ(30, config_->requestDirectionConfig().minimumLength()); + EXPECT_EQ(false, config_->responseDirectionConfig().disableOnEtagHeader()); + EXPECT_EQ(false, config_->responseDirectionConfig().removeAcceptEncodingHeader()); + EXPECT_EQ(18, config_->responseDirectionConfig().contentTypeValues().size()); + EXPECT_EQ(18, config_->requestDirectionConfig().contentTypeValues().size()); +} + +TEST_F(CompressorFilterTest, CompressRequest) { + setUpFilter(R"EOF( +{ + "request_direction_config": {}, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + doRequestCompression({{":method", "post"}, {"content-length", "256"}}, false); + Http::TestResponseHeaderMapImpl headers{{":method", "post"}, {"content-length", "256"}}; + doResponseNoCompression(headers); +} + +TEST_F(CompressorFilterTest, CompressRequestAndResponseNoContentLength) { + setUpFilter(R"EOF( +{ + "request_direction_config": {}, + "response_direction_config": {}, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + response_stats_prefix_ = "response."; + doRequestCompression({{":method", "post"}, {"accept-encoding", "deflate, test"}}, false); + Http::TestResponseHeaderMapImpl headers{{":status", "200"}}; + doResponseCompression(headers, false); +} + +TEST_F(CompressorFilterTest, CompressRequestAndResponseNoContentLengthRuntimeDisabled) { + setUpFilter(R"EOF( +{ + "request_direction_config": {}, + "response_direction_config": {}, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + TestScopedRuntime scoped_runtime; + Runtime::LoaderSingleton::getExisting()->mergeValues( + {{"envoy.reloadable_features.enable_compression_without_content_length_header", "false"}}); + response_stats_prefix_ = "response."; + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); + Http::TestResponseHeaderMapImpl headers{{":status", "200"}}; + doResponseNoCompression(headers); +} + +TEST_F(CompressorFilterTest, CompressRequestWithTrailers) { + setUpFilter(R"EOF( +{ + "request_direction_config": {}, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + compressor_factory_->setExpectedCompressCalls(2); + doRequestCompression({{":method", "post"}, {"content-length", "256"}}, true); + Http::TestResponseHeaderMapImpl headers{{":method", "post"}, {"content-length", "256"}}; + doResponseNoCompression(headers); +} + +// Acceptance Testing with default configuration. +TEST_F(CompressorFilterTest, AcceptanceTestEncoding) { + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); + + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + doResponseCompression(headers, false); +} + +TEST_F(CompressorFilterTest, AcceptanceTestEncodingWithTrailers) { + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "deflate, test"}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + compressor_factory_->setExpectedCompressCalls(2); + doResponseCompression(headers, true); +} + +TEST_F(CompressorFilterTest, NoAcceptEncodingHeader) { + doRequestNoCompression({{":method", "get"}, {}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + doResponseNoCompression(headers); + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.no_accept_header").value()); + EXPECT_EQ("Accept-Encoding", headers.get_("vary")); +} + +TEST_F(CompressorFilterTest, CacheIdentityDecision) { + // check if identity stat is increased twice (the second time via the cached path). + compressor_factory_->setExpectedCompressCalls(0); + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "identity"}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.header_identity").value()); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + EXPECT_EQ(2, stats_.counter("test.compressor.test.test.header_identity").value()); +} + +TEST_F(CompressorFilterTest, CacheHeaderNotValidDecision) { + // check if not_valid stat is increased twice (the second time via the cached path). + compressor_factory_->setExpectedCompressCalls(0); + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test;q=invalid"}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.header_not_valid").value()); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); + EXPECT_EQ(2, stats_.counter("test.compressor.test.test.header_not_valid").value()); +} + +// Content-Encoding: upstream response is already encoded. +TEST_F(CompressorFilterTest, ContentEncodingAlreadyEncoded) { + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); + Http::TestResponseHeaderMapImpl response_headers{ + {":method", "get"}, {"content-length", "256"}, {"content-encoding", "deflate, gzip"}}; + populateBuffer(256); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers, false)); + EXPECT_TRUE(response_headers.has("content-length")); + EXPECT_FALSE(response_headers.has("transfer-encoding")); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); + EXPECT_EQ(1U, stats_.counter("test.compressor.test.test.not_compressed").value()); +} + +// No compression when upstream response is empty. +TEST_F(CompressorFilterTest, EmptyResponse) { + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {":status", "204"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, true)); + EXPECT_EQ("", headers.get_("content-length")); + EXPECT_EQ("", headers.get_("content-encoding")); + EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, true)); +} + +// Verify removeAcceptEncoding header. +TEST_F(CompressorFilterTest, RemoveAcceptEncodingHeader) { + { + Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, test, gzip, br"}}; + setUpFilter(R"EOF( +{ + "remove_accept_encoding_header": true, + "compressor_library": { + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); + EXPECT_FALSE(headers.has("accept-encoding")); + } + { + Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, test, gzip, br"}}; + setUpFilter(R"EOF( +{ + "compressor_library": { + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); + EXPECT_TRUE(headers.has("accept-encoding")); + EXPECT_EQ("deflate, test, gzip, br", headers.get_("accept-encoding")); + } +} + +class IsAcceptEncodingAllowedTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P( + IsAcceptEncodingAllowedTestSuite, IsAcceptEncodingAllowedTest, + testing::Values(std::make_tuple("deflate, test, br", true, 1, 0, 0, 0), + std::make_tuple("deflate, test;q=1.0, *;q=0.5", true, 1, 0, 0, 0), + std::make_tuple("\tdeflate\t, test\t ; q\t =\t 1.0,\t * ;q=0.5", true, 1, 0, 0, + 0), + std::make_tuple("deflate,test;q=1.0,*;q=0", true, 1, 0, 0, 0), + std::make_tuple("deflate, test;q=0.2, br;q=1", true, 1, 0, 0, 0), + std::make_tuple("*", true, 0, 1, 0, 0), + std::make_tuple("*;q=1", true, 0, 1, 0, 0), + std::make_tuple("xyz;q=1, br;q=0.2, *", true, 0, 1, 0, 0), + std::make_tuple("deflate, test;Q=.5, br", true, 1, 0, 0, 0), + std::make_tuple("test;q=0,*;q=1", false, 0, 0, 1, 0), + std::make_tuple("identity, *;q=0", false, 0, 0, 0, 1), + std::make_tuple("identity", false, 0, 0, 0, 1), + std::make_tuple("identity, *;q=0", false, 0, 0, 0, 1), + std::make_tuple("identity;q=1", false, 0, 0, 0, 1), + std::make_tuple("identity;q=0", false, 0, 0, 1, 0), + std::make_tuple("identity;Q=0", false, 0, 0, 1, 0), + std::make_tuple("identity;q=0.5, *;q=0", false, 0, 0, 0, 1), + std::make_tuple("identity;q=0, *;q=0", false, 0, 0, 1, 0), + std::make_tuple("xyz;q=1, br;q=0.2, *;q=0", false, 0, 0, 1, 0), + std::make_tuple("xyz;q=1, br;q=0.2", false, 0, 0, 1, 0), + std::make_tuple("", false, 0, 0, 1, 0), + std::make_tuple("test;q=invalid", false, 0, 0, 1, 0))); + +TEST_P(IsAcceptEncodingAllowedTest, Validate) { + const std::string& accept_encoding = std::get<0>(GetParam()); + const bool is_compression_expected = std::get<1>(GetParam()); + const int compressor_used = std::get<2>(GetParam()); + const int wildcard = std::get<3>(GetParam()); + const int not_valid = std::get<4>(GetParam()); + const int identity = std::get<5>(GetParam()); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", accept_encoding}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + doResponse(headers, is_compression_expected, false); + EXPECT_EQ(compressor_used, + stats_.counter("test.compressor.test.test.header_compressor_used").value()); + EXPECT_EQ(wildcard, stats_.counter("test.compressor.test.test.header_wildcard").value()); + EXPECT_EQ(not_valid, stats_.counter("test.compressor.test.test.header_not_valid").value()); + EXPECT_EQ(identity, stats_.counter("test.compressor.test.test.header_identity").value()); + // Even if compression is disallowed by a client we must let her know the resource is + // compressible. + EXPECT_EQ("Accept-Encoding", headers.get_("vary")); +} + +class IsContentTypeAllowedTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P( + IsContentTypeAllowedTestSuite, IsContentTypeAllowedTest, + testing::Values( + std::make_tuple("text/html", true, false), std::make_tuple("text/xml", true, false), + std::make_tuple("text/plain", true, false), std::make_tuple("text/css", true, false), + std::make_tuple("application/javascript", true, false), + std::make_tuple("application/x-javascript", true, false), + std::make_tuple("text/javascript", true, false), + std::make_tuple("text/x-javascript", true, false), + std::make_tuple("text/ecmascript", true, false), std::make_tuple("text/js", true, false), + std::make_tuple("text/jscript", true, false), std::make_tuple("text/x-js", true, false), + std::make_tuple("application/ecmascript", true, false), + std::make_tuple("application/x-json", true, false), + std::make_tuple("application/xml", true, false), + std::make_tuple("application/json", true, false), + std::make_tuple("image/svg+xml", true, false), + std::make_tuple("application/xhtml+xml", true, false), + std::make_tuple("application/json;charset=utf-8", true, false), + std::make_tuple("Application/XHTML+XML", true, false), + std::make_tuple("\ttext/html\t", true, false), std::make_tuple("image/jpeg", false, false), + std::make_tuple("xyz/svg+xml", true, true), std::make_tuple("xyz/false", false, true), + std::make_tuple("image/jpeg", false, true), + std::make_tuple("test/insensitive", true, true))); + +TEST_P(IsContentTypeAllowedTest, Validate) { + const std::string& content_type = std::get<0>(GetParam()); + const bool should_compress = std::get<1>(GetParam()); + const bool is_custom_config = std::get<2>(GetParam()); + + if (is_custom_config) { + setUpFilter(R"EOF( + { + "content_type": [ + "text/html", + "xyz/svg+xml", + "Test/INSENSITIVE" + ], + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } + } + )EOF"); + } + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {"content-type", content_type}}; + doResponse(headers, should_compress, false); + EXPECT_EQ(should_compress ? 0 : 1, + stats_.counter("test.compressor.test.test.header_not_valid").value()); + EXPECT_EQ(should_compress, headers.has("vary")); +} + +class CompressWithEtagTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P( + CompressWithEtagSuite, CompressWithEtagTest, + testing::Values(std::make_tuple("etag", R"EOF(W/"686897696a7c876b7e")EOF", true), + std::make_tuple("etag", R"EOF(w/"686897696a7c876b7e")EOF", true), + std::make_tuple("etag", "686897696a7c876b7e", false), + std::make_tuple("x-garbage", "garbagevalue", false))); + +TEST_P(CompressWithEtagTest, CompressionIsEnabledOnEtag) { + const std::string& header_name = std::get<0>(GetParam()); + const std::string& header_value = std::get<1>(GetParam()); + const bool is_weak_etag = std::get<2>(GetParam()); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; + doResponseCompression(headers, false); + EXPECT_EQ(0, stats_.counter("test.test.not_compressed_etag").value()); + EXPECT_EQ("test", headers.get_("content-encoding")); + if (is_weak_etag) { + EXPECT_EQ(header_value, headers.get_("etag")); + } else { + EXPECT_FALSE(headers.has("etag")); + } +} + +TEST_P(CompressWithEtagTest, CompressionIsDisabledOnEtag) { + const std::string& header_name = std::get<0>(GetParam()); + const std::string& header_value = std::get<1>(GetParam()); + + setUpFilter(R"EOF( +{ + "disable_on_etag_header": true, + "compressor_library": { + "name": "test", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF"); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; + if (StringUtil::CaseInsensitiveCompare()("etag", header_name)) { + doResponseNoCompression(headers); + EXPECT_EQ(1, stats_.counter("test.compressor.test.test.not_compressed_etag").value()); + EXPECT_FALSE(headers.has("vary")); + EXPECT_TRUE(headers.has("etag")); + } else { + doResponseCompression(headers, false); + EXPECT_EQ(0, stats_.counter("test.compressor.test.test.not_compressed_etag").value()); + EXPECT_EQ("test", headers.get_("content-encoding")); + EXPECT_TRUE(headers.has("vary")); + EXPECT_FALSE(headers.has("etag")); + } +} + +class HasCacheControlNoTransformTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P(HasCacheControlNoTransformTestSuite, HasCacheControlNoTransformTest, + testing::Values(std::make_tuple("no-cache", true), + std::make_tuple("no-transform", false), + std::make_tuple("No-Transform", false))); + +TEST_P(HasCacheControlNoTransformTest, Validate) { + const std::string& cache_control = std::get<0>(GetParam()); + const bool is_compression_expected = std::get<1>(GetParam()); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {"cache-control", cache_control}}; + doResponse(headers, is_compression_expected, false); + EXPECT_EQ(is_compression_expected, headers.has("vary")); +} + +class IsMinimumContentLengthTest + : public CompressorFilterTest, + public testing::WithParamInterface> { +}; + +INSTANTIATE_TEST_SUITE_P( + IsMinimumContentLengthTestSuite, IsMinimumContentLengthTest, + testing::Values(std::make_tuple("content-length", "31", "", true), + std::make_tuple("content-length", "29", "", false), + std::make_tuple("", "", "\"content_length\": 500,", true), + std::make_tuple("content-length", "501", "\"content_length\": 500,", true), + std::make_tuple("content-length", "499", "\"content_length\": 500,", false))); + +TEST_P(IsMinimumContentLengthTest, Validate) { + const std::string& header_name = std::get<0>(GetParam()); + const std::string& header_value = std::get<1>(GetParam()); + const std::string& content_length_config = std::get<2>(GetParam()); + const bool is_compression_expected = std::get<3>(GetParam()); + + setUpFilter(fmt::format(R"EOF( +{{ + {} + "compressor_library": {{ + "name": "test", + "typed_config": {{ + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + }} + }} +}} +)EOF", + content_length_config)); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test, deflate"}}); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {header_name, header_value}}; + doResponse(headers, is_compression_expected, false); + EXPECT_EQ(is_compression_expected, headers.has("vary")); +} + +class IsTransferEncodingAllowedTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P( + IsTransferEncodingAllowedSuite, IsTransferEncodingAllowedTest, + testing::Values(std::make_tuple("transfer-encoding", "deflate", false), + std::make_tuple("transfer-encoding", "Deflate", false), + std::make_tuple("transfer-encoding", "test", false), + std::make_tuple("transfer-encoding", "chunked, test", false), + std::make_tuple("transfer-encoding", "test, chunked", false), + std::make_tuple("transfer-encoding", "test\t, chunked\t", false), + std::make_tuple("x-garbage", "no_value", true))); + +TEST_P(IsTransferEncodingAllowedTest, Validate) { + const std::string& header_name = std::get<0>(GetParam()); + const std::string& header_value = std::get<1>(GetParam()); + const bool is_compression_expected = std::get<2>(GetParam()); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; + doResponse(headers, is_compression_expected, false); + EXPECT_EQ("Accept-Encoding", headers.get_("vary")); +} + +class InsertVaryHeaderTest + : public CompressorFilterTest, + public testing::WithParamInterface> {}; + +INSTANTIATE_TEST_SUITE_P( + InsertVaryHeaderTestSuite, InsertVaryHeaderTest, + testing::Values(std::make_tuple("x-garbage", "Cookie", "Accept-Encoding"), + std::make_tuple("vary", "Cookie", "Cookie, Accept-Encoding"), + std::make_tuple("vary", "accept-encoding", "accept-encoding, Accept-Encoding"), + std::make_tuple("vary", "Accept-Encoding, Cookie", "Accept-Encoding, Cookie"), + std::make_tuple("vary", "User-Agent, Cookie", + "User-Agent, Cookie, Accept-Encoding"), + std::make_tuple("vary", "Accept-Encoding", "Accept-Encoding"))); + +TEST_P(InsertVaryHeaderTest, Validate) { + const std::string& header_name = std::get<0>(GetParam()); + const std::string& header_value = std::get<1>(GetParam()); + const std::string& expected = std::get<2>(GetParam()); + + doRequestNoCompression({{":method", "get"}, {"accept-encoding", "test"}}); + Http::TestResponseHeaderMapImpl headers{ + {":method", "get"}, {"content-length", "256"}, {header_name, header_value}}; + doResponseCompression(headers, false); + EXPECT_EQ(expected, headers.get_("vary")); +} + +class MultipleFiltersTest : public testing::Test { +protected: + void SetUp() override { + envoy::extensions::filters::http::compressor::v3::Compressor compressor; + TestUtility::loadFromJson(R"EOF( +{ + "compressor_library": { + "name": "test1", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF", + compressor); + auto compressor_factory1 = std::make_unique("test1"); + compressor_factory1->setExpectedCompressCalls(0); + auto config1 = std::make_shared(compressor, "test1.", stats1_, runtime_, + std::move(compressor_factory1)); + filter1_ = std::make_unique(config1); + + TestUtility::loadFromJson(R"EOF( +{ + "compressor_library": { + "name": "test2", + "typed_config": { + "@type": "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip" + } + } +} +)EOF", + compressor); + auto compressor_factory2 = std::make_unique("test2"); + compressor_factory2->setExpectedCompressCalls(0); + auto config2 = std::make_shared(compressor, "test2.", stats2_, runtime_, + std::move(compressor_factory2)); + filter2_ = std::make_unique(config2); + } + + NiceMock runtime_; + Stats::TestUtil::TestStore stats1_; + Stats::TestUtil::TestStore stats2_; + std::unique_ptr filter1_; + std::unique_ptr filter2_; +}; + +TEST_F(MultipleFiltersTest, IndependentFilters) { + // The compressor "test1" from an independent filter chain should not overshadow "test2". + // The independence is simulated with different instances of DecoderFilterCallbacks set for + // "test1" and "test2". + NiceMock decoder_callbacks1; + filter1_->setDecoderFilterCallbacks(decoder_callbacks1); + NiceMock decoder_callbacks2; + filter2_->setDecoderFilterCallbacks(decoder_callbacks2); + + Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, + {"accept-encoding", "test1;Q=.5,test2;q=0.75"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); + Http::TestResponseHeaderMapImpl headers1{{":method", "get"}, {"content-length", "256"}}; + Http::TestResponseHeaderMapImpl headers2{{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers1, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers2, false)); + EXPECT_EQ(0, + stats1_.counter("test1.compressor.test1.test.header_compressor_overshadowed").value()); + EXPECT_EQ(0, + stats2_.counter("test2.compressor.test2.test.header_compressor_overshadowed").value()); + EXPECT_EQ(1, stats1_.counter("test1.compressor.test1.test.compressed").value()); + EXPECT_EQ(1, stats1_.counter("test1.compressor.test1.test.header_compressor_used").value()); + EXPECT_EQ(1, stats2_.counter("test2.compressor.test2.test.compressed").value()); + EXPECT_EQ(1, stats2_.counter("test2.compressor.test2.test.header_compressor_used").value()); +} + +TEST_F(MultipleFiltersTest, CacheEncodingDecision) { + // Test that encoding decision is cached when used by multiple filters. + NiceMock decoder_callbacks; + filter1_->setDecoderFilterCallbacks(decoder_callbacks); + filter2_->setDecoderFilterCallbacks(decoder_callbacks); + + Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, + {"accept-encoding", "test1;Q=.5,test2;q=0.75"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); + Http::TestResponseHeaderMapImpl headers{{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers, false)); + EXPECT_EQ(1, + stats1_.counter("test1.compressor.test1.test.header_compressor_overshadowed").value()); + EXPECT_EQ(1, stats2_.counter("test2.compressor.test2.test.header_compressor_used").value()); + // Reset headers as content-length got removed by filter2. + headers = {{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers, false)); + EXPECT_EQ(2, + stats1_.counter("test1.compressor.test1.test.header_compressor_overshadowed").value()); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers, false)); + EXPECT_EQ(2, stats2_.counter("test2.compressor.test2.test.header_compressor_used").value()); +} + +TEST_F(MultipleFiltersTest, UseFirstRegisteredFilterWhenWildcard) { + // Test that first registered filter is used when handling wildcard. + NiceMock decoder_callbacks; + filter1_->setDecoderFilterCallbacks(decoder_callbacks); + filter2_->setDecoderFilterCallbacks(decoder_callbacks); + + Http::TestRequestHeaderMapImpl req_headers{{":method", "get"}, {"accept-encoding", "*"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->decodeHeaders(req_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->decodeHeaders(req_headers, false)); + Http::TestResponseHeaderMapImpl headers1{{":method", "get"}, {"content-length", "256"}}; + Http::TestResponseHeaderMapImpl headers2{{":method", "get"}, {"content-length", "256"}}; + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter1_->encodeHeaders(headers1, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter2_->encodeHeaders(headers2, false)); + EXPECT_EQ(1, stats1_.counter("test1.compressor.test1.test.compressed").value()); + EXPECT_EQ(0, stats2_.counter("test2.compressor.test2.test.compressed").value()); + EXPECT_EQ(1, stats1_.counter("test1.compressor.test1.test.header_wildcard").value()); + EXPECT_EQ(1, stats2_.counter("test2.compressor.test2.test.header_wildcard").value()); +} TEST(CompressorFilterConfigTests, MakeCompressorTest) { const envoy::extensions::filters::http::compressor::v3::Compressor compressor_cfg; diff --git a/test/extensions/filters/http/common/compressor/compressor_integration_tests.cc b/test/extensions/filters/http/compressor/compressor_integration_tests.cc similarity index 96% rename from test/extensions/filters/http/common/compressor/compressor_integration_tests.cc rename to test/extensions/filters/http/compressor/compressor_integration_tests.cc index 1ee14acf3cd4..e15001246962 100644 --- a/test/extensions/filters/http/common/compressor/compressor_integration_tests.cc +++ b/test/extensions/filters/http/compressor/compressor_integration_tests.cc @@ -1,12 +1,12 @@ -#include "test/extensions/filters/http/common/compressor/compressor_integration_tests.h" +#include "test/extensions/filters/http/compressor/compressor_integration_tests.h" #include #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/utility.h" #include "test/integration/utility.h" #include "test/test_common/network_utility.h" @@ -129,7 +129,7 @@ ConfigHelper::HttpModifierFunction setRouteUsingWebsocket() { } void WebsocketWithCompressorIntegrationTest::initialize() { - if (upstreamProtocol() != FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() != Http::CodecType::HTTP1) { config_helper_.addConfigModifier( [&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { ConfigHelper::HttpProtocolOptions protocol_options; @@ -140,7 +140,7 @@ void WebsocketWithCompressorIntegrationTest::initialize() { *bootstrap.mutable_static_resources()->mutable_clusters(0), protocol_options); }); } - if (downstreamProtocol() != Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() != Http::CodecType::HTTP1) { config_helper_.addConfigModifier( [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& hcm) -> void { hcm.mutable_http2_protocol_options()->set_allow_connect(true); }); @@ -205,7 +205,7 @@ TEST_P(WebsocketWithCompressorIntegrationTest, NonWebsocketUpgrade) { performUpgrade(upgradeRequestHeaders("foo", 0), upgradeResponseHeaders("foo")); sendBidirectionalData(); codec_client_->sendData(*request_encoder_, "bye!", false); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { codec_client_->close(); } else { codec_client_->sendReset(*request_encoder_); @@ -268,7 +268,7 @@ TEST_P(CompressorProxyingConnectIntegrationTest, ProxyConnect) { RELEASE_ASSERT(result, result.message()); ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Method)[0]->value(), "CONNECT"); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { EXPECT_TRUE(upstream_request_->headers().get(Http::Headers::get().Protocol).empty()); } else { EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Protocol)[0]->value(), diff --git a/test/extensions/filters/http/common/compressor/compressor_integration_tests.h b/test/extensions/filters/http/compressor/compressor_integration_tests.h similarity index 96% rename from test/extensions/filters/http/common/compressor/compressor_integration_tests.h rename to test/extensions/filters/http/compressor/compressor_integration_tests.h index 43bd52e50d74..38d82c04dc58 100644 --- a/test/extensions/filters/http/common/compressor/compressor_integration_tests.h +++ b/test/extensions/filters/http/compressor/compressor_integration_tests.h @@ -28,7 +28,7 @@ class WebsocketWithCompressorIntegrationTest : public HttpProtocolIntegrationTes ABSL_MUST_USE_RESULT testing::AssertionResult waitForUpstreamDisconnectOrReset() { - if (upstreamProtocol() != FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() != Http::CodecType::HTTP1) { return upstream_request_->waitForReset(); } else { return fake_upstream_connection_->waitForDisconnect(); diff --git a/test/extensions/filters/http/compressor/config_test.cc b/test/extensions/filters/http/compressor/config_test.cc index aec2806eb9b3..84e9d5a3cc38 100644 --- a/test/extensions/filters/http/compressor/config_test.cc +++ b/test/extensions/filters/http/compressor/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/compressor/config.h" +#include "source/extensions/filters/http/compressor/config.h" #include "test/extensions/filters/http/compressor/mock_compressor_library.pb.h" #include "test/mocks/server/factory_context.h" @@ -15,15 +15,6 @@ using testing::NiceMock; const ::test::mock_compressor_library::Unregistered _mock_compressor_library_dummy; -TEST(CompressorFilterFactoryTests, MissingCompressorLibraryConfig) { - const envoy::extensions::filters::http::compressor::v3::Compressor proto_config; - CompressorFilterFactory factory; - NiceMock context; - EXPECT_THROW_WITH_MESSAGE(factory.createFilterFactoryFromProto(proto_config, "stats", context), - EnvoyException, - "Compressor filter doesn't have compressor_library defined"); -} - TEST(CompressorFilterFactoryTests, UnregisteredCompressorLibraryConfig) { const std::string yaml_string = R"EOF( compressor_library: diff --git a/test/extensions/filters/http/cors/cors_filter_integration_test.cc b/test/extensions/filters/http/cors/cors_filter_integration_test.cc index 3c68502dfdb9..77a0522b4bed 100644 --- a/test/extensions/filters/http/cors/cors_filter_integration_test.cc +++ b/test/extensions/filters/http/cors/cors_filter_integration_test.cc @@ -11,7 +11,7 @@ namespace Envoy { class CorsFilterIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - CorsFilterIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + CorsFilterIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { config_helper_.addFilter("name: envoy.filters.http.cors"); @@ -22,7 +22,9 @@ class CorsFilterIntegrationTest : public testing::TestWithParammutable_virtual_hosts(0); { auto* cors = virtual_host->mutable_cors(); - cors->add_hidden_envoy_deprecated_allow_origin("*"); + auto* regex = cors->add_allow_origin_string_match()->mutable_safe_regex(); + regex->mutable_google_re2(); + regex->set_regex(".*"); cors->set_allow_headers("content-type,x-grpc-web"); cors->set_allow_methods("GET,POST"); } @@ -48,21 +50,19 @@ class CorsFilterIntegrationTest : public testing::TestWithParammutable_match()->set_prefix("/cors-route-config"); route->mutable_route()->set_cluster("cluster_0"); auto* cors = route->mutable_route()->mutable_cors(); - cors->add_hidden_envoy_deprecated_allow_origin("test-origin-1"); - cors->add_hidden_envoy_deprecated_allow_origin("test-host-2"); + cors->add_allow_origin_string_match()->set_exact("test-origin-1"); + cors->add_allow_origin_string_match()->set_exact("test-host-2"); cors->set_allow_headers("content-type"); cors->set_allow_methods("POST"); cors->set_max_age("100"); } { - // TODO(mattklein123): When deprecated config is removed, remove DEPRECATED_FEATURE_TEST - // from all tests below. auto* route = virtual_host->add_routes(); route->mutable_match()->set_prefix("/cors-credentials-allowed"); route->mutable_route()->set_cluster("cluster_0"); auto* cors = route->mutable_route()->mutable_cors(); - cors->add_hidden_envoy_deprecated_allow_origin("test-origin-1"); + cors->add_allow_origin_string_match()->set_exact("test-origin-1"); cors->mutable_allow_credentials()->set_value(true); } @@ -82,13 +82,10 @@ class CorsFilterIntegrationTest : public testing::TestWithParammutable_match()->set_prefix("/cors-expose-headers"); route->mutable_route()->set_cluster("cluster_0"); auto* cors = route->mutable_route()->mutable_cors(); - cors->add_hidden_envoy_deprecated_allow_origin("test-origin-1"); + cors->add_allow_origin_string_match()->set_exact("test-origin-1"); cors->set_expose_headers("custom-header-1,custom-header-2"); } }); - config_helper_.addRuntimeOverride("envoy.deprecated_features:envoy.config.route.v3.CorsPolicy." - "hidden_envoy_deprecated_allow_origin", - "true"); HttpIntegrationTest::initialize(); } @@ -125,10 +122,7 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, CorsFilterIntegrationTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestVHostConfigSuccess)) { - config_helper_.addRuntimeOverride("envoy.deprecated_features:envoy.config.route.v3." - "CorsPolicy.hidden_envoy_deprecated_enabled", - "true"); +TEST_P(CorsFilterIntegrationTest, TestVHostConfigSuccess) { testPreflight( Http::TestRequestHeaderMapImpl{ {":method", "OPTIONS"}, @@ -148,7 +142,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestVHostConfigSuccess }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestRouteConfigSuccess)) { +TEST_P(CorsFilterIntegrationTest, TestRouteConfigSuccess) { testPreflight( Http::TestRequestHeaderMapImpl{ {":method", "OPTIONS"}, @@ -169,10 +163,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestRouteConfigSuccess }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestRouteConfigBadOrigin)) { - config_helper_.addRuntimeOverride("envoy.deprecated_features:envoy.config.route.v3." - "CorsPolicy.hidden_envoy_deprecated_enabled", - "true"); +TEST_P(CorsFilterIntegrationTest, TestRouteConfigBadOrigin) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "OPTIONS"}, @@ -189,7 +180,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestRouteConfigBadOrig }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestCorsDisabled)) { +TEST_P(CorsFilterIntegrationTest, TestCorsDisabled) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "OPTIONS"}, @@ -206,41 +197,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestCorsDisabled)) { }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestLegacyCorsDisabled)) { - config_helper_.addRuntimeOverride("envoy.deprecated_features:envoy.config.route.v3." - "CorsPolicy.hidden_envoy_deprecated_enabled", - "true"); - - config_helper_.addConfigModifier( - [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& - hcm) -> void { - auto* route_config = hcm.mutable_route_config(); - auto* virtual_host = route_config->mutable_virtual_hosts(0); - auto* route = virtual_host->add_routes(); - route->mutable_match()->set_prefix("/legacy-no-cors"); - route->mutable_route()->set_cluster("cluster_0"); - route->mutable_route() - ->mutable_cors() - ->mutable_hidden_envoy_deprecated_enabled() - ->set_value(false); - }); - testNormalRequest( - Http::TestRequestHeaderMapImpl{ - {":method", "OPTIONS"}, - {":path", "/legacy-no-cors/test"}, - {":scheme", "http"}, - {":authority", "test-host"}, - {"access-control-request-method", "GET"}, - {"origin", "test-origin"}, - }, - Http::TestResponseHeaderMapImpl{ - {"server", "envoy"}, - {"content-length", "0"}, - {":status", "200"}, - }); -} - -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestEncodeHeaders)) { +TEST_P(CorsFilterIntegrationTest, TestEncodeHeaders) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "GET"}, @@ -257,7 +214,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestEncodeHeaders)) { }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestEncodeHeadersCredentialsAllowed)) { +TEST_P(CorsFilterIntegrationTest, TestEncodeHeadersCredentialsAllowed) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "GET"}, @@ -275,7 +232,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestEncodeHeadersCrede }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestAllowedOriginRegex)) { +TEST_P(CorsFilterIntegrationTest, TestAllowedOriginRegex) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "GET"}, @@ -293,7 +250,7 @@ TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestAllowedOriginRegex }); } -TEST_P(CorsFilterIntegrationTest, DEPRECATED_FEATURE_TEST(TestExposeHeaders)) { +TEST_P(CorsFilterIntegrationTest, TestExposeHeaders) { testNormalRequest( Http::TestRequestHeaderMapImpl{ {":method", "GET"}, diff --git a/test/extensions/filters/http/cors/cors_filter_test.cc b/test/extensions/filters/http/cors/cors_filter_test.cc index 1c49f88eed1b..116b45c00ae2 100644 --- a/test/extensions/filters/http/cors/cors_filter_test.cc +++ b/test/extensions/filters/http/cors/cors_filter_test.cc @@ -1,9 +1,8 @@ #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/matchers.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/cors/cors_filter.h" +#include "source/common/common/matchers.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/cors/cors_filter.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/http/mocks.h" @@ -31,7 +30,7 @@ Matchers::StringMatcherPtr makeExactStringMatcher(const std::string& exact_match Matchers::StringMatcherPtr makeStdRegexStringMatcher(const std::string& regex) { envoy::type::matcher::v3::StringMatcher config; - config.set_hidden_envoy_deprecated_regex(regex); + config.MergeFrom(TestUtility::createRegexMatcher(regex)); return std::make_unique(config); } diff --git a/test/extensions/filters/http/csrf/csrf_filter_test.cc b/test/extensions/filters/http/csrf/csrf_filter_test.cc index c2e864d40ad1..0db5cd8376fe 100644 --- a/test/extensions/filters/http/csrf/csrf_filter_test.cc +++ b/test/extensions/filters/http/csrf/csrf_filter_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/http/csrf/v3/csrf.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/csrf/csrf_filter.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/csrf/csrf_filter.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/http/mocks.h" @@ -42,7 +41,7 @@ class CsrfFilterTest : public testing::Test { add_exact_origin->set_exact("additionalhost"); const auto& add_regex_origin = policy.mutable_additional_origins()->Add(); - add_regex_origin->set_hidden_envoy_deprecated_regex(R"(www\-[0-9]\.allow\.com)"); + add_regex_origin->MergeFrom(TestUtility::createRegexMatcher(R"(www\-[0-9]\.allow\.com)")); return std::make_shared(policy, "test", stats_, runtime_); } diff --git a/test/extensions/filters/http/decompressor/BUILD b/test/extensions/filters/http/decompressor/BUILD index 6b3f30da4c99..4576a5298f87 100644 --- a/test/extensions/filters/http/decompressor/BUILD +++ b/test/extensions/filters/http/decompressor/BUILD @@ -19,7 +19,6 @@ envoy_extension_cc_test( "//source/common/http:headers_lib", "//source/common/protobuf:utility_lib", "//source/extensions/compression/gzip/decompressor:config", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/decompressor:config", "//test/mocks/compression/decompressor:decompressor_mocks", "//test/mocks/http:http_mocks", diff --git a/test/extensions/filters/http/decompressor/decompressor_filter_integration_test.cc b/test/extensions/filters/http/decompressor/decompressor_filter_integration_test.cc index 4f9b4f8a011d..30c6f5117ee7 100644 --- a/test/extensions/filters/http/decompressor/decompressor_filter_integration_test.cc +++ b/test/extensions/filters/http/decompressor/decompressor_filter_integration_test.cc @@ -1,6 +1,6 @@ #include "envoy/event/timer.h" -#include "extensions/compression/gzip/compressor/config.h" +#include "source/extensions/compression/gzip/compressor/config.h" #include "test/integration/http_integration.h" #include "test/mocks/server/factory_context.h" @@ -14,7 +14,7 @@ namespace Envoy { class DecompressorIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - DecompressorIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) { + DecompressorIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) { Extensions::Compression::Gzip::Compressor::GzipCompressorLibraryFactory compressor_library_factory; envoy::extensions::compression::gzip::compressor::v3::Gzip factory_config; @@ -29,7 +29,7 @@ class DecompressorIntegrationTest : public testing::TestWithParamcluster_type_ = cluster_type; // Configure max pending to 1 so we can test circuit breaking. @@ -262,7 +260,7 @@ TEST_F(ProxyFilterTest, NoClusterType) { // Cluster that isn't a dynamic forward proxy cluster TEST_F(ProxyFilterTest, NonDynamicForwardProxy) { CustomClusterType cluster_type; - cluster_type.set_name(Envoy::Extensions::Clusters::ClusterTypes::get().Static); + cluster_type.set_name("envoy.cluster.static"); cm_.thread_local_cluster_.cluster_.info_->cluster_type_ = cluster_type; InSequence s; @@ -289,7 +287,7 @@ TEST_F(ProxyFilterTest, HostRewrite) { Extensions::Common::DynamicForwardProxy::MockLoadDnsCacheEntryHandle* handle = new Extensions::Common::DynamicForwardProxy::MockLoadDnsCacheEntryHandle(); EXPECT_CALL(callbacks_.route_->route_entry_, - perFilterConfig(HttpFilterNames::get().DynamicForwardProxy)) + perFilterConfig("envoy.filters.http.dynamic_forward_proxy")) .WillOnce(Return(&config)); EXPECT_CALL(*dns_cache_manager_->dns_cache_, loadDnsCacheEntry_(Eq("bar"), 80, _)) .WillOnce(Return( @@ -318,7 +316,7 @@ TEST_F(ProxyFilterTest, HostRewriteViaHeader) { Extensions::Common::DynamicForwardProxy::MockLoadDnsCacheEntryHandle* handle = new Extensions::Common::DynamicForwardProxy::MockLoadDnsCacheEntryHandle(); EXPECT_CALL(callbacks_.route_->route_entry_, - perFilterConfig(HttpFilterNames::get().DynamicForwardProxy)) + perFilterConfig("envoy.filters.http.dynamic_forward_proxy")) .WillOnce(Return(&config)); EXPECT_CALL(*dns_cache_manager_->dns_cache_, loadDnsCacheEntry_(Eq("bar:82"), 80, _)) .WillOnce(Return( diff --git a/test/extensions/filters/http/dynamo/config_test.cc b/test/extensions/filters/http/dynamo/config_test.cc index e1ed56fbcb8a..aca5c3a77654 100644 --- a/test/extensions/filters/http/dynamo/config_test.cc +++ b/test/extensions/filters/http/dynamo/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.h" #include "envoy/extensions/filters/http/dynamo/v3/dynamo.pb.validate.h" -#include "extensions/filters/http/dynamo/config.h" +#include "source/extensions/filters/http/dynamo/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/dynamo/dynamo_filter_test.cc b/test/extensions/filters/http/dynamo/dynamo_filter_test.cc index 7519814552c6..612537e8c157 100644 --- a/test/extensions/filters/http/dynamo/dynamo_filter_test.cc +++ b/test/extensions/filters/http/dynamo/dynamo_filter_test.cc @@ -1,10 +1,9 @@ #include #include -#include "common/buffer/buffer_impl.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/dynamo/dynamo_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/dynamo/dynamo_filter.h" #include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/filters/http/dynamo/dynamo_request_parser_test.cc b/test/extensions/filters/http/dynamo/dynamo_request_parser_test.cc index 69d616ddebc6..eb215ad9b841 100644 --- a/test/extensions/filters/http/dynamo/dynamo_request_parser_test.cc +++ b/test/extensions/filters/http/dynamo/dynamo_request_parser_test.cc @@ -1,10 +1,9 @@ #include #include -#include "common/http/header_map_impl.h" -#include "common/json/json_loader.h" - -#include "extensions/filters/http/dynamo/dynamo_request_parser.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/json/json_loader.h" +#include "source/extensions/filters/http/dynamo/dynamo_request_parser.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/dynamo/dynamo_stats_test.cc b/test/extensions/filters/http/dynamo/dynamo_stats_test.cc index d479f4a1092f..f8fbc1c1a4c7 100644 --- a/test/extensions/filters/http/dynamo/dynamo_stats_test.cc +++ b/test/extensions/filters/http/dynamo/dynamo_stats_test.cc @@ -1,6 +1,6 @@ #include -#include "extensions/filters/http/dynamo/dynamo_stats.h" +#include "source/extensions/filters/http/dynamo/dynamo_stats.h" #include "test/mocks/stats/mocks.h" diff --git a/test/extensions/filters/http/ext_authz/BUILD b/test/extensions/filters/http/ext_authz/BUILD index 65ea7d623b81..68483ff45ba7 100644 --- a/test/extensions/filters/http/ext_authz/BUILD +++ b/test/extensions/filters/http/ext_authz/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["ext_authz_test.cc"], extension_name = "envoy.filters.http.ext_authz", deps = [ - "//include/envoy/http:codes_interface", + "//envoy/http:codes_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:context_lib", diff --git a/test/extensions/filters/http/ext_authz/config_test.cc b/test/extensions/filters/http/ext_authz/config_test.cc index 2204f4985327..34605409d7a2 100644 --- a/test/extensions/filters/http/ext_authz/config_test.cc +++ b/test/extensions/filters/http/ext_authz/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/stats/scope.h" -#include "extensions/filters/http/ext_authz/config.h" +#include "source/extensions/filters/http/ext_authz/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/test_runtime.h" diff --git a/test/extensions/filters/http/ext_authz/ext_authz_integration_test.cc b/test/extensions/filters/http/ext_authz/ext_authz_integration_test.cc index b4df06d4cfe4..f4cb97e637d8 100644 --- a/test/extensions/filters/http/ext_authz/ext_authz_integration_test.cc +++ b/test/extensions/filters/http/ext_authz/ext_authz_integration_test.cc @@ -3,9 +3,7 @@ #include "envoy/extensions/filters/http/ext_authz/v3/ext_authz.pb.h" #include "envoy/service/auth/v3/external_auth.pb.h" -#include "common/common/macros.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/macros.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -26,12 +24,11 @@ using Headers = std::vector>; class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - ExtAuthzGrpcIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + ExtAuthzGrpcIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initializeConfig(bool disable_with_metadata = false) { @@ -63,7 +60,7 @@ class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationP proto_config_.set_transport_api_version(apiVersion()); envoy::config::listener::v3::Filter ext_authz_filter; - ext_authz_filter.set_name(Extensions::HttpFilters::HttpFilterNames::get().ExtAuthorization); + ext_authz_filter.set_name("envoy.filters.http.ext_authz"); ext_authz_filter.mutable_typed_config()->PackFrom(proto_config_); config_helper_.addFilter(MessageUtil::getJsonStringFromMessageOrDie(ext_authz_filter)); }); @@ -317,9 +314,9 @@ class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationP cleanupUpstreamAndDownstream(); } - const std::string expectedCheckRequest(Http::CodecClient::Type downstream_protocol) { + const std::string expectedCheckRequest(Http::CodecType downstream_protocol) { const std::string expected_downstream_protocol = - downstream_protocol == Http::CodecClient::Type::HTTP1 ? "HTTP/1.1" : "HTTP/2"; + downstream_protocol == Http::CodecType::HTTP1 ? "HTTP/1.1" : "HTTP/2"; constexpr absl::string_view expected_format = R"EOF( attributes: request: @@ -336,17 +333,15 @@ class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationP expected_downstream_protocol); } - void expectCheckRequestWithBody(Http::CodecClient::Type downstream_protocol, - uint64_t request_size) { + void expectCheckRequestWithBody(Http::CodecType downstream_protocol, uint64_t request_size) { expectCheckRequestWithBodyWithHeaders(downstream_protocol, request_size, Headers{}, Headers{}, Headers{}, Http::TestRequestHeaderMapImpl{}, Http::TestRequestHeaderMapImpl{}); } void expectCheckRequestWithBodyWithHeaders( - Http::CodecClient::Type downstream_protocol, uint64_t request_size, - const Headers& headers_to_add, const Headers& headers_to_append, - const Headers& headers_to_remove, + Http::CodecType downstream_protocol, uint64_t request_size, const Headers& headers_to_add, + const Headers& headers_to_append, const Headers& headers_to_remove, const Http::TestRequestHeaderMapImpl& new_headers_from_upstream, const Http::TestRequestHeaderMapImpl& headers_to_append_multiple) { initializeConfig(); @@ -379,7 +374,7 @@ class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationP const std::string& expected_status) { initializeConfig(disable_with_metadata); setDenyAtDisableRuntimeConfig(deny_at_disable, disable_with_metadata); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); initiateClientConnection(4); if (!deny_at_disable) { @@ -406,11 +401,11 @@ class ExtAuthzGrpcIntegrationTest : public Grpc::VersionedGrpcClientIntegrationP class ExtAuthzHttpIntegrationTest : public HttpIntegrationTest, public TestWithParam { public: - ExtAuthzHttpIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + ExtAuthzHttpIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); } // By default, HTTP Service uses case sensitive string matcher. @@ -476,7 +471,7 @@ class ExtAuthzHttpIntegrationTest : public HttpIntegrationTest, TestUtility::loadFromYaml(default_config_, proto_config_); envoy::config::listener::v3::Filter ext_authz_filter; - ext_authz_filter.set_name(Extensions::HttpFilters::HttpFilterNames::get().ExtAuthorization); + ext_authz_filter.set_name("envoy.filters.http.ext_authz"); ext_authz_filter.mutable_typed_config()->PackFrom(proto_config_); config_helper_.addFilter(MessageUtil::getJsonStringFromMessageOrDie(ext_authz_filter)); @@ -580,28 +575,28 @@ INSTANTIATE_TEST_SUITE_P(IpVersionsCientType, ExtAuthzGrpcIntegrationTest, // HTTP/1.1. TEST_P(ExtAuthzGrpcIntegrationTest, HTTP1DownstreamRequestWithBody) { XDS_DEPRECATED_FEATURE_TEST_SKIP; - expectCheckRequestWithBody(Http::CodecClient::Type::HTTP1, 4); + expectCheckRequestWithBody(Http::CodecType::HTTP1, 4); } // Verifies that the request body is included in the CheckRequest when the downstream protocol is // HTTP/1.1 and the size of the request body is larger than max_request_bytes. TEST_P(ExtAuthzGrpcIntegrationTest, HTTP1DownstreamRequestWithLargeBody) { XDS_DEPRECATED_FEATURE_TEST_SKIP; - expectCheckRequestWithBody(Http::CodecClient::Type::HTTP1, 2048); + expectCheckRequestWithBody(Http::CodecType::HTTP1, 2048); } // Verifies that the request body is included in the CheckRequest when the downstream protocol is // HTTP/2. TEST_P(ExtAuthzGrpcIntegrationTest, HTTP2DownstreamRequestWithBody) { XDS_DEPRECATED_FEATURE_TEST_SKIP; - expectCheckRequestWithBody(Http::CodecClient::Type::HTTP2, 4); + expectCheckRequestWithBody(Http::CodecType::HTTP2, 4); } // Verifies that the request body is included in the CheckRequest when the downstream protocol is // HTTP/2 and the size of the request body is larger than max_request_bytes. TEST_P(ExtAuthzGrpcIntegrationTest, HTTP2DownstreamRequestWithLargeBody) { XDS_DEPRECATED_FEATURE_TEST_SKIP; - expectCheckRequestWithBody(Http::CodecClient::Type::HTTP2, 2048); + expectCheckRequestWithBody(Http::CodecType::HTTP2, 2048); } // Verifies that the original request headers will be added and appended when the authorization @@ -610,7 +605,7 @@ TEST_P(ExtAuthzGrpcIntegrationTest, HTTP2DownstreamRequestWithLargeBody) { TEST_P(ExtAuthzGrpcIntegrationTest, SendHeadersToAddAndToAppendToUpstream) { XDS_DEPRECATED_FEATURE_TEST_SKIP; expectCheckRequestWithBodyWithHeaders( - Http::CodecClient::Type::HTTP1, 4, + Http::CodecType::HTTP1, 4, /*headers_to_add=*/Headers{{"header1", "header1"}}, /*headers_to_append=*/Headers{{"header2", "header2"}}, /*headers_to_remove=*/Headers{{"remove-me", "upstream-should-not-see-me"}}, @@ -646,14 +641,14 @@ TEST_P(ExtAuthzGrpcIntegrationTest, DownstreamHeadersOnSuccess) { initializeConfig(); // Use h1, set up the test. - setDownstreamProtocol(Http::CodecClient::Type::HTTP1); + setDownstreamProtocol(Http::CodecType::HTTP1); HttpIntegrationTest::initialize(); // Start a client connection and request. initiateClientConnection(0); // Wait for the ext_authz request as a result of the client request. - waitForExtAuthzRequest(expectedCheckRequest(Http::CodecClient::Type::HTTP1)); + waitForExtAuthzRequest(expectedCheckRequest(Http::CodecType::HTTP1)); // Send back an ext_authz response with response_headers_to_add set. sendExtAuthzResponse(Headers{}, Headers{}, Headers{}, Http::TestRequestHeaderMapImpl{}, @@ -686,12 +681,11 @@ TEST_P(ExtAuthzHttpIntegrationTest, DefaultCaseSensitiveStringMatcher) { class ExtAuthzLocalReplyIntegrationTest : public HttpIntegrationTest, public TestWithParam { public: - ExtAuthzLocalReplyIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + ExtAuthzLocalReplyIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); } void cleanup() { @@ -735,7 +729,7 @@ TEST_P(ExtAuthzLocalReplyIntegrationTest, DeniedHeaderTest) { TestUtility::loadFromYaml(ext_authz_config, proto_config); envoy::config::listener::v3::Filter ext_authz_filter; - ext_authz_filter.set_name(Extensions::HttpFilters::HttpFilterNames::get().ExtAuthorization); + ext_authz_filter.set_name("envoy.filters.http.ext_authz"); ext_authz_filter.mutable_typed_config()->PackFrom(proto_config); config_helper_.addFilter(MessageUtil::getJsonStringFromMessageOrDie(ext_authz_filter)); }); @@ -798,7 +792,7 @@ TEST_P(ExtAuthzLocalReplyIntegrationTest, DeniedHeaderTest) { TEST_P(ExtAuthzGrpcIntegrationTest, GoogleAsyncClientCreation) { XDS_DEPRECATED_FEATURE_TEST_SKIP; initializeConfig(); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); int expected_grpc_client_creation_count = 0; @@ -811,7 +805,7 @@ TEST_P(ExtAuthzGrpcIntegrationTest, GoogleAsyncClientCreation) { } initiateClientConnection(4, Headers{}, Headers{}); - waitForExtAuthzRequest(expectedCheckRequest(Http::CodecClient::Type::HTTP2)); + waitForExtAuthzRequest(expectedCheckRequest(Http::CodecType::HTTP2)); sendExtAuthzResponse(Headers{}, Headers{}, Headers{}, Http::TestRequestHeaderMapImpl{}, Http::TestRequestHeaderMapImpl{}, Headers{}); diff --git a/test/extensions/filters/http/ext_authz/ext_authz_test.cc b/test/extensions/filters/http/ext_authz/ext_authz_test.cc index e0f2ec53e031..52dbe9b13b60 100644 --- a/test/extensions/filters/http/ext_authz/ext_authz_test.cc +++ b/test/extensions/filters/http/ext_authz/ext_authz_test.cc @@ -9,16 +9,14 @@ #include "envoy/service/auth/v3/external_auth.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/http/context_impl.h" -#include "common/http/headers.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/ext_authz/ext_authz.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/context_impl.h" +#include "source/common/http/headers.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/ext_authz/ext_authz.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/mocks/http/mocks.h" @@ -1489,7 +1487,7 @@ TEST_P(HttpFilterTestParam, ContextExtensions) { // Initialize the virtual host's per filter config. FilterConfigPerRoute auth_per_vhost(settingsvhost); ON_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_vhost)); // Place something in the context extensions on the route. @@ -1498,7 +1496,7 @@ TEST_P(HttpFilterTestParam, ContextExtensions) { "value_route"; // Initialize the route's per filter config. FilterConfigPerRoute auth_per_route(settingsroute); - ON_CALL(*filter_callbacks_.route_, perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + ON_CALL(filter_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_route)); prepareCheck(); @@ -1528,7 +1526,7 @@ TEST_P(HttpFilterTestParam, DisabledOnRoute) { prepareCheck(); - ON_CALL(*filter_callbacks_.route_, perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + ON_CALL(filter_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_route)); auto test_disable = [&](bool disabled) { @@ -1559,7 +1557,7 @@ TEST_P(HttpFilterTestParam, DisabledOnRouteWithRequestBody) { envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute settings; FilterConfigPerRoute auth_per_route(settings); - ON_CALL(*filter_callbacks_.route_, perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + ON_CALL(filter_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_route)); auto test_disable = [&](bool disabled) { @@ -2005,7 +2003,7 @@ TEST_F(HttpFilterTest, EmitDynamicMetadata) { EXPECT_CALL(filter_callbacks_.stream_info_, setDynamicMetadata(_, _)) .WillOnce(Invoke([&response](const std::string& ns, const ProtobufWkt::Struct& returned_dynamic_metadata) { - EXPECT_EQ(ns, HttpFilterNames::get().ExtAuthorization); + EXPECT_EQ(ns, "envoy.filters.http.ext_authz"); EXPECT_TRUE(TestUtility::protoEqual(returned_dynamic_metadata, response.dynamic_metadata)); })); @@ -2053,7 +2051,7 @@ TEST_F(HttpFilterTest, EmitDynamicMetadataWhenDenied) { EXPECT_CALL(filter_callbacks_.stream_info_, setDynamicMetadata(_, _)) .WillOnce(Invoke([&response](const std::string& ns, const ProtobufWkt::Struct& returned_dynamic_metadata) { - EXPECT_EQ(ns, HttpFilterNames::get().ExtAuthorization); + EXPECT_EQ(ns, "envoy.filters.http.ext_authz"); EXPECT_TRUE(TestUtility::protoEqual(returned_dynamic_metadata, response.dynamic_metadata)); })); @@ -2137,7 +2135,7 @@ TEST_P(HttpFilterTestParam, NoCluster) { "value_route"; // Initialize the route's per filter config. FilterConfigPerRoute auth_per_route(settingsroute); - ON_CALL(*filter_callbacks_.route_, perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + ON_CALL(filter_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_route)); prepareCheck(); @@ -2163,7 +2161,7 @@ TEST_P(HttpFilterTestParam, DisableRequestBodyBufferingOnRoute) { envoy::extensions::filters::http::ext_authz::v3::ExtAuthzPerRoute settings; FilterConfigPerRoute auth_per_route(settings); - ON_CALL(*filter_callbacks_.route_, perFilterConfig(HttpFilterNames::get().ExtAuthorization)) + ON_CALL(filter_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.ext_authz")) .WillByDefault(Return(&auth_per_route)); auto test_disable_request_body_buffering = [&](bool bypass) { diff --git a/test/extensions/filters/http/ext_proc/BUILD b/test/extensions/filters/http/ext_proc/BUILD index 898226637fad..6b135eba9de6 100644 --- a/test/extensions/filters/http/ext_proc/BUILD +++ b/test/extensions/filters/http/ext_proc/BUILD @@ -99,6 +99,35 @@ envoy_extension_cc_test( ], ) +envoy_extension_cc_test( + name = "streaming_integration_test", + size = "medium", + srcs = ["streaming_integration_test.cc"], + extension_name = "envoy.filters.http.ext_proc", + deps = [ + ":test_processor_lib", + "//source/common/network:address_lib", + "//source/extensions/filters/http/ext_proc:config", + "//test/common/http:common_lib", + "//test/integration:http_integration_lib", + "//test/test_common:utility_lib", + "@envoy_api//envoy/extensions/filters/http/ext_proc/v3alpha:pkg_cc_proto", + "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_proto", + ], +) + +envoy_extension_cc_test_library( + name = "test_processor_lib", + srcs = ["test_processor.cc"], + hdrs = ["test_processor.h"], + extension_name = "envoy.filters.http.ext_proc", + deps = [ + "@com_github_grpc_grpc//:grpc++", + "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_grpc", + "@envoy_api//envoy/service/ext_proc/v3alpha:pkg_cc_proto", + ], +) + envoy_extension_cc_test_library( name = "mock_server_lib", srcs = ["mock_server.cc"], @@ -115,7 +144,7 @@ envoy_extension_cc_test_library( hdrs = ["utils.h"], extension_name = "envoy.filters.http.ext_proc", deps = [ - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//test/test_common:utility_lib", "@com_google_absl//absl/strings:str_format", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", diff --git a/test/extensions/filters/http/ext_proc/client_test.cc b/test/extensions/filters/http/ext_proc/client_test.cc index 8612f937e2d1..4e7d3b0c0eb7 100644 --- a/test/extensions/filters/http/ext_proc/client_test.cc +++ b/test/extensions/filters/http/ext_proc/client_test.cc @@ -1,9 +1,8 @@ #include "envoy/config/core/v3/grpc_service.pb.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/ext_proc/client_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/ext_proc/client_impl.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/extensions/filters/http/ext_proc/config_test.cc b/test/extensions/filters/http/ext_proc/config_test.cc index df07f8b25c78..bb87b9fb6545 100644 --- a/test/extensions/filters/http/ext_proc/config_test.cc +++ b/test/extensions/filters/http/ext_proc/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/ext_proc/config.h" +#include "source/extensions/filters/http/ext_proc/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc b/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc index 0e3786158db1..a730287d6519 100644 --- a/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc +++ b/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc @@ -4,7 +4,7 @@ #include "envoy/network/address.h" #include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" -#include "extensions/filters/http/ext_proc/config.h" +#include "source/extensions/filters/http/ext_proc/config.h" #include "test/common/http/common.h" #include "test/extensions/filters/http/ext_proc/utils.h" @@ -41,12 +41,12 @@ using namespace std::chrono_literals; class ExtProcIntegrationTest : public HttpIntegrationTest, public Grpc::GrpcClientIntegrationParamTest { protected: - ExtProcIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion()) {} + ExtProcIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion()) {} void createUpstreams() override { // Need to create a separate "upstream" for the gRPC server HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void TearDown() override { @@ -82,8 +82,8 @@ class ExtProcIntegrationTest : public HttpIntegrationTest, ext_proc_filter.mutable_typed_config()->PackFrom(proto_config_); config_helper_.addFilter(MessageUtil::getJsonStringFromMessageOrDie(ext_proc_filter)); }); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); } IntegrationStreamDecoderPtr sendDownstreamRequest( diff --git a/test/extensions/filters/http/ext_proc/filter_test.cc b/test/extensions/filters/http/ext_proc/filter_test.cc index 804d1cb4ba4c..73640c79af78 100644 --- a/test/extensions/filters/http/ext_proc/filter_test.cc +++ b/test/extensions/filters/http/ext_proc/filter_test.cc @@ -1,6 +1,6 @@ #include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" -#include "extensions/filters/http/ext_proc/ext_proc.h" +#include "source/extensions/filters/http/ext_proc/ext_proc.h" #include "test/common/http/common.h" #include "test/extensions/filters/http/ext_proc/mock_server.h" diff --git a/test/extensions/filters/http/ext_proc/mock_server.h b/test/extensions/filters/http/ext_proc/mock_server.h index 07d0b1aeb259..bb479d175e29 100644 --- a/test/extensions/filters/http/ext_proc/mock_server.h +++ b/test/extensions/filters/http/ext_proc/mock_server.h @@ -1,6 +1,6 @@ #pragma once -#include "extensions/filters/http/ext_proc/client.h" +#include "source/extensions/filters/http/ext_proc/client.h" #include "gmock/gmock.h" diff --git a/test/extensions/filters/http/ext_proc/mutation_utils_test.cc b/test/extensions/filters/http/ext_proc/mutation_utils_test.cc index 4096fcc68a26..abed79419dae 100644 --- a/test/extensions/filters/http/ext_proc/mutation_utils_test.cc +++ b/test/extensions/filters/http/ext_proc/mutation_utils_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/ext_proc/mutation_utils.h" +#include "source/extensions/filters/http/ext_proc/mutation_utils.h" #include "test/extensions/filters/http/ext_proc/utils.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/ext_proc/ordering_test.cc b/test/extensions/filters/http/ext_proc/ordering_test.cc index 0ae4543296df..7d5437049051 100644 --- a/test/extensions/filters/http/ext_proc/ordering_test.cc +++ b/test/extensions/filters/http/ext_proc/ordering_test.cc @@ -1,6 +1,6 @@ #include "envoy/http/header_map.h" -#include "extensions/filters/http/ext_proc/ext_proc.h" +#include "source/extensions/filters/http/ext_proc/ext_proc.h" #include "test/common/http/common.h" #include "test/extensions/filters/http/ext_proc/mock_server.h" diff --git a/test/extensions/filters/http/ext_proc/streaming_integration_test.cc b/test/extensions/filters/http/ext_proc/streaming_integration_test.cc new file mode 100644 index 000000000000..4fd5d7a58124 --- /dev/null +++ b/test/extensions/filters/http/ext_proc/streaming_integration_test.cc @@ -0,0 +1,320 @@ +#include "envoy/extensions/filters/http/ext_proc/v3alpha/ext_proc.pb.h" +#include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" + +#include "source/common/network/address_impl.h" + +#include "test/common/http/common.h" +#include "test/extensions/filters/http/ext_proc/test_processor.h" +#include "test/integration/http_integration.h" +#include "test/test_common/utility.h" + +#include "gtest/gtest.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace ExternalProcessing { + +using envoy::extensions::filters::http::ext_proc::v3alpha::ProcessingMode; +using envoy::service::ext_proc::v3alpha::ProcessingRequest; +using envoy::service::ext_proc::v3alpha::ProcessingResponse; + +using Http::LowerCaseString; + +// The buffer size for the listeners +static const uint32_t BufferSize = 100000; + +// These tests exercise ext_proc using the integration test framework and a real gRPC server +// for the external processor. This lets us more fully exercise all the things that happen +// with larger, streamed payloads. +class StreamingIntegrationTest : public HttpIntegrationTest, + public Grpc::GrpcClientIntegrationParamTest { + +protected: + StreamingIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion()) {} + + void TearDown() override { + cleanupUpstreamAndDownstream(); + test_processor_.shutdown(); + } + + void initializeConfig() { + // This enables a built-in automatic upstream server. + autonomous_upstream_ = true; + + config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { + // Create a cluster for our gRPC server pointing to the address that is running the gRPC + // server. + auto* processor_cluster = bootstrap.mutable_static_resources()->add_clusters(); + processor_cluster->set_name("ext_proc_server"); + processor_cluster->mutable_load_assignment()->set_cluster_name("ext_proc_server"); + auto* address = processor_cluster->mutable_load_assignment() + ->add_endpoints() + ->add_lb_endpoints() + ->mutable_endpoint() + ->mutable_address() + ->mutable_socket_address(); + address->set_address("127.0.0.1"); + address->set_port_value(test_processor_.port()); + + // Ensure "HTTP2 with no prior knowledge." Necessary for gRPC. + ConfigHelper::setHttp2( + *(bootstrap.mutable_static_resources()->mutable_clusters()->Mutable(0))); + ConfigHelper::setHttp2(*processor_cluster); + + // Make sure both flavors of gRPC client use the right address. + const auto addr = + std::make_shared("127.0.0.1", test_processor_.port()); + setGrpcService(*proto_config_.mutable_grpc_service(), "ext_proc_server", addr); + + // Merge the filter. + envoy::config::listener::v3::Filter ext_proc_filter; + ext_proc_filter.set_name("envoy.filters.http.ext_proc"); + ext_proc_filter.mutable_typed_config()->PackFrom(proto_config_); + config_helper_.addFilter(MessageUtil::getJsonStringFromMessageOrDie(ext_proc_filter)); + }); + + // Make sure that we have control over when buffers will fill up. + config_helper_.setBufferLimits(BufferSize, BufferSize); + + setUpstreamProtocol(Http::CodecType::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + } + + Http::RequestEncoder& + sendClientRequestHeaders(absl::optional> cb) { + auto conn = makeClientConnection(lookupPort("http")); + codec_client_ = makeHttpConnection(std::move(conn)); + Http::TestRequestHeaderMapImpl headers; + HttpTestUtility::addDefaultHeaders(headers, std::string("POST")); + if (cb) { + (*cb)(headers); + } + auto encoder_decoder = codec_client_->startRequest(headers); + client_response_ = std::move(encoder_decoder.second); + return encoder_decoder.first; + } + + void sendGetRequest(const Http::RequestHeaderMap& headers) { + auto conn = makeClientConnection(lookupPort("http")); + codec_client_ = makeHttpConnection(std::move(conn)); + client_response_ = codec_client_->makeHeaderOnlyRequest(headers); + } + + TestProcessor test_processor_; + envoy::extensions::filters::http::ext_proc::v3alpha::ExternalProcessor proto_config_{}; + IntegrationStreamDecoderPtr client_response_; +}; + +// Ensure that the test suite is run with all combinations the Envoy and Google gRPC clients. +INSTANTIATE_TEST_SUITE_P(StreamingProtocols, StreamingIntegrationTest, + GRPC_CLIENT_INTEGRATION_PARAMS); + +// Send a body that's larger than the buffer limit, and have the processor return immediately +// after the headers come in. +TEST_P(StreamingIntegrationTest, PostAndProcessHeadersOnly) { + uint32_t num_chunks = 150; + uint32_t chunk_size = 1000; + + // This starts the gRPC server in the background. It'll be shut down when we stop the tests. + test_processor_.start( + [](grpc::ServerReaderWriter* stream) { + ProcessingRequest header_req; + if (!stream->Read(&header_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!header_req.has_request_headers()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected request headers"); + } + + ProcessingResponse header_resp; + header_resp.mutable_request_headers(); + stream->Write(header_resp); + return grpc::Status::OK; + }); + + initializeConfig(); + HttpIntegrationTest::initialize(); + auto& encoder = sendClientRequestHeaders([num_chunks, chunk_size](Http::HeaderMap& headers) { + headers.addCopy(LowerCaseString("expect_request_size_bytes"), num_chunks * chunk_size); + }); + + for (uint32_t i = 0; i < num_chunks; i++) { + Buffer::OwnedImpl chunk; + TestUtility::feedBufferWithRandomCharacters(chunk, chunk_size); + codec_client_->sendData(encoder, chunk, false); + } + Buffer::OwnedImpl empty_chunk; + codec_client_->sendData(encoder, empty_chunk, true); + + ASSERT_TRUE(client_response_->waitForEndStream()); + EXPECT_TRUE(client_response_->complete()); + EXPECT_THAT(client_response_->headers(), Http::HttpStatusIs("200")); +} + +// Send a body that's smaller than the buffer limit, and have the processor +// request to see it in buffered form before allowing it to continue. +TEST_P(StreamingIntegrationTest, PostAndProcessBufferedRequestBody) { + const uint32_t num_chunks = 99; + const uint32_t chunk_size = 1000; + uint32_t total_size = num_chunks * chunk_size; + + test_processor_.start( + [total_size](grpc::ServerReaderWriter* stream) { + ProcessingRequest header_req; + if (!stream->Read(&header_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!header_req.has_request_headers()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected request headers"); + } + + ProcessingResponse header_resp; + header_resp.mutable_request_headers(); + auto* override = header_resp.mutable_mode_override(); + override->set_request_body_mode(ProcessingMode::BUFFERED); + stream->Write(header_resp); + + ProcessingRequest body_req; + if (!stream->Read(&body_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!body_req.has_request_body()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected request body"); + } + if (body_req.request_body().body().size() != total_size) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "incorrect body size"); + } + + ProcessingResponse body_resp; + header_resp.mutable_request_body(); + stream->Write(body_resp); + + return grpc::Status::OK; + }); + + initializeConfig(); + HttpIntegrationTest::initialize(); + auto& encoder = sendClientRequestHeaders([total_size](Http::HeaderMap& headers) { + headers.addCopy(LowerCaseString("expect_request_size_bytes"), total_size); + }); + + for (uint32_t i = 0; i < num_chunks; i++) { + Buffer::OwnedImpl chunk; + TestUtility::feedBufferWithRandomCharacters(chunk, chunk_size); + codec_client_->sendData(encoder, chunk, false); + } + Buffer::OwnedImpl empty_chunk; + codec_client_->sendData(encoder, empty_chunk, true); + + ASSERT_TRUE(client_response_->waitForEndStream()); + EXPECT_TRUE(client_response_->complete()); + EXPECT_THAT(client_response_->headers(), Http::HttpStatusIs("200")); +} + +// Do an HTTP GET that will return a body smaller than the buffer limit, which we process +// in the processor. +TEST_P(StreamingIntegrationTest, GetAndProcessBufferedResponseBody) { + uint32_t response_size = 90000; + + test_processor_.start( + [response_size](grpc::ServerReaderWriter* stream) { + ProcessingRequest header_req; + if (!stream->Read(&header_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!header_req.has_request_headers()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected request headers"); + } + + ProcessingResponse header_resp; + header_resp.mutable_request_headers(); + auto* override = header_resp.mutable_mode_override(); + override->set_response_header_mode(ProcessingMode::SKIP); + override->set_response_body_mode(ProcessingMode::BUFFERED); + stream->Write(header_resp); + + ProcessingRequest body_req; + if (!stream->Read(&body_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!body_req.has_response_body()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected response body"); + } + if (body_req.response_body().body().size() != response_size) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "incorrect body size"); + } + + return grpc::Status::OK; + }); + + initializeConfig(); + HttpIntegrationTest::initialize(); + Http::TestRequestHeaderMapImpl headers; + HttpTestUtility::addDefaultHeaders(headers); + headers.addCopy(LowerCaseString("response_size_bytes"), response_size); + sendGetRequest(headers); + + ASSERT_TRUE(client_response_->waitForEndStream()); + EXPECT_TRUE(client_response_->complete()); + EXPECT_THAT(client_response_->headers(), Http::HttpStatusIs("200")); + EXPECT_EQ(client_response_->body().size(), response_size); +} + +// Send a body that's larger than the buffer limit and have the processor +// try to process it in buffered mode. The client should get an error. +TEST_P(StreamingIntegrationTest, PostAndProcessBufferedRequestBodyTooBig) { + // Send just one chunk beyond the buffer limit -- integration + // test framework can't handle anything else. + const uint32_t num_chunks = 11; + const uint32_t chunk_size = 10000; + uint32_t total_size = num_chunks * chunk_size; + + test_processor_.start( + [](grpc::ServerReaderWriter* stream) { + ProcessingRequest header_req; + if (!stream->Read(&header_req)) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected message"); + } + if (!header_req.has_request_headers()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected request headers"); + } + + ProcessingResponse response; + response.mutable_request_headers(); + auto* override = response.mutable_mode_override(); + override->set_request_body_mode(ProcessingMode::BUFFERED); + stream->Write(response); + + ProcessingRequest header_resp; + if (stream->Read(&header_resp)) { + if (!header_resp.has_response_headers()) { + return grpc::Status(grpc::StatusCode::INVALID_ARGUMENT, "expected response headers"); + } + } + return grpc::Status::OK; + }); + + initializeConfig(); + HttpIntegrationTest::initialize(); + auto& encoder = sendClientRequestHeaders([total_size](Http::HeaderMap& headers) { + headers.addCopy(LowerCaseString("expect_request_size_bytes"), total_size); + }); + + for (uint32_t i = 0; i < num_chunks; i++) { + Buffer::OwnedImpl chunk; + TestUtility::feedBufferWithRandomCharacters(chunk, chunk_size); + codec_client_->sendData(encoder, chunk, false); + } + Buffer::OwnedImpl empty_chunk; + codec_client_->sendData(encoder, empty_chunk, true); + + ASSERT_TRUE(client_response_->waitForEndStream()); + EXPECT_TRUE(client_response_->complete()); + EXPECT_THAT(client_response_->headers(), Http::HttpStatusIs("413")); +} + +} // namespace ExternalProcessing +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/test_processor.cc b/test/extensions/filters/http/ext_proc/test_processor.cc new file mode 100644 index 000000000000..7498f76ea24e --- /dev/null +++ b/test/extensions/filters/http/ext_proc/test_processor.cc @@ -0,0 +1,29 @@ +#include "test/extensions/filters/http/ext_proc/test_processor.h" + +#include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" + +#include "grpc++/server_builder.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace ExternalProcessing { + +void TestProcessor::start(ProcessingFunc cb) { + wrapper_ = std::make_unique(cb); + grpc::ServerBuilder builder; + builder.RegisterService(wrapper_.get()); + builder.AddListeningPort("127.0.0.1:0", grpc::InsecureServerCredentials(), &listening_port_); + server_ = builder.BuildAndStart(); +} + +void TestProcessor::shutdown() { + if (server_) { + server_->Shutdown(); + } +} + +} // namespace ExternalProcessing +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/test_processor.h b/test/extensions/filters/http/ext_proc/test_processor.h new file mode 100644 index 000000000000..e6a027ca01f3 --- /dev/null +++ b/test/extensions/filters/http/ext_proc/test_processor.h @@ -0,0 +1,58 @@ +#pragma once + +#include +#include + +#include "envoy/service/ext_proc/v3alpha/external_processor.grpc.pb.h" +#include "envoy/service/ext_proc/v3alpha/external_processor.pb.h" + +#include "grpc++/server.h" +#include "gtest/gtest.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace ExternalProcessing { + +using ProcessingFunc = std::function*)>; + +class ProcessorWrapper : public envoy::service::ext_proc::v3alpha::ExternalProcessor::Service { +public: + ProcessorWrapper(ProcessingFunc& cb) : callback_(cb) {} + + grpc::Status + Process(grpc::ServerContext*, + grpc::ServerReaderWriter* stream) + override { + return callback_(stream); + } + +private: + ProcessingFunc callback_; +}; + +class TestProcessor { +public: + // Start the processor listening on an ephemeral port (port 0) on 127.0.0.1. + // All new streams will be delegated to the specified function. + void start(ProcessingFunc cb); + + // Stop the processor from listening once all streams are closed. + void shutdown(); + + // Return the port that the processor is listening on. + int port() const { return listening_port_; } + +private: + std::unique_ptr wrapper_; + std::unique_ptr server_; + int listening_port_; +}; + +} // namespace ExternalProcessing +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/fault/BUILD b/test/extensions/filters/http/fault/BUILD index e100845921d5..189fa95ded56 100644 --- a/test/extensions/filters/http/fault/BUILD +++ b/test/extensions/filters/http/fault/BUILD @@ -18,7 +18,7 @@ envoy_extension_cc_test( extension_name = "envoy.filters.http.fault", deps = [ ":utility_lib", - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:header_map_lib", diff --git a/test/extensions/filters/http/fault/config_test.cc b/test/extensions/filters/http/fault/config_test.cc index 080e5a3e41de..440bd0ccae85 100644 --- a/test/extensions/filters/http/fault/config_test.cc +++ b/test/extensions/filters/http/fault/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "extensions/filters/http/fault/config.h" +#include "source/extensions/filters/http/fault/config.h" #include "test/extensions/filters/http/fault/utility.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/fault/fault_filter_integration_test.cc b/test/extensions/filters/http/fault/fault_filter_integration_test.cc index f23633aa308a..370c662438be 100644 --- a/test/extensions/filters/http/fault/fault_filter_integration_test.cc +++ b/test/extensions/filters/http/fault/fault_filter_integration_test.cc @@ -393,7 +393,7 @@ TEST_P(FaultIntegrationTestAllProtocols, FaultAbortGrpcConfig) { class FaultIntegrationTestHttp2 : public FaultIntegrationTest {}; INSTANTIATE_TEST_SUITE_P(Protocols, FaultIntegrationTestHttp2, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP2})), + {Http::CodecType::HTTP2}, {Http::CodecType::HTTP2})), HttpProtocolIntegrationTest::protocolTestParamsToString); // Rate limiting with trailers received after the body has been flushed. diff --git a/test/extensions/filters/http/fault/fault_filter_test.cc b/test/extensions/filters/http/fault/fault_filter_test.cc index 07d16bd6d41a..f09372a74c38 100644 --- a/test/extensions/filters/http/fault/fault_filter_test.cc +++ b/test/extensions/filters/http/fault/fault_filter_test.cc @@ -9,13 +9,11 @@ #include "envoy/extensions/filters/http/fault/v3/fault.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/fault/fault_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/fault/fault_filter.h" #include "test/common/http/common.h" #include "test/extensions/filters/http/fault/utility.h" @@ -1198,10 +1196,10 @@ void FaultFilterTest::TestPerFilterConfigFault( const Router::RouteSpecificFilterConfig* vhost_fault) { ON_CALL(decoder_filter_callbacks_.route_->route_entry_, - perFilterConfig(Extensions::HttpFilters::HttpFilterNames::get().Fault)) + perFilterConfig("envoy.filters.http.fault")) .WillByDefault(Return(route_fault)); ON_CALL(decoder_filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(Extensions::HttpFilters::HttpFilterNames::get().Fault)) + perFilterConfig("envoy.filters.http.fault")) .WillByDefault(Return(vhost_fault)); const std::string upstream_cluster("www1"); diff --git a/test/extensions/filters/http/grpc_http1_bridge/config_test.cc b/test/extensions/filters/http/grpc_http1_bridge/config_test.cc index 8c890afcaf7e..b1dd30299e99 100644 --- a/test/extensions/filters/http/grpc_http1_bridge/config_test.cc +++ b/test/extensions/filters/http/grpc_http1_bridge/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_http1_bridge/config.h" +#include "source/extensions/filters/http/grpc_http1_bridge/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter_test.cc b/test/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter_test.cc index 6c7d23824795..96f7fb3aac75 100644 --- a/test/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter_test.cc +++ b/test/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter_test.cc @@ -1,9 +1,8 @@ -#include "common/buffer/buffer_impl.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/http/grpc_http1_bridge/http1_bridge_filter.h" #include "test/mocks/http/mocks.h" #include "test/test_common/global.h" diff --git a/test/extensions/filters/http/grpc_http1_reverse_bridge/config_test.cc b/test/extensions/filters/http/grpc_http1_reverse_bridge/config_test.cc index 33acd2fef256..a23d934f7465 100644 --- a/test/extensions/filters/http/grpc_http1_reverse_bridge/config_test.cc +++ b/test/extensions/filters/http/grpc_http1_reverse_bridge/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" -#include "extensions/filters/http/grpc_http1_reverse_bridge/config.h" -#include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/config.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_integration_test.cc b/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_integration_test.cc index 3c8fa000ac94..777fd4cca101 100644 --- a/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_integration_test.cc +++ b/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_integration_test.cc @@ -2,9 +2,7 @@ #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" -#include "common/http/message_impl.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/http/message_impl.h" #include "test/integration/http_integration.h" #include "test/mocks/http/mocks.h" @@ -27,13 +25,12 @@ namespace { class ReverseBridgeIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - ReverseBridgeIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) {} + ReverseBridgeIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) {} void initialize() override { initialize(absl::nullopt); } void initialize(const absl::optional response_size_header) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); const std::string filter = fmt::format( R"EOF( @@ -62,7 +59,7 @@ name: grpc_http1_reverse_bridge void TearDown() override { fake_upstream_connection_.reset(); } protected: - FakeHttpConnection::Type upstream_protocol_; + Http::CodecType upstream_protocol_; }; INSTANTIATE_TEST_SUITE_P(IpVersions, ReverseBridgeIntegrationTest, @@ -73,7 +70,7 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, ReverseBridgeIntegrationTest, // doesn't enable the bridge. // Regression test of https://github.com/envoyproxy/envoy/issues/9922 TEST_P(ReverseBridgeIntegrationTest, DisabledRoute) { - upstream_protocol_ = FakeHttpConnection::Type::HTTP2; + upstream_protocol_ = Http::CodecType::HTTP2; initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); @@ -122,7 +119,7 @@ TEST_P(ReverseBridgeIntegrationTest, DisabledRoute) { } TEST_P(ReverseBridgeIntegrationTest, EnabledRoute) { - upstream_protocol_ = FakeHttpConnection::Type::HTTP1; + upstream_protocol_ = Http::CodecType::HTTP1; initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); @@ -180,7 +177,7 @@ TEST_P(ReverseBridgeIntegrationTest, EnabledRoute) { } TEST_P(ReverseBridgeIntegrationTest, EnabledRouteBadContentType) { - upstream_protocol_ = FakeHttpConnection::Type::HTTP1; + upstream_protocol_ = Http::CodecType::HTTP1; initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); diff --git a/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_test.cc b/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_test.cc index 54866941606d..7016d6483089 100644 --- a/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_test.cc +++ b/test/extensions/filters/http/grpc_http1_reverse_bridge/reverse_bridge_test.cc @@ -3,13 +3,11 @@ #include "envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3/config.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/codec.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" - -#include "extensions/filters/http/grpc_http1_reverse_bridge/filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" +#include "source/extensions/filters/http/grpc_http1_reverse_bridge/filter.h" #include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" @@ -617,8 +615,8 @@ TEST_F(ReverseBridgeTest, FilterConfigPerRouteDisabled) { filter_config_per_route.set_disabled(true); FilterConfigPerRoute filterConfigPerRoute(filter_config_per_route); - ON_CALL(*decoder_callbacks_.route_, - perFilterConfig(HttpFilterNames::get().GrpcHttp1ReverseBridge)) + ON_CALL(decoder_callbacks_.route_->route_entry_, + perFilterConfig("envoy.filters.http.grpc_http1_reverse_bridge")) .WillByDefault(testing::Return(&filterConfigPerRoute)); EXPECT_CALL(decoder_callbacks_, route()).Times(2); @@ -646,8 +644,8 @@ TEST_F(ReverseBridgeTest, FilterConfigPerRouteEnabled) { filter_config_per_route.set_disabled(false); FilterConfigPerRoute filterConfigPerRoute(filter_config_per_route); - ON_CALL(*decoder_callbacks_.route_, - perFilterConfig(HttpFilterNames::get().GrpcHttp1ReverseBridge)) + ON_CALL(decoder_callbacks_.route_->route_entry_, + perFilterConfig("envoy.filters.http.grpc_http1_reverse_bridge")) .WillByDefault(testing::Return(&filterConfigPerRoute)); { @@ -734,8 +732,8 @@ TEST_F(ReverseBridgeTest, RouteWithTrailers) { filter_config_per_route.set_disabled(false); FilterConfigPerRoute filterConfigPerRoute(filter_config_per_route); - ON_CALL(*decoder_callbacks_.route_, - perFilterConfig(HttpFilterNames::get().GrpcHttp1ReverseBridge)) + ON_CALL(decoder_callbacks_.route_->route_entry_, + perFilterConfig("envoy.filters.http.grpc_http1_reverse_bridge")) .WillByDefault(testing::Return(&filterConfigPerRoute)); { diff --git a/test/extensions/filters/http/grpc_json_transcoder/config_test.cc b/test/extensions/filters/http/grpc_json_transcoder/config_test.cc index 164649e3228a..05186021d760 100644 --- a/test/extensions/filters/http/grpc_json_transcoder/config_test.cc +++ b/test/extensions/filters/http/grpc_json_transcoder/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.validate.h" -#include "extensions/filters/http/grpc_json_transcoder/config.h" +#include "source/extensions/filters/http/grpc_json_transcoder/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/grpc_json_transcoder/grpc_json_transcoder_integration_test.cc b/test/extensions/filters/http/grpc_json_transcoder/grpc_json_transcoder_integration_test.cc index 15e669eb3367..2dd86455f58b 100644 --- a/test/extensions/filters/http/grpc_json_transcoder/grpc_json_transcoder_integration_test.cc +++ b/test/extensions/filters/http/grpc_json_transcoder/grpc_json_transcoder_integration_test.cc @@ -1,11 +1,9 @@ #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/http/message_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/protobuf.h" #include "test/integration/http_integration.h" #include "test/mocks/http/mocks.h" @@ -30,11 +28,10 @@ class GrpcJsonTranscoderIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - GrpcJsonTranscoderIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + GrpcJsonTranscoderIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void SetUp() override { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); const std::string filter = R"EOF( name: grpc_json_transcoder @@ -194,8 +191,7 @@ class GrpcJsonTranscoderIntegrationTest ->Mutable(0) ->mutable_typed_per_filter_config(); - (*config)[Extensions::HttpFilters::HttpFilterNames::get().GrpcJsonTranscoder].PackFrom( - per_route_config); + (*config)["envoy.filters.http.grpc_json_transcoder"].PackFrom(per_route_config); }; config_helper_.addConfigModifier(modifier); @@ -1253,7 +1249,7 @@ class OverrideConfigGrpcJsonTranscoderIntegrationTest : public GrpcJsonTranscode * Global initializer for all integration tests. */ void SetUp() override { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); // creates filter but doesn't apply it to bookstore services const std::string filter = R"EOF( @@ -1301,7 +1297,7 @@ class BufferLimitsDisabledGrpcJsonTranscoderIntegrationTest : public GrpcJsonTranscoderIntegrationTest { public: void SetUp() override { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); const std::string filter = R"EOF( name: grpc_json_transcoder diff --git a/test/extensions/filters/http/grpc_json_transcoder/http_body_utils_test.cc b/test/extensions/filters/http/grpc_json_transcoder/http_body_utils_test.cc index 6a69e0770cd1..0db9a705508e 100644 --- a/test/extensions/filters/http/grpc_json_transcoder/http_body_utils_test.cc +++ b/test/extensions/filters/http/grpc_json_transcoder/http_body_utils_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" - -#include "extensions/filters/http/grpc_json_transcoder/http_body_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/extensions/filters/http/grpc_json_transcoder/http_body_utils.h" #include "test/proto/bookstore.pb.h" diff --git a/test/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter_test.cc b/test/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter_test.cc index 1de0a48874d5..bc2e84d88f03 100644 --- a/test/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter_test.cc +++ b/test/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter_test.cc @@ -4,14 +4,12 @@ #include "envoy/extensions/filters/http/grpc_json_transcoder/v3/transcoder.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/http/grpc_json_transcoder/json_transcoder_filter.h" #include "test/mocks/http/mocks.h" #include "test/proto/bookstore.pb.h" @@ -371,10 +369,10 @@ class GrpcJsonTranscoderFilterTest : public testing::Test, public GrpcJsonTransc void routeLocalConfig(const Router::RouteSpecificFilterConfig* route_settings, const Router::RouteSpecificFilterConfig* vhost_settings) { ON_CALL(decoder_callbacks_.route_->route_entry_, - perFilterConfig(HttpFilterNames::get().GrpcJsonTranscoder)) + perFilterConfig("envoy.filters.http.grpc_json_transcoder")) .WillByDefault(Return(route_settings)); ON_CALL(decoder_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().GrpcJsonTranscoder)) + perFilterConfig("envoy.filters.http.grpc_json_transcoder")) .WillByDefault(Return(vhost_settings)); } diff --git a/test/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_test.cc b/test/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_test.cc index e72c8beaa24f..263ef7e1db61 100644 --- a/test/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_test.cc +++ b/test/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_test.cc @@ -1,6 +1,5 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/grpc_json_transcoder/transcoder_input_stream_impl.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/http/grpc_stats/config_test.cc b/test/extensions/filters/http/grpc_stats/config_test.cc index 3b4f1cdb00ad..50602a60e3a9 100644 --- a/test/extensions/filters/http/grpc_stats/config_test.cc +++ b/test/extensions/filters/http/grpc_stats/config_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.h" #include "envoy/extensions/filters/http/grpc_stats/v3/config.pb.validate.h" -#include "common/grpc/common.h" - -#include "extensions/filters/http/grpc_stats/grpc_stats_filter.h" +#include "source/common/grpc/common.h" +#include "source/extensions/filters/http/grpc_stats/grpc_stats_filter.h" #include "test/common/buffer/utility.h" #include "test/common/stream_info/test_util.h" @@ -95,7 +94,7 @@ TEST_F(GrpcStatsFilterConfigTest, StatsHttp2HeaderOnlyResponse) { ->statsScope() .counterFromString("grpc.lyft.users.BadCompanions.GetBadCompanions.total") .value()); - EXPECT_FALSE(stream_info_.filterState()->hasDataWithName(HttpFilterNames::get().GrpcStats)); + EXPECT_FALSE(stream_info_.filterState()->hasDataWithName("envoy.filters.http.grpc_stats")); } TEST_F(GrpcStatsFilterConfigTest, StatsHttp2NormalResponse) { @@ -115,7 +114,7 @@ TEST_F(GrpcStatsFilterConfigTest, StatsHttp2NormalResponse) { ->statsScope() .counterFromString("grpc.lyft.users.BadCompanions.GetBadCompanions.total") .value()); - EXPECT_FALSE(stream_info_.filterState()->hasDataWithName(HttpFilterNames::get().GrpcStats)); + EXPECT_FALSE(stream_info_.filterState()->hasDataWithName("envoy.filters.http.grpc_stats")); } TEST_F(GrpcStatsFilterConfigTest, StatsHttp2ContentTypeGrpcPlusProto) { @@ -135,7 +134,7 @@ TEST_F(GrpcStatsFilterConfigTest, StatsHttp2ContentTypeGrpcPlusProto) { ->statsScope() .counterFromString("grpc.lyft.users.BadCompanions.GetBadCompanions.total") .value()); - EXPECT_FALSE(stream_info_.filterState()->hasDataWithName(HttpFilterNames::get().GrpcStats)); + EXPECT_FALSE(stream_info_.filterState()->hasDataWithName("envoy.filters.http.grpc_stats")); } // Test that an allowlist match results in method-named stats. @@ -366,8 +365,8 @@ TEST_F(GrpcStatsFilterConfigTest, MessageCounts) { EXPECT_TRUE(stats_store_.findCounterByString( "grpc.lyft.users.BadCompanions.GetBadCompanions.request_message_count")); - const auto& data = stream_info_.filterState()->getDataReadOnly( - HttpFilterNames::get().GrpcStats); + const auto& data = + stream_info_.filterState()->getDataReadOnly("envoy.filters.http.grpc_stats"); EXPECT_EQ(2U, data.request_message_count); EXPECT_EQ(0U, data.response_message_count); diff --git a/test/extensions/filters/http/grpc_web/config_test.cc b/test/extensions/filters/http/grpc_web/config_test.cc index 0ad9da56c86f..32c7d656ec78 100644 --- a/test/extensions/filters/http/grpc_web/config_test.cc +++ b/test/extensions/filters/http/grpc_web/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/http/grpc_web/config.h" +#include "source/extensions/filters/http/grpc_web/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/grpc_web/grpc_web_filter_integration_test.cc b/test/extensions/filters/http/grpc_web/grpc_web_filter_integration_test.cc index 32ca9673445a..b7ba884e6596 100644 --- a/test/extensions/filters/http/grpc_web/grpc_web_filter_integration_test.cc +++ b/test/extensions/filters/http/grpc_web/grpc_web_filter_integration_test.cc @@ -1,8 +1,6 @@ #include -#include "common/common/base64.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/base64.h" #include "test/integration/http_integration.h" @@ -18,7 +16,7 @@ constexpr uint64_t MAX_BUFFERED_PLAINTEXT_LENGTH = 16384; using SkipEncodingEmptyTrailers = bool; using ContentType = std::string; using Accept = std::string; -using TestParams = std::tuple; class GrpcWebFilterIntegrationTest : public testing::TestWithParam, @@ -28,18 +26,18 @@ class GrpcWebFilterIntegrationTest : public testing::TestWithParam, : HttpIntegrationTest(std::get<1>(GetParam()), std::get<0>(GetParam())) {} void SetUp() override { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); config_helper_.addFilter("name: envoy.filters.http.grpc_web"); } void initialize() override { - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { config_helper_.addConfigModifier(setEnableDownstreamTrailersHttp1()); } else { skipEncodingEmptyTrailers(http2_skip_encoding_empty_trailers_); } - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); } @@ -139,13 +137,13 @@ class GrpcWebFilterIntegrationTest : public testing::TestWithParam, "{}_{}_{}_{}_{}", TestUtility::ipTestParamsToString(testing::TestParamInfo( std::get<0>(params.param), params.index)), - std::get<1>(params.param) == Http::CodecClient::Type::HTTP2 ? "Http2" : "Http", + std::get<1>(params.param) == Http::CodecType::HTTP2 ? "Http2" : "Http", std::get<2>(params.param) ? "SkipEncodingEmptyTrailers" : "SubmitEncodingEmptyTrailers", std::get<3>(params.param) == text ? "SendText" : "SendBinary", std::get<4>(params.param) == text ? "AcceptText" : "AcceptBinary"); } - const Envoy::Http::CodecClient::Type downstream_protocol_{std::get<1>(GetParam())}; + const Envoy::Http::CodecType downstream_protocol_{std::get<1>(GetParam())}; const bool http2_skip_encoding_empty_trailers_{std::get<2>(GetParam())}; const ContentType content_type_{std::get<3>(GetParam())}; const Accept accept_{std::get<4>(GetParam())}; @@ -153,12 +151,12 @@ class GrpcWebFilterIntegrationTest : public testing::TestWithParam, INSTANTIATE_TEST_SUITE_P( Params, GrpcWebFilterIntegrationTest, - testing::Combine( - testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), - testing::Values(Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2), - testing::Values(SkipEncodingEmptyTrailers{true}, SkipEncodingEmptyTrailers{false}), - testing::Values(ContentType{text}, ContentType{binary}), - testing::Values(Accept{text}, Accept{binary})), + testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + testing::Values(Http::CodecType::HTTP1, Http::CodecType::HTTP2), + testing::Values(SkipEncodingEmptyTrailers{true}, + SkipEncodingEmptyTrailers{false}), + testing::Values(ContentType{text}, ContentType{binary}), + testing::Values(Accept{text}, Accept{binary})), GrpcWebFilterIntegrationTest::testParamsToString); TEST_P(GrpcWebFilterIntegrationTest, GrpcWebTrailersNotDuplicated) { @@ -202,12 +200,12 @@ TEST_P(GrpcWebFilterIntegrationTest, GrpcWebTrailersNotDuplicated) { EXPECT_TRUE(absl::StrContains(response_body, "response1:trailer1")); EXPECT_TRUE(absl::StrContains(response_body, "response2:trailer2")); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { // When the downstream protocol is HTTP/1.1 we expect the trailers to be in the response-body. EXPECT_EQ(nullptr, response->trailers()); } - if (downstream_protocol_ == Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ == Http::CodecType::HTTP2) { if (http2_skip_encoding_empty_trailers_) { // When the downstream protocol is HTTP/2 and the feature-flag to skip encoding empty trailers // is turned on, expect that the trailers are included in the response-body. diff --git a/test/extensions/filters/http/grpc_web/grpc_web_filter_test.cc b/test/extensions/filters/http/grpc_web/grpc_web_filter_test.cc index bbc401405cf9..243815d0b282 100644 --- a/test/extensions/filters/http/grpc_web/grpc_web_filter_test.cc +++ b/test/extensions/filters/http/grpc_web/grpc_web_filter_test.cc @@ -1,16 +1,15 @@ #include "envoy/http/filter.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/base64.h" -#include "common/common/empty_string.h" -#include "common/common/utility.h" -#include "common/grpc/common.h" -#include "common/http/codes.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/http/grpc_web/grpc_web_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/common.h" +#include "source/common/http/codes.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/http/grpc_web/grpc_web_filter.h" #include "test/mocks/http/mocks.h" #include "test/test_common/global.h" diff --git a/test/extensions/filters/http/gzip/BUILD b/test/extensions/filters/http/gzip/BUILD deleted file mode 100644 index b4b638ff40d1..000000000000 --- a/test/extensions/filters/http/gzip/BUILD +++ /dev/null @@ -1,46 +0,0 @@ -load( - "//bazel:envoy_build_system.bzl", - "envoy_package", -) -load( - "//test/extensions:extensions_build_system.bzl", - "envoy_extension_cc_test", -) - -licenses(["notice"]) # Apache 2 - -envoy_package() - -envoy_extension_cc_test( - name = "gzip_filter_test", - srcs = ["gzip_filter_test.cc"], - extension_name = "envoy.filters.http.gzip", - deps = [ - "//source/common/protobuf:utility_lib", - "//source/extensions/compression/gzip/compressor:compressor_lib", - "//source/extensions/compression/gzip/decompressor:zlib_decompressor_impl_lib", - "//source/extensions/filters/http/gzip:config", - "//source/extensions/filters/http/gzip:gzip_filter_lib", - "//test/mocks/http:http_mocks", - "//test/mocks/runtime:runtime_mocks", - "//test/mocks/server:factory_context_mocks", - "//test/test_common:logging_lib", - "//test/test_common:utility_lib", - "@envoy_api//envoy/extensions/filters/http/gzip/v3:pkg_cc_proto", - ], -) - -envoy_extension_cc_test( - name = "gzip_filter_integration_test", - srcs = [ - "gzip_filter_integration_test.cc", - ], - extension_name = "envoy.filters.http.gzip", - deps = [ - "//source/extensions/compression/gzip/decompressor:zlib_decompressor_impl_lib", - "//source/extensions/filters/http/gzip:config", - "//test/integration:http_integration_lib", - "//test/test_common:simulated_time_system_lib", - "//test/test_common:utility_lib", - ], -) diff --git a/test/extensions/filters/http/gzip/gzip_filter_integration_test.cc b/test/extensions/filters/http/gzip/gzip_filter_integration_test.cc deleted file mode 100644 index bd0edc6d1d56..000000000000 --- a/test/extensions/filters/http/gzip/gzip_filter_integration_test.cc +++ /dev/null @@ -1,354 +0,0 @@ -#include "envoy/event/timer.h" - -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" - -#include "test/integration/http_integration.h" -#include "test/test_common/simulated_time_system.h" -#include "test/test_common/utility.h" - -#include "gtest/gtest.h" - -namespace Envoy { - -class GzipIntegrationTest : public testing::TestWithParam, - public Event::SimulatedTimeSystem, - public HttpIntegrationTest { -public: - GzipIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} - - void SetUp() override { decompressor_.init(window_bits); } - void TearDown() override { cleanupUpstreamAndDownstream(); } - - void initializeFilter(const std::string& config) { - config_helper_.addFilter(config); - config_helper_.addRuntimeOverride("envoy.deprecated_features.allow_deprecated_gzip_http_filter", - "true"); - config_helper_.enableDeprecatedV2Api(); - initialize(); - codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); - } - - void doRequestAndCompression(Http::TestRequestHeaderMapImpl&& request_headers, - Http::TestResponseHeaderMapImpl&& response_headers) { - uint64_t content_length; - ASSERT_TRUE(absl::SimpleAtoi(response_headers.get_("content-length"), &content_length)); - const Buffer::OwnedImpl expected_response{std::string(content_length, 'a')}; - auto response = - sendRequestAndWaitForResponse(request_headers, 0, response_headers, content_length); - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_FALSE(response->headers().get(Http::CustomHeaders::get().ContentEncoding).empty()); - EXPECT_EQ(Http::CustomHeaders::get().ContentEncodingValues.Gzip, - response->headers() - .get(Http::CustomHeaders::get().ContentEncoding)[0] - ->value() - .getStringView()); - ASSERT_TRUE(response->headers().TransferEncoding() != nullptr); - EXPECT_EQ(Http::Headers::get().TransferEncodingValues.Chunked, - response->headers().getTransferEncodingValue()); - - Buffer::OwnedImpl decompressed_response{}; - const Buffer::OwnedImpl compressed_response{response->body()}; - decompressor_.decompress(compressed_response, decompressed_response); - ASSERT_EQ(content_length, decompressed_response.length()); - EXPECT_TRUE(TestUtility::buffersEqual(expected_response, decompressed_response)); - } - - void doRequestAndNoCompression(Http::TestRequestHeaderMapImpl&& request_headers, - Http::TestResponseHeaderMapImpl&& response_headers) { - uint64_t content_length; - ASSERT_TRUE(absl::SimpleAtoi(response_headers.get_("content-length"), &content_length)); - auto response = - sendRequestAndWaitForResponse(request_headers, 0, response_headers, content_length); - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_TRUE(response->headers().get(Http::CustomHeaders::get().ContentEncoding).empty()); - ASSERT_EQ(content_length, response->body().size()); - EXPECT_EQ(response->body(), std::string(content_length, 'a')); - } - - const std::string deprecated_full_config{R"EOF( - name: gzip - typed_config: - "@type": type.googleapis.com/envoy.config.filter.http.gzip.v2.Gzip - memory_level: 3 - window_bits: 10 - compression_level: best - compression_strategy: rle - disable_on_etag_header: true - content_length: 100 - content_type: - - text/html - - application/json - )EOF"}; - - const std::string full_config{R"EOF( - name: gzip - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.gzip.v3.Gzip - memory_level: 3 - window_bits: 10 - compression_level: best - compression_strategy: rle - compressor: - disable_on_etag_header: true - content_length: 100 - content_type: - - text/html - - application/json - )EOF"}; - - const std::string default_config{"name: envoy.filters.http.gzip"}; - - const uint64_t window_bits{15 | 16}; - - Stats::IsolatedStoreImpl stats_store_; - Extensions::Compression::Gzip::Decompressor::ZlibDecompressorImpl decompressor_{stats_store_, - "test"}; -}; - -INSTANTIATE_TEST_SUITE_P(IpVersions, GzipIntegrationTest, - testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), - TestUtility::ipTestParamsToString); - -/** - * Exercises gzip compression with default configuration. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(AcceptanceDefaultConfigTest)) { - initializeFilter(default_config); - doRequestAndCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "4400"}, - {"content-type", "text/xml"}}); -} - -/** - * Exercises gzip compression with deprecated full configuration. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(AcceptanceDeprecatedFullConfigTest)) { - initializeFilter(deprecated_full_config); - doRequestAndCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "4400"}, - {"content-type", "application/json"}}); -} - -/** - * Exercises gzip compression with full configuration. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(AcceptanceFullConfigTest)) { - initializeFilter(full_config); - doRequestAndCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "4400"}, - {"content-type", "application/json"}}); -} - -/** - * Exercises filter when client request contains 'identity' type. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(IdentityAcceptEncoding)) { - initializeFilter(default_config); - doRequestAndNoCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "identity"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "128"}, - {"content-type", "text/plain"}}); -} - -/** - * Exercises filter when client request contains unsupported 'accept-encoding' type. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(NotSupportedAcceptEncoding)) { - initializeFilter(default_config); - doRequestAndNoCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, br"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "128"}, - {"content-type", "text/plain"}}); -} - -/** - * Exercises filter when upstream response is already encoded. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(UpstreamResponseAlreadyEncoded)) { - initializeFilter(default_config); - Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}; - - Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}, - {"content-encoding", "br"}, - {"content-length", "128"}, - {"content-type", "application/json"}}; - - auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 128); - - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_EQ("br", response->headers() - .get(Http::CustomHeaders::get().ContentEncoding)[0] - ->value() - .getStringView()); - EXPECT_EQ(128U, response->body().size()); -} - -/** - * Exercises filter when upstream responds with content length below the default threshold. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(NotEnoughContentLength)) { - initializeFilter(default_config); - Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}; - - Http::TestResponseHeaderMapImpl response_headers{ - {":status", "200"}, {"content-length", "10"}, {"content-type", "application/json"}}; - - auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 10); - - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_TRUE(response->headers().get(Http::CustomHeaders::get().ContentEncoding).empty()); - EXPECT_EQ(10U, response->body().size()); -} - -/** - * Exercises filter when response from upstream service is empty. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(EmptyResponse)) { - initializeFilter(default_config); - Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}; - - Http::TestResponseHeaderMapImpl response_headers{{":status", "204"}, {"content-length", "0"}}; - - auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 0); - - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("204", response->headers().getStatusValue()); - ASSERT_TRUE(response->headers().get(Http::CustomHeaders::get().ContentEncoding).empty()); - EXPECT_EQ(0U, response->body().size()); -} - -/** - * Exercises filter when upstream responds with restricted content-type value. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(SkipOnContentType)) { - initializeFilter(full_config); - doRequestAndNoCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "128"}, - {"content-type", "application/xml"}}); -} - -/** - * Exercises filter when upstream responds with restricted cache-control value. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(SkipOnCacheControl)) { - initializeFilter(full_config); - doRequestAndNoCompression(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}, - Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"content-length", "128"}, - {"cache-control", "no-transform"}, - {"content-type", "application/json"}}); -} - -/** - * Exercises gzip compression when upstream returns a chunked response. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(AcceptanceFullConfigChunkedResponse)) { - initializeFilter(full_config); - Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}; - - Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}, - {"content-type", "application/json"}}; - - auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 1024); - - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_EQ("gzip", response->headers() - .get(Http::CustomHeaders::get().ContentEncoding)[0] - ->value() - .getStringView()); - ASSERT_EQ("chunked", response->headers().getTransferEncodingValue()); -} - -/** - * Verify Vary header values are preserved. - */ -TEST_P(GzipIntegrationTest, DEPRECATED_FEATURE_TEST(AcceptanceFullConfigVaryHeader)) { - initializeFilter(default_config); - Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"accept-encoding", "deflate, gzip"}}; - - Http::TestResponseHeaderMapImpl response_headers{ - {":status", "200"}, {"content-type", "application/json"}, {"vary", "Cookie"}}; - - auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 1024); - - EXPECT_TRUE(upstream_request_->complete()); - EXPECT_EQ(0U, upstream_request_->bodyLength()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - ASSERT_EQ("gzip", response->headers() - .get(Http::CustomHeaders::get().ContentEncoding)[0] - ->value() - .getStringView()); - ASSERT_EQ("Cookie, Accept-Encoding", - response->headers().get(Http::CustomHeaders::get().Vary)[0]->value().getStringView()); -} -} // namespace Envoy diff --git a/test/extensions/filters/http/gzip/gzip_filter_test.cc b/test/extensions/filters/http/gzip/gzip_filter_test.cc deleted file mode 100644 index b138cae4520e..000000000000 --- a/test/extensions/filters/http/gzip/gzip_filter_test.cc +++ /dev/null @@ -1,479 +0,0 @@ -#include - -#include "envoy/extensions/filters/http/gzip/v3/gzip.pb.h" - -#include "common/common/hex.h" -#include "common/protobuf/utility.h" - -#include "extensions/compression/gzip/compressor/zlib_compressor_impl.h" -#include "extensions/compression/gzip/decompressor/zlib_decompressor_impl.h" -#include "extensions/filters/http/gzip/config.h" -#include "extensions/filters/http/gzip/gzip_filter.h" - -#include "test/mocks/http/mocks.h" -#include "test/mocks/runtime/mocks.h" -#include "test/mocks/server/factory_context.h" -#include "test/mocks/stats/mocks.h" -#include "test/test_common/logging.h" -#include "test/test_common/utility.h" - -#include "absl/container/fixed_array.h" -#include "gtest/gtest.h" - -using testing::Return; - -namespace Envoy { -namespace Extensions { -namespace HttpFilters { -namespace Gzip { - -class GzipFilterTest : public testing::Test { -protected: - GzipFilterTest() { - ON_CALL(runtime_.snapshot_, featureEnabled("gzip.filter_enabled", 100)) - .WillByDefault(Return(true)); - } - - void SetUp() override { - setUpFilter("{}"); - decompressor_.init(31); - } - - // GzipFilterTest Helpers - void setUpFilter(std::string&& json) { - envoy::extensions::filters::http::gzip::v3::Gzip gzip; - TestUtility::loadFromJson(json, gzip); - config_ = std::make_shared(gzip, "test.", stats_, runtime_); - filter_ = std::make_unique(config_); - filter_->setEncoderFilterCallbacks(encoder_callbacks_); - filter_->setDecoderFilterCallbacks(decoder_callbacks_); - } - - void verifyCompressedData(const uint32_t content_length) { - // This makes sure we have a finished buffer before sending it to the client. - expectValidFinishedBuffer(content_length); - decompressor_.decompress(data_, decompressed_data_); - const std::string uncompressed_str{decompressed_data_.toString()}; - ASSERT_EQ(expected_str_.length(), uncompressed_str.length()); - EXPECT_EQ(expected_str_, uncompressed_str); - EXPECT_EQ(expected_str_.length(), stats_.counter("test.gzip.total_uncompressed_bytes").value()); - EXPECT_EQ(data_.length(), stats_.counter("test.gzip.total_compressed_bytes").value()); - } - - void feedBuffer(uint64_t size) { - TestUtility::feedBufferWithRandomCharacters(data_, size); - expected_str_ += data_.toString(); - } - - void drainBuffer() { - const uint64_t data_len = data_.length(); - data_.drain(data_len); - } - - void doRequest(Http::TestRequestHeaderMapImpl&& headers, bool end_stream) { - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, end_stream)); - } - - void doResponseCompression(Http::TestResponseHeaderMapImpl&& headers, bool with_trailers) { - uint64_t content_length; - ASSERT_TRUE(absl::SimpleAtoi(headers.get_("content-length"), &content_length)); - feedBuffer(content_length); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ("", headers.get_("content-length")); - EXPECT_EQ(Http::CustomHeaders::get().ContentEncodingValues.Gzip, - headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, !with_trailers)); - if (with_trailers) { - Buffer::OwnedImpl trailers_buffer; - EXPECT_CALL(encoder_callbacks_, addEncodedData(_, true)) - .WillOnce(Invoke([&](Buffer::Instance& data, bool) { data_.move(data); })); - Http::TestResponseTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(trailers)); - } - verifyCompressedData(content_length); - drainBuffer(); - EXPECT_EQ(1U, stats_.counter("test.gzip.compressed").value()); - } - - void expectValidFinishedBuffer(const uint32_t content_length) { - Buffer::RawSliceVector compressed_slices = data_.getRawSlices(); - const uint64_t num_comp_slices = compressed_slices.size(); - - const std::string header_hex_str = Hex::encode( - reinterpret_cast(compressed_slices[0].mem_), compressed_slices[0].len_); - // HEADER 0x1f = 31 (window_bits) - EXPECT_EQ("1f8b", header_hex_str.substr(0, 4)); - // CM 0x8 = deflate (compression method) - EXPECT_EQ("08", header_hex_str.substr(4, 2)); - - const std::string footer_bytes_str = - Hex::encode(reinterpret_cast(compressed_slices[num_comp_slices - 1].mem_), - compressed_slices[num_comp_slices - 1].len_); - - // A valid finished compressed buffer should have trailer with input size in it, i.e. equals to - // the value of content_length. - expectEqualInputSize(footer_bytes_str, content_length); - } - - void expectEqualInputSize(const std::string& footer_bytes, const uint32_t input_size) { - const std::string size_bytes = footer_bytes.substr(footer_bytes.size() - 8, 8); - uint64_t size; - StringUtil::atoull(size_bytes.c_str(), size, 16); - EXPECT_EQ(TestUtility::flipOrder(size), input_size); - } - - void expectValidCompressionStrategyAndLevel( - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy strategy, - absl::string_view strategy_name, - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel level, - absl::string_view level_name) { - setUpFilter(fmt::format(R"EOF({{"compression_strategy": "{}", "compression_level": "{}"}})EOF", - strategy_name, level_name)); - EXPECT_EQ(strategy, config_->compressionStrategy()); - EXPECT_EQ(level, config_->compressionLevel()); - EXPECT_EQ(5, config_->memoryLevel()); - EXPECT_EQ(30, config_->responseDirectionConfig().minimumLength()); - EXPECT_EQ(28, config_->windowBits()); - EXPECT_EQ(false, config_->responseDirectionConfig().disableOnEtagHeader()); - EXPECT_EQ(false, config_->responseDirectionConfig().removeAcceptEncodingHeader()); - EXPECT_EQ(18, config_->responseDirectionConfig().contentTypeValues().size()); - } - - void doResponseNoCompression(Http::TestResponseHeaderMapImpl&& headers) { - uint64_t content_length; - ASSERT_TRUE(absl::SimpleAtoi(headers.get_("content-length"), &content_length)); - feedBuffer(content_length); - Http::TestResponseHeaderMapImpl continue_headers; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, - filter_->encode100ContinueHeaders(continue_headers)); - Http::MetadataMap metadata_map{{"metadata", "metadata"}}; - EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->encodeMetadata(metadata_map)); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_EQ("", headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); - Http::TestResponseTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->encodeTrailers(trailers)); - EXPECT_EQ(1, stats_.counter("test.gzip.not_compressed").value()); - } - - std::shared_ptr config_; - std::unique_ptr filter_; - Buffer::OwnedImpl data_; - Stats::IsolatedStoreImpl stats_store_; - Compression::Gzip::Decompressor::ZlibDecompressorImpl decompressor_{stats_store_, "test"}; - Buffer::OwnedImpl decompressed_data_; - std::string expected_str_; - Stats::TestUtil::TestStore stats_; - NiceMock runtime_; - NiceMock encoder_callbacks_; - NiceMock decoder_callbacks_; -}; - -// Test if Runtime Feature is Disabled -TEST_F(GzipFilterTest, RuntimeDisabled) { - setUpFilter(R"EOF( -{ - "compressor": { - "runtime_enabled": { - "default_value": true, - "runtime_key": "foo_key" - } - } -} -)EOF"); - EXPECT_CALL(runtime_.snapshot_, getBoolean("foo_key", true)) - .Times(2) - .WillRepeatedly(Return(false)); - doRequest({{":method", "get"}, {"accept-encoding", "deflate, gzip"}}, false); - doResponseNoCompression({{":method", "get"}, {"content-length", "256"}}); -} - -// Default config values. -TEST_F(GzipFilterTest, DefaultConfigValues) { - EXPECT_EQ(5, config_->memoryLevel()); - EXPECT_EQ(30, config_->responseDirectionConfig().minimumLength()); - EXPECT_EQ(28, config_->windowBits()); - EXPECT_EQ(false, config_->responseDirectionConfig().disableOnEtagHeader()); - EXPECT_EQ(false, config_->responseDirectionConfig().removeAcceptEncodingHeader()); - EXPECT_EQ(Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Standard, - config_->compressionStrategy()); - EXPECT_EQ(Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Standard, - config_->compressionLevel()); - EXPECT_EQ(18, config_->responseDirectionConfig().contentTypeValues().size()); -} - -TEST_F(GzipFilterTest, AvailableCombinationCompressionStrategyAndLevelConfig) { - expectValidCompressionStrategyAndLevel( - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Filtered, "FILTERED", - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Best, "BEST"); - expectValidCompressionStrategyAndLevel( - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Huffman, "HUFFMAN", - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Best, "BEST"); - expectValidCompressionStrategyAndLevel( - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Rle, "RLE", - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Speed, "SPEED"); - expectValidCompressionStrategyAndLevel( - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionStrategy::Standard, "DEFAULT", - Compression::Gzip::Compressor::ZlibCompressorImpl::CompressionLevel::Standard, "DEFAULT"); -} - -// Acceptance Testing with default configuration. -TEST_F(GzipFilterTest, AcceptanceGzipEncoding) { - doRequest({{":method", "get"}, {"accept-encoding", "deflate, gzip"}}, false); - Http::MetadataMap metadata_map{{"metadata", "metadata"}}; - EXPECT_EQ(Http::FilterMetadataStatus::Continue, filter_->decodeMetadata(metadata_map)); - Buffer::OwnedImpl data("hello"); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->decodeData(data, false)); - Http::TestRequestTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(trailers)); - doResponseCompression({{":method", "get"}, {"content-length", "256"}}, false); -} - -TEST_F(GzipFilterTest, AcceptanceGzipEncodingWithTrailers) { - doRequest({{":method", "get"}, {"accept-encoding", "deflate, gzip"}}, false); - Buffer::OwnedImpl data("hello"); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->decodeData(data, false)); - Http::TestRequestTrailerMapImpl trailers; - EXPECT_EQ(Http::FilterTrailersStatus::Continue, filter_->decodeTrailers(trailers)); - doResponseCompression({{":method", "get"}, {"content-length", "256"}}, true); -} - -// Verifies that compression is skipped when cache-control header has no-transform value. -TEST_F(GzipFilterTest, HasCacheControlNoTransformNoCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip;q=0, deflate"}}, true); - doResponseNoCompression( - {{":method", "get"}, {"content-length", "256"}, {"cache-control", "no-transform"}}); -} - -// Verifies that compression is NOT skipped when cache-control header does NOT have no-transform -// value. -TEST_F(GzipFilterTest, HasCacheControlNoTransformCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip, deflate"}}, true); - doResponseCompression( - {{":method", "get"}, {"content-length", "256"}, {"cache-control", "no-cache"}}, false); -} - -// Verifies that compression is skipped when accept-encoding header is not allowed. -TEST_F(GzipFilterTest, AcceptEncodingNoCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip;q=0, deflate"}}, true); - doResponseNoCompression({{":method", "get"}, {"content-length", "256"}}); -} - -// Verifies that compression is NOT skipped when accept-encoding header is allowed. -TEST_F(GzipFilterTest, AcceptEncodingCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip, deflate"}}, true); - doResponseCompression({{":method", "get"}, {"content-length", "256"}}, false); -} - -// Verifies that compression is skipped when content-length header is NOT allowed. -TEST_F(GzipFilterTest, ContentLengthNoCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseNoCompression({{":method", "get"}, {"content-length", "10"}}); -} - -// Verifies that compression is NOT skipped when content-length header is allowed. -TEST_F(GzipFilterTest, ContentLengthCompression) { - setUpFilter(R"EOF({"compressor": {"content_length": 500}})EOF"); - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseCompression({{":method", "get"}, {"content-length", "1000"}}, false); -} - -// Verifies that compression is skipped when content-encoding header is NOT allowed. -TEST_F(GzipFilterTest, ContentTypeNoCompression) { - setUpFilter(R"EOF( - { - "compressor": { - "content_type": [ - "text/html", - "text/css", - "text/plain", - "application/javascript", - "application/json", - "font/eot", - "image/svg+xml" - ] - } - } - )EOF"); - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseNoCompression( - {{":method", "get"}, {"content-length", "256"}, {"content-type", "image/jpeg"}}); -} - -// Verifies that compression is NOT skipped when content-encoding header is allowed. -TEST_F(GzipFilterTest, ContentTypeCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseCompression({{":method", "get"}, - {"content-length", "256"}, - {"content-type", "application/json;charset=utf-8"}}, - false); -} - -// Verifies that compression is skipped when etag header is NOT allowed. -TEST_F(GzipFilterTest, EtagNoCompression) { - setUpFilter(R"EOF({"compressor": { "disable_on_etag_header": true }})EOF"); - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseNoCompression( - {{":method", "get"}, {"content-length", "256"}, {"etag", R"EOF(W/"686897696a7c876b7e")EOF"}}); - EXPECT_EQ(1, stats_.counter("test.gzip.not_compressed_etag").value()); -} - -// Verifies that compression is skipped when etag header is NOT allowed. -TEST_F(GzipFilterTest, EtagCompression) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - Http::TestResponseHeaderMapImpl headers{ - {":status", "200"}, {"content-length", "256"}, {"etag", "686897696a7c876b7e"}}; - feedBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_FALSE(headers.has("etag")); - EXPECT_EQ("gzip", headers.get_("content-encoding")); -} - -// Tests compression when Transfer-Encoding header exists. -TEST_F(GzipFilterTest, TransferEncodingChunked) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseCompression( - {{":method", "get"}, {"content-length", "256"}, {"transfer-encoding", "chunked"}}, false); -} - -// Tests compression when Transfer-Encoding header exists. -TEST_F(GzipFilterTest, AcceptanceTransferEncodingGzip) { - - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - doResponseNoCompression( - {{":method", "get"}, {"content-length", "256"}, {"transfer-encoding", "chunked, deflate"}}); -} - -// Content-Encoding: upstream response is already encoded. -TEST_F(GzipFilterTest, ContentEncodingAlreadyEncoded) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - Http::TestResponseHeaderMapImpl response_headers{ - {":method", "get"}, {"content-length", "256"}, {"content-encoding", "deflate, gzip"}}; - feedBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(response_headers, false)); - EXPECT_TRUE(response_headers.has("content-length")); - EXPECT_FALSE(response_headers.has("transfer-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, false)); -} - -// No compression when upstream response is empty. -TEST_F(GzipFilterTest, EmptyResponse) { - - Http::TestResponseHeaderMapImpl headers{{":status", "204"}}; - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, true)); - EXPECT_EQ("", headers.get_("content-length")); - EXPECT_EQ("", headers.get_("content-encoding")); - EXPECT_EQ(Http::FilterDataStatus::Continue, filter_->encodeData(data_, true)); -} - -// Filter should set Vary header value with `accept-encoding`. -TEST_F(GzipFilterTest, NoVaryHeader) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - Http::TestResponseHeaderMapImpl headers{{":status", "200"}, {"content-length", "256"}}; - feedBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_TRUE(headers.has("vary")); - EXPECT_EQ("Accept-Encoding", headers.get_("vary")); -} - -// Filter should set Vary header value with `accept-encoding` and preserve other values. -TEST_F(GzipFilterTest, VaryOtherValues) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - Http::TestResponseHeaderMapImpl headers{ - {":status", "200"}, {"content-length", "256"}, {"vary", "User-Agent, Cookie"}}; - feedBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_TRUE(headers.has("vary")); - EXPECT_EQ("User-Agent, Cookie, Accept-Encoding", headers.get_("vary")); -} - -// Vary header should have only one `accept-encoding`value. -TEST_F(GzipFilterTest, VaryAlreadyHasAcceptEncoding) { - doRequest({{":method", "get"}, {"accept-encoding", "gzip"}}, true); - Http::TestResponseHeaderMapImpl headers{ - {":status", "200"}, {"content-length", "256"}, {"vary", "accept-encoding"}}; - feedBuffer(256); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(headers, false)); - EXPECT_TRUE(headers.has("vary")); - EXPECT_EQ("accept-encoding, Accept-Encoding", headers.get_("vary")); -} - -// Verify removeAcceptEncoding header. -TEST_F(GzipFilterTest, RemoveAcceptEncodingHeader) { - { - Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, gzip, br"}}; - setUpFilter(R"EOF({"compressor": {"remove_accept_encoding_header": true}})EOF"); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); - EXPECT_FALSE(headers.has("accept-encoding")); - } - { - Http::TestRequestHeaderMapImpl headers = {{"accept-encoding", "deflate, gzip, br"}}; - setUpFilter("{}"); - EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, true)); - EXPECT_TRUE(headers.has("accept-encoding")); - EXPECT_EQ("deflate, gzip, br", headers.get_("accept-encoding")); - } -} - -// Test setting zlib's chunk size. -TEST_F(GzipFilterTest, ChunkSize) { - // Default - setUpFilter("{}"); - EXPECT_EQ(config_->chunkSize(), 4096); - - // Override - setUpFilter(R"EOF( -{ - "chunk_size": 8192 -} -)EOF"); - EXPECT_EQ(config_->chunkSize(), 8192); -} - -// Test that the deprecated extension name still functions. -TEST(GzipFilterConfigTest, DEPRECATED_FEATURE_TEST(DeprecatedExtensionFilterName)) { - const std::string deprecated_name = "envoy.gzip"; - - ASSERT_NE( - nullptr, - Registry::FactoryRegistry::getFactory( - deprecated_name)); -} - -// Test that the deprecated extension triggers an exception. -TEST(GzipFilterFactoryTest, DEPRECATED_FEATURE_TEST(TestCheckDeprecatedExtensionThrows)) { - NiceMock context; - GzipFilterFactory factory; - envoy::extensions::filters::http::gzip::v3::Gzip config; - - EXPECT_CALL( - context.runtime_loader_.snapshot_, - deprecatedFeatureEnabled("envoy.deprecated_features.allow_deprecated_gzip_http_filter", _)) - .WillRepeatedly(Return(false)); - - EXPECT_THROW_WITH_REGEX(factory.createFilterFactoryFromProto(config, "stats.", context), - EnvoyException, - "Using deprecated extension 'envoy.extensions.filters.http.gzip'.*"); -} - -// Test that the deprecated extension gives a deprecation warning. -TEST(GzipFilterFactoryTest, DEPRECATED_FEATURE_TEST(TestCheckDeprecatedExtensionWarns)) { - NiceMock context; - GzipFilterFactory factory; - envoy::extensions::filters::http::gzip::v3::Gzip config; - - EXPECT_CALL( - context.runtime_loader_.snapshot_, - deprecatedFeatureEnabled("envoy.deprecated_features.allow_deprecated_gzip_http_filter", _)) - .WillRepeatedly(Return(true)); - - EXPECT_NO_THROW(factory.createFilterFactoryFromProto(config, "stats.", context)); - - EXPECT_LOG_CONTAINS("warn", "Using deprecated extension 'envoy.extensions.filters.http.gzip'.", - factory.createFilterFactoryFromProto(config, "stats.", context)); -} - -} // namespace Gzip -} // namespace HttpFilters -} // namespace Extensions -} // namespace Envoy diff --git a/test/extensions/filters/http/header_to_metadata/config_test.cc b/test/extensions/filters/http/header_to_metadata/config_test.cc index 3b7771b4ce23..1bdabcc02a47 100644 --- a/test/extensions/filters/http/header_to_metadata/config_test.cc +++ b/test/extensions/filters/http/header_to_metadata/config_test.cc @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.validate.h" -#include "extensions/filters/http/header_to_metadata/config.h" -#include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" +#include "source/extensions/filters/http/header_to_metadata/config.h" +#include "source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/header_to_metadata/header_to_metadata_filter_test.cc b/test/extensions/filters/http/header_to_metadata/header_to_metadata_filter_test.cc index 9a88da9ee050..e22828878fe0 100644 --- a/test/extensions/filters/http/header_to_metadata/header_to_metadata_filter_test.cc +++ b/test/extensions/filters/http/header_to_metadata/header_to_metadata_filter_test.cc @@ -2,12 +2,10 @@ #include "envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.pb.h" -#include "common/common/base64.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/base64.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/http/header_to_metadata/header_to_metadata_filter.h" #include "test/mocks/http/mocks.h" #include "test/mocks/stream_info/mocks.h" @@ -138,7 +136,7 @@ TEST_F(HeaderToMetadataTest, PerRouteOverride) { TestUtility::loadFromYaml(request_config_yaml, config_proto); Config per_route_config(config_proto, true); EXPECT_CALL(decoder_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().HeaderToMetadata)) + perFilterConfig("envoy.filters.http.header_to_metadata")) .WillOnce(Return(&per_route_config)); EXPECT_CALL(decoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); @@ -164,7 +162,7 @@ TEST_F(HeaderToMetadataTest, ConfigIsCached) { TestUtility::loadFromYaml(request_config_yaml, config_proto); Config per_route_config(config_proto, true); EXPECT_CALL(decoder_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().HeaderToMetadata)) + perFilterConfig("envoy.filters.http.header_to_metadata")) .WillOnce(Return(&per_route_config)); EXPECT_TRUE(getConfig()->doRequest()); @@ -203,7 +201,7 @@ TEST_F(HeaderToMetadataTest, HeaderRemovedTest) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEq(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEq(expected))); Http::TestResponseHeaderMapImpl continue_response{{":status", "100"}}; EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encode100ContinueHeaders(continue_response)); @@ -235,7 +233,7 @@ TEST_F(HeaderToMetadataTest, NumberTypeTest) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEqNum(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEqNum(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); } @@ -260,7 +258,7 @@ TEST_F(HeaderToMetadataTest, StringTypeInBase64UrlTest) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEq(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEq(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); } @@ -297,7 +295,7 @@ TEST_F(HeaderToMetadataTest, ProtobufValueTypeInBase64UrlTest) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEqValue(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEqValue(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); } @@ -438,7 +436,7 @@ TEST_F(HeaderToMetadataTest, IgnoreHeaderValueUseConstant) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEq(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEq(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); EXPECT_EQ(empty_headers, incoming_headers); } @@ -679,7 +677,7 @@ TEST_F(HeaderToMetadataTest, CookieValueUsed) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEq(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEq(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); } @@ -702,7 +700,7 @@ TEST_F(HeaderToMetadataTest, IgnoreCookieValueUseConstant) { EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(req_info_)); EXPECT_CALL(req_info_, - setDynamicMetadata(HttpFilterNames::get().HeaderToMetadata, MapEq(expected))); + setDynamicMetadata("envoy.filters.http.header_to_metadata", MapEq(expected))); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->encodeHeaders(incoming_headers, false)); } diff --git a/test/extensions/filters/http/health_check/config_test.cc b/test/extensions/filters/http/health_check/config_test.cc index dcf4e37fb0c8..d3e697276fb2 100644 --- a/test/extensions/filters/http/health_check/config_test.cc +++ b/test/extensions/filters/http/health_check/config_test.cc @@ -4,7 +4,7 @@ #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.h" #include "envoy/extensions/filters/http/health_check/v3/health_check.pb.validate.h" -#include "extensions/filters/http/health_check/config.h" +#include "source/extensions/filters/http/health_check/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/health_check/health_check_test.cc b/test/extensions/filters/http/health_check/health_check_test.cc index 47693910d0cd..b61685e8d677 100644 --- a/test/extensions/filters/http/health_check/health_check_test.cc +++ b/test/extensions/filters/http/health_check/health_check_test.cc @@ -3,11 +3,10 @@ #include "envoy/config/route/v3/route_components.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/header_utility.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/filters/http/health_check/health_check.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/filters/http/health_check/health_check.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/upstream/cluster_info.h" diff --git a/test/extensions/filters/http/ip_tagging/ip_tagging_filter_test.cc b/test/extensions/filters/http/ip_tagging/ip_tagging_filter_test.cc index d6af41e9a4f2..a19ac094a9a8 100644 --- a/test/extensions/filters/http/ip_tagging/ip_tagging_filter_test.cc +++ b/test/extensions/filters/http/ip_tagging/ip_tagging_filter_test.cc @@ -2,11 +2,10 @@ #include "envoy/extensions/filters/http/ip_tagging/v3/ip_tagging.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" - -#include "extensions/filters/http/ip_tagging/ip_tagging_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/http/ip_tagging/ip_tagging_filter.h" #include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/filters/http/jwt_authn/BUILD b/test/extensions/filters/http/jwt_authn/BUILD index e750028c5816..e224b781035a 100644 --- a/test/extensions/filters/http/jwt_authn/BUILD +++ b/test/extensions/filters/http/jwt_authn/BUILD @@ -68,6 +68,17 @@ envoy_extension_cc_test( ], ) +envoy_extension_cc_test( + name = "jwks_async_fetcher_test", + srcs = ["jwks_async_fetcher_test.cc"], + extension_name = "envoy.filters.http.jwt_authn", + deps = [ + "//source/extensions/filters/http/jwt_authn:jwks_async_fetcher_lib", + "//test/extensions/filters/http/jwt_authn:test_common_lib", + "//test/mocks/server:factory_context_mocks", + ], +) + envoy_extension_cc_test( name = "filter_factory_test", srcs = ["filter_factory_test.cc"], @@ -89,8 +100,7 @@ envoy_extension_cc_test( "//source/extensions/filters/http/common:jwks_fetcher_lib", "//source/extensions/filters/http/jwt_authn:jwks_cache_lib", "//test/extensions/filters/http/jwt_authn:test_common_lib", - "//test/mocks/thread_local:thread_local_mocks", - "//test/test_common:simulated_time_system_lib", + "//test/mocks/server:factory_context_mocks", "//test/test_common:utility_lib", "@envoy_api//envoy/extensions/filters/http/jwt_authn/v3:pkg_cc_proto", ], @@ -102,10 +112,9 @@ envoy_extension_cc_test( extension_name = "envoy.filters.http.jwt_authn", deps = [ ":mock_lib", - "//source/common/common:base64_lib", "//source/extensions/filters/http/common:jwks_fetcher_lib", "//source/extensions/filters/http/jwt_authn:authenticator_lib", - "//source/extensions/filters/http/jwt_authn:filter_config_interface", + "//source/extensions/filters/http/jwt_authn:filter_config_lib", "//source/extensions/filters/http/jwt_authn:matchers_lib", "//test/extensions/filters/http/common:mock_lib", "//test/extensions/filters/http/jwt_authn:test_common_lib", @@ -171,7 +180,7 @@ envoy_extension_cc_test( deps = [ ":mock_lib", ":test_common_lib", - "//source/extensions/filters/http/jwt_authn:filter_config_interface", + "//source/extensions/filters/http/jwt_authn:filter_config_lib", "//source/extensions/filters/http/jwt_authn:matchers_lib", "//test/mocks/server:factory_context_mocks", "//test/test_common:utility_lib", diff --git a/test/extensions/filters/http/jwt_authn/all_verifier_test.cc b/test/extensions/filters/http/jwt_authn/all_verifier_test.cc index 55a4ed14cc67..b0f17d751e41 100644 --- a/test/extensions/filters/http/jwt_authn/all_verifier_test.cc +++ b/test/extensions/filters/http/jwt_authn/all_verifier_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "extensions/filters/http/jwt_authn/filter_config.h" -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "test/extensions/filters/http/jwt_authn/mock.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" diff --git a/test/extensions/filters/http/jwt_authn/authenticator_test.cc b/test/extensions/filters/http/jwt_authn/authenticator_test.cc index e45145eaea6c..f5cbb8a66e32 100644 --- a/test/extensions/filters/http/jwt_authn/authenticator_test.cc +++ b/test/extensions/filters/http/jwt_authn/authenticator_test.cc @@ -1,12 +1,11 @@ #include "envoy/config/core/v3/http_uri.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/http/message_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/common/jwks_fetcher.h" -#include "extensions/filters/http/jwt_authn/authenticator.h" -#include "extensions/filters/http/jwt_authn/filter_config.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/common/jwks_fetcher.h" +#include "source/extensions/filters/http/jwt_authn/authenticator.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" #include "test/extensions/filters/http/common/mock.h" #include "test/extensions/filters/http/jwt_authn/mock.h" @@ -108,6 +107,9 @@ TEST_F(AuthenticatorTest, TestOkJWTandCache) { // Verify the token is removed. EXPECT_FALSE(headers.has(Http::CustomHeaders::get().Authorization)); } + + EXPECT_EQ(1U, filter_config_->stats().jwks_fetch_success_.value()); + EXPECT_EQ(0U, filter_config_->stats().jwks_fetch_failed_.value()); } // This test verifies the Jwt is forwarded if "forward" flag is set. @@ -131,6 +133,9 @@ TEST_F(AuthenticatorTest, TestForwardJwt) { // Payload not set by default EXPECT_EQ(out_name_, ""); + + EXPECT_EQ(1U, filter_config_->stats().jwks_fetch_success_.value()); + EXPECT_EQ(0U, filter_config_->stats().jwks_fetch_failed_.value()); } // This test verifies the Jwt payload is set. @@ -181,6 +186,9 @@ TEST_F(AuthenticatorTest, TestWrongIssuer) { Http::TestRequestHeaderMapImpl headers{ {"Authorization", "Bearer " + std::string(OtherGoodToken)}}; expectVerifyStatus(Status::JwtUnknownIssuer, headers); + + EXPECT_EQ(0U, filter_config_->stats().jwks_fetch_success_.value()); + EXPECT_EQ(0U, filter_config_->stats().jwks_fetch_failed_.value()); } // Jwt "iss" is "other.com", "issuer" in JwtProvider is not specified, diff --git a/test/extensions/filters/http/jwt_authn/extractor_test.cc b/test/extensions/filters/http/jwt_authn/extractor_test.cc index 849d331f3880..b7dee6776f55 100644 --- a/test/extensions/filters/http/jwt_authn/extractor_test.cc +++ b/test/extensions/filters/http/jwt_authn/extractor_test.cc @@ -1,8 +1,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/jwt_authn/extractor.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/jwt_authn/extractor.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/jwt_authn/filter_config_test.cc b/test/extensions/filters/http/jwt_authn/filter_config_test.cc index f221bc089f77..c651c932e6db 100644 --- a/test/extensions/filters/http/jwt_authn/filter_config_test.cc +++ b/test/extensions/filters/http/jwt_authn/filter_config_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/router/string_accessor_impl.h" -#include "common/stream_info/filter_state_impl.h" - -#include "extensions/filters/http/jwt_authn/filter_config.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/common/stream_info/filter_state_impl.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/jwt_authn/filter_factory_test.cc b/test/extensions/filters/http/jwt_authn/filter_factory_test.cc index c9e3a406a1e0..5159fa09af7d 100644 --- a/test/extensions/filters/http/jwt_authn/filter_factory_test.cc +++ b/test/extensions/filters/http/jwt_authn/filter_factory_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.validate.h" -#include "extensions/filters/http/jwt_authn/filter_config.h" -#include "extensions/filters/http/jwt_authn/filter_factory.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" +#include "source/extensions/filters/http/jwt_authn/filter_factory.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/jwt_authn/filter_integration_test.cc b/test/extensions/filters/http/jwt_authn/filter_integration_test.cc index 7adac3450ce6..59b937dd8095 100644 --- a/test/extensions/filters/http/jwt_authn/filter_integration_test.cc +++ b/test/extensions/filters/http/jwt_authn/filter_integration_test.cc @@ -2,10 +2,8 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/router/string_accessor_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/router/string_accessor_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" @@ -73,7 +71,21 @@ std::string getAuthFilterConfig(const std::string& config_str, bool use_local_jw } HttpFilter filter; - filter.set_name(HttpFilterNames::get().JwtAuthn); + filter.set_name("envoy.filters.http.jwt_authn"); + filter.mutable_typed_config()->PackFrom(proto_config); + return MessageUtil::getJsonStringFromMessageOrDie(filter); +} + +std::string getAsyncFetchFilterConfig(const std::string& config_str, bool fast_listener) { + JwtAuthentication proto_config; + TestUtility::loadFromYaml(config_str, proto_config); + + auto& provider0 = (*proto_config.mutable_providers())[std::string(ProviderName)]; + auto* async_fetch = provider0.mutable_remote_jwks()->mutable_async_fetch(); + async_fetch->set_fast_listener(fast_listener); + + HttpFilter filter; + filter.set_name("envoy.filters.http.jwt_authn"); filter.mutable_typed_config()->PackFrom(proto_config); return MessageUtil::getJsonStringFromMessageOrDie(filter); } @@ -329,6 +341,18 @@ class RemoteJwksIntegrationTest : public HttpProtocolIntegrationTest { initialize(); } + void initializeAsyncFetchFilter(bool fast_listener) { + config_helper_.addFilter(getAsyncFetchFilterConfig(ExampleConfig, fast_listener)); + + config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { + auto* jwks_cluster = bootstrap.mutable_static_resources()->add_clusters(); + jwks_cluster->MergeFrom(bootstrap.static_resources().clusters()[0]); + jwks_cluster->set_name("pubkey_cluster"); + }); + + initialize(); + } + void waitForJwksResponse(const std::string& status, const std::string& jwks_body) { AssertionResult result = fake_upstreams_[1]->waitForHttpConnection(*dispatcher_, fake_jwks_connection_); @@ -448,6 +472,112 @@ TEST_P(RemoteJwksIntegrationTest, FetchFailedMissingCluster) { cleanup(); } +TEST_P(RemoteJwksIntegrationTest, WithGoodTokenAsyncFetch) { + on_server_init_function_ = [this]() { waitForJwksResponse("200", PublicKey); }; + initializeAsyncFetchFilter(false); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto response = codec_client_->makeHeaderOnlyRequest(Http::TestRequestHeaderMapImpl{ + {":method", "GET"}, + {":path", "/"}, + {":scheme", "http"}, + {":authority", "host"}, + {"Authorization", "Bearer " + std::string(GoodToken)}, + }); + + waitForNextUpstreamRequest(); + + const auto payload_entry = + upstream_request_->headers().get(Http::LowerCaseString("sec-istio-auth-userinfo")); + EXPECT_FALSE(payload_entry.empty()); + EXPECT_EQ(payload_entry[0]->value().getStringView(), ExpectedPayloadValue); + // Verify the token is removed. + EXPECT_TRUE(upstream_request_->headers().get(Http::CustomHeaders::get().Authorization).empty()); + + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}}, true); + + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + + cleanup(); +} + +TEST_P(RemoteJwksIntegrationTest, WithGoodTokenAsyncFetchFast) { + on_server_init_function_ = [this]() { waitForJwksResponse("200", PublicKey); }; + initializeAsyncFetchFilter(true); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto response = codec_client_->makeHeaderOnlyRequest(Http::TestRequestHeaderMapImpl{ + {":method", "GET"}, + {":path", "/"}, + {":scheme", "http"}, + {":authority", "host"}, + {"Authorization", "Bearer " + std::string(GoodToken)}, + }); + + waitForNextUpstreamRequest(); + + const auto payload_entry = + upstream_request_->headers().get(Http::LowerCaseString("sec-istio-auth-userinfo")); + EXPECT_FALSE(payload_entry.empty()); + EXPECT_EQ(payload_entry[0]->value().getStringView(), ExpectedPayloadValue); + // Verify the token is removed. + EXPECT_TRUE(upstream_request_->headers().get(Http::CustomHeaders::get().Authorization).empty()); + + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}}, true); + + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + + cleanup(); +} + +TEST_P(RemoteJwksIntegrationTest, WithFailedJwksAsyncFetch) { + on_server_init_function_ = [this]() { waitForJwksResponse("500", ""); }; + initializeAsyncFetchFilter(false); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto response = codec_client_->makeHeaderOnlyRequest(Http::TestRequestHeaderMapImpl{ + {":method", "GET"}, + {":path", "/"}, + {":scheme", "http"}, + {":authority", "host"}, + {"Authorization", "Bearer " + std::string(GoodToken)}, + }); + + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + EXPECT_EQ("401", response->headers().getStatusValue()); + + cleanup(); +} + +TEST_P(RemoteJwksIntegrationTest, WithFailedJwksAsyncFetchFast) { + on_server_init_function_ = [this]() { waitForJwksResponse("500", ""); }; + initializeAsyncFetchFilter(true); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto response = codec_client_->makeHeaderOnlyRequest(Http::TestRequestHeaderMapImpl{ + {":method", "GET"}, + {":path", "/"}, + {":scheme", "http"}, + {":authority", "host"}, + {"Authorization", "Bearer " + std::string(GoodToken)}, + }); + + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + EXPECT_EQ("401", response->headers().getStatusValue()); + + cleanup(); +} + class PerRouteIntegrationTest : public HttpProtocolIntegrationTest { public: void setup(const std::string& filter_config, const PerRouteConfig& per_route) { @@ -460,7 +590,7 @@ class PerRouteIntegrationTest : public HttpProtocolIntegrationTest { auto* virtual_host = hcm.mutable_route_config()->mutable_virtual_hosts(0); auto& per_route_any = (*virtual_host->mutable_routes(0) - ->mutable_typed_per_filter_config())[HttpFilterNames::get().JwtAuthn]; + ->mutable_typed_per_filter_config())["envoy.filters.http.jwt_authn"]; per_route_any.PackFrom(per_route); }); diff --git a/test/extensions/filters/http/jwt_authn/filter_test.cc b/test/extensions/filters/http/jwt_authn/filter_test.cc index 8983d94aafd2..325a37e51b10 100644 --- a/test/extensions/filters/http/jwt_authn/filter_test.cc +++ b/test/extensions/filters/http/jwt_authn/filter_test.cc @@ -1,7 +1,6 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "extensions/filters/http/jwt_authn/filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/extensions/filters/http/jwt_authn/filter.h" #include "test/extensions/filters/http/jwt_authn/mock.h" #include "test/test_common/utility.h" @@ -156,7 +155,7 @@ TEST_F(FilterTest, TestSetPayloadCall) { EXPECT_CALL(filter_callbacks_.stream_info_, setDynamicMetadata(_, _)) .WillOnce(Invoke([&payload](const std::string& ns, const ProtobufWkt::Struct& out_payload) { - EXPECT_EQ(ns, HttpFilterNames::get().JwtAuthn); + EXPECT_EQ(ns, "envoy.filters.http.jwt_authn"); EXPECT_TRUE(TestUtility::protoEqual(out_payload, payload)); })); @@ -351,7 +350,7 @@ TEST_F(FilterTest, TestNoRouteEnty) { TEST_F(FilterTest, TestNoPerRouteConfig) { EXPECT_CALL(filter_callbacks_, route()).WillOnce(Return(mock_route_)); // perFilterConfig return nullptr. - EXPECT_CALL(mock_route_->route_entry_, perFilterConfig(HttpFilterNames::get().JwtAuthn)) + EXPECT_CALL(mock_route_->route_entry_, perFilterConfig("envoy.filters.http.jwt_authn")) .WillOnce(Return(nullptr)); // Calling the findVerifier from filter config. @@ -371,7 +370,7 @@ TEST_F(FilterTest, TestNoPerRouteConfig) { // Test bypass requirement from per-route config TEST_F(FilterTest, TestPerRouteBypass) { EXPECT_CALL(filter_callbacks_, route()).WillOnce(Return(mock_route_)); - EXPECT_CALL(mock_route_->route_entry_, perFilterConfig(HttpFilterNames::get().JwtAuthn)) + EXPECT_CALL(mock_route_->route_entry_, perFilterConfig("envoy.filters.http.jwt_authn")) .WillOnce(Return(per_route_config_.get())); // findVerifier is not called. @@ -392,7 +391,7 @@ TEST_F(FilterTest, TestPerRouteBypass) { // Test per-route config with wrong requirement_name TEST_F(FilterTest, TestPerRouteWrongRequirementName) { EXPECT_CALL(filter_callbacks_, route()).WillOnce(Return(mock_route_)); - EXPECT_CALL(mock_route_->route_entry_, perFilterConfig(HttpFilterNames::get().JwtAuthn)) + EXPECT_CALL(mock_route_->route_entry_, perFilterConfig("envoy.filters.http.jwt_authn")) .WillOnce(Return(per_route_config_.get())); // findVerifier is not called. @@ -416,7 +415,7 @@ TEST_F(FilterTest, TestPerRouteWrongRequirementName) { // Test verifier from per-route config TEST_F(FilterTest, TestPerRouteVerifierOK) { EXPECT_CALL(filter_callbacks_, route()).WillOnce(Return(mock_route_)); - EXPECT_CALL(mock_route_->route_entry_, perFilterConfig(HttpFilterNames::get().JwtAuthn)) + EXPECT_CALL(mock_route_->route_entry_, perFilterConfig("envoy.filters.http.jwt_authn")) .WillOnce(Return(per_route_config_.get())); // findVerifier is not called. diff --git a/test/extensions/filters/http/jwt_authn/group_verifier_test.cc b/test/extensions/filters/http/jwt_authn/group_verifier_test.cc index 0ccbe3aac770..d68164e6ae11 100644 --- a/test/extensions/filters/http/jwt_authn/group_verifier_test.cc +++ b/test/extensions/filters/http/jwt_authn/group_verifier_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "test/extensions/filters/http/jwt_authn/mock.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" diff --git a/test/extensions/filters/http/jwt_authn/jwks_async_fetcher_test.cc b/test/extensions/filters/http/jwt_authn/jwks_async_fetcher_test.cc new file mode 100644 index 000000000000..7973c40f0579 --- /dev/null +++ b/test/extensions/filters/http/jwt_authn/jwks_async_fetcher_test.cc @@ -0,0 +1,248 @@ +#include "source/extensions/filters/http/jwt_authn/jwks_async_fetcher.h" + +#include "test/extensions/filters/http/jwt_authn/test_common.h" +#include "test/mocks/server/factory_context.h" + +using envoy::extensions::filters::http::jwt_authn::v3::RemoteJwks; +using Envoy::Extensions::HttpFilters::Common::JwksFetcher; +using Envoy::Extensions::HttpFilters::Common::JwksFetcherPtr; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace JwtAuthn { +namespace { + +JwtAuthnFilterStats generateMockStats(Stats::Scope& scope) { + return {ALL_JWT_AUTHN_FILTER_STATS(POOL_COUNTER_PREFIX(scope, ""))}; +} + +class MockJwksFetcher : public Common::JwksFetcher { +public: + using SaveJwksReceiverFn = std::function; + MockJwksFetcher(SaveJwksReceiverFn receiver_fn) : receiver_fn_(receiver_fn) {} + + void cancel() override {} + void fetch(const envoy::config::core::v3::HttpUri&, Tracing::Span&, + JwksReceiver& receiver) override { + receiver_fn_(receiver); + } + +private: + SaveJwksReceiverFn receiver_fn_; +}; + +// TestParam is for fast_listener, +class JwksAsyncFetcherTest : public testing::TestWithParam { +public: + JwksAsyncFetcherTest() : stats_(generateMockStats(context_.scope())) {} + + // init manager is used in is_slow_listener mode + bool initManagerUsed() const { + return config_.has_async_fetch() && !config_.async_fetch().fast_listener(); + } + + void setupAsyncFetcher(const std::string& config_str) { + TestUtility::loadFromYaml(config_str, config_); + if (config_.has_async_fetch()) { + // Param is for fast_listener, + if (GetParam()) { + config_.mutable_async_fetch()->set_fast_listener(true); + } + } + + if (initManagerUsed()) { + EXPECT_CALL(context_.init_manager_, add(_)) + .WillOnce(Invoke([this](const Init::Target& target) { + init_target_handle_ = target.createHandle("test"); + })); + } + + // if async_fetch is enabled, timer is created + if (config_.has_async_fetch()) { + timer_ = new NiceMock(&context_.dispatcher_); + expected_duration_ = JwksAsyncFetcher::getCacheDuration(config_); + } + + async_fetcher_ = std::make_unique( + config_, context_, + [this](Upstream::ClusterManager&) { + return std::make_unique( + [this](Common::JwksFetcher::JwksReceiver& receiver) { + fetch_receiver_array_.push_back(&receiver); + }); + }, + stats_, + [this](google::jwt_verify::JwksPtr&& jwks) { out_jwks_array_.push_back(std::move(jwks)); }); + + if (initManagerUsed()) { + init_target_handle_->initialize(init_watcher_); + } + } + + RemoteJwks config_; + JwksAsyncFetcherPtr async_fetcher_; + NiceMock context_; + JwtAuthnFilterStats stats_; + std::vector fetch_receiver_array_; + std::vector out_jwks_array_; + + Init::TargetHandlePtr init_target_handle_; + NiceMock init_watcher_; + Event::MockTimer* timer_{}; + std::chrono::milliseconds expected_duration_; +}; + +INSTANTIATE_TEST_SUITE_P(JwksAsyncFetcherTest, JwksAsyncFetcherTest, + testing::ValuesIn({false, true})); + +TEST_P(JwksAsyncFetcherTest, TestNotAsyncFetch) { + const char config[] = R"( + http_uri: + uri: https://pubkey_server/pubkey_path + cluster: pubkey_cluster +)"; + + setupAsyncFetcher(config); + // fetch is not called + EXPECT_EQ(fetch_receiver_array_.size(), 0); + // Not Jwks output + EXPECT_EQ(out_jwks_array_.size(), 0); + // init_watcher ready is not called. + init_watcher_.expectReady().Times(0); + + EXPECT_EQ(0U, stats_.jwks_fetch_success_.value()); + EXPECT_EQ(0U, stats_.jwks_fetch_failed_.value()); +} + +TEST_P(JwksAsyncFetcherTest, TestGoodFetch) { + const char config[] = R"( + http_uri: + uri: https://pubkey_server/pubkey_path + cluster: pubkey_cluster + async_fetch: {} +)"; + + setupAsyncFetcher(config); + // Jwks response is not received yet + EXPECT_EQ(out_jwks_array_.size(), 0); + + if (initManagerUsed()) { + // Verify ready is not called. + init_watcher_.expectReady().Times(0); + EXPECT_TRUE(::testing::Mock::VerifyAndClearExpectations(&init_watcher_)); + init_watcher_.expectReady(); + } + + // Trigger the Jwks response + EXPECT_EQ(fetch_receiver_array_.size(), 1); + auto jwks = google::jwt_verify::Jwks::createFrom(PublicKey, google::jwt_verify::Jwks::JWKS); + fetch_receiver_array_[0]->onJwksSuccess(std::move(jwks)); + + // Output 1 jwks. + EXPECT_EQ(out_jwks_array_.size(), 1); + + EXPECT_EQ(1U, stats_.jwks_fetch_success_.value()); + EXPECT_EQ(0U, stats_.jwks_fetch_failed_.value()); +} + +TEST_P(JwksAsyncFetcherTest, TestNetworkFailureFetch) { + const char config[] = R"( + http_uri: + uri: https://pubkey_server/pubkey_path + cluster: pubkey_cluster + async_fetch: {} +)"; + + // Just start the Jwks fetch call + setupAsyncFetcher(config); + // Jwks response is not received yet + EXPECT_EQ(out_jwks_array_.size(), 0); + + if (initManagerUsed()) { + // Verify ready is not called. + init_watcher_.expectReady().Times(0); + EXPECT_TRUE(::testing::Mock::VerifyAndClearExpectations(&init_watcher_)); + // Verify ready is called. + init_watcher_.expectReady(); + } + + // Trigger the Jwks response + EXPECT_EQ(fetch_receiver_array_.size(), 1); + fetch_receiver_array_[0]->onJwksError(Common::JwksFetcher::JwksReceiver::Failure::Network); + + // Output 0 jwks. + EXPECT_EQ(out_jwks_array_.size(), 0); + + EXPECT_EQ(0U, stats_.jwks_fetch_success_.value()); + EXPECT_EQ(1U, stats_.jwks_fetch_failed_.value()); +} + +TEST_P(JwksAsyncFetcherTest, TestGoodFetchAndRefresh) { + const char config[] = R"( + http_uri: + uri: https://pubkey_server/pubkey_path + cluster: pubkey_cluster + async_fetch: {} +)"; + + setupAsyncFetcher(config); + // Initial fetch is successful + EXPECT_EQ(fetch_receiver_array_.size(), 1); + auto jwks = google::jwt_verify::Jwks::createFrom(PublicKey, google::jwt_verify::Jwks::JWKS); + fetch_receiver_array_[0]->onJwksSuccess(std::move(jwks)); + + // Output 1 jwks. + EXPECT_EQ(out_jwks_array_.size(), 1); + + // Expect refresh timer is enabled. + EXPECT_CALL(*timer_, enableTimer(expected_duration_, nullptr)); + timer_->invokeCallback(); + + // refetch again after cache duration interval: successful. + EXPECT_EQ(fetch_receiver_array_.size(), 2); + auto jwks1 = google::jwt_verify::Jwks::createFrom(PublicKey, google::jwt_verify::Jwks::JWKS); + fetch_receiver_array_[1]->onJwksSuccess(std::move(jwks1)); + + // Output 2 jwks. + EXPECT_EQ(out_jwks_array_.size(), 2); + EXPECT_EQ(2U, stats_.jwks_fetch_success_.value()); + EXPECT_EQ(0U, stats_.jwks_fetch_failed_.value()); +} + +TEST_P(JwksAsyncFetcherTest, TestNetworkFailureFetchAndRefresh) { + const char config[] = R"( + http_uri: + uri: https://pubkey_server/pubkey_path + cluster: pubkey_cluster + async_fetch: {} +)"; + + // Just start the Jwks fetch call + setupAsyncFetcher(config); + // first fetch: network failure. + EXPECT_EQ(fetch_receiver_array_.size(), 1); + fetch_receiver_array_[0]->onJwksError(Common::JwksFetcher::JwksReceiver::Failure::Network); + + // Output 0 jwks. + EXPECT_EQ(out_jwks_array_.size(), 0); + + // Expect refresh timer is enabled. + EXPECT_CALL(*timer_, enableTimer(expected_duration_, nullptr)); + timer_->invokeCallback(); + + // refetch again after cache duration interval: network failure. + EXPECT_EQ(fetch_receiver_array_.size(), 2); + fetch_receiver_array_[1]->onJwksError(Common::JwksFetcher::JwksReceiver::Failure::Network); + + // Output 0 jwks. + EXPECT_EQ(out_jwks_array_.size(), 0); + EXPECT_EQ(0U, stats_.jwks_fetch_success_.value()); + EXPECT_EQ(2U, stats_.jwks_fetch_failed_.value()); +} + +} // namespace +} // namespace JwtAuthn +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/jwt_authn/jwks_cache_test.cc b/test/extensions/filters/http/jwt_authn/jwks_cache_test.cc index a0fcdde765c1..1c98f2ec7606 100644 --- a/test/extensions/filters/http/jwt_authn/jwks_cache_test.cc +++ b/test/extensions/filters/http/jwt_authn/jwks_cache_test.cc @@ -3,18 +3,17 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/protobuf/utility.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/http/jwt_authn/jwks_cache.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/http/jwt_authn/jwks_cache.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" -#include "test/mocks/thread_local/mocks.h" -#include "test/test_common/simulated_time_system.h" +#include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" using envoy::extensions::filters::http::jwt_authn::v3::JwtAuthentication; using ::google::jwt_verify::Status; +using ::testing::MockFunction; namespace Envoy { namespace Extensions { @@ -22,25 +21,32 @@ namespace HttpFilters { namespace JwtAuthn { namespace { +JwtAuthnFilterStats generateMockStats(Stats::Scope& scope) { + return {ALL_JWT_AUTHN_FILTER_STATS(POOL_COUNTER_PREFIX(scope, ""))}; +} + class JwksCacheTest : public testing::Test { protected: - JwksCacheTest() : api_(Api::createApiForTest()) {} + JwksCacheTest() : stats_(generateMockStats(context_.scope())) {} + void SetUp() override { + // fetcher is only called at async_fetch. In this test, it is never called. + EXPECT_CALL(mock_fetcher_, Call(_)).Times(0); setupCache(ExampleConfig); jwks_ = google::jwt_verify::Jwks::createFrom(PublicKey, google::jwt_verify::Jwks::JWKS); } void setupCache(const std::string& config_str) { TestUtility::loadFromYaml(config_str, config_); - cache_ = JwksCache::create(config_, time_system_, *api_, tls_); + cache_ = JwksCache::create(config_, context_, mock_fetcher_.AsStdFunction(), stats_); } - Event::SimulatedTimeSystem time_system_; JwtAuthentication config_; JwksCachePtr cache_; google::jwt_verify::JwksPtr jwks_; - Api::ApiPtr api_; - ::testing::NiceMock tls_; + MockFunction mock_fetcher_; + NiceMock context_; + JwtAuthnFilterStats stats_; }; // Test findByProvider @@ -84,7 +90,7 @@ TEST_F(JwksCacheTest, TestSetRemoteJwks) { auto& provider0 = (*config_.mutable_providers())[std::string(ProviderName)]; // Set cache_duration to 1 second to test expiration provider0.mutable_remote_jwks()->mutable_cache_duration()->set_seconds(1); - cache_ = JwksCache::create(config_, time_system_, *api_, tls_); + cache_ = JwksCache::create(config_, context_, mock_fetcher_.AsStdFunction(), stats_); auto jwks = cache_->findByIssuer("https://example.com"); EXPECT_TRUE(jwks->getJwksObj() == nullptr); @@ -94,7 +100,7 @@ TEST_F(JwksCacheTest, TestSetRemoteJwks) { EXPECT_FALSE(jwks->isExpired()); // cache duration is 1 second, sleep two seconds to expire it - time_system_.advanceTimeWait(std::chrono::seconds(2)); + context_.time_system_.advanceTimeWait(std::chrono::seconds(2)); EXPECT_TRUE(jwks->isExpired()); } @@ -103,7 +109,7 @@ TEST_F(JwksCacheTest, TestSetRemoteJwksWithDefaultCacheDuration) { auto& provider0 = (*config_.mutable_providers())[std::string(ProviderName)]; // Clear cache_duration to use default one. provider0.mutable_remote_jwks()->clear_cache_duration(); - cache_ = JwksCache::create(config_, time_system_, *api_, tls_); + cache_ = JwksCache::create(config_, context_, mock_fetcher_.AsStdFunction(), stats_); auto jwks = cache_->findByIssuer("https://example.com"); EXPECT_TRUE(jwks->getJwksObj() == nullptr); @@ -120,7 +126,7 @@ TEST_F(JwksCacheTest, TestGoodInlineJwks) { auto local_jwks = provider0.mutable_local_jwks(); local_jwks->set_inline_string(PublicKey); - cache_ = JwksCache::create(config_, time_system_, *api_, tls_); + cache_ = JwksCache::create(config_, context_, mock_fetcher_.AsStdFunction(), stats_); auto jwks = cache_->findByIssuer("https://example.com"); EXPECT_FALSE(jwks->getJwksObj() == nullptr); @@ -134,7 +140,7 @@ TEST_F(JwksCacheTest, TestBadInlineJwks) { auto local_jwks = provider0.mutable_local_jwks(); local_jwks->set_inline_string("BAD-JWKS"); - cache_ = JwksCache::create(config_, time_system_, *api_, tls_); + cache_ = JwksCache::create(config_, context_, mock_fetcher_.AsStdFunction(), stats_); auto jwks = cache_->findByIssuer("https://example.com"); EXPECT_TRUE(jwks->getJwksObj() == nullptr); diff --git a/test/extensions/filters/http/jwt_authn/matcher_test.cc b/test/extensions/filters/http/jwt_authn/matcher_test.cc index 78dfabecd733..3718832e8023 100644 --- a/test/extensions/filters/http/jwt_authn/matcher_test.cc +++ b/test/extensions/filters/http/jwt_authn/matcher_test.cc @@ -1,8 +1,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/jwt_authn/matcher.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/jwt_authn/matcher.h" #include "test/extensions/filters/http/jwt_authn/mock.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" @@ -40,25 +39,6 @@ TEST_F(MatcherTest, TestMatchPrefix) { EXPECT_FALSE(matcher->matches(headers)); } -TEST_F(MatcherTest, TestMatchRegex) { - TestDeprecatedV2Api _deprecated_v2_api; - const char config[] = R"(match: - regex: "/[^c][au]t")"; - RequirementRule rule; - TestUtility::loadFromYaml(config, rule); - MatcherConstPtr matcher = Matcher::create(rule); - auto headers = TestRequestHeaderMapImpl{{":path", "/but"}}; - EXPECT_TRUE(matcher->matches(headers)); - headers = TestRequestHeaderMapImpl{{":path", "/mat?ok=bye"}}; - EXPECT_TRUE(matcher->matches(headers)); - headers = TestRequestHeaderMapImpl{{":path", "/maut"}}; - EXPECT_FALSE(matcher->matches(headers)); - headers = TestRequestHeaderMapImpl{{":path", "/cut"}}; - EXPECT_FALSE(matcher->matches(headers)); - headers = TestRequestHeaderMapImpl{{":path", "/mut/"}}; - EXPECT_FALSE(matcher->matches(headers)); -} - TEST_F(MatcherTest, TestMatchSafeRegex) { const char config[] = R"( match: diff --git a/test/extensions/filters/http/jwt_authn/mock.h b/test/extensions/filters/http/jwt_authn/mock.h index bf06cd0b2f19..a4924033d458 100644 --- a/test/extensions/filters/http/jwt_authn/mock.h +++ b/test/extensions/filters/http/jwt_authn/mock.h @@ -2,10 +2,9 @@ #include -#include "common/http/message_impl.h" - -#include "extensions/filters/http/jwt_authn/authenticator.h" -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/common/http/message_impl.h" +#include "source/extensions/filters/http/jwt_authn/authenticator.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "test/mocks/upstream/cluster_manager.h" diff --git a/test/extensions/filters/http/jwt_authn/provider_verifier_test.cc b/test/extensions/filters/http/jwt_authn/provider_verifier_test.cc index becc7e3daa83..bdf518ea2c7b 100644 --- a/test/extensions/filters/http/jwt_authn/provider_verifier_test.cc +++ b/test/extensions/filters/http/jwt_authn/provider_verifier_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/jwt_authn/v3/config.pb.h" -#include "extensions/filters/http/jwt_authn/filter_config.h" -#include "extensions/filters/http/jwt_authn/verifier.h" +#include "source/extensions/filters/http/jwt_authn/filter_config.h" +#include "source/extensions/filters/http/jwt_authn/verifier.h" #include "test/extensions/filters/http/jwt_authn/mock.h" #include "test/extensions/filters/http/jwt_authn/test_common.h" diff --git a/test/extensions/filters/http/jwt_authn/test_common.h b/test/extensions/filters/http/jwt_authn/test_common.h index b8e070c42685..0f2478ee2a73 100644 --- a/test/extensions/filters/http/jwt_authn/test_common.h +++ b/test/extensions/filters/http/jwt_authn/test_common.h @@ -176,7 +176,7 @@ const char OtherGoodToken[] = // Expected base64 payload value. const char ExpectedPayloadValue[] = "eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tIiwic3ViIjoidGVzdEBleGFtcG" "xlLmNvbSIsImV4cCI6MjAwMTAwMTAwMSwiYXVkIjoiZXhhbXBsZV9zZXJ2" - "aWNlIn0="; + "aWNlIn0"; // Base64 decoded Payload JSON const char ExpectedPayloadJSON[] = R"( diff --git a/test/extensions/filters/http/kill_request/BUILD b/test/extensions/filters/http/kill_request/BUILD index 0d724b113f11..401c2f5f806c 100644 --- a/test/extensions/filters/http/kill_request/BUILD +++ b/test/extensions/filters/http/kill_request/BUILD @@ -17,9 +17,8 @@ envoy_extension_cc_test( srcs = ["kill_request_filter_test.cc"], extension_name = "envoy.filters.http.kill_request", deps = [ - "//include/envoy/http:metadata_interface", + "//envoy/http:metadata_interface", "//source/common/buffer:buffer_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/kill_request:kill_request_filter_lib", "//test/mocks:common_lib", "//test/mocks/http:http_mocks", diff --git a/test/extensions/filters/http/kill_request/crash_integration_test.cc b/test/extensions/filters/http/kill_request/crash_integration_test.cc index 63da02012849..ec68ab95e298 100644 --- a/test/extensions/filters/http/kill_request/crash_integration_test.cc +++ b/test/extensions/filters/http/kill_request/crash_integration_test.cc @@ -65,7 +65,7 @@ TEST_P(CrashIntegrationTestAllProtocols, UnwindsTrackedObjectStack) { // - ActiveStream // - Http(1|2)::ConnectionImpl // - Network::ConnectionImpl - const std::string death_string = GetParam().downstream_protocol == Http::CodecClient::Type::HTTP2 + const std::string death_string = GetParam().downstream_protocol == Http::CodecType::HTTP2 ? "ActiveStream.*Http2::ConnectionImpl.*ConnectionImpl" : "ActiveStream.*Http1::ConnectionImpl.*ConnectionImpl"; EXPECT_DEATH(sendRequestAndWaitForResponse(request_headers, 0, default_response_headers_, 1024), diff --git a/test/extensions/filters/http/kill_request/kill_request_config_test.cc b/test/extensions/filters/http/kill_request/kill_request_config_test.cc index f4f6a62aab64..af20c428f1e9 100644 --- a/test/extensions/filters/http/kill_request/kill_request_config_test.cc +++ b/test/extensions/filters/http/kill_request/kill_request_config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/kill_request/v3/kill_request.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "extensions/filters/http/kill_request/kill_request_config.h" +#include "source/extensions/filters/http/kill_request/kill_request_config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/kill_request/kill_request_filter_test.cc b/test/extensions/filters/http/kill_request/kill_request_filter_test.cc index 581bfa0d3486..e804788142b6 100644 --- a/test/extensions/filters/http/kill_request/kill_request_filter_test.cc +++ b/test/extensions/filters/http/kill_request/kill_request_filter_test.cc @@ -2,10 +2,8 @@ #include "envoy/http/metadata_interface.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/kill_request/kill_request_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/kill_request/kill_request_filter.h" #include "test/mocks/common.h" #include "test/mocks/http/mocks.h" @@ -102,7 +100,7 @@ TEST_F(KillRequestFilterTest, KillRequestEnabledFromRouteLevelConfiguration) { ON_CALL(random_generator_, random()).WillByDefault(Return(0)); ON_CALL(decoder_filter_callbacks_.route_->route_entry_, - perFilterConfig(Extensions::HttpFilters::HttpFilterNames::get().KillRequest)) + perFilterConfig("envoy.filters.http.kill_request")) .WillByDefault(Return(&kill_settings)); EXPECT_DEATH(filter_->decodeHeaders(request_headers_, false), ""); } @@ -117,7 +115,7 @@ TEST_F(KillRequestFilterTest, KillRequestDisabledRouteLevelConfiguration) { ON_CALL(random_generator_, random()).WillByDefault(Return(0)); ON_CALL(decoder_filter_callbacks_.route_->route_entry_, - perFilterConfig(Extensions::HttpFilters::HttpFilterNames::get().KillRequest)) + perFilterConfig("envoy.filters.http.kill_request")) .WillByDefault(Return(nullptr)); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_, false)); } @@ -209,6 +207,24 @@ TEST_F(KillRequestFilterTest, KillsBasedOnDirection) { "KillRequestFilter is crashing Envoy!!!"); } +TEST_F(KillRequestFilterTest, PerRouteKillSettingFound) { + envoy::extensions::filters::http::kill_request::v3::KillRequest kill_request; + setUpTest(kill_request); + request_headers_.addCopy("x-envoy-kill-request", "true"); + + envoy::extensions::filters::http::kill_request::v3::KillRequest route_level_kill_request; + // Set probability to zero to make isKillRequestEnabled return false + route_level_kill_request.mutable_probability()->set_numerator(0); + route_level_kill_request.set_kill_request_header("x-custom-kill-request"); + + // Return valid kill setting on the REQUEST direction + const KillSettings kill_settings(route_level_kill_request); + ON_CALL(decoder_filter_callbacks_.route_->route_entry_, + perFilterConfig("envoy.filters.http.kill_request")) + .WillByDefault(Return(&kill_settings)); + ASSERT_EQ(filter_->decodeHeaders(request_headers_, false), Http::FilterHeadersStatus::Continue); +} + } // namespace } // namespace KillRequest } // namespace HttpFilters diff --git a/test/extensions/filters/http/local_ratelimit/BUILD b/test/extensions/filters/http/local_ratelimit/BUILD index 0aeca92a857a..a94574987830 100644 --- a/test/extensions/filters/http/local_ratelimit/BUILD +++ b/test/extensions/filters/http/local_ratelimit/BUILD @@ -33,3 +33,13 @@ envoy_extension_cc_test( "//test/mocks/server:server_mocks", ], ) + +envoy_extension_cc_test( + name = "local_ratelimit_integration_test", + srcs = ["local_ratelimit_integration_test.cc"], + extension_name = "envoy.filters.http.local_ratelimit", + deps = [ + "//source/extensions/filters/http/local_ratelimit:config", + "//test/integration:http_protocol_integration_lib", + ], +) diff --git a/test/extensions/filters/http/local_ratelimit/config_test.cc b/test/extensions/filters/http/local_ratelimit/config_test.cc index 55cc18229969..d10e3963d998 100644 --- a/test/extensions/filters/http/local_ratelimit/config_test.cc +++ b/test/extensions/filters/http/local_ratelimit/config_test.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/http/local_ratelimit/config.h" -#include "extensions/filters/http/local_ratelimit/local_ratelimit.h" +#include "source/extensions/filters/http/local_ratelimit/config.h" +#include "source/extensions/filters/http/local_ratelimit/local_ratelimit.h" #include "test/mocks/server/mocks.h" diff --git a/test/extensions/filters/http/local_ratelimit/filter_test.cc b/test/extensions/filters/http/local_ratelimit/filter_test.cc index cd9b6ec84f7b..939cebf025ba 100644 --- a/test/extensions/filters/http/local_ratelimit/filter_test.cc +++ b/test/extensions/filters/http/local_ratelimit/filter_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.pb.h" -#include "extensions/filters/http/local_ratelimit/local_ratelimit.h" +#include "source/extensions/filters/http/local_ratelimit/local_ratelimit.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" @@ -39,7 +39,12 @@ stat_prefix: test header: key: x-local-ratelimited value: 'true' +local_rate_limit_per_downstream_connection: {} )"; +// '{}' used in the yaml config above are position dependent placeholders used for substitutions. +// Different test cases toggle functionality based on these positional placeholder variables +// For instance, fmt::format(config_yaml, "1", "false") substitutes '1' and 'false' for 'max_tokens' +// and 'local_rate_limit_per_downstream_connection' configurations, respectively. class FilterTest : public testing::Test { public: @@ -58,12 +63,18 @@ class FilterTest : public testing::Test { testing::Matcher(Percent(100)))) .WillRepeatedly(testing::Return(enforced)); + ON_CALL(decoder_callbacks_, dispatcher()).WillByDefault(ReturnRef(dispatcher_)); + ON_CALL(decoder_callbacks_2_, dispatcher()).WillByDefault(ReturnRef(dispatcher_)); + envoy::extensions::filters::http::local_ratelimit::v3::LocalRateLimit config; TestUtility::loadFromYaml(yaml, config); config_ = std::make_shared(config, local_info_, dispatcher_, stats_, runtime_, per_route); filter_ = std::make_shared(config_); filter_->setDecoderFilterCallbacks(decoder_callbacks_); + + filter_2_ = std::make_shared(config_); + filter_2_->setDecoderFilterCallbacks(decoder_callbacks_2_); } void setup(const std::string& yaml, const bool enabled = true, const bool enforced = true) { setupPerRoute(yaml, enabled, enforced); @@ -78,25 +89,27 @@ class FilterTest : public testing::Test { Stats::IsolatedStoreImpl stats_; testing::NiceMock decoder_callbacks_; + testing::NiceMock decoder_callbacks_2_; NiceMock dispatcher_; NiceMock runtime_; NiceMock local_info_; std::shared_ptr config_; std::shared_ptr filter_; + std::shared_ptr filter_2_; }; TEST_F(FilterTest, Runtime) { - setup(fmt::format(config_yaml, "1"), false, false); + setup(fmt::format(config_yaml, "1", "false"), false, false); EXPECT_EQ(&runtime_, &(config_->runtime())); } TEST_F(FilterTest, ToErrorCode) { - setup(fmt::format(config_yaml, "1"), false, false); + setup(fmt::format(config_yaml, "1", "false"), false, false); EXPECT_EQ(Http::Code::BadRequest, toErrorCode(400)); } TEST_F(FilterTest, Disabled) { - setup(fmt::format(config_yaml, "1"), false, false); + setup(fmt::format(config_yaml, "1", "false"), false, false); auto headers = Http::TestRequestHeaderMapImpl(); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, false)); EXPECT_EQ(0U, findCounter("test.http_local_rate_limit.enabled")); @@ -104,18 +117,31 @@ TEST_F(FilterTest, Disabled) { } TEST_F(FilterTest, RequestOk) { - setup(fmt::format(config_yaml, "1")); + setup(fmt::format(config_yaml, "1", "false")); auto headers = Http::TestRequestHeaderMapImpl(); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, false)); - EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.enabled")); - EXPECT_EQ(0U, findCounter("test.http_local_rate_limit.enforced")); + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_2_->decodeHeaders(headers, false)); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.enabled")); + EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.enforced")); EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.ok")); + EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.rate_limited")); +} + +TEST_F(FilterTest, RequestOkPerConnection) { + setup(fmt::format(config_yaml, "1", "true")); + auto headers = Http::TestRequestHeaderMapImpl(); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_2_->decodeHeaders(headers, false)); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.enabled")); + EXPECT_EQ(0U, findCounter("test.http_local_rate_limit.enforced")); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.ok")); + EXPECT_EQ(0U, findCounter("test.http_local_rate_limit.rate_limited")); } TEST_F(FilterTest, RequestRateLimited) { - setup(fmt::format(config_yaml, "0")); + setup(fmt::format(config_yaml, "1", "false")); - EXPECT_CALL(decoder_callbacks_, sendLocalReply(Http::Code::TooManyRequests, _, _, _, _)) + EXPECT_CALL(decoder_callbacks_2_, sendLocalReply(Http::Code::TooManyRequests, _, _, _, _)) .WillOnce(Invoke([](Http::Code code, absl::string_view body, std::function modify_headers, const absl::optional grpc_status, @@ -136,16 +162,61 @@ TEST_F(FilterTest, RequestRateLimited) { auto request_headers = Http::TestRequestHeaderMapImpl(); auto expected_headers = Http::TestRequestHeaderMapImpl(); - EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, - filter_->decodeHeaders(request_headers, false)); EXPECT_EQ(request_headers, expected_headers); - EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.enabled")); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, + filter_2_->decodeHeaders(request_headers, false)); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.enabled")); EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.enforced")); + EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.ok")); EXPECT_EQ(1U, findCounter("test.http_local_rate_limit.rate_limited")); } +/* +This test sets 'local_rate_limit_per_downstream_connection' to true. Doing this enables per +connection rate limiting and even though 'max_token' is set to 1, it allows 2 requests to go through +- one on each connection. This is in contrast to the 'RequestOk' test above where only 1 request is +allowed (across the process) for the same configuration. +*/ +TEST_F(FilterTest, RequestRateLimitedPerConnection) { + setup(fmt::format(config_yaml, "1", "true")); + + EXPECT_CALL(decoder_callbacks_, sendLocalReply(Http::Code::TooManyRequests, _, _, _, _)) + .WillOnce(Invoke([](Http::Code code, absl::string_view body, + std::function modify_headers, + const absl::optional grpc_status, + absl::string_view details) { + EXPECT_EQ(Http::Code::TooManyRequests, code); + EXPECT_EQ("local_rate_limited", body); + + Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}}; + modify_headers(response_headers); + EXPECT_EQ("true", response_headers.get(Http::LowerCaseString("x-test-rate-limit"))[0] + ->value() + .getStringView()); + + EXPECT_EQ(grpc_status, absl::nullopt); + EXPECT_EQ(details, "local_rate_limited"); + })); + + auto request_headers = Http::TestRequestHeaderMapImpl(); + auto expected_headers = Http::TestRequestHeaderMapImpl(); + + EXPECT_EQ(request_headers, expected_headers); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, + filter_->decodeHeaders(request_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_2_->decodeHeaders(request_headers, false)); + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, + filter_2_->decodeHeaders(request_headers, false)); + EXPECT_EQ(4U, findCounter("test.http_local_rate_limit.enabled")); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.enforced")); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.ok")); + EXPECT_EQ(2U, findCounter("test.http_local_rate_limit.rate_limited")); +} + TEST_F(FilterTest, RequestRateLimitedButNotEnforced) { - setup(fmt::format(config_yaml, "0"), true, false); + setup(fmt::format(config_yaml, "0", "false"), true, false); EXPECT_CALL(decoder_callbacks_, sendLocalReply(Http::Code::TooManyRequests, _, _, _, _)).Times(0); @@ -181,6 +252,7 @@ stat_prefix: test header: key: x-test-rate-limit value: 'true' +local_rate_limit_per_downstream_connection: true descriptors: - entries: - key: hello diff --git a/test/extensions/filters/http/local_ratelimit/local_ratelimit_integration_test.cc b/test/extensions/filters/http/local_ratelimit/local_ratelimit_integration_test.cc new file mode 100644 index 000000000000..06a8b0ca1b3f --- /dev/null +++ b/test/extensions/filters/http/local_ratelimit/local_ratelimit_integration_test.cc @@ -0,0 +1,136 @@ +#include "test/integration/http_protocol_integration.h" + +#include "gtest/gtest.h" + +namespace Envoy { +namespace { + +class LocalRateLimitFilterIntegrationTest : public Event::TestUsingSimulatedTime, + public HttpProtocolIntegrationTest { +protected: + void initializeFilter(const std::string& filter_config) { + config_helper_.addFilter(filter_config); + initialize(); + } + + const std::string filter_config_ = + R"EOF( +name: envoy.filters.http.local_ratelimit +typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit + stat_prefix: http_local_rate_limiter + token_bucket: + max_tokens: 1 + tokens_per_fill: 1 + fill_interval: 1000s + filter_enabled: + runtime_key: local_rate_limit_enabled + default_value: + numerator: 100 + denominator: HUNDRED + filter_enforced: + runtime_key: local_rate_limit_enforced + default_value: + numerator: 100 + denominator: HUNDRED + response_headers_to_add: + - append: false + header: + key: x-local-rate-limit + value: 'true' + local_rate_limit_per_downstream_connection: {} +)EOF"; +}; + +INSTANTIATE_TEST_SUITE_P(Protocols, LocalRateLimitFilterIntegrationTest, + testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams()), + HttpProtocolIntegrationTest::protocolTestParamsToString); + +TEST_P(LocalRateLimitFilterIntegrationTest, DenyRequestPerProcess) { + initializeFilter(fmt::format(filter_config_, "false")); + + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, 1); + + ASSERT_TRUE(response->waitForEndStream()); + + EXPECT_TRUE(upstream_request_->complete()); + EXPECT_EQ(0U, upstream_request_->bodyLength()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + EXPECT_EQ(0, response->body().size()); + + cleanupUpstreamAndDownstream(); + + codec_client_ = makeHttpConnection(lookupPort("http")); + response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("429", response->headers().getStatusValue()); + EXPECT_EQ(18, response->body().size()); +} + +TEST_P(LocalRateLimitFilterIntegrationTest, DenyRequestWithinSameConnection) { + initializeFilter(fmt::format(filter_config_, "true")); + + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, 1); + + ASSERT_TRUE(response->waitForEndStream()); + + EXPECT_TRUE(upstream_request_->complete()); + EXPECT_EQ(0U, upstream_request_->bodyLength()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + EXPECT_EQ(0, response->body().size()); + + response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("429", response->headers().getStatusValue()); + EXPECT_EQ(18, response->body().size()); +} + +TEST_P(LocalRateLimitFilterIntegrationTest, PermitRequestAcrossDifferentConnections) { + initializeFilter(fmt::format(filter_config_, "true")); + + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, 1); + + ASSERT_TRUE(response->waitForEndStream()); + + EXPECT_TRUE(upstream_request_->complete()); + EXPECT_EQ(0U, upstream_request_->bodyLength()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + EXPECT_EQ(0, response->body().size()); + + cleanupUpstreamAndDownstream(); + + codec_client_ = makeHttpConnection(lookupPort("http")); + response = codec_client_->makeRequestWithBody(default_request_headers_, 0); + + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, 1); + + ASSERT_TRUE(response->waitForEndStream()); + + EXPECT_TRUE(upstream_request_->complete()); + EXPECT_EQ(0U, upstream_request_->bodyLength()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + EXPECT_EQ(0, response->body().size()); +} + +} // namespace +} // namespace Envoy diff --git a/test/extensions/filters/http/lua/config_test.cc b/test/extensions/filters/http/lua/config_test.cc index c01772b2a222..7cb6dbd44dba 100644 --- a/test/extensions/filters/http/lua/config_test.cc +++ b/test/extensions/filters/http/lua/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/http/lua/v3/lua.pb.h" #include "envoy/extensions/filters/http/lua/v3/lua.pb.validate.h" -#include "extensions/filters/http/lua/config.h" +#include "source/extensions/filters/http/lua/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/lua/lua_filter_test.cc b/test/extensions/filters/http/lua/lua_filter_test.cc index 0471c8745845..d1529ac2061e 100644 --- a/test/extensions/filters/http/lua/lua_filter_test.cc +++ b/test/extensions/filters/http/lua/lua_filter_test.cc @@ -3,11 +3,10 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/message_impl.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/filters/http/lua/lua_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/message_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/filters/http/lua/lua_filter.h" #include "test/mocks/api/mocks.h" #include "test/mocks/http/mocks.h" @@ -2186,7 +2185,7 @@ TEST_F(LuaHttpFilterTest, LuaFilterDisabled) { EXPECT_CALL(decoder_callbacks_, clearRouteCache()); - ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Lua)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.lua")) .WillByDefault(Return(nullptr)); Http::TestRequestHeaderMapImpl request_headers_1{{":path", "/"}}; @@ -2194,7 +2193,7 @@ TEST_F(LuaHttpFilterTest, LuaFilterDisabled) { EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_->decodeHeaders(request_headers_1, true)); EXPECT_EQ("world", request_headers_1.get_("hello")); - ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Lua)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.lua")) .WillByDefault(Return(per_route_config_.get())); Http::TestRequestHeaderMapImpl request_headers_2{{":path", "/"}}; @@ -2230,7 +2229,7 @@ TEST_F(LuaHttpFilterTest, LuaFilterRefSourceCodes) { setupConfig(proto_config, per_route_proto_config); setupFilter(); - ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Lua)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.lua")) .WillByDefault(Return(per_route_config_.get())); Http::TestRequestHeaderMapImpl request_headers{{":path", "/"}}; @@ -2259,7 +2258,7 @@ TEST_F(LuaHttpFilterTest, LuaFilterRefSourceCodeNotExist) { setupConfig(proto_config, per_route_proto_config); setupFilter(); - ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Lua)) + ON_CALL(decoder_callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.lua")) .WillByDefault(Return(per_route_config_.get())); Http::TestRequestHeaderMapImpl request_headers{{":path", "/"}}; diff --git a/test/extensions/filters/http/lua/lua_integration_test.cc b/test/extensions/filters/http/lua/lua_integration_test.cc index f02f903307c5..90bd7d44c020 100644 --- a/test/extensions/filters/http/lua/lua_integration_test.cc +++ b/test/extensions/filters/http/lua/lua_integration_test.cc @@ -1,8 +1,6 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "extensions/filters/http/well_known_names.h" - #include "test/integration/http_integration.h" #include "test/test_common/utility.h" @@ -16,14 +14,14 @@ namespace { class LuaIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - LuaIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + LuaIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP1); - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); // Create the xDS upstream. - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initializeFilter(const std::string& filter_config, const std::string& domain = "*") { @@ -47,7 +45,7 @@ class LuaIntegrationTest : public testing::TestWithParammutable_match()->set_prefix("/alt/route"); new_route->mutable_route()->set_cluster("alt_cluster"); - const std::string key = Extensions::HttpFilters::HttpFilterNames::get().Lua; + const std::string key = "envoy.filters.http.lua"; const std::string yaml = R"EOF( foo.bar: diff --git a/test/extensions/filters/http/lua/wrappers_test.cc b/test/extensions/filters/http/lua/wrappers_test.cc index 2097b2696452..ca10e89bf79b 100644 --- a/test/extensions/filters/http/lua/wrappers_test.cc +++ b/test/extensions/filters/http/lua/wrappers_test.cc @@ -1,10 +1,9 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/http/utility.h" -#include "common/network/address_impl.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/filters/http/lua/wrappers.h" +#include "source/common/http/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/filters/http/lua/wrappers.h" #include "test/extensions/filters/common/lua/lua_wrappers.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/http/oauth2/config_test.cc b/test/extensions/filters/http/oauth2/config_test.cc index bbe7860802c3..74dfe5daa6c4 100644 --- a/test/extensions/filters/http/oauth2/config_test.cc +++ b/test/extensions/filters/http/oauth2/config_test.cc @@ -3,11 +3,10 @@ #include "envoy/extensions/filters/http/oauth2/v3alpha/oauth.pb.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/secret/secret_provider_impl.h" - -#include "extensions/filters/http/oauth2/config.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/secret/secret_provider_impl.h" +#include "source/extensions/filters/http/oauth2/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/oauth2/filter_test.cc b/test/extensions/filters/http/oauth2/filter_test.cc index 521d28dff3cb..9179db9d6686 100644 --- a/test/extensions/filters/http/oauth2/filter_test.cc +++ b/test/extensions/filters/http/oauth2/filter_test.cc @@ -6,13 +6,12 @@ #include "envoy/http/async_client.h" #include "envoy/http/message.h" -#include "common/common/macros.h" -#include "common/http/message_impl.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/secret/secret_manager_impl.h" - -#include "extensions/filters/http/oauth2/filter.h" +#include "source/common/common/macros.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/secret/secret_manager_impl.h" +#include "source/extensions/filters/http/oauth2/filter.h" #include "test/mocks/http/mocks.h" #include "test/mocks/server/mocks.h" diff --git a/test/extensions/filters/http/oauth2/oauth_integration_test.cc b/test/extensions/filters/http/oauth2/oauth_integration_test.cc index e12091ef503e..34198a73eb15 100644 --- a/test/extensions/filters/http/oauth2/oauth_integration_test.cc +++ b/test/extensions/filters/http/oauth2/oauth_integration_test.cc @@ -1,11 +1,9 @@ -#include "common/crypto/utility.h" -#include "common/http/utility.h" -#include "common/protobuf/utility.h" - +#include "source/common/crypto/utility.h" +#include "source/common/http/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/oauth2/filter.h" #include "source/extensions/filters/http/oauth2/oauth_response.pb.h" -#include "extensions/filters/http/oauth2/filter.h" - #include "test/integration/http_integration.h" #include "absl/strings/escaping.h" @@ -20,7 +18,7 @@ namespace { class OauthIntegrationTest : public testing::Test, public HttpIntegrationTest { public: OauthIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, Network::Address::IpVersion::v4) { + : HttpIntegrationTest(Http::CodecType::HTTP2, Network::Address::IpVersion::v4) { enableHalfClose(true); } @@ -38,7 +36,7 @@ class OauthIntegrationTest : public testing::Test, public HttpIntegrationTest { } void initialize() override { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); TestEnvironment::writeStringToFileForTest("token_secret.yaml", R"EOF( resources: diff --git a/test/extensions/filters/http/oauth2/oauth_test.cc b/test/extensions/filters/http/oauth2/oauth_test.cc index f0a72cdfd4b2..d7f9a29d443b 100644 --- a/test/extensions/filters/http/oauth2/oauth_test.cc +++ b/test/extensions/filters/http/oauth2/oauth_test.cc @@ -1,11 +1,10 @@ #include #include -#include "common/http/message_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/oauth2/oauth.h" -#include "extensions/filters/http/oauth2/oauth_client.h" +#include "source/common/http/message_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/http/oauth2/oauth.h" +#include "source/extensions/filters/http/oauth2/oauth_client.h" #include "test/mocks/http/mocks.h" #include "test/mocks/server/mocks.h" diff --git a/test/extensions/filters/http/on_demand/on_demand_filter_test.cc b/test/extensions/filters/http/on_demand/on_demand_filter_test.cc index d2978064b2d9..fffb9ea7c7b1 100644 --- a/test/extensions/filters/http/on_demand/on_demand_filter_test.cc +++ b/test/extensions/filters/http/on_demand/on_demand_filter_test.cc @@ -1,8 +1,7 @@ #include -#include "common/http/header_map_impl.h" - -#include "extensions/filters/http/on_demand/on_demand_update.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/filters/http/on_demand/on_demand_update.h" #include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/filters/http/original_src/config_test.cc b/test/extensions/filters/http/original_src/config_test.cc index 1b805e1f6c9e..6607f387e11a 100644 --- a/test/extensions/filters/http/original_src/config_test.cc +++ b/test/extensions/filters/http/original_src/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" -#include "extensions/filters/http/original_src/config.h" +#include "source/extensions/filters/http/original_src/config.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/http/original_src/original_src_config_factory_test.cc b/test/extensions/filters/http/original_src/original_src_config_factory_test.cc index 4967371847dd..8830e2d0a1e7 100644 --- a/test/extensions/filters/http/original_src/original_src_config_factory_test.cc +++ b/test/extensions/filters/http/original_src/original_src_config_factory_test.cc @@ -1,9 +1,9 @@ #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.validate.h" -#include "extensions/filters/http/original_src/config.h" -#include "extensions/filters/http/original_src/original_src.h" -#include "extensions/filters/http/original_src/original_src_config_factory.h" +#include "source/extensions/filters/http/original_src/config.h" +#include "source/extensions/filters/http/original_src/original_src.h" +#include "source/extensions/filters/http/original_src/original_src_config_factory.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/http/original_src/original_src_test.cc b/test/extensions/filters/http/original_src/original_src_test.cc index 7b497ffd44a6..c8b9d1c5c598 100644 --- a/test/extensions/filters/http/original_src/original_src_test.cc +++ b/test/extensions/filters/http/original_src/original_src_test.cc @@ -1,10 +1,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/http/original_src/v3/original_src.pb.h" -#include "common/network/socket_option_impl.h" -#include "common/network/utility.h" - -#include "extensions/filters/http/original_src/original_src.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/http/original_src/original_src.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/common.h" @@ -16,7 +15,6 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" -using testing::_; using testing::SaveArg; using testing::StrictMock; diff --git a/test/extensions/filters/http/ratelimit/config_test.cc b/test/extensions/filters/http/ratelimit/config_test.cc index 232dcebf416f..17d7bfd7db45 100644 --- a/test/extensions/filters/http/ratelimit/config_test.cc +++ b/test/extensions/filters/http/ratelimit/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/http/ratelimit/config.h" +#include "source/extensions/filters/http/ratelimit/config.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/ratelimit/ratelimit_headers_test.cc b/test/extensions/filters/http/ratelimit/ratelimit_headers_test.cc index 9acc0ca72cba..9fba19f41da6 100644 --- a/test/extensions/filters/http/ratelimit/ratelimit_headers_test.cc +++ b/test/extensions/filters/http/ratelimit/ratelimit_headers_test.cc @@ -1,7 +1,7 @@ #include #include -#include "extensions/filters/http/ratelimit/ratelimit_headers.h" +#include "source/extensions/filters/http/ratelimit/ratelimit_headers.h" #include "test/extensions/filters/common/ratelimit/utils.h" #include "test/mocks/http/mocks.h" diff --git a/test/extensions/filters/http/ratelimit/ratelimit_integration_test.cc b/test/extensions/filters/http/ratelimit/ratelimit_integration_test.cc index fbcaf61a1222..c54b35a01d02 100644 --- a/test/extensions/filters/http/ratelimit/ratelimit_integration_test.cc +++ b/test/extensions/filters/http/ratelimit/ratelimit_integration_test.cc @@ -5,12 +5,11 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/ratelimit/v3/rls.pb.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" - -#include "extensions/filters/http/ratelimit/config.h" -#include "extensions/filters/http/ratelimit/ratelimit_headers.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/extensions/filters/http/ratelimit/config.h" +#include "source/extensions/filters/http/ratelimit/ratelimit_headers.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/extensions/filters/common/ratelimit/utils.h" @@ -25,7 +24,7 @@ namespace { class RatelimitIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - RatelimitIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + RatelimitIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void SetUp() override { XDS_DEPRECATED_FEATURE_TEST_SKIP; @@ -34,7 +33,7 @@ class RatelimitIntegrationTest : public Grpc::VersionedGrpcClientIntegrationPara void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initialize() override { diff --git a/test/extensions/filters/http/ratelimit/ratelimit_test.cc b/test/extensions/filters/http/ratelimit/ratelimit_test.cc index 1dccd4f06538..1b11162b0789 100644 --- a/test/extensions/filters/http/ratelimit/ratelimit_test.cc +++ b/test/extensions/filters/http/ratelimit/ratelimit_test.cc @@ -4,13 +4,11 @@ #include "envoy/extensions/filters/http/ratelimit/v3/rate_limit.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/http/context_impl.h" -#include "common/http/headers.h" - -#include "extensions/filters/http/ratelimit/ratelimit.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/context_impl.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/http/ratelimit/ratelimit.h" #include "test/extensions/filters/common/ratelimit/mocks.h" #include "test/extensions/filters/common/ratelimit/utils.h" @@ -551,7 +549,7 @@ TEST_F(HttpRateLimitFilterTest, LimitResponseWithDynamicMetadata) { EXPECT_CALL(filter_callbacks_.stream_info_, setDynamicMetadata(_, _)) .WillOnce(Invoke([&dynamic_metadata](const std::string& ns, const ProtobufWkt::Struct& returned_dynamic_metadata) { - EXPECT_EQ(ns, HttpFilterNames::get().RateLimit); + EXPECT_EQ(ns, "envoy.filters.http.ratelimit"); EXPECT_TRUE(TestUtility::protoEqual(returned_dynamic_metadata, *dynamic_metadata)); })); @@ -1105,7 +1103,7 @@ TEST_F(HttpRateLimitFilterTest, DEPRECATED_FEATURE_TEST(ExcludeVirtualHost)) { .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.rate_limit_policy_, empty()) @@ -1156,7 +1154,7 @@ TEST_F(HttpRateLimitFilterTest, OverrideVHRateLimitOptionWithRouteRateLimitSet) .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.rate_limit_policy_, empty()) @@ -1205,7 +1203,7 @@ TEST_F(HttpRateLimitFilterTest, OverrideVHRateLimitOptionWithoutRouteRateLimit) .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.rate_limit_policy_, empty()) @@ -1256,7 +1254,7 @@ TEST_F(HttpRateLimitFilterTest, IncludeVHRateLimitOptionWithOnlyVHRateLimitSet) .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_.rate_limit_policy_, @@ -1306,7 +1304,7 @@ TEST_F(HttpRateLimitFilterTest, IncludeVHRateLimitOptionWithRouteAndVHRateLimitS .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_.rate_limit_policy_, @@ -1356,7 +1354,7 @@ TEST_F(HttpRateLimitFilterTest, IgnoreVHRateLimitOptionWithRouteRateLimitSet) { .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_.rate_limit_policy_, @@ -1402,7 +1400,7 @@ TEST_F(HttpRateLimitFilterTest, IgnoreVHRateLimitOptionWithOutRouteRateLimit) { .WillOnce(Return(false)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_, - perFilterConfig(HttpFilterNames::get().RateLimit)) + perFilterConfig("envoy.filters.http.ratelimit")) .WillOnce(Return(&per_route_config_)); EXPECT_CALL(filter_callbacks_.route_->route_entry_.virtual_host_.rate_limit_policy_, diff --git a/test/extensions/filters/http/rbac/config_test.cc b/test/extensions/filters/http/rbac/config_test.cc index 318a6e2f1033..8871521627f5 100644 --- a/test/extensions/filters/http/rbac/config_test.cc +++ b/test/extensions/filters/http/rbac/config_test.cc @@ -2,8 +2,8 @@ #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.validate.h" -#include "extensions/filters/common/rbac/engine.h" -#include "extensions/filters/http/rbac/config.h" +#include "source/extensions/filters/common/rbac/engine.h" +#include "source/extensions/filters/http/rbac/config.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/http/rbac/mocks.h b/test/extensions/filters/http/rbac/mocks.h index f888cd06e4f0..7932a02fea4d 100644 --- a/test/extensions/filters/http/rbac/mocks.h +++ b/test/extensions/filters/http/rbac/mocks.h @@ -2,8 +2,8 @@ #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" -#include "extensions/filters/common/rbac/utility.h" -#include "extensions/filters/http/rbac/rbac_filter.h" +#include "source/extensions/filters/common/rbac/utility.h" +#include "source/extensions/filters/http/rbac/rbac_filter.h" #include "gmock/gmock.h" diff --git a/test/extensions/filters/http/rbac/rbac_filter_integration_test.cc b/test/extensions/filters/http/rbac/rbac_filter_integration_test.cc index 0913b37ba4cb..4874d30d0778 100644 --- a/test/extensions/filters/http/rbac/rbac_filter_integration_test.cc +++ b/test/extensions/filters/http/rbac/rbac_filter_integration_test.cc @@ -1,9 +1,7 @@ #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/http/well_known_names.h" +#include "source/common/protobuf/utility.h" #include "test/integration/http_protocol_integration.h" @@ -282,7 +280,7 @@ TEST_P(RBACIntegrationTest, RouteOverride) { ->Mutable(0) ->mutable_typed_per_filter_config(); - (*config)[Extensions::HttpFilters::HttpFilterNames::get().Rbac].PackFrom(per_route_config); + (*config)["envoy.filters.http.rbac"].PackFrom(per_route_config); }); config_helper_.addFilter(RBAC_CONFIG); diff --git a/test/extensions/filters/http/rbac/rbac_filter_test.cc b/test/extensions/filters/http/rbac/rbac_filter_test.cc index 07d01f679647..e7a8ed8e14dd 100644 --- a/test/extensions/filters/http/rbac/rbac_filter_test.cc +++ b/test/extensions/filters/http/rbac/rbac_filter_test.cc @@ -1,12 +1,10 @@ #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/http/rbac/v3/rbac.pb.h" -#include "common/config/metadata.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/rbac/utility.h" -#include "extensions/filters/http/rbac/rbac_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/config/metadata.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/rbac/utility.h" +#include "source/extensions/filters/http/rbac/rbac_filter.h" #include "test/extensions/filters/common/rbac/mocks.h" #include "test/extensions/filters/http/rbac/mocks.h" @@ -34,8 +32,8 @@ class RoleBasedAccessControlFilterTest : public testing::Test { envoy::config::rbac::v3::Policy policy; auto policy_rules = policy.add_permissions()->mutable_or_rules(); - policy_rules->add_rules()->mutable_requested_server_name()->set_hidden_envoy_deprecated_regex( - ".*cncf.io"); + policy_rules->add_rules()->mutable_requested_server_name()->MergeFrom( + TestUtility::createRegexMatcher(".*cncf.io")); policy_rules->add_rules()->set_destination_port(123); policy_rules->add_rules()->mutable_url_path()->mutable_path()->set_suffix("suffix"); policy.add_principals()->set_any(true); @@ -89,11 +87,10 @@ class RoleBasedAccessControlFilterTest : public testing::Test { } void setMetadata() { - ON_CALL(req_info_, setDynamicMetadata(HttpFilterNames::get().Rbac, _)) + ON_CALL(req_info_, setDynamicMetadata("envoy.filters.http.rbac", _)) .WillByDefault(Invoke([this](const std::string&, const ProtobufWkt::Struct& obj) { req_info_.metadata_.mutable_filter_metadata()->insert( - Protobuf::MapPair(HttpFilterNames::get().Rbac, - obj)); + Protobuf::MapPair("envoy.filters.http.rbac", obj)); })); ON_CALL(req_info_, @@ -196,7 +193,7 @@ TEST_F(RoleBasedAccessControlFilterTest, Denied) { EXPECT_EQ("testrbac.prefix_.shadow_allowed", config_->stats().shadow_allowed_.name()); EXPECT_EQ("testrbac.prefix_.shadow_denied", config_->stats().shadow_denied_.name()); - auto filter_meta = req_info_.dynamicMetadata().filter_metadata().at(HttpFilterNames::get().Rbac); + auto filter_meta = req_info_.dynamicMetadata().filter_metadata().at("envoy.filters.http.rbac"); EXPECT_EQ("allowed", filter_meta.fields().at("prefix_shadow_engine_result").string_value()); EXPECT_EQ("bar", filter_meta.fields().at("prefix_shadow_effective_policy_id").string_value()); EXPECT_EQ("rbac_access_denied_matched_policy[none]", callbacks_.details()); @@ -215,7 +212,7 @@ TEST_F(RoleBasedAccessControlFilterTest, RouteLocalOverride) { EXPECT_CALL(engine, handleAction(_, _, _, _)).WillRepeatedly(Return(true)); EXPECT_CALL(per_route_config_, engine()).WillRepeatedly(ReturnRef(engine)); - EXPECT_CALL(callbacks_.route_->route_entry_, perFilterConfig(HttpFilterNames::get().Rbac)) + EXPECT_CALL(callbacks_.route_->route_entry_, perFilterConfig("envoy.filters.http.rbac")) .WillRepeatedly(Return(&per_route_config_)); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(headers_, true)); diff --git a/test/extensions/filters/http/router/auto_sni_integration_test.cc b/test/extensions/filters/http/router/auto_sni_integration_test.cc index 4c16326c2e51..25328614681f 100644 --- a/test/extensions/filters/http/router/auto_sni_integration_test.cc +++ b/test/extensions/filters/http/router/auto_sni_integration_test.cc @@ -5,8 +5,8 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/upstream/upstream.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/integration/http_integration.h" @@ -16,10 +16,10 @@ class AutoSniIntegrationTest : public testing::TestWithParammutable_clusters()->at(0); @@ -41,7 +41,7 @@ class AutoSniIntegrationTest : public testing::TestWithParam + +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.h" +#include "envoy/extensions/filters/http/set_metadata/v3/set_metadata.pb.validate.h" + +#include "source/extensions/filters/http/set_metadata/config.h" +#include "source/extensions/filters/http/set_metadata/set_metadata_filter.h" + +#include "test/mocks/server/factory_context.h" +#include "test/mocks/server/instance.h" +#include "test/test_common/utility.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +using SetMetadataProtoConfig = envoy::extensions::filters::http::set_metadata::v3::Config; + +TEST(SetMetadataFilterConfigTest, SimpleConfig) { + const std::string yaml = R"EOF( +metadata_namespace: thenamespace +value: + mynumber: 20 + mylist: ["b"] + tags: + mytag1: 1 + )EOF"; + + SetMetadataProtoConfig proto_config; + TestUtility::loadFromYamlAndValidate(yaml, proto_config); + + testing::NiceMock context; + SetMetadataConfig factory; + + Http::FilterFactoryCb cb = factory.createFilterFactoryFromProto(proto_config, "stats", context); + Http::MockFilterChainFactoryCallbacks filter_callbacks; + EXPECT_CALL(filter_callbacks, addStreamDecoderFilter(_)); + cb(filter_callbacks); +} + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/set_metadata/set_metadata_filter_test.cc b/test/extensions/filters/http/set_metadata/set_metadata_filter_test.cc new file mode 100644 index 000000000000..32fb9318b800 --- /dev/null +++ b/test/extensions/filters/http/set_metadata/set_metadata_filter_test.cc @@ -0,0 +1,141 @@ +#include + +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/http/set_metadata/set_metadata_filter.h" + +#include "test/mocks/http/mocks.h" +#include "test/mocks/stream_info/mocks.h" +#include "test/test_common/utility.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +using testing::NiceMock; +using testing::ReturnRef; + +namespace Envoy { +namespace Extensions { +namespace HttpFilters { +namespace SetMetadataFilter { + +class SetMetadataIntegrationTest : public testing::Test { + +public: + SetMetadataIntegrationTest() = default; + + void runFilter(envoy::config::core::v3::Metadata& metadata, const std::string& yaml_config) { + envoy::extensions::filters::http::set_metadata::v3::Config ext_config; + TestUtility::loadFromYaml(yaml_config, ext_config); + auto config = std::make_shared(ext_config); + auto filter = std::make_shared(config); + + Http::TestRequestHeaderMapImpl headers; + + NiceMock decoder_callbacks; + NiceMock req_info; + filter->setDecoderFilterCallbacks(decoder_callbacks); + + EXPECT_CALL(decoder_callbacks, streamInfo()).WillRepeatedly(ReturnRef(req_info)); + EXPECT_CALL(req_info, dynamicMetadata()).WillRepeatedly(ReturnRef(metadata)); + EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter->decodeHeaders(headers, true)); + Buffer::OwnedImpl buffer; + EXPECT_EQ(Http::FilterDataStatus::Continue, filter->decodeData(buffer, true)); + filter->onDestroy(); + } + + void checkKeyInt(const ProtobufWkt::Struct& s, const char* key, int val) { + const auto& fields = s.fields(); + const auto it = fields.find(key); + ASSERT_TRUE(it != fields.end()); + const auto& pbval = it->second; + ASSERT_EQ(pbval.kind_case(), ProtobufWkt::Value::kNumberValue); + EXPECT_EQ(pbval.number_value(), val); + } +}; + +TEST_F(SetMetadataIntegrationTest, TestTagsHeaders) { + const std::string yaml_config = R"EOF( + metadata_namespace: thenamespace + value: + tags: + mytag0: 1 + )EOF"; + + envoy::config::core::v3::Metadata metadata; + runFilter(metadata, yaml_config); + + // Verify that `metadata` contains `{"thenamespace": {"tags": {"mytag0": 1}}}` + const auto& filter_metadata = metadata.filter_metadata(); + const auto it_namespace = filter_metadata.find("thenamespace"); + ASSERT_TRUE(it_namespace != filter_metadata.end()); + const auto& fields = it_namespace->second.fields(); + const auto it_tags = fields.find("tags"); + ASSERT_TRUE(it_tags != fields.end()); + const auto& tags = it_tags->second; + ASSERT_EQ(tags.kind_case(), ProtobufWkt::Value::kStructValue); + checkKeyInt(tags.struct_value(), "mytag0", 1); +} + +TEST_F(SetMetadataIntegrationTest, TestTagsHeadersUpdate) { + envoy::config::core::v3::Metadata metadata; + + { + const std::string yaml_config = R"EOF( + metadata_namespace: thenamespace + value: + mynumber: 10 + mylist: ["a"] + tags: + mytag0: 1 + )EOF"; + + runFilter(metadata, yaml_config); + } + { + const std::string yaml_config = R"EOF( + metadata_namespace: thenamespace + value: + mynumber: 20 + mylist: ["b"] + tags: + mytag1: 1 + )EOF"; + + runFilter(metadata, yaml_config); + } + + // Verify that `metadata` contains: + // ``{"thenamespace": {number: 20, mylist: ["a","b"], "tags": {"mytag0": 1, "mytag1": 1}}}`` + const auto& filter_metadata = metadata.filter_metadata(); + const auto it_namespace = filter_metadata.find("thenamespace"); + ASSERT_TRUE(it_namespace != filter_metadata.end()); + const auto& namespace_ = it_namespace->second; + + checkKeyInt(namespace_, "mynumber", 20); + + const auto& fields = namespace_.fields(); + const auto it_mylist = fields.find("mylist"); + ASSERT_TRUE(it_mylist != fields.end()); + const auto& mylist = it_mylist->second; + ASSERT_EQ(mylist.kind_case(), ProtobufWkt::Value::kListValue); + const auto& vals = mylist.list_value().values(); + ASSERT_EQ(vals.size(), 2); + ASSERT_EQ(vals[0].kind_case(), ProtobufWkt::Value::kStringValue); + EXPECT_EQ(vals[0].string_value(), "a"); + ASSERT_EQ(vals[1].kind_case(), ProtobufWkt::Value::kStringValue); + EXPECT_EQ(vals[1].string_value(), "b"); + + const auto it_tags = fields.find("tags"); + ASSERT_TRUE(it_tags != fields.end()); + const auto& tags = it_tags->second; + ASSERT_EQ(tags.kind_case(), ProtobufWkt::Value::kStructValue); + const auto& tags_struct = tags.struct_value(); + + checkKeyInt(tags_struct, "mytag0", 1); + checkKeyInt(tags_struct, "mytag1", 1); +} + +} // namespace SetMetadataFilter +} // namespace HttpFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/http/squash/BUILD b/test/extensions/filters/http/squash/BUILD index b3930a3e2bfb..93034042f372 100644 --- a/test/extensions/filters/http/squash/BUILD +++ b/test/extensions/filters/http/squash/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["squash_filter_test.cc"], extension_name = "envoy.filters.http.squash", deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/common/http:header_map_lib", "//source/common/stats:stats_lib", "//source/extensions/filters/http/squash:squash_filter_lib", diff --git a/test/extensions/filters/http/squash/config_test.cc b/test/extensions/filters/http/squash/config_test.cc index 814421f72cbe..8964bb665308 100644 --- a/test/extensions/filters/http/squash/config_test.cc +++ b/test/extensions/filters/http/squash/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/http/squash/v3/squash.pb.h" #include "envoy/extensions/filters/http/squash/v3/squash.pb.validate.h" -#include "extensions/filters/http/squash/config.h" +#include "source/extensions/filters/http/squash/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/http/squash/squash_filter_integration_test.cc b/test/extensions/filters/http/squash/squash_filter_integration_test.cc index 280aa5d63d51..83f10a7069c6 100644 --- a/test/extensions/filters/http/squash/squash_filter_integration_test.cc +++ b/test/extensions/filters/http/squash/squash_filter_integration_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "test/integration/autonomous_upstream.h" #include "test/integration/http_integration.h" @@ -19,7 +19,7 @@ namespace Envoy { class SquashFilterIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - SquashFilterIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + SquashFilterIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} ~SquashFilterIntegrationTest() override { if (fake_squash_connection_) { @@ -71,7 +71,7 @@ class SquashFilterIntegrationTest : public testing::TestWithParam("source", "grpc_call_proto")); root()->handler_ = new MyGrpcCallHandler(); if (root()->grpcCallHandler( "bogus grpc_service", "service", "method", initial_metadata, value, 1000, @@ -97,6 +98,7 @@ FilterHeadersStatus GrpcCallContext::onRequestHeaders(uint32_t, bool end_of_stre google::protobuf::Value value; value.set_string_value("request"); HeaderStringPairs initial_metadata; + initial_metadata.push_back(std::make_pair("source", "grpc_call")); root()->handler_ = new MyGrpcCallHandler(); if (root()->grpcCallHandler( "bogus grpc_service", "service", "method", initial_metadata, value, 1000, diff --git a/test/extensions/filters/http/wasm/test_data/test_grpc_stream_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_grpc_stream_cpp.cc index d4c375cb5257..e0ebbe048ca2 100644 --- a/test/extensions/filters/http/wasm/test_data/test_grpc_stream_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_grpc_stream_cpp.cc @@ -6,7 +6,7 @@ #ifndef NULL_PLUGIN #include "proxy_wasm_intrinsics_lite.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(HttpWasmTestCpp) @@ -77,6 +77,8 @@ FilterHeadersStatus GrpcStreamContextProto::onRequestHeaders(uint32_t, bool) { std::string grpc_service_string; grpc_service.SerializeToString(&grpc_service_string); HeaderStringPairs initial_metadata; + initial_metadata.push_back( + std::make_pair("source", "grpc_stream_proto")); if (root()->grpcStreamHandler("bogus service string", "service", "method", initial_metadata, std::unique_ptr( new MyGrpcStreamHandler())) != WasmResult::ParseFailure) { @@ -105,6 +107,7 @@ static RegisterContextFactory register_GrpcStreamContext(CONTEXT_FACTORY(GrpcStr FilterHeadersStatus GrpcStreamContext::onRequestHeaders(uint32_t, bool) { HeaderStringPairs initial_metadata; + initial_metadata.push_back(std::make_pair("source", "grpc_stream")); if (root()->grpcStreamHandler("bogus service string", "service", "method", initial_metadata, std::unique_ptr( new MyGrpcStreamHandler())) == WasmResult::ParseFailure) { diff --git a/test/extensions/filters/http/wasm/test_data/test_panic_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_panic_cpp.cc index 44fa5e19f989..bd32bb4691d8 100644 --- a/test/extensions/filters/http/wasm/test_data/test_panic_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_panic_cpp.cc @@ -6,7 +6,7 @@ #ifndef NULL_PLUGIN #include "proxy_wasm_intrinsics_lite.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(HttpWasmTestCpp) diff --git a/test/extensions/filters/http/wasm/test_data/test_resume_call_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_resume_call_cpp.cc index f557eb143859..2ce27d339840 100644 --- a/test/extensions/filters/http/wasm/test_data/test_resume_call_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_resume_call_cpp.cc @@ -6,7 +6,7 @@ #ifndef NULL_PLUGIN #include "proxy_wasm_intrinsics_lite.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(HttpWasmTestCpp) diff --git a/test/extensions/filters/http/wasm/test_data/test_shared_data_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_shared_data_cpp.cc index 6ecf802903d9..d3b9e51fe8d3 100644 --- a/test/extensions/filters/http/wasm/test_data/test_shared_data_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_shared_data_cpp.cc @@ -6,7 +6,7 @@ #ifndef NULL_PLUGIN #include "proxy_wasm_intrinsics_lite.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(HttpWasmTestCpp) diff --git a/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc index 454932b9f556..e6b61cc79c86 100644 --- a/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc @@ -6,7 +6,7 @@ #ifndef NULL_PLUGIN #include "proxy_wasm_intrinsics_lite.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(HttpWasmTestCpp) diff --git a/test/extensions/filters/http/wasm/wasm_filter_test.cc b/test/extensions/filters/http/wasm/wasm_filter_test.cc index 74f6c0ce9dbe..98d8c1c2671d 100644 --- a/test/extensions/filters/http/wasm/wasm_filter_test.cc +++ b/test/extensions/filters/http/wasm/wasm_filter_test.cc @@ -1,6 +1,5 @@ -#include "common/http/message_impl.h" - -#include "extensions/filters/http/wasm/wasm_filter.h" +#include "source/common/http/message_impl.h" +#include "source/extensions/filters/http/wasm/wasm_filter.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/network/connection.h" @@ -947,6 +946,9 @@ TEST_P(WasmHttpFilterTest, GrpcCall) { NiceMock span; if (callbacks) { callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onSuccessRaw(std::move(response), span); } } @@ -1369,8 +1371,10 @@ TEST_P(WasmHttpFilterTest, GrpcStream) { auto response = std::make_unique(response_string); EXPECT_NE(callbacks, nullptr); if (callbacks) { - Http::TestRequestHeaderMapImpl create_initial_metadata{{"test", "create_initial_metadata"}}; - callbacks->onCreateInitialMetadata(create_initial_metadata); + callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onReceiveInitialMetadata(std::make_unique()); callbacks->onReceiveMessageRaw(std::move(response)); callbacks->onReceiveTrailingMetadata(std::make_unique()); @@ -1417,8 +1421,10 @@ TEST_P(WasmHttpFilterTest, GrpcStreamCloseLocal) { auto response = std::make_unique(response_string); EXPECT_NE(callbacks, nullptr); if (callbacks) { - Http::TestRequestHeaderMapImpl create_initial_metadata{{"test", "create_initial_metadata"}}; - callbacks->onCreateInitialMetadata(create_initial_metadata); + callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onReceiveInitialMetadata(std::make_unique()); callbacks->onReceiveMessageRaw(std::move(response)); callbacks->onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Ok, "ok"); @@ -1465,8 +1471,10 @@ TEST_P(WasmHttpFilterTest, GrpcStreamCloseRemote) { auto response = std::make_unique(response_string); EXPECT_NE(callbacks, nullptr); if (callbacks) { - Http::TestRequestHeaderMapImpl create_initial_metadata{{"test", "create_initial_metadata"}}; - callbacks->onCreateInitialMetadata(create_initial_metadata); + callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onReceiveInitialMetadata(std::make_unique()); callbacks->onReceiveMessageRaw(std::move(response)); callbacks->onRemoteClose(Grpc::Status::WellKnownGrpcStatus::Ok, "close"); @@ -1511,8 +1519,10 @@ TEST_P(WasmHttpFilterTest, GrpcStreamCancel) { EXPECT_NE(callbacks, nullptr); NiceMock span; if (callbacks) { - Http::TestRequestHeaderMapImpl create_initial_metadata{{"test", "create_initial_metadata"}}; - callbacks->onCreateInitialMetadata(create_initial_metadata); + callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onReceiveInitialMetadata(std::make_unique( Http::TestResponseHeaderMapImpl{{"test", "reset"}})); } @@ -1557,8 +1567,10 @@ TEST_P(WasmHttpFilterTest, GrpcStreamOpenAtShutdown) { EXPECT_NE(callbacks, nullptr); NiceMock span; if (callbacks) { - Http::TestRequestHeaderMapImpl create_initial_metadata{{"test", "create_initial_metadata"}}; - callbacks->onCreateInitialMetadata(create_initial_metadata); + callbacks->onCreateInitialMetadata(request_headers); + const auto source = request_headers.get(Http::LowerCaseString{"source"}); + EXPECT_EQ(source.size(), 1); + EXPECT_EQ(source[0]->value().getStringView(), id); callbacks->onReceiveInitialMetadata(std::make_unique()); callbacks->onReceiveMessageRaw(std::move(response)); callbacks->onReceiveTrailingMetadata(std::make_unique()); @@ -1603,7 +1615,7 @@ TEST_P(WasmHttpFilterTest, Metadata) { request_stream_info_.metadata_.mutable_filter_metadata()->insert( Protobuf::MapPair( - HttpFilters::HttpFilterNames::get().Wasm, + "envoy.filters.http.wasm", MessageUtil::keyValueStruct("wasm_request_get_key", "wasm_request_get_value"))); rootContext().onTick(0); @@ -1648,7 +1660,7 @@ TEST_P(WasmHttpFilterTest, Property) { request_stream_info_.metadata_.mutable_filter_metadata()->insert( Protobuf::MapPair( - HttpFilters::HttpFilterNames::get().Wasm, + "envoy.filters.http.wasm", MessageUtil::keyValueStruct("wasm_request_get_key", "wasm_request_get_value"))); EXPECT_CALL(request_stream_info_, responseCode()).WillRepeatedly(Return(403)); EXPECT_CALL(encoder_callbacks_, streamInfo()).WillRepeatedly(ReturnRef(request_stream_info_)); diff --git a/test/extensions/filters/listener/common/fuzz/BUILD b/test/extensions/filters/listener/common/fuzz/BUILD index 556c46b37295..760575dbe87f 100644 --- a/test/extensions/filters/listener/common/fuzz/BUILD +++ b/test/extensions/filters/listener/common/fuzz/BUILD @@ -22,7 +22,7 @@ envoy_cc_test_library( deps = [ ":listener_filter_fakes", ":listener_filter_fuzzer_proto_cc_proto", - "//include/envoy/network:filter_interface", + "//envoy/network:filter_interface", "//test/mocks/network:network_mocks", "//test/test_common:threadsafe_singleton_injector_lib", ], diff --git a/test/extensions/filters/listener/common/fuzz/listener_filter_fakes.h b/test/extensions/filters/listener/common/fuzz/listener_filter_fakes.h index 94df5757a3c0..602202240eb3 100644 --- a/test/extensions/filters/listener/common/fuzz/listener_filter_fakes.h +++ b/test/extensions/filters/listener/common/fuzz/listener_filter_fakes.h @@ -1,7 +1,7 @@ #pragma once -#include "common/api/os_sys_calls_impl.h" -#include "common/network/io_socket_handle_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/io_socket_handle_impl.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.cc b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.cc index 89db1e5e5140..62fc69651208 100644 --- a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.cc +++ b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.cc @@ -5,7 +5,7 @@ namespace Extensions { namespace ListenerFilters { void ListenerFilterFuzzer::fuzz( - Network::ListenerFilter& filter, + Network::ListenerFilterPtr filter, const test::extensions::filters::listener::FilterFuzzTestCase& input) { try { socket_.addressProvider().setLocalAddress( @@ -32,7 +32,7 @@ void ListenerFilterFuzzer::fuzz( testing::ReturnNew>())); } - filter.onAccept(cb_); + filter->onAccept(cb_); if (file_event_callback_ == nullptr) { // If filter does not call createFileEvent (i.e. original_dst and original_src) diff --git a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h index fa98a6c55267..7caab46d7788 100644 --- a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h +++ b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h @@ -23,7 +23,7 @@ class ListenerFilterFuzzer { ON_CALL(Const(cb_), dynamicMetadata()).WillByDefault(testing::ReturnRef(metadata_)); } - void fuzz(Network::ListenerFilter& filter, + void fuzz(Network::ListenerFilterPtr filter, const test::extensions::filters::listener::FilterFuzzTestCase& input); private: diff --git a/test/extensions/filters/listener/http_inspector/BUILD b/test/extensions/filters/listener/http_inspector/BUILD index 4fbabc8c1c71..2d7bc03aef4b 100644 --- a/test/extensions/filters/listener/http_inspector/BUILD +++ b/test/extensions/filters/listener/http_inspector/BUILD @@ -36,7 +36,6 @@ envoy_extension_cc_test( srcs = ["http_inspector_config_test.cc"], extension_name = "envoy.filters.listener.http_inspector", deps = [ - "//source/extensions/filters/listener:well_known_names", "//source/extensions/filters/listener/http_inspector:config", "//source/extensions/filters/listener/http_inspector:http_inspector_lib", "//test/mocks/api:api_mocks", diff --git a/test/extensions/filters/listener/http_inspector/http_inspector_config_test.cc b/test/extensions/filters/listener/http_inspector/http_inspector_config_test.cc index 97e76d527d95..a515204a5632 100644 --- a/test/extensions/filters/listener/http_inspector/http_inspector_config_test.cc +++ b/test/extensions/filters/listener/http_inspector/http_inspector_config_test.cc @@ -1,5 +1,4 @@ -#include "extensions/filters/listener/http_inspector/http_inspector.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/extensions/filters/listener/http_inspector/http_inspector.h" #include "test/mocks/server/listener_factory_context.h" @@ -15,11 +14,11 @@ namespace HttpInspector { namespace { TEST(HttpInspectorConfigFactoryTest, TestCreateFactory) { - Server::Configuration::NamedListenerFilterConfigFactory* factory = - Registry::FactoryRegistry:: - getFactory(ListenerFilters::ListenerFilterNames::get().HttpInspector); + const std::string HttpInspector = "envoy.filters.listener.http_inspector"; + Server::Configuration::NamedListenerFilterConfigFactory* factory = Registry::FactoryRegistry< + Server::Configuration::NamedListenerFilterConfigFactory>::getFactory(HttpInspector); - EXPECT_EQ(factory->name(), ListenerFilters::ListenerFilterNames::get().HttpInspector); + EXPECT_EQ(factory->name(), HttpInspector); const std::string yaml = R"EOF( {} diff --git a/test/extensions/filters/listener/http_inspector/http_inspector_fuzz_test.cc b/test/extensions/filters/listener/http_inspector/http_inspector_fuzz_test.cc index bf581af093f4..d8ea3d2b2b4d 100644 --- a/test/extensions/filters/listener/http_inspector/http_inspector_fuzz_test.cc +++ b/test/extensions/filters/listener/http_inspector/http_inspector_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/http_inspector/http_inspector.h" +#include "source/extensions/filters/listener/http_inspector/http_inspector.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.pb.validate.h" @@ -22,7 +22,7 @@ DEFINE_PROTO_FUZZER(const test::extensions::filters::listener::FilterFuzzTestCas auto filter = std::make_unique(cfg); ListenerFilterFuzzer fuzzer; - fuzzer.fuzz(*filter, input); + fuzzer.fuzz(std::move(filter), input); } } // namespace HttpInspector diff --git a/test/extensions/filters/listener/http_inspector/http_inspector_test.cc b/test/extensions/filters/listener/http_inspector/http_inspector_test.cc index d0216ef9a71b..1104855f4106 100644 --- a/test/extensions/filters/listener/http_inspector/http_inspector_test.cc +++ b/test/extensions/filters/listener/http_inspector/http_inspector_test.cc @@ -1,8 +1,7 @@ -#include "common/common/hex.h" -#include "common/http/utility.h" -#include "common/network/io_socket_handle_impl.h" - -#include "extensions/filters/listener/http_inspector/http_inspector.h" +#include "source/common/common/hex.h" +#include "source/common/http/utility.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/extensions/filters/listener/http_inspector/http_inspector.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" @@ -32,7 +31,20 @@ class HttpInspectorTest : public testing::Test { HttpInspectorTest() : cfg_(std::make_shared(store_)), io_handle_(std::make_unique(42)) {} - ~HttpInspectorTest() override { io_handle_->close(); } + ~HttpInspectorTest() override { + filter_.reset(); + EXPECT_CALL(dispatcher_, + createFileEvent_(_, _, Event::PlatformDefaultTriggerType, + Event::FileReadyType::Read | Event::FileReadyType::Closed)) + .WillOnce(ReturnNew>()); + // This is used to test the FileEvent was reset by the listener filters. + // Otherwise the assertion inside `initializeFileEvent` will be trigger. + io_handle_->initializeFileEvent( + dispatcher_, [](uint32_t) -> void {}, Event::PlatformDefaultTriggerType, + Event::FileReadyType::Read | Event::FileReadyType::Closed); + io_handle_->resetFileEvents(); + io_handle_->close(); + } void init(bool include_inline_recv = true) { filter_ = std::make_unique(cfg_); diff --git a/test/extensions/filters/listener/original_dst/original_dst_fuzz_test.cc b/test/extensions/filters/listener/original_dst/original_dst_fuzz_test.cc index 820310876c58..f8d4368b7981 100644 --- a/test/extensions/filters/listener/original_dst/original_dst_fuzz_test.cc +++ b/test/extensions/filters/listener/original_dst/original_dst_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/original_dst/original_dst.h" +#include "source/extensions/filters/listener/original_dst/original_dst.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.pb.validate.h" @@ -20,7 +20,7 @@ DEFINE_PROTO_FUZZER(const test::extensions::filters::listener::FilterFuzzTestCas auto filter = std::make_unique(envoy::config::core::v3::TrafficDirection::UNSPECIFIED); ListenerFilterFuzzer fuzzer; - fuzzer.fuzz(*filter, input); + fuzzer.fuzz(std::move(filter), input); } } // namespace OriginalDst diff --git a/test/extensions/filters/listener/original_src/config_test.cc b/test/extensions/filters/listener/original_src/config_test.cc index 30c7e74c98f0..6c0bd7563c6c 100644 --- a/test/extensions/filters/listener/original_src/config_test.cc +++ b/test/extensions/filters/listener/original_src/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" -#include "extensions/filters/listener/original_src/config.h" +#include "source/extensions/filters/listener/original_src/config.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/listener/original_src/original_src_config_factory_test.cc b/test/extensions/filters/listener/original_src/original_src_config_factory_test.cc index eac36949aa96..a2febfc6f7f3 100644 --- a/test/extensions/filters/listener/original_src/original_src_config_factory_test.cc +++ b/test/extensions/filters/listener/original_src/original_src_config_factory_test.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/listener/original_src/config.h" -#include "extensions/filters/listener/original_src/original_src.h" -#include "extensions/filters/listener/original_src/original_src_config_factory.h" +#include "source/extensions/filters/listener/original_src/config.h" +#include "source/extensions/filters/listener/original_src/original_src.h" +#include "source/extensions/filters/listener/original_src/original_src_config_factory.h" #include "test/mocks/server/listener_factory_context.h" diff --git a/test/extensions/filters/listener/original_src/original_src_fuzz_test.cc b/test/extensions/filters/listener/original_src/original_src_fuzz_test.cc index 4e1ec600aa88..2b2f70ee016a 100644 --- a/test/extensions/filters/listener/original_src/original_src_fuzz_test.cc +++ b/test/extensions/filters/listener/original_src/original_src_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/original_src/original_src.h" +#include "source/extensions/filters/listener/original_src/original_src.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h" #include "test/extensions/filters/listener/original_src/original_src_fuzz_test.pb.validate.h" @@ -21,7 +21,7 @@ DEFINE_PROTO_FUZZER( Config config(input.config()); auto filter = std::make_unique(config); ListenerFilterFuzzer fuzzer; - fuzzer.fuzz(*filter, input.fuzzed()); + fuzzer.fuzz(std::move(filter), input.fuzzed()); } } // namespace OriginalSrc diff --git a/test/extensions/filters/listener/original_src/original_src_test.cc b/test/extensions/filters/listener/original_src/original_src_test.cc index 212d16331aa3..ede0069b8876 100644 --- a/test/extensions/filters/listener/original_src/original_src_test.cc +++ b/test/extensions/filters/listener/original_src/original_src_test.cc @@ -1,10 +1,9 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/extensions/filters/listener/original_src/v3/original_src.pb.h" -#include "common/network/socket_option_impl.h" -#include "common/network/utility.h" - -#include "extensions/filters/listener/original_src/original_src.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/listener/original_src/original_src.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/common.h" diff --git a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.cc b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.cc index 8129d8fb8721..7416e92c8bba 100644 --- a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.cc +++ b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h" #include "test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.pb.validate.h" @@ -23,7 +23,7 @@ DEFINE_PROTO_FUZZER( auto filter = std::make_unique(std::move(cfg)); ListenerFilterFuzzer fuzzer; - fuzzer.fuzz(*filter, input.fuzzed()); + fuzzer.fuzz(std::move(filter), input.fuzzed()); } } // namespace ProxyProtocol diff --git a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_test.cc b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_test.cc index 2ab7186e8b16..b02c80e6b07c 100644 --- a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_test.cc +++ b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_test.cc @@ -6,19 +6,16 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/stats/scope.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/tcp_listener_impl.h" -#include "common/network/utility.h" - -#include "server/connection_handler_impl.h" - -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" -#include "extensions/filters/listener/well_known_names.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/tcp_listener_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/server/connection_handler_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/buffer/mocks.h" @@ -56,7 +53,7 @@ class ProxyProtocolTest : public testing::TestWithParam { public: ProxyProtocolTest() - : api_(Api::createApiForTest(stats_store_)), + : api_(Api::createApiForTest(stats_store_, time_system_)), dispatcher_(api_->allocateDispatcher("test_thread")), socket_(std::make_shared( Network::Test::getCanonicalLoopbackAddress(GetParam()), nullptr, true)), @@ -81,8 +78,10 @@ class ProxyProtocolTest : public testing::TestWithParamaddressProvider().remoteAddress()->ip()->addressAsString(), + "127.0.0.1"); + } else { + EXPECT_EQ(server_connection_->addressProvider().remoteAddress()->ip()->addressAsString(), + "::1"); + } + EXPECT_EQ(stats_store_.counter("downstream_cx_total").value(), 1); + disconnect(); +} + TEST_P(ProxyProtocolTest, V1Basic) { connect(); write("PROXY TCP4 1.2.3.4 253.253.253.253 65535 1234\r\nmore data"); @@ -926,6 +943,8 @@ TEST_P(ProxyProtocolTest, V2PartialRead) { disconnect(); } +const std::string ProxyProtocol = "envoy.filters.listener.proxy_protocol"; + TEST_P(ProxyProtocolTest, V2ExtractTlvOfInterest) { // A well-formed ipv4/tcp with a pair of TLV extensions is accepted constexpr uint8_t buffer[] = {0x0d, 0x0a, 0x0d, 0x0a, 0x00, 0x0d, 0x0a, 0x51, 0x55, 0x49, @@ -954,9 +973,9 @@ TEST_P(ProxyProtocolTest, V2ExtractTlvOfInterest) { auto metadata = server_connection_->streamInfo().dynamicMetadata().filter_metadata(); EXPECT_EQ(1, metadata.size()); - EXPECT_EQ(1, metadata.count(ListenerFilters::ListenerFilterNames::get().ProxyProtocol)); + EXPECT_EQ(1, metadata.count(ProxyProtocol)); - auto fields = metadata.at(ListenerFilters::ListenerFilterNames::get().ProxyProtocol).fields(); + auto fields = metadata.at(ProxyProtocol).fields(); EXPECT_EQ(1, fields.size()); EXPECT_EQ(1, fields.count("PP2 type authority")); @@ -1047,9 +1066,9 @@ TEST_P(ProxyProtocolTest, V2ExtractMultipleTlvsOfInterest) { auto metadata = server_connection_->streamInfo().dynamicMetadata().filter_metadata(); EXPECT_EQ(1, metadata.size()); - EXPECT_EQ(1, metadata.count(ListenerFilters::ListenerFilterNames::get().ProxyProtocol)); + EXPECT_EQ(1, metadata.count(ProxyProtocol)); - auto fields = metadata.at(ListenerFilters::ListenerFilterNames::get().ProxyProtocol).fields(); + auto fields = metadata.at(ProxyProtocol).fields(); EXPECT_EQ(2, fields.size()); EXPECT_EQ(1, fields.count("PP2 type authority")); EXPECT_EQ(1, fields.count("PP2 vpc id")); @@ -1101,9 +1120,9 @@ TEST_P(ProxyProtocolTest, V2WillNotOverwriteTLV) { auto metadata = server_connection_->streamInfo().dynamicMetadata().filter_metadata(); EXPECT_EQ(1, metadata.size()); - EXPECT_EQ(1, metadata.count(ListenerFilters::ListenerFilterNames::get().ProxyProtocol)); + EXPECT_EQ(1, metadata.count(ProxyProtocol)); - auto fields = metadata.at(ListenerFilters::ListenerFilterNames::get().ProxyProtocol).fields(); + auto fields = metadata.at(ProxyProtocol).fields(); EXPECT_EQ(1, fields.size()); EXPECT_EQ(1, fields.count("PP2 type authority")); @@ -1439,11 +1458,10 @@ TEST_P(WildcardProxyProtocolTest, BasicV6) { } TEST(ProxyProtocolConfigFactoryTest, TestCreateFactory) { - Server::Configuration::NamedListenerFilterConfigFactory* factory = - Registry::FactoryRegistry:: - getFactory(ListenerFilters::ListenerFilterNames::get().ProxyProtocol); + Server::Configuration::NamedListenerFilterConfigFactory* factory = Registry::FactoryRegistry< + Server::Configuration::NamedListenerFilterConfigFactory>::getFactory(ProxyProtocol); - EXPECT_EQ(factory->name(), ListenerFilters::ListenerFilterNames::get().ProxyProtocol); + EXPECT_EQ(factory->name(), ProxyProtocol); const std::string yaml = R"EOF( rules: diff --git a/test/extensions/filters/listener/tls_inspector/tls_inspector_benchmark.cc b/test/extensions/filters/listener/tls_inspector/tls_inspector_benchmark.cc index 00f1e37aa50c..15426aa9aff5 100644 --- a/test/extensions/filters/listener/tls_inspector/tls_inspector_benchmark.cc +++ b/test/extensions/filters/listener/tls_inspector/tls_inspector_benchmark.cc @@ -1,11 +1,10 @@ #include -#include "common/api/os_sys_calls_impl.h" -#include "common/http/utility.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" - -#include "extensions/filters/listener/tls_inspector/tls_inspector.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/extensions/filters/listener/tls_inspector/tls_inspector.h" #include "test/extensions/filters/listener/tls_inspector/tls_utility.h" #include "test/mocks/api/mocks.h" diff --git a/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.cc b/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.cc index 8b801582d725..b722a2c50ec5 100644 --- a/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.cc +++ b/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/listener/tls_inspector/tls_inspector.h" +#include "source/extensions/filters/listener/tls_inspector/tls_inspector.h" #include "test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.h" #include "test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.pb.validate.h" @@ -31,7 +31,7 @@ DEFINE_PROTO_FUZZER( auto filter = std::make_unique(std::move(cfg)); ListenerFilterFuzzer fuzzer; - fuzzer.fuzz(*filter, input.fuzzed()); + fuzzer.fuzz(std::move(filter), input.fuzzed()); } } // namespace TlsInspector diff --git a/test/extensions/filters/listener/tls_inspector/tls_inspector_test.cc b/test/extensions/filters/listener/tls_inspector/tls_inspector_test.cc index 82f9d4811266..bb152489a569 100644 --- a/test/extensions/filters/listener/tls_inspector/tls_inspector_test.cc +++ b/test/extensions/filters/listener/tls_inspector/tls_inspector_test.cc @@ -1,7 +1,6 @@ -#include "common/http/utility.h" -#include "common/network/io_socket_handle_impl.h" - -#include "extensions/filters/listener/tls_inspector/tls_inspector.h" +#include "source/common/http/utility.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/extensions/filters/listener/tls_inspector/tls_inspector.h" #include "test/extensions/filters/listener/tls_inspector/tls_utility.h" #include "test/mocks/api/mocks.h" @@ -33,7 +32,20 @@ class TlsInspectorTest : public testing::TestWithParam(store_)), io_handle_(std::make_unique(42)) {} - ~TlsInspectorTest() override { io_handle_->close(); } + ~TlsInspectorTest() override { + filter_.reset(); + EXPECT_CALL(dispatcher_, + createFileEvent_(_, _, Event::PlatformDefaultTriggerType, + Event::FileReadyType::Read | Event::FileReadyType::Closed)) + .WillOnce(ReturnNew>()); + // This is used to test the FileEvent was reset by the listener filters. + // Otherwise the assertion inside `initializeFileEvent` will be trigger. + io_handle_->initializeFileEvent( + dispatcher_, [](uint32_t) -> void {}, Event::PlatformDefaultTriggerType, + Event::FileReadyType::Read | Event::FileReadyType::Closed); + io_handle_->resetFileEvents(); + io_handle_->close(); + } void init() { filter_ = std::make_unique(cfg_); diff --git a/test/extensions/filters/listener/tls_inspector/tls_utility.cc b/test/extensions/filters/listener/tls_inspector/tls_utility.cc index 70ed11b1f48c..c3777c479fdf 100644 --- a/test/extensions/filters/listener/tls_inspector/tls_utility.cc +++ b/test/extensions/filters/listener/tls_inspector/tls_utility.cc @@ -1,6 +1,6 @@ #include "test/extensions/filters/listener/tls_inspector/tls_utility.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "openssl/ssl.h" diff --git a/test/extensions/filters/network/client_ssl_auth/client_ssl_auth_test.cc b/test/extensions/filters/network/client_ssl_auth/client_ssl_auth_test.cc index 2b8c8cbcc2ae..bad7675a9e2c 100644 --- a/test/extensions/filters/network/client_ssl_auth/client_ssl_auth_test.cc +++ b/test/extensions/filters/network/client_ssl_auth/client_ssl_auth_test.cc @@ -5,10 +5,9 @@ #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.h" #include "envoy/runtime/runtime.h" -#include "common/http/message_impl.h" -#include "common/network/address_impl.h" - -#include "extensions/filters/network/client_ssl_auth/client_ssl_auth.h" +#include "source/common/http/message_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/network/client_ssl_auth/client_ssl_auth.h" #include "test/mocks/network/mocks.h" #include "test/mocks/runtime/mocks.h" @@ -23,7 +22,6 @@ #include "gtest/gtest.h" using testing::_; -using testing::Eq; using testing::InSequence; using testing::Invoke; using testing::Return; diff --git a/test/extensions/filters/network/client_ssl_auth/config_test.cc b/test/extensions/filters/network/client_ssl_auth/config_test.cc index b7c3d9fa5cc7..7c03c47be47b 100644 --- a/test/extensions/filters/network/client_ssl_auth/config_test.cc +++ b/test/extensions/filters/network/client_ssl_auth/config_test.cc @@ -2,10 +2,9 @@ #include "envoy/extensions/filters/network/client_ssl_auth/v3/client_ssl_auth.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/client_ssl_auth/config.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/client_ssl_auth/config.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/common/fuzz/BUILD b/test/extensions/filters/network/common/fuzz/BUILD index 41b2869c3d84..c27cea334c5a 100644 --- a/test/extensions/filters/network/common/fuzz/BUILD +++ b/test/extensions/filters/network/common/fuzz/BUILD @@ -12,6 +12,10 @@ load( licenses(["notice"]) # Apache 2 +exports_files([ + "uber_per_readfilter.cc", +]) + envoy_package() envoy_proto_library( diff --git a/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc b/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc index 2582fe207c09..03d6ba34f76c 100644 --- a/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc +++ b/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc @@ -1,7 +1,6 @@ -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/well_known_names.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/config/utility.h" #include "test/extensions/filters/network/common/fuzz/network_readfilter_fuzz.pb.validate.h" diff --git a/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc b/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc index c2f203091707..e7eb67c58ebb 100644 --- a/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc +++ b/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc @@ -1,7 +1,6 @@ -#include "common/config/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/well_known_names.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/config/utility.h" #include "test/extensions/filters/network/common/fuzz/network_writefilter_fuzz.pb.validate.h" diff --git a/test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc b/test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc index e1b845312e55..2fa4d315176d 100644 --- a/test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc +++ b/test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc @@ -2,9 +2,9 @@ #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" -#include "extensions/filters/common/ratelimit/ratelimit_impl.h" -#include "extensions/filters/network/common/utility.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/common/ratelimit/ratelimit_impl.h" +#include "source/extensions/filters/network/common/utility.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/common/ext_authz/test_common.h" #include "test/extensions/filters/network/common/fuzz/uber_readfilter.h" diff --git a/test/extensions/filters/network/common/fuzz/uber_per_writefilter.cc b/test/extensions/filters/network/common/fuzz/uber_per_writefilter.cc index 911caa250c52..350673901bfe 100644 --- a/test/extensions/filters/network/common/fuzz/uber_per_writefilter.cc +++ b/test/extensions/filters/network/common/fuzz/uber_per_writefilter.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/network/common/utility.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/utility.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/network/common/fuzz/uber_writefilter.h" diff --git a/test/extensions/filters/network/common/fuzz/uber_readfilter.cc b/test/extensions/filters/network/common/fuzz/uber_readfilter.cc index 4d126b8d1cdc..2179484abcda 100644 --- a/test/extensions/filters/network/common/fuzz/uber_readfilter.cc +++ b/test/extensions/filters/network/common/fuzz/uber_readfilter.cc @@ -1,8 +1,8 @@ #include "test/extensions/filters/network/common/fuzz/uber_readfilter.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" -#include "common/network/address_impl.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" +#include "source/common/network/address_impl.h" using testing::Return; diff --git a/test/extensions/filters/network/common/fuzz/uber_readfilter.h b/test/extensions/filters/network/common/fuzz/uber_readfilter.h index 62415490aa5f..eee06955fce8 100644 --- a/test/extensions/filters/network/common/fuzz/uber_readfilter.h +++ b/test/extensions/filters/network/common/fuzz/uber_readfilter.h @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "test/extensions/filters/network/common/fuzz/network_readfilter_fuzz.pb.validate.h" #include "test/extensions/filters/network/common/fuzz/utils/fakes.h" diff --git a/test/extensions/filters/network/common/fuzz/uber_writefilter.cc b/test/extensions/filters/network/common/fuzz/uber_writefilter.cc index b1c99c4fd846..da4979656e82 100644 --- a/test/extensions/filters/network/common/fuzz/uber_writefilter.cc +++ b/test/extensions/filters/network/common/fuzz/uber_writefilter.cc @@ -1,7 +1,7 @@ #include "test/extensions/filters/network/common/fuzz/uber_writefilter.h" -#include "common/config/utility.h" -#include "common/config/version_converter.h" +#include "source/common/config/utility.h" +#include "source/common/config/version_converter.h" using testing::_; using testing::Return; diff --git a/test/extensions/filters/network/common/fuzz/uber_writefilter.h b/test/extensions/filters/network/common/fuzz/uber_writefilter.h index 135d3e7d23f5..788e7858cbd5 100644 --- a/test/extensions/filters/network/common/fuzz/uber_writefilter.h +++ b/test/extensions/filters/network/common/fuzz/uber_writefilter.h @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "test/extensions/filters/network/common/fuzz/network_writefilter_fuzz.pb.validate.h" #include "test/extensions/filters/network/common/fuzz/utils/fakes.h" diff --git a/test/extensions/filters/network/common/redis/client_impl_test.cc b/test/extensions/filters/network/common/redis/client_impl_test.cc index 953aa9374fbd..8096c08cc7f0 100644 --- a/test/extensions/filters/network/common/redis/client_impl_test.cc +++ b/test/extensions/filters/network/common/redis/client_impl_test.cc @@ -2,12 +2,11 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/utility.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/extensions/filters/network/common/redis/test_utils.h" diff --git a/test/extensions/filters/network/common/redis/codec_impl_test.cc b/test/extensions/filters/network/common/redis/codec_impl_test.cc index f1a919380cd5..7d5097db8858 100644 --- a/test/extensions/filters/network/common/redis/codec_impl_test.cc +++ b/test/extensions/filters/network/common/redis/codec_impl_test.cc @@ -1,9 +1,8 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" - -#include "extensions/filters/network/common/redis/codec_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/common/redis/fault_test.cc b/test/extensions/filters/network/common/redis/fault_test.cc index a80caf5c2d2a..da80a05d7a9f 100644 --- a/test/extensions/filters/network/common/redis/fault_test.cc +++ b/test/extensions/filters/network/common/redis/fault_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/random_generator.h" -#include "common/common/assert.h" - -#include "extensions/filters/network/common/redis/fault_impl.h" +#include "source/common/common/assert.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/filters/network/common/redis/mocks.cc b/test/extensions/filters/network/common/redis/mocks.cc index 0def373cffad..419137b413eb 100644 --- a/test/extensions/filters/network/common/redis/mocks.cc +++ b/test/extensions/filters/network/common/redis/mocks.cc @@ -2,7 +2,7 @@ #include -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/common/redis/mocks.h b/test/extensions/filters/network/common/redis/mocks.h index 4f8f11bdaa4b..e79464e5baef 100644 --- a/test/extensions/filters/network/common/redis/mocks.h +++ b/test/extensions/filters/network/common/redis/mocks.h @@ -4,8 +4,8 @@ #include #include -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/codec_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/common/redis/test_utils.h b/test/extensions/filters/network/common/redis/test_utils.h index 7afb3a214bdc..6d18e9dfb971 100644 --- a/test/extensions/filters/network/common/redis/test_utils.h +++ b/test/extensions/filters/network/common/redis/test_utils.h @@ -6,7 +6,7 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/common/utility_test.cc b/test/extensions/filters/network/common/utility_test.cc index cf9cd1986809..05c6e9d815a7 100644 --- a/test/extensions/filters/network/common/utility_test.cc +++ b/test/extensions/filters/network/common/utility_test.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/network/common/utility.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/common/utility.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/mocks/runtime/mocks.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/connection_limit/BUILD b/test/extensions/filters/network/connection_limit/BUILD new file mode 100644 index 000000000000..cf611728a357 --- /dev/null +++ b/test/extensions/filters/network/connection_limit/BUILD @@ -0,0 +1,36 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) +load( + "//test/extensions:extensions_build_system.bzl", + "envoy_extension_cc_test", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_extension_cc_test( + name = "connection_limit_test", + srcs = ["connection_limit_test.cc"], + extension_name = "envoy.filters.network.connection_limit", + deps = [ + "//source/extensions/filters/network/connection_limit:connection_limit_lib", + "//test/mocks/event:event_mocks", + "//test/mocks/network:network_mocks", + "//test/mocks/runtime:runtime_mocks", + "@envoy_api//envoy/extensions/filters/network/connection_limit/v3:pkg_cc_proto", + ], +) + +envoy_extension_cc_test( + name = "connection_limit_integration_test", + srcs = ["connection_limit_integration_test.cc"], + extension_name = "envoy.filters.network.connection_limit", + deps = [ + "//source/extensions/filters/network/connection_limit:config", + "//source/extensions/filters/network/tcp_proxy:config", + "//test/integration:integration_lib", + ], +) diff --git a/test/extensions/filters/network/connection_limit/connection_limit_integration_test.cc b/test/extensions/filters/network/connection_limit/connection_limit_integration_test.cc new file mode 100644 index 000000000000..ea589aa50fb9 --- /dev/null +++ b/test/extensions/filters/network/connection_limit/connection_limit_integration_test.cc @@ -0,0 +1,89 @@ +#include "test/integration/integration.h" + +namespace Envoy { +namespace { + +class ConnectionLimitIntegrationTest : public Event::TestUsingSimulatedTime, + public testing::TestWithParam, + public BaseIntegrationTest { +public: + ConnectionLimitIntegrationTest() + : BaseIntegrationTest(GetParam(), ConfigHelper::tcpProxyConfig()) {} + + void setup(const std::string& filter_yaml) { + config_helper_.addNetworkFilter(filter_yaml); + BaseIntegrationTest::initialize(); + } +}; + +INSTANTIATE_TEST_SUITE_P(IpVersions, ConnectionLimitIntegrationTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +// Make sure the filter works in the basic case. +TEST_P(ConnectionLimitIntegrationTest, NoConnectionLimiting) { + setup(R"EOF( +name: connectionlimit +typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.connection_limit.v3.ConnectionLimit + stat_prefix: connection_limit_stats + max_connections: 1 + delay: 0.2s +)EOF"); + + IntegrationTcpClientPtr tcp_client = makeTcpConnection(lookupPort("listener_0")); + FakeRawConnectionPtr fake_upstream_connection; + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection)); + ASSERT_TRUE(tcp_client->write("hello")); + ASSERT_TRUE(fake_upstream_connection->waitForData(5)); + ASSERT_TRUE(fake_upstream_connection->write("world")); + tcp_client->waitForData("world"); + + EXPECT_EQ( + 1, + test_server_->gauge("connection_limit.connection_limit_stats.active_connections")->value()); + + tcp_client->close(); + ASSERT_TRUE(fake_upstream_connection->waitForDisconnect()); + + test_server_->waitForGaugeEq("connection_limit.connection_limit_stats.active_connections", 0, + std::chrono::milliseconds(100)); + + EXPECT_EQ(0, test_server_->counter("connection_limit.connection_limit_stats.limited_connections") + ->value()); +} + +// Make sure the filter works in the connection limit case. +TEST_P(ConnectionLimitIntegrationTest, ConnectionLimiting) { + setup(R"EOF( +name: connectionlimit +typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.connection_limit.v3.ConnectionLimit + stat_prefix: connection_limit_stats + max_connections: 1 + delay: 0.2s +)EOF"); + + IntegrationTcpClientPtr tcp_client1 = makeTcpConnection(lookupPort("listener_0")); + IntegrationTcpClientPtr tcp_client2 = makeTcpConnection(lookupPort("listener_0")); + + FakeRawConnectionPtr fake_upstream_connection1; + FakeRawConnectionPtr fake_upstream_connection2; + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection1) || + fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection2)); + + test_server_->waitForGaugeEq("connection_limit.connection_limit_stats.active_connections", 1, + std::chrono::milliseconds(200)); + + tcp_client1->close(); + tcp_client2->close(); + + test_server_->waitForGaugeEq("connection_limit.connection_limit_stats.active_connections", 0, + std::chrono::milliseconds(100)); + + EXPECT_EQ(1, test_server_->counter("connection_limit.connection_limit_stats.limited_connections") + ->value()); +} + +} // namespace +} // namespace Envoy diff --git a/test/extensions/filters/network/connection_limit/connection_limit_test.cc b/test/extensions/filters/network/connection_limit/connection_limit_test.cc new file mode 100644 index 000000000000..b7e5098bb4af --- /dev/null +++ b/test/extensions/filters/network/connection_limit/connection_limit_test.cc @@ -0,0 +1,208 @@ +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.h" +#include "envoy/extensions/filters/network/connection_limit/v3/connection_limit.pb.validate.h" + +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/connection_limit/connection_limit.h" + +#include "test/mocks/event/mocks.h" +#include "test/mocks/network/mocks.h" +#include "test/mocks/runtime/mocks.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +using testing::_; +using testing::InSequence; +using testing::NiceMock; +using testing::Return; + +namespace Envoy { +namespace Extensions { +namespace NetworkFilters { +namespace ConnectionLimitFilter { + +class ConnectionLimitTestBase : public testing::Test { +public: + void initialize(const std::string& filter_yaml) { + envoy::extensions::filters::network::connection_limit::v3::ConnectionLimit proto_config; + TestUtility::loadFromYamlAndValidate(filter_yaml, proto_config); + config_ = std::make_shared(proto_config, stats_store_, runtime_); + } + + Thread::ThreadSynchronizer& synchronizer() { return config_->synchronizer_; } + + Stats::IsolatedStoreImpl stats_store_; + NiceMock runtime_; + ConfigSharedPtr config_; +}; + +class ConnectionLimitFilterTest : public ConnectionLimitTestBase { +public: + struct ActiveFilter { + ActiveFilter(const ConfigSharedPtr& config) : filter_(config) { + filter_.initializeReadFilterCallbacks(read_filter_callbacks_); + } + + NiceMock read_filter_callbacks_; + Filter filter_; + }; +}; + +// Basic no connection limit case. +TEST_F(ConnectionLimitFilterTest, NoConnectionLimit) { + initialize(R"EOF( +stat_prefix: connection_limit_stats +max_connections: 1 +delay: 0.2s +)EOF"); + + InSequence s; + Buffer::OwnedImpl buffer("test"); + ActiveFilter active_filter(config_); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter.filter_.onData(buffer, false)); + EXPECT_EQ(1, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); + EXPECT_EQ(0, TestUtility::findCounter( + stats_store_, "connection_limit.connection_limit_stats.limited_connections") + ->value()); +} + +// Basic connection limit case. +TEST_F(ConnectionLimitFilterTest, ConnectionLimit) { + initialize(R"EOF( +stat_prefix: connection_limit_stats +max_connections: 2 +delay: 0s +)EOF"); + + // First connection is OK. + InSequence s; + Buffer::OwnedImpl buffer("test"); + ActiveFilter active_filter1(config_); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onData(buffer, false)); + + // Second connection is OK. + ActiveFilter active_filter2(config_); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter2.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter2.filter_.onData(buffer, false)); + EXPECT_EQ(2, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); + + // Third connection should be connection limited. + ActiveFilter active_filter3(config_); + EXPECT_CALL(active_filter3.read_filter_callbacks_.connection_, close(_)); + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter3.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter3.filter_.onData(buffer, false)); + EXPECT_EQ(1, TestUtility::findCounter( + stats_store_, "connection_limit.connection_limit_stats.limited_connections") + ->value()); + EXPECT_EQ(2, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); +} + +// Connection limit with delay case. +TEST_F(ConnectionLimitFilterTest, ConnectionLimitWithDelay) { + initialize(R"EOF( +stat_prefix: connection_limit_stats +max_connections: 1 +delay: 0.2s +)EOF"); + + // First connection is OK. + InSequence s; + Buffer::OwnedImpl buffer("test"); + ActiveFilter active_filter1(config_); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onData(buffer, false)); + + // Second connection should be connection limited. + ActiveFilter active_filter2(config_); + Event::MockTimer* delay_timer = new NiceMock( + &active_filter2.read_filter_callbacks_.connection_.dispatcher_); + EXPECT_CALL(*delay_timer, enableTimer(std::chrono::milliseconds(200), _)); + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter2.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter2.filter_.onData(buffer, false)); + EXPECT_EQ(1, TestUtility::findCounter( + stats_store_, "connection_limit.connection_limit_stats.limited_connections") + ->value()); + EXPECT_EQ(2, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); + EXPECT_CALL(active_filter2.read_filter_callbacks_.connection_, close(_)); + delay_timer->invokeCallback(); + EXPECT_EQ(1, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); +} + +// Verify the runtime disable functionality. +TEST_F(ConnectionLimitFilterTest, RuntimeDisabled) { + initialize(R"EOF( +stat_prefix: connection_limit_stats +max_connections: 1 +delay: 0.2s +runtime_enabled: + default_value: true + runtime_key: foo_key +)EOF"); + + // First connection is OK. + InSequence s; + Buffer::OwnedImpl buffer("test"); + ActiveFilter active_filter1(config_); + EXPECT_CALL(runtime_.snapshot_, getBoolean("foo_key", true)).WillOnce(Return(true)); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter1.filter_.onData(buffer, false)); + + // Second connection should be connection limited but won't be due to filter disable. + ActiveFilter active_filter2(config_); + EXPECT_CALL(runtime_.snapshot_, getBoolean("foo_key", true)).WillOnce(Return(false)); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter2.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter2.filter_.onData(buffer, false)); + EXPECT_EQ(1, TestUtility::findGauge(stats_store_, + "connection_limit.connection_limit_stats.active_connections") + ->value()); + EXPECT_EQ(0, TestUtility::findCounter( + stats_store_, "connection_limit.connection_limit_stats.limited_connections") + ->value()); +} + +// Verify increment connection counter CAS edge case. +TEST_F(ConnectionLimitFilterTest, IncrementCasEdgeCase) { + initialize(R"EOF( +stat_prefix: connection_limit_stats +max_connections: 1 +delay: 0s +)EOF"); + + InSequence s; + Buffer::OwnedImpl buffer("test"); + ActiveFilter active_filter(config_); + + synchronizer().enable(); + + // Start a thread and see if we are under limit. This will wait pre-CAS. + synchronizer().waitOn("increment_pre_cas"); + std::thread t1([&] { + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::StopIteration, active_filter.filter_.onData(buffer, false)); + }); + // Wait until the thread is actually waiting. + synchronizer().barrierOn("increment_pre_cas"); + + // Increase connection counter to 1, which should cause the CAS to fail on the other thread. + EXPECT_EQ(Network::FilterStatus::Continue, active_filter.filter_.onNewConnection()); + EXPECT_EQ(Network::FilterStatus::Continue, active_filter.filter_.onData(buffer, false)); + synchronizer().signal("increment_pre_cas"); + t1.join(); +} + +} // namespace ConnectionLimitFilter +} // namespace NetworkFilters +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/filters/network/direct_response/direct_response_test.cc b/test/extensions/filters/network/direct_response/direct_response_test.cc index f6d92d4e0352..061e39d25920 100644 --- a/test/extensions/filters/network/direct_response/direct_response_test.cc +++ b/test/extensions/filters/network/direct_response/direct_response_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/filters/network/direct_response/v3/config.pb.validate.h" -#include "extensions/filters/network/direct_response/filter.h" +#include "source/extensions/filters/network/direct_response/filter.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/dubbo_proxy/BUILD b/test/extensions/filters/network/dubbo_proxy/BUILD index 6eb15466f4fa..aa28812c8e19 100644 --- a/test/extensions/filters/network/dubbo_proxy/BUILD +++ b/test/extensions/filters/network/dubbo_proxy/BUILD @@ -180,7 +180,6 @@ envoy_extension_cc_test( extension_name = "envoy.filters.network.dubbo_proxy", deps = [ ":mocks_lib", - "//source/extensions/filters/network/dubbo_proxy/filters:well_known_names", "//source/extensions/filters/network/dubbo_proxy/router:config", "//test/mocks/server:factory_context_mocks", "@envoy_api//envoy/extensions/filters/network/dubbo_proxy/router/v3:pkg_cc_proto", diff --git a/test/extensions/filters/network/dubbo_proxy/app_exception_test.cc b/test/extensions/filters/network/dubbo_proxy/app_exception_test.cc index 49403617d9f9..94ec6b6accee 100644 --- a/test/extensions/filters/network/dubbo_proxy/app_exception_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/app_exception_test.cc @@ -1,10 +1,10 @@ -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" diff --git a/test/extensions/filters/network/dubbo_proxy/config_test.cc b/test/extensions/filters/network/dubbo_proxy/config_test.cc index d98fe3feef35..e10262aa646b 100644 --- a/test/extensions/filters/network/dubbo_proxy/config_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/config_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" -#include "extensions/filters/network/dubbo_proxy/config.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter_config.h" +#include "source/extensions/filters/network/dubbo_proxy/config.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter_config.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/mocks/server/factory_context.h" @@ -161,7 +161,8 @@ TEST_F(DubboFilterConfigTest, CreateFilterChain) { NiceMock context; DubboFilters::MockFilterChainFactoryCallbacks callbacks; ConfigImpl config(dubbo_config, context); - EXPECT_CALL(callbacks, addDecoderFilter(_)).Times(2); + EXPECT_CALL(callbacks, addDecoderFilter(_)); + EXPECT_CALL(callbacks, addFilter(_)); config.createFilterChain(callbacks); } diff --git a/test/extensions/filters/network/dubbo_proxy/conn_manager_test.cc b/test/extensions/filters/network/dubbo_proxy/conn_manager_test.cc index 40f26d0fe804..1c0e9b10e372 100644 --- a/test/extensions/filters/network/dubbo_proxy/conn_manager_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/conn_manager_test.cc @@ -1,14 +1,13 @@ #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/dubbo_proxy.pb.validate.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/config.h" -#include "extensions/filters/network/dubbo_proxy/conn_manager.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/config.h" +#include "source/extensions/filters/network/dubbo_proxy/conn_manager.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" @@ -432,14 +431,12 @@ TEST_F(ConnectionManagerTest, OnDataHandlesProtocolErrorOnWrite) { // Start the read buffer writePartialHessianRequestMessage(buffer_, false, false, 0x0F, true); - uint64_t len = buffer_.length(); DubboFilters::DecoderFilterCallbacks* callbacks{}; EXPECT_CALL(*decoder_filter, setDecoderFilterCallbacks(_)) .WillOnce(Invoke([&](DubboFilters::DecoderFilterCallbacks& cb) -> void { callbacks = &cb; })); EXPECT_EQ(conn_manager_->onData(buffer_, false), Network::FilterStatus::StopIteration); - len -= buffer_.length(); // Disable sniffing writeInvalidRequestMessage(write_buffer_); diff --git a/test/extensions/filters/network/dubbo_proxy/decoder_test.cc b/test/extensions/filters/network/dubbo_proxy/decoder_test.cc index c18cb691c9eb..396cc35188cc 100644 --- a/test/extensions/filters/network/dubbo_proxy/decoder_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/decoder_test.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/dubbo_proxy/decoder.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/extensions/filters/network/dubbo_proxy/utility.h" diff --git a/test/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl_test.cc b/test/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl_test.cc index 19113bba6b5b..142d5400e2dd 100644 --- a/test/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl_test.cc @@ -1,6 +1,6 @@ -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/extensions/filters/network/dubbo_proxy/utility.h" diff --git a/test/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl_test.cc b/test/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl_test.cc index 2501f0adfaba..9f57e392df53 100644 --- a/test/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl_test.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_protocol_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/extensions/filters/network/dubbo_proxy/utility.h" diff --git a/test/extensions/filters/network/dubbo_proxy/heartbeat_response_test.cc b/test/extensions/filters/network/dubbo_proxy/heartbeat_response_test.cc index 1313da2da066..30fc8a976a50 100644 --- a/test/extensions/filters/network/dubbo_proxy/heartbeat_response_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/heartbeat_response_test.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/dubbo_proxy/heartbeat_response.h" -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/heartbeat_response.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" diff --git a/test/extensions/filters/network/dubbo_proxy/hessian_utils_test.cc b/test/extensions/filters/network/dubbo_proxy/hessian_utils_test.cc index daf167ef1dea..e291687293dc 100644 --- a/test/extensions/filters/network/dubbo_proxy/hessian_utils_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/hessian_utils_test.cc @@ -1,6 +1,6 @@ #include "envoy/common/exception.h" -#include "extensions/filters/network/dubbo_proxy/hessian_utils.h" +#include "source/extensions/filters/network/dubbo_proxy/hessian_utils.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/dubbo_proxy/message_impl_test.cc b/test/extensions/filters/network/dubbo_proxy/message_impl_test.cc index 82767f6cb8db..24c4feaa5e20 100644 --- a/test/extensions/filters/network/dubbo_proxy/message_impl_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/message_impl_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/dubbo_proxy/metadata_test.cc b/test/extensions/filters/network/dubbo_proxy/metadata_test.cc index c014b7ff5611..bd2e2acc56d8 100644 --- a/test/extensions/filters/network/dubbo_proxy/metadata_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/metadata_test.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/metadata.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/metadata.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/dubbo_proxy/mocks.cc b/test/extensions/filters/network/dubbo_proxy/mocks.cc index 4cd21e654dc9..f42a21a3ee12 100644 --- a/test/extensions/filters/network/dubbo_proxy/mocks.cc +++ b/test/extensions/filters/network/dubbo_proxy/mocks.cc @@ -2,8 +2,8 @@ #include -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/dubbo_proxy/mocks.h b/test/extensions/filters/network/dubbo_proxy/mocks.h index fa741daa2093..cee1ae8aa0bb 100644 --- a/test/extensions/filters/network/dubbo_proxy/mocks.h +++ b/test/extensions/filters/network/dubbo_proxy/mocks.h @@ -1,14 +1,13 @@ #pragma once -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/dubbo_proxy/decoder.h" -#include "extensions/filters/network/dubbo_proxy/decoder_event_handler.h" -#include "extensions/filters/network/dubbo_proxy/filters/factory_base.h" -#include "extensions/filters/network/dubbo_proxy/filters/filter.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/router/router.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder.h" +#include "source/extensions/filters/network/dubbo_proxy/decoder_event_handler.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/factory_base.h" +#include "source/extensions/filters/network/dubbo_proxy/filters/filter.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router.h" #include "test/mocks/network/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/network/dubbo_proxy/route_matcher_test.cc b/test/extensions/filters/network/dubbo_proxy/route_matcher_test.cc index 31a4ef785cee..a523468d69a2 100644 --- a/test/extensions/filters/network/dubbo_proxy/route_matcher_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/route_matcher_test.cc @@ -3,10 +3,9 @@ #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/v3/route.pb.validate.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/router/route_matcher.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/router/route_matcher.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/dubbo_proxy/router_filter_config_test.cc b/test/extensions/filters/network/dubbo_proxy/router_filter_config_test.cc index 6f9c65ffb429..04c1a966a194 100644 --- a/test/extensions/filters/network/dubbo_proxy/router_filter_config_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/router_filter_config_test.cc @@ -1,8 +1,7 @@ #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.h" #include "envoy/extensions/filters/network/dubbo_proxy/router/v3/router.pb.validate.h" -#include "extensions/filters/network/dubbo_proxy/filters/well_known_names.h" -#include "extensions/filters/network/dubbo_proxy/router/config.h" +#include "source/extensions/filters/network/dubbo_proxy/router/config.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/mocks/server/factory_context.h" @@ -25,7 +24,7 @@ TEST(DubboProxyRouterFilterConfigTest, RouterV2Alpha1Filter) { DubboFilters::FilterFactoryCb cb = factory.createFilterFactoryFromProto(router_config, "stats", context); DubboFilters::MockFilterChainFactoryCallbacks filter_callback; - EXPECT_CALL(filter_callback, addDecoderFilter(_)); + EXPECT_CALL(filter_callback, addFilter(_)); cb(filter_callback); } @@ -35,7 +34,7 @@ TEST(DubboProxyRouterFilterConfigTest, RouterFilterWithEmptyProtoConfig) { DubboFilters::FilterFactoryCb cb = factory.createFilterFactoryFromProto(*factory.createEmptyConfigProto(), "stats", context); DubboFilters::MockFilterChainFactoryCallbacks filter_callback; - EXPECT_CALL(filter_callback, addDecoderFilter(_)); + EXPECT_CALL(filter_callback, addFilter(_)); cb(filter_callback); } diff --git a/test/extensions/filters/network/dubbo_proxy/router_test.cc b/test/extensions/filters/network/dubbo_proxy/router_test.cc index e8945775b3ea..6c063553872c 100644 --- a/test/extensions/filters/network/dubbo_proxy/router_test.cc +++ b/test/extensions/filters/network/dubbo_proxy/router_test.cc @@ -1,10 +1,10 @@ #include -#include "extensions/filters/network/dubbo_proxy/app_exception.h" -#include "extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" -#include "extensions/filters/network/dubbo_proxy/message_impl.h" -#include "extensions/filters/network/dubbo_proxy/protocol.h" -#include "extensions/filters/network/dubbo_proxy/router/router_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/app_exception.h" +#include "source/extensions/filters/network/dubbo_proxy/dubbo_hessian2_serializer_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/message_impl.h" +#include "source/extensions/filters/network/dubbo_proxy/protocol.h" +#include "source/extensions/filters/network/dubbo_proxy/router/router_impl.h" #include "test/extensions/filters/network/dubbo_proxy/mocks.h" #include "test/extensions/filters/network/dubbo_proxy/utility.h" @@ -106,6 +106,7 @@ class DubboRouterTestBase { EXPECT_EQ(nullptr, router_->downstreamConnection()); router_->setDecoderFilterCallbacks(callbacks_); + router_->setEncoderFilterCallbacks(encoder_callbacks_); } void initializeMetadata(MessageType msg_type) { @@ -237,6 +238,7 @@ class DubboRouterTestBase { NiceMock context_; NiceMock connection_; NiceMock callbacks_; + NiceMock encoder_callbacks_; NiceMock* serializer_{}; NiceMock* protocol_{}; NiceMock* route_{}; @@ -335,7 +337,7 @@ TEST_F(DubboRouterTest, NoHealthyHosts) { EXPECT_CALL(*route_, routeEntry()).WillOnce(Return(&route_entry_)); EXPECT_CALL(route_entry_, clusterName()).WillRepeatedly(ReturnRef(cluster_name_)); EXPECT_CALL(context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); EXPECT_CALL(callbacks_, sendLocalReply(_, _)) .WillOnce(Invoke([&](const DubboFilters::DirectResponse& response, bool end_stream) -> void { @@ -628,6 +630,74 @@ TEST_F(DubboRouterTest, LocalClosedWhileResponseComplete) { destroyRouter(); } +TEST_F(DubboRouterTest, ResponseOk) { + initializeRouter(); + startRequest(MessageType::Request); + connectUpstream(); + + auto response_meta = std::make_shared(); + response_meta->setMessageType(MessageType::Response); + response_meta->setResponseStatus(ResponseStatus::Ok); + + EXPECT_CALL( + context_.cluster_manager_.thread_local_cluster_.tcp_conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::ExtOriginRequestSuccess, _)); + EXPECT_EQ(FilterStatus::Continue, router_->onMessageEncoded(response_meta, message_context_)); + + destroyRouter(); +} + +TEST_F(DubboRouterTest, ResponseException) { + initializeRouter(); + startRequest(MessageType::Request); + connectUpstream(); + + auto response_meta = std::make_shared(); + response_meta->setMessageType(MessageType::Exception); + response_meta->setResponseStatus(ResponseStatus::Ok); + + EXPECT_CALL( + context_.cluster_manager_.thread_local_cluster_.tcp_conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::ExtOriginRequestFailed, _)); + EXPECT_EQ(FilterStatus::Continue, router_->onMessageEncoded(response_meta, message_context_)); + + destroyRouter(); +} + +TEST_F(DubboRouterTest, ResponseServerTimeout) { + initializeRouter(); + startRequest(MessageType::Request); + connectUpstream(); + + auto response_meta = std::make_shared(); + response_meta->setMessageType(MessageType::Response); + response_meta->setResponseStatus(ResponseStatus::ServerTimeout); + + EXPECT_CALL( + context_.cluster_manager_.thread_local_cluster_.tcp_conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::LocalOriginTimeout, _)); + EXPECT_EQ(FilterStatus::Continue, router_->onMessageEncoded(response_meta, message_context_)); + + destroyRouter(); +} + +TEST_F(DubboRouterTest, ResponseServerError) { + initializeRouter(); + startRequest(MessageType::Request); + connectUpstream(); + + auto response_meta = std::make_shared(); + response_meta->setMessageType(MessageType::Response); + response_meta->setResponseStatus(ResponseStatus::ServiceError); + + EXPECT_CALL( + context_.cluster_manager_.thread_local_cluster_.tcp_conn_pool_.host_->outlier_detector_, + putResult(Upstream::Outlier::Result::ExtOriginRequestFailed, _)); + EXPECT_EQ(FilterStatus::Continue, router_->onMessageEncoded(response_meta, message_context_)); + + destroyRouter(); +} + } // namespace Router } // namespace DubboProxy } // namespace NetworkFilters diff --git a/test/extensions/filters/network/dubbo_proxy/utility.h b/test/extensions/filters/network/dubbo_proxy/utility.h index 5005a44af2cc..302266a06935 100644 --- a/test/extensions/filters/network/dubbo_proxy/utility.h +++ b/test/extensions/filters/network/dubbo_proxy/utility.h @@ -2,8 +2,8 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/common/byte_order.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/byte_order.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/ext_authz/config_test.cc b/test/extensions/filters/network/ext_authz/config_test.cc index 9cdb483aa7ac..5960ec93088b 100644 --- a/test/extensions/filters/network/ext_authz/config_test.cc +++ b/test/extensions/filters/network/ext_authz/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/stats/scope.h" -#include "extensions/filters/network/ext_authz/config.h" +#include "source/extensions/filters/network/ext_authz/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/test_runtime.h" diff --git a/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc b/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc index de8a274608a8..93f55a7f85b2 100644 --- a/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc +++ b/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" - -#include "extensions/filters/network/ext_authz/ext_authz.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/network/ext_authz/ext_authz.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/extensions/filters/network/ext_authz/ext_authz_fuzz.pb.validate.h" @@ -14,7 +13,6 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" -using testing::ReturnRef; using testing::WithArgs; namespace Envoy { diff --git a/test/extensions/filters/network/ext_authz/ext_authz_test.cc b/test/extensions/filters/network/ext_authz/ext_authz_test.cc index 053d84d3c04a..b3b30010f320 100644 --- a/test/extensions/filters/network/ext_authz/ext_authz_test.cc +++ b/test/extensions/filters/network/ext_authz/ext_authz_test.cc @@ -6,13 +6,12 @@ #include "envoy/extensions/filters/network/ext_authz/v3/ext_authz.pb.validate.h" #include "envoy/stats/stats.h" -#include "common/buffer/buffer_impl.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/ext_authz/ext_authz.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/ext_authz/ext_authz.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/common/ext_authz/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/http_connection_manager/config_filter_chain_test.cc b/test/extensions/filters/network/http_connection_manager/config_filter_chain_test.cc index 4764d75b9228..3c0e659844a2 100644 --- a/test/extensions/filters/network/http_connection_manager/config_filter_chain_test.cc +++ b/test/extensions/filters/network/http_connection_manager/config_filter_chain_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/http_connection_manager/config.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" #include "test/extensions/filters/network/http_connection_manager/config_test_base.h" #include "test/mocks/config/mocks.h" diff --git a/test/extensions/filters/network/http_connection_manager/config_filter_dependencies_test.cc b/test/extensions/filters/network/http_connection_manager/config_filter_dependencies_test.cc index e9bc5386ede3..e3bc4a6b5f63 100644 --- a/test/extensions/filters/network/http_connection_manager/config_filter_dependencies_test.cc +++ b/test/extensions/filters/network/http_connection_manager/config_filter_dependencies_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/filters/common/dependency/v3/dependency.pb.h" -#include "extensions/filters/network/http_connection_manager/config.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" #include "test/extensions/filters/network/http_connection_manager/config_test_base.h" #include "test/mocks/config/mocks.h" diff --git a/test/extensions/filters/network/http_connection_manager/config_test.cc b/test/extensions/filters/network/http_connection_manager/config_test.cc index 7d2a11ceb7f0..2477db6bf4fc 100644 --- a/test/extensions/filters/network/http_connection_manager/config_test.cc +++ b/test/extensions/filters/network/http_connection_manager/config_test.cc @@ -7,10 +7,9 @@ #include "envoy/server/request_id_extension_config.h" #include "envoy/type/v3/percent.pb.h" -#include "common/network/address_impl.h" - -#include "extensions/filters/network/http_connection_manager/config.h" -#include "extensions/request_id/uuid/config.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" +#include "source/extensions/request_id/uuid/config.h" #include "test/extensions/filters/network/http_connection_manager/config.pb.h" #include "test/extensions/filters/network/http_connection_manager/config.pb.validate.h" @@ -1152,6 +1151,59 @@ TEST_F(HttpConnectionManagerConfigTest, RemoveAnyPortFalse) { EXPECT_EQ(Http::StripPortType::None, config.stripPortType()); } +// Validated that by default we don't remove host's trailing dot. +TEST_F(HttpConnectionManagerConfigTest, RemoveTrailingDotDefault) { + const std::string yaml_string = R"EOF( + stat_prefix: ingress_http + route_config: + name: local_route + http_filters: + - name: envoy.filters.http.router + )EOF"; + + HttpConnectionManagerConfig config(parseHttpConnectionManagerFromYaml(yaml_string), context_, + date_provider_, route_config_provider_manager_, + scoped_routes_config_provider_manager_, http_tracer_manager_, + filter_config_provider_manager_); + EXPECT_EQ(false, config.shouldStripTrailingHostDot()); +} + +// Validated that when configured, we remove host's trailing dot. +TEST_F(HttpConnectionManagerConfigTest, RemoveTrailingDotTrue) { + const std::string yaml_string = R"EOF( + stat_prefix: ingress_http + route_config: + name: local_route + strip_trailing_host_dot: true + http_filters: + - name: envoy.filters.http.router + )EOF"; + + HttpConnectionManagerConfig config(parseHttpConnectionManagerFromYaml(yaml_string), context_, + date_provider_, route_config_provider_manager_, + scoped_routes_config_provider_manager_, http_tracer_manager_, + filter_config_provider_manager_); + EXPECT_EQ(true, config.shouldStripTrailingHostDot()); +} + +// Validated that when explicitly set false, then we don't remove trailing host dot. +TEST_F(HttpConnectionManagerConfigTest, RemoveTrailingDotFalse) { + const std::string yaml_string = R"EOF( + stat_prefix: ingress_http + route_config: + name: local_route + strip_trailing_host_dot: false + http_filters: + - name: envoy.filters.http.router + )EOF"; + + HttpConnectionManagerConfig config(parseHttpConnectionManagerFromYaml(yaml_string), context_, + date_provider_, route_config_provider_manager_, + scoped_routes_config_provider_manager_, http_tracer_manager_, + filter_config_provider_manager_); + EXPECT_EQ(false, config.shouldStripTrailingHostDot()); +} + // Validated that by default we allow requests with header names containing underscores. TEST_F(HttpConnectionManagerConfigTest, HeadersWithUnderscoresAllowedByDefault) { const std::string yaml_string = R"EOF( diff --git a/test/extensions/filters/network/http_connection_manager/config_test_base.h b/test/extensions/filters/network/http_connection_manager/config_test_base.h index a4554a42d670..1737bd162253 100644 --- a/test/extensions/filters/network/http_connection_manager/config_test_base.h +++ b/test/extensions/filters/network/http_connection_manager/config_test_base.h @@ -1,12 +1,11 @@ #pragma once -#include "common/filter/http/filter_config_discovery_impl.h" -#include "common/http/date_provider_impl.h" -#include "common/network/address_impl.h" - -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/common/pass_through_filter.h" -#include "extensions/filters/network/http_connection_manager/config.h" +#include "source/common/filter/http/filter_config_discovery_impl.h" +#include "source/common/http/date_provider_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/network/http_connection_manager/config.h" #include "test/extensions/filters/network/http_connection_manager/config.pb.h" #include "test/extensions/filters/network/http_connection_manager/config.pb.validate.h" diff --git a/test/extensions/filters/network/http_connection_manager/dependency_manager_test.cc b/test/extensions/filters/network/http_connection_manager/dependency_manager_test.cc index f1b627522741..a4404666356a 100644 --- a/test/extensions/filters/network/http_connection_manager/dependency_manager_test.cc +++ b/test/extensions/filters/network/http_connection_manager/dependency_manager_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/http_connection_manager/dependency_manager.h" +#include "source/extensions/filters/network/http_connection_manager/dependency_manager.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/kafka/broker/BUILD b/test/extensions/filters/network/kafka/broker/BUILD index cc64251e3f59..f6f4fae2df47 100644 --- a/test/extensions/filters/network/kafka/broker/BUILD +++ b/test/extensions/filters/network/kafka/broker/BUILD @@ -26,7 +26,7 @@ envoy_extension_cc_test( srcs = ["filter_unit_test.cc"], extension_name = "envoy.filters.network.kafka_broker", deps = [ - "//include/envoy/event:timer_interface", + "//envoy/event:timer_interface", "//source/extensions/filters/network/kafka:kafka_broker_filter_lib", "//test/mocks/network:network_mocks", "//test/mocks/stats:stats_mocks", diff --git a/test/extensions/filters/network/kafka/broker/config_unit_test.cc b/test/extensions/filters/network/kafka/broker/config_unit_test.cc index e464acad0b96..4d447883174e 100644 --- a/test/extensions/filters/network/kafka/broker/config_unit_test.cc +++ b/test/extensions/filters/network/kafka/broker/config_unit_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/broker/config.h" +#include "source/extensions/filters/network/kafka/broker/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/kafka/broker/filter_protocol_test.cc b/test/extensions/filters/network/kafka/broker/filter_protocol_test.cc index 2c0606ae91e9..17ef7a3f084a 100644 --- a/test/extensions/filters/network/kafka/broker/filter_protocol_test.cc +++ b/test/extensions/filters/network/kafka/broker/filter_protocol_test.cc @@ -3,12 +3,11 @@ * messages properly. */ -#include "common/common/utility.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/kafka/broker/filter.h" -#include "extensions/filters/network/kafka/external/requests.h" -#include "extensions/filters/network/kafka/external/responses.h" +#include "source/common/common/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/kafka/broker/filter.h" +#include "source/extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/external/responses.h" #include "test/common/stats/stat_test_utility.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" diff --git a/test/extensions/filters/network/kafka/broker/filter_unit_test.cc b/test/extensions/filters/network/kafka/broker/filter_unit_test.cc index 0555fe75f625..d62ca8a68700 100644 --- a/test/extensions/filters/network/kafka/broker/filter_unit_test.cc +++ b/test/extensions/filters/network/kafka/broker/filter_unit_test.cc @@ -1,7 +1,7 @@ #include "envoy/event/timer.h" -#include "extensions/filters/network/kafka/broker/filter.h" -#include "extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/broker/filter.h" +#include "source/extensions/filters/network/kafka/external/requests.h" #include "test/mocks/network/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/extensions/filters/network/kafka/buffer_based_test.h b/test/extensions/filters/network/kafka/buffer_based_test.h index 612f484df5ba..a762fb3a9ec7 100644 --- a/test/extensions/filters/network/kafka/buffer_based_test.h +++ b/test/extensions/filters/network/kafka/buffer_based_test.h @@ -1,8 +1,7 @@ #pragma once -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/kafka/serialization.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/kafka/serialization.h" #include "absl/container/fixed_array.h" #include "absl/strings/string_view.h" diff --git a/test/extensions/filters/network/kafka/kafka_request_parser_test.cc b/test/extensions/filters/network/kafka/kafka_request_parser_test.cc index cb20b878098f..deeb6309bea9 100644 --- a/test/extensions/filters/network/kafka/kafka_request_parser_test.cc +++ b/test/extensions/filters/network/kafka/kafka_request_parser_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/kafka_request_parser.h" +#include "source/extensions/filters/network/kafka/kafka_request_parser.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/kafka_response_parser_test.cc b/test/extensions/filters/network/kafka/kafka_response_parser_test.cc index b905fc326f44..17615be344ff 100644 --- a/test/extensions/filters/network/kafka/kafka_response_parser_test.cc +++ b/test/extensions/filters/network/kafka/kafka_response_parser_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/kafka_response_parser.h" +#include "source/extensions/filters/network/kafka/kafka_response_parser.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/message_utilities.h b/test/extensions/filters/network/kafka/message_utilities.h index 4aabb18d1dba..6fc0e1728b21 100644 --- a/test/extensions/filters/network/kafka/message_utilities.h +++ b/test/extensions/filters/network/kafka/message_utilities.h @@ -2,8 +2,8 @@ #include -#include "extensions/filters/network/kafka/kafka_request.h" -#include "extensions/filters/network/kafka/kafka_response.h" +#include "source/extensions/filters/network/kafka/kafka_request.h" +#include "source/extensions/filters/network/kafka/kafka_response.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/kafka/metrics_integration_test.cc b/test/extensions/filters/network/kafka/metrics_integration_test.cc index 252644485c99..84a331a76003 100644 --- a/test/extensions/filters/network/kafka/metrics_integration_test.cc +++ b/test/extensions/filters/network/kafka/metrics_integration_test.cc @@ -1,5 +1,5 @@ -#include "extensions/filters/network/kafka/external/request_metrics.h" -#include "extensions/filters/network/kafka/external/response_metrics.h" +#include "source/extensions/filters/network/kafka/external/request_metrics.h" +#include "source/extensions/filters/network/kafka/external/response_metrics.h" #include "test/common/stats/stat_test_utility.h" #include "test/extensions/filters/network/kafka/message_utilities.h" diff --git a/test/extensions/filters/network/kafka/protocol/request_codec_request_test_cc.j2 b/test/extensions/filters/network/kafka/protocol/request_codec_request_test_cc.j2 index 4c29ff373076..99b32400be79 100644 --- a/test/extensions/filters/network/kafka/protocol/request_codec_request_test_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/request_codec_request_test_cc.j2 @@ -9,8 +9,8 @@ - capture messages received in callback, - verify that captured messages are identical to the ones sent. #} -#include "extensions/filters/network/kafka/external/requests.h" -#include "extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/request_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/protocol/request_utilities_cc.j2 b/test/extensions/filters/network/kafka/protocol/request_utilities_cc.j2 index f43926d57587..90a3ab46c894 100644 --- a/test/extensions/filters/network/kafka/protocol/request_utilities_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/request_utilities_cc.j2 @@ -5,7 +5,7 @@ #include "test/extensions/filters/network/kafka/message_utilities.h" -#include "extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/external/requests.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/kafka/protocol/requests_test_cc.j2 b/test/extensions/filters/network/kafka/protocol/requests_test_cc.j2 index ec96a4d90047..4157eec181d2 100644 --- a/test/extensions/filters/network/kafka/protocol/requests_test_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/requests_test_cc.j2 @@ -3,8 +3,8 @@ For every request, we want to check if it can be serialized and deserialized properly. #} -#include "extensions/filters/network/kafka/external/requests.h" -#include "extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/external/requests.h" +#include "source/extensions/filters/network/kafka/request_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" diff --git a/test/extensions/filters/network/kafka/protocol/response_codec_response_test_cc.j2 b/test/extensions/filters/network/kafka/protocol/response_codec_response_test_cc.j2 index f366452cf19f..d03e40e2b853 100644 --- a/test/extensions/filters/network/kafka/protocol/response_codec_response_test_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/response_codec_response_test_cc.j2 @@ -9,8 +9,8 @@ - capture messages received in callback, - verify that captured messages are identical to the ones sent. #} -#include "extensions/filters/network/kafka/external/responses.h" -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/extensions/filters/network/kafka/external/responses.h" +#include "source/extensions/filters/network/kafka/response_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/protocol/response_utilities_cc.j2 b/test/extensions/filters/network/kafka/protocol/response_utilities_cc.j2 index 783299f9f95b..af412270c185 100644 --- a/test/extensions/filters/network/kafka/protocol/response_utilities_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/response_utilities_cc.j2 @@ -5,7 +5,7 @@ #include "test/extensions/filters/network/kafka/message_utilities.h" -#include "extensions/filters/network/kafka/external/responses.h" +#include "source/extensions/filters/network/kafka/external/responses.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/kafka/protocol/responses_test_cc.j2 b/test/extensions/filters/network/kafka/protocol/responses_test_cc.j2 index 84fff592eb34..cf5d552721ac 100644 --- a/test/extensions/filters/network/kafka/protocol/responses_test_cc.j2 +++ b/test/extensions/filters/network/kafka/protocol/responses_test_cc.j2 @@ -3,8 +3,8 @@ For every response, we want to check if it can be serialized and deserialized properly. #} -#include "extensions/filters/network/kafka/external/responses.h" -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/extensions/filters/network/kafka/external/responses.h" +#include "source/extensions/filters/network/kafka/response_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" diff --git a/test/extensions/filters/network/kafka/request_codec_integration_test.cc b/test/extensions/filters/network/kafka/request_codec_integration_test.cc index 8a7ae9b7a7a3..ceb475b45063 100644 --- a/test/extensions/filters/network/kafka/request_codec_integration_test.cc +++ b/test/extensions/filters/network/kafka/request_codec_integration_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/request_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/request_codec_unit_test.cc b/test/extensions/filters/network/kafka/request_codec_unit_test.cc index 9d9c0734262f..0e6ad23ce5f0 100644 --- a/test/extensions/filters/network/kafka/request_codec_unit_test.cc +++ b/test/extensions/filters/network/kafka/request_codec_unit_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/request_codec.h" +#include "source/extensions/filters/network/kafka/request_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" diff --git a/test/extensions/filters/network/kafka/response_codec_integration_test.cc b/test/extensions/filters/network/kafka/response_codec_integration_test.cc index 287ba9f1855a..191d738297f2 100644 --- a/test/extensions/filters/network/kafka/response_codec_integration_test.cc +++ b/test/extensions/filters/network/kafka/response_codec_integration_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/extensions/filters/network/kafka/response_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/response_codec_unit_test.cc b/test/extensions/filters/network/kafka/response_codec_unit_test.cc index 07dc116aab06..d05f42e9a9a2 100644 --- a/test/extensions/filters/network/kafka/response_codec_unit_test.cc +++ b/test/extensions/filters/network/kafka/response_codec_unit_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/response_codec.h" +#include "source/extensions/filters/network/kafka/response_codec.h" #include "test/extensions/filters/network/kafka/buffer_based_test.h" diff --git a/test/extensions/filters/network/kafka/serialization/serialization_composite_test_cc.j2 b/test/extensions/filters/network/kafka/serialization/serialization_composite_test_cc.j2 index 84a27de86c3d..884f5dcfd81c 100644 --- a/test/extensions/filters/network/kafka/serialization/serialization_composite_test_cc.j2 +++ b/test/extensions/filters/network/kafka/serialization/serialization_composite_test_cc.j2 @@ -5,7 +5,7 @@ Covers the corner case of 0 delegates, and then uses templating to create tests for 1..N cases. #} -#include "extensions/filters/network/kafka/external/serialization_composite.h" +#include "source/extensions/filters/network/kafka/external/serialization_composite.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/serialization_test.cc b/test/extensions/filters/network/kafka/serialization_test.cc index c7e28d14ca87..41306d143ee3 100644 --- a/test/extensions/filters/network/kafka/serialization_test.cc +++ b/test/extensions/filters/network/kafka/serialization_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/kafka/tagged_fields.h" +#include "source/extensions/filters/network/kafka/tagged_fields.h" #include "test/extensions/filters/network/kafka/serialization_utilities.h" diff --git a/test/extensions/filters/network/kafka/serialization_utilities.h b/test/extensions/filters/network/kafka/serialization_utilities.h index 5c252ab4a870..d2fb902b8294 100644 --- a/test/extensions/filters/network/kafka/serialization_utilities.h +++ b/test/extensions/filters/network/kafka/serialization_utilities.h @@ -1,8 +1,7 @@ #pragma once -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/kafka/serialization.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/kafka/serialization.h" #include "absl/container/fixed_array.h" #include "absl/strings/string_view.h" diff --git a/test/extensions/filters/network/local_ratelimit/local_ratelimit_fuzz_test.cc b/test/extensions/filters/network/local_ratelimit/local_ratelimit_fuzz_test.cc index 5e597bb552ad..c13c03b5f876 100644 --- a/test/extensions/filters/network/local_ratelimit/local_ratelimit_fuzz_test.cc +++ b/test/extensions/filters/network/local_ratelimit/local_ratelimit_fuzz_test.cc @@ -1,10 +1,9 @@ #include "envoy/common/exception.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/local_ratelimit/local_ratelimit.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/local_ratelimit/local_ratelimit.h" #include "test/extensions/filters/network/local_ratelimit/local_ratelimit_fuzz.pb.validate.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/extensions/filters/network/local_ratelimit/local_ratelimit_test.cc b/test/extensions/filters/network/local_ratelimit/local_ratelimit_test.cc index d764a1bab8ec..50568d622f69 100644 --- a/test/extensions/filters/network/local_ratelimit/local_ratelimit_test.cc +++ b/test/extensions/filters/network/local_ratelimit/local_ratelimit_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.h" #include "envoy/extensions/filters/network/local_ratelimit/v3/local_rate_limit.pb.validate.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/local_ratelimit/local_ratelimit.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/local_ratelimit/local_ratelimit.h" #include "test/mocks/event/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/mongo_proxy/bson_impl_test.cc b/test/extensions/filters/network/mongo_proxy/bson_impl_test.cc index 9bbe1a1bbc66..9738daeb121a 100644 --- a/test/extensions/filters/network/mongo_proxy/bson_impl_test.cc +++ b/test/extensions/filters/network/mongo_proxy/bson_impl_test.cc @@ -1,8 +1,7 @@ #include -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/mongo_proxy/codec_impl_test.cc b/test/extensions/filters/network/mongo_proxy/codec_impl_test.cc index 1c960dd87150..c92c68cd1630 100644 --- a/test/extensions/filters/network/mongo_proxy/codec_impl_test.cc +++ b/test/extensions/filters/network/mongo_proxy/codec_impl_test.cc @@ -1,10 +1,9 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/json/json_loader.h" - -#include "extensions/filters/network/mongo_proxy/bson_impl.h" -#include "extensions/filters/network/mongo_proxy/codec_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/json/json_loader.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/extensions/filters/network/mongo_proxy/codec_impl.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/mongo_proxy/config_test.cc b/test/extensions/filters/network/mongo_proxy/config_test.cc index dd852f46445d..58b289a9176f 100644 --- a/test/extensions/filters/network/mongo_proxy/config_test.cc +++ b/test/extensions/filters/network/mongo_proxy/config_test.cc @@ -4,7 +4,7 @@ #include "envoy/extensions/filters/network/mongo_proxy/v3/mongo_proxy.pb.validate.h" #include "envoy/type/v3/percent.pb.h" -#include "extensions/filters/network/mongo_proxy/config.h" +#include "source/extensions/filters/network/mongo_proxy/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/mongo_proxy/proxy_test.cc b/test/extensions/filters/network/mongo_proxy/proxy_test.cc index 82c777a0288a..b59f4cc2bfeb 100644 --- a/test/extensions/filters/network/mongo_proxy/proxy_test.cc +++ b/test/extensions/filters/network/mongo_proxy/proxy_test.cc @@ -7,11 +7,11 @@ #include "envoy/stats/stats.h" #include "envoy/type/v3/percent.pb.h" -#include "extensions/filters/network/mongo_proxy/bson_impl.h" -#include "extensions/filters/network/mongo_proxy/codec_impl.h" -#include "extensions/filters/network/mongo_proxy/mongo_stats.h" -#include "extensions/filters/network/mongo_proxy/proxy.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/extensions/filters/network/mongo_proxy/codec_impl.h" +#include "source/extensions/filters/network/mongo_proxy/mongo_stats.h" +#include "source/extensions/filters/network/mongo_proxy/proxy.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/common/stream_info/test_util.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/extensions/filters/network/mongo_proxy/utility_test.cc b/test/extensions/filters/network/mongo_proxy/utility_test.cc index db1ad741325c..39c834b83491 100644 --- a/test/extensions/filters/network/mongo_proxy/utility_test.cc +++ b/test/extensions/filters/network/mongo_proxy/utility_test.cc @@ -1,8 +1,8 @@ #include -#include "extensions/filters/network/mongo_proxy/bson_impl.h" -#include "extensions/filters/network/mongo_proxy/codec_impl.h" -#include "extensions/filters/network/mongo_proxy/utility.h" +#include "source/extensions/filters/network/mongo_proxy/bson_impl.h" +#include "source/extensions/filters/network/mongo_proxy/codec_impl.h" +#include "source/extensions/filters/network/mongo_proxy/utility.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc index de44f2f75683..7529af8de0c5 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "gtest/gtest.h" #include "mysql_test_utils.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_clogin_resp_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_clogin_resp_test.cc index eb302970e10f..60a064b5d46c 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_clogin_resp_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_clogin_resp_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" #include "gtest/gtest.h" #include "mysql_test_utils.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_clogin_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_clogin_test.cc index 0c02dd9dfacb..d06aad773f1d 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_clogin_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_clogin_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" #include "gtest/gtest.h" #include "mysql_test_utils.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_codec_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_codec_test.cc index 807182dfa86e..3d1add37faf0 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_codec_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_codec_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_command.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" #include "gtest/gtest.h" #include "mysql_test_utils.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_command_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_command_test.cc index 73ca39b616bc..906d6f2b5530 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_command_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_command_test.cc @@ -1,11 +1,10 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_command.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_command.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_filter_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_filter_test.cc index d4fcee04b9eb..c2d9c346a122 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_filter_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_filter_test.cc @@ -1,8 +1,7 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_filter.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_filter.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_greet_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_greet_test.cc index cb47a0fdf61f..185198aa8587 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_greet_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_greet_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" #include "gtest/gtest.h" #include "mysql_test_utils.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_integration_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_integration_test.cc index 0a9ddd0a8e24..f2799c5fb230 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_integration_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_integration_test.cc @@ -1,8 +1,8 @@ -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" #include "test/integration/fake_upstream.h" #include "test/integration/integration.h" diff --git a/test/extensions/filters/network/mysql_proxy/mysql_test_config.yaml b/test/extensions/filters/network/mysql_proxy/mysql_test_config.yaml index cd3aa67b3b2e..cf291957162b 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_test_config.yaml +++ b/test/extensions/filters/network/mysql_proxy/mysql_test_config.yaml @@ -28,13 +28,13 @@ static_resources: address: "{}" port_value: 0 filter_chains: - - filters: - - name: mysql - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.mysql_proxy.v3.MySQLProxy - stat_prefix: mysql_stats - - name: tcp - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy - stat_prefix: tcp_stats - cluster: cluster_0 + - filters: + - name: mysql + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.mysql_proxy.v3.MySQLProxy + stat_prefix: mysql_stats + - name: tcp + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy + stat_prefix: tcp_stats + cluster: cluster_0 diff --git a/test/extensions/filters/network/mysql_proxy/mysql_test_utils.cc b/test/extensions/filters/network/mysql_proxy/mysql_test_utils.cc index 7f19ebabab7b..989e0ebef708 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_test_utils.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_test_utils.cc @@ -1,13 +1,12 @@ #include "mysql_test_utils.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" -#include "extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" -#include "extensions/filters/network/mysql_proxy/mysql_utils.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_clogin_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_greeting.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec_switch_resp.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_utils.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/mysql_proxy/mysql_test_utils.h b/test/extensions/filters/network/mysql_proxy/mysql_test_utils.h index e83c2dec0e02..996cc92ff918 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_test_utils.h +++ b/test/extensions/filters/network/mysql_proxy/mysql_test_utils.h @@ -1,5 +1,5 @@ #pragma once -#include "extensions/filters/network/mysql_proxy/mysql_codec.h" +#include "source/extensions/filters/network/mysql_proxy/mysql_codec.h" #include "fmt/format.h" diff --git a/test/extensions/filters/network/postgres_proxy/BUILD b/test/extensions/filters/network/postgres_proxy/BUILD index f121e6b178e2..10a2680e00f9 100644 --- a/test/extensions/filters/network/postgres_proxy/BUILD +++ b/test/extensions/filters/network/postgres_proxy/BUILD @@ -19,6 +19,7 @@ envoy_extension_cc_test_library( extension_name = "envoy.filters.network.postgres_proxy", deps = [ "//source/common/buffer:buffer_lib", + "//source/extensions/filters/network/postgres_proxy:filter", ], ) diff --git a/test/extensions/filters/network/postgres_proxy/postgres_decoder_test.cc b/test/extensions/filters/network/postgres_proxy/postgres_decoder_test.cc index 9170a69e8484..3c6e05bf9f1f 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_decoder_test.cc +++ b/test/extensions/filters/network/postgres_proxy/postgres_decoder_test.cc @@ -1,7 +1,7 @@ #include #include -#include "extensions/filters/network/postgres_proxy/postgres_decoder.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_decoder.h" #include "test/extensions/filters/network/postgres_proxy/postgres_test_utils.h" @@ -33,7 +33,7 @@ class PostgresProxyDecoderTestBase { PostgresProxyDecoderTestBase() { decoder_ = std::make_unique(&callbacks_); decoder_->initialize(); - decoder_->setStartup(false); + decoder_->state(DecoderImpl::State::InSyncState); } protected: @@ -60,6 +60,10 @@ class PostgresProxyFrontendEncrDecoderTest : public PostgresProxyDecoderTestBase class PostgresProxyBackendDecoderTest : public PostgresProxyDecoderTestBase, public ::testing::TestWithParam {}; +class PostgresProxyBackendStatementTest + : public PostgresProxyDecoderTestBase, + public ::testing::TestWithParam> {}; + class PostgresProxyErrorTest : public PostgresProxyDecoderTestBase, public ::testing::TestWithParam> {}; @@ -75,7 +79,7 @@ class PostgresProxyNoticeTest // startup message the server should start using message format // with command as 1st byte. TEST_F(PostgresProxyDecoderTest, StartupMessage) { - decoder_->setStartup(true); + decoder_->state(DecoderImpl::State::InitState); buf_[0] = '\0'; // Startup message has the following structure: @@ -98,29 +102,25 @@ TEST_F(PostgresProxyDecoderTest, StartupMessage) { // Some other attribute data_.add("attribute"); // 9 bytes data_.add(buf_, 1); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::NeedMoreData); data_.add("blah"); // 4 bytes + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::NeedMoreData); data_.add(buf_, 1); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); ASSERT_THAT(data_.length(), 0); + // Decoder should move to InSyncState + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Verify parsing attributes ASSERT_THAT(decoder_->getAttributes().at("user"), "postgres"); ASSERT_THAT(decoder_->getAttributes().at("database"), "testdb"); // This attribute should not be found ASSERT_THAT(decoder_->getAttributes().find("no"), decoder_->getAttributes().end()); - - // Now feed normal message with 1bytes as command. - data_.add("P"); - // Add length. - data_.writeBEInt(6); // 4 bytes of length + 2 bytes of data. - data_.add("AB"); - decoder_->onData(data_, true); - ASSERT_THAT(data_.length(), 0); } // Test verifies that when Startup message does not carry // "database" attribute, it is derived from "user". TEST_F(PostgresProxyDecoderTest, StartupMessageNoAttr) { - decoder_->setStartup(true); + decoder_->state(DecoderImpl::State::InitState); buf_[0] = '\0'; // Startup message has the following structure: @@ -141,7 +141,8 @@ TEST_F(PostgresProxyDecoderTest, StartupMessageNoAttr) { data_.add(buf_, 1); data_.add("blah"); // 4 bytes data_.add(buf_, 1); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 0); // Verify parsing attributes @@ -151,53 +152,109 @@ TEST_F(PostgresProxyDecoderTest, StartupMessageNoAttr) { ASSERT_THAT(decoder_->getAttributes().find("no"), decoder_->getAttributes().end()); } +TEST_F(PostgresProxyDecoderTest, InvalidStartupMessage) { + decoder_->state(DecoderImpl::State::InitState); + + // Create a bogus message with incorrect syntax. + // Length is 10 bytes. + data_.writeBEInt(10); + for (auto i = 0; i < 6; i++) { + data_.writeBEInt(i); + } + + // Decoder should move to OutOfSync state. + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::OutOfSyncState); + ASSERT_THAT(data_.length(), 0); + + // All-zeros message. + data_.writeBEInt(0); + for (auto i = 0; i < 6; i++) { + data_.writeBEInt(0); + } + + // Decoder should move to OutOfSync state. + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::OutOfSyncState); + ASSERT_THAT(data_.length(), 0); +} + +// Test that decoder does not crash when it receives +// random data in InitState. +TEST_F(PostgresProxyDecoderTest, StartupMessageRandomData) { + srand(time(nullptr)); + for (auto i = 0; i < 10000; i++) { + decoder_->state(DecoderImpl::State::InSyncState); + // Generate random length. + uint32_t len = rand() % 20000; + // Now fill the buffer with random data. + for (uint32_t j = 0; j < len; j++) { + data_.writeBEInt(rand() % 1024); + uint8_t data = static_cast(rand() % 256); + data_.writeBEInt(data); + } + // Feed the buffer to the decoder. It should not crash. + decoder_->onData(data_, true); + + // Reset the buffer for the next iteration. + data_.drain(data_.length()); + } +} + // Test processing messages which map 1:1 with buffer. // The buffer contains just a single entire message and // nothing more. TEST_F(PostgresProxyDecoderTest, ReadingBufferSingleMessages) { - + decoder_->state(DecoderImpl::State::InSyncState); // Feed empty buffer - should not crash. - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::NeedMoreData); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Put one byte. This is not enough to parse the message and that byte // should stay in the buffer. - data_.add("P"); - decoder_->onData(data_, true); + data_.add("H"); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::NeedMoreData); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 1); // Add length of 4 bytes. It would mean completely empty message. // but it should be consumed. data_.writeBEInt(4); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 0); // Create a message with 5 additional bytes. - data_.add("P"); + data_.add("d"); // Add length. data_.writeBEInt(9); // 4 bytes of length field + 5 of data. data_.add(buf_, 5); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); ASSERT_THAT(data_.length(), 0); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } // Test simulates situation when decoder is called with incomplete message. // The message should not be processed until the buffer is filled // with missing bytes. TEST_F(PostgresProxyDecoderTest, ReadingBufferLargeMessages) { + decoder_->state(DecoderImpl::State::InSyncState); // Fill the buffer with message of 100 bytes long // but the buffer contains only 98 bytes. // It should not be processed. - data_.add("P"); + data_.add("d"); // Add length. data_.writeBEInt(100); // This also includes length field data_.add(buf_, 94); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::NeedMoreData); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // The buffer contains command (1 byte), length (4 bytes) and 94 bytes of message. ASSERT_THAT(data_.length(), 99); // Add 2 missing bytes and feed again to decoder. data_.add("AB"); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 0); } @@ -205,14 +262,15 @@ TEST_F(PostgresProxyDecoderTest, ReadingBufferLargeMessages) { // message. Call to the decoder should consume only one message // at a time and only when the buffer contains the entire message. TEST_F(PostgresProxyDecoderTest, TwoMessagesInOneBuffer) { + decoder_->state(DecoderImpl::State::InSyncState); // Create the first message of 50 bytes long (+1 for command). - data_.add("P"); + data_.add("d"); // Add length. data_.writeBEInt(50); data_.add(buf_, 46); // Create the second message of 50 + 46 bytes (+1 for command). - data_.add("P"); + data_.add("d"); // Add length. data_.writeBEInt(96); data_.add(buf_, 46); @@ -223,49 +281,72 @@ TEST_F(PostgresProxyDecoderTest, TwoMessagesInOneBuffer) { // 2nd: command (1 byte), length (4 bytes), 92 bytes of data ASSERT_THAT(data_.length(), 148); // Process the first message. - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 97); // Process the second message. - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_THAT(data_.length(), 0); } TEST_F(PostgresProxyDecoderTest, Unknown) { + decoder_->state(DecoderImpl::State::InSyncState); // Create invalid message. The first byte is invalid "=" // Message must be at least 5 bytes to be parsed. EXPECT_CALL(callbacks_, incMessagesUnknown()); createPostgresMsg(data_, "=", "some not important string which will be ignored anyways"); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(data_.length(), 0); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); +} + +// Test verifies that decoder goes into OutOfSyncState when +// it encounters a message with wrong syntax. +TEST_F(PostgresProxyDecoderTest, IncorrectMessages) { + decoder_->state(DecoderImpl::State::InSyncState); + + // Create incorrect message. Message syntax is + // 1 byte type ('f'), 4 bytes of length and zero terminated string. + data_.add("f"); + data_.writeBEInt(8); + // Do not write terminating zero for the string. + data_.add("test"); + + // The decoder will indicate that is is ready for more data, but + // will enter OutOfSyncState. + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::OutOfSyncState); } -// Test if each frontend command calls incMessagesFrontend() method. -TEST_P(PostgresProxyFrontendDecoderTest, FrontendInc) { +// Test if frontend command calls incMessagesFrontend() method. +TEST_F(PostgresProxyFrontendDecoderTest, FrontendInc) { + decoder_->state(DecoderImpl::State::InSyncState); EXPECT_CALL(callbacks_, incMessagesFrontend()); - createPostgresMsg(data_, GetParam(), "SELECT 1;"); - decoder_->onData(data_, true); + createPostgresMsg(data_, "f", "some text"); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Make sure that decoder releases memory used during message processing. ASSERT_TRUE(decoder_->getMessage().empty()); } -// Run the above test for each frontend message. -INSTANTIATE_TEST_SUITE_P(FrontEndMessagesTests, PostgresProxyFrontendDecoderTest, - ::testing::Values("B", "C", "d", "c", "f", "D", "E", "H", "F", "p", "P", - "p", "Q", "S", "X")); - // Test if X message triggers incRollback and sets proper state in transaction. TEST_F(PostgresProxyFrontendDecoderTest, TerminateMessage) { + decoder_->state(DecoderImpl::State::InSyncState); // Set decoder state NOT to be in_transaction. decoder_->getSession().setInTransaction(false); EXPECT_CALL(callbacks_, incTransactionsRollback()).Times(0); createPostgresMsg(data_, "X"); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Now set the decoder to be in_transaction state. decoder_->getSession().setInTransaction(true); EXPECT_CALL(callbacks_, incTransactionsRollback()); createPostgresMsg(data_, "X"); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); ASSERT_FALSE(decoder_->getSession().inTransaction()); } @@ -273,7 +354,8 @@ TEST_F(PostgresProxyFrontendDecoderTest, TerminateMessage) { TEST_F(PostgresProxyFrontendDecoderTest, QueryMessage) { EXPECT_CALL(callbacks_, processQuery); createPostgresMsg(data_, "Q", "SELECT * FROM whatever;"); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } // Parse message has optional Query name which may be in front of actual @@ -295,7 +377,8 @@ TEST_F(PostgresProxyFrontendDecoderTest, ParseMessage) { query_name.reserve(1); query_name += '\0'; createPostgresMsg(data_, "P", query_name + query + query_params); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Message with optional name query_name query_name.clear(); @@ -303,21 +386,18 @@ TEST_F(PostgresProxyFrontendDecoderTest, ParseMessage) { query_name += "P0_8"; query_name += '\0'; createPostgresMsg(data_, "P", query_name + query + query_params); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, true), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } -// Test if each backend command calls incMessagesBackend()) method. -TEST_P(PostgresProxyBackendDecoderTest, BackendInc) { +// Test if backend command calls incMessagesBackend()) method. +TEST_F(PostgresProxyBackendDecoderTest, BackendInc) { EXPECT_CALL(callbacks_, incMessagesBackend()); - createPostgresMsg(data_, GetParam(), "Some not important message"); - decoder_->onData(data_, false); + createPostgresMsg(data_, "I"); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } -// Run the above test for each backend message. -INSTANTIATE_TEST_SUITE_P(BackendMessagesTests, PostgresProxyBackendDecoderTest, - ::testing::Values("R", "K", "2", "3", "C", "d", "c", "G", "H", "D", "I", - "E", "V", "v", "n", "N", "A", "t", "S", "1", "s", "Z", - "T")); // Test parsing backend messages. // The parser should react only to the first word until the space. TEST_F(PostgresProxyBackendDecoderTest, ParseStatement) { @@ -325,80 +405,93 @@ TEST_F(PostgresProxyBackendDecoderTest, ParseStatement) { // Rollback counter should be bumped up. EXPECT_CALL(callbacks_, incTransactionsRollback()); createPostgresMsg(data_, "C", "ROLLBACK 123"); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); // Now try just keyword without a space at the end. EXPECT_CALL(callbacks_, incTransactionsRollback()); createPostgresMsg(data_, "C", "ROLLBACK"); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); // Partial message should be ignored. EXPECT_CALL(callbacks_, incTransactionsRollback()).Times(0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); createPostgresMsg(data_, "C", "ROLL"); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); // Keyword without a space should be ignored. EXPECT_CALL(callbacks_, incTransactionsRollback()).Times(0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); createPostgresMsg(data_, "C", "ROLLBACK123"); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); } // Test Backend messages and make sure that they // trigger proper stats updates. TEST_F(PostgresProxyDecoderTest, Backend) { + decoder_->state(DecoderImpl::State::InSyncState); // C message EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); createPostgresMsg(data_, "C", "BEGIN 123"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); ASSERT_TRUE(decoder_->getSession().inTransaction()); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); createPostgresMsg(data_, "C", "START TR"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); EXPECT_CALL(callbacks_, incTransactionsCommit()); createPostgresMsg(data_, "C", "COMMIT"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Select)); EXPECT_CALL(callbacks_, incTransactionsCommit()); createPostgresMsg(data_, "C", "SELECT"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Other)); EXPECT_CALL(callbacks_, incTransactionsRollback()); createPostgresMsg(data_, "C", "ROLLBACK"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Insert)); EXPECT_CALL(callbacks_, incTransactionsCommit()); createPostgresMsg(data_, "C", "INSERT 1"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Update)); EXPECT_CALL(callbacks_, incTransactionsCommit()); createPostgresMsg(data_, "C", "UPDATE 123"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); EXPECT_CALL(callbacks_, incStatements(DecoderCallbacks::StatementType::Delete)); EXPECT_CALL(callbacks_, incTransactionsCommit()); createPostgresMsg(data_, "C", "DELETE 88"); - decoder_->onData(data_, false); - data_.drain(data_.length()); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); + ASSERT_THAT(data_.length(), 0); } // Test checks deep inspection of the R message. @@ -412,7 +505,8 @@ TEST_F(PostgresProxyBackendDecoderTest, AuthenticationMsg) { // sessions must not be increased. EXPECT_CALL(callbacks_, incSessionsUnencrypted()).Times(0); createPostgresMsg(data_, "R", "blah blah"); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); // Create the correct payload which means that @@ -423,7 +517,8 @@ TEST_F(PostgresProxyBackendDecoderTest, AuthenticationMsg) { data_.writeBEInt(8); // Add 4-byte code. data_.writeBEInt(0); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); data_.drain(data_.length()); } @@ -432,7 +527,8 @@ TEST_F(PostgresProxyBackendDecoderTest, AuthenticationMsg) { TEST_P(PostgresProxyErrorTest, ParseErrorMsgs) { EXPECT_CALL(callbacks_, incErrors(std::get<1>(GetParam()))); createPostgresMsg(data_, "E", std::get<0>(GetParam())); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } INSTANTIATE_TEST_SUITE_P( @@ -461,7 +557,8 @@ INSTANTIATE_TEST_SUITE_P( TEST_P(PostgresProxyNoticeTest, ParseNoticeMsgs) { EXPECT_CALL(callbacks_, incNotices(std::get<1>(GetParam()))); createPostgresMsg(data_, "N", std::get<0>(GetParam())); - decoder_->onData(data_, false); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } INSTANTIATE_TEST_SUITE_P( @@ -478,10 +575,10 @@ INSTANTIATE_TEST_SUITE_P( // that protocol uses encryption. TEST_P(PostgresProxyFrontendEncrDecoderTest, EncyptedTraffic) { // Set decoder to wait for initial message. - decoder_->setStartup(true); + decoder_->state(DecoderImpl::State::InitState); // Initial state is no-encryption. - ASSERT_FALSE(decoder_->encrypted()); + // ASSERT_FALSE(decoder_->encrypted()); // Indicate that decoder should continue with processing the message. ON_CALL(callbacks_, onSSLRequest).WillByDefault(testing::Return(true)); @@ -493,8 +590,11 @@ TEST_P(PostgresProxyFrontendEncrDecoderTest, EncyptedTraffic) { // 1234 in the most significant 16 bits, and some code in the least significant 16 bits. // Add 4 bytes long code data_.writeBEInt(GetParam()); - decoder_->onData(data_, true); - ASSERT_TRUE(decoder_->encrypted()); + // Decoder should indicate that it is ready for mode data and entered + // encrypted state. + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::EncryptedState); + // ASSERT_TRUE(decoder_->encrypted()); // Decoder should drain data. ASSERT_THAT(data_.length(), 0); @@ -503,7 +603,8 @@ TEST_P(PostgresProxyFrontendEncrDecoderTest, EncyptedTraffic) { EXPECT_CALL(callbacks_, incMessagesFrontend()).Times(0); createPostgresMsg(data_, "P", "Some message just to fill the payload."); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::EncryptedState); // Decoder should drain data. ASSERT_THAT(data_.length(), 0); } @@ -517,7 +618,7 @@ INSTANTIATE_TEST_SUITE_P(FrontendEncryptedMessagesTests, PostgresProxyFrontendEn // Test onSSLRequest callback. TEST_F(PostgresProxyDecoderTest, TerminateSSL) { // Set decoder to wait for initial message. - decoder_->setStartup(true); + decoder_->state(DecoderImpl::State::InitState); // Indicate that decoder should not continue with processing the message // because filter will try to terminate SSL session. @@ -528,9 +629,10 @@ TEST_F(PostgresProxyDecoderTest, TerminateSSL) { // 1234 in the most significant 16 bits, and some code in the least significant 16 bits. // Add 4 bytes long code data_.writeBEInt(80877103); - decoder_->onData(data_, true); + ASSERT_THAT(decoder_->onData(data_, false), Decoder::Result::Stopped); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InitState); - // Decoder should interpret the session as encrypted stream. + // Decoder should interpret the session as clear-text stream. ASSERT_FALSE(decoder_->encrypted()); } @@ -569,11 +671,10 @@ class FakeBuffer : public Buffer::Instance { // Test verifies that decoder calls Buffer::linearize method // for messages which have associated 'action'. TEST_F(PostgresProxyDecoderTest, Linearize) { + decoder_->state(DecoderImpl::State::InSyncState); testing::NiceMock fake_buf; uint8_t body[] = "test\0"; - decoder_->setStartup(false); - // Simulate that decoder reads message which needs processing. // Query 'Q' message's body is just string. // Message header is 5 bytes and body will contain string "test\0". @@ -600,7 +701,8 @@ TEST_F(PostgresProxyDecoderTest, Linearize) { // It should call "Buffer::linearize". EXPECT_CALL(fake_buf, linearize).WillOnce([&](uint32_t) -> void* { return body; }); - decoder_->onData(fake_buf, false); + ASSERT_THAT(decoder_->onData(fake_buf, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); // Simulate that decoder reads message which does not need processing. // BindComplete message has type '2' and empty body. @@ -622,7 +724,8 @@ TEST_F(PostgresProxyDecoderTest, Linearize) { // Make sure that decoder does not call linearize. EXPECT_CALL(fake_buf, linearize).Times(0); - decoder_->onData(fake_buf, false); + ASSERT_THAT(decoder_->onData(fake_buf, false), Decoder::Result::ReadyForNext); + ASSERT_THAT(decoder_->state(), DecoderImpl::State::InSyncState); } } // namespace PostgresProxy diff --git a/test/extensions/filters/network/postgres_proxy/postgres_filter_test.cc b/test/extensions/filters/network/postgres_proxy/postgres_filter_test.cc index 0b09e50bea60..656488372760 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_filter_test.cc +++ b/test/extensions/filters/network/postgres_proxy/postgres_filter_test.cc @@ -3,8 +3,8 @@ #include -#include "extensions/filters/network/postgres_proxy/postgres_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_filter.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/network/postgres_proxy/postgres_test_utils.h" #include "test/mocks/network/mocks.h" @@ -84,7 +84,7 @@ TEST_P(PostgresFilterTest, ReadData) { EXPECT_CALL(*decoderPtr, onData) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(data.length()); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; }))); std::get<0>(GetParam())(filter_.get(), data_, false); ASSERT_THAT(std::get<1>(GetParam())(filter_.get()), 0); @@ -93,11 +93,11 @@ TEST_P(PostgresFilterTest, ReadData) { EXPECT_CALL(*decoderPtr, onData) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(100); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; }))) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(156); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; }))); std::get<0>(GetParam())(filter_.get(), data_, false); ASSERT_THAT(std::get<1>(GetParam())(filter_.get()), 0); @@ -108,15 +108,15 @@ TEST_P(PostgresFilterTest, ReadData) { EXPECT_CALL(*decoderPtr, onData) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(100); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; }))) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(100); - return Decoder::ReadyForNext; + return Decoder::Result::ReadyForNext; }))) .WillOnce(WithArgs<0, 1>(Invoke([](Buffer::Instance& data, bool) -> Decoder::Result { data.drain(0); - return Decoder::NeedMoreData; + return Decoder::Result::NeedMoreData; }))); std::get<0>(GetParam())(filter_.get(), data_, false); ASSERT_THAT(std::get<1>(GetParam())(filter_.get()), 56); @@ -135,7 +135,7 @@ INSTANTIATE_TEST_SUITE_P(ProcessDataTests, PostgresFilterTest, // It expects that certain statistics are updated. TEST_F(PostgresFilterTest, BackendMsgsStats) { // pretend that startup message has been received. - static_cast(filter_->getDecoder())->setStartup(false); + static_cast(filter_->getDecoder())->state(DecoderImpl::State::InSyncState); // unknown message createPostgresMsg(data_, "=", "blah blah blah"); @@ -230,7 +230,7 @@ TEST_F(PostgresFilterTest, BackendMsgsStats) { // verifies that statistic counters are increased. TEST_F(PostgresFilterTest, ErrorMsgsStats) { // Pretend that startup message has been received. - static_cast(filter_->getDecoder())->setStartup(false); + static_cast(filter_->getDecoder())->state(DecoderImpl::State::InSyncState); createPostgresMsg(data_, "E", "SERRORVERRORC22012"); filter_->onWrite(data_, false); @@ -257,7 +257,7 @@ TEST_F(PostgresFilterTest, ErrorMsgsStats) { // that corresponding stats counters are updated. TEST_F(PostgresFilterTest, NoticeMsgsStats) { // Pretend that startup message has been received. - static_cast(filter_->getDecoder())->setStartup(false); + static_cast(filter_->getDecoder())->state(DecoderImpl::State::InSyncState); createPostgresMsg(data_, "N", "SblalalaC2345"); filter_->onWrite(data_, false); @@ -304,7 +304,7 @@ TEST_F(PostgresFilterTest, EncryptedSessionStats) { // Postgres metadata. TEST_F(PostgresFilterTest, MetadataIncorrectSQL) { // Pretend that startup message has been received. - static_cast(filter_->getDecoder())->setStartup(false); + static_cast(filter_->getDecoder())->state(DecoderImpl::State::InSyncState); setMetadata(); createPostgresMsg(data_, "Q", "BLAH blah blah"); @@ -322,7 +322,7 @@ TEST_F(PostgresFilterTest, MetadataIncorrectSQL) { // and it happens only when parse_sql flag is true. TEST_F(PostgresFilterTest, QueryMessageMetadata) { // Pretend that startup message has been received. - static_cast(filter_->getDecoder())->setStartup(false); + static_cast(filter_->getDecoder())->state(DecoderImpl::State::InSyncState); setMetadata(); // Disable creating parsing SQL and creating metadata. diff --git a/test/extensions/filters/network/postgres_proxy/postgres_integration_test.cc b/test/extensions/filters/network/postgres_proxy/postgres_integration_test.cc index 8195b3e0f71a..c9308517ea8d 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_integration_test.cc +++ b/test/extensions/filters/network/postgres_proxy/postgres_integration_test.cc @@ -29,18 +29,18 @@ class PostgresBaseIntegrationTest : public testing::TestWithParam #include -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/postgres_proxy/postgres_message.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/postgres_proxy/postgres_message.h" #include "fmt/printf.h" @@ -29,7 +28,17 @@ TYPED_TEST_SUITE(IntTest, IntTypes); TYPED_TEST(IntTest, BasicRead) { this->data_.template writeBEInt().get())>(12); uint64_t pos = 0; - uint64_t left = this->data_.length(); + uint64_t left; + // Simulate that message is too short. + left = sizeof(TypeParam) - 1; + ASSERT_THAT(Message::ValidationFailed, this->field_.validate(this->data_, 0, pos, left)); + // Single 4-byte int. Message length is correct. + left = sizeof(TypeParam); + ASSERT_THAT(Message::ValidationOK, this->field_.validate(this->data_, 0, pos, left)); + + // Read the value after successful validation. + pos = 0; + left = sizeof(TypeParam); ASSERT_TRUE(this->field_.read(this->data_, pos, left)); ASSERT_THAT(this->field_.toString(), "[12]"); @@ -47,6 +56,10 @@ TYPED_TEST(IntTest, ReadWithLeftovers) { this->data_.template writeBEInt(11); uint64_t pos = 0; uint64_t left = this->data_.length(); + ASSERT_THAT(Message::ValidationOK, this->field_.validate(this->data_, 0, pos, left)); + + pos = 0; + left = this->data_.length(); ASSERT_TRUE(this->field_.read(this->data_, pos, left)); ASSERT_THAT(this->field_.toString(), "[12]"); // pos should be moved forward by the number of bytes read. @@ -60,8 +73,13 @@ TYPED_TEST(IntTest, ReadAtOffset) { // write 1 byte before the actual value. this->data_.template writeBEInt(11); this->data_.template writeBEInt().get())>(12); + uint64_t pos = 1; uint64_t left = this->data_.length() - 1; + ASSERT_THAT(Message::ValidationOK, this->field_.validate(this->data_, 1, pos, left)); + + pos = 1; + left = this->data_.length() - 1; ASSERT_TRUE(this->field_.read(this->data_, pos, left)); ASSERT_THAT(this->field_.toString(), "[12]"); // pos should be moved forward by the number of bytes read. @@ -74,8 +92,9 @@ TYPED_TEST(IntTest, NotEnoughData) { this->data_.template writeBEInt().get())>(12); // Start from offset 1. There is not enough data in the buffer for the required type. uint64_t pos = 1; - uint64_t left = this->data_.length() - pos; - ASSERT_FALSE(this->field_.read(this->data_, pos, left)); + uint64_t left = this->data_.length(); + + ASSERT_THAT(this->field_.validate(this->data_, 0, pos, left), Message::ValidationNeedMoreData); } // Byte1 should format content as char. @@ -87,6 +106,12 @@ TEST(Byte1, Formatting) { uint64_t pos = 0; uint64_t left = 1; + ASSERT_THAT(Message::ValidationOK, field.validate(data, 0, pos, left)); + ASSERT_THAT(pos, 1); + ASSERT_THAT(left, 0); + + pos = 0; + left = 1; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 1); ASSERT_THAT(left, 0); @@ -100,9 +125,21 @@ TEST(StringType, SingleString) { Buffer::OwnedImpl data; data.add("test"); - data.writeBEInt(0); + // Passed length 3 is too short. uint64_t pos = 0; - uint64_t left = 5; + uint64_t left = 3; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + // Correct length, but terminating zero is missing. + left = 5; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); + // Add terminating zero. + data.writeBEInt(0); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 5); + ASSERT_THAT(left, 0); + + pos = 0; + left = 5; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 5); ASSERT_THAT(left, 0); @@ -111,42 +148,6 @@ TEST(StringType, SingleString) { ASSERT_THAT(out, "[test]"); } -TEST(StringType, MultipleStrings) { - String field; - - // Add 3 strings. - Buffer::OwnedImpl data; - data.add("test1"); - data.writeBEInt(0); - data.add("test2"); - data.writeBEInt(0); - data.add("test3"); - data.writeBEInt(0); - uint64_t pos = 0; - uint64_t left = 3 * 6; - - // Read the first string. - ASSERT_TRUE(field.read(data, pos, left)); - ASSERT_THAT(pos, 1 * 6); - ASSERT_THAT(left, 2 * 6); - auto out = field.toString(); - ASSERT_THAT(out, "[test1]"); - - // Read the second string. - ASSERT_TRUE(field.read(data, pos, left)); - ASSERT_THAT(pos, 2 * 6); - ASSERT_THAT(left, 1 * 6); - out = field.toString(); - ASSERT_THAT(out, "[test2]"); - - // Read the third string. - ASSERT_TRUE(field.read(data, pos, left)); - ASSERT_THAT(pos, 3 * 6); - ASSERT_THAT(left, 0); - out = field.toString(); - ASSERT_THAT(out, "[test3]"); -} - TEST(StringType, NoTerminatingByte) { String field; @@ -154,7 +155,9 @@ TEST(StringType, NoTerminatingByte) { data.add("test"); uint64_t pos = 0; uint64_t left = 4; - ASSERT_FALSE(field.read(data, pos, left)); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + left = 5; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); } // ByteN type is always placed at the end of Postgres message. @@ -170,10 +173,31 @@ TEST(ByteN, BasicTest) { data.writeBEInt(i); } uint64_t pos = 0; - uint64_t left = 10; + uint64_t left; + + // Since ByteN structure does not contain length field, any + // value less than number of bytes in the buffer should + // pass validation. + pos = 0; + left = 0; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 0); + ASSERT_THAT(left, 0); + pos = 0; + left = 1; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 1); + ASSERT_THAT(left, 0); + pos = 0; + left = 4; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 4); + ASSERT_THAT(left, 0); + + pos = 0; + left = 10; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 10); - // One byte should be left in the buffer. ASSERT_THAT(left, 0); auto out = field.toString(); @@ -190,7 +214,7 @@ TEST(ByteN, NotEnoughData) { } uint64_t pos = 0; uint64_t left = 11; - ASSERT_FALSE(field.read(data, pos, left)); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); } TEST(ByteN, Empty) { @@ -200,6 +224,7 @@ TEST(ByteN, Empty) { // Write nothing to data buffer. uint64_t pos = 0; uint64_t left = 0; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); ASSERT_TRUE(field.read(data, pos, left)); auto out = field.toString(); @@ -209,12 +234,49 @@ TEST(ByteN, Empty) { // VarByteN type. It contains 4 bytes length field with value which follows. TEST(VarByteN, BasicTest) { VarByteN field; - Buffer::OwnedImpl data; + + uint64_t pos = 0; + uint64_t left = 0; + // Simulate that message ended and VarByteN's length fields sticks past the + // message boundary. + data.writeBEInt(5); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + // Write VarByteN with length equal to zero. No value follows. - data.writeBEInt(0); + // Set structure length to be -1 (means no payload). + left = 4; + data.drain(data.length()); + data.writeBEInt(-1); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + // The same for structure length 0. + pos = 0; + left = 4; + data.drain(data.length()); + data.writeBEInt(0); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + + // Simulate that VarByteN would extend past message boundary. + data.drain(data.length()); + data.writeBEInt(30); + pos = 0; + left = 4; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + + // Simulate that VarByteN length is 6, there are 6 bytes left to the + // message boundary, but buffer contains only 4 bytes. + data.drain(data.length()); + data.writeBEInt(6); + data.writeBEInt(16); + pos = 0; + left = 6; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); - // Write value with 5 bytes. + data.drain(data.length()); + // Write first value. + data.writeBEInt(0); + + // Write 2nd value with 5 bytes. data.writeBEInt(5); for (auto i = 0; i < 5; i++) { data.writeBEInt(10 + i); @@ -223,11 +285,15 @@ TEST(VarByteN, BasicTest) { // Write special case value with length -1. No value follows. data.writeBEInt(-1); - uint64_t pos = 0; - uint64_t left = 4 + 4 + 5 + 4; + pos = 0; + left = 4 + 4 + 5 + 4; uint64_t expected_left = left; - + uint64_t orig_pos = pos; + uint64_t orig_left = left; // Read the first value. + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + pos = orig_pos; + left = orig_left; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 4); expected_left -= 4; @@ -236,6 +302,11 @@ TEST(VarByteN, BasicTest) { ASSERT_TRUE(out.find("0 bytes") != std::string::npos); // Read the second value. + orig_pos = pos; + orig_left = left; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + pos = orig_pos; + left = orig_left; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 4 + 4 + 5); expected_left -= (4 + 5); @@ -245,6 +316,11 @@ TEST(VarByteN, BasicTest) { ASSERT_TRUE(out.find("10 11 12 13 14") != std::string::npos); // Read the third value. + orig_pos = pos; + orig_left = left; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + pos = orig_pos; + left = orig_left; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 4 + 4 + 5 + 4); expected_left -= 4; @@ -253,47 +329,31 @@ TEST(VarByteN, BasicTest) { ASSERT_TRUE(out.find("-1 bytes") != std::string::npos); } -TEST(VarByteN, NotEnoughLengthData) { - VarByteN field; - - Buffer::OwnedImpl data; - // Write 3 bytes. Minimum for this type is 4 bytes of length. - data.writeBEInt(0); - data.writeBEInt(1); - data.writeBEInt(2); - - uint64_t pos = 0; - uint64_t left = 3; - ASSERT_FALSE(field.read(data, pos, left)); -} - -TEST(VarByteN, NotEnoughValueData) { - VarByteN field; - - Buffer::OwnedImpl data; - // Write length of the value to be 5 bytes, but supply only 4 bytes. - data.writeBEInt(5); - data.writeBEInt(0); - data.writeBEInt(1); - data.writeBEInt(2); - data.writeBEInt(3); - - uint64_t pos = 0; - uint64_t left = 5 + 4; - ASSERT_FALSE(field.read(data, pos, left)); -} - // Array composite type tests. TEST(Array, SingleInt) { Array field; Buffer::OwnedImpl data; - // Write the number of elements in the array. - data.writeBEInt(1); + // Simulate that message ends before the array. + uint64_t pos = 0; + uint64_t left = 1; + data.writeBEInt(1); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + + // Write the value of the element into the array. + data.drain(data.length()); + data.writeBEInt(1); data.writeBEInt(123); + // Simulate that message length end before end of array. + left = 5; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); - uint64_t pos = 0; - uint64_t left = 2 + 4; + left = 6; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 6); + ASSERT_THAT(left, 0); + pos = 0; + left = 6; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 6); ASSERT_THAT(left, 0); @@ -307,14 +367,29 @@ TEST(Array, MultipleInts) { Array field; Buffer::OwnedImpl data; - // Write 3 elements into array. + // Write 3 as size of array, but add only 2 elements into array. data.writeBEInt(3); data.writeBEInt(211); data.writeBEInt(212); - data.writeBEInt(213); uint64_t pos = 0; uint64_t left = 2 + 3 * 1; + + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); + + // Add the third element. + data.writeBEInt(213); + + // Simulate that message ends before end of the array. + left = 2 + 3 * 1 - 1; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + + left = 2 + 3 * 1; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 5); + ASSERT_THAT(left, 0); + pos = 0; + left = 2 + 3 * 1; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 5); ASSERT_THAT(left, 0); @@ -335,6 +410,11 @@ TEST(Array, Empty) { uint64_t pos = 0; uint64_t left = 2; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 2); + ASSERT_THAT(left, 0); + pos = 0; + left = 2; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 2); ASSERT_THAT(left, 0); @@ -353,7 +433,7 @@ TEST(Array, NotEnoughDataForLength) { uint64_t pos = 0; uint64_t left = 1; - ASSERT_FALSE(field.read(data, pos, left)); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); } // Test situation when there is not enough data in the buffer to read one of the elements @@ -371,7 +451,7 @@ TEST(Array, NotEnoughDataForValues) { uint64_t pos = 0; uint64_t left = 2 + 4 + 2; - ASSERT_FALSE(field.read(data, pos, left)); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); } // Repeated composite type tests. @@ -383,15 +463,37 @@ TEST(Repeated, BasicTestWithStrings) { // It will be ignored. data.writeBEInt(101); data.writeBEInt(102); - // Now write 3 strings. Each terminated by zero byte. + uint64_t pos = 5; + uint64_t left = 5; + // Write the first string without terminating zero. data.add("test1"); - data.writeBEInt(0); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + left = 6; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); + // Add terminating zero. + data.writeBEInt(0); + left = 5; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + left = 7; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); + left = 6; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + // Add two additional strings data.add("test2"); data.writeBEInt(0); data.add("test3"); data.writeBEInt(0); - uint64_t pos = 5; - uint64_t left = 3 * 6; + pos = 5; + left = 3 * 6 - 1; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); + left = 3 * 6 + 1; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationNeedMoreData); + left = 3 * 6; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 5 + 3 * 6); + ASSERT_THAT(left, 0); + pos = 5; + left = 3 * 6; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 5 + 3 * 6); ASSERT_THAT(left, 0); @@ -402,46 +504,6 @@ TEST(Repeated, BasicTestWithStrings) { ASSERT_TRUE(out.find("test3") != std::string::npos); } -// Test verifies that read fails when there is less -// bytes in the buffer than bytes needed to read to the end of the message. -TEST(Repeated, NotEnoughData) { - Repeated field; - - Buffer::OwnedImpl data; - // Write some data to simulate message header. - // It will be ignored. - data.writeBEInt(101); - data.writeBEInt(102); - data.add("test"); - - // "test" with terminating zero is 5 bytes. - // Set "left" to indicate that 6 bytes are needed. - uint64_t pos = 5; - uint64_t left = 5 + 6; - ASSERT_FALSE(field.read(data, pos, left)); -} - -// Test verifies that entire read fails when one of -// subordinate reads fails. -TEST(Repeated, NotEnoughDataForSecondString) { - Repeated field; - - Buffer::OwnedImpl data; - // Write some data to simulate message header. - // It will be ignored. - data.writeBEInt(101); - data.writeBEInt(102); - // Now write 3 strings. Each terminated by zero byte. - data.add("test1"); - data.writeBEInt(0); - data.add("test2"); - // Do not write terminating zero. - // Read should fail here. - uint64_t pos = 5; - uint64_t left = 6 + 5; - ASSERT_FALSE(field.read(data, pos, left)); -} - // Sequence composite type tests. TEST(Sequence, Int32SingleValue) { Sequence field; @@ -451,6 +513,11 @@ TEST(Sequence, Int32SingleValue) { uint64_t pos = 0; uint64_t left = 4; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 4); + ASSERT_THAT(left, 0); + pos = 0; + left = 4; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 4); ASSERT_THAT(left, 0); @@ -467,6 +534,11 @@ TEST(Sequence, Int16SingleValue) { uint64_t pos = 0; uint64_t left = 2; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 2); + ASSERT_THAT(left, 0); + pos = 0; + left = 2; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 2); ASSERT_THAT(left, 0); @@ -485,6 +557,11 @@ TEST(Sequence, BasicMultipleValues1) { uint64_t pos = 0; uint64_t left = 4 + 5; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, 4 + 5); + ASSERT_THAT(left, 0); + pos = 0; + left = 4 + 5; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, 4 + 5); ASSERT_THAT(left, 0); @@ -504,6 +581,11 @@ TEST(Sequence, BasicMultipleValues2) { uint64_t pos = 0; uint64_t left = 4 + 2; uint64_t expected_pos = left; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, expected_pos); + ASSERT_THAT(left, 0); + pos = 0; + left = 4 + 2; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, expected_pos); ASSERT_THAT(left, 0); @@ -525,6 +607,11 @@ TEST(Sequence, BasicMultipleValues3) { uint64_t pos = 0; uint64_t left = 4 + 2 + 4 + 2; uint64_t expected_pos = left; + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationOK); + ASSERT_THAT(pos, expected_pos); + ASSERT_THAT(left, 0); + pos = 0; + left = 4 + 2 + 4 + 2; ASSERT_TRUE(field.read(data, pos, left)); ASSERT_THAT(pos, expected_pos); ASSERT_THAT(left, 0); @@ -548,7 +635,7 @@ TEST(Sequence, NotEnoughData) { uint64_t pos = 0; uint64_t left = 4 + 4; - ASSERT_FALSE(field.read(data, pos, left)); + ASSERT_THAT(field.validate(data, 0, pos, left), Message::ValidationFailed); } // Tests for Message interface and helper function createMsgBodyReader. @@ -556,7 +643,16 @@ TEST(PostgresMessage, SingleFieldInt32) { std::unique_ptr msg = createMsgBodyReader(); Buffer::OwnedImpl data; + // Validation of empty message should complain that there + // is not enough data in the buffer. + ASSERT_THAT(msg->validate(data, 0, 4), Message::ValidationNeedMoreData); + data.writeBEInt(12); + + // Simulate that message is longer than In32. + ASSERT_THAT(msg->validate(data, 0, 5), Message::ValidationFailed); + + ASSERT_THAT(msg->validate(data, 0, 4), Message::ValidationOK); ASSERT_TRUE(msg->read(data, 4)); auto out = msg->toString(); ASSERT_THAT(out, "[12]"); @@ -566,7 +662,13 @@ TEST(PostgresMessage, SingleFieldInt16) { std::unique_ptr msg = createMsgBodyReader(); Buffer::OwnedImpl data; + + // Validation of empty message should complain that there + // is not enough data in the buffer. + ASSERT_THAT(msg->validate(data, 0, 2), Message::ValidationNeedMoreData); + data.writeBEInt(12); + ASSERT_THAT(msg->validate(data, 0, 2), Message::ValidationOK); ASSERT_TRUE(msg->read(data, 2)); auto out = msg->toString(); ASSERT_THAT(out, "[12]"); @@ -576,12 +678,18 @@ TEST(PostgresMessage, SingleByteN) { std::unique_ptr msg = createMsgBodyReader(); Buffer::OwnedImpl data; + // Validation of empty message should complain that there + // is not enough data in the buffer. + ASSERT_THAT(msg->validate(data, 0, 4), Message::ValidationNeedMoreData); + data.writeBEInt(0); data.writeBEInt(1); data.writeBEInt(2); data.writeBEInt(3); data.writeBEInt(4); - ASSERT_TRUE(msg->read(data, 5 * 1)); + const uint64_t length = 5 * 1; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("0") != std::string::npos); // NOLINT ASSERT_TRUE(out.find("1") != std::string::npos); // NOLINT @@ -594,9 +702,16 @@ TEST(PostgresMessage, MultipleValues1) { std::unique_ptr msg = createMsgBodyReader(); Buffer::OwnedImpl data; + + // Validation of empty message should complain that there + // is not enough data in the buffer. + ASSERT_THAT(msg->validate(data, 0, 4), Message::ValidationNeedMoreData); + data.writeBEInt(12); data.writeBEInt(13); - ASSERT_TRUE(msg->read(data, 4 + 2)); + const uint64_t length = 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("12") != std::string::npos); ASSERT_TRUE(out.find("13") != std::string::npos); @@ -609,7 +724,9 @@ TEST(PostgresMessage, MultipleValues2) { data.writeBEInt(13); data.writeBEInt(14); data.writeBEInt(15); - ASSERT_TRUE(msg->read(data, 2 + 4 + 2)); + const uint64_t length = 2 + 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("13") != std::string::npos); ASSERT_TRUE(out.find("14") != std::string::npos); @@ -624,7 +741,9 @@ TEST(PostgresMessage, MultipleValues3) { data.writeBEInt(13); data.writeBEInt(14); data.writeBEInt(15); - ASSERT_TRUE(msg->read(data, 4 + 2 + 4 + 2)); + const uint64_t length = 4 + 2 + 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("12") != std::string::npos); ASSERT_TRUE(out.find("13") != std::string::npos); @@ -641,7 +760,9 @@ TEST(PostgresMessage, MultipleValues4) { data.writeBEInt(15); data.writeBEInt(16); data.writeBEInt(17); - ASSERT_TRUE(msg->read(data, 2 + 4 + 2 + 4 + 2)); + const uint64_t length = 2 + 4 + 2 + 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("13") != std::string::npos); ASSERT_TRUE(out.find("14") != std::string::npos); @@ -660,7 +781,9 @@ TEST(PostgresMessage, MultipleValues5) { data.writeBEInt(15); data.writeBEInt(16); data.writeBEInt(17); - ASSERT_TRUE(msg->read(data, 4 + 2 + 4 + 2 + 4 + 2)); + const uint64_t length = 4 + 2 + 4 + 2 + 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("12") != std::string::npos); ASSERT_TRUE(out.find("13") != std::string::npos); @@ -683,7 +806,9 @@ TEST(PostgresMessage, MultipleValues6) { data.writeBEInt(15); data.writeBEInt(16); data.writeBEInt(17); - ASSERT_TRUE(msg->read(data, 5 + 4 + 2 + 4 + 2 + 4 + 2)); + const uint64_t length = 5 + 4 + 2 + 4 + 2 + 4 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("test") != std::string::npos); ASSERT_TRUE(out.find("12") != std::string::npos); @@ -706,7 +831,9 @@ TEST(PostgresMessage, MultipleValues7) { data.writeBEInt(13); data.writeBEInt(14); data.writeBEInt(15); - ASSERT_TRUE(msg->read(data, 5 + 2 + 3 * 4)); + const uint64_t length = 5 + 2 + 3 * 4; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("test") != std::string::npos); ASSERT_TRUE(out.find("13") != std::string::npos); @@ -723,7 +850,9 @@ TEST(PostgresMessage, ArraySet1) { data.writeBEInt(13); data.writeBEInt(14); data.writeBEInt(15); - ASSERT_TRUE(msg->read(data, 2 + 3 * 2)); + const uint64_t length = 2 + 3 * 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("13") != std::string::npos); ASSERT_TRUE(out.find("14") != std::string::npos); @@ -746,8 +875,9 @@ TEST(PostgresMessage, ArraySet2) { // 16-bits value. data.writeBEInt(115); - - ASSERT_TRUE(msg->read(data, 2 + 4 + 5 + 2)); + const uint64_t length = 2 + 4 + 5 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("114") != std::string::npos); ASSERT_TRUE(out.find("115") != std::string::npos); @@ -775,8 +905,9 @@ TEST(PostgresMessage, ArraySet3) { // 16-bits value. data.writeBEInt(115); - - ASSERT_TRUE(msg->read(data, 2 + 3 * 2 + 2 + 4 + 5 + 2)); + const uint64_t length = 2 + 3 * 2 + 2 + 4 + 5 + 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("13") != std::string::npos); ASSERT_TRUE(out.find("115") != std::string::npos); @@ -800,8 +931,9 @@ TEST(PostgresMessage, ArraySet4) { data.writeBEInt(2); data.writeBEInt(113); data.writeBEInt(114); - - ASSERT_TRUE(msg->read(data, 2 + 4 + 5 + 2 + 2 * 2)); + const uint64_t length = 2 + 4 + 5 + 2 + 2 * 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("111") != std::string::npos); ASSERT_TRUE(out.find("114") != std::string::npos); @@ -831,8 +963,9 @@ TEST(PostgresMessage, ArraySet5) { data.writeBEInt(2); data.writeBEInt(113); data.writeBEInt(114); - - ASSERT_TRUE(msg->read(data, 2 + 3 * 2 + 2 + 4 + 5 + 2 + 2 * 2)); + const uint64_t length = 2 + 3 * 2 + 2 + 4 + 5 + 2 + 2 * 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("13") != std::string::npos); ASSERT_TRUE(out.find("114") != std::string::npos); @@ -868,7 +1001,9 @@ TEST(PostgresMessage, ArraySet6) { data.writeBEInt(113); data.writeBEInt(114); - ASSERT_TRUE(msg->read(data, 5 + 2 + 3 * 2 + 2 + 4 + 5 + 2 + 2 * 2)); + const uint64_t length = 5 + 2 + 3 * 2 + 2 + 4 + 5 + 2 + 2 * 2; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("test") != std::string::npos); ASSERT_TRUE(out.find("13") != std::string::npos); @@ -887,7 +1022,9 @@ TEST(PostgresMessage, Repeated1) { data.add("test3"); data.writeBEInt(0); - ASSERT_TRUE(msg->read(data, 3 * 6)); + const uint64_t length = 3 * 6; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("test1") != std::string::npos); ASSERT_TRUE(out.find("test2") != std::string::npos); @@ -907,7 +1044,9 @@ TEST(PostgresMessage, Repeated2) { data.add("test3"); data.writeBEInt(0); - ASSERT_TRUE(msg->read(data, 4 + 3 * 6)); + const uint64_t length = 4 + 3 * 6; + ASSERT_THAT(msg->validate(data, 0, length), Message::ValidationOK); + ASSERT_TRUE(msg->read(data, length)); auto out = msg->toString(); ASSERT_TRUE(out.find("115") != std::string::npos); ASSERT_TRUE(out.find("test1") != std::string::npos); @@ -923,7 +1062,27 @@ TEST(PostgresMessage, NotEnoughData) { data.writeBEInt(1); data.writeBEInt(2); - ASSERT_FALSE(msg->read(data, 3)); + ASSERT_THAT(msg->validate(data, 0, 4), Message::ValidationNeedMoreData); + ASSERT_THAT(msg->validate(data, 0, 2), Message::ValidationFailed); +} + +// Test checks validating a properly formatted message +// which starts at some offset in data buffer. +TEST(PostgresMessage, ValidateFromOffset) { + std::unique_ptr msg = createMsgBodyReader(); + Buffer::OwnedImpl data; + + // Write some data which should be skipped by validator. + data.add("skip"); + data.writeBEInt(0); + + // Write valid data according to message syntax. + data.writeBEInt(110); + data.add("test123"); + data.writeBEInt(0); + + // Skip first 5 bytes in the buffer. + ASSERT_THAT(msg->validate(data, 5, 4 + 8), Message::ValidationOK); } } // namespace PostgresProxy diff --git a/test/extensions/filters/network/postgres_proxy/postgres_test_config.yaml b/test/extensions/filters/network/postgres_proxy/postgres_test_config.yaml index 69617f4d71d3..a60abfb26adc 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_test_config.yaml +++ b/test/extensions/filters/network/postgres_proxy/postgres_test_config.yaml @@ -28,14 +28,14 @@ static_resources: address: "{}" port_value: 0 filter_chains: - - filters: - - name: postgres - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy - stat_prefix: postgres_stats - terminate_ssl: {} - - name: tcp - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy - stat_prefix: tcp_stats - cluster: cluster_0 + - filters: + - name: postgres + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.postgres_proxy.v3alpha.PostgresProxy + stat_prefix: postgres_stats + terminate_ssl: {} + - name: tcp + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy + stat_prefix: tcp_stats + cluster: cluster_0 diff --git a/test/extensions/filters/network/postgres_proxy/postgres_test_utils.cc b/test/extensions/filters/network/postgres_proxy/postgres_test_utils.cc index 51819b1ad72e..56450f5c5fe9 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_test_utils.cc +++ b/test/extensions/filters/network/postgres_proxy/postgres_test_utils.cc @@ -10,8 +10,11 @@ void createPostgresMsg(Buffer::Instance& data, std::string type, std::string pay data.drain(data.length()); ASSERT(1 == type.length()); data.add(type); - data.writeBEInt(4 + payload.length()); - data.add(payload); + data.writeBEInt(4 + (payload.empty() ? 0 : (payload.length() + 1))); + if (!payload.empty()) { + data.add(payload); + data.writeBEInt(0); + } } } // namespace PostgresProxy diff --git a/test/extensions/filters/network/postgres_proxy/postgres_test_utils.h b/test/extensions/filters/network/postgres_proxy/postgres_test_utils.h index adabc27e8d2c..0ee1614ec180 100644 --- a/test/extensions/filters/network/postgres_proxy/postgres_test_utils.h +++ b/test/extensions/filters/network/postgres_proxy/postgres_test_utils.h @@ -1,6 +1,6 @@ #pragma once -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/network/ratelimit/config_test.cc b/test/extensions/filters/network/ratelimit/config_test.cc index 279dafdf000e..f26e832f6255 100644 --- a/test/extensions/filters/network/ratelimit/config_test.cc +++ b/test/extensions/filters/network/ratelimit/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/network/ratelimit/config.h" +#include "source/extensions/filters/network/ratelimit/config.h" #include "test/mocks/server/factory_context.h" #include "test/mocks/server/instance.h" diff --git a/test/extensions/filters/network/ratelimit/ratelimit_test.cc b/test/extensions/filters/network/ratelimit/ratelimit_test.cc index d0a5741b5c2d..c59ba01e37a1 100644 --- a/test/extensions/filters/network/ratelimit/ratelimit_test.cc +++ b/test/extensions/filters/network/ratelimit/ratelimit_test.cc @@ -5,10 +5,9 @@ #include "envoy/extensions/filters/network/ratelimit/v3/rate_limit.pb.h" #include "envoy/stats/stats.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/ratelimit/ratelimit.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/ratelimit/ratelimit.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/common/ratelimit/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/rbac/config_test.cc b/test/extensions/filters/network/rbac/config_test.cc index ace7d65fb7b1..134392d49265 100644 --- a/test/extensions/filters/network/rbac/config_test.cc +++ b/test/extensions/filters/network/rbac/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.validate.h" -#include "extensions/filters/network/rbac/config.h" +#include "source/extensions/filters/network/rbac/config.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/rbac/filter_test.cc b/test/extensions/filters/network/rbac/filter_test.cc index 72b84b209840..0bcf52baa8d6 100644 --- a/test/extensions/filters/network/rbac/filter_test.cc +++ b/test/extensions/filters/network/rbac/filter_test.cc @@ -3,11 +3,10 @@ #include "envoy/config/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" -#include "common/network/utility.h" - -#include "extensions/filters/common/rbac/utility.h" -#include "extensions/filters/network/rbac/rbac_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/common/rbac/utility.h" +#include "source/extensions/filters/network/rbac/rbac_filter.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/mocks/network/mocks.h" @@ -33,8 +32,8 @@ class RoleBasedAccessControlNetworkFilterTest : public testing::Test { if (with_policy) { envoy::config::rbac::v3::Policy policy; auto policy_rules = policy.add_permissions()->mutable_or_rules(); - policy_rules->add_rules()->mutable_requested_server_name()->set_hidden_envoy_deprecated_regex( - ".*cncf.io"); + policy_rules->add_rules()->mutable_requested_server_name()->MergeFrom( + TestUtility::createRegexMatcher(".*cncf.io")); policy_rules->add_rules()->set_destination_port(123); policy.add_principals()->set_any(true); config.mutable_rules()->set_action(action); diff --git a/test/extensions/filters/network/rbac/integration_test.cc b/test/extensions/filters/network/rbac/integration_test.cc index ba77509e45aa..39bf4386bdd9 100644 --- a/test/extensions/filters/network/rbac/integration_test.cc +++ b/test/extensions/filters/network/rbac/integration_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.h" #include "envoy/extensions/filters/network/rbac/v3/rbac.pb.validate.h" -#include "extensions/filters/network/rbac/config.h" +#include "source/extensions/filters/network/rbac/config.h" #include "test/integration/integration.h" #include "test/test_common/environment.h" diff --git a/test/extensions/filters/network/redis_proxy/command_lookup_speed_test.cc b/test/extensions/filters/network/redis_proxy/command_lookup_speed_test.cc index 3b6dee686f25..7cafe805d3c6 100644 --- a/test/extensions/filters/network/redis_proxy/command_lookup_speed_test.cc +++ b/test/extensions/filters/network/redis_proxy/command_lookup_speed_test.cc @@ -5,12 +5,11 @@ #include #include -#include "common/common/fmt.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/supported_commands.h" -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "test/extensions/filters/network/redis_proxy/mocks.h" #include "test/mocks/event/mocks.h" diff --git a/test/extensions/filters/network/redis_proxy/command_split_speed_test.cc b/test/extensions/filters/network/redis_proxy/command_split_speed_test.cc index 794b4b8b41b4..0feefb51b924 100644 --- a/test/extensions/filters/network/redis_proxy/command_split_speed_test.cc +++ b/test/extensions/filters/network/redis_proxy/command_split_speed_test.cc @@ -5,13 +5,12 @@ #include #include -#include "common/common/fmt.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/common/redis/client_impl.h" -#include "extensions/filters/network/common/redis/supported_commands.h" -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" -#include "extensions/filters/network/redis_proxy/router_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/common/redis/client_impl.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/extensions/filters/network/redis_proxy/router_impl.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/filters/network/redis_proxy/command_splitter_impl_test.cc b/test/extensions/filters/network/redis_proxy/command_splitter_impl_test.cc index f0d8177a6f9a..9d56735abdce 100644 --- a/test/extensions/filters/network/redis_proxy/command_splitter_impl_test.cc +++ b/test/extensions/filters/network/redis_proxy/command_splitter_impl_test.cc @@ -3,12 +3,11 @@ #include #include -#include "common/common/fmt.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/filters/network/common/redis/fault_impl.h" -#include "extensions/filters/network/common/redis/supported_commands.h" -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" +#include "source/extensions/filters/network/common/redis/supported_commands.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/extensions/filters/network/redis_proxy/mocks.h" diff --git a/test/extensions/filters/network/redis_proxy/config_test.cc b/test/extensions/filters/network/redis_proxy/config_test.cc index 798c8f573fda..b57c1c772549 100644 --- a/test/extensions/filters/network/redis_proxy/config_test.cc +++ b/test/extensions/filters/network/redis_proxy/config_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/redis_proxy/config.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/redis_proxy/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/test_runtime.h" diff --git a/test/extensions/filters/network/redis_proxy/conn_pool_impl_test.cc b/test/extensions/filters/network/redis_proxy/conn_pool_impl_test.cc index 1963c3ab2b20..594771b5a098 100644 --- a/test/extensions/filters/network/redis_proxy/conn_pool_impl_test.cc +++ b/test/extensions/filters/network/redis_proxy/conn_pool_impl_test.cc @@ -6,11 +6,10 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/filters/network/common/redis/utility.h" -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/filters/network/common/redis/utility.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" #include "test/extensions/clusters/redis/mocks.h" #include "test/extensions/common/redis/mocks.h" diff --git a/test/extensions/filters/network/redis_proxy/mocks.h b/test/extensions/filters/network/redis_proxy/mocks.h index e90842bba06d..0bbb1e1931d0 100644 --- a/test/extensions/filters/network/redis_proxy/mocks.h +++ b/test/extensions/filters/network/redis_proxy/mocks.h @@ -4,13 +4,13 @@ #include #include -#include "extensions/common/redis/cluster_refresh_manager.h" -#include "extensions/filters/network/common/redis/client.h" -#include "extensions/filters/network/common/redis/codec_impl.h" -#include "extensions/filters/network/common/redis/fault.h" -#include "extensions/filters/network/redis_proxy/command_splitter.h" -#include "extensions/filters/network/redis_proxy/conn_pool.h" -#include "extensions/filters/network/redis_proxy/router.h" +#include "source/extensions/common/redis/cluster_refresh_manager.h" +#include "source/extensions/filters/network/common/redis/client.h" +#include "source/extensions/filters/network/common/redis/codec_impl.h" +#include "source/extensions/filters/network/common/redis/fault.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool.h" +#include "source/extensions/filters/network/redis_proxy/router.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/redis_proxy/proxy_filter_test.cc b/test/extensions/filters/network/redis_proxy/proxy_filter_test.cc index 1dba30ee201e..36face2a3874 100644 --- a/test/extensions/filters/network/redis_proxy/proxy_filter_test.cc +++ b/test/extensions/filters/network/redis_proxy/proxy_filter_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" -#include "extensions/filters/network/redis_proxy/proxy_filter.h" +#include "source/extensions/filters/network/redis_proxy/proxy_filter.h" #include "test/common/stats/stat_test_utility.h" #include "test/extensions/filters/network/common/redis/mocks.h" diff --git a/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc b/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc index 4b014fc08c1b..404651366b7c 100644 --- a/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc +++ b/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc @@ -1,10 +1,9 @@ #include #include -#include "common/common/fmt.h" - -#include "extensions/filters/network/common/redis/fault_impl.h" -#include "extensions/filters/network/redis_proxy/command_splitter_impl.h" +#include "source/common/common/fmt.h" +#include "source/extensions/filters/network/common/redis/fault_impl.h" +#include "source/extensions/filters/network/redis_proxy/command_splitter_impl.h" #include "test/integration/integration.h" diff --git a/test/extensions/filters/network/redis_proxy/router_impl_test.cc b/test/extensions/filters/network/redis_proxy/router_impl_test.cc index 6e9f402ae028..87e5b704a2f1 100644 --- a/test/extensions/filters/network/redis_proxy/router_impl_test.cc +++ b/test/extensions/filters/network/redis_proxy/router_impl_test.cc @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "extensions/filters/network/redis_proxy/conn_pool_impl.h" -#include "extensions/filters/network/redis_proxy/router_impl.h" +#include "source/extensions/filters/network/redis_proxy/conn_pool_impl.h" +#include "source/extensions/filters/network/redis_proxy/router_impl.h" #include "test/extensions/filters/network/common/redis/mocks.h" #include "test/extensions/filters/network/redis_proxy/mocks.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/active_message_test.cc b/test/extensions/filters/network/rocketmq_proxy/active_message_test.cc index 3dfc65ca1ee1..3720074f1b57 100644 --- a/test/extensions/filters/network/rocketmq_proxy/active_message_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/active_message_test.cc @@ -1,10 +1,9 @@ -#include "common/network/address_impl.h" - -#include "extensions/filters/network/rocketmq_proxy/active_message.h" -#include "extensions/filters/network/rocketmq_proxy/config.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/protocol.h" -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/network/rocketmq_proxy/active_message.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" #include "test/extensions/filters/network/rocketmq_proxy/utility.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/codec_test.cc b/test/extensions/filters/network/rocketmq_proxy/codec_test.cc index 902584b5b3fc..9c8fe92beb23 100644 --- a/test/extensions/filters/network/rocketmq_proxy/codec_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/codec_test.cc @@ -1,9 +1,8 @@ -#include "common/common/empty_string.h" -#include "common/common/enum_to_int.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/rocketmq_proxy/codec.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/enum_to_int.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/codec.h" #include "test/extensions/filters/network/rocketmq_proxy/utility.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/config_test.cc b/test/extensions/filters/network/rocketmq_proxy/config_test.cc index 3030522c9eb7..592ae5de01f8 100644 --- a/test/extensions/filters/network/rocketmq_proxy/config_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/rocketmq_proxy.pb.validate.h" -#include "extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" #include "test/mocks/local_info/mocks.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/conn_manager_test.cc b/test/extensions/filters/network/rocketmq_proxy/conn_manager_test.cc index 272706d89f95..44e3c1a9d64e 100644 --- a/test/extensions/filters/network/rocketmq_proxy/conn_manager_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/conn_manager_test.cc @@ -1,8 +1,8 @@ #include "envoy/network/connection.h" -#include "extensions/filters/network/rocketmq_proxy/config.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" #include "test/common/stats/stat_test_utility.h" #include "test/common/upstream/utility.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/mocks.cc b/test/extensions/filters/network/rocketmq_proxy/mocks.cc index 80d4fe73291c..aea79d23d4e1 100644 --- a/test/extensions/filters/network/rocketmq_proxy/mocks.cc +++ b/test/extensions/filters/network/rocketmq_proxy/mocks.cc @@ -1,6 +1,6 @@ #include "test/extensions/filters/network/rocketmq_proxy/mocks.h" -#include "extensions/filters/network/rocketmq_proxy/router/router_impl.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router_impl.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/mocks.h b/test/extensions/filters/network/rocketmq_proxy/mocks.h index 8debb71f8217..23302611dc28 100644 --- a/test/extensions/filters/network/rocketmq_proxy/mocks.h +++ b/test/extensions/filters/network/rocketmq_proxy/mocks.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/network/rocketmq_proxy/active_message.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/active_message.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "test/mocks/upstream/cluster_manager.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc b/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc index d22099f24fc6..057b6dcc10d7 100644 --- a/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc @@ -1,6 +1,5 @@ -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/rocketmq_proxy/protocol.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/protocol.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/route_matcher_test.cc b/test/extensions/filters/network/rocketmq_proxy/route_matcher_test.cc index 947e67481f9b..620fb5432124 100644 --- a/test/extensions/filters/network/rocketmq_proxy/route_matcher_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/route_matcher_test.cc @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/rocketmq_proxy/v3/route.pb.h" #include "envoy/extensions/filters/network/rocketmq_proxy/v3/route.pb.validate.h" -#include "extensions/filters/network/rocketmq_proxy/metadata.h" -#include "extensions/filters/network/rocketmq_proxy/router/route_matcher.h" +#include "source/extensions/filters/network/rocketmq_proxy/metadata.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/router_test.cc b/test/extensions/filters/network/rocketmq_proxy/router_test.cc index 4041fb54fe2a..49521a9c4763 100644 --- a/test/extensions/filters/network/rocketmq_proxy/router_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/router_test.cc @@ -1,7 +1,7 @@ -#include "extensions/filters/network/rocketmq_proxy/config.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" -#include "extensions/filters/network/rocketmq_proxy/router/router.h" -#include "extensions/filters/network/rocketmq_proxy/well_known_names.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/router/router.h" +#include "source/extensions/filters/network/rocketmq_proxy/well_known_names.h" #include "test/extensions/filters/network/rocketmq_proxy/mocks.h" #include "test/extensions/filters/network/rocketmq_proxy/utility.h" @@ -246,7 +246,7 @@ TEST_F(RocketmqRouterTest, NoHealthyHosts) { EXPECT_THAT(error_message, ContainsRegex(".*No host available*.")); })); EXPECT_CALL(context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); EXPECT_CALL(*active_message_, onReset()); startRequest(); diff --git a/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc b/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc index 5cc9af4b845b..e1c64375c740 100644 --- a/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc @@ -1,6 +1,5 @@ -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/rocketmq_proxy/topic_route.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/rocketmq_proxy/topic_route.h" #include "absl/container/node_hash_map.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/rocketmq_proxy/utility.h b/test/extensions/filters/network/rocketmq_proxy/utility.h index df702e09aadc..ffbc286bc18b 100644 --- a/test/extensions/filters/network/rocketmq_proxy/utility.h +++ b/test/extensions/filters/network/rocketmq_proxy/utility.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/network/rocketmq_proxy/config.h" -#include "extensions/filters/network/rocketmq_proxy/conn_manager.h" +#include "source/extensions/filters/network/rocketmq_proxy/config.h" +#include "source/extensions/filters/network/rocketmq_proxy/conn_manager.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/sni_cluster/sni_cluster_test.cc b/test/extensions/filters/network/sni_cluster/sni_cluster_test.cc index 61c9a79ee681..198bdee67959 100644 --- a/test/extensions/filters/network/sni_cluster/sni_cluster_test.cc +++ b/test/extensions/filters/network/sni_cluster/sni_cluster_test.cc @@ -1,7 +1,6 @@ -#include "common/tcp_proxy/tcp_proxy.h" - -#include "extensions/filters/network/sni_cluster/config.h" -#include "extensions/filters/network/sni_cluster/sni_cluster.h" +#include "source/common/tcp_proxy/tcp_proxy.h" +#include "source/extensions/filters/network/sni_cluster/config.h" +#include "source/extensions/filters/network/sni_cluster/sni_cluster.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_integration_test.cc b/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_integration_test.cc index 93a58f03bf5e..8a6d9c62a224 100644 --- a/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_integration_test.cc +++ b/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_integration_test.cc @@ -3,8 +3,8 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/integration/http_integration.h" #include "test/integration/ssl_utility.h" @@ -20,11 +20,10 @@ class SniDynamicProxyFilterIntegrationTest // This test is using HTTP integration test to use the utilities to pass SNI from downstream // to upstream. The config being tested is tcp_proxy. SniDynamicProxyFilterIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam(), - ConfigHelper::tcpProxyConfig()) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam(), ConfigHelper::tcpProxyConfig()) {} void setup(uint64_t max_hosts = 1024, uint32_t max_pending_requests = 1024) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); config_helper_.addListenerFilter(ConfigHelper::tlsInspectorFilter()); @@ -86,7 +85,7 @@ name: envoy.clusters.dynamic_forward_proxy void createUpstreams() override { addFakeUpstream( Ssl::createFakeUpstreamSslContext(upstream_cert_name_, context_manager_, factory_context_), - FakeHttpConnection::Type::HTTP1); + Http::CodecType::HTTP1); } Network::ClientConnectionPtr diff --git a/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_test.cc b/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_test.cc index 4d9d35cb87ce..5eda1b49de6b 100644 --- a/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_test.cc +++ b/test/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha/sni_dynamic_forward_proxy.pb.h" #include "envoy/network/connection.h" -#include "extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/sni_dynamic_forward_proxy/proxy_filter.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/common/dynamic_forward_proxy/mocks.h" #include "test/mocks/http/mocks.h" diff --git a/test/extensions/filters/network/tcp_proxy/config_test.cc b/test/extensions/filters/network/tcp_proxy/config_test.cc index 1de0240088ee..201379a7ce6b 100644 --- a/test/extensions/filters/network/tcp_proxy/config_test.cc +++ b/test/extensions/filters/network/tcp_proxy/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" -#include "extensions/filters/network/tcp_proxy/config.h" +#include "source/extensions/filters/network/tcp_proxy/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/test_runtime.h" diff --git a/test/extensions/filters/network/thrift_proxy/BUILD b/test/extensions/filters/network/thrift_proxy/BUILD index b4bb10f1d2d2..7ae593821a98 100644 --- a/test/extensions/filters/network/thrift_proxy/BUILD +++ b/test/extensions/filters/network/thrift_proxy/BUILD @@ -286,7 +286,7 @@ envoy_extension_cc_test( deps = [ ":mocks", ":utility_lib", - "//include/envoy/common:base_includes", + "//envoy/common:base_includes", "//source/common/network:address_lib", "//source/extensions/filters/network/thrift_proxy:config", "//source/extensions/filters/network/thrift_proxy/router:config", diff --git a/test/extensions/filters/network/thrift_proxy/app_exception_impl_test.cc b/test/extensions/filters/network/thrift_proxy/app_exception_impl_test.cc index 245ecd9423ab..fe93f96cbcc6 100644 --- a/test/extensions/filters/network/thrift_proxy/app_exception_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/app_exception_impl_test.cc @@ -1,6 +1,5 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" diff --git a/test/extensions/filters/network/thrift_proxy/auto_protocol_impl_test.cc b/test/extensions/filters/network/thrift_proxy/auto_protocol_impl_test.cc index cec16c3a5948..9b5bde2c707b 100644 --- a/test/extensions/filters/network/thrift_proxy/auto_protocol_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/auto_protocol_impl_test.cc @@ -1,11 +1,10 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/auto_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/auto_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/auto_transport_impl_test.cc b/test/extensions/filters/network/thrift_proxy/auto_transport_impl_test.cc index e451dbdd6f85..024dcb5fc3eb 100644 --- a/test/extensions/filters/network/thrift_proxy/auto_transport_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/auto_transport_impl_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/auto_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/auto_transport_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/binary_protocol_impl_test.cc b/test/extensions/filters/network/thrift_proxy/binary_protocol_impl_test.cc index a3ea1d80a0cb..e828b0b346df 100644 --- a/test/extensions/filters/network/thrift_proxy/binary_protocol_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/binary_protocol_impl_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/buffer_helper_test.cc b/test/extensions/filters/network/thrift_proxy/buffer_helper_test.cc index 0f2a1b0cdb3a..1b0e133b1a24 100644 --- a/test/extensions/filters/network/thrift_proxy/buffer_helper_test.cc +++ b/test/extensions/filters/network/thrift_proxy/buffer_helper_test.cc @@ -2,9 +2,8 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/compact_protocol_impl_test.cc b/test/extensions/filters/network/thrift_proxy/compact_protocol_impl_test.cc index 9033c7e12414..a4e32077836a 100644 --- a/test/extensions/filters/network/thrift_proxy/compact_protocol_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/compact_protocol_impl_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/compact_protocol_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/compact_protocol_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/config_test.cc b/test/extensions/filters/network/thrift_proxy/config_test.cc index aa52a2143ed4..9ff67f65ef2b 100644 --- a/test/extensions/filters/network/thrift_proxy/config_test.cc +++ b/test/extensions/filters/network/thrift_proxy/config_test.cc @@ -1,8 +1,8 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" -#include "extensions/filters/network/thrift_proxy/config.h" -#include "extensions/filters/network/thrift_proxy/filters/factory_base.h" +#include "source/extensions/filters/network/thrift_proxy/config.h" +#include "source/extensions/filters/network/thrift_proxy/filters/factory_base.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/thrift_proxy/conn_manager_test.cc b/test/extensions/filters/network/thrift_proxy/conn_manager_test.cc index d02028fd90e0..7ac6ee7bf94b 100644 --- a/test/extensions/filters/network/thrift_proxy/conn_manager_test.cc +++ b/test/extensions/filters/network/thrift_proxy/conn_manager_test.cc @@ -3,14 +3,13 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/binary_protocol_impl.h" -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" -#include "extensions/filters/network/thrift_proxy/config.h" -#include "extensions/filters/network/thrift_proxy/conn_manager.h" -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/header_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/binary_protocol_impl.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/config.h" +#include "source/extensions/filters/network/thrift_proxy/conn_manager.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/header_transport_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" diff --git a/test/extensions/filters/network/thrift_proxy/conn_state_test.cc b/test/extensions/filters/network/thrift_proxy/conn_state_test.cc index 5a875e9cc987..bdbe9e504bff 100644 --- a/test/extensions/filters/network/thrift_proxy/conn_state_test.cc +++ b/test/extensions/filters/network/thrift_proxy/conn_state_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/conn_state.h" +#include "source/extensions/filters/network/thrift_proxy/conn_state.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/thrift_proxy/decoder_test.cc b/test/extensions/filters/network/thrift_proxy/decoder_test.cc index 87f505b06e2c..a0ef74a6d207 100644 --- a/test/extensions/filters/network/thrift_proxy/decoder_test.cc +++ b/test/extensions/filters/network/thrift_proxy/decoder_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/decoder.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/decoder.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/filters/pass_through_filter_test.cc b/test/extensions/filters/network/thrift_proxy/filters/pass_through_filter_test.cc index bd0952258bbc..abf5a15bc569 100644 --- a/test/extensions/filters/network/thrift_proxy/filters/pass_through_filter_test.cc +++ b/test/extensions/filters/network/thrift_proxy/filters/pass_through_filter_test.cc @@ -1,7 +1,7 @@ #include #include -#include "extensions/filters/network/thrift_proxy/filters/pass_through_filter.h" +#include "source/extensions/filters/network/thrift_proxy/filters/pass_through_filter.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD index f3aa06ba8df0..8028511adca9 100644 --- a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD +++ b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/BUILD @@ -19,7 +19,6 @@ envoy_extension_cc_test( "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/http:headers_lib", - "//source/extensions/filters/network/thrift_proxy/filters:well_known_names", "//source/extensions/filters/network/thrift_proxy/filters/ratelimit:ratelimit_lib", "//test/extensions/filters/common/ratelimit:ratelimit_mocks", "//test/extensions/filters/network/thrift_proxy:mocks", diff --git a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/config_test.cc b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/config_test.cc index 30c4f38d12c8..6a374d68fb5d 100644 --- a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/config_test.cc +++ b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.validate.h" -#include "extensions/filters/network/thrift_proxy/filters/ratelimit/config.h" +#include "source/extensions/filters/network/thrift_proxy/filters/ratelimit/config.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/mocks/server/factory_context.h" diff --git a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit_test.cc b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit_test.cc index 07db070f0d77..88ff099bce75 100644 --- a/test/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit_test.cc +++ b/test/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit_test.cc @@ -4,13 +4,11 @@ #include "envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3/rate_limit.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/http/headers.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" -#include "extensions/filters/network/thrift_proxy/filters/well_known_names.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/http/headers.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/filters/ratelimit/ratelimit.h" #include "test/extensions/filters/common/ratelimit/mocks.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" @@ -339,7 +337,7 @@ TEST_F(ThriftRateLimitFilterTest, ErrorResponseWithDynamicMetadata) { EXPECT_CALL(filter_callbacks_.stream_info_, setDynamicMetadata(_, _)) .WillOnce(Invoke([&dynamic_metadata](const std::string& ns, const ProtobufWkt::Struct& returned_dynamic_metadata) { - EXPECT_EQ(ns, ThriftProxy::ThriftFilters::ThriftFilterNames::get().RATE_LIMIT); + EXPECT_EQ(ns, "envoy.filters.thrift.rate_limit"); EXPECT_TRUE(TestUtility::protoEqual(returned_dynamic_metadata, *dynamic_metadata)); })); diff --git a/test/extensions/filters/network/thrift_proxy/framed_transport_impl_test.cc b/test/extensions/filters/network/thrift_proxy/framed_transport_impl_test.cc index f3afa26d2f10..37b4c164039a 100644 --- a/test/extensions/filters/network/thrift_proxy/framed_transport_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/framed_transport_impl_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/header_transport_impl_test.cc b/test/extensions/filters/network/thrift_proxy/header_transport_impl_test.cc index 73a60b91ec5d..33cc7e7fb4f6 100644 --- a/test/extensions/filters/network/thrift_proxy/header_transport_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/header_transport_impl_test.cc @@ -1,8 +1,7 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/header_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/header_transport_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/integration.h b/test/extensions/filters/network/thrift_proxy/integration.h index 6010c6e64fbe..977348c1863b 100644 --- a/test/extensions/filters/network/thrift_proxy/integration.h +++ b/test/extensions/filters/network/thrift_proxy/integration.h @@ -3,7 +3,7 @@ #include #include -#include "extensions/filters/network/thrift_proxy/thrift.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" #include "test/integration/integration.h" diff --git a/test/extensions/filters/network/thrift_proxy/integration_test.cc b/test/extensions/filters/network/thrift_proxy/integration_test.cc index 16dddb2b3163..5f7cb2c41b15 100644 --- a/test/extensions/filters/network/thrift_proxy/integration_test.cc +++ b/test/extensions/filters/network/thrift_proxy/integration_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "extensions/filters/network/thrift_proxy/buffer_helper.h" +#include "source/extensions/filters/network/thrift_proxy/buffer_helper.h" #include "test/extensions/filters/network/thrift_proxy/integration.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/metadata_test.cc b/test/extensions/filters/network/thrift_proxy/metadata_test.cc index 17bd4a0aaeb8..6ca84143e6dc 100644 --- a/test/extensions/filters/network/thrift_proxy/metadata_test.cc +++ b/test/extensions/filters/network/thrift_proxy/metadata_test.cc @@ -1,4 +1,4 @@ -#include "extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/mocks.cc b/test/extensions/filters/network/thrift_proxy/mocks.cc index 0f177cc79e50..8e93ace6f0c3 100644 --- a/test/extensions/filters/network/thrift_proxy/mocks.cc +++ b/test/extensions/filters/network/thrift_proxy/mocks.cc @@ -2,7 +2,7 @@ #include -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/network/thrift_proxy/mocks.h b/test/extensions/filters/network/thrift_proxy/mocks.h index 7db68172d259..b55d4bc466a9 100644 --- a/test/extensions/filters/network/thrift_proxy/mocks.h +++ b/test/extensions/filters/network/thrift_proxy/mocks.h @@ -2,15 +2,15 @@ #include "envoy/router/router.h" -#include "extensions/filters/network/thrift_proxy/conn_manager.h" -#include "extensions/filters/network/thrift_proxy/conn_state.h" -#include "extensions/filters/network/thrift_proxy/filters/factory_base.h" -#include "extensions/filters/network/thrift_proxy/filters/filter.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/protocol.h" -#include "extensions/filters/network/thrift_proxy/router/router.h" -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit.h" -#include "extensions/filters/network/thrift_proxy/transport.h" +#include "source/extensions/filters/network/thrift_proxy/conn_manager.h" +#include "source/extensions/filters/network/thrift_proxy/conn_state.h" +#include "source/extensions/filters/network/thrift_proxy/filters/factory_base.h" +#include "source/extensions/filters/network/thrift_proxy/filters/filter.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/protocol.h" +#include "source/extensions/filters/network/thrift_proxy/router/router.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h" +#include "source/extensions/filters/network/thrift_proxy/transport.h" #include "test/mocks/network/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/extensions/filters/network/thrift_proxy/route_matcher_test.cc b/test/extensions/filters/network/thrift_proxy/route_matcher_test.cc index 079f646d3a91..d7623f2418d2 100644 --- a/test/extensions/filters/network/thrift_proxy/route_matcher_test.cc +++ b/test/extensions/filters/network/thrift_proxy/route_matcher_test.cc @@ -3,10 +3,9 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/route.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/route.pb.validate.h" -#include "common/config/metadata.h" - -#include "extensions/filters/network/thrift_proxy/router/config.h" -#include "extensions/filters/network/thrift_proxy/router/router_impl.h" +#include "source/common/config/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/router/config.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/router_ratelimit_test.cc b/test/extensions/filters/network/thrift_proxy/router_ratelimit_test.cc index 57b205f02981..9e5c6a1bcb01 100644 --- a/test/extensions/filters/network/thrift_proxy/router_ratelimit_test.cc +++ b/test/extensions/filters/network/thrift_proxy/router_ratelimit_test.cc @@ -6,12 +6,11 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.validate.h" #include "envoy/ratelimit/ratelimit.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" - -#include "extensions/filters/network/thrift_proxy/config.h" -#include "extensions/filters/network/thrift_proxy/metadata.h" -#include "extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/filters/network/thrift_proxy/config.h" +#include "source/extensions/filters/network/thrift_proxy/metadata.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/mocks/ratelimit/mocks.h" diff --git a/test/extensions/filters/network/thrift_proxy/router_test.cc b/test/extensions/filters/network/thrift_proxy/router_test.cc index 03448be78b93..a072c214b57a 100644 --- a/test/extensions/filters/network/thrift_proxy/router_test.cc +++ b/test/extensions/filters/network/thrift_proxy/router_test.cc @@ -4,12 +4,11 @@ #include "envoy/config/filter/thrift/router/v2alpha1/router.pb.validate.h" #include "envoy/tcp/conn_pool.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/app_exception_impl.h" -#include "extensions/filters/network/thrift_proxy/config.h" -#include "extensions/filters/network/thrift_proxy/router/config.h" -#include "extensions/filters/network/thrift_proxy/router/router_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/app_exception_impl.h" +#include "source/extensions/filters/network/thrift_proxy/config.h" +#include "source/extensions/filters/network/thrift_proxy/router/config.h" +#include "source/extensions/filters/network/thrift_proxy/router/router_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" @@ -577,7 +576,7 @@ TEST_F(ThriftRouterTest, NoHealthyHosts) { EXPECT_CALL(*route_, routeEntry()).WillOnce(Return(&route_entry_)); EXPECT_CALL(route_entry_, clusterName()).WillRepeatedly(ReturnRef(cluster_name_)); EXPECT_CALL(context_.cluster_manager_.thread_local_cluster_, tcpConnPool(_, _)) - .WillOnce(Return(nullptr)); + .WillOnce(Return(absl::nullopt)); EXPECT_CALL(callbacks_, sendLocalReply(_, _)) .WillOnce(Invoke([&](const DirectResponse& response, bool end_stream) -> void { @@ -740,6 +739,14 @@ TEST_F(ThriftRouterTest, UnexpectedRouterDestroy) { } TEST_F(ThriftRouterTest, ProtocolUpgrade) { + Stats::MockStore cluster_scope; + ON_CALL(*context_.cluster_manager_.thread_local_cluster_.cluster_.info_, statsScope()) + .WillByDefault(ReturnRef(cluster_scope)); + + EXPECT_CALL(cluster_scope, counter("thrift.upstream_rq_call")); + EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_reply")); + EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_success")); + initializeRouter(); startRequest(MessageType::Call); @@ -760,6 +767,21 @@ TEST_F(ThriftRouterTest, ProtocolUpgrade) { EXPECT_CALL(*protocol_, supportsUpgrade()).WillOnce(Return(true)); + EXPECT_CALL(cluster_scope, + histogram("thrift.upstream_rq_time", Stats::Histogram::Unit::Milliseconds)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_rq_time"), _)); + + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_rq_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_rq_size"), _)); + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_resp_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_resp_size"), _)); + MockThriftObject* upgrade_response = new NiceMock(); EXPECT_CALL(*protocol_, attemptUpgrade(_, _, _)) @@ -796,16 +818,6 @@ TEST_F(ThriftRouterTest, ProtocolUpgrade) { completeRequest(); returnResponse(); destroyRouter(); - - EXPECT_EQ(1UL, context_.cluster_manager_.thread_local_cluster_.cluster_.info_->statsScope() - .counterFromString("thrift.upstream_rq_call") - .value()); - EXPECT_EQ(1UL, context_.cluster_manager_.thread_local_cluster_.cluster_.info_->statsScope() - .counterFromString("thrift.upstream_resp_reply") - .value()); - EXPECT_EQ(1UL, context_.cluster_manager_.thread_local_cluster_.cluster_.info_->statsScope() - .counterFromString("thrift.upstream_resp_success") - .value()); } // Test the case where an upgrade will occur, but the conn pool @@ -1022,6 +1034,15 @@ TEST_P(ThriftRouterFieldTypeTest, CallWithUpstreamRqTime) { EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_reply")); EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_success")); + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_rq_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_rq_size"), _)); + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_resp_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_resp_size"), _)); + startRequest(MessageType::Call); connectUpstream(); sendTrivialStruct(field_type); @@ -1297,6 +1318,39 @@ TEST_P(ThriftRouterPassthroughTest, PassthroughEnable) { ConnectionPool::PoolFailureReason::RemoteConnectionFailure); } +TEST_F(ThriftRouterTest, RequestResponseSize) { + initializeRouter(); + + Stats::MockStore cluster_scope; + ON_CALL(*context_.cluster_manager_.thread_local_cluster_.cluster_.info_, statsScope()) + .WillByDefault(ReturnRef(cluster_scope)); + + EXPECT_CALL(cluster_scope, counter("thrift.upstream_rq_call")).Times(AtLeast(1)); + EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_reply")).Times(AtLeast(1)); + EXPECT_CALL(cluster_scope, counter("thrift.upstream_resp_success")).Times(AtLeast(1)); + + EXPECT_CALL(cluster_scope, + histogram("thrift.upstream_rq_time", Stats::Histogram::Unit::Milliseconds)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_rq_time"), _)); + + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_rq_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_rq_size"), _)); + EXPECT_CALL(cluster_scope, histogram("thrift.upstream_resp_size", Stats::Histogram::Unit::Bytes)); + EXPECT_CALL(cluster_scope, + deliverHistogramToSinks( + testing::Property(&Stats::Metric::name, "thrift.upstream_resp_size"), _)); + + startRequestWithExistingConnection(MessageType::Call); + sendTrivialStruct(FieldType::I32); + completeRequest(); + returnResponse(); + destroyRouter(); +} + } // namespace Router } // namespace ThriftProxy } // namespace NetworkFilters diff --git a/test/extensions/filters/network/thrift_proxy/thrift_object_impl_test.cc b/test/extensions/filters/network/thrift_proxy/thrift_object_impl_test.cc index a79d30505644..9d9a206c1f87 100644 --- a/test/extensions/filters/network/thrift_proxy/thrift_object_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/thrift_object_impl_test.cc @@ -1,6 +1,5 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/thrift_object_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/thrift_object_impl.h" #include "test/extensions/filters/network/thrift_proxy/mocks.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/translation_integration_test.cc b/test/extensions/filters/network/thrift_proxy/translation_integration_test.cc index 0c50426b0fef..9bead20a44ba 100644 --- a/test/extensions/filters/network/thrift_proxy/translation_integration_test.cc +++ b/test/extensions/filters/network/thrift_proxy/translation_integration_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" -#include "extensions/filters/network/well_known_names.h" +#include "source/extensions/filters/network/well_known_names.h" #include "test/extensions/filters/network/thrift_proxy/integration.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" diff --git a/test/extensions/filters/network/thrift_proxy/twitter_protocol_impl_test.cc b/test/extensions/filters/network/thrift_proxy/twitter_protocol_impl_test.cc index 061fbe1ddb1b..266991ccade2 100644 --- a/test/extensions/filters/network/thrift_proxy/twitter_protocol_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/twitter_protocol_impl_test.cc @@ -2,10 +2,9 @@ #include "envoy/common/exception.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/framed_transport_impl.h" -#include "extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/framed_transport_impl.h" +#include "source/extensions/filters/network/thrift_proxy/twitter_protocol_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/unframed_transport_impl_test.cc b/test/extensions/filters/network/thrift_proxy/unframed_transport_impl_test.cc index 48097a6f1c2a..76a23f643c8b 100644 --- a/test/extensions/filters/network/thrift_proxy/unframed_transport_impl_test.cc +++ b/test/extensions/filters/network/thrift_proxy/unframed_transport_impl_test.cc @@ -1,6 +1,5 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/thrift_proxy/unframed_transport_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/thrift_proxy/unframed_transport_impl.h" #include "test/extensions/filters/network/thrift_proxy/utility.h" #include "test/test_common/printers.h" diff --git a/test/extensions/filters/network/thrift_proxy/utility.h b/test/extensions/filters/network/thrift_proxy/utility.h index e19bfdf869e5..a19f9ef1b057 100644 --- a/test/extensions/filters/network/thrift_proxy/utility.h +++ b/test/extensions/filters/network/thrift_proxy/utility.h @@ -4,10 +4,9 @@ #include "envoy/extensions/filters/network/thrift_proxy/v3/thrift_proxy.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/byte_order.h" - -#include "extensions/filters/network/thrift_proxy/thrift.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/byte_order.h" +#include "source/extensions/filters/network/thrift_proxy/thrift.h" #include "test/common/buffer/utility.h" diff --git a/test/extensions/filters/network/wasm/config_test.cc b/test/extensions/filters/network/wasm/config_test.cc index 103068ba279a..c7bb849f8ae6 100644 --- a/test/extensions/filters/network/wasm/config_test.cc +++ b/test/extensions/filters/network/wasm/config_test.cc @@ -1,12 +1,11 @@ #include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" -#include "common/common/base64.h" -#include "common/common/hex.h" -#include "common/crypto/utility.h" - -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/network/wasm/config.h" -#include "extensions/filters/network/wasm/wasm_filter.h" +#include "source/common/common/base64.h" +#include "source/common/common/hex.h" +#include "source/common/crypto/utility.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/network/wasm/config.h" +#include "source/extensions/filters/network/wasm/wasm_filter.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/server/mocks.h" diff --git a/test/extensions/filters/network/wasm/test_data/BUILD b/test/extensions/filters/network/wasm/test_data/BUILD index 02fbb6028c22..fa78e6e3ce84 100644 --- a/test/extensions/filters/network/wasm/test_data/BUILD +++ b/test/extensions/filters/network/wasm/test_data/BUILD @@ -42,7 +42,6 @@ envoy_cc_library( "//source/common/common:c_smart_ptr_lib", "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", ], ) diff --git a/test/extensions/filters/network/wasm/wasm_filter_test.cc b/test/extensions/filters/network/wasm/wasm_filter_test.cc index f0ab34939501..4203cc9de8fc 100644 --- a/test/extensions/filters/network/wasm/wasm_filter_test.cc +++ b/test/extensions/filters/network/wasm/wasm_filter_test.cc @@ -1,8 +1,8 @@ #include "envoy/network/transport_socket.h" #include "envoy/server/lifecycle_notifier.h" -#include "extensions/common/wasm/wasm.h" -#include "extensions/filters/network/wasm/wasm_filter.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/filters/network/wasm/wasm_filter.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/filters/network/zookeeper_proxy/config_test.cc b/test/extensions/filters/network/zookeeper_proxy/config_test.cc index b133a8f5075b..e88dbacd1ab0 100644 --- a/test/extensions/filters/network/zookeeper_proxy/config_test.cc +++ b/test/extensions/filters/network/zookeeper_proxy/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.h" #include "envoy/extensions/filters/network/zookeeper_proxy/v3/zookeeper_proxy.pb.validate.h" -#include "extensions/filters/network/zookeeper_proxy/config.h" +#include "source/extensions/filters/network/zookeeper_proxy/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/network/zookeeper_proxy/filter_test.cc b/test/extensions/filters/network/zookeeper_proxy/filter_test.cc index 3a6eefd8e28b..fec443f62bf4 100644 --- a/test/extensions/filters/network/zookeeper_proxy/filter_test.cc +++ b/test/extensions/filters/network/zookeeper_proxy/filter_test.cc @@ -1,7 +1,6 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/zookeeper_proxy/decoder.h" -#include "extensions/filters/network/zookeeper_proxy/filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/zookeeper_proxy/decoder.h" +#include "source/extensions/filters/network/zookeeper_proxy/filter.h" #include "test/mocks/network/mocks.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_fuzz_test.cc b/test/extensions/filters/udp/dns_filter/dns_filter_fuzz_test.cc index 193173020d69..5963d50ebf1a 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_fuzz_test.cc +++ b/test/extensions/filters/udp/dns_filter/dns_filter_fuzz_test.cc @@ -1,6 +1,5 @@ -#include "common/common/logger.h" - -#include "extensions/filters/udp/dns_filter/dns_filter.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter.h" #include "test/fuzz/fuzz_runner.h" #include "test/fuzz/utility.h" diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_integration_test.cc b/test/extensions/filters/udp/dns_filter/dns_filter_integration_test.cc index ec160f1a584a..e520062aba74 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_integration_test.cc +++ b/test/extensions/filters/udp/dns_filter/dns_filter_integration_test.cc @@ -1,6 +1,6 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "extensions/filters/udp/dns_filter/dns_filter.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter.h" #include "test/integration/integration.h" #include "test/test_common/network_utility.h" @@ -88,18 +88,22 @@ reuse_port: true stat_prefix: "my_prefix" client_config: resolver_timeout: 1s - upstream_resolvers: - - socket_address: - address: {} - port_value: {} + dns_resolution_config: + resolvers: + - socket_address: + address: {} + port_value: {} + dns_resolver_options: + use_tcp_for_dns_lookups: false + no_default_search_domain: false max_pending_lookups: 256 server_config: inline_dns_table: external_retry_count: 0 - known_suffixes: - - suffix: "foo1.com" - - suffix: "cluster_0" virtual_domains: + - name: "im_just_here_so_coverage_doesnt_fail.foo1.com" + endpoint: + cluster_name: "cluster_0" - name: "www.foo1.com" endpoint: address_list: @@ -153,8 +157,6 @@ name: listener_1 server_config: inline_dns_table: external_retry_count: 0 - known_suffixes: - - suffix: "google.com" virtual_domains: - name: "www.google.com" endpoint: diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_test.cc b/test/extensions/filters/udp/dns_filter/dns_filter_test.cc index c4e0ca81177a..28a2c6fac665 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_test.cc +++ b/test/extensions/filters/udp/dns_filter/dns_filter_test.cc @@ -1,10 +1,9 @@ #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.validate.h" -#include "common/common/logger.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_constants.h" -#include "extensions/filters/udp/dns_filter/dns_filter_utils.h" +#include "source/common/common/logger.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_constants.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_utils.h" #include "test/mocks/event/mocks.h" #include "test/mocks/server/instance.h" @@ -18,6 +17,7 @@ using testing::AnyNumber; using testing::AtLeast; +using testing::DoAll; using testing::InSequence; using testing::Mock; using testing::Return; @@ -77,7 +77,8 @@ class DnsFilterTest : public testing::Test, public Event::TestUsingSimulatedTime ON_CALL(listener_factory_, random()).WillByDefault(ReturnRef(random_)); resolver_ = std::make_shared(); - ON_CALL(dispatcher_, createDnsResolver(_, _)).WillByDefault(Return(resolver_)); + ON_CALL(dispatcher_, createDnsResolver(_, _)) + .WillByDefault(DoAll(SaveArg<1>(&dns_resolver_options_), Return(resolver_))); config_ = std::make_shared(listener_factory_, config); filter_ = std::make_unique(callbacks_, config_); @@ -93,6 +94,7 @@ class DnsFilterTest : public testing::Test, public Event::TestUsingSimulatedTime } const Network::Address::InstanceConstSharedPtr listener_address_; + envoy::config::core::v3::DnsResolverOptions dns_resolver_options_; NiceMock random_; Api::ApiPtr api_; DnsFilterEnvoyConfigSharedPtr config_; @@ -117,12 +119,6 @@ stat_prefix: "my_prefix" server_config: inline_dns_table: external_retry_count: 3 - known_suffixes: - - suffix: foo1.com - - suffix: foo2.com - - suffix: foo3.com - - suffix: foo16.com - - suffix: thisismydomainforafivehundredandtwelvebytetest.com virtual_domains: - name: "www.foo1.com" endpoint: @@ -180,23 +176,21 @@ stat_prefix: "my_prefix" stat_prefix: "my_prefix" client_config: resolver_timeout: 1s - upstream_resolvers: - - socket_address: - address: "1.1.1.1" - port_value: 53 - - socket_address: - address: "8.8.8.8" - port_value: 53 - - socket_address: - address: "8.8.4.4" - port_value: 53 + dns_resolution_config: + resolvers: + - socket_address: + address: "1.1.1.1" + port_value: 53 + - socket_address: + address: "8.8.8.8" + port_value: 53 + - socket_address: + address: "8.8.4.4" + port_value: 53 max_pending_lookups: 1 server_config: inline_dns_table: external_retry_count: 0 - known_suffixes: - - suffix: foo1.com - - suffix: foo2.com virtual_domains: - name: "www.foo1.com" endpoint: @@ -209,10 +203,62 @@ stat_prefix: "my_prefix" stat_prefix: "my_prefix" client_config: resolver_timeout: 1s - upstream_resolvers: - - socket_address: - address: "1.1.1.1" - port_value: 53 + dns_resolution_config: + resolvers: + - socket_address: + address: "1.1.1.1" + port_value: 53 + max_pending_lookups: 256 +server_config: + external_dns_table: + filename: {} +)EOF"; + + const std::string dns_resolver_options_config_not_set = R"EOF( +stat_prefix: "my_prefix" +client_config: + resolver_timeout: 1s + dns_resolution_config: + resolvers: + - socket_address: + address: "1.1.1.1" + port_value: 53 + max_pending_lookups: 256 +server_config: + external_dns_table: + filename: {} +)EOF"; + + const std::string dns_resolver_options_config_set_false = R"EOF( +stat_prefix: "my_prefix" +client_config: + resolver_timeout: 1s + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: false + no_default_search_domain: false + resolvers: + - socket_address: + address: "1.1.1.1" + port_value: 53 + max_pending_lookups: 256 +server_config: + external_dns_table: + filename: {} +)EOF"; + + const std::string dns_resolver_options_config_set_true = R"EOF( +stat_prefix: "my_prefix" +client_config: + resolver_timeout: 1s + dns_resolution_config: + dns_resolver_options: + use_tcp_for_dns_lookups: true + no_default_search_domain: true + resolvers: + - socket_address: + address: "1.1.1.1" + port_value: 53 max_pending_lookups: 256 server_config: external_dns_table: @@ -222,7 +268,6 @@ stat_prefix: "my_prefix" const std::string external_dns_table_json = R"EOF( { "external_retry_count": 3, - "known_suffixes": [ { "suffix": "com" } ], "virtual_domains": [ { "name": "www.external_foo1.com", @@ -242,8 +287,6 @@ stat_prefix: "my_prefix" const std::string external_dns_table_yaml = R"EOF( external_retry_count: 3 -known_suffixes: - - suffix: "com" virtual_domains: - name: "www.external_foo1.com" endpoint: @@ -269,8 +312,6 @@ external_retry_count: 3 const std::string max_records_table_yaml = R"EOF( external_retry_count: 3 -known_suffixes: - - suffix: "ermac.com" virtual_domains: - name: "one.web.ermac.com" endpoint: @@ -333,8 +374,6 @@ external_retry_count: 3 const std::string external_dns_table_services_yaml = R"EOF( external_retry_count: 3 -known_suffixes: - - suffix: "subzero.com" virtual_domains: - name: "primary.voip.subzero.com" endpoint: @@ -534,6 +573,33 @@ TEST_F(DnsFilterTest, SingleTypeAQuery) { EXPECT_TRUE(config_->stats().downstream_tx_bytes_.used()); } +TEST_F(DnsFilterTest, NoHostForSingleTypeAQuery) { + InSequence s; + + setup(forward_query_off_config); + + const std::string domain("www.api.foo3.com"); + const std::string query = + Utils::buildQueryForDomain(domain, DNS_RECORD_TYPE_A, DNS_RECORD_CLASS_IN); + ASSERT_FALSE(query.empty()); + + sendQueryFromClient("10.0.0.1:1000", query); + + query_ctx_ = response_parser_->createQueryContext(udp_response_, counters_); + EXPECT_TRUE(query_ctx_->parse_status_); + + EXPECT_EQ(DNS_RESPONSE_CODE_NAME_ERROR, query_ctx_->getQueryResponseCode()); + EXPECT_EQ(0, query_ctx_->answers_.size()); + + // Validate stats + EXPECT_EQ(1, config_->stats().downstream_rx_queries_.value()); + EXPECT_EQ(1, config_->stats().known_domain_queries_.value()); + EXPECT_EQ(0, config_->stats().local_a_record_answers_.value()); + EXPECT_EQ(1, config_->stats().a_record_queries_.value()); + EXPECT_TRUE(config_->stats().downstream_rx_bytes_.used()); + EXPECT_TRUE(config_->stats().downstream_tx_bytes_.used()); +} + TEST_F(DnsFilterTest, RepeatedTypeAQuerySuccess) { InSequence s; @@ -2034,6 +2100,80 @@ TEST_F(DnsFilterTest, SrvQueryMaxRecords) { EXPECT_LT(exact_matches, hosts.size()); } +TEST_F(DnsFilterTest, DnsResolverOptionsNotSet) { + InSequence s; + + std::string temp_path = + TestEnvironment::writeStringToFileForTest("dns_table.yaml", max_records_table_yaml); + std::string config_to_use = fmt::format(dns_resolver_options_config_not_set, temp_path); + setup(config_to_use); + // `false` here means use_tcp_for_dns_lookups is not set via dns filter config + EXPECT_EQ(false, dns_resolver_options_.use_tcp_for_dns_lookups()); + // `false` here means no_default_search_domain is not set via dns filter config + EXPECT_EQ(false, dns_resolver_options_.no_default_search_domain()); +} + +TEST_F(DnsFilterTest, DnsResolverOptionsSetTrue) { + InSequence s; + + std::string temp_path = + TestEnvironment::writeStringToFileForTest("dns_table.yaml", max_records_table_yaml); + std::string config_to_use = fmt::format(dns_resolver_options_config_set_true, temp_path); + setup(config_to_use); + + // `true` here means use_tcp_for_dns_lookups is set true + EXPECT_EQ(true, dns_resolver_options_.use_tcp_for_dns_lookups()); + // `true` here means no_default_search_domain is set true + EXPECT_EQ(true, dns_resolver_options_.no_default_search_domain()); +} + +TEST_F(DnsFilterTest, DnsResolverOptionsSetFalse) { + InSequence s; + + std::string temp_path = + TestEnvironment::writeStringToFileForTest("dns_table.yaml", max_records_table_yaml); + std::string config_to_use = fmt::format(dns_resolver_options_config_set_false, temp_path); + setup(config_to_use); + + // `false` here means use_tcp_for_dns_lookups is set true + EXPECT_EQ(false, dns_resolver_options_.use_tcp_for_dns_lookups()); + // `false` here means no_default_search_domain is set true + EXPECT_EQ(false, dns_resolver_options_.no_default_search_domain()); +} + +TEST_F(DnsFilterTest, DEPRECATED_FEATURE_TEST(DeprecatedKnownSuffixes)) { + InSequence s; + + const std::string config_using_known_suffixes = R"EOF( +stat_prefix: "my_prefix" +server_config: + inline_dns_table: + external_retry_count: 0 + known_suffixes: + - suffix: "foo1.com" + virtual_domains: + - name: "www.foo1.com" + endpoint: + address_list: + address: + - "10.0.0.1" +)EOF"; + setup(config_using_known_suffixes); + + const std::string query = + Utils::buildQueryForDomain("www.foo1.com", DNS_RECORD_TYPE_A, DNS_RECORD_CLASS_IN); + ASSERT_FALSE(query.empty()); + sendQueryFromClient("10.0.0.1:1000", query); + + query_ctx_ = response_parser_->createQueryContext(udp_response_, counters_); + EXPECT_TRUE(query_ctx_->parse_status_); + EXPECT_EQ(DNS_RESPONSE_CODE_NO_ERROR, query_ctx_->getQueryResponseCode()); + + // Validate stats + EXPECT_EQ(1, config_->stats().downstream_rx_queries_.value()); + EXPECT_EQ(1, config_->stats().known_domain_queries_.value()); +} + } // namespace } // namespace DnsFilter } // namespace UdpFilters diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.cc b/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.cc index b6a50496a7f3..e6226227a615 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.cc +++ b/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.cc @@ -1,6 +1,6 @@ #include "dns_filter_test_utils.h" -#include "common/common/random_generator.h" +#include "source/common/common/random_generator.h" #include "test/test_common/utility.h" diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.h b/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.h index 378abbe43186..c0d2aea78514 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.h +++ b/test/extensions/filters/udp/dns_filter/dns_filter_test_utils.h @@ -1,7 +1,7 @@ #pragma once -#include "extensions/filters/udp/dns_filter/dns_filter.h" -#include "extensions/filters/udp/dns_filter/dns_filter_constants.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_constants.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/filters/udp/dns_filter/dns_filter_utils_test.cc b/test/extensions/filters/udp/dns_filter/dns_filter_utils_test.cc index f891e0f8402f..0416435dce46 100644 --- a/test/extensions/filters/udp/dns_filter/dns_filter_utils_test.cc +++ b/test/extensions/filters/udp/dns_filter/dns_filter_utils_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.h" #include "envoy/extensions/filters/udp/dns_filter/v3alpha/dns_filter.pb.validate.h" -#include "common/network/address_impl.h" - -#include "extensions/filters/udp/dns_filter/dns_filter_utils.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/filters/udp/dns_filter/dns_filter_utils.h" #include "test/test_common/environment.h" @@ -100,6 +99,26 @@ TEST_F(DnsFilterUtilsTest, GetAddressRecordTypeTest) { EXPECT_EQ(addr_type.value(), DNS_RECORD_TYPE_A); } +TEST_F(DnsFilterUtilsTest, GetDomainSuffixTest) { + struct DomainSuffixTestData { + const std::string domain; + const std::string expected_suffix; + } suffix_data[] = { + {"_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.utelsystems.local", + "utelsystems.local"}, + {"primary.voip.subzero.com", "subzero.com"}, + {"subzero.com", "subzero.com"}, + {"subzero", "subzero"}, + {".com", "com"}, + {"", ""}, + }; + + for (auto& ptr : suffix_data) { + const absl::string_view result = Utils::getDomainSuffix(ptr.domain); + EXPECT_EQ(ptr.expected_suffix, result); + } +} + } // namespace } // namespace Utils } // namespace DnsFilter diff --git a/test/extensions/filters/udp/udp_proxy/hash_policy_impl_test.cc b/test/extensions/filters/udp/udp_proxy/hash_policy_impl_test.cc index 5090f38f09ef..c9e739d22c62 100644 --- a/test/extensions/filters/udp/udp_proxy/hash_policy_impl_test.cc +++ b/test/extensions/filters/udp/udp_proxy/hash_policy_impl_test.cc @@ -2,10 +2,9 @@ #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" -#include "common/common/hash.h" -#include "common/network/utility.h" - -#include "extensions/filters/udp/udp_proxy/hash_policy_impl.h" +#include "source/common/common/hash.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/udp/udp_proxy/hash_policy_impl.h" #include "gtest/gtest.h" diff --git a/test/extensions/filters/udp/udp_proxy/udp_proxy_filter_test.cc b/test/extensions/filters/udp/udp_proxy/udp_proxy_filter_test.cc index ddcb11b89157..8e56df53c6ce 100644 --- a/test/extensions/filters/udp/udp_proxy/udp_proxy_filter_test.cc +++ b/test/extensions/filters/udp/udp_proxy/udp_proxy_filter_test.cc @@ -1,11 +1,10 @@ #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.h" #include "envoy/extensions/filters/udp/udp_proxy/v3/udp_proxy.pb.validate.h" -#include "common/common/hash.h" -#include "common/network/socket_impl.h" -#include "common/network/socket_option_impl.h" - -#include "extensions/filters/udp/udp_proxy/udp_proxy_filter.h" +#include "source/common/common/hash.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/socket_option_impl.h" +#include "source/extensions/filters/udp/udp_proxy/udp_proxy_filter.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/socket.h" @@ -105,7 +104,11 @@ class UdpProxyFilterTest : public testing::Test { if (parent_.expect_gro_) { EXPECT_CALL(*socket_->io_handle_, supportsUdpGro()); } - EXPECT_CALL(*socket_->io_handle_, supportsMmsg()); + EXPECT_CALL(*socket_->io_handle_, supportsMmsg()) + .Times(Runtime::runtimeFeatureEnabled( + "envoy.reloadable_features.udp_per_event_loop_read_limit") + ? 2u + : 1u); // Return the datagram. EXPECT_CALL(*socket_->io_handle_, recvmsg(_, 1, _, _)) .WillOnce( @@ -136,9 +139,6 @@ class UdpProxyFilterTest : public testing::Test { } })); // Return an EAGAIN result. - if (parent_.expect_gro_) { - EXPECT_CALL(*socket_->io_handle_, supportsUdpGro()); - } EXPECT_CALL(*socket_->io_handle_, supportsMmsg()); EXPECT_CALL(*socket_->io_handle_, recvmsg(_, 1, _, _)) .WillOnce(Return(ByMove(Api::IoCallUint64Result( diff --git a/test/extensions/filters/udp/udp_proxy/udp_proxy_integration_test.cc b/test/extensions/filters/udp/udp_proxy/udp_proxy_integration_test.cc index f5fe3ee7b23b..896359c9a837 100644 --- a/test/extensions/filters/udp/udp_proxy/udp_proxy_integration_test.cc +++ b/test/extensions/filters/udp/udp_proxy/udp_proxy_integration_test.cc @@ -143,7 +143,7 @@ TEST_P(UdpProxyIntegrationTest, DownstreamDrop) { fmt::format("tcp://{}:{}", Network::Test::getLoopbackAddressUrlString(version_), port)); Network::Test::UdpSyncPeer client(version_); const uint64_t large_datagram_size = - (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_GRO_RECEIVE) + 1024; + (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_RECEIVE) + 1024; client.write(std::string(large_datagram_size, 'a'), *listener_address); if (GetParam() == Network::Address::IpVersion::v4) { test_server_->waitForCounterEq("listener.0.0.0.0_0.udp.downstream_rx_datagram_dropped", 1); @@ -166,7 +166,7 @@ TEST_P(UdpProxyIntegrationTest, UpstreamDrop) { EXPECT_EQ("hello", request_datagram.buffer_->toString()); const uint64_t large_datagram_size = - (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_GRO_RECEIVE) + 1024; + (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_RECEIVE) + 1024; fake_upstreams_[0]->sendUdpDatagram(std::string(large_datagram_size, 'a'), request_datagram.addresses_.peer_); test_server_->waitForCounterEq("cluster.cluster_0.udp.sess_rx_datagrams_dropped", 1); @@ -176,9 +176,9 @@ TEST_P(UdpProxyIntegrationTest, UpstreamDrop) { TEST_P(UdpProxyIntegrationTest, LargePacketSizesOnLoopback) { // The following tests large packets end to end. We use a size larger than // the default GRO receive buffer size of - // DEFAULT_UDP_MAX_DATAGRAM_SIZE x NUM_DATAGRAMS_PER_GRO_RECEIVE. + // DEFAULT_UDP_MAX_DATAGRAM_SIZE x NUM_DATAGRAMS_PER_RECEIVE. const uint64_t max_rx_datagram_size = - (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_GRO_RECEIVE) + 1024; + (Network::DEFAULT_UDP_MAX_DATAGRAM_SIZE * Network::NUM_DATAGRAMS_PER_RECEIVE) + 1024; setup(1, max_rx_datagram_size); const uint32_t port = lookupPort("listener_0"); const auto listener_address = Network::Utility::resolveUrl( diff --git a/test/extensions/formatter/req_without_query/BUILD b/test/extensions/formatter/req_without_query/BUILD new file mode 100644 index 000000000000..cc480a370334 --- /dev/null +++ b/test/extensions/formatter/req_without_query/BUILD @@ -0,0 +1,28 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) +load( + "//test/extensions:extensions_build_system.bzl", + "envoy_extension_cc_test", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_extension_cc_test( + name = "req_without_query_test", + srcs = ["req_without_query_test.cc"], + extension_name = "envoy.formatter.req_without_query", + deps = [ + "//source/common/formatter:substitution_formatter_lib", + "//source/common/json:json_loader_lib", + "//source/extensions/formatter/req_without_query:config", + "//source/extensions/formatter/req_without_query:req_without_query_lib", + "//test/mocks/server:factory_context_mocks", + "//test/mocks/stream_info:stream_info_mocks", + "//test/test_common:test_runtime_lib", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", + ], +) diff --git a/test/extensions/formatter/req_without_query/req_without_query_test.cc b/test/extensions/formatter/req_without_query/req_without_query_test.cc new file mode 100644 index 000000000000..e4a1695625be --- /dev/null +++ b/test/extensions/formatter/req_without_query/req_without_query_test.cc @@ -0,0 +1,168 @@ +#include "envoy/config/core/v3/substitution_format_string.pb.validate.h" + +#include "source/common/formatter/substitution_format_string.h" +#include "source/common/formatter/substitution_formatter.h" + +#include "test/mocks/server/factory_context.h" +#include "test/mocks/stream_info/mocks.h" +#include "test/test_common/utility.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +namespace Envoy { +namespace Extensions { +namespace Formatter { + +class ReqWithoutQueryTest : public ::testing::Test { +public: + Http::TestRequestHeaderMapImpl request_headers_{ + {":method", "GET"}, + {":path", "/request/path?secret=parameter"}, + {"x-envoy-original-path", "/original/path?secret=parameter"}}; + Http::TestResponseHeaderMapImpl response_headers_; + Http::TestResponseTrailerMapImpl response_trailers_; + StreamInfo::MockStreamInfo stream_info_; + std::string body_; + + envoy::config::core::v3::SubstitutionFormatString config_; + NiceMock context_; +}; + +TEST_F(ReqWithoutQueryTest, TestStripQueryString) { + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%REQ_WITHOUT_QUERY(:PATH)%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + EXPECT_EQ("/request/path", formatter->format(request_headers_, response_headers_, + response_trailers_, stream_info_, body_)); +} + +TEST_F(ReqWithoutQueryTest, TestSelectMainHeader) { + + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%REQ_WITHOUT_QUERY(X-ENVOY-ORIGINAL-PATH?:PATH)%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + EXPECT_EQ("/original/path", formatter->format(request_headers_, response_headers_, + response_trailers_, stream_info_, body_)); +} + +TEST_F(ReqWithoutQueryTest, TestSelectAlternativeHeader) { + + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%REQ_WITHOUT_QUERY(X-NON-EXISTING-HEADER?:PATH)%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + EXPECT_EQ("/request/path", formatter->format(request_headers_, response_headers_, + response_trailers_, stream_info_, body_)); +} + +TEST_F(ReqWithoutQueryTest, TestTruncateHeader) { + + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%REQ_WITHOUT_QUERY(:PATH):5%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + EXPECT_EQ("/requ", formatter->format(request_headers_, response_headers_, response_trailers_, + stream_info_, body_)); +} + +TEST_F(ReqWithoutQueryTest, TestNonExistingHeader) { + + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%REQ_WITHOUT_QUERY(does-not-exist)%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + EXPECT_EQ("-", formatter->format(request_headers_, response_headers_, response_trailers_, + stream_info_, body_)); +} + +TEST_F(ReqWithoutQueryTest, TestFormatJson) { + const std::string yaml = R"EOF( + json_format: + no_query: "%REQ_WITHOUT_QUERY(:PATH)%" + select_main_header: "%REQ_WITHOUT_QUERY(X-ENVOY-ORIGINAL-PATH?:PATH)%" + select_alt_header: "%REQ_WITHOUT_QUERY(X-NON-EXISTING-HEADER?:PATH)%" + truncate: "%REQ_WITHOUT_QUERY(:PATH):5%" + does_not_exist: "%REQ_WITHOUT_QUERY(does-not-exist)%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + const std::string expected = R"EOF({ + "no_query": "/request/path", + "select_main_header": "/original/path", + "select_alt_header": "/request/path", + "truncate": "/requ", + "does_not_exist": null +})EOF"; + + TestUtility::loadFromYaml(yaml, config_); + auto formatter = + Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_); + const std::string actual = formatter->format(request_headers_, response_headers_, + response_trailers_, stream_info_, body_); + EXPECT_TRUE(TestUtility::jsonStringEqual(actual, expected)); +} + +TEST_F(ReqWithoutQueryTest, TestParserNotRecognizingCommand) { + + const std::string yaml = R"EOF( + text_format_source: + inline_string: "%COMMAND_THAT_DOES_NOT_EXIST()%" + formatters: + - name: envoy.formatter.req_without_query + typed_config: + "@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery +)EOF"; + TestUtility::loadFromYaml(yaml, config_); + + EXPECT_THROW(Envoy::Formatter::SubstitutionFormatStringUtils::fromProtoConfig(config_, context_), + EnvoyException); +} + +} // namespace Formatter +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/grpc_credentials/aws_iam/BUILD b/test/extensions/grpc_credentials/aws_iam/BUILD index 4c9b6e7f22bf..392ffda32ac9 100644 --- a/test/extensions/grpc_credentials/aws_iam/BUILD +++ b/test/extensions/grpc_credentials/aws_iam/BUILD @@ -14,7 +14,6 @@ envoy_cc_test( srcs = envoy_select_google_grpc(["aws_iam_grpc_credentials_test.cc"]), data = ["//test/config/integration/certs"], deps = [ - "//source/extensions/grpc_credentials:well_known_names", "//source/extensions/grpc_credentials/aws_iam:config", "//test/common/grpc:grpc_client_integration_test_harness_lib", "//test/integration:integration_lib", diff --git a/test/extensions/grpc_credentials/aws_iam/aws_iam_grpc_credentials_test.cc b/test/extensions/grpc_credentials/aws_iam/aws_iam_grpc_credentials_test.cc index 6a5852bb9a1a..e5d0768530c7 100644 --- a/test/extensions/grpc_credentials/aws_iam/aws_iam_grpc_credentials_test.cc +++ b/test/extensions/grpc_credentials/aws_iam/aws_iam_grpc_credentials_test.cc @@ -1,11 +1,9 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/aws_iam.pb.h" -#include "common/common/fmt.h" -#include "common/common/utility.h" -#include "common/grpc/google_async_client_impl.h" - -#include "extensions/grpc_credentials/well_known_names.h" +#include "source/common/common/fmt.h" +#include "source/common/common/utility.h" +#include "source/common/grpc/google_async_client_impl.h" #include "test/common/grpc/grpc_client_integration_test_harness.h" #include "test/integration/fake_upstream.h" @@ -122,7 +120,7 @@ TEST_P(GrpcAwsIamClientIntegrationTest, AwsIamGrpcAuth_ConfigRegion) { service_name_ = "test_service"; region_name_ = "test_region_static"; region_location_ = RegionLocation::InConfig; - credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AwsIam; + credentials_factory_name_ = "envoy.grpc_credentials.aws_iam"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -134,7 +132,7 @@ TEST_P(GrpcAwsIamClientIntegrationTest, AwsIamGrpcAuth_EnvRegion) { service_name_ = "test_service"; region_name_ = "test_region_env"; region_location_ = RegionLocation::InEnvironment; - credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AwsIam; + credentials_factory_name_ = "envoy.grpc_credentials.aws_iam"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -146,14 +144,14 @@ TEST_P(GrpcAwsIamClientIntegrationTest, AwsIamGrpcAuth_NoRegion) { service_name_ = "test_service"; region_name_ = "test_region_env"; region_location_ = RegionLocation::NotProvided; - credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AwsIam; + credentials_factory_name_ = "envoy.grpc_credentials.aws_iam"; EXPECT_THROW_WITH_REGEX(initialize();, EnvoyException, "AWS region"); } TEST_P(GrpcAwsIamClientIntegrationTest, AwsIamGrpcAuth_UnexpectedCallCredentials) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); call_credentials_ = CallCredentials::AccessToken; - credentials_factory_name_ = Extensions::GrpcCredentials::GrpcCredentialsNames::get().AwsIam; + credentials_factory_name_ = "envoy.grpc_credentials.aws_iam"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); diff --git a/test/extensions/grpc_credentials/file_based_metadata/BUILD b/test/extensions/grpc_credentials/file_based_metadata/BUILD index 8ccb3fe5b848..2c711ca2dda7 100644 --- a/test/extensions/grpc_credentials/file_based_metadata/BUILD +++ b/test/extensions/grpc_credentials/file_based_metadata/BUILD @@ -14,7 +14,6 @@ envoy_cc_test( srcs = ["integration_test.cc"], data = ["//test/config/integration/certs"], deps = [ - "//source/extensions/grpc_credentials:well_known_names", "//source/extensions/grpc_credentials/file_based_metadata:config", "//test/common/grpc:grpc_client_integration_test_harness_lib", "//test/integration:integration_lib", diff --git a/test/extensions/grpc_credentials/file_based_metadata/integration_test.cc b/test/extensions/grpc_credentials/file_based_metadata/integration_test.cc index 416059bdb7e6..f47cb58056a5 100644 --- a/test/extensions/grpc_credentials/file_based_metadata/integration_test.cc +++ b/test/extensions/grpc_credentials/file_based_metadata/integration_test.cc @@ -3,11 +3,9 @@ #include "envoy/config/core/v3/grpc_service.pb.h" #include "envoy/config/grpc_credential/v3/file_based_metadata.pb.h" -#include "common/common/fmt.h" -#include "common/grpc/google_async_client_impl.h" - -#include "extensions/grpc_credentials/file_based_metadata/config.h" -#include "extensions/grpc_credentials/well_known_names.h" +#include "source/common/common/fmt.h" +#include "source/common/grpc/google_async_client_impl.h" +#include "source/extensions/grpc_credentials/file_based_metadata/config.h" #include "test/common/grpc/grpc_client_integration_test_harness.h" #include "test/integration/fake_upstream.h" @@ -90,8 +88,7 @@ TEST_P(GrpcFileBasedMetadataClientIntegrationTest, FileBasedMetadataGrpcAuthRequ header_key_1_ = "header1"; header_prefix_1_ = "prefix1"; header_value_1_ = "secretvalue"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().FileBasedMetadata; + credentials_factory_name_ = "envoy.grpc_credentials.file_based_metadata"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -105,8 +102,7 @@ TEST_P(GrpcFileBasedMetadataClientIntegrationTest, DoubleFileBasedMetadataGrpcAu header_prefix_1_ = "prefix1"; header_value_1_ = "secretvalue"; header_value_2_ = "secret2"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().FileBasedMetadata; + credentials_factory_name_ = "envoy.grpc_credentials.file_based_metadata"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -116,8 +112,7 @@ TEST_P(GrpcFileBasedMetadataClientIntegrationTest, DoubleFileBasedMetadataGrpcAu // Validate that FileBasedMetadata auth plugin works without a config loaded TEST_P(GrpcFileBasedMetadataClientIntegrationTest, EmptyFileBasedMetadataGrpcAuthRequest) { SKIP_IF_GRPC_CLIENT(ClientType::EnvoyGrpc); - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().FileBasedMetadata; + credentials_factory_name_ = "envoy.grpc_credentials.file_based_metadata"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); @@ -131,8 +126,7 @@ TEST_P(GrpcFileBasedMetadataClientIntegrationTest, ExtraConfigFileBasedMetadataG header_key_1_ = "header1"; header_prefix_1_ = "prefix1"; header_value_1_ = "secretvalue"; - credentials_factory_name_ = - Extensions::GrpcCredentials::GrpcCredentialsNames::get().FileBasedMetadata; + credentials_factory_name_ = "envoy.grpc_credentials.file_based_metadata"; initialize(); auto request = createRequest(empty_metadata_); request->sendReply(); diff --git a/test/extensions/health_checkers/redis/config_test.cc b/test/extensions/health_checkers/redis/config_test.cc index e248faebf51a..fbd5db3ee52e 100644 --- a/test/extensions/health_checkers/redis/config_test.cc +++ b/test/extensions/health_checkers/redis/config_test.cc @@ -1,9 +1,8 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "common/upstream/health_checker_impl.h" - -#include "extensions/health_checkers/redis/config.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/extensions/health_checkers/redis/config.h" #include "test/common/upstream/utility.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/extensions/health_checkers/redis/redis_test.cc b/test/extensions/health_checkers/redis/redis_test.cc index f1beb870b581..a5c012bbf8bb 100644 --- a/test/extensions/health_checkers/redis/redis_test.cc +++ b/test/extensions/health_checkers/redis/redis_test.cc @@ -4,8 +4,8 @@ #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.h" #include "envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.pb.validate.h" -#include "extensions/health_checkers/redis/redis.h" -#include "extensions/health_checkers/redis/utility.h" +#include "source/extensions/health_checkers/redis/redis.h" +#include "source/extensions/health_checkers/redis/utility.h" #include "test/common/upstream/utility.h" #include "test/extensions/filters/network/common/redis/mocks.h" diff --git a/test/extensions/http/header_formatters/preserve_case/BUILD b/test/extensions/http/header_formatters/preserve_case/BUILD index bc19822cacd0..7116f4617f85 100644 --- a/test/extensions/http/header_formatters/preserve_case/BUILD +++ b/test/extensions/http/header_formatters/preserve_case/BUILD @@ -28,6 +28,8 @@ envoy_extension_cc_test( "preserve_case_formatter_integration_test.cc", ], extension_name = "envoy.http.stateful_header_formatters.preserve_case", + # Broken until bazel 5.0.0 fix to shorten resulting paths for SymInitialize() failure + tags = ["skip_on_windows"], deps = [ "//source/extensions/http/header_formatters/preserve_case:preserve_case_formatter", "//test/integration:http_integration_lib", diff --git a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc index 8e285da69488..92c72f43bb66 100644 --- a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc +++ b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc @@ -28,7 +28,7 @@ class PreserveCaseIntegrationTest : public testing::TestWithParam::getFactory( - InternalRedirectPredicateValues::get().PreviousRoutesPredicate); + "envoy.internal_redirect_predicates.previous_routes"); config_ = factory_->createEmptyConfigProto(); } diff --git a/test/extensions/io_socket/user_space/BUILD b/test/extensions/io_socket/user_space/BUILD index dc9dc2bdc90d..e06b8c87b40b 100644 --- a/test/extensions/io_socket/user_space/BUILD +++ b/test/extensions/io_socket/user_space/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["file_event_impl_test.cc"], extension_name = "envoy.io_socket.user_space", deps = [ - "//include/envoy/event:file_event_interface", + "//envoy/event:file_event_interface", "//source/common/event:dispatcher_includes", "//source/common/event:dispatcher_lib", "//source/extensions/io_socket/user_space:file_event_lib", diff --git a/test/extensions/io_socket/user_space/file_event_impl_test.cc b/test/extensions/io_socket/user_space/file_event_impl_test.cc index 5d136b2bb026..56bf7d51ab68 100644 --- a/test/extensions/io_socket/user_space/file_event_impl_test.cc +++ b/test/extensions/io_socket/user_space/file_event_impl_test.cc @@ -2,10 +2,9 @@ #include "envoy/event/file_event.h" -#include "common/event/dispatcher_impl.h" - -#include "extensions/io_socket/user_space/file_event_impl.h" -#include "extensions/io_socket/user_space/io_handle.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/extensions/io_socket/user_space/file_event_impl.h" +#include "source/extensions/io_socket/user_space/io_handle.h" #include "test/mocks/common.h" #include "test/test_common/environment.h" diff --git a/test/extensions/io_socket/user_space/io_handle_impl_test.cc b/test/extensions/io_socket/user_space/io_handle_impl_test.cc index 790c7a0734ed..83f8cd0ee3e7 100644 --- a/test/extensions/io_socket/user_space/io_handle_impl_test.cc +++ b/test/extensions/io_socket/user_space/io_handle_impl_test.cc @@ -1,11 +1,10 @@ #include "envoy/buffer/buffer.h" #include "envoy/event/file_event.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fancy_logger.h" -#include "common/network/address_impl.h" - -#include "extensions/io_socket/user_space/io_handle_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/io_socket/user_space/io_handle_impl.h" #include "test/mocks/event/mocks.h" @@ -738,7 +737,7 @@ TEST_F(IoHandleImplTest, Close) { should_close = true; break; } else { - accumulator += absl::string_view(buf_.data(), result.rc_); + accumulator += std::string(buf_.data(), result.rc_); } } else if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { ENVOY_LOG_MISC(debug, "read returns EAGAIN"); @@ -793,7 +792,7 @@ TEST_F(IoHandleImplTest, ShutDownRaiseEvent) { if (events & Event::FileReadyType::Read) { auto result = io_handle_->recv(buf_.data(), buf_.size(), 0); if (result.ok()) { - accumulator += absl::string_view(buf_.data(), result.rc_); + accumulator += std::string(buf_.data(), result.rc_); } else if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { ENVOY_LOG_MISC(debug, "read returns EAGAIN"); } else { @@ -833,7 +832,7 @@ TEST_F(IoHandleImplTest, WriteScheduleWritableEvent) { auto slice = reservation.slice(); auto result = handle->readv(1024, &slice, 1); if (result.ok()) { - accumulator += absl::string_view(static_cast(slice.mem_), result.rc_); + accumulator += std::string(static_cast(slice.mem_), result.rc_); } else if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { ENVOY_LOG_MISC(debug, "read returns EAGAIN"); } else { @@ -873,7 +872,7 @@ TEST_F(IoHandleImplTest, WritevScheduleWritableEvent) { auto slice = reservation.slice(); auto result = handle->readv(1024, &slice, 1); if (result.ok()) { - accumulator += absl::string_view(static_cast(slice.mem_), result.rc_); + accumulator += std::string(static_cast(slice.mem_), result.rc_); } else if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { ENVOY_LOG_MISC(debug, "read returns EAGAIN"); } else { @@ -917,7 +916,7 @@ TEST_F(IoHandleImplTest, ReadAfterShutdownWrite) { if (result.rc_ == 0) { should_close = true; } else { - accumulator += absl::string_view(static_cast(slice.mem_), result.rc_); + accumulator += std::string(static_cast(slice.mem_), result.rc_); } } else if (result.err_->getErrorCode() == Api::IoError::IoErrorCode::Again) { ENVOY_LOG_MISC(debug, "read returns EAGAIN"); diff --git a/test/extensions/matching/common_inputs/environment_variable/config_test.cc b/test/extensions/matching/common_inputs/environment_variable/config_test.cc index f8a697979c9e..86c66037780d 100644 --- a/test/extensions/matching/common_inputs/environment_variable/config_test.cc +++ b/test/extensions/matching/common_inputs/environment_variable/config_test.cc @@ -1,6 +1,5 @@ -#include "common/config/utility.h" - -#include "extensions/matching/common_inputs/environment_variable/config.h" +#include "source/common/config/utility.h" +#include "source/extensions/matching/common_inputs/environment_variable/config.h" #include "test/mocks/server/factory_context.h" #include "test/test_common/environment.h" @@ -31,16 +30,16 @@ TEST(ConfigTest, TestConfig) { config.typed_config(), ProtobufMessage::getStrictValidationVisitor(), factory); { - auto input = factory.createCommonProtocolInput(*message, context); - EXPECT_NE(nullptr, input); - EXPECT_EQ(input->get(), absl::nullopt); + auto input_factory = factory.createCommonProtocolInputFactoryCb(*message, context); + EXPECT_NE(nullptr, input_factory); + EXPECT_EQ(input_factory()->get(), absl::nullopt); } TestEnvironment::setEnvVar("foo", "bar", 1); { - auto input = factory.createCommonProtocolInput(*message, context); - EXPECT_NE(nullptr, input); - EXPECT_EQ(input->get(), absl::make_optional("bar")); + auto input_factory = factory.createCommonProtocolInputFactoryCb(*message, context); + EXPECT_NE(nullptr, input_factory); + EXPECT_EQ(input_factory()->get(), absl::make_optional("bar")); } TestEnvironment::unsetEnvVar("foo"); diff --git a/test/extensions/matching/common_inputs/environment_variable/input_test.cc b/test/extensions/matching/common_inputs/environment_variable/input_test.cc index 7c0bcc9768c1..dbc874448e04 100644 --- a/test/extensions/matching/common_inputs/environment_variable/input_test.cc +++ b/test/extensions/matching/common_inputs/environment_variable/input_test.cc @@ -1,4 +1,4 @@ -#include "extensions/matching/common_inputs/environment_variable/input.h" +#include "source/extensions/matching/common_inputs/environment_variable/input.h" #include "gtest/gtest.h" diff --git a/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc b/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc index 21722bed990f..f70eb2825b9d 100644 --- a/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc +++ b/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/matching/input_matchers/consistent_hashing/config.h" +#include "source/extensions/matching/input_matchers/consistent_hashing/config.h" #include "test/mocks/server/factory_context.h" @@ -27,8 +27,9 @@ TEST(ConfigTest, TestConfig) { ConsistentHashingConfig factory; auto message = Config::Utility::translateAnyToFactoryConfig( config.typed_config(), ProtobufMessage::getStrictValidationVisitor(), factory); - auto matcher = factory.createInputMatcher(*message, context); - EXPECT_NE(nullptr, matcher); + auto matcher = factory.createInputMatcherFactoryCb(*message, context); + ASSERT_NE(nullptr, matcher); + matcher(); } TEST(ConfigTest, InvalidConfig) { @@ -48,7 +49,7 @@ TEST(ConfigTest, InvalidConfig) { ConsistentHashingConfig factory; auto message = Config::Utility::translateAnyToFactoryConfig( config.typed_config(), ProtobufMessage::getStrictValidationVisitor(), factory); - EXPECT_THROW_WITH_MESSAGE(factory.createInputMatcher(*message, context), EnvoyException, + EXPECT_THROW_WITH_MESSAGE(factory.createInputMatcherFactoryCb(*message, context), EnvoyException, "threshold cannot be greater than modulo: 200 > 100"); } } // namespace ConsistentHashing diff --git a/test/extensions/matching/input_matchers/consistent_hashing/matcher_test.cc b/test/extensions/matching/input_matchers/consistent_hashing/matcher_test.cc index c070a2c3c729..98d4ea3a9273 100644 --- a/test/extensions/matching/input_matchers/consistent_hashing/matcher_test.cc +++ b/test/extensions/matching/input_matchers/consistent_hashing/matcher_test.cc @@ -1,4 +1,4 @@ -#include "extensions/matching/input_matchers/consistent_hashing/matcher.h" +#include "source/extensions/matching/input_matchers/consistent_hashing/matcher.h" #include "gtest/gtest.h" diff --git a/test/extensions/rate_limit_descriptors/expr/config_test.cc b/test/extensions/rate_limit_descriptors/expr/config_test.cc index d68981ede37d..57094c6805e6 100644 --- a/test/extensions/rate_limit_descriptors/expr/config_test.cc +++ b/test/extensions/rate_limit_descriptors/expr/config_test.cc @@ -3,10 +3,9 @@ #include "envoy/extensions/rate_limit_descriptors/expr/v3/expr.pb.h" #include "envoy/extensions/rate_limit_descriptors/expr/v3/expr.pb.validate.h" -#include "common/protobuf/utility.h" -#include "common/router/router_ratelimit.h" - -#include "extensions/rate_limit_descriptors/expr/config.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/router_ratelimit.h" +#include "source/extensions/rate_limit_descriptors/expr/config.h" #include "test/mocks/http/mocks.h" #include "test/mocks/ratelimit/mocks.h" diff --git a/test/extensions/request_id/uuid/config_test.cc b/test/extensions/request_id/uuid/config_test.cc index 346c88b4c1a9..1e31e1a40c25 100644 --- a/test/extensions/request_id/uuid/config_test.cc +++ b/test/extensions/request_id/uuid/config_test.cc @@ -1,8 +1,7 @@ #include -#include "common/common/random_generator.h" - -#include "extensions/request_id/uuid/config.h" +#include "source/common/common/random_generator.h" +#include "source/extensions/request_id/uuid/config.h" #include "test/mocks/common.h" #include "test/test_common/utility.h" diff --git a/test/extensions/resource_monitors/fixed_heap/BUILD b/test/extensions/resource_monitors/fixed_heap/BUILD index e4a1cd62d61c..430aa5a151cd 100644 --- a/test/extensions/resource_monitors/fixed_heap/BUILD +++ b/test/extensions/resource_monitors/fixed_heap/BUILD @@ -27,7 +27,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.resource_monitors.fixed_heap", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/stats:isolated_store_lib", "//source/extensions/resource_monitors/fixed_heap:config", "//source/server:resource_monitor_config_lib", diff --git a/test/extensions/resource_monitors/fixed_heap/config_test.cc b/test/extensions/resource_monitors/fixed_heap/config_test.cc index 39fc8333b003..c26aa094cf44 100644 --- a/test/extensions/resource_monitors/fixed_heap/config_test.cc +++ b/test/extensions/resource_monitors/fixed_heap/config_test.cc @@ -2,9 +2,8 @@ #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.validate.h" #include "envoy/registry/registry.h" -#include "server/resource_monitor_config_impl.h" - -#include "extensions/resource_monitors/fixed_heap/config.h" +#include "source/extensions/resource_monitors/fixed_heap/config.h" +#include "source/server/resource_monitor_config_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/server/options.h" diff --git a/test/extensions/resource_monitors/fixed_heap/fixed_heap_monitor_test.cc b/test/extensions/resource_monitors/fixed_heap/fixed_heap_monitor_test.cc index 1d5eb84c22c8..24b451ee6fe7 100644 --- a/test/extensions/resource_monitors/fixed_heap/fixed_heap_monitor_test.cc +++ b/test/extensions/resource_monitors/fixed_heap/fixed_heap_monitor_test.cc @@ -1,6 +1,6 @@ #include "envoy/extensions/resource_monitors/fixed_heap/v3/fixed_heap.pb.h" -#include "extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" +#include "source/extensions/resource_monitors/fixed_heap/fixed_heap_monitor.h" #include "absl/types/optional.h" #include "gmock/gmock.h" diff --git a/test/extensions/resource_monitors/injected_resource/BUILD b/test/extensions/resource_monitors/injected_resource/BUILD index 998b7af987b5..c76b0e2d06be 100644 --- a/test/extensions/resource_monitors/injected_resource/BUILD +++ b/test/extensions/resource_monitors/injected_resource/BUILD @@ -12,6 +12,21 @@ licenses(["notice"]) # Apache 2 envoy_package() +envoy_cc_test( + name = "injected_resource_monitor_integration_test", + srcs = ["injected_resource_monitor_integration_test.cc"], + # Broken until bazel 5.0.0 fix to shorten resulting paths for SymInitialize() failure + tags = ["skip_on_windows"], + deps = [ + "//source/extensions/resource_monitors/injected_resource:config", + "//test/common/config:dummy_config_proto_cc_proto", + "//test/integration:http_protocol_integration_lib", + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/config/overload/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + ], +) + envoy_cc_test( name = "injected_resource_monitor_test", srcs = ["injected_resource_monitor_test.cc"], @@ -32,7 +47,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.resource_monitors.injected_resource", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/event:dispatcher_lib", "//source/common/stats:isolated_store_lib", "//source/extensions/resource_monitors/injected_resource:config", diff --git a/test/extensions/resource_monitors/injected_resource/config_test.cc b/test/extensions/resource_monitors/injected_resource/config_test.cc index f2fbeb7ecb9f..c0ffe5118cab 100644 --- a/test/extensions/resource_monitors/injected_resource/config_test.cc +++ b/test/extensions/resource_monitors/injected_resource/config_test.cc @@ -2,11 +2,9 @@ #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/event/dispatcher_impl.h" - -#include "server/resource_monitor_config_impl.h" - -#include "extensions/resource_monitors/injected_resource/config.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/extensions/resource_monitors/injected_resource/config.h" +#include "source/server/resource_monitor_config_impl.h" #include "test/mocks/server/options.h" #include "test/test_common/environment.h" diff --git a/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_integration_test.cc b/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_integration_test.cc new file mode 100644 index 000000000000..dc1292401c5e --- /dev/null +++ b/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_integration_test.cc @@ -0,0 +1,168 @@ +#include + +#include + +#include "envoy/config/bootstrap/v3/bootstrap.pb.h" +#include "envoy/config/overload/v3/overload.pb.h" +#include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" + +#include "source/extensions/transport_sockets/tls/context_config_impl.h" + +#include "test/config/integration/certs/clientcert_hash.h" +#include "test/config/utility.h" +#include "test/integration/http_integration.h" +#include "test/test_common/utility.h" + +#if defined(ENVOY_CONFIG_COVERAGE) +#define DISABLE_UNDER_COVERAGE return +#else +#define DISABLE_UNDER_COVERAGE \ + do { \ + } while (0) +#endif + +namespace Envoy { + +void updateResource(AtomicFileUpdater& updater, double pressure) { + updater.update(absl::StrCat(pressure)); +} + +class OverloadIntegrationTest : public testing::TestWithParam, + public HttpIntegrationTest { +public: + OverloadIntegrationTest() + : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()), + injected_resource_filename_1_(TestEnvironment::temporaryPath("injected_resource_1")), + injected_resource_filename_2_(TestEnvironment::temporaryPath("injected_resource_2")), + file_updater_1_(injected_resource_filename_1_), + file_updater_2_(injected_resource_filename_2_) {} + + ~OverloadIntegrationTest() override { + cleanupUpstreamAndDownstream(); + codec_client_.reset(); + } + + IntegrationCodecClientPtr makeRawHttpConnection( + Network::ClientConnectionPtr&& conn, + absl::optional http2_options) override { + IntegrationCodecClientPtr codec = + HttpIntegrationTest::makeRawHttpConnection(std::move(conn), http2_options); + return codec; + } + + void initialize() override { + config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { + const std::string overload_config = + fmt::format(R"EOF( + refresh_interval: + seconds: 0 + nanos: 1000000 + resource_monitors: + - name: "envoy.resource_monitors.injected_resource_1" + typed_config: + "@type": type.googleapis.com/envoy.extensions.resource_monitors.injected_resource.v3.InjectedResourceConfig + filename: "{}" + - name: "envoy.resource_monitors.injected_resource_2" + typed_config: + "@type": type.googleapis.com/envoy.extensions.resource_monitors.injected_resource.v3.InjectedResourceConfig + filename: "{}" + actions: + - name: "envoy.overload_actions.stop_accepting_requests" + triggers: + - name: "envoy.resource_monitors.injected_resource_1" + threshold: + value: 0.95 + - name: "envoy.overload_actions.stop_accepting_connections" + triggers: + - name: "envoy.resource_monitors.injected_resource_1" + threshold: + value: 0.9 + - name: "envoy.overload_actions.disable_http_keepalive" + triggers: + - name: "envoy.resource_monitors.injected_resource_2" + threshold: + value: 0.8 + )EOF", + injected_resource_filename_1_, injected_resource_filename_2_); + *bootstrap.mutable_overload_manager() = + TestUtility::parseYaml(overload_config); + }); + + updateResource(file_updater_1_, 0); + updateResource(file_updater_2_, 0); + HttpIntegrationTest::initialize(); + registerTestServerPorts({"http"}); + } + +protected: + Network::Address::InstanceConstSharedPtr server_addr_; + const std::string injected_resource_filename_1_; + const std::string injected_resource_filename_2_; + AtomicFileUpdater file_updater_1_; + AtomicFileUpdater file_updater_2_; +}; + +INSTANTIATE_TEST_SUITE_P(IpVersions, OverloadIntegrationTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +TEST_P(OverloadIntegrationTest, StopAcceptingConnectionsWhenOverloaded) { + initialize(); + // Put envoy in overloaded state and check that it doesn't accept the new client connection. + updateResource(file_updater_1_, 0.95); + test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", + 1); + IntegrationStreamDecoderPtr response; + // For HTTP/2 and below, excess connection won't be accepted, but will hang out + // in a pending state and resume below. + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + response = codec_client_->makeRequestWithBody(default_request_headers_, 10); + EXPECT_FALSE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_, + std::chrono::milliseconds(1000))); + + // Reduce load a little to allow the connection to be accepted. + updateResource(file_updater_1_, 0.8); + test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", + 0); + EXPECT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); + EXPECT_TRUE(fake_upstream_connection_->waitForNewStream(*dispatcher_, upstream_request_)); + ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); + ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, 10)); + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "202"}}, true); + ASSERT_TRUE(response->waitForEndStream()); + + EXPECT_TRUE(response->complete()); + EXPECT_EQ("202", response->headers().getStatusValue()); + codec_client_->close(); +} + +TEST_P(OverloadIntegrationTest, NoNewStreamsWhenOverloaded) { + initialize(); + updateResource(file_updater_1_, 0.7); + + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + + // Send a complete request and start a second. + auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_); + waitForNextUpstreamRequest(0); + upstream_request_->encodeHeaders(default_response_headers_, true); + ASSERT_TRUE(response->waitForEndStream()); + + auto response2 = codec_client_->makeHeaderOnlyRequest(default_request_headers_); + waitForNextUpstreamRequest(0); + + // Enable the disable-keepalive overload action. This should send a shutdown notice before + // encoding the headers. + updateResource(file_updater_2_, 0.9); + test_server_->waitForGaugeEq("overload.envoy.overload_actions.disable_http_keepalive.active", 1); + + upstream_request_->encodeHeaders(default_response_headers_, /*end_stream=*/false); + upstream_request_->encodeData(10, true); + + response2->waitForHeaders(); + EXPECT_TRUE(codec_client_->waitForDisconnect()); + + codec_client_->close(); +} + +} // namespace Envoy diff --git a/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_test.cc b/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_test.cc index 1391893d9793..400f97a4d11b 100644 --- a/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_test.cc +++ b/test/extensions/resource_monitors/injected_resource/injected_resource_monitor_test.cc @@ -1,11 +1,9 @@ #include "envoy/extensions/resource_monitors/injected_resource/v3/injected_resource.pb.h" -#include "common/event/dispatcher_impl.h" -#include "common/stats/isolated_store_impl.h" - -#include "server/resource_monitor_config_impl.h" - -#include "extensions/resource_monitors/injected_resource/injected_resource_monitor.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/resource_monitors/injected_resource/injected_resource_monitor.h" +#include "source/server/resource_monitor_config_impl.h" #include "test/mocks/server/options.h" #include "test/test_common/environment.h" diff --git a/test/extensions/retry/host/omit_canary_hosts/config_test.cc b/test/extensions/retry/host/omit_canary_hosts/config_test.cc index ad08812c9795..aae083d6ac8f 100644 --- a/test/extensions/retry/host/omit_canary_hosts/config_test.cc +++ b/test/extensions/retry/host/omit_canary_hosts/config_test.cc @@ -1,7 +1,7 @@ #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" -#include "extensions/retry/host/omit_canary_hosts/config.h" +#include "source/extensions/retry/host/omit_canary_hosts/config.h" #include "test/mocks/upstream/host.h" diff --git a/test/extensions/retry/host/omit_host_metadata/config_test.cc b/test/extensions/retry/host/omit_host_metadata/config_test.cc index 399ab587b57a..9ea84a3a35bf 100644 --- a/test/extensions/retry/host/omit_host_metadata/config_test.cc +++ b/test/extensions/retry/host/omit_host_metadata/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" -#include "extensions/retry/host/omit_host_metadata/omit_host_metadata.h" +#include "source/extensions/retry/host/omit_host_metadata/omit_host_metadata.h" #include "test/mocks/upstream/host.h" #include "test/test_common/utility.h" diff --git a/test/extensions/retry/host/previous_hosts/config_test.cc b/test/extensions/retry/host/previous_hosts/config_test.cc index a706e2665489..5e24b59fc289 100644 --- a/test/extensions/retry/host/previous_hosts/config_test.cc +++ b/test/extensions/retry/host/previous_hosts/config_test.cc @@ -1,9 +1,8 @@ #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" -#include "common/network/address_impl.h" - -#include "extensions/retry/host/previous_hosts/config.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/retry/host/previous_hosts/config.h" #include "test/mocks/upstream/host.h" diff --git a/test/extensions/retry/host/previous_hosts/integration_test.cc b/test/extensions/retry/host/previous_hosts/integration_test.cc index 5897e01377e9..a433ad4e224b 100644 --- a/test/extensions/retry/host/previous_hosts/integration_test.cc +++ b/test/extensions/retry/host/previous_hosts/integration_test.cc @@ -1,5 +1,5 @@ -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" #include "test/integration/http_integration.h" @@ -14,7 +14,7 @@ namespace { class PrevioustHostsIntegrationTest : public testing::Test, public HttpIntegrationTest { public: PrevioustHostsIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, Network::Address::IpVersion::v4) {} + : HttpIntegrationTest(Http::CodecType::HTTP2, Network::Address::IpVersion::v4) {} void initialize() override { setDeterministic(); diff --git a/test/extensions/retry/priority/previous_priorities/BUILD b/test/extensions/retry/priority/previous_priorities/BUILD index cc5af8f0a7f8..663245db705e 100644 --- a/test/extensions/retry/priority/previous_priorities/BUILD +++ b/test/extensions/retry/priority/previous_priorities/BUILD @@ -17,7 +17,6 @@ envoy_extension_cc_test( extension_name = "envoy.retry_priorities.previous_priorities", deps = [ "//source/common/protobuf:message_validator_lib", - "//source/extensions/retry/priority:well_known_names", "//source/extensions/retry/priority/previous_priorities:config", "//test/mocks/upstream:host_mocks", "//test/mocks/upstream:host_set_mocks", diff --git a/test/extensions/retry/priority/previous_priorities/config_test.cc b/test/extensions/retry/priority/previous_priorities/config_test.cc index 3d46262e926b..c4ce6d6386d1 100644 --- a/test/extensions/retry/priority/previous_priorities/config_test.cc +++ b/test/extensions/retry/priority/previous_priorities/config_test.cc @@ -2,10 +2,8 @@ #include "envoy/registry/registry.h" #include "envoy/upstream/retry.h" -#include "common/protobuf/message_validator_impl.h" - -#include "extensions/retry/priority/previous_priorities/config.h" -#include "extensions/retry/priority/well_known_names.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/extensions/retry/priority/previous_priorities/config.h" #include "test/mocks/upstream/host.h" #include "test/mocks/upstream/host_set.h" @@ -28,7 +26,7 @@ class RetryPriorityTest : public testing::Test { void initialize(const Upstream::HealthyLoad& original_healthy_priority_load, const Upstream::DegradedLoad& original_degraded_priority_load) { auto factory = Registry::FactoryRegistry::getFactory( - RetryPriorityValues::get().PreviousPrioritiesRetryPriority); + "envoy.retry_priorities.previous_priorities"); envoy::extensions::retry::priority::previous_priorities::v3::PreviousPrioritiesConfig config; config.set_update_frequency(update_frequency_); diff --git a/test/extensions/stats_sinks/common/statsd/statsd_test.cc b/test/extensions/stats_sinks/common/statsd/statsd_test.cc index df6d10b649bb..bdcb16fb0238 100644 --- a/test/extensions/stats_sinks/common/statsd/statsd_test.cc +++ b/test/extensions/stats_sinks/common/statsd/statsd_test.cc @@ -2,10 +2,9 @@ #include #include -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" #include "test/common/upstream/utility.h" #include "test/mocks/buffer/mocks.h" diff --git a/test/extensions/stats_sinks/common/statsd/udp_statsd_test.cc b/test/extensions/stats_sinks/common/statsd/udp_statsd_test.cc index 8d80c48b1d4d..919f37a97910 100644 --- a/test/extensions/stats_sinks/common/statsd/udp_statsd_test.cc +++ b/test/extensions/stats_sinks/common/statsd/udp_statsd_test.cc @@ -3,12 +3,12 @@ #include #include -#include "common/api/os_sys_calls_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_impl.h" -#include "common/network/utility.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/common/statsd/tag_formats.h" #include "test/mocks/stats/mocks.h" #include "test/mocks/thread_local/mocks.h" @@ -453,6 +453,49 @@ TEST(UdpStatsdSinkWithTagsTest, SiSuffix) { tls_.shutdownThread(); } +TEST(UdpStatsdSinkWithTagsTest, GraphiteTagSyntax) { + NiceMock snapshot; + auto writer_ptr = std::make_shared>(); + writer_ptr->delegateBufferFake(); + NiceMock tls_; + UdpStatsdSink sink(tls_, writer_ptr, true, getDefaultPrefix(), 1024, getGraphiteTagFormat()); + + std::vector tags = {Stats::Tag{"key1", "value1"}, Stats::Tag{"key2", "value2"}}; + NiceMock counter; + counter.name_ = "test_counter"; + counter.used_ = true; + counter.latch_ = 1; + counter.setTags(tags); + snapshot.counters_.push_back({1, counter}); + + EXPECT_CALL(*std::dynamic_pointer_cast>(writer_ptr), writeBuffer(_)); + sink.flush(snapshot); + EXPECT_EQ(writer_ptr->buffer_writes.size(), 1); + EXPECT_EQ(writer_ptr->buffer_writes.at(0), "envoy.test_counter;key1=value1;key2=value2:1|c"); + counter.used_ = false; + + NiceMock gauge; + gauge.name_ = "test_gauge"; + gauge.value_ = 1; + gauge.used_ = true; + gauge.setTags(tags); + snapshot.gauges_.push_back(gauge); + + EXPECT_CALL(*std::dynamic_pointer_cast>(writer_ptr), writeBuffer(_)); + sink.flush(snapshot); + EXPECT_EQ(writer_ptr->buffer_writes.size(), 2); + EXPECT_EQ(writer_ptr->buffer_writes.at(1), "envoy.test_gauge;key1=value1;key2=value2:1|g"); + + NiceMock timer; + timer.name_ = "test_timer"; + timer.setTags(tags); + EXPECT_CALL(*std::dynamic_pointer_cast>(writer_ptr), + write("envoy.test_timer;key1=value1;key2=value2:5|ms")); + sink.onHistogramComplete(timer, 5); + + tls_.shutdownThread(); +} + } // namespace } // namespace Statsd } // namespace Common diff --git a/test/extensions/stats_sinks/dog_statsd/BUILD b/test/extensions/stats_sinks/dog_statsd/BUILD index a9a0057336fa..ee4ba39c66a1 100644 --- a/test/extensions/stats_sinks/dog_statsd/BUILD +++ b/test/extensions/stats_sinks/dog_statsd/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.stat_sinks.dog_statsd", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/stat_sinks/dog_statsd:config", "//test/mocks/server:instance_mocks", diff --git a/test/extensions/stats_sinks/dog_statsd/config_test.cc b/test/extensions/stats_sinks/dog_statsd/config_test.cc index cdb68d6e938b..6a7e285bf5f1 100644 --- a/test/extensions/stats_sinks/dog_statsd/config_test.cc +++ b/test/extensions/stats_sinks/dog_statsd/config_test.cc @@ -2,12 +2,11 @@ #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/registry/registry.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/utility.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" -#include "extensions/stat_sinks/dog_statsd/config.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/dog_statsd/config.h" +#include "source/extensions/stat_sinks/well_known_names.h" #include "test/mocks/server/instance.h" #include "test/test_common/environment.h" diff --git a/test/extensions/stats_sinks/graphite_statsd/BUILD b/test/extensions/stats_sinks/graphite_statsd/BUILD new file mode 100644 index 000000000000..fd3b89146585 --- /dev/null +++ b/test/extensions/stats_sinks/graphite_statsd/BUILD @@ -0,0 +1,29 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) +load( + "//test/extensions:extensions_build_system.bzl", + "envoy_extension_cc_test", +) + +licenses(["notice"]) # Apache 2 + +envoy_package() + +envoy_extension_cc_test( + name = "config_test", + srcs = ["config_test.cc"], + extension_name = "envoy.stat_sinks.graphite_statsd", + deps = [ + "//envoy/registry", + "//source/common/protobuf:utility_lib", + "//source/extensions/stat_sinks/graphite_statsd:config", + "//test/mocks/server:instance_mocks", + "//test/test_common:environment_lib", + "//test/test_common:network_utility_lib", + "//test/test_common:utility_lib", + "@envoy_api//envoy/config/core/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/stat_sinks/graphite_statsd/v3:pkg_cc_proto", + ], +) diff --git a/test/extensions/stats_sinks/graphite_statsd/config_test.cc b/test/extensions/stats_sinks/graphite_statsd/config_test.cc new file mode 100644 index 000000000000..0785d47d2561 --- /dev/null +++ b/test/extensions/stats_sinks/graphite_statsd/config_test.cc @@ -0,0 +1,164 @@ +#include "envoy/config/core/v3/address.pb.h" +#include "envoy/extensions/stat_sinks/graphite_statsd/v3/graphite_statsd.pb.h" +#include "envoy/registry/registry.h" + +#include "source/common/common/macros.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/graphite_statsd/config.h" + +#include "test/mocks/server/instance.h" +#include "test/test_common/environment.h" +#include "test/test_common/network_utility.h" +#include "test/test_common/utility.h" + +#include "gmock/gmock.h" +#include "gtest/gtest.h" + +using testing::NiceMock; + +namespace Envoy { +namespace Extensions { +namespace StatSinks { +namespace GraphiteStatsd { +namespace { + +const std::string& getStatSinkName() { + CONSTRUCT_ON_FIRST_USE(std::string, "envoy.stat_sinks.graphite_statsd"); +} + +class GraphiteStatsdConfigLoopbackTest + : public testing::TestWithParam {}; +INSTANTIATE_TEST_SUITE_P(IpVersions, GraphiteStatsdConfigLoopbackTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +TEST_P(GraphiteStatsdConfigLoopbackTest, ValidUdpIp) { + const std::string& name = getStatSinkName(); + + envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink sink_config; + envoy::config::core::v3::Address& address = *sink_config.mutable_address(); + envoy::config::core::v3::SocketAddress& socket_address = *address.mutable_socket_address(); + socket_address.set_protocol(envoy::config::core::v3::SocketAddress::UDP); + Network::Address::InstanceConstSharedPtr loopback_flavor = + Network::Test::getCanonicalLoopbackAddress(GetParam()); + socket_address.set_address(loopback_flavor->ip()->addressAsString()); + socket_address.set_port_value(8125); + + Server::Configuration::StatsSinkFactory* factory = + Registry::FactoryRegistry::getFactory(name); + ASSERT_NE(factory, nullptr); + + ProtobufTypes::MessagePtr message = factory->createEmptyConfigProto(); + TestUtility::jsonConvert(sink_config, *message); + + NiceMock server; + Stats::SinkPtr sink = factory->createStatsSink(*message, server); + EXPECT_NE(sink, nullptr); + auto udp_sink = dynamic_cast(sink.get()); + EXPECT_NE(udp_sink, nullptr); + EXPECT_EQ(udp_sink->getUseTagForTest(), true); + EXPECT_EQ(udp_sink->getPrefix(), Common::Statsd::getDefaultPrefix()); +} + +// Negative test for protoc-gen-validate constraints for graphite_statsd. +TEST(GraphiteStatsdConfigTest, ValidateFail) { + NiceMock server; + EXPECT_THROW( + GraphiteStatsdSinkFactory().createStatsSink( + envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink(), server), + ProtoValidationException); +} + +TEST_P(GraphiteStatsdConfigLoopbackTest, CustomBufferSize) { + const std::string& name = getStatSinkName(); + + envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink sink_config; + sink_config.mutable_max_bytes_per_datagram()->set_value(128); + envoy::config::core::v3::Address& address = *sink_config.mutable_address(); + envoy::config::core::v3::SocketAddress& socket_address = *address.mutable_socket_address(); + socket_address.set_protocol(envoy::config::core::v3::SocketAddress::UDP); + Network::Address::InstanceConstSharedPtr loopback_flavor = + Network::Test::getCanonicalLoopbackAddress(GetParam()); + socket_address.set_address(loopback_flavor->ip()->addressAsString()); + socket_address.set_port_value(8125); + + Server::Configuration::StatsSinkFactory* factory = + Registry::FactoryRegistry::getFactory(name); + ASSERT_NE(factory, nullptr); + + ProtobufTypes::MessagePtr message = factory->createEmptyConfigProto(); + TestUtility::jsonConvert(sink_config, *message); + + NiceMock server; + Stats::SinkPtr sink = factory->createStatsSink(*message, server); + ASSERT_NE(sink, nullptr); + auto udp_sink = dynamic_cast(sink.get()); + ASSERT_NE(udp_sink, nullptr); + EXPECT_EQ(udp_sink->getBufferSizeForTest(), 128); +} + +TEST_P(GraphiteStatsdConfigLoopbackTest, DefaultBufferSize) { + const std::string& name = getStatSinkName(); + + envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink sink_config; + envoy::config::core::v3::Address& address = *sink_config.mutable_address(); + envoy::config::core::v3::SocketAddress& socket_address = *address.mutable_socket_address(); + socket_address.set_protocol(envoy::config::core::v3::SocketAddress::UDP); + Network::Address::InstanceConstSharedPtr loopback_flavor = + Network::Test::getCanonicalLoopbackAddress(GetParam()); + socket_address.set_address(loopback_flavor->ip()->addressAsString()); + socket_address.set_port_value(8125); + + Server::Configuration::StatsSinkFactory* factory = + Registry::FactoryRegistry::getFactory(name); + ASSERT_NE(factory, nullptr); + + ProtobufTypes::MessagePtr message = factory->createEmptyConfigProto(); + TestUtility::jsonConvert(sink_config, *message); + + NiceMock server; + Stats::SinkPtr sink = factory->createStatsSink(*message, server); + ASSERT_NE(sink, nullptr); + auto udp_sink = dynamic_cast(sink.get()); + ASSERT_NE(udp_sink, nullptr); + // Expect default buffer size of 0 (no buffering) + EXPECT_EQ(udp_sink->getBufferSizeForTest(), 0); +} + +TEST_P(GraphiteStatsdConfigLoopbackTest, WithCustomPrefix) { + const std::string& name = getStatSinkName(); + + envoy::extensions::stat_sinks::graphite_statsd::v3::GraphiteStatsdSink sink_config; + envoy::config::core::v3::Address& address = *sink_config.mutable_address(); + envoy::config::core::v3::SocketAddress& socket_address = *address.mutable_socket_address(); + socket_address.set_protocol(envoy::config::core::v3::SocketAddress::UDP); + Network::Address::InstanceConstSharedPtr loopback_flavor = + Network::Test::getCanonicalLoopbackAddress(GetParam()); + socket_address.set_address(loopback_flavor->ip()->addressAsString()); + socket_address.set_port_value(8125); + + const std::string customPrefix = "prefix.test"; + sink_config.set_prefix(customPrefix); + + Server::Configuration::StatsSinkFactory* factory = + Registry::FactoryRegistry::getFactory(name); + ASSERT_NE(factory, nullptr); + + ProtobufTypes::MessagePtr message = factory->createEmptyConfigProto(); + TestUtility::jsonConvert(sink_config, *message); + + NiceMock server; + Stats::SinkPtr sink = factory->createStatsSink(*message, server); + ASSERT_NE(sink, nullptr); + auto udp_sink = dynamic_cast(sink.get()); + ASSERT_NE(udp_sink, nullptr); + EXPECT_EQ(udp_sink->getPrefix(), customPrefix); +} + +} // namespace +} // namespace GraphiteStatsd +} // namespace StatSinks +} // namespace Extensions +} // namespace Envoy diff --git a/test/extensions/stats_sinks/hystrix/BUILD b/test/extensions/stats_sinks/hystrix/BUILD index 766094848f2a..f00954626dbe 100644 --- a/test/extensions/stats_sinks/hystrix/BUILD +++ b/test/extensions/stats_sinks/hystrix/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.stat_sinks.hystrix", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/stat_sinks/hystrix:config", "//test/mocks/server:instance_mocks", diff --git a/test/extensions/stats_sinks/hystrix/config_test.cc b/test/extensions/stats_sinks/hystrix/config_test.cc index 5a3c4c007e9f..9a5b78b7024f 100644 --- a/test/extensions/stats_sinks/hystrix/config_test.cc +++ b/test/extensions/stats_sinks/hystrix/config_test.cc @@ -1,11 +1,10 @@ #include "envoy/config/metrics/v3/stats.pb.h" #include "envoy/registry/registry.h" -#include "common/protobuf/utility.h" - -#include "extensions/stat_sinks/hystrix/config.h" -#include "extensions/stat_sinks/hystrix/hystrix.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/stat_sinks/hystrix/config.h" +#include "source/extensions/stat_sinks/hystrix/hystrix.h" +#include "source/extensions/stat_sinks/well_known_names.h" #include "test/mocks/server/instance.h" #include "test/test_common/environment.h" diff --git a/test/extensions/stats_sinks/hystrix/hystrix_integration_test.cc b/test/extensions/stats_sinks/hystrix/hystrix_integration_test.cc index 221201bff5c8..758c9edacf10 100644 --- a/test/extensions/stats_sinks/hystrix/hystrix_integration_test.cc +++ b/test/extensions/stats_sinks/hystrix/hystrix_integration_test.cc @@ -10,8 +10,8 @@ class HystrixIntegrationTest : public HttpProtocolIntegrationTest {}; INSTANTIATE_TEST_SUITE_P(Protocols, HystrixIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); TEST_P(HystrixIntegrationTest, NoChunkEncoding) { @@ -23,7 +23,7 @@ TEST_P(HystrixIntegrationTest, NoChunkEncoding) { }); initialize(); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { // For HTTP/1.1 we use a raw client to make absolutely sure there is no chunk encoding. std::string response; auto connection = createConnectionDriver( diff --git a/test/extensions/stats_sinks/hystrix/hystrix_test.cc b/test/extensions/stats_sinks/hystrix/hystrix_test.cc index c6b72f1a5078..59d205a38773 100644 --- a/test/extensions/stats_sinks/hystrix/hystrix_test.cc +++ b/test/extensions/stats_sinks/hystrix/hystrix_test.cc @@ -2,9 +2,8 @@ #include #include -#include "common/json/json_loader.h" - -#include "extensions/stat_sinks/hystrix/hystrix.h" +#include "source/common/json/json_loader.h" +#include "source/extensions/stat_sinks/hystrix/hystrix.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/admin.h" diff --git a/test/extensions/stats_sinks/metrics_service/BUILD b/test/extensions/stats_sinks/metrics_service/BUILD index 20c0b58c158a..3e666619dbb3 100644 --- a/test/extensions/stats_sinks/metrics_service/BUILD +++ b/test/extensions/stats_sinks/metrics_service/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.stat_sinks.metrics_service", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/extensions/stat_sinks/metrics_service:config", "//test/test_common:utility_lib", ], diff --git a/test/extensions/stats_sinks/metrics_service/config_test.cc b/test/extensions/stats_sinks/metrics_service/config_test.cc index 0813088261b3..a9d557639e07 100644 --- a/test/extensions/stats_sinks/metrics_service/config_test.cc +++ b/test/extensions/stats_sinks/metrics_service/config_test.cc @@ -1,6 +1,6 @@ #include "envoy/registry/registry.h" -#include "extensions/stat_sinks/metrics_service/config.h" +#include "source/extensions/stat_sinks/metrics_service/config.h" #include "test/test_common/utility.h" diff --git a/test/extensions/stats_sinks/metrics_service/grpc_metrics_service_impl_test.cc b/test/extensions/stats_sinks/metrics_service/grpc_metrics_service_impl_test.cc index 3b77c71ceaed..769983b8e143 100644 --- a/test/extensions/stats_sinks/metrics_service/grpc_metrics_service_impl_test.cc +++ b/test/extensions/stats_sinks/metrics_service/grpc_metrics_service_impl_test.cc @@ -1,6 +1,6 @@ #include "envoy/service/metrics/v3/metrics_service.pb.h" -#include "extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" +#include "source/extensions/stat_sinks/metrics_service/grpc_metrics_service_impl.h" #include "test/mocks/common.h" #include "test/mocks/grpc/mocks.h" @@ -101,9 +101,35 @@ class MockGrpcMetricsStreamer class MetricsServiceSinkTest : public testing::Test { public: - MetricsServiceSinkTest() = default; + void addCounterToSnapshot(const std::string& name, uint64_t delta, uint64_t value, + bool used = true) { + counter_storage_.emplace_back(std::make_unique>()); + counter_storage_.back()->name_ = name; + counter_storage_.back()->value_ = value; + counter_storage_.back()->used_ = used; + + snapshot_.counters_.push_back({delta, *counter_storage_.back()}); + } + void addGaugeToSnapshot(const std::string& name, uint64_t value, bool used = true) { + gauge_storage_.emplace_back(std::make_unique>()); + gauge_storage_.back()->name_ = name; + gauge_storage_.back()->value_ = value; + gauge_storage_.back()->used_ = used; + + snapshot_.gauges_.push_back(*gauge_storage_.back()); + } + void addHistogramToSnapshot(const std::string& name, bool used = true) { + histogram_storage_.emplace_back(std::make_unique>()); + histogram_storage_.back()->name_ = name; + histogram_storage_.back()->used_ = used; + + snapshot_.histograms_.push_back(*histogram_storage_.back()); + } NiceMock snapshot_; + std::vector>> counter_storage_; + std::vector>> gauge_storage_; + std::vector>> histogram_storage_; std::shared_ptr streamer_{new MockGrpcMetricsStreamer( Grpc::AsyncClientFactoryPtr{new NiceMock()})}; }; @@ -113,21 +139,9 @@ TEST_F(MetricsServiceSinkTest, CheckSendCall) { envoy::service::metrics::v3::StreamMetricsResponse> sink(streamer_, false, false); - auto counter = std::make_shared>(); - counter->name_ = "test_counter"; - counter->latch_ = 1; - counter->used_ = true; - snapshot_.counters_.push_back({1, *counter}); - - auto gauge = std::make_shared>(); - gauge->name_ = "test_gauge"; - gauge->value_ = 1; - gauge->used_ = true; - snapshot_.gauges_.push_back(*gauge); - - auto histogram = std::make_shared>(); - histogram->name_ = "test_histogram"; - histogram->used_ = true; + addCounterToSnapshot("test_counter", 1, 1); + addGaugeToSnapshot("test_gauge", 1); + addHistogramToSnapshot("test_histogram"); EXPECT_CALL(*streamer_, send(_)); @@ -139,17 +153,8 @@ TEST_F(MetricsServiceSinkTest, CheckStatsCount) { envoy::service::metrics::v3::StreamMetricsResponse> sink(streamer_, false, false); - auto counter = std::make_shared>(); - counter->name_ = "test_counter"; - counter->value_ = 100; - counter->used_ = true; - snapshot_.counters_.push_back({1, *counter}); - - auto gauge = std::make_shared>(); - gauge->name_ = "test_gauge"; - gauge->value_ = 1; - gauge->used_ = true; - snapshot_.gauges_.push_back(*gauge); + addCounterToSnapshot("test_counter", 1, 100); + addGaugeToSnapshot("test_gauge", 1); EXPECT_CALL(*streamer_, send(_)).WillOnce(Invoke([](MetricsPtr&& metrics) { EXPECT_EQ(2, metrics->size()); @@ -157,7 +162,7 @@ TEST_F(MetricsServiceSinkTest, CheckStatsCount) { sink.flush(snapshot_); // Verify only newly added metrics come after endFlush call. - gauge->used_ = false; + gauge_storage_.back()->used_ = false; EXPECT_CALL(*streamer_, send(_)).WillOnce(Invoke([](MetricsPtr&& metrics) { EXPECT_EQ(1, metrics->size()); })); @@ -170,11 +175,7 @@ TEST_F(MetricsServiceSinkTest, ReportCountersValues) { envoy::service::metrics::v3::StreamMetricsResponse> sink(streamer_, false, false); - auto counter = std::make_shared>(); - counter->name_ = "test_counter"; - counter->value_ = 100; - counter->used_ = true; - snapshot_.counters_.push_back({1, *counter}); + addCounterToSnapshot("test_counter", 1, 100); EXPECT_CALL(*streamer_, send(_)).WillOnce(Invoke([](MetricsPtr&& metrics) { EXPECT_EQ(1, metrics->size()); @@ -189,11 +190,7 @@ TEST_F(MetricsServiceSinkTest, ReportCountersAsDeltas) { envoy::service::metrics::v3::StreamMetricsResponse> sink(streamer_, true, false); - auto counter = std::make_shared>(); - counter->name_ = "test_counter"; - counter->value_ = 100; - counter->used_ = true; - snapshot_.counters_.push_back({1, *counter}); + addCounterToSnapshot("test_counter", 1, 100); EXPECT_CALL(*streamer_, send(_)).WillOnce(Invoke([](MetricsPtr&& metrics) { EXPECT_EQ(1, metrics->size()); @@ -204,28 +201,17 @@ TEST_F(MetricsServiceSinkTest, ReportCountersAsDeltas) { // Test the behavior of tag emission based on the emit_tags_as_label flag. TEST_F(MetricsServiceSinkTest, ReportMetricsWithTags) { - auto counter = std::make_shared>(); - counter->name_ = "full-counter-name"; - counter->value_ = 100; - counter->used_ = true; - counter->setTagExtractedName("tag-counter-name"); - counter->setTags({{"a", "b"}}); - snapshot_.counters_.push_back({1, *counter}); - - auto gauge = std::make_shared>(); - gauge->name_ = "full-gauge-name"; - gauge->value_ = 100; - gauge->used_ = true; - gauge->setTagExtractedName("tag-gauge-name"); - gauge->setTags({{"a", "b"}}); - snapshot_.gauges_.push_back({*gauge}); - - auto histogram = std::make_shared>(); - histogram->name_ = "full-histogram-name"; - histogram->used_ = true; - histogram->setTagExtractedName("tag-histogram-name"); - histogram->setTags({{"a", "b"}}); - snapshot_.histograms_.push_back({*histogram}); + addCounterToSnapshot("full-counter-name", 1, 100); + counter_storage_.back()->setTagExtractedName("tag-counter-name"); + counter_storage_.back()->setTags({{"a", "b"}}); + + addGaugeToSnapshot("full-gauge-name", 100); + gauge_storage_.back()->setTagExtractedName("tag-gauge-name"); + gauge_storage_.back()->setTags({{"a", "b"}}); + + addHistogramToSnapshot("full-histogram-name"); + histogram_storage_.back()->setTagExtractedName("tag-histogram-name"); + histogram_storage_.back()->setTags({{"a", "b"}}); { // When the emit_tags flag is false, we don't emit the tags and use the full name. @@ -282,6 +268,30 @@ TEST_F(MetricsServiceSinkTest, ReportMetricsWithTags) { sink.flush(snapshot_); } +TEST_F(MetricsServiceSinkTest, FlushPredicate) { + addCounterToSnapshot("used_counter", 100, 1); + addCounterToSnapshot("unused_counter", 100, 1, false); + + // Default predicate only accepts used metrics. + { + MetricsFlusher flusher(true, true); + auto metrics = flusher.flush(snapshot_); + EXPECT_EQ(1, metrics->size()); + } + + // Using a predicate that accepts all metrics, we'd flush both metrics. + { + MetricsFlusher flusher(true, true, [](const auto&) { return true; }); + auto metrics = flusher.flush(snapshot_); + EXPECT_EQ(2, metrics->size()); + } + + // Using a predicate that rejects all metrics, we'd flush no metrics. + MetricsFlusher flusher(true, true, [](const auto&) { return false; }); + auto metrics = flusher.flush(snapshot_); + EXPECT_EQ(0, metrics->size()); +} + } // namespace } // namespace MetricsService } // namespace StatSinks diff --git a/test/extensions/stats_sinks/metrics_service/metrics_service_integration_test.cc b/test/extensions/stats_sinks/metrics_service/metrics_service_integration_test.cc index e325e04d5037..2f43d87e8cc7 100644 --- a/test/extensions/stats_sinks/metrics_service/metrics_service_integration_test.cc +++ b/test/extensions/stats_sinks/metrics_service/metrics_service_integration_test.cc @@ -2,10 +2,10 @@ #include "envoy/config/metrics/v3/metrics_service.pb.h" #include "envoy/service/metrics/v3/metrics_service.pb.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/stats/histogram_impl.h" -#include "common/version/version.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/version/version.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -21,12 +21,11 @@ namespace { class MetricsServiceIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - MetricsServiceIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + MetricsServiceIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void createUpstreams() override { HttpIntegrationTest::createUpstreams(); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void initialize() override { diff --git a/test/extensions/stats_sinks/statsd/BUILD b/test/extensions/stats_sinks/statsd/BUILD index b1c56f0466d8..763e189dd523 100644 --- a/test/extensions/stats_sinks/statsd/BUILD +++ b/test/extensions/stats_sinks/statsd/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.stat_sinks.statsd", deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/protobuf:utility_lib", "//source/extensions/stat_sinks/statsd:config", "//test/mocks/server:instance_mocks", diff --git a/test/extensions/stats_sinks/statsd/config_test.cc b/test/extensions/stats_sinks/statsd/config_test.cc index 398ec890fc56..cbf1c02d6030 100644 --- a/test/extensions/stats_sinks/statsd/config_test.cc +++ b/test/extensions/stats_sinks/statsd/config_test.cc @@ -3,12 +3,11 @@ #include "envoy/network/address.h" #include "envoy/registry/registry.h" -#include "common/config/well_known_names.h" -#include "common/protobuf/utility.h" - -#include "extensions/stat_sinks/common/statsd/statsd.h" -#include "extensions/stat_sinks/statsd/config.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/config/well_known_names.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/stat_sinks/common/statsd/statsd.h" +#include "source/extensions/stat_sinks/statsd/config.h" +#include "source/extensions/stat_sinks/well_known_names.h" #include "test/mocks/server/instance.h" #include "test/test_common/environment.h" diff --git a/test/extensions/stats_sinks/wasm/config_test.cc b/test/extensions/stats_sinks/wasm/config_test.cc index 04d159cf541b..0887d1b1ecb1 100644 --- a/test/extensions/stats_sinks/wasm/config_test.cc +++ b/test/extensions/stats_sinks/wasm/config_test.cc @@ -1,12 +1,11 @@ #include "envoy/extensions/stat_sinks/wasm/v3/wasm.pb.validate.h" #include "envoy/registry/registry.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/common/wasm/wasm.h" -#include "extensions/stat_sinks/wasm/config.h" -#include "extensions/stat_sinks/wasm/wasm_stat_sink_impl.h" -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/common/wasm/wasm.h" +#include "source/extensions/stat_sinks/wasm/config.h" +#include "source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h" +#include "source/extensions/stat_sinks/well_known_names.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/server/mocks.h" diff --git a/test/extensions/stats_sinks/wasm/test_data/BUILD b/test/extensions/stats_sinks/wasm/test_data/BUILD index d3458434aec8..f2dca30447bc 100644 --- a/test/extensions/stats_sinks/wasm/test_data/BUILD +++ b/test/extensions/stats_sinks/wasm/test_data/BUILD @@ -19,7 +19,6 @@ envoy_cc_library( deps = [ "//source/extensions/common/wasm:wasm_hdr", "//source/extensions/common/wasm:wasm_lib", - "//source/extensions/common/wasm:well_known_names", "//source/extensions/common/wasm/ext:envoy_null_plugin", ], ) diff --git a/test/extensions/stats_sinks/wasm/test_data/test_context_cpp.cc b/test/extensions/stats_sinks/wasm/test_data/test_context_cpp.cc index 1491d1512464..7350cca93f3c 100644 --- a/test/extensions/stats_sinks/wasm/test_data/test_context_cpp.cc +++ b/test/extensions/stats_sinks/wasm/test_data/test_context_cpp.cc @@ -7,7 +7,7 @@ #include "proxy_wasm_intrinsics.h" #include "source/extensions/common/wasm/ext/envoy_proxy_wasm_api.h" #else -#include "extensions/common/wasm/ext/envoy_null_plugin.h" +#include "source/extensions/common/wasm/ext/envoy_null_plugin.h" #endif START_WASM_PLUGIN(CommonWasmTestContextCpp) diff --git a/test/extensions/stats_sinks/wasm/wasm_stat_sink_test.cc b/test/extensions/stats_sinks/wasm/wasm_stat_sink_test.cc index a87170efe692..4bda7d8e9d97 100644 --- a/test/extensions/stats_sinks/wasm/wasm_stat_sink_test.cc +++ b/test/extensions/stats_sinks/wasm/wasm_stat_sink_test.cc @@ -1,6 +1,6 @@ #include "envoy/server/lifecycle_notifier.h" -#include "extensions/common/wasm/wasm.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/extensions/common/wasm/wasm_runtime.h" #include "test/mocks/upstream/mocks.h" @@ -22,9 +22,9 @@ class TestContext : public ::Envoy::Extensions::Common::Wasm::Context { using ::Envoy::Extensions::Common::Wasm::Context::Context; ~TestContext() override = default; using ::Envoy::Extensions::Common::Wasm::Context::log; - proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { - std::cerr << std::string(message) << "\n"; - log_(static_cast(level), message); + proxy_wasm::WasmResult log(uint32_t level, std::string_view message) override { + std::cerr << message << "\n"; + log_(static_cast(level), toAbslStringView(message)); Extensions::Common::Wasm::Context::log(static_cast(level), message); return proxy_wasm::WasmResult::Ok; } diff --git a/test/extensions/tracers/common/ot/opentracing_driver_impl_test.cc b/test/extensions/tracers/common/ot/opentracing_driver_impl_test.cc index 1c7a49fe4255..f0cda348224e 100644 --- a/test/extensions/tracers/common/ot/opentracing_driver_impl_test.cc +++ b/test/extensions/tracers/common/ot/opentracing_driver_impl_test.cc @@ -1,6 +1,6 @@ #include -#include "extensions/tracers/common/ot/opentracing_driver_impl.h" +#include "source/extensions/tracers/common/ot/opentracing_driver_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/extensions/tracers/datadog/config_test.cc b/test/extensions/tracers/datadog/config_test.cc index b59100420431..38b39d11439e 100644 --- a/test/extensions/tracers/datadog/config_test.cc +++ b/test/extensions/tracers/datadog/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/trace/v3/datadog.pb.validate.h" #include "envoy/config/trace/v3/http_tracer.pb.h" -#include "extensions/tracers/datadog/config.h" +#include "source/extensions/tracers/datadog/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" diff --git a/test/extensions/tracers/datadog/datadog_tracer_impl_test.cc b/test/extensions/tracers/datadog/datadog_tracer_impl_test.cc index 6ab6d15075aa..9018a16bd497 100644 --- a/test/extensions/tracers/datadog/datadog_tracer_impl_test.cc +++ b/test/extensions/tracers/datadog/datadog_tracer_impl_test.cc @@ -5,14 +5,13 @@ #include "envoy/config/trace/v3/datadog.pb.h" -#include "common/common/base64.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/datadog/datadog_tracer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/datadog/datadog_tracer_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/extensions/tracers/dynamic_ot/config_test.cc b/test/extensions/tracers/dynamic_ot/config_test.cc index 3ccabd8b3a3b..52b3dd02aa21 100644 --- a/test/extensions/tracers/dynamic_ot/config_test.cc +++ b/test/extensions/tracers/dynamic_ot/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/trace/v3/dynamic_ot.pb.validate.h" #include "envoy/config/trace/v3/http_tracer.pb.h" -#include "extensions/tracers/dynamic_ot/config.h" +#include "source/extensions/tracers/dynamic_ot/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" diff --git a/test/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl_test.cc b/test/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl_test.cc index 775270a09b69..49c64a013ce3 100644 --- a/test/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl_test.cc +++ b/test/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl_test.cc @@ -1,8 +1,7 @@ #include -#include "common/http/header_map_impl.h" - -#include "extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/extensions/tracers/dynamic_ot/dynamic_opentracing_driver_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/extensions/tracers/lightstep/config_test.cc b/test/extensions/tracers/lightstep/config_test.cc index a490959a6b05..2e290d88edde 100644 --- a/test/extensions/tracers/lightstep/config_test.cc +++ b/test/extensions/tracers/lightstep/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/trace/v3/lightstep.pb.h" #include "envoy/config/trace/v3/lightstep.pb.validate.h" -#include "extensions/tracers/lightstep/config.h" +#include "source/extensions/tracers/lightstep/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" @@ -10,7 +10,6 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" -using testing::Eq; using testing::NiceMock; using testing::Return; diff --git a/test/extensions/tracers/lightstep/lightstep_tracer_impl_test.cc b/test/extensions/tracers/lightstep/lightstep_tracer_impl_test.cc index 3d49ba486de6..5fce7e07e4d5 100644 --- a/test/extensions/tracers/lightstep/lightstep_tracer_impl_test.cc +++ b/test/extensions/tracers/lightstep/lightstep_tracer_impl_test.cc @@ -5,16 +5,15 @@ #include "envoy/config/trace/v3/lightstep.pb.h" -#include "common/common/base64.h" -#include "common/grpc/common.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/lightstep/lightstep_tracer_impl.h" +#include "source/common/common/base64.h" +#include "source/common/grpc/common.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/lightstep/lightstep_tracer_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" @@ -34,7 +33,6 @@ using testing::_; using testing::AtLeast; using testing::DoAll; -using testing::Eq; using testing::Invoke; using testing::NiceMock; using testing::Return; diff --git a/test/extensions/tracers/opencensus/config_test.cc b/test/extensions/tracers/opencensus/config_test.cc index ecb6b5d99c1c..e6fe23920dbb 100644 --- a/test/extensions/tracers/opencensus/config_test.cc +++ b/test/extensions/tracers/opencensus/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/opencensus.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/tracers/opencensus/config.h" +#include "source/extensions/tracers/opencensus/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" diff --git a/test/extensions/tracers/opencensus/tracer_test.cc b/test/extensions/tracers/opencensus/tracer_test.cc index 67cba33bfb85..b642bfac2d6f 100644 --- a/test/extensions/tracers/opencensus/tracer_test.cc +++ b/test/extensions/tracers/opencensus/tracer_test.cc @@ -7,9 +7,8 @@ #include "envoy/config/trace/v3/opencensus.pb.h" -#include "common/common/base64.h" - -#include "extensions/tracers/opencensus/opencensus_tracer_impl.h" +#include "source/common/common/base64.h" +#include "source/extensions/tracers/opencensus/opencensus_tracer_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" diff --git a/test/extensions/tracers/skywalking/config_test.cc b/test/extensions/tracers/skywalking/config_test.cc index f865525e09a3..a81b1d376900 100644 --- a/test/extensions/tracers/skywalking/config_test.cc +++ b/test/extensions/tracers/skywalking/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/trace/v3/skywalking.pb.h" #include "envoy/config/trace/v3/skywalking.pb.validate.h" -#include "extensions/tracers/skywalking/config.h" +#include "source/extensions/tracers/skywalking/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" diff --git a/test/extensions/tracers/skywalking/skywalking_test_helper.h b/test/extensions/tracers/skywalking/skywalking_test_helper.h index 51b25531d2d0..7af27e5a0c07 100644 --- a/test/extensions/tracers/skywalking/skywalking_test_helper.h +++ b/test/extensions/tracers/skywalking/skywalking_test_helper.h @@ -1,8 +1,7 @@ #pragma once -#include "common/common/base64.h" -#include "common/common/hex.h" - +#include "source/common/common/base64.h" +#include "source/common/common/hex.h" #include "source/tracing_context_impl.h" #include "test/test_common/utility.h" diff --git a/test/extensions/tracers/skywalking/skywalking_tracer_impl_test.cc b/test/extensions/tracers/skywalking/skywalking_tracer_impl_test.cc index 985c366ea1b9..83efd4ed1180 100644 --- a/test/extensions/tracers/skywalking/skywalking_tracer_impl_test.cc +++ b/test/extensions/tracers/skywalking/skywalking_tracer_impl_test.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/skywalking/skywalking_tracer_impl.h" +#include "source/extensions/tracers/skywalking/skywalking_tracer_impl.h" #include "test/extensions/tracers/skywalking/skywalking_test_helper.h" #include "test/mocks/common.h" diff --git a/test/extensions/tracers/skywalking/trace_segment_reporter_test.cc b/test/extensions/tracers/skywalking/trace_segment_reporter_test.cc index 8026d8d6d7af..51f41313caa7 100644 --- a/test/extensions/tracers/skywalking/trace_segment_reporter_test.cc +++ b/test/extensions/tracers/skywalking/trace_segment_reporter_test.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/skywalking/trace_segment_reporter.h" +#include "source/extensions/tracers/skywalking/trace_segment_reporter.h" #include "test/extensions/tracers/skywalking/skywalking_test_helper.h" #include "test/mocks/common.h" diff --git a/test/extensions/tracers/skywalking/tracer_test.cc b/test/extensions/tracers/skywalking/tracer_test.cc index 26b68d4c73fa..53f6a1d66eb3 100644 --- a/test/extensions/tracers/skywalking/tracer_test.cc +++ b/test/extensions/tracers/skywalking/tracer_test.cc @@ -1,6 +1,5 @@ -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/skywalking/tracer.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/skywalking/tracer.h" #include "test/extensions/tracers/skywalking/skywalking_test_helper.h" #include "test/mocks/common.h" diff --git a/test/extensions/tracers/xray/config_test.cc b/test/extensions/tracers/xray/config_test.cc index 26b613eaec3a..ef146def35bb 100644 --- a/test/extensions/tracers/xray/config_test.cc +++ b/test/extensions/tracers/xray/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/xray.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/tracers/xray/config.h" +#include "source/extensions/tracers/xray/config.h" #include "test/mocks/server/instance.h" #include "test/mocks/server/tracer_factory.h" diff --git a/test/extensions/tracers/xray/fuzz_test.cc b/test/extensions/tracers/xray/fuzz_test.cc index cbec8697ea8b..f338be4080c7 100644 --- a/test/extensions/tracers/xray/fuzz_test.cc +++ b/test/extensions/tracers/xray/fuzz_test.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/util.h" +#include "source/extensions/tracers/xray/util.h" #include "test/fuzz/fuzz_runner.h" diff --git a/test/extensions/tracers/xray/localized_sampling_test.cc b/test/extensions/tracers/xray/localized_sampling_test.cc index d6056d7c6a3a..c52fc80703fb 100644 --- a/test/extensions/tracers/xray/localized_sampling_test.cc +++ b/test/extensions/tracers/xray/localized_sampling_test.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/localized_sampling.h" +#include "source/extensions/tracers/xray/localized_sampling.h" #include "test/mocks/common.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/extensions/tracers/xray/tracer_test.cc b/test/extensions/tracers/xray/tracer_test.cc index 3ff68ddbdddc..51c8a5ef66cd 100644 --- a/test/extensions/tracers/xray/tracer_test.cc +++ b/test/extensions/tracers/xray/tracer_test.cc @@ -3,12 +3,10 @@ #include "envoy/common/time.h" -#include "common/protobuf/utility.h" - +#include "source/common/protobuf/utility.h" #include "source/extensions/tracers/xray/daemon.pb.h" - -#include "extensions/tracers/xray/tracer.h" -#include "extensions/tracers/xray/xray_configuration.h" +#include "source/extensions/tracers/xray/tracer.h" +#include "source/extensions/tracers/xray/xray_configuration.h" #include "test/mocks/server/instance.h" #include "test/mocks/tracing/mocks.h" diff --git a/test/extensions/tracers/xray/util_test.cc b/test/extensions/tracers/xray/util_test.cc index 9a5622dd4653..9e06ad8828d3 100644 --- a/test/extensions/tracers/xray/util_test.cc +++ b/test/extensions/tracers/xray/util_test.cc @@ -1,4 +1,4 @@ -#include "extensions/tracers/xray/util.h" +#include "source/extensions/tracers/xray/util.h" #include "gtest/gtest.h" diff --git a/test/extensions/tracers/xray/xray_tracer_impl_test.cc b/test/extensions/tracers/xray/xray_tracer_impl_test.cc index ecfcd97767fc..ba64f355aa97 100644 --- a/test/extensions/tracers/xray/xray_tracer_impl_test.cc +++ b/test/extensions/tracers/xray/xray_tracer_impl_test.cc @@ -1,8 +1,8 @@ #include -#include "extensions/tracers/xray/tracer.h" -#include "extensions/tracers/xray/xray_configuration.h" -#include "extensions/tracers/xray/xray_tracer_impl.h" +#include "source/extensions/tracers/xray/tracer.h" +#include "source/extensions/tracers/xray/xray_configuration.h" +#include "source/extensions/tracers/xray/xray_tracer_impl.h" #include "test/mocks/server/tracer_factory_context.h" #include "test/mocks/thread_local/mocks.h" diff --git a/test/extensions/tracers/zipkin/BUILD b/test/extensions/tracers/zipkin/BUILD index 9bd108b3801f..81e5dcae4c08 100644 --- a/test/extensions/tracers/zipkin/BUILD +++ b/test/extensions/tracers/zipkin/BUILD @@ -23,8 +23,8 @@ envoy_extension_cc_test( extension_name = "envoy.tracers.zipkin", external_deps = ["abseil_optional"], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/common:time_interface", + "//envoy/runtime:runtime_interface", "//source/common/common:hex_lib", "//source/common/common:utility_lib", "//source/common/network:address_lib", diff --git a/test/extensions/tracers/zipkin/config_test.cc b/test/extensions/tracers/zipkin/config_test.cc index 945a0e172d44..c3f9a71e46e6 100644 --- a/test/extensions/tracers/zipkin/config_test.cc +++ b/test/extensions/tracers/zipkin/config_test.cc @@ -3,7 +3,7 @@ #include "envoy/config/trace/v3/zipkin.pb.validate.h" #include "envoy/registry/registry.h" -#include "extensions/tracers/zipkin/config.h" +#include "source/extensions/tracers/zipkin/config.h" #include "test/mocks/server/tracer_factory.h" #include "test/mocks/server/tracer_factory_context.h" diff --git a/test/extensions/tracers/zipkin/span_buffer_test.cc b/test/extensions/tracers/zipkin/span_buffer_test.cc index 9af90529a713..9ccb9c7b3fc0 100644 --- a/test/extensions/tracers/zipkin/span_buffer_test.cc +++ b/test/extensions/tracers/zipkin/span_buffer_test.cc @@ -1,10 +1,9 @@ #include "envoy/config/trace/v3/zipkin.pb.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" - -#include "extensions/tracers/zipkin/span_buffer.h" -#include "extensions/tracers/zipkin/util.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/extensions/tracers/zipkin/span_buffer.h" +#include "source/extensions/tracers/zipkin/util.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" diff --git a/test/extensions/tracers/zipkin/span_context_extractor_test.cc b/test/extensions/tracers/zipkin/span_context_extractor_test.cc index 17977d4451c9..1b6f41bf6ea0 100644 --- a/test/extensions/tracers/zipkin/span_context_extractor_test.cc +++ b/test/extensions/tracers/zipkin/span_context_extractor_test.cc @@ -1,7 +1,6 @@ -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/zipkin/span_context.h" -#include "extensions/tracers/zipkin/span_context_extractor.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/zipkin/span_context.h" +#include "source/extensions/tracers/zipkin/span_context_extractor.h" #include "test/test_common/utility.h" diff --git a/test/extensions/tracers/zipkin/tracer_test.cc b/test/extensions/tracers/zipkin/tracer_test.cc index 0aa869154e4f..5ec104e2679c 100644 --- a/test/extensions/tracers/zipkin/tracer_test.cc +++ b/test/extensions/tracers/zipkin/tracer_test.cc @@ -1,11 +1,10 @@ -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/runtime/runtime_impl.h" - -#include "extensions/tracers/zipkin/tracer.h" -#include "extensions/tracers/zipkin/util.h" -#include "extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/extensions/tracers/zipkin/tracer.h" +#include "source/extensions/tracers/zipkin/util.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" #include "test/mocks/common.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/extensions/tracers/zipkin/zipkin_core_types_test.cc b/test/extensions/tracers/zipkin/zipkin_core_types_test.cc index cc4470820f24..c31407a161e5 100644 --- a/test/extensions/tracers/zipkin/zipkin_core_types_test.cc +++ b/test/extensions/tracers/zipkin/zipkin_core_types_test.cc @@ -1,9 +1,8 @@ -#include "common/common/utility.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" - -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_core_types.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_core_types.h" #include "test/test_common/simulated_time_system.h" #include "test/test_common/utility.h" diff --git a/test/extensions/tracers/zipkin/zipkin_tracer_impl_test.cc b/test/extensions/tracers/zipkin/zipkin_tracer_impl_test.cc index 07fe8035ab3e..059fb6063a0b 100644 --- a/test/extensions/tracers/zipkin/zipkin_tracer_impl_test.cc +++ b/test/extensions/tracers/zipkin/zipkin_tracer_impl_test.cc @@ -5,14 +5,13 @@ #include "envoy/config/trace/v3/zipkin.pb.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/message_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/tracing/http_tracer_impl.h" - -#include "extensions/tracers/zipkin/zipkin_core_constants.h" -#include "extensions/tracers/zipkin/zipkin_tracer_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/message_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/tracing/http_tracer_impl.h" +#include "source/extensions/tracers/zipkin/zipkin_core_constants.h" +#include "source/extensions/tracers/zipkin/zipkin_tracer_impl.h" #include "test/mocks/http/mocks.h" #include "test/mocks/local_info/mocks.h" @@ -29,7 +28,6 @@ using testing::_; using testing::DoAll; -using testing::Eq; using testing::Invoke; using testing::NiceMock; using testing::Return; diff --git a/test/extensions/transport_sockets/alts/BUILD b/test/extensions/transport_sockets/alts/BUILD index 3c3234d59ebb..2abf137535c3 100644 --- a/test/extensions/transport_sockets/alts/BUILD +++ b/test/extensions/transport_sockets/alts/BUILD @@ -40,7 +40,7 @@ envoy_extension_cc_test( srcs = ["tsi_handshaker_test.cc"], extension_name = "envoy.transport_sockets.alts", deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/extensions/transport_sockets/alts:tsi_handshaker", "//test/mocks/buffer:buffer_mocks", "//test/mocks/event:event_mocks", @@ -52,7 +52,7 @@ envoy_extension_cc_test( srcs = ["tsi_socket_test.cc"], extension_name = "envoy.transport_sockets.alts", deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", "//source/extensions/transport_sockets/alts:tsi_socket", "//test/mocks/buffer:buffer_mocks", "//test/mocks/event:event_mocks", diff --git a/test/extensions/transport_sockets/alts/alts_integration_test.cc b/test/extensions/transport_sockets/alts/alts_integration_test.cc index 283ce7cf835f..29e05f41efe4 100644 --- a/test/extensions/transport_sockets/alts/alts_integration_test.cc +++ b/test/extensions/transport_sockets/alts/alts_integration_test.cc @@ -1,10 +1,9 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/transport_sockets/alts/v3/alts.pb.h" -#include "common/common/thread.h" - -#include "extensions/transport_sockets/alts/config.h" -#include "extensions/transport_sockets/alts/tsi_socket.h" +#include "source/common/common/thread.h" +#include "source/extensions/transport_sockets/alts/config.h" +#include "source/extensions/transport_sockets/alts/tsi_socket.h" #ifdef major #undef major @@ -61,12 +60,14 @@ class CapturingHandshakerService : public grpc::gcp::HandshakerService::Service while (stream->Read(&request)) { if (request.has_client_start()) { client_versions = request.client_start().rpc_versions(); + client_max_frame_size = request.client_start().max_frame_size(); // Sets response to make first request successful. response.set_out_frames(kClientInitFrame); response.set_bytes_consumed(0); response.mutable_status()->set_code(grpc::StatusCode::OK); } else if (request.has_server_start()) { server_versions = request.server_start().rpc_versions(); + server_max_frame_size = request.server_start().max_frame_size(); response.mutable_status()->set_code(grpc::StatusCode::CANCELLED); } stream->Write(response); @@ -82,9 +83,8 @@ class CapturingHandshakerService : public grpc::gcp::HandshakerService::Service grpc::gcp::RpcProtocolVersions client_versions; grpc::gcp::RpcProtocolVersions server_versions; - // TODO(yihuazhang): Test maximum frame size stored in handshake messages - // after updating test/core/tsi/alts/fake_handshaker/handshaker.proto to - // support maximum frame size negotiation. + size_t client_max_frame_size{0}; + size_t server_max_frame_size{0}; }; class AltsIntegrationTestBase : public Event::TestUsingSimulatedTime, @@ -94,7 +94,7 @@ class AltsIntegrationTestBase : public Event::TestUsingSimulatedTime, AltsIntegrationTestBase(const std::string& server_peer_identity, const std::string& client_peer_identity, bool server_connect_handshaker, bool client_connect_handshaker, bool capturing_handshaker = false) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()), + : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()), server_peer_identity_(server_peer_identity), client_peer_identity_(client_peer_identity), server_connect_handshaker_(server_connect_handshaker), client_connect_handshaker_(client_connect_handshaker), @@ -179,19 +179,19 @@ class AltsIntegrationTestBase : public Event::TestUsingSimulatedTime, fake_handshaker_server_thread_->join(); } - Network::ClientConnectionPtr makeAltsConnection() { - Network::Address::InstanceConstSharedPtr address = getAddress(version_, lookupPort("http")); + Network::TransportSocketPtr makeAltsTransportSocket() { auto client_transport_socket = client_alts_->createTransportSocket(nullptr); client_tsi_socket_ = dynamic_cast(client_transport_socket.get()); client_tsi_socket_->setActualFrameSizeToUse(16384); client_tsi_socket_->setFrameOverheadSize(4); - return dispatcher_->createClientConnection(address, Network::Address::InstanceConstSharedPtr(), - std::move(client_transport_socket), nullptr); + return client_transport_socket; } - void verifyActualFrameSizeToUse() { - EXPECT_NE(client_tsi_socket_, nullptr); - EXPECT_EQ(client_tsi_socket_->actualFrameSizeToUse(), 16384); + Network::ClientConnectionPtr makeAltsConnection() { + auto client_transport_socket = makeAltsTransportSocket(); + Network::Address::InstanceConstSharedPtr address = getAddress(version_, lookupPort("http")); + return dispatcher_->createClientConnection(address, Network::Address::InstanceConstSharedPtr(), + std::move(client_transport_socket), nullptr); } std::string fakeHandshakerServerAddress(bool connect_to_handshaker) { @@ -246,7 +246,21 @@ TEST_P(AltsIntegrationTestValidPeer, RouterRequestAndResponseWithBodyNoBuffer) { return makeAltsConnection(); }; testRouterRequestAndResponseWithBody(1024, 512, false, false, &creator); - verifyActualFrameSizeToUse(); +} + +TEST_P(AltsIntegrationTestValidPeer, RouterRequestAndResponseWithBodyRawHttp) { + autonomous_upstream_ = true; + initialize(); + std::string response; + sendRawHttpAndWaitForResponse(lookupPort("http"), + "GET / HTTP/1.1\r\n" + "Host: foo.com\r\n" + "Foo: bar\r\n" + "User-Agent: public\r\n" + "User-Agent: 123\r\n" + "Eep: baz\r\n\r\n", + &response, true, makeAltsTransportSocket()); + EXPECT_THAT(response, testing::StartsWith("HTTP/1.1 200 OK\r\n")); } class AltsIntegrationTestEmptyPeer : public AltsIntegrationTestBase { @@ -268,7 +282,6 @@ TEST_P(AltsIntegrationTestEmptyPeer, RouterRequestAndResponseWithBodyNoBuffer) { return makeAltsConnection(); }; testRouterRequestAndResponseWithBody(1024, 512, false, false, &creator); - verifyActualFrameSizeToUse(); } class AltsIntegrationTestClientInvalidPeer : public AltsIntegrationTestBase { @@ -371,6 +384,15 @@ TEST_P(AltsIntegrationTestCapturingHandshaker, CheckAltsVersion) { EXPECT_NE(0, capturing_handshaker_service_->client_versions.min_rpc_version().minor()); } +// Verifies that handshake request should include max frame size. +TEST_P(AltsIntegrationTestCapturingHandshaker, CheckMaxFrameSize) { + initialize(); + codec_client_ = makeRawHttpConnection(makeAltsConnection(), absl::nullopt); + EXPECT_FALSE(codec_client_->connected()); + EXPECT_EQ(capturing_handshaker_service_->client_max_frame_size, 16384); + EXPECT_EQ(capturing_handshaker_service_->server_max_frame_size, 16384); +} + } // namespace } // namespace Alts } // namespace TransportSockets diff --git a/test/extensions/transport_sockets/alts/config_test.cc b/test/extensions/transport_sockets/alts/config_test.cc index a3c233ad7822..625994ba5404 100644 --- a/test/extensions/transport_sockets/alts/config_test.cc +++ b/test/extensions/transport_sockets/alts/config_test.cc @@ -1,7 +1,6 @@ -#include "common/protobuf/protobuf.h" -#include "common/singleton/manager_impl.h" - -#include "extensions/transport_sockets/alts/config.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/singleton/manager_impl.h" +#include "source/extensions/transport_sockets/alts/config.h" #include "test/mocks/server/transport_socket_factory_context.h" diff --git a/test/extensions/transport_sockets/alts/noop_transport_socket_callbacks_test.cc b/test/extensions/transport_sockets/alts/noop_transport_socket_callbacks_test.cc index 5f3f31307192..a0179d1a651a 100644 --- a/test/extensions/transport_sockets/alts/noop_transport_socket_callbacks_test.cc +++ b/test/extensions/transport_sockets/alts/noop_transport_socket_callbacks_test.cc @@ -1,8 +1,7 @@ #include "envoy/network/transport_socket.h" -#include "common/network/io_socket_handle_impl.h" - -#include "extensions/transport_sockets/alts/noop_transport_socket_callbacks.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/extensions/transport_sockets/alts/noop_transport_socket_callbacks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/transport_sockets/alts/tsi_frame_protector_test.cc b/test/extensions/transport_sockets/alts/tsi_frame_protector_test.cc index 26e4941a626c..186fc012b411 100644 --- a/test/extensions/transport_sockets/alts/tsi_frame_protector_test.cc +++ b/test/extensions/transport_sockets/alts/tsi_frame_protector_test.cc @@ -1,6 +1,5 @@ -#include "common/buffer/buffer_impl.h" - -#include "extensions/transport_sockets/alts/tsi_frame_protector.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/transport_sockets/alts/tsi_frame_protector.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/extensions/transport_sockets/alts/tsi_handshaker_test.cc b/test/extensions/transport_sockets/alts/tsi_handshaker_test.cc index 0b1afa2e0acc..ded6f76c69b9 100644 --- a/test/extensions/transport_sockets/alts/tsi_handshaker_test.cc +++ b/test/extensions/transport_sockets/alts/tsi_handshaker_test.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/alts/tsi_handshaker.h" +#include "source/extensions/transport_sockets/alts/tsi_handshaker.h" #include "test/mocks/event/mocks.h" diff --git a/test/extensions/transport_sockets/alts/tsi_socket_test.cc b/test/extensions/transport_sockets/alts/tsi_socket_test.cc index 046ff9d4032a..ab9def7ebff2 100644 --- a/test/extensions/transport_sockets/alts/tsi_socket_test.cc +++ b/test/extensions/transport_sockets/alts/tsi_socket_test.cc @@ -1,6 +1,6 @@ -#include "extensions/transport_sockets/alts/tsi_socket.h" +#include "source/extensions/transport_sockets/alts/tsi_socket.h" #include "test/mocks/network/mocks.h" @@ -171,8 +171,8 @@ class TsiSocketTest : public testing::Test { EXPECT_EQ(0L, client_.read_buffer_.length()); EXPECT_CALL(*server_.raw_socket_, doRead(_)); - EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doWrite(_, false)); + EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doRead(_)); expectIoResult({Network::PostIoAction::KeepOpen, 0UL, false}, server_.tsi_socket_->doRead(server_.read_buffer_)); @@ -342,8 +342,8 @@ TEST_F(TsiSocketTest, HandshakeWithUnusedData) { client_to_server_.add(makeFakeTsiFrame(ClientToServerData)); EXPECT_CALL(*server_.raw_socket_, doRead(_)); - EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doWrite(_, false)); + EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doRead(_)); expectIoResult({Network::PostIoAction::KeepOpen, 17UL, false}, server_.tsi_socket_->doRead(server_.read_buffer_)); @@ -378,8 +378,8 @@ TEST_F(TsiSocketTest, HandshakeWithUnusedDataAndEndOfStream) { buffer.move(client_to_server_); return result; })); - EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doWrite(_, false)); + EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); expectIoResult({Network::PostIoAction::KeepOpen, 17UL, true}, server_.tsi_socket_->doRead(server_.read_buffer_)); EXPECT_EQ(makeFakeTsiFrame("SERVER_FINISHED"), server_to_client_.toString()); @@ -841,7 +841,6 @@ TEST_F(TsiSocketTest, DoWriteOutstandingHandshakeData) { EXPECT_EQ(0L, client_.read_buffer_.length()); EXPECT_CALL(*server_.raw_socket_, doRead(_)); - EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); // Write the first part of handshake data (14 bytes). EXPECT_CALL(*server_.raw_socket_, doWrite(_, false)) @@ -850,6 +849,7 @@ TEST_F(TsiSocketTest, DoWriteOutstandingHandshakeData) { server_to_client_.move(buffer, 14); return result; })); + EXPECT_CALL(server_.callbacks_, raiseEvent(Network::ConnectionEvent::Connected)); EXPECT_CALL(*server_.raw_socket_, doRead(_)); expectIoResult({Network::PostIoAction::KeepOpen, 0UL, false}, server_.tsi_socket_->doRead(server_.read_buffer_)); diff --git a/test/extensions/transport_sockets/common/passthrough_test.cc b/test/extensions/transport_sockets/common/passthrough_test.cc index cc983e0900e5..6dd45ae0f689 100644 --- a/test/extensions/transport_sockets/common/passthrough_test.cc +++ b/test/extensions/transport_sockets/common/passthrough_test.cc @@ -1,4 +1,4 @@ -#include "extensions/transport_sockets/common/passthrough.h" +#include "source/extensions/transport_sockets/common/passthrough.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/transport_sockets/proxy_protocol/BUILD b/test/extensions/transport_sockets/proxy_protocol/BUILD index 666da2fdb1d7..4f9e6c504b66 100644 --- a/test/extensions/transport_sockets/proxy_protocol/BUILD +++ b/test/extensions/transport_sockets/proxy_protocol/BUILD @@ -16,7 +16,7 @@ envoy_extension_cc_test( srcs = ["proxy_protocol_test.cc"], extension_name = "envoy.transport_sockets.upstream_proxy_protocol", deps = [ - "//include/envoy/network:proxy_protocol_options_lib", + "//envoy/network:proxy_protocol_options_lib", "//source/extensions/common/proxy_protocol:proxy_protocol_header_lib", "//source/extensions/transport_sockets/proxy_protocol:upstream_proxy_protocol", "//test/mocks/buffer:buffer_mocks", @@ -34,6 +34,7 @@ envoy_extension_cc_test( deps = [ "//source/extensions/filters/network/tcp_proxy:config", "//source/extensions/transport_sockets/proxy_protocol:upstream_config", + "//test/integration:http_integration_lib", "//test/integration:integration_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/proxy_protocol/v3:pkg_cc_proto", diff --git a/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_integration_test.cc b/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_integration_test.cc index 7e0f40d136c0..8e523717c301 100644 --- a/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_integration_test.cc +++ b/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_integration_test.cc @@ -3,15 +3,16 @@ #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.pb.h" +#include "test/integration/http_integration.h" #include "test/integration/integration.h" namespace Envoy { namespace { -class ProxyProtocolIntegrationTest : public testing::TestWithParam, - public BaseIntegrationTest { +class ProxyProtocolTcpIntegrationTest : public testing::TestWithParam, + public BaseIntegrationTest { public: - ProxyProtocolIntegrationTest() + ProxyProtocolTcpIntegrationTest() : BaseIntegrationTest(GetParam(), ConfigHelper::tcpProxyConfig()) {} void TearDown() override { @@ -70,12 +71,12 @@ class ProxyProtocolIntegrationTest : public testing::TestWithParamwaitForDisconnect()); } -TEST_P(ProxyProtocolIntegrationTest, TestV1ProxyProtocolMultipleConnections) { +TEST_P(ProxyProtocolTcpIntegrationTest, TestV1ProxyProtocolMultipleConnections) { if (GetParam() != Network::Address::IpVersion::v4) { return; } @@ -136,7 +137,7 @@ TEST_P(ProxyProtocolIntegrationTest, TestV1ProxyProtocolMultipleConnections) { } // Test header is sent unencrypted using a TLS inner socket -TEST_P(ProxyProtocolIntegrationTest, TestTLSSocket) { +TEST_P(ProxyProtocolTcpIntegrationTest, TestTLSSocket) { setup(envoy::config::core::v3::ProxyProtocolConfig::V1, false, "envoy.transport_sockets.tls"); initialize(); @@ -159,7 +160,7 @@ TEST_P(ProxyProtocolIntegrationTest, TestTLSSocket) { } // Test sending proxy protocol health check -TEST_P(ProxyProtocolIntegrationTest, TestProxyProtocolHealthCheck) { +TEST_P(ProxyProtocolTcpIntegrationTest, TestProxyProtocolHealthCheck) { setup(envoy::config::core::v3::ProxyProtocolConfig::V1, true, "envoy.transport_sockets.raw_buffer"); FakeRawConnectionPtr fake_upstream_health_connection; @@ -183,7 +184,7 @@ TEST_P(ProxyProtocolIntegrationTest, TestProxyProtocolHealthCheck) { } // Test sending proxy protocol v2 -TEST_P(ProxyProtocolIntegrationTest, TestV2ProxyProtocol) { +TEST_P(ProxyProtocolTcpIntegrationTest, TestV2ProxyProtocol) { setup(envoy::config::core::v3::ProxyProtocolConfig::V2, false, "envoy.transport_sockets.raw_buffer"); initialize(); @@ -231,5 +232,171 @@ TEST_P(ProxyProtocolIntegrationTest, TestV2ProxyProtocol) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } +class ProxyProtocolHttpIntegrationTest : public testing::TestWithParam, + public HttpIntegrationTest { +public: + ProxyProtocolHttpIntegrationTest() + : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + + void TearDown() override { + test_server_.reset(); + fake_upstream_connection_.reset(); + fake_upstreams_.clear(); + } + + void setup(envoy::config::core::v3::ProxyProtocolConfig_Version version, bool health_checks, + std::string inner_socket) { + version_ = version; + health_checks_ = health_checks; + inner_socket_ = inner_socket; + } + + void initialize() override { + config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { + auto* transport_socket = + bootstrap.mutable_static_resources()->mutable_clusters(0)->mutable_transport_socket(); + transport_socket->set_name("envoy.transport_sockets.upstream_proxy_protocol"); + envoy::config::core::v3::TransportSocket inner_socket; + inner_socket.set_name(inner_socket_); + envoy::config::core::v3::ProxyProtocolConfig proxy_proto_config; + proxy_proto_config.set_version(version_); + envoy::extensions::transport_sockets::proxy_protocol::v3::ProxyProtocolUpstreamTransport + proxy_proto_transport; + proxy_proto_transport.mutable_transport_socket()->MergeFrom(inner_socket); + proxy_proto_transport.mutable_config()->MergeFrom(proxy_proto_config); + transport_socket->mutable_typed_config()->PackFrom(proxy_proto_transport); + + if (health_checks_) { + auto* cluster = bootstrap.mutable_static_resources()->mutable_clusters(0); + cluster->set_close_connections_on_host_health_failure(false); + cluster->mutable_common_lb_config()->mutable_healthy_panic_threshold()->set_value(0); + cluster->add_health_checks()->mutable_timeout()->set_seconds(20); + cluster->mutable_health_checks(0)->mutable_reuse_connection()->set_value(true); + cluster->mutable_health_checks(0)->mutable_interval()->set_seconds(1); + cluster->mutable_health_checks(0)->mutable_no_traffic_interval()->set_seconds(1); + cluster->mutable_health_checks(0)->mutable_unhealthy_threshold()->set_value(1); + cluster->mutable_health_checks(0)->mutable_healthy_threshold()->set_value(1); + cluster->mutable_health_checks(0)->mutable_http_health_check()->set_codec_client_type( + envoy::type::v3::HTTP1); + cluster->mutable_health_checks(0)->mutable_http_health_check()->set_path("/healthcheck"); + } + }); + BaseIntegrationTest::initialize(); + } + +private: + envoy::config::core::v3::ProxyProtocolConfig_Version version_; + bool health_checks_; + std::string inner_socket_; +}; + +INSTANTIATE_TEST_SUITE_P(IpVersions, ProxyProtocolHttpIntegrationTest, + testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), + TestUtility::ipTestParamsToString); + +// Test sending proxy protocol over http +TEST_P(ProxyProtocolHttpIntegrationTest, TestV1ProxyProtocol) { + setup(envoy::config::core::v3::ProxyProtocolConfig::V1, false, + "envoy.transport_sockets.raw_buffer"); + initialize(); + + auto tcp_client = makeTcpConnection(lookupPort("http")); + auto request = "GET / HTTP/1.1\r\nhost: host\r\n\r\n"; + ASSERT_TRUE(tcp_client->write(request, false)); + FakeRawConnectionPtr fake_upstream_raw_connection_; + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_raw_connection_)); + + std::string observed_data; + if (GetParam() == Network::Address::IpVersion::v4) { + ASSERT_TRUE(fake_upstream_raw_connection_->waitForData( + FakeRawConnection::waitForAtLeastBytes(70), &observed_data)); + EXPECT_THAT(observed_data, testing::StartsWith("PROXY TCP4 127.0.0.1 127.0.0.1 ")); + } else if (GetParam() == Network::Address::IpVersion::v6) { + ASSERT_TRUE(fake_upstream_raw_connection_->waitForData( + FakeRawConnection::waitForAtLeastBytes(58), &observed_data)); + EXPECT_THAT(observed_data, testing::StartsWith("PROXY TCP6 ::1 ::1 ")); + } + EXPECT_TRUE(absl::StrContains(observed_data, "GET / HTTP/1.1")); + EXPECT_TRUE(absl::StrContains(observed_data, "host: host")); + + auto response = "HTTP/1.1 200 OK\r\ncontent-length: 0\r\n\r\n"; + ASSERT_TRUE(fake_upstream_raw_connection_->write(response, false)); + tcp_client->waitForData("HTTP/1.1 200 OK\r\ncontent-length: 0", true); + + std::string delimiter = "\r\n"; + std::string after_proxy_proto_header = observed_data.substr( + observed_data.find(delimiter) + delimiter.length(), observed_data.length()); + + auto previous_data = observed_data; + observed_data.clear(); + ASSERT_TRUE(tcp_client->write(request, false)); + ASSERT_TRUE(fake_upstream_raw_connection_->waitForData( + previous_data.length() + after_proxy_proto_header.length(), &observed_data)); + ASSERT_TRUE(observed_data.length() == previous_data.length() + after_proxy_proto_header.length()); + tcp_client->close(); +} + +// Test sending proxy protocol over multiple http connections +TEST_P(ProxyProtocolHttpIntegrationTest, TestV1ProxyProtocolMultipleConnections) { + if (GetParam() != Network::Address::IpVersion::v4) { + return; + } + + setup(envoy::config::core::v3::ProxyProtocolConfig::V1, false, + "envoy.transport_sockets.raw_buffer"); + initialize(); + auto listener_port = lookupPort("http"); + auto tcp_client = makeTcpConnection(listener_port); + auto loopback2 = Network::Utility::resolveUrl("tcp://127.0.0.2:0"); + auto tcp_client2 = makeTcpConnection(listener_port, nullptr, loopback2); + + auto request = "GET / HTTP/1.1\r\nhost: host\r\n\r\n"; + ASSERT_TRUE(tcp_client->write(request, false)); + ASSERT_TRUE(tcp_client2->write(request, false)); + + FakeRawConnectionPtr conn1, conn2; + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(conn1)); + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(conn2)); + std::string data1, data2; + ASSERT_TRUE(conn1->waitForData(FakeRawConnection::waitForAtLeastBytes(48), &data1)); + ASSERT_TRUE(conn2->waitForData(FakeRawConnection::waitForAtLeastBytes(48), &data2)); + + std::string delimiter = "\r\n"; + std::string conn1_header = data1.substr(0, data1.find(delimiter)); + std::string conn2_header = data2.substr(0, data2.find(delimiter)); + + EXPECT_NE(conn1_header, conn2_header); + + tcp_client->close(); + tcp_client2->close(); +} + +// Test sending proxy protocol http health check +TEST_P(ProxyProtocolHttpIntegrationTest, TestProxyProtocolHealthCheck) { + setup(envoy::config::core::v3::ProxyProtocolConfig::V1, true, + "envoy.transport_sockets.raw_buffer"); + FakeRawConnectionPtr fake_upstream_health_connection; + on_server_init_function_ = [&](void) -> void { + std::string observed_data; + ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_health_connection)); + if (GetParam() == Network::Address::IpVersion::v4) { + ASSERT_TRUE(fake_upstream_health_connection->waitForData( + FakeRawConnection::waitForAtLeastBytes(48), &observed_data)); + EXPECT_THAT(observed_data, testing::StartsWith("PROXY TCP4 127.0.0.1 127.0.0.1 ")); + } else if (GetParam() == Network::Address::IpVersion::v6) { + ASSERT_TRUE(fake_upstream_health_connection->waitForData( + FakeRawConnection::waitForAtLeastBytes(36), &observed_data)); + EXPECT_THAT(observed_data, testing::StartsWith("PROXY TCP6 ::1 ::1 ")); + } + auto response = "HTTP/1.1 200 OK\r\ncontent-length: 0\r\n\r\n"; + ASSERT_TRUE(fake_upstream_health_connection->write(response)); + }; + + initialize(); + + ASSERT_TRUE(fake_upstream_health_connection->close()); + ASSERT_TRUE(fake_upstream_health_connection->waitForDisconnect()); +} + } // namespace } // namespace Envoy diff --git a/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_test.cc b/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_test.cc index d23ad4a8961f..eed0cc8ee1f7 100644 --- a/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_test.cc +++ b/test/extensions/transport_sockets/proxy_protocol/proxy_protocol_test.cc @@ -1,12 +1,11 @@ #include "envoy/config/core/v3/proxy_protocol.pb.h" #include "envoy/network/proxy_protocol.h" -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/transport_socket_options_impl.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" -#include "extensions/transport_sockets/proxy_protocol/proxy_protocol.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/extensions/transport_sockets/proxy_protocol/proxy_protocol.h" #include "test/mocks/buffer/mocks.h" #include "test/mocks/network/io_handle.h" diff --git a/test/extensions/transport_sockets/starttls/starttls_integration_test.cc b/test/extensions/transport_sockets/starttls/starttls_integration_test.cc index 54394a8881ec..9ee6e9ad3b3f 100644 --- a/test/extensions/transport_sockets/starttls/starttls_integration_test.cc +++ b/test/extensions/transport_sockets/starttls/starttls_integration_test.cc @@ -3,10 +3,9 @@ #include "envoy/network/filter.h" #include "envoy/server/filter_config.h" -#include "common/network/connection_impl.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/transport_sockets/raw_buffer/config.h" +#include "source/common/network/connection_impl.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/transport_sockets/raw_buffer/config.h" #include "test/config/utility.h" #include "test/extensions/transport_sockets/starttls/starttls_integration_test.pb.h" diff --git a/test/extensions/transport_sockets/starttls/starttls_socket_test.cc b/test/extensions/transport_sockets/starttls/starttls_socket_test.cc index 28f51201395b..4a69c58f17a3 100644 --- a/test/extensions/transport_sockets/starttls/starttls_socket_test.cc +++ b/test/extensions/transport_sockets/starttls/starttls_socket_test.cc @@ -5,9 +5,8 @@ #include "envoy/extensions/transport_sockets/starttls/v3/starttls.pb.validate.h" #include "envoy/network/connection.h" -#include "common/network/transport_socket_options_impl.h" - -#include "extensions/transport_sockets/starttls/starttls_socket.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/extensions/transport_sockets/starttls/starttls_socket.h" #include "test/mocks/network/mocks.h" #include "test/mocks/network/transport_socket.h" diff --git a/test/extensions/transport_sockets/starttls/upstream_starttls_integration_test.cc b/test/extensions/transport_sockets/starttls/upstream_starttls_integration_test.cc index d00af9e2389a..ef6fa8c257c9 100644 --- a/test/extensions/transport_sockets/starttls/upstream_starttls_integration_test.cc +++ b/test/extensions/transport_sockets/starttls/upstream_starttls_integration_test.cc @@ -1,12 +1,11 @@ #include "envoy/network/filter.h" #include "envoy/server/filter_config.h" -#include "common/network/connection_impl.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/transport_sockets/starttls/starttls_socket.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/network/connection_impl.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/transport_sockets/starttls/starttls_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/config/utility.h" #include "test/extensions/transport_sockets/starttls/starttls_integration_test.pb.h" diff --git a/test/extensions/transport_sockets/tap/tap_config_impl_test.cc b/test/extensions/transport_sockets/tap/tap_config_impl_test.cc index b753b610f820..3ed31cd6c2d6 100644 --- a/test/extensions/transport_sockets/tap/tap_config_impl_test.cc +++ b/test/extensions/transport_sockets/tap/tap_config_impl_test.cc @@ -1,6 +1,5 @@ -#include "common/network/address_impl.h" - -#include "extensions/transport_sockets/tap/tap_config_impl.h" +#include "source/common/network/address_impl.h" +#include "source/extensions/transport_sockets/tap/tap_config_impl.h" #include "test/extensions/common/tap/common.h" #include "test/mocks/network/mocks.h" diff --git a/test/extensions/transport_sockets/tls/BUILD b/test/extensions/transport_sockets/tls/BUILD index 46a64c50bbdf..5c40298b8bc7 100644 --- a/test/extensions/transport_sockets/tls/BUILD +++ b/test/extensions/transport_sockets/tls/BUILD @@ -28,7 +28,7 @@ envoy_cc_test( shard_count = 4, deps = [ ":test_private_key_method_provider_test_lib", - "//include/envoy/network:transport_socket_interface", + "//envoy/network:transport_socket_interface", "//source/common/buffer:buffer_lib", "//source/common/common:empty_string", "//source/common/event:dispatcher_includes", @@ -151,11 +151,11 @@ envoy_cc_test_library( ], external_deps = ["ssl"], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl/private_key:private_key_config_interface", - "//include/envoy/ssl/private_key:private_key_interface", + "//envoy/api:api_interface", + "//envoy/event:dispatcher_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl/private_key:private_key_config_interface", + "//envoy/ssl/private_key:private_key_interface", "//source/common/config:utility_lib", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", diff --git a/test/extensions/transport_sockets/tls/cert_validator/BUILD b/test/extensions/transport_sockets/tls/cert_validator/BUILD index b16c61978315..7fd2c97084a1 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/BUILD +++ b/test/extensions/transport_sockets/tls/cert_validator/BUILD @@ -51,8 +51,8 @@ envoy_cc_test_library( name = "test_common", hdrs = ["test_common.h"], deps = [ - "//include/envoy/ssl:context_config_interface", - "//include/envoy/ssl:ssl_socket_extended_info_interface", + "//envoy/ssl:context_config_interface", + "//envoy/ssl:ssl_socket_extended_info_interface", "//source/common/common:macros", "//test/test_common:utility_lib", ], diff --git a/test/extensions/transport_sockets/tls/cert_validator/default_validator_test.cc b/test/extensions/transport_sockets/tls/cert_validator/default_validator_test.cc index 57ff4a685f64..ec6c3753d9b2 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/default_validator_test.cc +++ b/test/extensions/transport_sockets/tls/cert_validator/default_validator_test.cc @@ -1,7 +1,7 @@ #include #include -#include "extensions/transport_sockets/tls/cert_validator/default_validator.h" +#include "source/extensions/transport_sockets/tls/cert_validator/default_validator.h" #include "test/extensions/transport_sockets/tls/ssl_test_utility.h" #include "test/test_common/environment.h" @@ -42,7 +42,7 @@ TEST(DefaultCertValidatorTest, TestMatchSubjectAltNameDNSMatched) { bssl::UniquePtr cert = readCertFromFile(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem")); envoy::type::matcher::v3::StringMatcher matcher; - matcher.set_hidden_envoy_deprecated_regex(".*.example.com"); + matcher.MergeFrom(TestUtility::createRegexMatcher(".*.example.com")); std::vector subject_alt_name_matchers; subject_alt_name_matchers.push_back(Matchers::StringMatcherImpl(matcher)); EXPECT_TRUE(DefaultCertValidator::matchSubjectAltName(cert.get(), subject_alt_name_matchers)); @@ -92,7 +92,7 @@ TEST(DefaultCertValidatorTest, TestMatchSubjectAltNameURIMatched) { bssl::UniquePtr cert = readCertFromFile(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_uri_cert.pem")); envoy::type::matcher::v3::StringMatcher matcher; - matcher.set_hidden_envoy_deprecated_regex("spiffe://lyft.com/.*-team"); + matcher.MergeFrom(TestUtility::createRegexMatcher("spiffe://lyft.com/.*-team")); std::vector subject_alt_name_matchers; subject_alt_name_matchers.push_back(Matchers::StringMatcherImpl(matcher)); EXPECT_TRUE(DefaultCertValidator::matchSubjectAltName(cert.get(), subject_alt_name_matchers)); @@ -110,12 +110,42 @@ TEST(DefaultCertValidatorTest, TestMatchSubjectAltNameNotMatched) { bssl::UniquePtr cert = readCertFromFile(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem")); envoy::type::matcher::v3::StringMatcher matcher; - matcher.set_hidden_envoy_deprecated_regex(".*.foo.com"); + matcher.MergeFrom(TestUtility::createRegexMatcher(".*.foo.com")); std::vector subject_alt_name_matchers; subject_alt_name_matchers.push_back(Matchers::StringMatcherImpl(matcher)); EXPECT_FALSE(DefaultCertValidator::matchSubjectAltName(cert.get(), subject_alt_name_matchers)); } +TEST(DefaultCertValidatorTest, TestCertificateVerificationWithSANMatcher) { + Stats::TestUtil::TestStore test_store; + SslStats stats = generateSslStats(test_store); + // Create the default validator object. + auto default_validator = + std::make_unique( + /*CertificateValidationContextConfig=*/nullptr, stats, + Event::GlobalTimeSystem().timeSystem()); + + bssl::UniquePtr cert = readCertFromFile(TestEnvironment::substitute( + "{{ test_rundir }}/test/extensions/transport_sockets/tls/test_data/san_dns_cert.pem")); + envoy::type::matcher::v3::StringMatcher matcher; + matcher.MergeFrom(TestUtility::createRegexMatcher(".*.example.com")); + std::vector san_matchers; + san_matchers.push_back(Matchers::StringMatcherImpl(matcher)); + // Verify the certificate with correct SAN regex matcher. + EXPECT_EQ(default_validator->verifyCertificate(cert.get(), /*verify_san_list=*/{}, san_matchers), + Envoy::Ssl::ClientValidationStatus::Validated); + EXPECT_EQ(stats.fail_verify_san_.value(), 0); + + matcher.MergeFrom(TestUtility::createExactMatcher("hello.example.com")); + std::vector invalid_san_matchers; + invalid_san_matchers.push_back(Matchers::StringMatcherImpl(matcher)); + // Verify the certificate with incorrect SAN exact matcher. + EXPECT_EQ(default_validator->verifyCertificate(cert.get(), /*verify_san_list=*/{}, + invalid_san_matchers), + Envoy::Ssl::ClientValidationStatus::Failed); + EXPECT_EQ(stats.fail_verify_san_.value(), 1); +} + } // namespace Tls } // namespace TransportSockets } // namespace Extensions diff --git a/test/extensions/transport_sockets/tls/cert_validator/factory_test.cc b/test/extensions/transport_sockets/tls/cert_validator/factory_test.cc index c06317b92f7b..94cf5e7063fa 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/factory_test.cc +++ b/test/extensions/transport_sockets/tls/cert_validator/factory_test.cc @@ -1,6 +1,6 @@ #include -#include "extensions/transport_sockets/tls/cert_validator/factory.h" +#include "source/extensions/transport_sockets/tls/cert_validator/factory.h" #include "test/extensions/transport_sockets/tls/cert_validator/test_common.h" diff --git a/test/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD b/test/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD index 30d18f86c471..c25d8a810733 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD +++ b/test/extensions/transport_sockets/tls/cert_validator/spiffe/BUILD @@ -42,6 +42,8 @@ envoy_extension_cc_test( "//test/extensions/transport_sockets/tls/test_data:certs", ], extension_name = "envoy.tls.cert_validator.spiffe", + # Broken until bazel 5.0.0 fix to shorten resulting paths for SymInitialize() failure + tags = ["skip_on_windows"], deps = [ "//source/extensions/transport_sockets/tls/cert_validator/spiffe:config", "//test/integration:http_integration_lib", diff --git a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.cc b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.cc index caacf4ba6b85..47acf98c4f53 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.cc +++ b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.cc @@ -2,7 +2,7 @@ #include -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/integration/integration.h" diff --git a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.h b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.h index 26a08fbbae20..b1e57169ea18 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.h +++ b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_integration_test.h @@ -18,7 +18,7 @@ class SslSPIFFECertValidatorIntegrationTest public HttpIntegrationTest { public: SslSPIFFECertValidatorIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, std::get<0>(GetParam())) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, std::get<0>(GetParam())) {} void initialize() override; void TearDown() override; diff --git a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_test.cc b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_test.cc index 3d014605254d..cf77bdf3737a 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_test.cc +++ b/test/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator_test.cc @@ -5,11 +5,10 @@ #include "envoy/common/exception.h" -#include "common/common/c_smart_ptr.h" -#include "common/event/real_time_system.h" - -#include "extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h" -#include "extensions/transport_sockets/tls/stats.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/event/real_time_system.h" +#include "source/extensions/transport_sockets/tls/cert_validator/spiffe/spiffe_validator.h" +#include "source/extensions/transport_sockets/tls/stats.h" #include "test/extensions/transport_sockets/tls/cert_validator/test_common.h" #include "test/extensions/transport_sockets/tls/ssl_test_utility.h" diff --git a/test/extensions/transport_sockets/tls/cert_validator/test_common.h b/test/extensions/transport_sockets/tls/cert_validator/test_common.h index 9dac1b35cfb1..b958f1727207 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/test_common.h +++ b/test/extensions/transport_sockets/tls/cert_validator/test_common.h @@ -3,8 +3,8 @@ #include "envoy/ssl/context_config.h" #include "envoy/ssl/ssl_socket_extended_info.h" -#include "common/common/macros.h" -#include "common/common/matchers.h" +#include "source/common/common/macros.h" +#include "source/common/common/matchers.h" #include "test/test_common/utility.h" @@ -47,9 +47,6 @@ class TestCertificateValidationContextConfig const std::string& certificateRevocationListPath() const final { CONSTRUCT_ON_FIRST_USE(std::string, ""); } - const std::vector& verifySubjectAltNameList() const override { - CONSTRUCT_ON_FIRST_USE(std::vector, {}); - } const std::vector& subjectAltNameMatchers() const override { return san_matchers_; diff --git a/test/extensions/transport_sockets/tls/cert_validator/utility_test.cc b/test/extensions/transport_sockets/tls/cert_validator/utility_test.cc index d97d0f161f1e..842fa24509ad 100644 --- a/test/extensions/transport_sockets/tls/cert_validator/utility_test.cc +++ b/test/extensions/transport_sockets/tls/cert_validator/utility_test.cc @@ -1,6 +1,5 @@ -#include "common/common/c_smart_ptr.h" - -#include "extensions/transport_sockets/tls/cert_validator/utility.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/extensions/transport_sockets/tls/cert_validator/utility.h" #include "gtest/gtest.h" #include "openssl/ssl.h" diff --git a/test/extensions/transport_sockets/tls/context_impl_test.cc b/test/extensions/transport_sockets/tls/context_impl_test.cc index 6cb28fcd05f1..72bff36b463b 100644 --- a/test/extensions/transport_sockets/tls/context_impl_test.cc +++ b/test/extensions/transport_sockets/tls/context_impl_test.cc @@ -6,14 +6,13 @@ #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" #include "envoy/type/matcher/v3/string.pb.h" -#include "common/common/base64.h" -#include "common/json/json_loader.h" -#include "common/secret/sds_api.h" -#include "common/stats/isolated_store_impl.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_impl.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/common/base64.h" +#include "source/common/json/json_loader.h" +#include "source/common/secret/sds_api.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "test/extensions/transport_sockets/tls/ssl_certs_test.h" #include "test/extensions/transport_sockets/tls/ssl_test_utility.h" @@ -669,13 +668,13 @@ TEST_F(SslServerContextImplOcspTest, TestGetCertInformationWithOCSP) { for (const auto& detail : ocsp_text_details) { std::string::size_type pos = detail.find(this_update); if (pos != std::string::npos) { - valid_from = detail.substr(pos + this_update.size()); + valid_from = std::string(detail.substr(pos + this_update.size())); continue; } pos = detail.find(next_update); if (pos != std::string::npos) { - expiration = detail.substr(pos + next_update.size()); + expiration = std::string(detail.substr(pos + next_update.size())); continue; } } diff --git a/test/extensions/transport_sockets/tls/handshaker_factory_test.cc b/test/extensions/transport_sockets/tls/handshaker_factory_test.cc index ef430d0d3db0..23903a2b73fa 100644 --- a/test/extensions/transport_sockets/tls/handshaker_factory_test.cc +++ b/test/extensions/transport_sockets/tls/handshaker_factory_test.cc @@ -3,14 +3,12 @@ #include "envoy/network/transport_socket.h" #include "envoy/ssl/handshaker.h" -#include "common/stream_info/stream_info_impl.h" - -#include "server/process_context_impl.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_handshaker.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" +#include "source/server/process_context_impl.h" #include "test/mocks/network/connection.h" #include "test/mocks/server/transport_socket_factory_context.h" diff --git a/test/extensions/transport_sockets/tls/handshaker_test.cc b/test/extensions/transport_sockets/tls/handshaker_test.cc index 82484f56dda0..514109e2c70b 100644 --- a/test/extensions/transport_sockets/tls/handshaker_test.cc +++ b/test/extensions/transport_sockets/tls/handshaker_test.cc @@ -3,9 +3,8 @@ #include "envoy/network/transport_socket.h" #include "envoy/ssl/handshaker.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" #include "test/extensions/transport_sockets/tls/ssl_certs_test.h" #include "test/mocks/network/connection.h" diff --git a/test/extensions/transport_sockets/tls/integration/BUILD b/test/extensions/transport_sockets/tls/integration/BUILD index 7486ec63da9d..d8cf60b4f1e1 100644 --- a/test/extensions/transport_sockets/tls/integration/BUILD +++ b/test/extensions/transport_sockets/tls/integration/BUILD @@ -22,6 +22,7 @@ envoy_cc_test( "//source/common/event:dispatcher_lib", "//source/common/network:connection_lib", "//source/common/network:utility_lib", + "//source/extensions/transport_sockets/tap:config", "//source/extensions/transport_sockets/tls:config", "//source/extensions/transport_sockets/tls:context_config_lib", "//source/extensions/transport_sockets/tls:context_lib", diff --git a/test/extensions/transport_sockets/tls/integration/ssl_integration_test.cc b/test/extensions/transport_sockets/tls/integration/ssl_integration_test.cc index 25ca940ceec4..02d5e1240a02 100644 --- a/test/extensions/transport_sockets/tls/integration/ssl_integration_test.cc +++ b/test/extensions/transport_sockets/tls/integration/ssl_integration_test.cc @@ -12,13 +12,12 @@ #include "envoy/extensions/transport_sockets/tap/v3/tap.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/connection_impl.h" -#include "common/network/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_handshaker.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_handshaker.h" #include "test/extensions/common/tap/common.h" #include "test/integration/autonomous_upstream.h" @@ -139,7 +138,7 @@ TEST_P(SslIntegrationTest, RouterRequestAndResponseWithBodyNoBuffer) { } TEST_P(SslIntegrationTest, RouterRequestAndResponseWithBodyNoBufferHttp2) { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); config_helper_.setClientCodec(envoy::extensions::filters::network::http_connection_manager::v3:: HttpConnectionManager::AUTO); ConnectionCreationFunction creator = [&]() -> Network::ClientConnectionPtr { @@ -158,7 +157,7 @@ TEST_P(SslIntegrationTest, RouterRequestAndResponseWithBodyNoBufferVerifySAN) { } TEST_P(SslIntegrationTest, RouterRequestAndResponseWithBodyNoBufferHttp2VerifySAN) { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); ConnectionCreationFunction creator = [&]() -> Network::ClientConnectionPtr { return makeSslClientConnection(ClientSslTransportOptions().setAlpn(true).setSan(san_to_match_)); }; @@ -194,7 +193,7 @@ TEST_P(SslIntegrationTest, RouterDownstreamDisconnectBeforeResponseComplete) { #if defined(__APPLE__) || defined(WIN32) // Skip this test on OS X + Windows: we can't detect the early close on non-Linux, and we // won't clean up the upstream connection until it times out. See #4294. - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { return; } #endif diff --git a/test/extensions/transport_sockets/tls/integration/ssl_integration_test.h b/test/extensions/transport_sockets/tls/integration/ssl_integration_test.h index e7f615c54476..930cc38697f8 100644 --- a/test/extensions/transport_sockets/tls/integration/ssl_integration_test.h +++ b/test/extensions/transport_sockets/tls/integration/ssl_integration_test.h @@ -17,7 +17,7 @@ namespace Ssl { class SslIntegrationTestBase : public HttpIntegrationTest { public: SslIntegrationTestBase(Network::Address::IpVersion ip_version) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ip_version) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, ip_version) {} void initialize() override; diff --git a/test/extensions/transport_sockets/tls/io_handle_bio_test.cc b/test/extensions/transport_sockets/tls/io_handle_bio_test.cc index d0e845e44ad8..155e8c0b0708 100644 --- a/test/extensions/transport_sockets/tls/io_handle_bio_test.cc +++ b/test/extensions/transport_sockets/tls/io_handle_bio_test.cc @@ -1,6 +1,5 @@ -#include "common/network/io_socket_error_impl.h" - -#include "extensions/transport_sockets/tls/io_handle_bio.h" +#include "source/common/network/io_socket_error_impl.h" +#include "source/extensions/transport_sockets/tls/io_handle_bio.h" #include "test/mocks/network/io_handle.h" diff --git a/test/extensions/transport_sockets/tls/ocsp/asn1_utility_test.cc b/test/extensions/transport_sockets/tls/ocsp/asn1_utility_test.cc index 85f0024627e3..163f3248e72c 100644 --- a/test/extensions/transport_sockets/tls/ocsp/asn1_utility_test.cc +++ b/test/extensions/transport_sockets/tls/ocsp/asn1_utility_test.cc @@ -1,6 +1,6 @@ #include -#include "extensions/transport_sockets/tls/ocsp/asn1_utility.h" +#include "source/extensions/transport_sockets/tls/ocsp/asn1_utility.h" #include "test/test_common/utility.h" diff --git a/test/extensions/transport_sockets/tls/ocsp/ocsp_test.cc b/test/extensions/transport_sockets/tls/ocsp/ocsp_test.cc index 78e813060d86..56acea5b0730 100644 --- a/test/extensions/transport_sockets/tls/ocsp/ocsp_test.cc +++ b/test/extensions/transport_sockets/tls/ocsp/ocsp_test.cc @@ -1,7 +1,6 @@ -#include "common/filesystem/filesystem_impl.h" - -#include "extensions/transport_sockets/tls/ocsp/ocsp.h" -#include "extensions/transport_sockets/tls/utility.h" +#include "source/common/filesystem/filesystem_impl.h" +#include "source/extensions/transport_sockets/tls/ocsp/ocsp.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "test/extensions/transport_sockets/tls/ssl_test_utility.h" #include "test/test_common/environment.h" diff --git a/test/extensions/transport_sockets/tls/ssl_socket_test.cc b/test/extensions/transport_sockets/tls/ssl_socket_test.cc index 80c246b949ca..432216c5daa0 100644 --- a/test/extensions/transport_sockets/tls/ssl_socket_test.cc +++ b/test/extensions/transport_sockets/tls/ssl_socket_test.cc @@ -7,20 +7,19 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/network/transport_socket.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/empty_string.h" -#include "common/event/dispatcher_impl.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/transport_socket_options_impl.h" -#include "common/network/utility.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_impl.h" -#include "extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/empty_string.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/transport_socket_options_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/private_key/private_key_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/extensions/transport_sockets/tls/ssl_certs_test.h" #include "test/extensions/transport_sockets/tls/test_data/ca_cert_info.h" @@ -603,10 +602,9 @@ class TestUtilOptionsV2 : public TestUtilOptionsBase { std::string expected_transport_failure_reason_contains_; }; -const std::string testUtilV2(const TestUtilOptionsV2& options) { +void testUtilV2(const TestUtilOptionsV2& options) { Event::SimulatedTimeSystem time_system; ContextManagerImpl manager(*time_system); - std::string new_session = EMPTY_STRING; // SNI-based selection logic isn't happening in SslSocket anymore. ASSERT(options.listener().filter_chains().size() == 1); @@ -721,14 +719,14 @@ const std::string testUtilV2(const TestUtilOptionsV2& options) { EXPECT_FALSE(server_ssl_requested_server_name.has_value()); } - SSL_SESSION* client_ssl_session = SSL_get_session(client_ssl_socket); - EXPECT_TRUE(SSL_SESSION_is_resumable(client_ssl_session)); - uint8_t* session_data; - size_t session_len; - int rc = SSL_SESSION_to_bytes(client_ssl_session, &session_data, &session_len); - ASSERT(rc == 1); - new_session = std::string(reinterpret_cast(session_data), session_len); - OPENSSL_free(session_data); + const uint16_t tls_version = SSL_version(client_ssl_socket); + if (SSL3_VERSION <= tls_version && tls_version <= TLS1_2_VERSION) { + // Prior to TLS 1.3, one should be able to resume the session. With TLS + // 1.3, tickets come after the handshake and the SSL_SESSION on the + // client is a dummy object. + SSL_SESSION* client_ssl_session = SSL_get_session(client_ssl_socket); + EXPECT_TRUE(SSL_SESSION_is_resumable(client_ssl_session)); + } server_connection->close(Network::ConnectionCloseType::NoFlush); client_connection->close(Network::ConnectionCloseType::NoFlush); dispatcher->exit(); @@ -779,8 +777,6 @@ const std::string testUtilV2(const TestUtilOptionsV2& options) { ContainsRegex(options.expectedTransportFailureReasonContains())); EXPECT_NE("", server_connection->transportFailureReason()); } - - return new_session; } // Configure the listener with unittest{cert,key}.pem and ca_cert.pem. diff --git a/test/extensions/transport_sockets/tls/test_private_key_method_provider.h b/test/extensions/transport_sockets/tls/test_private_key_method_provider.h index 44bcece41f1f..efe94936d2f3 100644 --- a/test/extensions/transport_sockets/tls/test_private_key_method_provider.h +++ b/test/extensions/transport_sockets/tls/test_private_key_method_provider.h @@ -6,8 +6,8 @@ #include "envoy/ssl/private_key/private_key.h" #include "envoy/ssl/private_key/private_key_config.h" -#include "common/config/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/config/utility.h" +#include "source/common/protobuf/utility.h" namespace Envoy { namespace Extensions { diff --git a/test/extensions/transport_sockets/tls/tls_throughput_benchmark.cc b/test/extensions/transport_sockets/tls/tls_throughput_benchmark.cc index f1e90313b0ca..690909fb9ac6 100644 --- a/test/extensions/transport_sockets/tls/tls_throughput_benchmark.cc +++ b/test/extensions/transport_sockets/tls/tls_throughput_benchmark.cc @@ -1,4 +1,4 @@ -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/test_common/environment.h" diff --git a/test/extensions/transport_sockets/tls/utility_test.cc b/test/extensions/transport_sockets/tls/utility_test.cc index 5b416aaa369a..531599c01be5 100644 --- a/test/extensions/transport_sockets/tls/utility_test.cc +++ b/test/extensions/transport_sockets/tls/utility_test.cc @@ -1,7 +1,7 @@ #include #include -#include "extensions/transport_sockets/tls/utility.h" +#include "source/extensions/transport_sockets/tls/utility.h" #include "test/extensions/transport_sockets/tls/ssl_test_utility.h" #include "test/extensions/transport_sockets/tls/test_data/long_validity_cert_info.h" @@ -12,6 +12,7 @@ #include "absl/time/time.h" #include "gtest/gtest.h" +#include "openssl/ssl.h" #include "openssl/x509v3.h" namespace Envoy { @@ -148,31 +149,18 @@ TEST(UtilityTest, TestGetCertificationExtensionValue) { TEST(UtilityTest, SslErrorDescriptionTest) { const std::vector> test_set = { - {0, "NONE"}, - {1, "SSL"}, - {2, "WANT_READ"}, - {3, "WANT_WRITE"}, - {4, "WANT_X509_LOOKUP"}, - {5, "SYSCALL"}, - {6, "ZERO_RETURN"}, - {7, "WANT_CONNECT"}, - {8, "WANT_ACCEPT"}, - {9, "WANT_CHANNEL_ID_LOOKUP"}, - {11, "PENDING_SESSION"}, - {12, "PENDING_CERTIFICATE"}, - {13, "WANT_PRIVATE_KEY_OPERATION"}, - {14, "PENDING_TICKET"}, - {15, "EARLY_DATA_REJECTED"}, - {16, "WANT_CERTIFICATE_VERIFY"}, - {17, "HANDOFF"}, - {18, "HANDBACK"}, + {SSL_ERROR_NONE, "NONE"}, + {SSL_ERROR_SSL, "SSL"}, + {SSL_ERROR_WANT_READ, "WANT_READ"}, + {SSL_ERROR_WANT_WRITE, "WANT_WRITE"}, + {SSL_ERROR_WANT_PRIVATE_KEY_OPERATION, "WANT_PRIVATE_KEY_OPERATION"}, }; for (const auto& test_data : test_set) { EXPECT_EQ(test_data.second, Utility::getErrorDescription(test_data.first)); } - EXPECT_ENVOY_BUG(EXPECT_EQ(Utility::getErrorDescription(19), "UNKNOWN_ERROR"), + EXPECT_ENVOY_BUG(EXPECT_EQ(Utility::getErrorDescription(-1), "UNKNOWN_ERROR"), "Unknown BoringSSL error had occurred"); } diff --git a/test/extensions/upstreams/http/config_test.cc b/test/extensions/upstreams/http/config_test.cc index ee7e05595331..cd91d8c55f67 100644 --- a/test/extensions/upstreams/http/config_test.cc +++ b/test/extensions/upstreams/http/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/upstreams/http/config.h" +#include "source/extensions/upstreams/http/config.h" #include "test/mocks/protobuf/mocks.h" diff --git a/test/extensions/upstreams/http/tcp/upstream_request_test.cc b/test/extensions/upstreams/http/tcp/upstream_request_test.cc index 555f93a6e750..4ceaa9f3ddda 100644 --- a/test/extensions/upstreams/http/tcp/upstream_request_test.cc +++ b/test/extensions/upstreams/http/tcp/upstream_request_test.cc @@ -1,11 +1,10 @@ -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/router/config_impl.h" -#include "common/router/router.h" -#include "common/router/upstream_request.h" - -#include "extensions/common/proxy_protocol/proxy_protocol_header.h" -#include "extensions/upstreams/http/tcp/upstream_request.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/router/config_impl.h" +#include "source/common/router/router.h" +#include "source/common/router/upstream_request.h" +#include "source/extensions/common/proxy_protocol/proxy_protocol_header.h" +#include "source/extensions/upstreams/http/tcp/upstream_request.h" #include "test/common/http/common.h" #include "test/mocks/common.h" @@ -39,7 +38,8 @@ class TcpConnPoolTest : public ::testing::Test { NiceMock route_entry; NiceMock cm; cm.initializeThreadLocalClusters({"fake_cluster"}); - EXPECT_CALL(cm.thread_local_cluster_, tcpConnPool(_, _)).WillOnce(Return(&mock_pool_)); + EXPECT_CALL(cm.thread_local_cluster_, tcpConnPool(_, _)) + .WillOnce(Return(Upstream::TcpPoolData([]() {}, &mock_pool_))); conn_pool_ = std::make_unique(cm.thread_local_cluster_, true, route_entry, Envoy::Http::Protocol::Http11, nullptr); } @@ -68,9 +68,9 @@ TEST_F(TcpConnPoolTest, OnPoolFailure) { EXPECT_CALL(mock_pool_, newConnection(_)).WillOnce(Return(&cancellable_)); conn_pool_->newStream(&mock_generic_callbacks_); - EXPECT_CALL(mock_generic_callbacks_, onPoolFailure(_, _, _)); + EXPECT_CALL(mock_generic_callbacks_, onPoolFailure(_, "foo", _)); conn_pool_->onPoolFailure(Envoy::Tcp::ConnectionPool::PoolFailureReason::LocalConnectionFailure, - host_); + "foo", host_); // Make sure that the pool failure nulled out the pending request. EXPECT_FALSE(conn_pool_->cancelAnyPendingStream()); @@ -93,6 +93,10 @@ TEST_F(TcpConnPoolTest, Cancel) { class TcpUpstreamTest : public ::testing::Test { public: TcpUpstreamTest() { + EXPECT_CALL(mock_router_filter_, downstreamHeaders()) + .Times(AnyNumber()) + .WillRepeatedly(Return(&request_)); + EXPECT_CALL(mock_router_filter_, cluster()).Times(AnyNumber()); mock_router_filter_.requests_.push_back(std::make_unique( mock_router_filter_, std::make_unique>())); auto data = std::make_unique>(); @@ -103,15 +107,15 @@ class TcpUpstreamTest : public ::testing::Test { ~TcpUpstreamTest() override { EXPECT_CALL(mock_router_filter_, config()).Times(AnyNumber()); } protected: - NiceMock connection_; - NiceMock mock_router_filter_; - Envoy::Tcp::ConnectionPool::MockConnectionData* mock_connection_data_; - std::unique_ptr tcp_upstream_; TestRequestHeaderMapImpl request_{{":method", "CONNECT"}, {":path", "/"}, {":protocol", "bytestream"}, {":scheme", "https"}, {":authority", "host"}}; + NiceMock connection_; + NiceMock mock_router_filter_; + Envoy::Tcp::ConnectionPool::MockConnectionData* mock_connection_data_; + std::unique_ptr tcp_upstream_; }; TEST_F(TcpUpstreamTest, Basic) { diff --git a/test/extensions/upstreams/tcp/generic/config_test.cc b/test/extensions/upstreams/tcp/generic/config_test.cc index ffc603614491..2e8a638356db 100644 --- a/test/extensions/upstreams/tcp/generic/config_test.cc +++ b/test/extensions/upstreams/tcp/generic/config_test.cc @@ -1,4 +1,4 @@ -#include "extensions/upstreams/tcp/generic/config.h" +#include "source/extensions/upstreams/tcp/generic/config.h" #include "test/mocks/tcp/mocks.h" #include "test/mocks/upstream/cluster_manager.h" @@ -26,7 +26,7 @@ class TcpConnPoolTest : public ::testing::Test { TEST_F(TcpConnPoolTest, TestNoConnPool) { envoy::extensions::filters::network::tcp_proxy::v3::TcpProxy_TunnelingConfig config; config.set_hostname("host"); - EXPECT_CALL(thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(nullptr)); + EXPECT_CALL(thread_local_cluster_, httpConnPool(_, _, _)).WillOnce(Return(absl::nullopt)); EXPECT_EQ(nullptr, factory_.createGenericConnPool(thread_local_cluster_, config, nullptr, callbacks_)); } diff --git a/test/extensions/watchdog/profile_action/BUILD b/test/extensions/watchdog/profile_action/BUILD index fb8c662ea7bc..866d8b63d747 100644 --- a/test/extensions/watchdog/profile_action/BUILD +++ b/test/extensions/watchdog/profile_action/BUILD @@ -19,9 +19,9 @@ envoy_extension_cc_test( "abseil_synchronization", ], deps = [ - "//include/envoy/common:time_interface", - "//include/envoy/registry", - "//include/envoy/server:guarddog_config_interface", + "//envoy/common:time_interface", + "//envoy/registry", + "//envoy/server:guarddog_config_interface", "//source/common/filesystem:directory_lib", "//source/common/profiler:profiler_lib", "//source/extensions/watchdog/profile_action:config", @@ -41,8 +41,8 @@ envoy_extension_cc_test( srcs = ["config_test.cc"], extension_name = "envoy.watchdog.profile_action", deps = [ - "//include/envoy/registry", - "//include/envoy/server:guarddog_config_interface", + "//envoy/registry", + "//envoy/server:guarddog_config_interface", "//source/extensions/watchdog/profile_action:config", "//source/extensions/watchdog/profile_action:profile_action_lib", "//test/common/stats:stat_test_utility_lib", diff --git a/test/extensions/watchdog/profile_action/config_test.cc b/test/extensions/watchdog/profile_action/config_test.cc index 2603eeec2f57..157128a62af9 100644 --- a/test/extensions/watchdog/profile_action/config_test.cc +++ b/test/extensions/watchdog/profile_action/config_test.cc @@ -2,7 +2,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/guarddog_config.h" -#include "extensions/watchdog/profile_action/config.h" +#include "source/extensions/watchdog/profile_action/config.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/extensions/watchdog/profile_action/profile_action_test.cc b/test/extensions/watchdog/profile_action/profile_action_test.cc index 40f9085eff04..d35bea645dc1 100644 --- a/test/extensions/watchdog/profile_action/profile_action_test.cc +++ b/test/extensions/watchdog/profile_action/profile_action_test.cc @@ -8,12 +8,11 @@ #include "envoy/server/guarddog_config.h" #include "envoy/thread/thread.h" -#include "common/common/assert.h" -#include "common/filesystem/directory.h" -#include "common/profiler/profiler.h" - -#include "extensions/watchdog/profile_action/config.h" -#include "extensions/watchdog/profile_action/profile_action.h" +#include "source/common/common/assert.h" +#include "source/common/filesystem/directory.h" +#include "source/common/profiler/profiler.h" +#include "source/extensions/watchdog/profile_action/config.h" +#include "source/extensions/watchdog/profile_action/profile_action.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/fuzz/BUILD b/test/fuzz/BUILD index 6c3ef4f96696..6a8ea1e891d5 100644 --- a/test/fuzz/BUILD +++ b/test/fuzz/BUILD @@ -78,7 +78,7 @@ envoy_cc_test_library( name = "random_lib", hdrs = ["random.h"], deps = [ - "//include/envoy/common:random_generator_interface", + "//envoy/common:random_generator_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", ], diff --git a/test/fuzz/fuzz_runner.cc b/test/fuzz/fuzz_runner.cc index bda9446b39e9..618116a2f382 100644 --- a/test/fuzz/fuzz_runner.cc +++ b/test/fuzz/fuzz_runner.cc @@ -1,11 +1,10 @@ #include "test/fuzz/fuzz_runner.h" -#include "common/common/thread.h" -#include "common/common/utility.h" -#include "common/event/libevent.h" -#include "common/http/http2/codec_impl.h" - -#include "exe/process_wide.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" +#include "source/common/event/libevent.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/exe/process_wide.h" #include "test/test_common/environment.h" diff --git a/test/fuzz/main.cc b/test/fuzz/main.cc index d1c98eb6eed9..b339336620de 100644 --- a/test/fuzz/main.cc +++ b/test/fuzz/main.cc @@ -12,8 +12,8 @@ // neat, as we get features likes --gtest_filter to select over the corpus // and the reporting features of gtest. -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "test/fuzz/fuzz_runner.h" #include "test/test_common/environment.h" @@ -22,7 +22,7 @@ #include "absl/debugging/symbolize.h" #ifdef ENVOY_HANDLE_SIGNALS -#include "common/signal/signal_action.h" +#include "source/common/signal/signal_action.h" #endif #include "gtest/gtest.h" diff --git a/test/fuzz/random.h b/test/fuzz/random.h index 574f1f804f37..bcf738bf262f 100644 --- a/test/fuzz/random.h +++ b/test/fuzz/random.h @@ -7,8 +7,8 @@ #include "envoy/common/random_generator.h" -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" namespace Envoy { namespace Random { diff --git a/test/fuzz/utility.h b/test/fuzz/utility.h index cfa95039e114..002eab8571a7 100644 --- a/test/fuzz/utility.h +++ b/test/fuzz/utility.h @@ -2,10 +2,10 @@ #include "envoy/config/core/v3/base.pb.h" -#include "common/common/empty_string.h" -#include "common/network/resolver_impl.h" -#include "common/network/socket_impl.h" -#include "common/network/utility.h" +#include "source/common/common/empty_string.h" +#include "source/common/network/resolver_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/utility.h" #include "test/common/stream_info/test_util.h" #include "test/fuzz/common.pb.h" diff --git a/test/integration/BUILD b/test/integration/BUILD index 41c7e0d44e2e..5d4083e23c05 100644 --- a/test/integration/BUILD +++ b/test/integration/BUILD @@ -179,7 +179,7 @@ envoy_cc_test( srcs = ["cluster_filter_integration_test.cc"], deps = [ ":integration_lib", - "//include/envoy/network:filter_interface", + "//envoy/network:filter_interface", "//source/extensions/filters/network/tcp_proxy:config", "//test/config:utility_lib", "//test/test_common:registry_lib", @@ -320,12 +320,12 @@ envoy_cc_test( deps = [ ":autonomous_upstream_lib", ":http_integration_lib", + ":socket_interface_swap_lib", ":tracked_watermark_buffer_lib", "//test/common/http/http2:http2_frame", "//test/integration/filters:backpressure_filter_config_lib", "//test/integration/filters:set_response_code_filter_config_proto_cc_proto", "//test/integration/filters:set_response_code_filter_lib", - "//test/integration/filters:test_socket_interface_lib", "//test/mocks/http:http_mocks", "//test/test_common:utility_lib", "@com_google_absl//absl/synchronization", @@ -366,6 +366,37 @@ envoy_cc_test( ], ) +envoy_cc_test( + name = "buffer_accounting_integration_test", + srcs = [ + "buffer_accounting_integration_test.cc", + ], + deps = [ + ":http_integration_lib", + ":socket_interface_swap_lib", + ":tracked_watermark_buffer_lib", + "//test/mocks/http:http_mocks", + "//test/test_common:utility_lib", + "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", + "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto", + "@envoy_api//envoy/extensions/filters/network/http_connection_manager/v3:pkg_cc_proto", + ], +) + +envoy_cc_test_library( + name = "socket_interface_swap_lib", + srcs = [ + "socket_interface_swap.cc", + ], + hdrs = [ + "socket_interface_swap.h", + ], + deps = [ + "//test/integration/filters:test_socket_interface_lib", + "@com_google_absl//absl/synchronization", + ], +) + envoy_cc_test( name = "http_subset_lb_integration_test", srcs = [ @@ -455,6 +486,7 @@ envoy_cc_test_library( "//test/integration/filters:local_reply_during_encoding_filter_lib", "//test/integration/filters:local_reply_with_metadata_filter_lib", "//test/integration/filters:random_pause_filter_lib", + "//test/integration/filters:remove_response_headers_lib", "//test/test_common:logging_lib", "//test/test_common:utility_lib", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", @@ -505,7 +537,7 @@ envoy_cc_test( ], deps = [ ":http_protocol_integration_lib", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//source/common/stats:histogram_lib", "//source/common/stats:stats_matcher_lib", "//source/extensions/filters/http/buffer:config", @@ -526,7 +558,7 @@ envoy_cc_test_library( "test_host_predicate_config.h", ], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", ], ) @@ -544,7 +576,7 @@ envoy_cc_test_library( deps = [ ":integration_lib", ":test_host_predicate_lib", - "//include/envoy/event:timer_interface", + "//envoy/event:timer_interface", "//source/common/common:thread_annotations", "//source/common/network:socket_option_lib", "//source/extensions/filters/http/on_demand:config", @@ -608,10 +640,10 @@ envoy_cc_test_library( "integration_stream_decoder.h", ], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/http:metadata_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:codec_interface", + "//envoy/http:header_map_interface", + "//envoy/http:metadata_interface", "//source/common/common:dump_state_utils", "//test/test_common:utility_lib", ], @@ -627,11 +659,11 @@ envoy_cc_test_library( ], deps = [ ":utility_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:address_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/network:socket_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:address_interface", + "//envoy/network:connection_interface", + "//envoy/network:listen_socket_interface", + "//envoy/network:socket_interface", "//test/mocks/buffer:buffer_mocks", "//test/test_common:network_utility_lib", "//test/test_common:utility_lib", @@ -647,13 +679,13 @@ envoy_cc_test_library( "fake_upstream.h", ], deps = [ - "//include/envoy/api:api_interface", - "//include/envoy/grpc:status", - "//include/envoy/http:codec_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/stats:stats_interface", + "//envoy/api:api_interface", + "//envoy/grpc:status", + "//envoy/http:codec_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/stats:stats_interface", "//source/common/buffer:buffer_lib", "//source/common/buffer:zero_copy_input_stream_lib", "//source/common/common:basic_resource_lib", @@ -683,7 +715,7 @@ envoy_cc_test_library( "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", ] + envoy_select_enable_http3([ "//source/common/quic:active_quic_listener_lib", - "//source/common/quic:codec_lib", + "//source/common/quic:quic_factory_lib", ]), ) @@ -752,13 +784,13 @@ envoy_cc_test_library( deps = [ ":server_stats_interface", ":tcp_dump", - "//include/envoy/api:api_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/server:options_interface", - "//include/envoy/server:process_context_interface", - "//include/envoy/stats:stats_interface", + "//envoy/api:api_interface", + "//envoy/http:codec_interface", + "//envoy/http:header_map_interface", + "//envoy/network:filter_interface", + "//envoy/server:options_interface", + "//envoy/server:process_context_interface", + "//envoy/stats:stats_interface", "//source/common/api:api_lib", "//source/common/common:assert_lib", "//source/common/common:lock_guard_lib", @@ -815,19 +847,19 @@ envoy_cc_test_library( ":integration_stream_decoder_lib", ":integration_tcp_client_lib", ":utility_lib", - "//include/envoy/api:api_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/grpc:status", - "//include/envoy/http:codec_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/server:configuration_interface", - "//include/envoy/server:hot_restart_interface", - "//include/envoy/server:options_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/thread:thread_interface", + "//envoy/api:api_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/grpc:status", + "//envoy/http:codec_interface", + "//envoy/http:header_map_interface", + "//envoy/network:connection_interface", + "//envoy/network:filter_interface", + "//envoy/server:configuration_interface", + "//envoy/server:hot_restart_interface", + "//envoy/server:options_interface", + "//envoy/stats:stats_interface", + "//envoy/thread:thread_interface", "//source/common/api:api_lib", "//source/common/buffer:buffer_lib", "//source/common/buffer:zero_copy_input_stream_lib", @@ -857,7 +889,6 @@ envoy_cc_test_library( "//source/extensions/access_loggers/file:config", "//source/extensions/access_loggers/stream:config", "//source/extensions/transport_sockets/raw_buffer:config", - "//source/extensions/transport_sockets/tap:config", "//source/server:connection_handler_lib", "//source/server:drain_manager_lib", "//source/server:hot_restart_nop_lib", @@ -893,7 +924,6 @@ envoy_cc_test( ":http_integration_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", - "//source/extensions/filters/http/cors:config", "//source/extensions/filters/http/grpc_http1_bridge:config", "//source/extensions/filters/http/health_check:config", "//test/integration/filters:clear_route_cache_filter_lib", @@ -1024,7 +1054,7 @@ envoy_cc_test( deps = [ ":http_integration_lib", ":integration_lib", - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/config:metadata_lib", "//source/common/json:json_loader_lib", "//source/common/network:utility_lib", @@ -1054,6 +1084,7 @@ envoy_cc_test( envoy_cc_test( name = "overload_integration_test", srcs = ["overload_integration_test.cc"], + shard_count = 2, deps = [ ":http_protocol_integration_lib", "//test/common/config:dummy_config_proto_cc_proto", @@ -1115,8 +1146,8 @@ envoy_cc_test_library( name = "server_stats_interface", hdrs = ["server_stats.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/stats:stats_interface", + "//envoy/event:dispatcher_interface", + "//envoy/stats:stats_interface", ], ) @@ -1192,7 +1223,7 @@ envoy_cc_test( ], deps = [ ":http_integration_lib", - "//include/envoy/registry", + "//envoy/registry", "//source/common/grpc:common_lib", "//test/test_common:registry_lib", "//test/test_common:utility_lib", @@ -1267,8 +1298,8 @@ envoy_cc_test( ], deps = [ ":integration_lib", - "//include/envoy/server:filter_config_interface", - "//include/envoy/tcp:conn_pool_interface", + "//envoy/server:filter_config_interface", + "//envoy/tcp:conn_pool_interface", "//test/server:utility_lib", "//test/test_common:registry_lib", "//test/test_common:utility_lib", @@ -1295,6 +1326,7 @@ envoy_cc_test_library( ], deps = [ "//source/common/buffer:watermark_buffer_lib", + "//test/test_common:utility_lib", ], ) @@ -1600,8 +1632,8 @@ envoy_cc_test( srcs = ["cx_limit_integration_test.cc"], deps = [ ":http_integration_lib", - "//include/envoy/network:filter_interface", - "//include/envoy/registry", + "//envoy/network:filter_interface", + "//envoy/registry", "//source/extensions/filters/network/tcp_proxy:config", "//test/config:utility_lib", "//test/test_common:logging_lib", @@ -1714,13 +1746,11 @@ envoy_cc_test( deps = envoy_select_enable_http3([ ":http_integration_lib", "//source/common/quic:client_connection_factory_lib", - "//source/common/quic:codec_lib", "//source/common/quic:envoy_quic_client_connection_lib", "//source/common/quic:envoy_quic_client_session_lib", "//source/common/quic:envoy_quic_connection_helper_lib", "//source/common/quic:envoy_quic_proof_verifier_lib", - "//source/common/quic:quic_transport_socket_factory_lib", - "//source/extensions/resource_monitors/injected_resource:config", + "//source/common/quic:quic_factory_lib", "//test/common/quic:quic_test_utils_for_envoy_lib", "//test/common/quic:test_utils_lib", "//test/integration/filters:encoder_decoder_buffer_filter_lib", diff --git a/test/integration/README.md b/test/integration/README.md index d16031807a9e..6e13c958aa2c 100644 --- a/test/integration/README.md +++ b/test/integration/README.md @@ -50,7 +50,7 @@ The [`ConfigHelper`](../config/utility.h) has utilities for common alterations s ```c++ // Set the default protocol to HTTP2 -setDownstreamProtocol(Http::CodecClient::Type::HTTP2); +setDownstreamProtocol(Http::CodecType::HTTP2); ``` or diff --git a/test/integration/ads_integration.cc b/test/integration/ads_integration.cc index cf0fbeb71046..dfa3b81539b9 100644 --- a/test/integration/ads_integration.cc +++ b/test/integration/ads_integration.cc @@ -8,9 +8,9 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/test_common/network_utility.h" #include "test/test_common/resources.h" @@ -22,7 +22,7 @@ namespace Envoy { AdsIntegrationTest::AdsIntegrationTest(envoy::config::core::v3::ApiVersion resource_api_version, envoy::config::core::v3::ApiVersion transport_api_version) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), + : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), ConfigHelper::adsBootstrap( sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC", resource_api_version, transport_api_version)) { @@ -31,7 +31,7 @@ AdsIntegrationTest::AdsIntegrationTest(envoy::config::core::v3::ApiVersion resou tls_xds_upstream_ = true; sotw_or_delta_ = sotwOrDelta(); api_version_ = resource_api_version; - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); } void AdsIntegrationTest::TearDown() { cleanUpXdsConnection(); } diff --git a/test/integration/ads_integration_test.cc b/test/integration/ads_integration_test.cc index 08e6d8661a9b..f8045c2ad55a 100644 --- a/test/integration/ads_integration_test.cc +++ b/test/integration/ads_integration_test.cc @@ -6,11 +6,11 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/grpc/status.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/config/version_converter.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/version/version.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/config/version_converter.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/version/version.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/ads_integration.h" @@ -89,7 +89,7 @@ TEST_P(AdsIntegrationTest, TestPrimaryClusterWarmClusterInitialization) { const auto cds_type_url = Config::getTypeUrl( envoy::config::core::v3::ApiVersion::V3); auto loopback = Network::Test::getLoopbackAddressString(ipVersion()); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); auto port = fake_upstreams_.back()->localAddress()->ip()->port(); // This cluster will be blocked since endpoint name cannot be resolved. @@ -1055,7 +1055,7 @@ class AdsFailIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public HttpIntegrationTest { public: AdsFailIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), + : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), ConfigHelper::adsBootstrap( sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC", envoy::config::core::v3::ApiVersion::V3)) { @@ -1075,7 +1075,7 @@ class AdsFailIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, ads_cluster->MergeFrom(bootstrap.static_resources().clusters()[0]); ads_cluster->set_name("ads_cluster"); }); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); } }; @@ -1096,7 +1096,7 @@ class AdsConfigIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public HttpIntegrationTest { public: AdsConfigIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), + : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), ConfigHelper::adsBootstrap( sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC", envoy::config::core::v3::ApiVersion::V3)) { @@ -1125,7 +1125,7 @@ class AdsConfigIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, eds_config->set_resource_api_version(envoy::config::core::v3::ApiVersion::V3); eds_config->mutable_ads(); }); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); } }; @@ -1282,7 +1282,7 @@ class AdsClusterFromFileIntegrationTest : public Grpc::DeltaSotwIntegrationParam public HttpIntegrationTest { public: AdsClusterFromFileIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), + : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), ConfigHelper::adsBootstrap( sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC", envoy::config::core::v3::ApiVersion::V3)) { @@ -1323,7 +1323,7 @@ class AdsClusterFromFileIntegrationTest : public Grpc::DeltaSotwIntegrationParam eds_config->set_resource_api_version(envoy::config::core::v3::ApiVersion::V3); eds_config->mutable_ads(); }); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); } diff --git a/test/integration/alpn_integration_test.cc b/test/integration/alpn_integration_test.cc index 264036a4bc2a..fa1e33fcee36 100644 --- a/test/integration/alpn_integration_test.cc +++ b/test/integration/alpn_integration_test.cc @@ -9,12 +9,12 @@ namespace { class AlpnIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - AlpnIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) {} + AlpnIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) {} void SetUp() override { autonomous_upstream_ = true; setUpstreamCount(2); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); upstream_tls_ = true; config_helper_.configureUpstreamTls(true); @@ -40,7 +40,7 @@ class AlpnIntegrationTest : public testing::TestWithParam protocols_; + std::vector protocols_; }; INSTANTIATE_TEST_SUITE_P(IpVersions, AlpnIntegrationTest, @@ -48,8 +48,8 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, AlpnIntegrationTest, TestUtility::ipTestParamsToString); TEST_P(AlpnIntegrationTest, Http2) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); - protocols_ = {FakeHttpConnection::Type::HTTP2, FakeHttpConnection::Type::HTTP2}; + setUpstreamProtocol(Http::CodecType::HTTP2); + protocols_ = {Http::CodecType::HTTP2, Http::CodecType::HTTP2}; initialize(); codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); @@ -60,8 +60,8 @@ TEST_P(AlpnIntegrationTest, Http2) { } TEST_P(AlpnIntegrationTest, Http1) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); - protocols_ = {FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP1}; + setUpstreamProtocol(Http::CodecType::HTTP1); + protocols_ = {Http::CodecType::HTTP1, Http::CodecType::HTTP1}; initialize(); codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); @@ -72,7 +72,7 @@ TEST_P(AlpnIntegrationTest, Http1) { } TEST_P(AlpnIntegrationTest, Mixed) { - protocols_ = {FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP2}; + protocols_ = {Http::CodecType::HTTP1, Http::CodecType::HTTP2}; initialize(); codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); diff --git a/test/integration/alpn_selection_integration_test.cc b/test/integration/alpn_selection_integration_test.cc index b28c42fbffc0..da784ec70e3c 100644 --- a/test/integration/alpn_selection_integration_test.cc +++ b/test/integration/alpn_selection_integration_test.cc @@ -2,11 +2,10 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/http/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/http/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/integration/http_integration.h" @@ -18,14 +17,12 @@ namespace Envoy { class AlpnSelectionIntegrationTest : public testing::Test, public HttpIntegrationTest { public: AlpnSelectionIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, - TestEnvironment::getIpVersionsForTest().front(), + : HttpIntegrationTest(Http::CodecType::HTTP1, TestEnvironment::getIpVersionsForTest().front(), ConfigHelper::httpProxyConfig()) {} void initialize() override { - setDownstreamProtocol(Http::CodecClient::Type::HTTP1); - setUpstreamProtocol(use_h2_ ? FakeHttpConnection::Type::HTTP2 - : FakeHttpConnection::Type::HTTP1); + setDownstreamProtocol(Http::CodecType::HTTP1); + setUpstreamProtocol(use_h2_ ? Http::CodecType::HTTP2 : Http::CodecType::HTTP1); config_helper_.addConfigModifier([&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { auto* static_resources = bootstrap.mutable_static_resources(); auto* cluster = static_resources->mutable_clusters(0); @@ -81,8 +78,7 @@ require_client_certificate: true void createUpstreams() override { auto endpoint = upstream_address_fn_(0); FakeUpstreamConfig config = upstreamConfig(); - config.upstream_protocol_ = - use_h2_ ? FakeHttpConnection::Type::HTTP2 : FakeHttpConnection::Type::HTTP1; + config.upstream_protocol_ = use_h2_ ? Http::CodecType::HTTP2 : Http::CodecType::HTTP1; fake_upstreams_.emplace_back( new FakeUpstream(createUpstreamSslContext(), endpoint->ip()->port(), version_, config)); } diff --git a/test/integration/autonomous_upstream.cc b/test/integration/autonomous_upstream.cc index 762da275b31d..65d16dd25fd7 100644 --- a/test/integration/autonomous_upstream.cc +++ b/test/integration/autonomous_upstream.cc @@ -94,7 +94,8 @@ void AutonomousStream::sendResponse() { AutonomousHttpConnection::AutonomousHttpConnection(AutonomousUpstream& autonomous_upstream, SharedConnectionWrapper& shared_connection, - Type type, AutonomousUpstream& upstream) + Http::CodecType type, + AutonomousUpstream& upstream) : FakeHttpConnection(autonomous_upstream, shared_connection, type, upstream.timeSystem(), Http::DEFAULT_MAX_REQUEST_HEADERS_KB, Http::DEFAULT_MAX_HEADERS_COUNT, envoy::config::core::v3::HttpProtocolOptions::ALLOW), diff --git a/test/integration/autonomous_upstream.h b/test/integration/autonomous_upstream.h index d5ae283fec56..aa0e15fb1baa 100644 --- a/test/integration/autonomous_upstream.h +++ b/test/integration/autonomous_upstream.h @@ -45,7 +45,7 @@ class AutonomousStream : public FakeStream { class AutonomousHttpConnection : public FakeHttpConnection { public: AutonomousHttpConnection(AutonomousUpstream& autonomous_upstream, - SharedConnectionWrapper& shared_connection, Type type, + SharedConnectionWrapper& shared_connection, Http::CodecType type, AutonomousUpstream& upstream); Http::RequestDecoder& newStream(Http::ResponseEncoder& response_encoder, bool) override; diff --git a/test/integration/base_integration_test.cc b/test/integration/base_integration_test.cc index ac4cf88eb703..d74b71962a03 100644 --- a/test/integration/base_integration_test.cc +++ b/test/integration/base_integration_test.cc @@ -15,15 +15,14 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/common/thread.h" -#include "common/config/api_version.h" -#include "common/event/libevent.h" -#include "common/network/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread.h" +#include "source/common/config/api_version.h" +#include "source/common/event/libevent.h" +#include "source/common/network/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/integration/autonomous_upstream.h" #include "test/integration/utility.h" @@ -121,12 +120,12 @@ BaseIntegrationTest::createUpstreamTlsContext(const FakeUpstreamConfig& upstream TestEnvironment::runfilesPath("test/config/integration/certs/upstreamkey.pem"), TestEnvironment::runfilesPath("test/config/integration/certs/cacert.pem")); TestUtility::loadFromYaml(yaml, tls_context); - if (upstream_config.upstream_protocol_ == FakeHttpConnection::Type::HTTP2) { + if (upstream_config.upstream_protocol_ == Http::CodecType::HTTP2) { tls_context.mutable_common_tls_context()->add_alpn_protocols("h2"); - } else if (upstream_config.upstream_protocol_ == FakeHttpConnection::Type::HTTP1) { + } else if (upstream_config.upstream_protocol_ == Http::CodecType::HTTP1) { tls_context.mutable_common_tls_context()->add_alpn_protocols("http/1.1"); } - if (upstream_config.upstream_protocol_ != FakeHttpConnection::Type::HTTP3) { + if (upstream_config.upstream_protocol_ != Http::CodecType::HTTP3) { auto cfg = std::make_unique( tls_context, factory_context_); static Stats::Scope* upstream_stats_store = new Stats::IsolatedStoreImpl(); @@ -217,9 +216,9 @@ void BaseIntegrationTest::createEnvoy() { createGeneratedApiTestServer(bootstrap_path, named_ports, {false, true, false}, false); } -void BaseIntegrationTest::setUpstreamProtocol(FakeHttpConnection::Type protocol) { +void BaseIntegrationTest::setUpstreamProtocol(Http::CodecType protocol) { upstream_config_.upstream_protocol_ = protocol; - if (upstream_config_.upstream_protocol_ == FakeHttpConnection::Type::HTTP2) { + if (upstream_config_.upstream_protocol_ == Http::CodecType::HTTP2) { config_helper_.addConfigModifier( [&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() >= 1, ""); @@ -228,7 +227,7 @@ void BaseIntegrationTest::setUpstreamProtocol(FakeHttpConnection::Type protocol) ConfigHelper::setProtocolOptions( *bootstrap.mutable_static_resources()->mutable_clusters(0), protocol_options); }); - } else if (upstream_config_.upstream_protocol_ == FakeHttpConnection::Type::HTTP1) { + } else if (upstream_config_.upstream_protocol_ == Http::CodecType::HTTP1) { config_helper_.addConfigModifier( [&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() >= 1, ""); @@ -238,7 +237,7 @@ void BaseIntegrationTest::setUpstreamProtocol(FakeHttpConnection::Type protocol) *bootstrap.mutable_static_resources()->mutable_clusters(0), protocol_options); }); } else { - RELEASE_ASSERT(protocol == FakeHttpConnection::Type::HTTP3, ""); + RELEASE_ASSERT(protocol == Http::CodecType::HTTP3, ""); setUdpFakeUpstream(FakeUpstreamConfig::UdpConfig()); upstream_tls_ = true; config_helper_.configureUpstreamTls(false, true); @@ -390,9 +389,9 @@ void BaseIntegrationTest::createApiTestServer(const ApiFilesystemConfig& api_fil port_names, validator_config, allow_lds_rejection); } -void BaseIntegrationTest::sendRawHttpAndWaitForResponse(int port, const char* raw_http, - std::string* response, - bool disconnect_after_headers_complete) { +void BaseIntegrationTest::sendRawHttpAndWaitForResponse( + int port, const char* raw_http, std::string* response, bool disconnect_after_headers_complete, + Network::TransportSocketPtr transport_socket) { auto connection = createConnectionDriver( port, raw_http, [response, disconnect_after_headers_complete](Network::ClientConnection& client, @@ -401,7 +400,8 @@ void BaseIntegrationTest::sendRawHttpAndWaitForResponse(int port, const char* ra if (disconnect_after_headers_complete && response->find("\r\n\r\n") != std::string::npos) { client.close(Network::ConnectionCloseType::NoFlush); } - }); + }, + std::move(transport_socket)); connection->run(); } @@ -445,7 +445,7 @@ void BaseIntegrationTest::createXdsUpstream() { return; } if (tls_xds_upstream_ == false) { - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } else { envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext tls_context; auto* common_tls_context = tls_context.mutable_common_tls_context(); @@ -461,7 +461,7 @@ void BaseIntegrationTest::createXdsUpstream() { upstream_stats_store_ = std::make_unique(); auto context = std::make_unique( std::move(cfg), context_manager_, *upstream_stats_store_, std::vector{}); - addFakeUpstream(std::move(context), FakeHttpConnection::Type::HTTP2); + addFakeUpstream(std::move(context), Http::CodecType::HTTP2); } xds_upstream_ = fake_upstreams_.back().get(); } diff --git a/test/integration/base_integration_test.h b/test/integration/base_integration_test.h index 9f902f958d2d..18b8b02c8899 100644 --- a/test/integration/base_integration_test.h +++ b/test/integration/base_integration_test.h @@ -8,10 +8,9 @@ #include "envoy/server/process_context.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/config/version_converter.h" - -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/config/api_version.h" +#include "source/common/config/version_converter.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/config/utility.h" @@ -64,7 +63,7 @@ class BaseIntegrationTest : protected Logger::Loggable { // Finalize the config and spin up an Envoy instance. virtual void createEnvoy(); // Sets upstream_protocol_ and alters the upstream protocol in the config_helper_ - void setUpstreamProtocol(FakeHttpConnection::Type protocol); + void setUpstreamProtocol(Http::CodecType protocol); // Sets fake_upstreams_count_ void setUpstreamCount(uint32_t count) { fake_upstreams_count_ = count; } // Skip validation that ensures that all upstream ports are referenced by the @@ -73,7 +72,7 @@ class BaseIntegrationTest : protected Logger::Loggable { // Make test more deterministic by using a fixed RNG value. void setDeterministic() { deterministic_ = true; } - FakeHttpConnection::Type upstreamProtocol() const { return upstream_config_.upstream_protocol_; } + Http::CodecType upstreamProtocol() const { return upstream_config_.upstream_protocol_; } IntegrationTcpClientPtr makeTcpConnection(uint32_t port, @@ -274,7 +273,8 @@ class BaseIntegrationTest : protected Logger::Loggable { * @param if the connection should be terminated once '\r\n\r\n' has been read. **/ void sendRawHttpAndWaitForResponse(int port, const char* raw_http, std::string* response, - bool disconnect_after_headers_complete = false); + bool disconnect_after_headers_complete = false, + Network::TransportSocketPtr transport_socket = nullptr); /** * Helper to create ConnectionDriver. @@ -285,10 +285,11 @@ class BaseIntegrationTest : protected Logger::Loggable { **/ std::unique_ptr createConnectionDriver( uint32_t port, const std::string& initial_data, - std::function&& data_callback) { + std::function&& data_callback, + Network::TransportSocketPtr transport_socket = nullptr) { Buffer::OwnedImpl buffer(initial_data); return std::make_unique(port, buffer, data_callback, version_, - *dispatcher_); + *dispatcher_, std::move(transport_socket)); } /** @@ -307,23 +308,23 @@ class BaseIntegrationTest : protected Logger::Loggable { *dispatcher_, std::move(transport_socket)); } - FakeUpstreamConfig configWithType(FakeHttpConnection::Type type) const { + FakeUpstreamConfig configWithType(Http::CodecType type) const { FakeUpstreamConfig config = upstream_config_; config.upstream_protocol_ = type; - if (type != FakeHttpConnection::Type::HTTP3) { + if (type != Http::CodecType::HTTP3) { config.udp_fake_upstream_ = absl::nullopt; } return config; } - FakeUpstream& addFakeUpstream(FakeHttpConnection::Type type) { + FakeUpstream& addFakeUpstream(Http::CodecType type) { auto config = configWithType(type); fake_upstreams_.emplace_back(std::make_unique(0, version_, config)); return *fake_upstreams_.back(); } FakeUpstream& addFakeUpstream(Network::TransportSocketFactoryPtr&& transport_socket_factory, - FakeHttpConnection::Type type) { + Http::CodecType type) { auto config = configWithType(type); fake_upstreams_.emplace_back( std::make_unique(std::move(transport_socket_factory), 0, version_, config)); diff --git a/test/integration/buffer_accounting_integration_test.cc b/test/integration/buffer_accounting_integration_test.cc new file mode 100644 index 000000000000..b11c916e568b --- /dev/null +++ b/test/integration/buffer_accounting_integration_test.cc @@ -0,0 +1,227 @@ +#include + +#include "envoy/config/bootstrap/v3/bootstrap.pb.h" +#include "envoy/config/cluster/v3/cluster.pb.h" +#include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" +#include "envoy/network/address.h" + +#include "source/common/buffer/buffer_impl.h" + +#include "test/integration/autonomous_upstream.h" +#include "test/integration/tracked_watermark_buffer.h" +#include "test/integration/utility.h" +#include "test/mocks/http/mocks.h" + +#include "fake_upstream.h" +#include "gtest/gtest.h" +#include "http_integration.h" +#include "integration_stream_decoder.h" +#include "socket_interface_swap.h" + +namespace Envoy { +namespace { +std::string ipVersionAndBufferAccountingTestParamsToString( + const ::testing::TestParamInfo>& params) { + return fmt::format( + "{}_{}", + TestUtility::ipTestParamsToString(::testing::TestParamInfo( + std::get<0>(params.param), params.index)), + std::get<1>(params.param) ? "with_per_stream_buffer_accounting" + : "without_per_stream_buffer_accounting"); +} +} // namespace + +class HttpBufferWatermarksTest + : public SocketInterfaceSwap, + public testing::TestWithParam>, + public HttpIntegrationTest { +public: + std::vector + sendRequests(uint32_t num_responses, uint32_t request_body_size, uint32_t response_body_size) { + std::vector responses; + + Http::TestRequestHeaderMapImpl header_map{ + {"response_data_blocks", absl::StrCat(1)}, + {"response_size_bytes", absl::StrCat(response_body_size)}, + {"no_trailers", "0"}}; + header_map.copyFrom(default_request_headers_); + header_map.setContentLength(request_body_size); + + for (uint32_t idx = 0; idx < num_responses; ++idx) { + responses.emplace_back(codec_client_->makeRequestWithBody(header_map, request_body_size)); + } + + return responses; + } + + // TODO(kbaichoo): Parameterize on the client codec type when other protocols + // (H1, H3) support buffer accounting. + HttpBufferWatermarksTest() + : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, std::get<0>(GetParam())) { + config_helper_.addRuntimeOverride("envoy.test_only.per_stream_buffer_accounting", + streamBufferAccounting() ? "true" : "false"); + setServerBufferFactory(buffer_factory_); + setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + } + +protected: + std::shared_ptr buffer_factory_ = + std::make_shared(); + + bool streamBufferAccounting() { return std::get<1>(GetParam()); } + + std::string printAccounts() { + std::stringstream stream; + auto print_map = + [&stream](Buffer::TrackedWatermarkBufferFactory::AccountToBoundBuffersMap& map) { + stream << "Printing Account map. Size: " << map.size() << '\n'; + for (auto& entry : map) { + // This runs in the context of the worker thread, so we can access + // the balance. + stream << " Account: " << entry.first << '\n'; + stream << " Balance:" + << static_cast(entry.first.get())->balance() + << '\n'; + stream << " Number of associated buffers: " << entry.second.size() << '\n'; + } + }; + buffer_factory_->inspectAccounts(print_map, test_server_->server()); + return stream.str(); + } +}; + +INSTANTIATE_TEST_SUITE_P( + IpVersions, HttpBufferWatermarksTest, + testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), testing::Bool()), + ipVersionAndBufferAccountingTestParamsToString); + +// We should create four buffers each billing the same downstream request's +// account which originated the chain. +TEST_P(HttpBufferWatermarksTest, ShouldCreateFourBuffersPerAccount) { + FakeStreamPtr upstream_request1; + FakeStreamPtr upstream_request2; + default_request_headers_.setContentLength(1000); + + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + + // Sends the first request. + auto response1 = codec_client_->makeRequestWithBody(default_request_headers_, 1000); + waitForNextUpstreamRequest(); + upstream_request1 = std::move(upstream_request_); + + // Check the expected number of buffers per account + if (streamBufferAccounting()) { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 4)); + } else { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); + } + + // Send the second request. + auto response2 = codec_client_->makeRequestWithBody(default_request_headers_, 1000); + waitForNextUpstreamRequest(); + upstream_request2 = std::move(upstream_request_); + + // Check the expected number of buffers per account + if (streamBufferAccounting()) { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(2, 8)); + } else { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); + } + + // Respond to the first request and wait for complete + upstream_request1->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}}, false); + upstream_request1->encodeData(1000, true); + ASSERT_TRUE(response1->waitForEndStream()); + ASSERT_TRUE(upstream_request1->complete()); + + // Check the expected number of buffers per account + if (streamBufferAccounting()) { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 4)); + } else { + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); + } + + // Respond to the second request and wait for complete + upstream_request2->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}}, false); + upstream_request2->encodeData(1000, true); + ASSERT_TRUE(response2->waitForEndStream()); + ASSERT_TRUE(upstream_request2->complete()); + + // Check the expected number of buffers per account + EXPECT_TRUE(buffer_factory_->waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); +} + +TEST_P(HttpBufferWatermarksTest, ShouldTrackAllocatedBytesToUpstream) { + const int num_requests = 5; + const uint32_t request_body_size = 4096; + const uint32_t response_body_size = 4096; + + autonomous_upstream_ = true; + autonomous_allow_incomplete_streams_ = true; + initialize(); + + buffer_factory_->setExpectedAccountBalance(request_body_size, num_requests); + + // Makes us have Envoy's writes to upstream return EAGAIN + writev_matcher_->setDestinationPort(fake_upstreams_[0]->localAddress()->ip()->port()); + writev_matcher_->setWritevReturnsEgain(); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto responses = sendRequests(num_requests, request_body_size, response_body_size); + + // Wait for all requests to have accounted for the requests we've sent. + if (streamBufferAccounting()) { + EXPECT_TRUE( + buffer_factory_->waitForExpectedAccountBalanceWithTimeout(TestUtility::DefaultTimeout)) + << "buffer total: " << buffer_factory_->totalBufferSize() + << " buffer max: " << buffer_factory_->maxBufferSize() << printAccounts(); + } + + writev_matcher_->setResumeWrites(); + + for (auto& response : responses) { + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + } +} + +TEST_P(HttpBufferWatermarksTest, ShouldTrackAllocatedBytesToDownstream) { + const int num_requests = 5; + const uint32_t request_body_size = 4096; + const uint32_t response_body_size = 16384; + + autonomous_upstream_ = true; + autonomous_allow_incomplete_streams_ = true; + initialize(); + + buffer_factory_->setExpectedAccountBalance(response_body_size, num_requests); + writev_matcher_->setSourcePort(lookupPort("http")); + codec_client_ = makeHttpConnection(lookupPort("http")); + + // Simulate TCP push back on the Envoy's downstream network socket, so that outbound frames + // start to accumulate in the transport socket buffer. + writev_matcher_->setWritevReturnsEgain(); + + auto responses = sendRequests(num_requests, request_body_size, response_body_size); + + // Wait for all requests to buffered the response from upstream. + if (streamBufferAccounting()) { + EXPECT_TRUE( + buffer_factory_->waitForExpectedAccountBalanceWithTimeout(TestUtility::DefaultTimeout)) + << "buffer total: " << buffer_factory_->totalBufferSize() + << " buffer max: " << buffer_factory_->maxBufferSize() << printAccounts(); + } + + writev_matcher_->setResumeWrites(); + + // Wait for streams to terminate. + for (auto& response : responses) { + ASSERT_TRUE(response->waitForEndStream()); + ASSERT_TRUE(response->complete()); + } +} + +} // namespace Envoy diff --git a/test/integration/cds_integration_test.cc b/test/integration/cds_integration_test.cc index aecabc64bee6..4b62e426f021 100644 --- a/test/integration/cds_integration_test.cc +++ b/test/integration/cds_integration_test.cc @@ -3,9 +3,9 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/stats/scope.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -31,7 +31,7 @@ const int UpstreamIndex2 = 2; class CdsIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public HttpIntegrationTest { public: CdsIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), + : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), ConfigHelper::discoveredClustersBootstrap( sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC")) { use_lds_ = false; @@ -53,8 +53,8 @@ class CdsIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public Ht // BaseIntegrationTest::createUpstreams() (which is part of initialize()). // Make sure this number matches the size of the 'clusters' repeated field in the bootstrap // config that you use! - setUpstreamCount(1); // the CDS cluster - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); // CDS uses gRPC uses HTTP2. + setUpstreamCount(1); // the CDS cluster + setUpstreamProtocol(Http::CodecType::HTTP2); // CDS uses gRPC uses HTTP2. // HttpIntegrationTest::initialize() does many things: // 1) It appends to fake_upstreams_ as many as you asked for via setUpstreamCount(). @@ -71,8 +71,8 @@ class CdsIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public Ht // Create the regular (i.e. not an xDS server) upstreams. We create them manually here after // initialize() because finalize() expects all fake_upstreams_ to correspond to a static // cluster in the bootstrap config - which we don't want since we're testing dynamic CDS! - addFakeUpstream(FakeHttpConnection::Type::HTTP2); - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); cluster1_ = ConfigHelper::buildStaticCluster( ClusterName1, fake_upstreams_[UpstreamIndex1]->localAddress()->ip()->port(), Network::Test::getLoopbackAddressString(ipVersion())); diff --git a/test/integration/cluster_upstream_extension_integration_test.cc b/test/integration/cluster_upstream_extension_integration_test.cc index e4ac4ee0ba76..163d628a175b 100644 --- a/test/integration/cluster_upstream_extension_integration_test.cc +++ b/test/integration/cluster_upstream_extension_integration_test.cc @@ -3,7 +3,7 @@ #include "envoy/registry/registry.h" #include "envoy/router/router.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/integration/fake_upstream.h" #include "test/integration/http_integration.h" @@ -20,7 +20,7 @@ class ClusterUpstreamExtensionIntegrationTest public HttpIntegrationTest { public: ClusterUpstreamExtensionIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void populateMetadataTestData(envoy::config::core::v3::Metadata& metadata, const std::string& key1, const std::string& key2, diff --git a/test/integration/clusters/BUILD b/test/integration/clusters/BUILD index 97b137eb75f7..2279cb450a9d 100644 --- a/test/integration/clusters/BUILD +++ b/test/integration/clusters/BUILD @@ -19,10 +19,10 @@ envoy_cc_test_library( ], deps = [ ":cluster_factory_config_proto_cc_proto", - "//include/envoy/api:api_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/api:api_interface", + "//envoy/http:codec_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/event:dispatcher_lib", "//source/common/network:utility_lib", "//source/common/singleton:manager_impl_lib", diff --git a/test/integration/clusters/custom_static_cluster.h b/test/integration/clusters/custom_static_cluster.h index 7b6c7dafa96a..8b91386ac0d4 100644 --- a/test/integration/clusters/custom_static_cluster.h +++ b/test/integration/clusters/custom_static_cluster.h @@ -11,10 +11,9 @@ #include "envoy/http/codec.h" #include "envoy/upstream/cluster_manager.h" -#include "common/network/address_impl.h" -#include "common/upstream/cluster_factory_impl.h" - -#include "server/transport_socket_config_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/upstream/cluster_factory_impl.h" +#include "source/server/transport_socket_config_impl.h" #include "test/common/upstream/utility.h" #include "test/integration/clusters/cluster_factory_config.pb.h" diff --git a/test/integration/command_formatter_extension_integration_test.cc b/test/integration/command_formatter_extension_integration_test.cc index 3cc1a21527dc..fe0643b39a90 100644 --- a/test/integration/command_formatter_extension_integration_test.cc +++ b/test/integration/command_formatter_extension_integration_test.cc @@ -13,7 +13,7 @@ namespace Formatter { class CommandFormatterExtensionIntegrationTest : public testing::Test, public HttpIntegrationTest { public: CommandFormatterExtensionIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, Network::Address::IpVersion::v4) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, Network::Address::IpVersion::v4) {} }; TEST_F(CommandFormatterExtensionIntegrationTest, BasicExtension) { diff --git a/test/integration/custom_cluster_integration_test.cc b/test/integration/custom_cluster_integration_test.cc index e5553e9a87ef..74e4b9d7eed8 100644 --- a/test/integration/custom_cluster_integration_test.cc +++ b/test/integration/custom_cluster_integration_test.cc @@ -1,8 +1,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/cluster/v3/cluster.pb.h" -#include "common/network/address_impl.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/upstream/load_balancer_impl.h" #include "test/config/utility.h" #include "test/integration/clusters/cluster_factory_config.pb.h" @@ -18,8 +18,7 @@ const int UpstreamIndex = 0; class CustomClusterIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - CustomClusterIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + CustomClusterIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { setUpstreamCount(1); diff --git a/test/integration/cx_limit_integration_test.cc b/test/integration/cx_limit_integration_test.cc index 7f0639bf95dd..fd3c1bbb6fb1 100644 --- a/test/integration/cx_limit_integration_test.cc +++ b/test/integration/cx_limit_integration_test.cc @@ -2,7 +2,7 @@ #include "envoy/network/filter.h" #include "envoy/registry/registry.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" #include "test/config/utility.h" #include "test/integration/integration.h" diff --git a/test/integration/direct_response_integration_test.cc b/test/integration/direct_response_integration_test.cc index da246a27f74c..bc79926acaff 100644 --- a/test/integration/direct_response_integration_test.cc +++ b/test/integration/direct_response_integration_test.cc @@ -6,8 +6,7 @@ namespace Envoy { class DirectResponseIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - DirectResponseIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + DirectResponseIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void TearDown() override { cleanupUpstreamAndDownstream(); } diff --git a/test/integration/drain_close_integration_test.cc b/test/integration/drain_close_integration_test.cc index 22f410e1ce69..de57d7fcba64 100644 --- a/test/integration/drain_close_integration_test.cc +++ b/test/integration/drain_close_integration_test.cc @@ -35,7 +35,7 @@ TEST_P(DrainCloseIntegrationTest, DrainCloseGradual) { EXPECT_TRUE(response->complete()); EXPECT_EQ("200", response->headers().getStatusValue()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ == Http::CodecType::HTTP2) { EXPECT_TRUE(codec_client_->sawGoAway()); } else { EXPECT_EQ("close", response->headers().getConnectionValue()); @@ -66,7 +66,7 @@ TEST_P(DrainCloseIntegrationTest, DrainCloseImmediate) { EXPECT_TRUE(response->complete()); EXPECT_EQ("200", response->headers().getStatusValue()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ == Http::CodecType::HTTP2) { EXPECT_TRUE(codec_client_->sawGoAway()); } else { EXPECT_EQ("close", response->headers().getConnectionValue()); @@ -108,7 +108,7 @@ TEST_P(DrainCloseIntegrationTest, AdminGracefulDrain) { // Connections will terminate on request complete ASSERT_TRUE(codec_client_->waitForDisconnect()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ == Http::CodecType::HTTP2) { EXPECT_TRUE(codec_client_->sawGoAway()); } else { EXPECT_EQ("close", response->headers().getConnectionValue()); @@ -169,8 +169,8 @@ TEST_P(DrainCloseIntegrationTest, RepeatedAdminGracefulDrain) { INSTANTIATE_TEST_SUITE_P(Protocols, DrainCloseIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); } // namespace diff --git a/test/integration/dynamic_validation_integration_test.cc b/test/integration/dynamic_validation_integration_test.cc index aab7833a5372..e6f7c5dddc53 100644 --- a/test/integration/dynamic_validation_integration_test.cc +++ b/test/integration/dynamic_validation_integration_test.cc @@ -3,7 +3,7 @@ #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.validate.h" -#include "extensions/filters/network/common/factory_base.h" +#include "source/extensions/filters/network/common/factory_base.h" #include "test/integration/http_integration.h" #include "test/test_common/environment.h" @@ -62,10 +62,10 @@ class DynamicValidationIntegrationTest public HttpIntegrationTest { public: DynamicValidationIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, std::get<0>(GetParam())), + : HttpIntegrationTest(Http::CodecType::HTTP2, std::get<0>(GetParam())), reject_unknown_dynamic_fields_(std::get<1>(GetParam())), ignore_unknown_dynamic_fields_(std::get<2>(GetParam())) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); } void createEnvoy() override { diff --git a/test/integration/eds_integration_test.cc b/test/integration/eds_integration_test.cc index 5b742158d699..455f1f39e733 100644 --- a/test/integration/eds_integration_test.cc +++ b/test/integration/eds_integration_test.cc @@ -5,7 +5,7 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/type/v3/http.pb.h" -#include "common/upstream/load_balancer_impl.h" +#include "source/common/upstream/load_balancer_impl.h" #include "test/config/utility.h" #include "test/integration/http_integration.h" @@ -22,7 +22,7 @@ class EdsIntegrationTest : public testing::TestWithParam #include -#include "common/buffer/buffer_impl.h" -#include "common/config/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_factory.h" -#include "common/network/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/config/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/network/utility.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/codec_impl.h" +#include "source/common/quic/codec_impl.h" #endif -#include "server/connection_handler_impl.h" +#include "source/server/connection_handler_impl.h" #include "test/test_common/network_utility.h" #include "test/test_common/utility.h" @@ -69,16 +69,16 @@ void FakeStream::decodeMetadata(Http::MetadataMapPtr&& metadata_map_ptr) { } void FakeStream::postToConnectionThread(std::function cb) { - parent_.connection().dispatcher().post(cb); + parent_.postToConnectionThread(cb); } void FakeStream::encode100ContinueHeaders(const Http::ResponseHeaderMap& headers) { std::shared_ptr headers_copy( Http::createHeaderMap(headers)); - parent_.connection().dispatcher().post([this, headers_copy]() -> void { + postToConnectionThread([this, headers_copy]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -95,10 +95,10 @@ void FakeStream::encodeHeaders(const Http::HeaderMap& headers, bool end_stream) parent_.connection().addressProvider().localAddress()->asString()); } - parent_.connection().dispatcher().post([this, headers_copy, end_stream]() -> void { + postToConnectionThread([this, headers_copy, end_stream]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -108,10 +108,10 @@ void FakeStream::encodeHeaders(const Http::HeaderMap& headers, bool end_stream) } void FakeStream::encodeData(absl::string_view data, bool end_stream) { - parent_.connection().dispatcher().post([this, data, end_stream]() -> void { + postToConnectionThread([this, data, end_stream]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -122,10 +122,10 @@ void FakeStream::encodeData(absl::string_view data, bool end_stream) { } void FakeStream::encodeData(uint64_t size, bool end_stream) { - parent_.connection().dispatcher().post([this, size, end_stream]() -> void { + postToConnectionThread([this, size, end_stream]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -137,10 +137,10 @@ void FakeStream::encodeData(uint64_t size, bool end_stream) { void FakeStream::encodeData(Buffer::Instance& data, bool end_stream) { std::shared_ptr data_copy = std::make_shared(data); - parent_.connection().dispatcher().post([this, data_copy, end_stream]() -> void { + postToConnectionThread([this, data_copy, end_stream]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -152,10 +152,10 @@ void FakeStream::encodeData(Buffer::Instance& data, bool end_stream) { void FakeStream::encodeTrailers(const Http::HeaderMap& trailers) { std::shared_ptr trailers_copy( Http::createHeaderMap(trailers)); - parent_.connection().dispatcher().post([this, trailers_copy]() -> void { + postToConnectionThread([this, trailers_copy]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -165,10 +165,10 @@ void FakeStream::encodeTrailers(const Http::HeaderMap& trailers) { } void FakeStream::encodeResetStream() { - parent_.connection().dispatcher().post([this]() -> void { + postToConnectionThread([this]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -178,10 +178,10 @@ void FakeStream::encodeResetStream() { } void FakeStream::encodeMetadata(const Http::MetadataMapVector& metadata_map_vector) { - parent_.connection().dispatcher().post([this, &metadata_map_vector]() -> void { + postToConnectionThread([this, &metadata_map_vector]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -191,10 +191,10 @@ void FakeStream::encodeMetadata(const Http::MetadataMapVector& metadata_map_vect } void FakeStream::readDisable(bool disable) { - parent_.connection().dispatcher().post([this, disable]() -> void { + postToConnectionThread([this, disable]() -> void { { absl::MutexLock lock(&lock_); - if (saw_reset_) { + if (!parent_.connected() || saw_reset_) { // Encoded already deleted. return; } @@ -319,14 +319,14 @@ class TestHttp1ServerConnectionImpl : public Http::Http1::ServerConnectionImpl { }; FakeHttpConnection::FakeHttpConnection( - FakeUpstream& fake_upstream, SharedConnectionWrapper& shared_connection, Type type, + FakeUpstream& fake_upstream, SharedConnectionWrapper& shared_connection, Http::CodecType type, Event::TestTimeSystem& time_system, uint32_t max_request_headers_kb, uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action) : FakeConnectionBase(shared_connection, time_system), type_(type) { ASSERT(max_request_headers_count != 0); - if (type == Type::HTTP1) { + if (type == Http::CodecType::HTTP1) { Http::Http1Settings http1_settings; // For the purpose of testing, we always have the upstream encode the trailers if any http1_settings.enable_trailers_ = true; @@ -334,14 +334,14 @@ FakeHttpConnection::FakeHttpConnection( codec_ = std::make_unique( shared_connection_.connection(), stats, *this, http1_settings, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); - } else if (type == Type::HTTP2) { + } else if (type == Http::CodecType::HTTP2) { envoy::config::core::v3::Http2ProtocolOptions http2_options = fake_upstream.http2Options(); Http::Http2::CodecStats& stats = fake_upstream.http2CodecStats(); codec_ = std::make_unique( shared_connection_.connection(), *this, stats, random_, http2_options, max_request_headers_kb, max_request_headers_count, headers_with_underscores_action); } else { - ASSERT(type == Type::HTTP3); + ASSERT(type == Http::CodecType::HTTP3); #ifdef ENVOY_ENABLE_QUIC Http::Http3::CodecStats& stats = fake_upstream.http3CodecStats(); codec_ = std::make_unique( @@ -380,25 +380,25 @@ Http::RequestDecoder& FakeHttpConnection::newStream(Http::ResponseEncoder& encod } void FakeHttpConnection::onGoAway(Http::GoAwayErrorCode code) { - ASSERT(type_ >= Type::HTTP2); + ASSERT(type_ >= Http::CodecType::HTTP2); // Usually indicates connection level errors, no operations are needed since // the connection will be closed soon. ENVOY_LOG(info, "FakeHttpConnection receives GOAWAY: ", code); } void FakeHttpConnection::encodeGoAway() { - ASSERT(type_ >= Type::HTTP2); + ASSERT(type_ >= Http::CodecType::HTTP2); - shared_connection_.connection().dispatcher().post([this]() { codec_->goAway(); }); + postToConnectionThread([this]() { codec_->goAway(); }); } void FakeHttpConnection::encodeProtocolError() { - ASSERT(type_ >= Type::HTTP2); + ASSERT(type_ >= Http::CodecType::HTTP2); Http::Http2::ServerConnectionImpl* codec = dynamic_cast(codec_.get()); ASSERT(codec != nullptr); - shared_connection_.connection().dispatcher().post([codec]() { + postToConnectionThread([codec]() { Http::Status status = codec->protocolErrorForTest(); ASSERT(Http::getStatusCode(status) == Http::StatusCode::CodecProtocolError); }); @@ -429,6 +429,14 @@ AssertionResult FakeConnectionBase::waitForHalfClose(milliseconds timeout) { return AssertionSuccess(); } +void FakeConnectionBase::postToConnectionThread(std::function cb) { + ++pending_cbs_; + dispatcher_.post([this, cb]() { + cb(); + --pending_cbs_; + }); +} + AssertionResult FakeHttpConnection::waitForNewStream(Event::Dispatcher& client_dispatcher, FakeStreamPtr& stream, std::chrono::milliseconds timeout) { @@ -505,8 +513,9 @@ FakeUpstream::FakeUpstream(Network::TransportSocketFactoryPtr&& transport_socket dispatcher_(api_->allocateDispatcher("fake_upstream")), handler_(new Server::ConnectionHandlerImpl(*dispatcher_, 0)), config_(config), read_disable_on_new_connection_(true), enable_half_close_(config.enable_half_close_), - listener_(*this, http_type_ == FakeHttpConnection::Type::HTTP3), - filter_chain_(Network::Test::createEmptyFilterChain(std::move(transport_socket_factory))) { + listener_(*this, http_type_ == Http::CodecType::HTTP3), + filter_chain_(Network::Test::createEmptyFilterChain(std::move(transport_socket_factory))), + stats_scope_(stats_store_.createScope("test_server_scope")) { ENVOY_LOG(info, "starting fake server at {}. UDP={} codec={}", localAddress()->asString(), config.udp_fake_upstream_.has_value(), FakeHttpConnection::typeToString(http_type_)); if (config.udp_fake_upstream_.has_value() && @@ -532,7 +541,7 @@ void FakeUpstream::cleanUp() { bool FakeUpstream::createNetworkFilterChain(Network::Connection& connection, const std::vector&) { absl::MutexLock lock(&lock_); - if (read_disable_on_new_connection_ && http_type_ != FakeHttpConnection::Type::HTTP3) { + if (read_disable_on_new_connection_ && http_type_ != Http::CodecType::HTTP3) { // Disable early close detection to avoid closing the network connection before full // initialization is complete. connection.detectEarlyCloseWhenReadDisabled(false); @@ -545,7 +554,7 @@ bool FakeUpstream::createNetworkFilterChain(Network::Connection& connection, // Normally we don't associate a logical network connection with a FakeHttpConnection until // waitForHttpConnection is called, but QUIC needs to be set up as packets come in, so we do // not lazily create for HTTP/3 - if (http_type_ == FakeHttpConnection::Type::HTTP3) { + if (http_type_ == Http::CodecType::HTTP3) { quic_connections_.push_back(std::make_unique( *this, consumeConnection(), http_type_, time_system_, config_.max_request_headers_kb_, config_.max_request_headers_count_, config_.headers_with_underscores_action_)); @@ -582,7 +591,7 @@ AssertionResult FakeUpstream::waitForHttpConnection(Event::Dispatcher& client_di // As noted in createNetworkFilterChain, HTTP3 FakeHttpConnections are not // lazily created, so HTTP3 needs a different wait path here. - if (http_type_ == FakeHttpConnection::Type::HTTP3) { + if (http_type_ == Http::CodecType::HTTP3) { if (quic_connections_.empty() && !waitForWithDispatcherRun( time_system_, lock_, @@ -686,12 +695,11 @@ SharedConnectionWrapper& FakeUpstream::consumeConnection() { auto* const connection_wrapper = new_connections_.front().get(); // Skip the thread safety check if the network connection has already been freed since there's no // alternate way to get access to the dispatcher. - ASSERT(!connection_wrapper->connected() || - connection_wrapper->connection().dispatcher().isThreadSafe()); + ASSERT(!connection_wrapper->connected() || connection_wrapper->dispatcher().isThreadSafe()); connection_wrapper->setParented(); connection_wrapper->moveBetweenLists(new_connections_, consumed_connections_); if (read_disable_on_new_connection_ && connection_wrapper->connected() && - http_type_ != FakeHttpConnection::Type::HTTP3) { + http_type_ != Http::CodecType::HTTP3) { // Re-enable read and early close detection. auto& connection = connection_wrapper->connection(); connection.detectEarlyCloseWhenReadDisabled(true); @@ -778,7 +786,7 @@ void FakeRawConnection::initialize() { ENVOY_LOG(warn, "FakeRawConnection::initialize: network connection is already disconnected"); return; } - ASSERT(shared_connection_.connection().dispatcher().isThreadSafe()); + ASSERT(shared_connection_.dispatcher().isThreadSafe()); shared_connection_.connection().addReadFilter(filter); } diff --git a/test/integration/fake_upstream.h b/test/integration/fake_upstream.h index eb3e9ac75709..580da4db816b 100644 --- a/test/integration/fake_upstream.h +++ b/test/integration/fake_upstream.h @@ -15,31 +15,32 @@ #include "envoy/network/filter.h" #include "envoy/stats/scope.h" -#include "common/buffer/buffer_impl.h" -#include "common/buffer/zero_copy_input_stream_impl.h" -#include "common/common/basic_resource_impl.h" -#include "common/common/callback_impl.h" -#include "common/common/linked_object.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" -#include "common/config/utility.h" -#include "common/grpc/codec.h" -#include "common/grpc/common.h" -#include "common/http/http1/codec_impl.h" -#include "common/http/http2/codec_impl.h" -#include "common/http/http3/codec_stats.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/filter_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/zero_copy_input_stream_impl.h" +#include "source/common/common/basic_resource_impl.h" +#include "source/common/common/callback_impl.h" +#include "source/common/common/linked_object.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/common/config/utility.h" +#include "source/common/grpc/codec.h" +#include "source/common/grpc/common.h" +#include "source/common/http/http1/codec_impl.h" +#include "source/common/http/http2/codec_impl.h" +#include "source/common/http/http3/codec_stats.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/filter_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/stats/isolated_store_impl.h" #if defined(ENVOY_ENABLE_QUIC) -#include "common/quic/active_quic_listener.h" +#include "source/common/quic/active_quic_listener.h" +#include "source/common/quic/quic_stat_names.h" #endif -#include "server/active_raw_udp_listener_config.h" +#include "source/server/active_raw_udp_listener_config.h" #include "test/mocks/common.h" #include "test/test_common/test_time_system.h" @@ -265,7 +266,8 @@ class SharedConnectionWrapper : public Network::ConnectionCallbacks, public: using DisconnectCallback = std::function; - SharedConnectionWrapper(Network::Connection& connection) : connection_(connection) { + SharedConnectionWrapper(Network::Connection& connection) + : connection_(connection), dispatcher_(connection_.dispatcher()) { connection_.addConnectionCallbacks(*this); } @@ -285,6 +287,8 @@ class SharedConnectionWrapper : public Network::ConnectionCallbacks, void onAboveWriteBufferHighWatermark() override {} void onBelowWriteBufferLowWatermark() override {} + Event::Dispatcher& dispatcher() { return dispatcher_; } + bool connected() { absl::MutexLock lock(&lock_); return connectedLockHeld(); @@ -355,6 +359,7 @@ class SharedConnectionWrapper : public Network::ConnectionCallbacks, private: Network::Connection& connection_; + Event::Dispatcher& dispatcher_; absl::Mutex lock_; bool parented_ ABSL_GUARDED_BY(lock_){}; bool disconnected_ ABSL_GUARDED_BY(lock_){}; @@ -370,6 +375,7 @@ class FakeConnectionBase : public Logger::Loggable { virtual ~FakeConnectionBase() { absl::MutexLock lock(&lock_); ASSERT(initialized_); + ASSERT(pending_cbs_ == 0); } ABSL_MUST_USE_RESULT @@ -395,16 +401,20 @@ class FakeConnectionBase : public Logger::Loggable { Network::Connection& connection() const { return shared_connection_.connection(); } bool connected() const { return shared_connection_.connected(); } + void postToConnectionThread(std::function cb); + protected: FakeConnectionBase(SharedConnectionWrapper& shared_connection, Event::TestTimeSystem& time_system) : shared_connection_(shared_connection), lock_(shared_connection.lock()), - time_system_(time_system) {} + dispatcher_(shared_connection_.dispatcher()), time_system_(time_system) {} SharedConnectionWrapper& shared_connection_; absl::Mutex& lock_; // TODO(mattklein123): Use the shared connection lock and figure out better // guarded by annotations. + Event::Dispatcher& dispatcher_; bool initialized_ ABSL_GUARDED_BY(lock_){}; bool half_closed_ ABSL_GUARDED_BY(lock_){}; + std::atomic pending_cbs_{}; Event::TestTimeSystem& time_system_; }; @@ -413,22 +423,23 @@ class FakeConnectionBase : public Logger::Loggable { */ class FakeHttpConnection : public Http::ServerConnectionCallbacks, public FakeConnectionBase { public: - enum class Type { HTTP1, HTTP2, HTTP3 }; - static absl::string_view typeToString(Type type) { + // This is a legacy alias. + using Type = Envoy::Http::CodecType; + static absl::string_view typeToString(Http::CodecType type) { switch (type) { - case Type::HTTP1: + case Http::CodecType::HTTP1: return "http1"; - case Type::HTTP2: + case Http::CodecType::HTTP2: return "http2"; - case Type::HTTP3: + case Http::CodecType::HTTP3: return "http3"; } return "invalid"; } FakeHttpConnection(FakeUpstream& fake_upstream, SharedConnectionWrapper& shared_connection, - Type type, Event::TestTimeSystem& time_system, uint32_t max_request_headers_kb, - uint32_t max_request_headers_count, + Http::CodecType type, Event::TestTimeSystem& time_system, + uint32_t max_request_headers_kb, uint32_t max_request_headers_count, envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction headers_with_underscores_action); @@ -475,7 +486,7 @@ class FakeHttpConnection : public Http::ServerConnectionCallbacks, public FakeCo FakeHttpConnection& parent_; }; - const Type type_; + const Http::CodecType type_; Http::ServerConnectionPtr codec_; std::list new_streams_ ABSL_GUARDED_BY(lock_); testing::NiceMock random_; @@ -559,7 +570,7 @@ struct FakeUpstreamConfig { } Event::TestTimeSystem& time_system_; - FakeHttpConnection::Type upstream_protocol_{FakeHttpConnection::Type::HTTP1}; + Http::CodecType upstream_protocol_{Http::CodecType::HTTP1}; bool enable_half_close_{}; absl::optional udp_fake_upstream_; envoy::config::core::v3::Http2ProtocolOptions http2_options_; @@ -593,7 +604,7 @@ class FakeUpstream : Logger::Loggable, Network::Address::IpVersion version, const FakeUpstreamConfig& config); ~FakeUpstream() override; - FakeHttpConnection::Type httpType() { return http_type_; } + Http::CodecType httpType() { return http_type_; } // Returns the new connection via the connection argument. ABSL_MUST_USE_RESULT @@ -653,15 +664,15 @@ class FakeUpstream : Logger::Loggable, void cleanUp(); Http::Http1::CodecStats& http1CodecStats() { - return Http::Http1::CodecStats::atomicGet(http1_codec_stats_, stats_store_); + return Http::Http1::CodecStats::atomicGet(http1_codec_stats_, *stats_scope_); } Http::Http2::CodecStats& http2CodecStats() { - return Http::Http2::CodecStats::atomicGet(http2_codec_stats_, stats_store_); + return Http::Http2::CodecStats::atomicGet(http2_codec_stats_, *stats_scope_); } Http::Http3::CodecStats& http3CodecStats() { - return Http::Http3::CodecStats::atomicGet(http3_codec_stats_, stats_store_); + return Http::Http3::CodecStats::atomicGet(http3_codec_stats_, *stats_scope_); } // Write into the outbound buffer of the network connection at the specified index. @@ -678,7 +689,7 @@ class FakeUpstream : Logger::Loggable, protected: Stats::IsolatedStoreImpl stats_store_; - const FakeHttpConnection::Type http_type_; + const Http::CodecType http_type_; private: FakeUpstream(Network::TransportSocketFactoryPtr&& transport_socket_factory, @@ -741,7 +752,7 @@ class FakeUpstream : Logger::Loggable, if (is_quic) { #if defined(ENVOY_ENABLE_QUIC) udp_listener_config_.listener_factory_ = std::make_unique( - envoy::config::listener::v3::QuicProtocolOptions(), 1); + envoy::config::listener::v3::QuicProtocolOptions(), 1, parent_.quic_stat_names_); #else ASSERT(false, "Running a test that requires QUIC without compiling QUIC"); #endif @@ -826,9 +837,13 @@ class FakeUpstream : Logger::Loggable, FakeListener listener_; const Network::FilterChainSharedPtr filter_chain_; std::list received_datagrams_ ABSL_GUARDED_BY(lock_); + Stats::ScopePtr stats_scope_; Http::Http1::CodecStats::AtomicPtr http1_codec_stats_; Http::Http2::CodecStats::AtomicPtr http2_codec_stats_; Http::Http3::CodecStats::AtomicPtr http3_codec_stats_; +#ifdef ENVOY_ENABLE_QUIC + Quic::QuicStatNames quic_stat_names_ = Quic::QuicStatNames(stats_store_.symbolTable()); +#endif }; using FakeUpstreamPtr = std::unique_ptr; diff --git a/test/integration/filter_manager_integration_test.cc b/test/integration/filter_manager_integration_test.cc index 6d4ec55cf34b..ee5db8d4674c 100644 --- a/test/integration/filter_manager_integration_test.cc +++ b/test/integration/filter_manager_integration_test.cc @@ -9,9 +9,8 @@ #include "envoy/network/filter.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/network/common/factory_base.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/network/common/factory_base.h" #include "test/integration/filter_manager_integration_test.pb.h" #include "test/integration/filter_manager_integration_test.pb.validate.h" @@ -582,7 +581,7 @@ TEST_P(FilterChainAccessLogTest, FilterChainName) { */ class InjectDataWithHttpConnectionManagerIntegrationTest : public testing::TestWithParam< - std::tuple>, + std::tuple>, public HttpIntegrationTest, public TestWithAuxiliaryFilter { public: @@ -590,12 +589,12 @@ class InjectDataWithHttpConnectionManagerIntegrationTest // FooTestCase.BarInstance/IPv4_Http_no_inject_data static std::string testParamsToString( const testing::TestParamInfo< - std::tuple>& params) { + std::tuple>& params) { return fmt::format( "{}_{}_{}", TestUtility::ipTestParamsToString(testing::TestParamInfo( std::get<0>(params.param), params.index)), - (std::get<1>(params.param) == Http::CodecClient::Type::HTTP2 ? "Http2" : "Http"), + (std::get<1>(params.param) == Http::CodecType::HTTP2 ? "Http2" : "Http"), std::regex_replace(std::get<2>(params.param), invalid_param_name_regex(), "_")); } @@ -625,8 +624,7 @@ class InjectDataWithHttpConnectionManagerIntegrationTest INSTANTIATE_TEST_SUITE_P( Params, InjectDataWithHttpConnectionManagerIntegrationTest, testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), - testing::Values(Http::CodecClient::Type::HTTP1, - Http::CodecClient::Type::HTTP2), + testing::Values(Http::CodecType::HTTP1, Http::CodecType::HTTP2), testing::ValuesIn(auxiliary_filters())), InjectDataWithHttpConnectionManagerIntegrationTest::testParamsToString); diff --git a/test/integration/filters/BUILD b/test/integration/filters/BUILD index 3c5a4fa79d66..52477e4957a2 100644 --- a/test/integration/filters/BUILD +++ b/test/integration/filters/BUILD @@ -16,9 +16,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -31,9 +31,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -46,9 +46,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -61,9 +61,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -76,9 +76,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -91,9 +91,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -106,9 +106,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -120,9 +120,9 @@ envoy_cc_test_library( "add_trailers_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -134,9 +134,9 @@ envoy_cc_test_library( "backpressure_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -149,9 +149,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -163,10 +163,10 @@ envoy_cc_test_library( "eds_ready_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/http:header_map_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/http:header_map_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/stats:symbol_table_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", @@ -179,9 +179,9 @@ envoy_cc_test_library( "modify_buffer_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -193,9 +193,9 @@ envoy_cc_test_library( "on_local_reply_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -208,9 +208,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -222,8 +222,8 @@ envoy_cc_test_library( "pause_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/common/network:connection_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", @@ -235,9 +235,10 @@ envoy_cc_test_library( srcs = [ "pause_filter_for_quic.cc", ], + tags = ["nofips"], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/common/quic:quic_filter_manager_connection_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", @@ -253,9 +254,9 @@ envoy_cc_test_library( "process_context_filter.h", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:process_context_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:process_context_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -268,8 +269,8 @@ envoy_cc_test_library( ], deps = [ ":set_response_code_filter_config_proto_cc_proto", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", ], @@ -287,8 +288,8 @@ envoy_cc_test_library( ], deps = [ ":set_is_terminal_filter_config_proto_cc_proto", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/extensions/filters/http/common:factory_base_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", ], @@ -311,9 +312,9 @@ envoy_cc_test_library( ], deps = [ ":stop_and_continue_filter_config_proto_cc_proto", - "//include/envoy/common:scope_tracker_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/common:scope_tracker_interface", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/common/common:scope_tracker", "//source/common/network:connection_lib", "//source/extensions/filters/http/common:factory_base_lib", @@ -328,8 +329,8 @@ envoy_cc_test_library( "common.h", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//test/extensions/filters/http/common:empty_http_filter_config_lib", "//test/test_common:utility_lib", ], @@ -341,9 +342,9 @@ envoy_cc_test_library( "request_metadata_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -355,8 +356,8 @@ envoy_cc_test_library( "random_pause_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", + "//envoy/http:filter_interface", + "//envoy/registry", "//source/common/network:connection_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", @@ -370,9 +371,9 @@ envoy_cc_test_library( "response_metadata_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -385,10 +386,10 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/event:timer_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -401,10 +402,10 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/event:timer_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -417,10 +418,10 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/event:timer_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -433,10 +434,10 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/event:timer_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/event:timer_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -448,9 +449,9 @@ envoy_cc_test_library( "encoder_decoder_buffer_filter.cc", ], deps = [ - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", ], @@ -465,7 +466,7 @@ envoy_cc_test_library( "test_socket_interface.h", ], deps = [ - "//include/envoy/network:socket_interface", + "//envoy/network:socket_interface", "//source/common/common:assert_lib", "//source/common/common:utility_lib", "//source/common/network:address_lib", @@ -482,9 +483,9 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/http:header_utility_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", @@ -498,10 +499,10 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/network:filter_interface", - "//include/envoy/network:listen_socket_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/network:filter_interface", + "//envoy/network:listen_socket_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/common:assert_lib", "//source/common/common:minimal_logger_lib", "//source/common/network:address_lib", @@ -517,12 +518,27 @@ envoy_cc_test_library( ], deps = [ ":common_lib", - "//include/envoy/http:filter_interface", - "//include/envoy/registry", - "//include/envoy/server:filter_config_interface", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", "//source/common/router:delegating_route_lib", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/extensions/filters/http/common:empty_http_filter_config_lib", "//test/test_common:delegating_route_utility_lib", ], ) + +envoy_cc_test_library( + name = "remove_response_headers_lib", + srcs = [ + "remove_response_headers.cc", + ], + deps = [ + ":common_lib", + "//envoy/http:filter_interface", + "//envoy/registry", + "//envoy/server:filter_config_interface", + "//source/extensions/filters/http/common:pass_through_filter_lib", + "//test/extensions/filters/http/common:empty_http_filter_config_lib", + ], +) diff --git a/test/integration/filters/add_body_filter.cc b/test/integration/filters/add_body_filter.cc index 51faeb1e7b19..0f8b968e1417 100644 --- a/test/integration/filters/add_body_filter.cc +++ b/test/integration/filters/add_body_filter.cc @@ -4,9 +4,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/add_trailers_filter.cc b/test/integration/filters/add_trailers_filter.cc index 744750aa4a47..f97b1ad5153b 100644 --- a/test/integration/filters/add_trailers_filter.cc +++ b/test/integration/filters/add_trailers_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/address_restore_listener_filter.cc b/test/integration/filters/address_restore_listener_filter.cc index c769994b9644..f0d694501976 100644 --- a/test/integration/filters/address_restore_listener_filter.cc +++ b/test/integration/filters/address_restore_listener_filter.cc @@ -4,8 +4,8 @@ #include "envoy/network/listen_socket.h" #include "envoy/server/filter_config.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" namespace Envoy { diff --git a/test/integration/filters/backpressure_filter.cc b/test/integration/filters/backpressure_filter.cc index e5eb9ec6ea9a..b45ec9991736 100644 --- a/test/integration/filters/backpressure_filter.cc +++ b/test/integration/filters/backpressure_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/call_decodedata_once_filter.cc b/test/integration/filters/call_decodedata_once_filter.cc index 520dbad96b82..adecc086186f 100644 --- a/test/integration/filters/call_decodedata_once_filter.cc +++ b/test/integration/filters/call_decodedata_once_filter.cc @@ -1,7 +1,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/clear_route_cache_filter.cc b/test/integration/filters/clear_route_cache_filter.cc index 31102ee3c7eb..95d39a961131 100644 --- a/test/integration/filters/clear_route_cache_filter.cc +++ b/test/integration/filters/clear_route_cache_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/continue_after_local_reply_filter.cc b/test/integration/filters/continue_after_local_reply_filter.cc index be79f0c84ccf..acad17b278fc 100644 --- a/test/integration/filters/continue_after_local_reply_filter.cc +++ b/test/integration/filters/continue_after_local_reply_filter.cc @@ -1,7 +1,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/continue_headers_only_inject_body_filter.cc b/test/integration/filters/continue_headers_only_inject_body_filter.cc index 22f1519a3a14..b26bb93a639b 100644 --- a/test/integration/filters/continue_headers_only_inject_body_filter.cc +++ b/test/integration/filters/continue_headers_only_inject_body_filter.cc @@ -4,9 +4,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/decode_headers_return_stop_all_filter.cc b/test/integration/filters/decode_headers_return_stop_all_filter.cc index 91edadb75153..96481d7112e5 100644 --- a/test/integration/filters/decode_headers_return_stop_all_filter.cc +++ b/test/integration/filters/decode_headers_return_stop_all_filter.cc @@ -6,9 +6,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/eds_ready_filter.cc b/test/integration/filters/eds_ready_filter.cc index 2eaaf0b8e43a..4c78e2e5fa43 100644 --- a/test/integration/filters/eds_ready_filter.cc +++ b/test/integration/filters/eds_ready_filter.cc @@ -6,9 +6,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/encode_headers_return_stop_all_filter.cc b/test/integration/filters/encode_headers_return_stop_all_filter.cc index 2254204ec100..8d55d6c8252e 100644 --- a/test/integration/filters/encode_headers_return_stop_all_filter.cc +++ b/test/integration/filters/encode_headers_return_stop_all_filter.cc @@ -6,9 +6,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/encoder_decoder_buffer_filter.cc b/test/integration/filters/encoder_decoder_buffer_filter.cc index 22050f5cfcf3..da1019e45220 100644 --- a/test/integration/filters/encoder_decoder_buffer_filter.cc +++ b/test/integration/filters/encoder_decoder_buffer_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/invalid_header_filter.cc b/test/integration/filters/invalid_header_filter.cc index 7c1120356662..ca3aef326c44 100644 --- a/test/integration/filters/invalid_header_filter.cc +++ b/test/integration/filters/invalid_header_filter.cc @@ -4,9 +4,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/http/header_utility.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/http/header_utility.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/local_reply_during_encoding_data_filter.cc b/test/integration/filters/local_reply_during_encoding_data_filter.cc index 34066ba57c83..be325b1c1d21 100644 --- a/test/integration/filters/local_reply_during_encoding_data_filter.cc +++ b/test/integration/filters/local_reply_during_encoding_data_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/local_reply_during_encoding_filter.cc b/test/integration/filters/local_reply_during_encoding_filter.cc index 54a6fadce8e9..34f78c6baf60 100644 --- a/test/integration/filters/local_reply_during_encoding_filter.cc +++ b/test/integration/filters/local_reply_during_encoding_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/local_reply_with_metadata_filter.cc b/test/integration/filters/local_reply_with_metadata_filter.cc index 07580be29c6a..68647dc3bbec 100644 --- a/test/integration/filters/local_reply_with_metadata_filter.cc +++ b/test/integration/filters/local_reply_with_metadata_filter.cc @@ -1,7 +1,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/metadata_stop_all_filter.cc b/test/integration/filters/metadata_stop_all_filter.cc index c7da73957417..8289bc6a0ef5 100644 --- a/test/integration/filters/metadata_stop_all_filter.cc +++ b/test/integration/filters/metadata_stop_all_filter.cc @@ -6,9 +6,8 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/buffer/buffer_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/modify_buffer_filter.cc b/test/integration/filters/modify_buffer_filter.cc index 1124cb96052a..daffa70497e7 100644 --- a/test/integration/filters/modify_buffer_filter.cc +++ b/test/integration/filters/modify_buffer_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/on_local_reply_filter.cc b/test/integration/filters/on_local_reply_filter.cc index c47f053903c6..75a3b712b130 100644 --- a/test/integration/filters/on_local_reply_filter.cc +++ b/test/integration/filters/on_local_reply_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/passthrough_filter.cc b/test/integration/filters/passthrough_filter.cc index ee828a51d0f8..215446233dd9 100644 --- a/test/integration/filters/passthrough_filter.cc +++ b/test/integration/filters/passthrough_filter.cc @@ -1,7 +1,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/pause_filter.cc b/test/integration/filters/pause_filter.cc index b7f9aa1a3c36..307372a0def6 100644 --- a/test/integration/filters/pause_filter.cc +++ b/test/integration/filters/pause_filter.cc @@ -2,9 +2,8 @@ #include "envoy/registry/registry.h" -#include "common/network/connection_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/network/connection_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/pause_filter_for_quic.cc b/test/integration/filters/pause_filter_for_quic.cc index de63bd7e47d5..d7d9943c2ca1 100644 --- a/test/integration/filters/pause_filter_for_quic.cc +++ b/test/integration/filters/pause_filter_for_quic.cc @@ -2,9 +2,8 @@ #include "envoy/registry/registry.h" -#include "common/quic/quic_filter_manager_connection_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/quic/quic_filter_manager_connection_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/process_context_filter.cc b/test/integration/filters/process_context_filter.cc index 25772dac574d..74c9322bc978 100644 --- a/test/integration/filters/process_context_filter.cc +++ b/test/integration/filters/process_context_filter.cc @@ -8,7 +8,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/random_pause_filter.cc b/test/integration/filters/random_pause_filter.cc index e1a370ca015c..2a674237d92e 100644 --- a/test/integration/filters/random_pause_filter.cc +++ b/test/integration/filters/random_pause_filter.cc @@ -2,9 +2,8 @@ #include "envoy/registry/registry.h" -#include "common/network/connection_impl.h" - -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/network/connection_impl.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/test_common/utility.h" diff --git a/test/integration/filters/remove_response_headers.cc b/test/integration/filters/remove_response_headers.cc new file mode 100644 index 000000000000..b342d0541943 --- /dev/null +++ b/test/integration/filters/remove_response_headers.cc @@ -0,0 +1,33 @@ +#include "envoy/registry/registry.h" +#include "envoy/server/filter_config.h" + +#include "source/extensions/filters/http/common/pass_through_filter.h" + +#include "test/extensions/filters/http/common/empty_http_filter_config.h" +#include "test/integration/filters/common.h" + +namespace Envoy { + +// Registers the misbehaving filter which removes all response headers. +class RemoveResponseHeadersFilter : public Http::PassThroughFilter { +public: + constexpr static char name[] = "remove-response-headers-filter"; + Http::FilterHeadersStatus encodeHeaders(Http::ResponseHeaderMap& headers, bool) override { + std::vector keys; + headers.iterate([&keys](const Http::HeaderEntry& header) -> Http::HeaderMap::Iterate { + keys.push_back(std::string(header.key().getStringView())); + return Http::HeaderMap::Iterate::Continue; + }); + for (auto& k : keys) { + const Http::LowerCaseString lower_key{k}; + headers.remove(lower_key); + } + return Http::FilterHeadersStatus::Continue; + } +}; + +static Registry::RegisterFactory, + Server::Configuration::NamedHttpFilterConfigFactory> + register_; + +} // namespace Envoy diff --git a/test/integration/filters/request_metadata_filter.cc b/test/integration/filters/request_metadata_filter.cc index ff4e7ba2033e..2f56f1659233 100644 --- a/test/integration/filters/request_metadata_filter.cc +++ b/test/integration/filters/request_metadata_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/response_metadata_filter.cc b/test/integration/filters/response_metadata_filter.cc index a45aa8c7586b..73fdee7008ec 100644 --- a/test/integration/filters/response_metadata_filter.cc +++ b/test/integration/filters/response_metadata_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" diff --git a/test/integration/filters/set_is_terminal_filter.cc b/test/integration/filters/set_is_terminal_filter.cc index bc693629451f..6b8a835d4254 100644 --- a/test/integration/filters/set_is_terminal_filter.cc +++ b/test/integration/filters/set_is_terminal_filter.cc @@ -3,8 +3,8 @@ #include "envoy/http/filter.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/integration/filters/set_is_terminal_filter_config.pb.h" #include "test/integration/filters/set_is_terminal_filter_config.pb.validate.h" diff --git a/test/integration/filters/set_response_code_filter.cc b/test/integration/filters/set_response_code_filter.cc index e9964b8a58e5..b18c4fe6a692 100644 --- a/test/integration/filters/set_response_code_filter.cc +++ b/test/integration/filters/set_response_code_filter.cc @@ -3,8 +3,8 @@ #include "envoy/http/filter.h" #include "envoy/registry/registry.h" -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/integration/filters/set_response_code_filter_config.pb.h" #include "test/integration/filters/set_response_code_filter_config.pb.validate.h" diff --git a/test/integration/filters/set_route_filter.cc b/test/integration/filters/set_route_filter.cc index 04d8a4977ba3..cebf7d91ba0b 100644 --- a/test/integration/filters/set_route_filter.cc +++ b/test/integration/filters/set_route_filter.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/filters/stop_iteration_and_continue_filter.cc b/test/integration/filters/stop_iteration_and_continue_filter.cc index 3a1f91be901a..8a9f79873e79 100644 --- a/test/integration/filters/stop_iteration_and_continue_filter.cc +++ b/test/integration/filters/stop_iteration_and_continue_filter.cc @@ -6,10 +6,9 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/common/scope_tracker.h" - -#include "extensions/filters/http/common/factory_base.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/common/common/scope_tracker.h" +#include "source/extensions/filters/http/common/factory_base.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/integration/filters/stop_and_continue_filter_config.pb.h" #include "test/integration/filters/stop_and_continue_filter_config.pb.validate.h" diff --git a/test/integration/filters/test_socket_interface.cc b/test/integration/filters/test_socket_interface.cc index 5adde112b4fe..cf0c1aa8a0de 100644 --- a/test/integration/filters/test_socket_interface.cc +++ b/test/integration/filters/test_socket_interface.cc @@ -6,9 +6,9 @@ #include "envoy/extensions/network/socket_interface/v3/default_socket_interface.pb.h" #include "envoy/network/socket.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/utility.h" -#include "common/network/address_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/utility.h" +#include "source/common/network/address_impl.h" namespace Envoy { namespace Network { diff --git a/test/integration/filters/test_socket_interface.h b/test/integration/filters/test_socket_interface.h index e32f8fe4a773..905b227dae25 100644 --- a/test/integration/filters/test_socket_interface.h +++ b/test/integration/filters/test_socket_interface.h @@ -5,8 +5,8 @@ #include "envoy/network/address.h" #include "envoy/network/socket.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/socket_interface_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/socket_interface_impl.h" #include "absl/types/optional.h" @@ -27,12 +27,30 @@ class TestIoSocketHandle : public IoSocketHandleImpl { bool socket_v6only = false, absl::optional domain = absl::nullopt) : IoSocketHandleImpl(fd, socket_v6only, domain), writev_override_(writev_override_proc) {} + void initializeFileEvent(Event::Dispatcher& dispatcher, Event::FileReadyCb cb, + Event::FileTriggerType trigger, uint32_t events) override { + absl::MutexLock lock(&mutex_); + dispatcher_ = &dispatcher; + IoSocketHandleImpl::initializeFileEvent(dispatcher, cb, trigger, events); + } + + // Schedule resumption on the IoHandle by posting a callback to the IoHandle's dispatcher. Note + // that this operation is inherently racy, nothing guarantees that the TestIoSocketHandle is not + // deleted before the posted callback executes. + void activateInDispatcherThread(uint32_t events) { + absl::MutexLock lock(&mutex_); + RELEASE_ASSERT(dispatcher_ != nullptr, "null dispatcher"); + dispatcher_->post([this, events]() { activateFileEvents(events); }); + } + private: IoHandlePtr accept(struct sockaddr* addr, socklen_t* addrlen) override; Api::IoCallUint64Result writev(const Buffer::RawSlice* slices, uint64_t num_slice) override; IoHandlePtr duplicate() override; const WritevOverrideProc writev_override_; + absl::Mutex mutex_; + Event::Dispatcher* dispatcher_ ABSL_GUARDED_BY(mutex_) = nullptr; }; /** diff --git a/test/integration/filters/wait_for_whole_request_and_response.cc b/test/integration/filters/wait_for_whole_request_and_response.cc index c9fd34607325..8c6ef178e119 100644 --- a/test/integration/filters/wait_for_whole_request_and_response.cc +++ b/test/integration/filters/wait_for_whole_request_and_response.cc @@ -4,7 +4,7 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/filters/common.h" diff --git a/test/integration/h1_fuzz.cc b/test/integration/h1_fuzz.cc index 892af5556777..6b3c1530868e 100644 --- a/test/integration/h1_fuzz.cc +++ b/test/integration/h1_fuzz.cc @@ -2,8 +2,8 @@ #include -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "test/integration/http_integration.h" #include "test/test_common/environment.h" diff --git a/test/integration/h1_fuzz.h b/test/integration/h1_fuzz.h index f1179598e0e7..fac23385806c 100644 --- a/test/integration/h1_fuzz.h +++ b/test/integration/h1_fuzz.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "test/fuzz/fuzz_runner.h" #include "test/integration/capture_fuzz.pb.h" @@ -12,7 +12,7 @@ namespace Envoy { class H1FuzzIntegrationTest : public HttpIntegrationTest { public: H1FuzzIntegrationTest(Network::Address::IpVersion version) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, version) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, version) {} void initialize() override; void replay(const test::integration::CaptureFuzzTestCase&, bool ignore_response); diff --git a/test/integration/h2_capture_direct_response_fuzz_test.cc b/test/integration/h2_capture_direct_response_fuzz_test.cc index fd7c2e9ef0cc..1c9ec4c27804 100644 --- a/test/integration/h2_capture_direct_response_fuzz_test.cc +++ b/test/integration/h2_capture_direct_response_fuzz_test.cc @@ -9,8 +9,8 @@ void H2FuzzIntegrationTest::initialize() { const std::string prefix("/"); const Http::Code status(Http::Code::OK); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); config_helper_.addConfigModifier( [&body, &prefix]( diff --git a/test/integration/h2_capture_fuzz_test.cc b/test/integration/h2_capture_fuzz_test.cc index f07c927fd838..51db5f87a6e7 100644 --- a/test/integration/h2_capture_fuzz_test.cc +++ b/test/integration/h2_capture_fuzz_test.cc @@ -14,8 +14,8 @@ void H2FuzzIntegrationTest::initialize() { config_helper_.addConfigModifier( [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& hcm) -> void { hcm.mutable_http2_protocol_options()->set_allow_metadata(true); }); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); } diff --git a/test/integration/h2_fuzz.cc b/test/integration/h2_fuzz.cc index ba3c39adfc31..c08417c2b4fb 100644 --- a/test/integration/h2_fuzz.cc +++ b/test/integration/h2_fuzz.cc @@ -2,9 +2,9 @@ #include -#include "common/common/assert.h" -#include "common/common/base64.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/base64.h" +#include "source/common/common/logger.h" #include "test/test_common/environment.h" diff --git a/test/integration/h2_fuzz.h b/test/integration/h2_fuzz.h index 48498d785432..c17f784f807e 100644 --- a/test/integration/h2_fuzz.h +++ b/test/integration/h2_fuzz.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/assert.h" -#include "common/common/logger.h" +#include "source/common/common/assert.h" +#include "source/common/common/logger.h" #include "test/common/http/http2/http2_frame.h" #include "test/fuzz/fuzz_runner.h" @@ -14,7 +14,7 @@ namespace Envoy { class H2FuzzIntegrationTest : public HttpIntegrationTest { public: H2FuzzIntegrationTest(Network::Address::IpVersion version) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, version) {} + : HttpIntegrationTest(Http::CodecType::HTTP2, version) {} void initialize() override; void replay(const test::integration::H2CaptureFuzzTestCase&, bool ignore_response); diff --git a/test/integration/hds_integration_test.cc b/test/integration/hds_integration_test.cc index 63ae64a0b500..0f137953f886 100644 --- a/test/integration/hds_integration_test.cc +++ b/test/integration/hds_integration_test.cc @@ -7,11 +7,11 @@ #include "envoy/type/v3/http.pb.h" #include "envoy/upstream/upstream.h" -#include "common/config/metadata.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/upstream/health_checker_impl.h" -#include "common/upstream/health_discovery_service.h" +#include "source/common/config/metadata.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/health_checker_impl.h" +#include "source/common/upstream/health_discovery_service.h" #include "test/common/upstream/utility.h" #include "test/config/utility.h" @@ -30,10 +30,10 @@ namespace { class HdsIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - HdsIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + HdsIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} void createUpstreams() override { - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); hds_upstream_ = fake_upstreams_.back().get(); HttpIntegrationTest::createUpstreams(); } @@ -370,7 +370,7 @@ class HdsIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, FakeHttpConnectionPtr host_fake_connection_; FakeHttpConnectionPtr host2_fake_connection_; FakeRawConnectionPtr host_fake_raw_connection_; - FakeHttpConnection::Type http_conn_type_{FakeHttpConnection::Type::HTTP1}; + Http::CodecType http_conn_type_{Http::CodecType::HTTP1}; bool tls_hosts_{false}; static constexpr int MaxTimeout = 100; @@ -959,7 +959,7 @@ TEST_P(HdsIntegrationTest, SingleEndpointHealthyTlsHttp2) { tls_hosts_ = true; // Change hosts to operate over HTTP/2 instead of default HTTP. - http_conn_type_ = FakeHttpConnection::Type::HTTP2; + http_conn_type_ = Http::CodecType::HTTP2; initialize(); diff --git a/test/integration/header_casing_integration_test.cc b/test/integration/header_casing_integration_test.cc index c5707660ec82..12fb3fc10ec3 100644 --- a/test/integration/header_casing_integration_test.cc +++ b/test/integration/header_casing_integration_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/integration/http_integration.h" @@ -13,11 +13,11 @@ namespace Envoy { class HeaderCasingIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - HeaderCasingIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + HeaderCasingIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void SetUp() override { - setDownstreamProtocol(Http::CodecClient::Type::HTTP1); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setDownstreamProtocol(Http::CodecType::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); } void initialize() override { diff --git a/test/integration/header_integration_test.cc b/test/integration/header_integration_test.cc index 073c05bf097b..0abf8213f4d4 100644 --- a/test/integration/header_integration_test.cc +++ b/test/integration/header_integration_test.cc @@ -6,10 +6,10 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/config/metadata.h" -#include "common/http/exception.h" -#include "common/protobuf/protobuf.h" +#include "source/common/config/api_version.h" +#include "source/common/config/metadata.h" +#include "source/common/http/exception.h" +#include "source/common/protobuf/protobuf.h" #include "test/integration/http_integration.h" #include "test/test_common/network_utility.h" @@ -180,8 +180,7 @@ class HeaderIntegrationTest : public testing::TestWithParam>, public HttpIntegrationTest { public: - HeaderIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, std::get<0>(GetParam())) {} + HeaderIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, std::get<0>(GetParam())) {} bool routerSuppressEnvoyHeaders() const { return std::get<1>(GetParam()); } @@ -370,7 +369,7 @@ class HeaderIntegrationTest HttpIntegrationTest::createUpstreams(); if (use_eds_) { - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } } diff --git a/test/integration/header_prefix_integration_test.cc b/test/integration/header_prefix_integration_test.cc index 52ca839c7607..99db2e41393c 100644 --- a/test/integration/header_prefix_integration_test.cc +++ b/test/integration/header_prefix_integration_test.cc @@ -60,7 +60,7 @@ TEST_P(HeaderPrefixIntegrationTest, FailedCustomHeaderPrefix) { INSTANTIATE_TEST_SUITE_P(Protocols, HeaderPrefixIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); } // namespace Envoy diff --git a/test/integration/health_check_integration_test.cc b/test/integration/health_check_integration_test.cc index e280b3d2b4cf..c0ea0fea9a74 100644 --- a/test/integration/health_check_integration_test.cc +++ b/test/integration/health_check_integration_test.cc @@ -17,10 +17,9 @@ namespace { // checking after Envoy and the hosts are initialized. class HealthCheckIntegrationTestBase : public HttpIntegrationTest { public: - HealthCheckIntegrationTestBase( - Network::Address::IpVersion ip_version, - FakeHttpConnection::Type upstream_protocol = FakeHttpConnection::Type::HTTP2) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ip_version, + HealthCheckIntegrationTestBase(Network::Address::IpVersion ip_version, + Http::CodecType upstream_protocol = Http::CodecType::HTTP2) + : HttpIntegrationTest(Http::CodecType::HTTP2, ip_version, ConfigHelper::discoveredClustersBootstrap("GRPC")), ip_version_(ip_version), upstream_protocol_(upstream_protocol) {} @@ -48,8 +47,8 @@ class HealthCheckIntegrationTestBase : public HttpIntegrationTest { // BaseIntegrationTest::createUpstreams() (which is part of initialize()). // Make sure this number matches the size of the 'clusters' repeated field in the bootstrap // config that you use! - setUpstreamCount(1); // the CDS cluster - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); // CDS uses gRPC uses HTTP2. + setUpstreamCount(1); // the CDS cluster + setUpstreamProtocol(Http::CodecType::HTTP2); // CDS uses gRPC uses HTTP2. // HttpIntegrationTest::initialize() does many things: // 1) It appends to fake_upstreams_ as many as you asked for via setUpstreamCount(). @@ -126,12 +125,12 @@ class HealthCheckIntegrationTestBase : public HttpIntegrationTest { static constexpr size_t clusters_num_ = 2; std::array clusters_{{{"cluster_1"}, {"cluster_2"}}}; Network::Address::IpVersion ip_version_; - FakeHttpConnection::Type upstream_protocol_; + Http::CodecType upstream_protocol_; }; struct HttpHealthCheckIntegrationTestParams { Network::Address::IpVersion ip_version; - FakeHttpConnection::Type upstream_protocol; + Http::CodecType upstream_protocol; }; class HttpHealthCheckIntegrationTestBase @@ -148,8 +147,7 @@ class HttpHealthCheckIntegrationTestBase std::vector ret; for (auto ip_version : TestEnvironment::getIpVersionsForTest()) { - for (auto upstream_protocol : - {FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP2}) { + for (auto upstream_protocol : {Http::CodecType::HTTP1, Http::CodecType::HTTP2}) { ret.push_back(HttpHealthCheckIntegrationTestParams{ip_version, upstream_protocol}); } } @@ -160,8 +158,8 @@ class HttpHealthCheckIntegrationTestBase const ::testing::TestParamInfo& params) { return absl::StrCat( (params.param.ip_version == Network::Address::IpVersion::v4 ? "IPv4_" : "IPv6_"), - (params.param.upstream_protocol == FakeHttpConnection::Type::HTTP2 ? "Http2Upstream" - : "HttpUpstream")); + (params.param.upstream_protocol == Http::CodecType::HTTP2 ? "Http2Upstream" + : "HttpUpstream")); } void TearDown() override { @@ -173,9 +171,8 @@ class HttpHealthCheckIntegrationTestBase // check probe to be received. void initHttpHealthCheck(uint32_t cluster_idx) { const envoy::type::v3::CodecClientType codec_client_type = - (FakeHttpConnection::Type::HTTP1 == upstream_protocol_) - ? envoy::type::v3::CodecClientType::HTTP1 - : envoy::type::v3::CodecClientType::HTTP2; + (Http::CodecType::HTTP1 == upstream_protocol_) ? envoy::type::v3::CodecClientType::HTTP1 + : envoy::type::v3::CodecClientType::HTTP2; auto& cluster_data = clusters_[cluster_idx]; auto* health_check = addHealthCheck(cluster_data.cluster_); @@ -268,12 +265,13 @@ TEST_P(HttpHealthCheckIntegrationTest, SingleEndpointImmediateHealthcheckFailHtt test_server_->waitForCounterGe("cluster.cluster_1.health_check.failure", 1); EXPECT_EQ(0, test_server_->counter("cluster.cluster_1.health_check.success")->value()); EXPECT_EQ(1, test_server_->counter("cluster.cluster_1.health_check.failure")->value()); + EXPECT_EQ(1, test_server_->counter("cluster.cluster_1.health_check.attempt")->value()); test_server_->waitForGaugeEq("cluster.cluster_1.membership_excluded", 1); EXPECT_EQ(1, test_server_->gauge("cluster.cluster_1.membership_total")->value()); EXPECT_EQ(0, test_server_->gauge("cluster.cluster_1.membership_healthy")->value()); - // Advance time to cause another health check. This should remove the cluster exclusion. - timeSystem().advanceTimeWait(std::chrono::milliseconds(500)); + // Wait until the next attempt is made. + test_server_->waitForCounterEq("cluster.cluster_1.health_check.attempt", 2); ASSERT_TRUE(clusters_[cluster_idx].host_fake_connection_->waitForNewStream( *dispatcher_, clusters_[cluster_idx].host_stream_)); @@ -315,7 +313,7 @@ TEST_P(HttpHealthCheckIntegrationTest, SingleEndpointGoAway) { initialize(); // GOAWAY doesn't exist in HTTP1. - if (upstream_protocol_ == FakeHttpConnection::Type::HTTP1) { + if (upstream_protocol_ == Http::CodecType::HTTP1) { return; } @@ -377,7 +375,7 @@ TEST_P(RealTimeHttpHealthCheckIntegrationTest, SingleEndpointGoAwayErroSingleEnd initialize(); // GOAWAY doesn't exist in HTTP1. - if (upstream_protocol_ == FakeHttpConnection::Type::HTTP1) { + if (upstream_protocol_ == Http::CodecType::HTTP1) { return; } diff --git a/test/integration/hotrestart_main.cc b/test/integration/hotrestart_main.cc index 75f72cc36436..2a52e812a92b 100644 --- a/test/integration/hotrestart_main.cc +++ b/test/integration/hotrestart_main.cc @@ -1,6 +1,5 @@ -#include "common/stats/utility.h" - -#include "exe/main_common.h" +#include "source/common/stats/utility.h" +#include "source/exe/main_common.h" // NOLINT(namespace-envoy) diff --git a/test/integration/http2_flood_integration_test.cc b/test/integration/http2_flood_integration_test.cc index 9d900353cb61..2e20e34a5648 100644 --- a/test/integration/http2_flood_integration_test.cc +++ b/test/integration/http2_flood_integration_test.cc @@ -5,14 +5,14 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/random_generator.h" -#include "common/http/header_map_impl.h" -#include "common/network/socket_option_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/network/socket_option_impl.h" #include "test/integration/autonomous_upstream.h" -#include "test/integration/filters/test_socket_interface.h" #include "test/integration/http_integration.h" +#include "test/integration/socket_interface_swap.h" #include "test/integration/tracked_watermark_buffer.h" #include "test/integration/utility.h" #include "test/mocks/http/mocks.h" @@ -31,70 +31,6 @@ const uint32_t ControlFrameFloodLimit = 100; const uint32_t AllFrameFloodLimit = 1000; } // namespace -class SocketInterfaceSwap { -public: - // Object of this class hold the state determining the IoHandle which - // should return EAGAIN from the `writev` call. - struct IoHandleMatcher { - bool shouldReturnEgain(uint32_t src_port, uint32_t dst_port) const { - absl::ReaderMutexLock lock(&mutex_); - return writev_returns_egain_ && (src_port == src_port_ || dst_port == dst_port_); - } - - // Source port to match. The port specified should be associated with a listener. - void setSourcePort(uint32_t port) { - absl::WriterMutexLock lock(&mutex_); - src_port_ = port; - } - - // Destination port to match. The port specified should be associated with a listener. - void setDestinationPort(uint32_t port) { - absl::WriterMutexLock lock(&mutex_); - dst_port_ = port; - } - - void setWritevReturnsEgain() { - absl::WriterMutexLock lock(&mutex_); - ASSERT(src_port_ != 0 || dst_port_ != 0); - writev_returns_egain_ = true; - } - - private: - mutable absl::Mutex mutex_; - uint32_t src_port_ ABSL_GUARDED_BY(mutex_) = 0; - uint32_t dst_port_ ABSL_GUARDED_BY(mutex_) = 0; - bool writev_returns_egain_ ABSL_GUARDED_BY(mutex_) = false; - }; - - SocketInterfaceSwap() { - Envoy::Network::SocketInterfaceSingleton::clear(); - test_socket_interface_loader_ = std::make_unique( - std::make_unique( - [writev_matcher = writev_matcher_]( - Envoy::Network::TestIoSocketHandle* io_handle, const Buffer::RawSlice*, - uint64_t) -> absl::optional { - if (writev_matcher->shouldReturnEgain(io_handle->localAddress()->ip()->port(), - io_handle->peerAddress()->ip()->port())) { - return Api::IoCallUint64Result( - 0, Api::IoErrorPtr(Network::IoSocketError::getIoSocketEagainInstance(), - Network::IoSocketError::deleteIoError)); - } - return absl::nullopt; - })); - } - - ~SocketInterfaceSwap() { - test_socket_interface_loader_.reset(); - Envoy::Network::SocketInterfaceSingleton::initialize(previous_socket_interface_); - } - -protected: - Envoy::Network::SocketInterface* const previous_socket_interface_{ - Envoy::Network::SocketInterfaceSingleton::getExisting()}; - std::shared_ptr writev_matcher_{std::make_shared()}; - std::unique_ptr test_socket_interface_loader_; -}; - // It is important that the new socket interface is installed before any I/O activity starts and // the previous one is restored after all I/O activity stops. Since the HttpIntegrationTest // destructor stops Envoy the SocketInterfaceSwap destructor needs to run after it. This order of @@ -131,8 +67,8 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, Http2FloodMitigationTest, TestUtility::ipTestParamsToString); bool Http2FloodMitigationTest::initializeUpstreamFloodTest() { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); // set lower upstream outbound frame limits to make tests run faster config_helper_.setUpstreamOutboundFramesLimits(AllFrameFloodLimit, ControlFrameFloodLimit); initialize(); @@ -158,8 +94,8 @@ void Http2FloodMitigationTest::setNetworkConnectionBufferSize() { } void Http2FloodMitigationTest::beginSession() { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); // set lower outbound frame limits to make tests run faster config_helper_.setDownstreamOutboundFramesLimits(AllFrameFloodLimit, ControlFrameFloodLimit); initialize(); @@ -396,7 +332,7 @@ TEST_P(Http2FloodMitigationTest, Data) { // The factory will be used to create 4 buffers: the input and output buffers for request and // response pipelines. - EXPECT_EQ(4, buffer_factory->numBuffersCreated()); + EXPECT_EQ(8, buffer_factory->numBuffersCreated()); // Expect at least 1000 1 byte data frames in the output buffer. Each data frame comes with a // 9-byte frame header; 10 bytes per data frame, 10000 bytes total. The output buffer should also @@ -411,7 +347,7 @@ TEST_P(Http2FloodMitigationTest, Data) { EXPECT_GE(22000, buffer_factory->sumMaxBufferSizes()); // Verify that all buffers have watermarks set. EXPECT_THAT(buffer_factory->highWatermarkRange(), - testing::Pair(1024 * 1024 * 1024, 1024 * 1024 * 1024)); + testing::Pair(256 * 1024 * 1024, 1024 * 1024 * 1024)); } // Verify that the server can detect flood triggered by a DATA frame from a decoder filter call @@ -1554,8 +1490,8 @@ TEST_P(Http2FloodMitigationTest, RequestMetadata) { // Validate that the default configuration has flood protection enabled. TEST_P(Http2FloodMitigationTest, UpstreamFloodDetectionIsOnByDefault) { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); initialize(); floodClient(Http2Frame::makePingFrame(), diff --git a/test/integration/http_integration.cc b/test/integration/http_integration.cc index 2c225369cb8f..c1e3328f9d5c 100644 --- a/test/integration/http_integration.cc +++ b/test/integration/http_integration.cc @@ -16,24 +16,24 @@ #include "envoy/network/address.h" #include "envoy/registry/registry.h" -#include "common/api/api_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fmt.h" -#include "common/common/thread_annotations.h" -#include "common/http/headers.h" -#include "common/network/socket_option_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread_annotations.h" +#include "source/common/http/headers.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/upstream/upstream_impl.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/client_connection_factory_impl.h" +#include "source/common/quic/client_connection_factory_impl.h" #endif -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/common/upstream/utility.h" #include "test/integration/autonomous_upstream.h" @@ -55,15 +55,15 @@ namespace { using testing::HasSubstr; envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager::CodecType -typeToCodecType(Http::CodecClient::Type type) { +typeToCodecType(Http::CodecType type) { switch (type) { - case Http::CodecClient::Type::HTTP1: + case Http::CodecType::HTTP1: return envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP1; - case Http::CodecClient::Type::HTTP2: + case Http::CodecType::HTTP2: return envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP2; - case Http::CodecClient::Type::HTTP3: + case Http::CodecType::HTTP3: return envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager:: HTTP3; default: @@ -76,7 +76,7 @@ typeToCodecType(Http::CodecClient::Type type) { IntegrationCodecClient::IntegrationCodecClient( Event::Dispatcher& dispatcher, Random::RandomGenerator& random, Network::ClientConnectionPtr&& conn, Upstream::HostDescriptionConstSharedPtr host_description, - CodecClient::Type type) + Http::CodecType type) : CodecClientProd(type, std::move(conn), host_description, dispatcher, random), dispatcher_(dispatcher), callbacks_(*this), codec_callbacks_(*this) { connection_->addConnectionCallbacks(callbacks_); @@ -208,7 +208,7 @@ void IntegrationCodecClient::ConnectionCallbacks::onEvent(Network::ConnectionEve parent_.disconnected_ = true; parent_.connection_->dispatcher().exit(); } else { - if (parent_.type() == CodecClient::Type::HTTP3 && !parent_.connected_) { + if (parent_.type() == Http::CodecType::HTTP3 && !parent_.connected_) { // Before handshake gets established, any connection failure should exit the loop. I.e. a QUIC // connection may fail of INVALID_VERSION if both this client doesn't support any of the // versions the server advertised before handshake established. In this case the connection is @@ -221,7 +221,7 @@ void IntegrationCodecClient::ConnectionCallbacks::onEvent(Network::ConnectionEve Network::ClientConnectionPtr HttpIntegrationTest::makeClientConnectionWithOptions( uint32_t port, const Network::ConnectionSocket::OptionsSharedPtr& options) { - if (downstream_protocol_ <= Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ <= Http::CodecType::HTTP2) { return BaseIntegrationTest::makeClientConnectionWithOptions(port, options); } #ifdef ENVOY_ENABLE_QUIC @@ -248,20 +248,18 @@ IntegrationCodecClientPtr HttpIntegrationTest::makeRawHttpConnection( absl::optional http2_options) { std::shared_ptr cluster{new NiceMock()}; cluster->max_response_headers_count_ = 200; - envoy::config::core::v3::Http3ProtocolOptions http3_options; if (!http2_options.has_value()) { http2_options = Http2::Utility::initializeAndValidateOptions( envoy::config::core::v3::Http2ProtocolOptions()); http2_options.value().set_allow_connect(true); http2_options.value().set_allow_metadata(true); - } else if (http2_options.value().has_override_stream_error_on_invalid_http_message()) { - http3_options.mutable_override_stream_error_on_invalid_http_message()->set_value( - http2_options.value().override_stream_error_on_invalid_http_message().value()); - } else if (http2_options.value().stream_error_on_invalid_http_messaging()) { - http3_options.mutable_override_stream_error_on_invalid_http_message()->set_value(true); +#ifdef ENVOY_ENABLE_QUIC + } else { + cluster->http3_options_ = ConfigHelper::http2ToHttp3ProtocolOptions( + http2_options.value(), quic::kStreamReceiveWindowLimit); +#endif } cluster->http2_options_ = http2_options.value(); - cluster->http3_options_ = http3_options; cluster->http1_settings_.enable_trailers_ = true; Upstream::HostDescriptionConstSharedPtr host_description{Upstream::makeTestHostDescription( cluster, fmt::format("tcp://{}:80", Network::Test::getLoopbackAddressUrlString(version_)), @@ -270,7 +268,7 @@ IntegrationCodecClientPtr HttpIntegrationTest::makeRawHttpConnection( // in-connection version negotiation. auto codec = std::make_unique(*dispatcher_, random_, std::move(conn), host_description, downstream_protocol_); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP3 && codec->disconnected()) { + if (downstream_protocol_ == Http::CodecType::HTTP3 && codec->disconnected()) { // Connection may get closed during version negotiation or handshake. // TODO(#8479) QUIC connection doesn't support in-connection version negotiationPropagate // INVALID_VERSION error to caller and let caller to use server advertised version list to @@ -288,7 +286,7 @@ HttpIntegrationTest::makeHttpConnection(Network::ClientConnectionPtr&& conn) { return codec; } -HttpIntegrationTest::HttpIntegrationTest(Http::CodecClient::Type downstream_protocol, +HttpIntegrationTest::HttpIntegrationTest(Http::CodecType downstream_protocol, Network::Address::IpVersion version, const std::string& config) : HttpIntegrationTest::HttpIntegrationTest( @@ -299,7 +297,7 @@ HttpIntegrationTest::HttpIntegrationTest(Http::CodecClient::Type downstream_prot }, version, config) {} -HttpIntegrationTest::HttpIntegrationTest(Http::CodecClient::Type downstream_protocol, +HttpIntegrationTest::HttpIntegrationTest(Http::CodecType downstream_protocol, const InstanceConstSharedPtrFn& upstream_address_fn, Network::Address::IpVersion version, const std::string& config) @@ -321,7 +319,7 @@ void HttpIntegrationTest::useAccessLog( HttpIntegrationTest::~HttpIntegrationTest() { cleanupUpstreamAndDownstream(); } void HttpIntegrationTest::initialize() { - if (downstream_protocol_ != Http::CodecClient::Type::HTTP3) { + if (downstream_protocol_ != Http::CodecType::HTTP3) { return BaseIntegrationTest::initialize(); } #ifdef ENVOY_ENABLE_QUIC @@ -340,8 +338,9 @@ void HttpIntegrationTest::initialize() { Network::Address::InstanceConstSharedPtr server_addr = Network::Utility::resolveUrl(fmt::format( "udp://{}:{}", Network::Test::getLoopbackAddressUrlString(version_), lookupPort("http"))); // Needs to outlive all QUIC connections. + quic::QuicConfig config; auto quic_connection_persistent_info = std::make_unique( - *dispatcher_, *quic_transport_socket_factory_, timeSystem(), server_addr); + *dispatcher_, *quic_transport_socket_factory_, timeSystem(), server_addr, config, 0); // Config IETF QUIC flow control window. quic_connection_persistent_info->quic_config_ .SetInitialMaxStreamDataBytesIncomingBidirectionalToSend( @@ -356,7 +355,7 @@ void HttpIntegrationTest::initialize() { #endif } -void HttpIntegrationTest::setDownstreamProtocol(Http::CodecClient::Type downstream_protocol) { +void HttpIntegrationTest::setDownstreamProtocol(Http::CodecType downstream_protocol) { downstream_protocol_ = downstream_protocol; config_helper_.setClientCodec(typeToCodecType(downstream_protocol_)); } @@ -369,7 +368,7 @@ ConfigHelper::HttpModifierFunction HttpIntegrationTest::setEnableDownstreamTrail ConfigHelper::ConfigModifierFunction HttpIntegrationTest::setEnableUpstreamTrailersHttp1() { return [&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, ""); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ConfigHelper::HttpProtocolOptions protocol_options; protocol_options.mutable_explicit_http_config() ->mutable_http_protocol_options() @@ -671,7 +670,7 @@ void HttpIntegrationTest::testRouterUpstreamDisconnectBeforeRequestComplete() { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -699,7 +698,7 @@ void HttpIntegrationTest::testRouterUpstreamDisconnectBeforeResponseComplete( ASSERT_TRUE(fake_upstream_connection_->close()); ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response->waitForReset()); @@ -727,7 +726,7 @@ void HttpIntegrationTest::testRouterDownstreamDisconnectBeforeRequestComplete( ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); codec_client_->close(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -746,7 +745,7 @@ void HttpIntegrationTest::testRouterDownstreamDisconnectBeforeResponseComplete( #if defined(__APPLE__) || defined(WIN32) // Skip this test on OS/X + Windows: we can't detect the early close, and we // won't clean up the upstream connection until it times out. See #4294. - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { return; } #endif @@ -760,7 +759,7 @@ void HttpIntegrationTest::testRouterDownstreamDisconnectBeforeResponseComplete( response->waitForBodyData(512); codec_client_->close(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -788,7 +787,7 @@ void HttpIntegrationTest::testRouterUpstreamResponseBeforeRequestComplete() { upstream_request_->encodeData(512, true); ASSERT_TRUE(response->waitForEndStream()); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -796,7 +795,7 @@ void HttpIntegrationTest::testRouterUpstreamResponseBeforeRequestComplete() { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -824,7 +823,7 @@ void HttpIntegrationTest::testRetry() { waitForNextUpstreamRequest(); upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -866,7 +865,7 @@ void HttpIntegrationTest::testRetryAttemptCountHeader() { EXPECT_EQ(atoi(std::string(upstream_request_->headers().getEnvoyAttemptCountValue()).c_str()), 1); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -905,7 +904,7 @@ void HttpIntegrationTest::testGrpcRetry() { waitForNextUpstreamRequest(); upstream_request_->encodeHeaders( Http::TestResponseHeaderMapImpl{{":status", "200"}, {"grpc-status", "1"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -914,9 +913,8 @@ void HttpIntegrationTest::testGrpcRetry() { waitForNextUpstreamRequest(); upstream_request_->encodeHeaders(default_response_headers_, false); - upstream_request_->encodeData(512, - fake_upstreams_[0]->httpType() != FakeHttpConnection::Type::HTTP2); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP2) { + upstream_request_->encodeData(512, fake_upstreams_[0]->httpType() != Http::CodecType::HTTP2); + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP2) { upstream_request_->encodeTrailers(response_trailers); } @@ -927,7 +925,7 @@ void HttpIntegrationTest::testGrpcRetry() { EXPECT_TRUE(response->complete()); EXPECT_EQ("200", response->headers().getStatusValue()); EXPECT_EQ(512U, response->body().size()); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP2) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP2) { EXPECT_THAT(*response->trailers(), HeaderMapEqualRef(&response_trailers)); } } @@ -1001,20 +999,8 @@ void HttpIntegrationTest::testEnvoyProxying1xx(bool continue_before_upstream_com bool with_encoder_filter, bool with_multiple_1xx_headers) { if (with_encoder_filter) { - // Because 100-continue only affects encoder filters, make sure it plays well with one. - config_helper_.addFilter("name: envoy.filters.http.cors"); - config_helper_.addConfigModifier( - [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& - hcm) -> void { - auto* route_config = hcm.mutable_route_config(); - auto* virtual_host = route_config->mutable_virtual_hosts(0); - { - auto* cors = virtual_host->mutable_cors(); - cors->mutable_allow_origin_string_match()->Add()->set_exact("*"); - cors->set_allow_headers("content-type,x-grpc-web"); - cors->set_allow_methods("GET,POST"); - } - }); + // Add a filter to make sure 100s play well with them. + config_helper_.addFilter("name: passthrough-filter"); } config_helper_.addConfigModifier( [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& @@ -1091,7 +1077,7 @@ void HttpIntegrationTest::testTwoRequests(bool network_backup) { typed_config: "@type": type.googleapis.com/google.protobuf.Empty )EOF", - downstreamProtocol() == Http::CodecClient::Type::HTTP3 ? "-for-quic" : "")); + downstreamProtocol() == Http::CodecType::HTTP3 ? "-for-quic" : "")); } initialize(); @@ -1148,9 +1134,9 @@ void HttpIntegrationTest::testLargeRequestUrl(uint32_t url_size, uint32_t max_he auto encoder_decoder = codec_client_->startRequest(big_headers); auto response = std::move(encoder_decoder.second); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); - EXPECT_TRUE(response->complete()); + ASSERT_TRUE(response->complete()); EXPECT_EQ("431", response->headers().Status()->value().getStringView()); } else { ASSERT_TRUE(response->waitForReset()); @@ -1197,9 +1183,9 @@ void HttpIntegrationTest::testLargeRequestHeaders(uint32_t size, uint32_t count, auto encoder_decoder = codec_client_->startRequest(big_headers); auto response = std::move(encoder_decoder.second); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); - EXPECT_TRUE(response->complete()); + ASSERT_TRUE(response->complete()); EXPECT_EQ("431", response->headers().getStatusValue()); } else { ASSERT_TRUE(response->waitForReset()); @@ -1239,7 +1225,7 @@ void HttpIntegrationTest::testLargeRequestTrailers(uint32_t size, uint32_t max_s codec_client_->sendTrailers(*request_encoder_, request_trailers); if (size >= max_size) { - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); EXPECT_TRUE(response->complete()); EXPECT_EQ("431", response->headers().getStatusValue()); @@ -1316,7 +1302,7 @@ void HttpIntegrationTest::testDownstreamResetBeforeResponseComplete() { response->waitForBodyData(512); codec_client_->sendReset(*request_encoder_); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -1376,7 +1362,7 @@ void HttpIntegrationTest::testTrailers(uint64_t request_size, uint64_t response_ } } -void HttpIntegrationTest::testAdminDrain(Http::CodecClient::Type admin_request_type) { +void HttpIntegrationTest::testAdminDrain(Http::CodecType admin_request_type) { initialize(); uint32_t http_port = lookupPort("http"); @@ -1413,7 +1399,7 @@ void HttpIntegrationTest::testAdminDrain(Http::CodecClient::Type admin_request_t // Validate that port is closed and can be bound by other sockets. // This does not work for HTTP/3 because the port is not closed until the listener is completely // destroyed. TODO(danzh) Match TCP behavior as much as possible. - if (downstreamProtocol() != Http::CodecClient::Type::HTTP3) { + if (downstreamProtocol() != Http::CodecType::HTTP3) { ASSERT_TRUE(waitForPortAvailable(http_port)); } } @@ -1440,7 +1426,7 @@ void HttpIntegrationTest::testMaxStreamDuration() { test_server_->waitForCounterGe("cluster.cluster_0.upstream_rq_max_duration_reached", 1); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response->waitForEndStream()); @@ -1472,7 +1458,7 @@ void HttpIntegrationTest::testMaxStreamDurationWithRetry(bool invoke_retry_upstr ASSERT_TRUE(fake_upstream_connection_->waitForNewStream(*dispatcher_, upstream_request_)); ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -1485,7 +1471,7 @@ void HttpIntegrationTest::testMaxStreamDurationWithRetry(bool invoke_retry_upstr if (invoke_retry_upstream_disconnect) { test_server_->waitForCounterGe("cluster.cluster_0.upstream_rq_max_duration_reached", 2); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response->waitForEndStream()); @@ -1505,6 +1491,30 @@ void HttpIntegrationTest::testMaxStreamDurationWithRetry(bool invoke_retry_upstr } } +std::string HttpIntegrationTest::downstreamProtocolStatsRoot() const { + switch (downstreamProtocol()) { + case Http::CodecClient::Type::HTTP1: + return "http1"; + case Http::CodecClient::Type::HTTP2: + return "http2"; + case Http::CodecClient::Type::HTTP3: + return "http3"; + } + return "invalid"; +} + +std::string HttpIntegrationTest::upstreamProtocolStatsRoot() const { + switch (upstreamProtocol()) { + case FakeHttpConnection::Type::HTTP1: + return "http1"; + case FakeHttpConnection::Type::HTTP2: + return "http2"; + case FakeHttpConnection::Type::HTTP3: + return "http3"; + } + return "invalid"; +} + std::string HttpIntegrationTest::listenerStatPrefix(const std::string& stat_name) { if (version_ == Network::Address::IpVersion::v4) { return "listener.127.0.0.1_0." + stat_name; @@ -1532,8 +1542,8 @@ void Http2RawFrameIntegrationTest::startHttp2Session() { } void Http2RawFrameIntegrationTest::beginSession() { - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); // set lower outbound frame limits to make tests run faster config_helper_.setDownstreamOutboundFramesLimits(1000, 100); initialize(); diff --git a/test/integration/http_integration.h b/test/integration/http_integration.h index 23227ce7f2fb..d8a15756bc09 100644 --- a/test/integration/http_integration.h +++ b/test/integration/http_integration.h @@ -4,9 +4,9 @@ #include #include -#include "common/http/codec_client.h" -#include "common/http/http3/quic_client_connection_factory.h" -#include "common/network/filter_impl.h" +#include "source/common/http/codec_client.h" +#include "source/common/http/http3/quic_client_connection_factory.h" +#include "source/common/network/filter_impl.h" #include "test/common/http/http2/http2_frame.h" #include "test/integration/integration.h" @@ -25,7 +25,7 @@ class IntegrationCodecClient : public Http::CodecClientProd { IntegrationCodecClient(Event::Dispatcher& dispatcher, Random::RandomGenerator& random, Network::ClientConnectionPtr&& conn, Upstream::HostDescriptionConstSharedPtr host_description, - Http::CodecClient::Type type); + Http::CodecType type); IntegrationStreamDecoderPtr makeHeaderOnlyRequest(const Http::RequestHeaderMap& headers); IntegrationStreamDecoderPtr makeRequestWithBody(const Http::RequestHeaderMap& headers, @@ -89,11 +89,10 @@ using IntegrationCodecClientPtr = std::unique_ptr; */ class HttpIntegrationTest : public BaseIntegrationTest { public: - HttpIntegrationTest(Http::CodecClient::Type downstream_protocol, - Network::Address::IpVersion version, + HttpIntegrationTest(Http::CodecType downstream_protocol, Network::Address::IpVersion version, const std::string& config = ConfigHelper::httpProxyConfig()); - HttpIntegrationTest(Http::CodecClient::Type downstream_protocol, + HttpIntegrationTest(Http::CodecType downstream_protocol, const InstanceConstSharedPtrFn& upstream_address_fn, Network::Address::IpVersion version, const std::string& config = ConfigHelper::httpProxyConfig()); @@ -118,7 +117,7 @@ class HttpIntegrationTest : public BaseIntegrationTest { // Sets downstream_protocol_ and alters the HTTP connection manager codec type in the // config_helper_. - void setDownstreamProtocol(Http::CodecClient::Type type); + void setDownstreamProtocol(Http::CodecType type); // Enable the encoding/decoding of Http1 trailers downstream ConfigHelper::HttpModifierFunction setEnableDownstreamTrailersHttp1(); @@ -238,11 +237,14 @@ class HttpIntegrationTest : public BaseIntegrationTest { void testTrailers(uint64_t request_size, uint64_t response_size, bool request_trailers_present, bool response_trailers_present); // Test /drain_listener from admin portal. - void testAdminDrain(Http::CodecClient::Type admin_request_type); + void testAdminDrain(Http::CodecType admin_request_type); // Test max stream duration. void testMaxStreamDuration(); void testMaxStreamDurationWithRetry(bool invoke_retry_upstream_disconnect); - Http::CodecClient::Type downstreamProtocol() const { return downstream_protocol_; } + Http::CodecType downstreamProtocol() const { return downstream_protocol_; } + std::string downstreamProtocolStatsRoot() const; + // Return the upstream protocol part of the stats root. + std::string upstreamProtocolStatsRoot() const; // Prefix listener stat with IP:port, including IP version dependent loopback address. std::string listenerStatPrefix(const std::string& stat_name); @@ -263,7 +265,7 @@ class HttpIntegrationTest : public BaseIntegrationTest { Http::TestRequestHeaderMapImpl default_request_headers_{ {":method", "GET"}, {":path", "/test/long/url"}, {":scheme", "http"}, {":authority", "host"}}; // The codec type for the client-to-Envoy connection - Http::CodecClient::Type downstream_protocol_{Http::CodecClient::Type::HTTP1}; + Http::CodecType downstream_protocol_{Http::CodecType::HTTP1}; std::string access_log_name_; testing::NiceMock random_; @@ -275,7 +277,7 @@ class HttpIntegrationTest : public BaseIntegrationTest { class Http2RawFrameIntegrationTest : public HttpIntegrationTest { public: Http2RawFrameIntegrationTest(Network::Address::IpVersion version) - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, version) {} + : HttpIntegrationTest(Http::CodecType::HTTP2, version) {} protected: void startHttp2Session(); diff --git a/test/integration/http_protocol_integration.cc b/test/integration/http_protocol_integration.cc index 5bdcd4aa9c5f..0538a024d254 100644 --- a/test/integration/http_protocol_integration.cc +++ b/test/integration/http_protocol_integration.cc @@ -4,8 +4,8 @@ namespace Envoy { std::vector HttpProtocolIntegrationTest::getProtocolTestParams( - const std::vector& downstream_protocols, - const std::vector& upstream_protocols) { + const std::vector& downstream_protocols, + const std::vector& upstream_protocols) { std::vector ret; for (auto ip_version : TestEnvironment::getIpVersionsForTest()) { @@ -14,8 +14,8 @@ std::vector HttpProtocolIntegrationTest::getProtocolTest #ifdef ENVOY_ENABLE_QUIC ret.push_back(HttpProtocolTestParams{ip_version, downstream_protocol, upstream_protocol}); #else - if (downstream_protocol == Http::CodecClient::Type::HTTP3 || - upstream_protocol == FakeHttpConnection::Type::HTTP3) { + if (downstream_protocol == Http::CodecType::HTTP3 || + upstream_protocol == Http::CodecType::HTTP3) { ENVOY_LOG_MISC(warn, "Skipping HTTP/3 as support is compiled out"); } else { ret.push_back(HttpProtocolTestParams{ip_version, downstream_protocol, upstream_protocol}); @@ -27,25 +27,25 @@ std::vector HttpProtocolIntegrationTest::getProtocolTest return ret; } -absl::string_view upstreamToString(FakeHttpConnection::Type type) { +absl::string_view upstreamToString(Http::CodecType type) { switch (type) { - case FakeHttpConnection::Type::HTTP1: + case Http::CodecType::HTTP1: return "HttpUpstream"; - case FakeHttpConnection::Type::HTTP2: + case Http::CodecType::HTTP2: return "Http2Upstream"; - case FakeHttpConnection::Type::HTTP3: + case Http::CodecType::HTTP3: return "Http3Upstream"; } return "UnknownUpstream"; } -absl::string_view downstreamToString(Http::CodecClient::Type type) { +absl::string_view downstreamToString(Http::CodecType type) { switch (type) { - case Http::CodecClient::Type::HTTP1: + case Http::CodecType::HTTP1: return "HttpDownstream_"; - case Http::CodecClient::Type::HTTP2: + case Http::CodecType::HTTP2: return "Http2Downstream_"; - case Http::CodecClient::Type::HTTP3: + case Http::CodecType::HTTP3: return "Http3Downstream_"; } return "UnknownDownstream"; diff --git a/test/integration/http_protocol_integration.h b/test/integration/http_protocol_integration.h index 05a91eed1bb1..d66f53692919 100644 --- a/test/integration/http_protocol_integration.h +++ b/test/integration/http_protocol_integration.h @@ -8,8 +8,8 @@ namespace Envoy { struct HttpProtocolTestParams { Network::Address::IpVersion version; - Http::CodecClient::Type downstream_protocol; - FakeHttpConnection::Type upstream_protocol; + Http::CodecType downstream_protocol; + Http::CodecType upstream_protocol; }; // Allows easy testing of Envoy code for HTTP/HTTP2 upstream/downstream. @@ -37,11 +37,11 @@ class HttpProtocolIntegrationTest : public testing::TestWithParam - getProtocolTestParams(const std::vector& downstream_protocols = - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - const std::vector& upstream_protocols = { - FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP2}); + static std::vector getProtocolTestParams( + const std::vector& downstream_protocols = {Http::CodecType::HTTP1, + Http::CodecType::HTTP2}, + const std::vector& upstream_protocols = {Http::CodecType::HTTP1, + Http::CodecType::HTTP2}); // Allows pretty printed test names of the form // FooTestCase.BarInstance/IPv4_Http2Downstream_HttpUpstream @@ -52,7 +52,7 @@ class HttpProtocolIntegrationTest : public testing::TestWithParamAdd(); filter->set_name("filter.unknown"); - filter->set_is_optional("true"); + filter->set_is_optional(true); // keep router the last auto size = hcm.http_filters_size(); hcm.mutable_http_filters()->SwapElements(size - 2, size - 1); diff --git a/test/integration/idle_timeout_integration_test.cc b/test/integration/idle_timeout_integration_test.cc index 40328d9a1971..d640d54c5da9 100644 --- a/test/integration/idle_timeout_integration_test.cc +++ b/test/integration/idle_timeout_integration_test.cc @@ -68,7 +68,7 @@ class IdleTimeoutIntegrationTest : public HttpProtocolIntegrationTest { void waitForTimeout(IntegrationStreamDecoder& response, absl::string_view stat_name = "", absl::string_view stat_prefix = "http.config_test") { - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response.waitForReset()); @@ -357,7 +357,7 @@ TEST_P(IdleTimeoutIntegrationTest, RequestTimeoutUnconfiguredDoesNotTriggerOnBod TEST_P(IdleTimeoutIntegrationTest, RequestTimeoutTriggersOnRawIncompleteRequestWithHeaders) { // Omitting \r\n\r\n does not indicate incomplete request in HTTP2 - if (downstreamProtocol() == Envoy::Http::CodecClient::Type::HTTP2) { + if (downstreamProtocol() == Envoy::Http::CodecType::HTTP2) { return; } enable_request_timeout_ = true; @@ -370,7 +370,7 @@ TEST_P(IdleTimeoutIntegrationTest, RequestTimeoutTriggersOnRawIncompleteRequestW } TEST_P(IdleTimeoutIntegrationTest, RequestTimeoutDoesNotTriggerOnRawCompleteRequestWithHeaders) { - if (downstreamProtocol() == Envoy::Http::CodecClient::Type::HTTP2) { + if (downstreamProtocol() == Envoy::Http::CodecType::HTTP2) { return; } enable_request_timeout_ = true; diff --git a/test/integration/instantiate_protocol_integration_test.cc b/test/integration/instantiate_protocol_integration_test.cc index d789995f9170..b5c219a8c521 100644 --- a/test/integration/instantiate_protocol_integration_test.cc +++ b/test/integration/instantiate_protocol_integration_test.cc @@ -6,8 +6,8 @@ namespace Envoy { // run with both HTTP/1 and HTTP/2 upstreams. INSTANTIATE_TEST_SUITE_P(Protocols, DownstreamProtocolIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); INSTANTIATE_TEST_SUITE_P(Protocols, ProtocolIntegrationTest, diff --git a/test/integration/integration_admin_test.cc b/test/integration/integration_admin_test.cc index 84622c5c9237..65da9c1fb119 100644 --- a/test/integration/integration_admin_test.cc +++ b/test/integration/integration_admin_test.cc @@ -9,11 +9,11 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/http/header_map.h" -#include "common/common/fmt.h" -#include "common/config/api_version.h" -#include "common/profiler/profiler.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/stats_matcher_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/config/api_version.h" +#include "source/common/profiler/profiler.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/stats_matcher_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/integration/utility.h" @@ -30,8 +30,8 @@ namespace Envoy { INSTANTIATE_TEST_SUITE_P(Protocols, IntegrationAdminTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); TEST_P(IntegrationAdminTest, HealthCheck) { @@ -280,19 +280,19 @@ TEST_P(IntegrationAdminTest, Admin) { EXPECT_EQ("text/plain; charset=UTF-8", ContentType(response)); switch (GetParam().downstream_protocol) { - case Http::CodecClient::Type::HTTP1: + case Http::CodecType::HTTP1: EXPECT_EQ(" Count Lookup\n" "\n" "total: 0\n", response->body()); break; - case Http::CodecClient::Type::HTTP2: + case Http::CodecType::HTTP2: EXPECT_EQ(" Count Lookup\n" "\n" "total: 0\n", response->body()); break; - case Http::CodecClient::Type::HTTP3: + case Http::CodecType::HTTP3: NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } @@ -490,7 +490,7 @@ TEST_P(IntegrationAdminTest, AdminCpuProfilerStart) { class IntegrationAdminIpv4Ipv6Test : public testing::Test, public HttpIntegrationTest { public: IntegrationAdminIpv4Ipv6Test() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, Network::Address::IpVersion::v4) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, Network::Address::IpVersion::v4) {} void initialize() override { config_helper_.addConfigModifier( @@ -530,7 +530,7 @@ class StatsMatcherIntegrationTest public HttpIntegrationTest, public testing::WithParamInterface { public: - StatsMatcherIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + StatsMatcherIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { config_helper_.addConfigModifier( @@ -563,8 +563,8 @@ TEST_P(StatsMatcherIntegrationTest, ExcludePrefixServerDot) { TEST_P(StatsMatcherIntegrationTest, DEPRECATED_FEATURE_TEST(DISABLED_ExcludeRequests)) { v2_bootstrap_ = true; - stats_matcher_.mutable_exclusion_list()->add_patterns()->set_hidden_envoy_deprecated_regex( - ".*requests.*"); + stats_matcher_.mutable_exclusion_list()->add_patterns()->MergeFrom( + TestUtility::createRegexMatcher(".*requests.*")); initialize(); makeRequest(); EXPECT_THAT(response_->body(), Not(HasSubstr("requests"))); @@ -580,8 +580,8 @@ TEST_P(StatsMatcherIntegrationTest, DEPRECATED_FEATURE_TEST(ExcludeExact)) { TEST_P(StatsMatcherIntegrationTest, DEPRECATED_FEATURE_TEST(DISABLED_ExcludeMultipleExact)) { v2_bootstrap_ = true; stats_matcher_.mutable_exclusion_list()->add_patterns()->set_exact("server.concurrency"); - stats_matcher_.mutable_exclusion_list()->add_patterns()->set_hidden_envoy_deprecated_regex( - ".*live"); + stats_matcher_.mutable_exclusion_list()->add_patterns()->MergeFrom( + TestUtility::createRegexMatcher(".*live")); initialize(); makeRequest(); EXPECT_THAT(response_->body(), Not(HasSubstr("server.concurrency"))); diff --git a/test/integration/integration_admin_test.h b/test/integration/integration_admin_test.h index 487ac3b3c63e..194c54d02ae0 100644 --- a/test/integration/integration_admin_test.h +++ b/test/integration/integration_admin_test.h @@ -3,7 +3,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/json/json_loader.h" +#include "source/common/json/json_loader.h" #include "test/integration/http_protocol_integration.h" #include "test/test_common/utility.h" diff --git a/test/integration/integration_stream_decoder.cc b/test/integration/integration_stream_decoder.cc index bc40535a5fe4..b4cc939b87bf 100644 --- a/test/integration/integration_stream_decoder.cc +++ b/test/integration/integration_stream_decoder.cc @@ -10,7 +10,7 @@ #include "envoy/event/dispatcher.h" #include "envoy/http/header_map.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/integration/integration_stream_decoder.h b/test/integration/integration_stream_decoder.h index 74d06a75e544..317ea6e1c847 100644 --- a/test/integration/integration_stream_decoder.h +++ b/test/integration/integration_stream_decoder.h @@ -9,7 +9,7 @@ #include "envoy/http/header_map.h" #include "envoy/http/metadata_interface.h" -#include "common/common/dump_state_utils.h" +#include "source/common/common/dump_state_utils.h" #include "test/test_common/utility.h" diff --git a/test/integration/integration_tcp_client.cc b/test/integration/integration_tcp_client.cc index aabf2a957d95..a6535265c00f 100644 --- a/test/integration/integration_tcp_client.cc +++ b/test/integration/integration_tcp_client.cc @@ -12,9 +12,9 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fmt.h" -#include "common/network/utility.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/network/utility.h" #include "test/integration/utility.h" #include "test/mocks/buffer/mocks.h" diff --git a/test/integration/integration_test.cc b/test/integration/integration_test.cc index a1ace5f25b9b..10c57fa1fac6 100644 --- a/test/integration/integration_test.cc +++ b/test/integration/integration_test.cc @@ -7,11 +7,11 @@ #include "envoy/config/route/v3/route_components.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/network/socket_option_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" #include "test/integration/autonomous_upstream.h" #include "test/integration/filters/process_context_filter.h" @@ -369,7 +369,9 @@ TEST_P(IntegrationTest, EnvoyProxying100ContinueWithDecodeDataPause) { // Verifies that we can construct a match tree with a filter, and that we are able to skip // filter invocation through the match tree. TEST_P(IntegrationTest, MatchingHttpFilterConstruction) { + concurrency_ = 2; config_helper_.addRuntimeOverride("envoy.reloadable_features.experimental_matching_api", "true"); + config_helper_.addFilter(R"EOF( name: matcher typed_config: @@ -405,18 +407,30 @@ name: matcher EXPECT_THAT(response->headers(), HttpStatusIs("403")); } - codec_client_ = makeHttpConnection(lookupPort("http")); + { + codec_client_ = makeHttpConnection(lookupPort("http")); + Http::TestRequestHeaderMapImpl request_headers{ + {":method", "POST"}, {":path", "/test/long/url"}, {":scheme", "http"}, + {":authority", "host"}, {"match-header", "match"}, {"content-type", "application/grpc"}}; + auto response = codec_client_->makeRequestWithBody(request_headers, 1024); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, true); + + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_THAT(response->headers(), HttpStatusIs("200")); + } + + auto second_codec = makeHttpConnection(lookupPort("http")); Http::TestRequestHeaderMapImpl request_headers{ - {":method", "POST"}, {":path", "/test/long/url"}, {":scheme", "http"}, - {":authority", "host"}, {"match-header", "match"}, {"content-type", "application/grpc"}}; - auto response = codec_client_->makeRequestWithBody(request_headers, 1024); - waitForNextUpstreamRequest(); - upstream_request_->encodeHeaders(default_response_headers_, true); + {":method", "POST"}, {":path", "/test/long/url"}, {":scheme", "http"}, + {":authority", "host"}, {"match-header", "not-match"}, {"content-type", "application/grpc"}}; + auto response = second_codec->makeRequestWithBody(request_headers, 1024); ASSERT_TRUE(response->waitForEndStream()); EXPECT_THAT(response->headers(), HttpStatusIs("200")); codec_client_->close(); + second_codec->close(); } // This is a regression for https://github.com/envoyproxy/envoy/issues/2715 and validates that a @@ -638,7 +652,7 @@ TEST_P(IntegrationTest, TestServerAllowChunkedLength) { TEST_P(IntegrationTest, TestClientAllowChunkedLength) { config_helper_.addConfigModifier([&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, ""); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ConfigHelper::HttpProtocolOptions protocol_options; protocol_options.mutable_explicit_http_config() ->mutable_http_protocol_options() @@ -1399,40 +1413,6 @@ TEST_P(IntegrationTest, TestDelayedConnectionTeardownConfig) { EXPECT_EQ(codec_client_->lastConnectionEvent(), Network::ConnectionEvent::RemoteClose); } -// Test that delay closed connections are eventually force closed when the timeout triggers. -TEST_P(IntegrationTest, TestDelayedConnectionTeardownTimeoutTrigger) { - config_helper_.addFilter("{ name: encoder-decoder-buffer-filter, typed_config: { \"@type\": " - "type.googleapis.com/google.protobuf.Empty } }"); - config_helper_.setBufferLimits(1024, 1024); - config_helper_.addConfigModifier( - [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& - hcm) { - // 200ms. - hcm.mutable_delayed_close_timeout()->set_nanos(200000000); - }); - - initialize(); - - codec_client_ = makeHttpConnection(lookupPort("http")); - - auto encoder_decoder = - codec_client_->startRequest(Http::TestRequestHeaderMapImpl{{":method", "POST"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}}); - request_encoder_ = &encoder_decoder.first; - auto response = std::move(encoder_decoder.second); - - codec_client_->sendData(*request_encoder_, 1024 * 65, false); - - ASSERT_TRUE(response->waitForEndStream()); - // The delayed close timeout should trigger since client is not closing the connection. - EXPECT_TRUE(codec_client_->waitForDisconnect(std::chrono::milliseconds(2000))); - EXPECT_EQ(codec_client_->lastConnectionEvent(), Network::ConnectionEvent::RemoteClose); - EXPECT_EQ(test_server_->counter("http.config_test.downstream_cx_delayed_close_timeout")->value(), - 1); -} - // Test that if the route cache is cleared, it doesn't cause problems. TEST_P(IntegrationTest, TestClearingRouteCacheFilter) { config_helper_.addFilter("{ name: clear-route-cache, typed_config: { \"@type\": " diff --git a/test/integration/integration_test.h b/test/integration/integration_test.h index 2af85a268ec9..e36f2e0b6301 100644 --- a/test/integration/integration_test.h +++ b/test/integration/integration_test.h @@ -9,7 +9,7 @@ namespace Envoy { class IntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - IntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + IntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} }; class UpstreamEndpointIntegrationTest : public testing::TestWithParam, @@ -17,7 +17,7 @@ class UpstreamEndpointIntegrationTest : public testing::TestWithParam listener_filter_disabled = absl::nullopt) { + void initializeWithListenerFilter(bool ssl_client, + absl::optional listener_filter_disabled = absl::nullopt) { config_helper_.renameListener("echo"); std::string tls_inspector_config = ConfigHelper::tlsInspectorFilter(); if (listener_filter_disabled.has_value()) { tls_inspector_config = appendMatcher(tls_inspector_config, listener_filter_disabled.value()); } config_helper_.addListenerFilter(tls_inspector_config); - config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { - auto* filter_chain = - bootstrap.mutable_static_resources()->mutable_listeners(0)->mutable_filter_chains(0); - auto* alpn = filter_chain->mutable_filter_chain_match()->add_application_protocols(); - *alpn = "envoyalpn"; + + config_helper_.addConfigModifier([ssl_client]( + envoy::config::bootstrap::v3::Bootstrap& bootstrap) { + if (ssl_client) { + auto* filter_chain = + bootstrap.mutable_static_resources()->mutable_listeners(0)->mutable_filter_chains(0); + auto* alpn = filter_chain->mutable_filter_chain_match()->add_application_protocols(); + *alpn = "envoyalpn"; + } + auto* timeout = bootstrap.mutable_static_resources() + ->mutable_listeners(0) + ->mutable_listener_filters_timeout(); + timeout->MergeFrom(ProtobufUtil::TimeUtil::MillisecondsToDuration(1000)); + bootstrap.mutable_static_resources() + ->mutable_listeners(0) + ->set_continue_on_listener_filters_timeout(true); }); - config_helper_.addSslConfig(); + if (ssl_client) { + config_helper_.addSslConfig(); + } + useListenerAccessLog("%RESPONSE_CODE_DETAILS%"); BaseIntegrationTest::initialize(); @@ -70,23 +84,28 @@ class ListenerFilterIntegrationTest : public testing::TestWithParam(timeSystem()); } - void setupConnections(bool listener_filter_disabled, bool expect_connection_open) { - initializeWithListenerFilter(listener_filter_disabled); + void setupConnections(bool listener_filter_disabled, bool expect_connection_open, + bool ssl_client) { + initializeWithListenerFilter(ssl_client, listener_filter_disabled); // Set up the SSL client. Network::Address::InstanceConstSharedPtr address = Ssl::getSslAddress(version_, lookupPort("echo")); context_ = Ssl::createClientSslTransportSocketFactory({}, *context_manager_, *api_); - ssl_client_ = dispatcher_->createClientConnection( - address, Network::Address::InstanceConstSharedPtr(), - context_->createTransportSocket( - // nullptr - std::make_shared( - absl::string_view(""), std::vector(), - std::vector{"envoyalpn"})), - nullptr); - ssl_client_->addConnectionCallbacks(connect_callbacks_); - ssl_client_->connect(); + Network::TransportSocketPtr transport_socket; + if (ssl_client) { + transport_socket = + context_->createTransportSocket(std::make_shared( + absl::string_view(""), std::vector(), + std::vector{"envoyalpn"})); + } else { + auto transport_socket_factory = std::make_unique(); + transport_socket = transport_socket_factory->createTransportSocket(nullptr); + } + client_ = dispatcher_->createClientConnection( + address, Network::Address::InstanceConstSharedPtr(), std::move(transport_socket), nullptr); + client_->addConnectionCallbacks(connect_callbacks_); + client_->connect(); while (!connect_callbacks_.connected() && !connect_callbacks_.closed()) { dispatcher_->run(Event::Dispatcher::RunType::NonBlock); } @@ -99,27 +118,45 @@ class ListenerFilterIntegrationTest : public testing::TestWithParam context_manager_; Network::TransportSocketFactoryPtr context_; ConnectionStatusCallbacks connect_callbacks_; testing::NiceMock secret_manager_; - Network::ClientConnectionPtr ssl_client_; + Network::ClientConnectionPtr client_; }; // Each listener filter is enabled by default. TEST_P(ListenerFilterIntegrationTest, AllListenerFiltersAreEnabledByDefault) { - setupConnections(/*listener_filter_disabled=*/false, /*expect_connection_open=*/true); - ssl_client_->close(Network::ConnectionCloseType::NoFlush); + setupConnections(/*listener_filter_disabled=*/false, /*expect_connection_open=*/true, + /*ssl_client=*/true); + client_->close(Network::ConnectionCloseType::NoFlush); EXPECT_THAT(waitForAccessLog(listener_access_log_name_), testing::Eq("-")); } // The tls_inspector is disabled. The ALPN won't be sniffed out and no filter chain is matched. TEST_P(ListenerFilterIntegrationTest, DisabledTlsInspectorFailsFilterChainFind) { - setupConnections(/*listener_filter_disabled=*/true, /*expect_connection_open=*/false); + setupConnections(/*listener_filter_disabled=*/true, /*expect_connection_open=*/false, + /*ssl_client=*/true); EXPECT_THAT(waitForAccessLog(listener_access_log_name_), testing::Eq(StreamInfo::ResponseCodeDetails::get().FilterChainNotFound)); } +// trigger the tls inspect filter timeout, and continue create new connection after timeout +TEST_P(ListenerFilterIntegrationTest, ContinueOnListenerTimeout) { + setupConnections(/*listener_filter_disabled=*/false, /*expect_connection_open=*/true, + /*ssl_client=*/false); + // The length of tls hello message is defined as `TLS_MAX_CLIENT_HELLO = 64 * 1024` + // if tls inspect filter doesn't read the max length of hello message data, it + // will continue wait. Then the listener filter timeout timer will be triggered. + Buffer::OwnedImpl buffer("fake data"); + client_->write(buffer, false); + // the timeout is set as one seconds, sleep 5 to trigger the timeout. + timeSystem().advanceTimeWaitImpl(std::chrono::milliseconds(2000)); + client_->close(Network::ConnectionCloseType::NoFlush); + EXPECT_THAT(waitForAccessLog(listener_access_log_name_), testing::Eq("-")); +} + INSTANTIATE_TEST_SUITE_P(IpVersions, ListenerFilterIntegrationTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); diff --git a/test/integration/listener_lds_integration_test.cc b/test/integration/listener_lds_integration_test.cc index e042175fb923..498f9f2a22bb 100644 --- a/test/integration/listener_lds_integration_test.cc +++ b/test/integration/listener_lds_integration_test.cc @@ -8,8 +8,8 @@ #include "envoy/network/connection.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/config/version_converter.h" +#include "source/common/config/api_version.h" +#include "source/common/config/version_converter.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -33,7 +33,7 @@ class ListenerIntegrationTest : public HttpIntegrationTest, absl::flat_hash_map stream_by_resource_name_; }; - ListenerIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + ListenerIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} ~ListenerIntegrationTest() override { resetConnections(); } @@ -98,9 +98,9 @@ class ListenerIntegrationTest : public HttpIntegrationTest, void createUpstreams() override { HttpIntegrationTest::createUpstreams(); // Create the LDS upstream (fake_upstreams_[1]). - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); // Create the RDS upstream (fake_upstreams_[2]). - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void resetFakeUpstreamInfo(FakeUpstreamInfo* upstream_info) { diff --git a/test/integration/load_stats_integration_test.cc b/test/integration/load_stats_integration_test.cc index bda71d612a88..630db2261904 100644 --- a/test/integration/load_stats_integration_test.cc +++ b/test/integration/load_stats_integration_test.cc @@ -20,7 +20,7 @@ namespace { class LoadStatsIntegrationTest : public Grpc::VersionedGrpcClientIntegrationParamTest, public HttpIntegrationTest { public: - LoadStatsIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) { + LoadStatsIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) { // We rely on some fairly specific load balancing picks in this test, so // determinize the schedule. setDeterministic(); @@ -99,7 +99,7 @@ class LoadStatsIntegrationTest : public Grpc::VersionedGrpcClientIntegrationPara } void createUpstreams() override { - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); load_report_upstream_ = fake_upstreams_.back().get(); HttpIntegrationTest::createUpstreams(); } diff --git a/test/integration/local_reply_integration_test.cc b/test/integration/local_reply_integration_test.cc index 778158f01bd4..fb9225a88bad 100644 --- a/test/integration/local_reply_integration_test.cc +++ b/test/integration/local_reply_integration_test.cc @@ -66,7 +66,7 @@ TEST_P(LocalReplyIntegrationTest, MapStatusCodeAndFormatToJson) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -125,7 +125,7 @@ TEST_P(LocalReplyIntegrationTest, EmptyStructFormatter) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -177,7 +177,7 @@ TEST_P(LocalReplyIntegrationTest, MapStatusCodeAndFormatToJson4Grpc) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -256,7 +256,7 @@ TEST_P(LocalReplyIntegrationTest, MapStatusCodeAndFormatToJsonForFirstMatchingFi ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -330,7 +330,7 @@ TEST_P(LocalReplyIntegrationTest, ShouldNotMatchAnyFilter) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -391,7 +391,7 @@ TEST_P(LocalReplyIntegrationTest, ShouldMapResponseCodeAndMapToDefaultTextRespon ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -449,7 +449,7 @@ TEST_P(LocalReplyIntegrationTest, ShouldFormatResponseToCustomString) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); @@ -507,7 +507,7 @@ TEST_P(LocalReplyIntegrationTest, ShouldFormatResponseToEmptyBody) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(response->waitForEndStream()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); diff --git a/test/integration/multiplexed_integration_test.cc b/test/integration/multiplexed_integration_test.cc index 63a976a738e0..cf9980620f78 100644 --- a/test/integration/multiplexed_integration_test.cc +++ b/test/integration/multiplexed_integration_test.cc @@ -7,9 +7,9 @@ #include "envoy/config/cluster/v3/cluster.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/random_generator.h" -#include "common/http/header_map_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/http/header_map_impl.h" #include "test/integration/filters/stop_and_continue_filter_config.pb.h" #include "test/integration/utility.h" @@ -27,14 +27,14 @@ namespace Envoy { // TODO(#2557) fix all the failures. #define EXCLUDE_DOWNSTREAM_HTTP3 \ - if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { \ + if (downstreamProtocol() == Http::CodecType::HTTP3) { \ return; \ } INSTANTIATE_TEST_SUITE_P(IpVersions, Http2IntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2, Http::CodecClient::Type::HTTP3}, - {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP2, Http::CodecType::HTTP3}, + {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); TEST_P(Http2IntegrationTest, RouterRequestAndResponseWithBodyNoBuffer) { @@ -80,8 +80,6 @@ TEST_P(Http2IntegrationTest, FlowControlOnAndGiantBodyWithContentLength) { } TEST_P(Http2IntegrationTest, LargeFlowControlOnAndGiantBodyWithContentLength) { - // https://github.com/envoyproxy/envoy/issues/16335 - EXCLUDE_DOWNSTREAM_HTTP3; config_helper_.addConfigModifier(ConfigHelper::adjustUpstreamTimeoutForTsan); config_helper_.setBufferLimits(128 * 1024, 128 * 1024); // Set buffer limits upstream and downstream. @@ -125,7 +123,7 @@ TEST_P(Http2IntegrationTest, LargeRequestTrailersRejected) { testLargeRequestTra // Verify downstream codec stream flush timeout. TEST_P(Http2IntegrationTest, CodecStreamIdleTimeout) { - EXCLUDE_DOWNSTREAM_HTTP3; + EXCLUDE_DOWNSTREAM_HTTP3; // Need to support stream_idle_timeout. config_helper_.setBufferLimits(1024, 1024); config_helper_.addConfigModifier( [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& @@ -149,6 +147,7 @@ TEST_P(Http2IntegrationTest, CodecStreamIdleTimeout) { } TEST_P(Http2IntegrationTest, Http2DownstreamKeepalive) { + // TODO(#16751) Need to support keepalive. EXCLUDE_DOWNSTREAM_HTTP3; constexpr uint64_t interval_ms = 1; constexpr uint64_t timeout_ms = 250; @@ -309,6 +308,12 @@ TEST_P(Http2MetadataIntegrationTest, ProxyMetadataInResponse) { // Verifies stream is reset. ASSERT_TRUE(response->waitForReset()); ASSERT_FALSE(response->complete()); + + // The cluster should have received the reset. + // The downstream codec should send one. + std::string counter = + absl::StrCat("cluster.cluster_0.", upstreamProtocolStatsRoot(), ".rx_reset"); + test_server_->waitForCounterEq(counter, 1); } TEST_P(Http2MetadataIntegrationTest, ProxyMultipleMetadata) { @@ -885,6 +890,7 @@ TEST_P(Http2IntegrationTest, GrpcRetry) { testGrpcRetry(); } // Verify the case where there is an HTTP/2 codec/protocol error with an active stream. TEST_P(Http2IntegrationTest, CodecErrorAfterStreamStart) { + // TODO(#16757) Needs HTTP/3 "bad frame" equivalent. EXCLUDE_DOWNSTREAM_HTTP3; initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); @@ -902,7 +908,7 @@ TEST_P(Http2IntegrationTest, CodecErrorAfterStreamStart) { } TEST_P(Http2IntegrationTest, Http2BadMagic) { - if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { + if (downstreamProtocol() == Http::CodecType::HTTP3) { // The "magic" payload is an HTTP/2 specific thing. return; } @@ -1401,18 +1407,18 @@ Http2RingHashIntegrationTest::~Http2RingHashIntegrationTest() { void Http2RingHashIntegrationTest::createUpstreams() { for (int i = 0; i < num_upstreams_; i++) { - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); } } INSTANTIATE_TEST_SUITE_P(IpVersions, Http2RingHashIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP2}, {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); INSTANTIATE_TEST_SUITE_P(IpVersions, Http2MetadataIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP2})), + {Http::CodecType::HTTP2}, {Http::CodecType::HTTP2})), HttpProtocolIntegrationTest::protocolTestParamsToString); void Http2RingHashIntegrationTest::sendMultipleRequests( diff --git a/test/integration/multiplexed_upstream_integration_test.cc b/test/integration/multiplexed_upstream_integration_test.cc index 2c86cba32fb0..694aebb9d41c 100644 --- a/test/integration/multiplexed_upstream_integration_test.cc +++ b/test/integration/multiplexed_upstream_integration_test.cc @@ -5,7 +5,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/http/header_map_impl.h" +#include "source/common/http/header_map_impl.h" #include "test/integration/autonomous_upstream.h" #include "test/test_common/printers.h" @@ -17,17 +17,10 @@ namespace Envoy { INSTANTIATE_TEST_SUITE_P(Protocols, Http2UpstreamIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP2})), + {Http::CodecType::HTTP2}, + {Http::CodecType::HTTP2, Http::CodecType::HTTP3})), HttpProtocolIntegrationTest::protocolTestParamsToString); -// TODO(alyssawilk) move #defines into getProtocolTestParams in a follow-up -#ifdef ENVOY_ENABLE_QUIC -INSTANTIATE_TEST_SUITE_P(ProtocolsWithQuic, Http2UpstreamIntegrationTest, - testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP3})), - HttpProtocolIntegrationTest::protocolTestParamsToString); -#endif - TEST_P(Http2UpstreamIntegrationTest, RouterRequestAndResponseWithBodyNoBuffer) { testRouterRequestAndResponseWithBody(1024, 512, false); } @@ -50,6 +43,10 @@ TEST_P(Http2UpstreamIntegrationTest, RouterUpstreamDisconnectBeforeResponseCompl TEST_P(Http2UpstreamIntegrationTest, RouterDownstreamDisconnectBeforeRequestComplete) { testRouterDownstreamDisconnectBeforeRequestComplete(); + + // Given the downstream disconnect, Envoy will reset the upstream stream. + EXPECT_EQ(1, upstreamTxResetCounterValue()); + EXPECT_EQ(0, upstreamRxResetCounterValue()); } TEST_P(Http2UpstreamIntegrationTest, RouterDownstreamDisconnectBeforeResponseComplete) { @@ -136,6 +133,24 @@ TEST_P(Http2UpstreamIntegrationTest, LargeBidirectionalStreamingWithBufferLimits bidirectionalStreaming(1024 * 32); } +uint64_t Http2UpstreamIntegrationTest::upstreamRxResetCounterValue() { + return test_server_ + ->counter(absl::StrCat("cluster.cluster_0.", upstreamProtocolStatsRoot(), ".rx_reset")) + ->value(); +} + +uint64_t Http2UpstreamIntegrationTest::upstreamTxResetCounterValue() { + return test_server_ + ->counter(absl::StrCat("cluster.cluster_0.", upstreamProtocolStatsRoot(), ".tx_reset")) + ->value(); +} +uint64_t Http2UpstreamIntegrationTest::downstreamRxResetCounterValue() { + return test_server_->counter(absl::StrCat(downstreamProtocolStatsRoot(), ".rx_reset"))->value(); +} +uint64_t Http2UpstreamIntegrationTest::downstreamTxResetCounterValue() { + return test_server_->counter(absl::StrCat(downstreamProtocolStatsRoot(), ".tx_reset"))->value(); +} + TEST_P(Http2UpstreamIntegrationTest, BidirectionalStreamingReset) { initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); @@ -169,6 +184,13 @@ TEST_P(Http2UpstreamIntegrationTest, BidirectionalStreamingReset) { upstream_request_->encodeResetStream(); ASSERT_TRUE(response->waitForReset()); EXPECT_FALSE(response->complete()); + + // The upstream stats should reflect receiving the reset, and downstream + // reflect sending it on. + EXPECT_EQ(1, upstreamRxResetCounterValue()); + EXPECT_EQ(0, upstreamTxResetCounterValue()); + EXPECT_EQ(0, downstreamRxResetCounterValue()); + EXPECT_EQ(1, downstreamTxResetCounterValue()); } void Http2UpstreamIntegrationTest::simultaneousRequest(uint32_t request1_bytes, @@ -304,12 +326,20 @@ TEST_P(Http2UpstreamIntegrationTest, ManyLargeSimultaneousRequestWithBufferLimit } TEST_P(Http2UpstreamIntegrationTest, ManyLargeSimultaneousRequestWithRandomBackup) { + if (upstreamProtocol() == Http::CodecType::HTTP3 && + downstreamProtocol() == Http::CodecType::HTTP2) { + // This test depends on fragile preconditions. + // With HTTP/2 downstream all the requests are processed before the + // responses are sent, then the connection read-disable results in not + // receiving flow control window updates. + return; + } config_helper_.addFilter( fmt::format(R"EOF( name: pause-filter{} typed_config: "@type": type.googleapis.com/google.protobuf.Empty)EOF", - downstreamProtocol() == Http::CodecClient::Type::HTTP3 ? "-for-quic" : "")); + downstreamProtocol() == Http::CodecType::HTTP3 ? "-for-quic" : "")); manySimultaneousRequests(1024 * 20, 1024 * 20); } @@ -371,6 +401,8 @@ TEST_P(Http2UpstreamIntegrationTest, UpstreamConnectionCloseWithManyStreams) { for (uint32_t i = 1; i < num_requests; ++i) { ASSERT_TRUE(responses[i]->waitForReset()); } + + EXPECT_NE(0, downstreamRxResetCounterValue()); } // Regression test for https://github.com/envoyproxy/envoy/issues/6744 @@ -431,6 +463,13 @@ name: router ASSERT_TRUE(response->waitForEndStream()); EXPECT_TRUE(response->complete()); + + // As the error was internal, Envoy should reset the upstream connection. + // Downstream gets an error, so no resets there. + EXPECT_EQ(1, upstreamTxResetCounterValue()); + EXPECT_EQ(0, downstreamTxResetCounterValue()); + EXPECT_EQ(0, upstreamRxResetCounterValue()); + EXPECT_EQ(0, downstreamRxResetCounterValue()); } // Tests the default limit for the number of response headers is 100. Results in a stream reset if @@ -609,18 +648,18 @@ class MixedUpstreamIntegrationTest : public Http2UpstreamIntegrationTest { Http2UpstreamIntegrationTest::initialize(); } void createUpstreams() override { - ASSERT_EQ(upstreamProtocol(), FakeHttpConnection::Type::HTTP3); + ASSERT_EQ(upstreamProtocol(), Http::CodecType::HTTP3); ASSERT_EQ(fake_upstreams_count_, 1); ASSERT_FALSE(autonomous_upstream_); if (use_http2_) { - auto config = configWithType(FakeHttpConnection::Type::HTTP2); + auto config = configWithType(Http::CodecType::HTTP2); Network::TransportSocketFactoryPtr factory = createUpstreamTlsContext(config); - addFakeUpstream(std::move(factory), FakeHttpConnection::Type::HTTP2); + addFakeUpstream(std::move(factory), Http::CodecType::HTTP2); } else { - auto config = configWithType(FakeHttpConnection::Type::HTTP3); + auto config = configWithType(Http::CodecType::HTTP3); Network::TransportSocketFactoryPtr factory = createUpstreamTlsContext(config); - addFakeUpstream(std::move(factory), FakeHttpConnection::Type::HTTP3); + addFakeUpstream(std::move(factory), Http::CodecType::HTTP3); } } @@ -638,7 +677,7 @@ TEST_P(MixedUpstreamIntegrationTest, SimultaneousRequestAutoWithHttp2) { INSTANTIATE_TEST_SUITE_P(Protocols, MixedUpstreamIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP2}, {FakeHttpConnection::Type::HTTP3})), + {Http::CodecType::HTTP2}, {Http::CodecType::HTTP3})), HttpProtocolIntegrationTest::protocolTestParamsToString); #endif diff --git a/test/integration/multiplexed_upstream_integration_test.h b/test/integration/multiplexed_upstream_integration_test.h index 45e35a83b42e..a0903c717d2e 100644 --- a/test/integration/multiplexed_upstream_integration_test.h +++ b/test/integration/multiplexed_upstream_integration_test.h @@ -9,8 +9,7 @@ class Http2UpstreamIntegrationTest : public HttpProtocolIntegrationTest { public: void initialize() override { upstream_tls_ = true; - config_helper_.configureUpstreamTls(use_alpn_, - upstreamProtocol() == FakeHttpConnection::Type::HTTP3); + config_helper_.configureUpstreamTls(use_alpn_, upstreamProtocol() == Http::CodecType::HTTP3); HttpProtocolIntegrationTest::initialize(); } @@ -20,5 +19,10 @@ class Http2UpstreamIntegrationTest : public HttpProtocolIntegrationTest { void manySimultaneousRequests(uint32_t request_bytes, uint32_t response_bytes); bool use_alpn_{false}; + + uint64_t upstreamRxResetCounterValue(); + uint64_t upstreamTxResetCounterValue(); + uint64_t downstreamRxResetCounterValue(); + uint64_t downstreamTxResetCounterValue(); }; } // namespace Envoy diff --git a/test/integration/original_ip_detection_integration_test.cc b/test/integration/original_ip_detection_integration_test.cc index 9fa25edce17e..8bc353e0da49 100644 --- a/test/integration/original_ip_detection_integration_test.cc +++ b/test/integration/original_ip_detection_integration_test.cc @@ -15,8 +15,7 @@ class OriginalIPDetectionIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - OriginalIPDetectionIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + OriginalIPDetectionIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void runTest(const std::string& ip) { useAccessLog("%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"); diff --git a/test/integration/overload_integration_test.cc b/test/integration/overload_integration_test.cc index 055cc6a3d414..33973434429c 100644 --- a/test/integration/overload_integration_test.cc +++ b/test/integration/overload_integration_test.cc @@ -115,7 +115,10 @@ class OverloadIntegrationTest : public HttpProtocolIntegrationTest { }; INSTANTIATE_TEST_SUITE_P(Protocols, OverloadIntegrationTest, - testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams()), + testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( + {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2, + Http::CodecClient::Type::HTTP3}, + {FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP2})), HttpProtocolIntegrationTest::protocolTestParamsToString); TEST_P(OverloadIntegrationTest, CloseStreamsWhenOverloaded) { @@ -168,7 +171,7 @@ TEST_P(OverloadIntegrationTest, CloseStreamsWhenOverloaded) { } TEST_P(OverloadIntegrationTest, DisableKeepaliveWhenOverloaded) { - if (downstreamProtocol() != Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() != Http::CodecType::HTTP1) { return; // only relevant for downstream HTTP1.x connections } @@ -221,17 +224,29 @@ TEST_P(OverloadIntegrationTest, StopAcceptingConnectionsWhenOverloaded) { updateResource(0.95); test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", 1); - codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); - Http::TestRequestHeaderMapImpl request_headers{ - {":method", "GET"}, {":path", "/test/long/url"}, {":scheme", "http"}, {":authority", "host"}}; - auto response = codec_client_->makeRequestWithBody(request_headers, 10); - EXPECT_FALSE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_, - std::chrono::milliseconds(1000))); + IntegrationStreamDecoderPtr response; + if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { + // For HTTP/3, excess connections are force-rejected. + codec_client_ = + makeRawHttpConnection(makeClientConnection((lookupPort("http"))), absl::nullopt); + EXPECT_TRUE(codec_client_->disconnected()); + } else { + // For HTTP/2 and below, excess connection won't be accepted, but will hang out + // in a pending state and resume below. + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + response = codec_client_->makeRequestWithBody(default_request_headers_, 10); + EXPECT_FALSE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_, + std::chrono::milliseconds(1000))); + } // Reduce load a little to allow the connection to be accepted. updateResource(0.9); test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", 0); + if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + response = codec_client_->makeRequestWithBody(default_request_headers_, 10); + } EXPECT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); EXPECT_TRUE(fake_upstream_connection_->waitForNewStream(*dispatcher_, upstream_request_)); ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); @@ -305,7 +320,7 @@ TEST_P(OverloadScaledTimerIntegrationTest, CloseIdleHttpConnections) { test_server_->waitForCounterGe("http.config_test.downstream_cx_idle_timeout", 1); dispatcher_->run(Event::Dispatcher::RunType::NonBlock); - if (GetParam().downstream_protocol == Http::CodecClient::Type::HTTP1) { + if (GetParam().downstream_protocol == Http::CodecType::HTTP1) { // For HTTP1, Envoy will start draining but will wait to close the // connection. If a new stream comes in, it will set the connection header // to "close" on the response and close the connection after. diff --git a/test/integration/protocol_integration_test.cc b/test/integration/protocol_integration_test.cc index 3c799a0566a5..29ae50d9763a 100644 --- a/test/integration/protocol_integration_test.cc +++ b/test/integration/protocol_integration_test.cc @@ -15,16 +15,16 @@ #include "envoy/http/header_map.h" #include "envoy/registry/registry.h" -#include "common/api/api_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/fmt.h" -#include "common/common/thread_annotations.h" -#include "common/http/headers.h" -#include "common/http/utility.h" -#include "common/network/utility.h" -#include "common/protobuf/utility.h" -#include "common/runtime/runtime_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/thread_annotations.h" +#include "source/common/http/headers.h" +#include "source/common/http/utility.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/common/http/http2/http2_frame.h" #include "test/common/upstream/utility.h" @@ -55,7 +55,7 @@ void setDoNotValidateRouteConfig( // TODO(#2557) fix all the failures. #define EXCLUDE_DOWNSTREAM_HTTP3 \ - if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { \ + if (downstreamProtocol() == Http::CodecType::HTTP3) { \ return; \ } @@ -301,7 +301,7 @@ name: add-trailers-filter upstream_request_->encodeData(128, true); ASSERT_TRUE(response->waitForEndStream()); - if (upstreamProtocol() >= FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() >= Http::CodecType::HTTP2) { EXPECT_EQ("decode", upstream_request_->trailers() ->get(Http::LowerCaseString("grpc-message"))[0] ->value() @@ -309,7 +309,7 @@ name: add-trailers-filter } EXPECT_TRUE(response->complete()); EXPECT_EQ("503", response->headers().getStatusValue()); - if (downstream_protocol_ >= Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ >= Http::CodecType::HTTP2) { EXPECT_EQ("encode", response->trailers()->getGrpcMessageValue()); } } @@ -333,9 +333,218 @@ TEST_P(ProtocolIntegrationTest, ResponseWithHostHeader) { response->headers().get(Http::LowerCaseString("host"))[0]->value().getStringView()); } +// Upstream 304 response with Content-Length and no actual body +// The content-length header should be preserved and no transfer-encoding header should be added +TEST_P(ProtocolIntegrationTest, Upstream304ResponseWithContentLength) { + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "304"}, + {"etag", "\"1234567890\""}, + {"content-length", "123"}}, + true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_EQ( + "123", + response->headers().get(Http::LowerCaseString("content-length"))[0]->value().getStringView()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + + // Make a HEAD request to make sure the previous 304 response with Content-Length did not cause + // issue. + response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "HEAD"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "304"}, + {"etag", "\"1234567890\""}, + {"content-length", "123"}}, + true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_EQ( + "123", + response->headers().get(Http::LowerCaseString("content-length"))[0]->value().getStringView()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); +} + +// Upstream 304 response with Content-Length and no actual body +// The legacy behavior is the same when upstream set content-length header +TEST_P(ProtocolIntegrationTest, Upstream304ResponseWithContentLengthLegacy) { + config_helper_.addRuntimeOverride("envoy.reloadable_features.no_chunked_encoding_header_for_304", + "false"); + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "304"}, + {"etag", "\"1234567890\""}, + {"content-length", "123"}}, + true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_EQ( + "123", + response->headers().get(Http::LowerCaseString("content-length"))[0]->value().getStringView()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + + // Make a HEAD request to make sure the previous 304 response with Content-Length did not cause + // issue. + response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "HEAD"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "304"}, + {"etag", "\"1234567890\""}, + {"content-length", "123"}}, + true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_EQ( + "123", + response->headers().get(Http::LowerCaseString("content-length"))[0]->value().getStringView()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); +} + +// Upstream 304 response without Content-Length +// No content-length nor transfer-encoding header should be added for all protocol combinations. +TEST_P(ProtocolIntegrationTest, 304ResponseWithoutContentLength) { + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders( + Http::TestResponseHeaderMapImpl{{":status", "304"}, {"etag", "\"1234567890\""}}, true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("content-length")).empty()); +} + +// Upstream 304 response without Content-Length +// The legacy behavior varies base on protocol combinations. +TEST_P(ProtocolIntegrationTest, 304ResponseWithoutContentLengthLegacy) { + config_helper_.addRuntimeOverride("envoy.reloadable_features.no_chunked_encoding_header_for_304", + "false"); + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders( + Http::TestResponseHeaderMapImpl{{":status", "304"}, {"etag", "\"1234567890\""}}, true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { + ASSERT_FALSE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + EXPECT_EQ("chunked", response->headers() + .get(Http::LowerCaseString("transfer-encoding"))[0] + ->value() + .getStringView()); + ASSERT_TRUE(response->headers().get(Http::LowerCaseString("content-length")).empty()); + } else { + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + ASSERT_FALSE(response->headers().get(Http::LowerCaseString("content-length")).empty()); + EXPECT_EQ("0", response->headers() + .get(Http::LowerCaseString("content-length"))[0] + ->value() + .getStringView()); + } + } else { + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + } +} + +// Upstream 304 response for HEAD request without Content-Length +// Response to HEAD request is the same as response to GET request and consistent with different +// protocol combinations. +TEST_P(ProtocolIntegrationTest, 304HeadResponseWithoutContentLength) { + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "HEAD"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders( + Http::TestResponseHeaderMapImpl{{":status", "304"}, {"etag", "\"1234567890\""}}, true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("content-length")).empty()); +} + +// Upstream 304 response for HEAD request without Content-Length +// The legacy behavior is different between GET and HEAD request and between protocol combinations. +TEST_P(ProtocolIntegrationTest, 304HeadResponseWithoutContentLengthLegacy) { + config_helper_.addRuntimeOverride("envoy.reloadable_features.no_chunked_encoding_header_for_304", + "false"); + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "HEAD"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}, + {"if-none-match", "\"1234567890\""}}); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders( + Http::TestResponseHeaderMapImpl{{":status", "304"}, {"etag", "\"1234567890\""}}, true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("304", response->headers().getStatusValue()); + if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + + ASSERT_FALSE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + EXPECT_EQ("chunked", response->headers() + .get(Http::LowerCaseString("transfer-encoding"))[0] + ->value() + .getStringView()); + } else { + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("transfer-encoding")).empty()); + } + EXPECT_TRUE(response->headers().get(Http::LowerCaseString("content-length")).empty()); +} + // Tests missing headers needed for H/1 codec first line. TEST_P(DownstreamProtocolIntegrationTest, DownstreamRequestWithFaultyFilter) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { + if (upstreamProtocol() == Http::CodecType::HTTP3) { // For QUIC, even through the headers are not sent upstream, the stream will // be created. Use the autonomous upstream and allow incomplete streams. autonomous_allow_incomplete_streams_ = true; @@ -375,7 +584,7 @@ TEST_P(DownstreamProtocolIntegrationTest, DownstreamRequestWithFaultyFilter) { TEST_P(DownstreamProtocolIntegrationTest, FaultyFilterWithConnect) { // TODO(danzh) re-enable after adding http3 option "allow_connect". EXCLUDE_DOWNSTREAM_HTTP3; - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { + if (upstreamProtocol() == Http::CodecType::HTTP3) { // For QUIC, even through the headers are not sent upstream, the stream will // be created. Use the autonomous upstream and allow incomplete streams. autonomous_allow_incomplete_streams_ = true; @@ -403,7 +612,7 @@ TEST_P(DownstreamProtocolIntegrationTest, FaultyFilterWithConnect) { auto headers = Http::TestRequestHeaderMapImpl{ {":method", "CONNECT"}, {":scheme", "http"}, {":authority", "www.host.com:80"}}; - auto response = (downstream_protocol_ == Http::CodecClient::Type::HTTP1) + auto response = (downstream_protocol_ == Http::CodecType::HTTP1) ? std::move((codec_client_->startRequest(headers)).second) : codec_client_->makeHeaderOnlyRequest(headers); @@ -494,6 +703,11 @@ TEST_P(ProtocolIntegrationTest, LongHeaderValueWithSpaces) { } TEST_P(ProtocolIntegrationTest, Retry) { + config_helper_.addConfigModifier([&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { + RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, ""); + auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0); + cluster.mutable_track_cluster_stats()->set_request_response_sizes(true); + }); initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); auto response = codec_client_->makeRequestWithBody( @@ -507,7 +721,7 @@ TEST_P(ProtocolIntegrationTest, Retry) { waitForNextUpstreamRequest(); upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_, std::chrono::milliseconds(500))); @@ -526,22 +740,30 @@ TEST_P(ProtocolIntegrationTest, Retry) { EXPECT_EQ("200", response->headers().getStatusValue()); EXPECT_EQ(512U, response->body().size()); Stats::Store& stats = test_server_->server().stats(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { - Stats::CounterSharedPtr counter = - TestUtility::findCounter(stats, "cluster.cluster_0.http2.tx_reset"); + if (upstreamProtocol() == Http::CodecType::HTTP2) { + Stats::CounterSharedPtr counter = TestUtility::findCounter( + stats, absl::StrCat("cluster.cluster_0.", upstreamProtocolStatsRoot(), ".tx_reset")); ASSERT_NE(nullptr, counter); EXPECT_EQ(1L, counter->value()); - } else if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { - // TODO(alyssawilk) http3 stats. - Stats::CounterSharedPtr counter = - TestUtility::findCounter(stats, "cluster.cluster_0.upstream_rq_tx_reset"); - ASSERT_NE(nullptr, counter); - EXPECT_EQ(1L, counter->value()); - } else { - Stats::CounterSharedPtr counter = - TestUtility::findCounter(stats, "cluster.cluster_0.http1.dropped_headers_with_underscores"); - EXPECT_NE(nullptr, counter); } + EXPECT_NE(nullptr, + test_server_->counter(absl::StrCat("cluster.cluster_0.", upstreamProtocolStatsRoot(), + ".dropped_headers_with_underscores"))); + + test_server_->waitUntilHistogramHasSamples("cluster.cluster_0.upstream_rq_headers_size"); + test_server_->waitUntilHistogramHasSamples("cluster.cluster_0.upstream_rs_headers_size"); + + auto find_histo_sample_count = [&](const std::string& name) -> uint64_t { + for (auto& histogram : test_server_->histograms()) { + if (histogram->name() == name) { + return TestUtility::readSampleCount(test_server_->server().dispatcher(), *histogram); + } + } + return 0; + }; + + EXPECT_EQ(find_histo_sample_count("cluster.cluster_0.upstream_rq_headers_size"), 2); + EXPECT_EQ(find_histo_sample_count("cluster.cluster_0.upstream_rs_headers_size"), 2); } TEST_P(ProtocolIntegrationTest, RetryStreaming) { @@ -568,7 +790,7 @@ TEST_P(ProtocolIntegrationTest, RetryStreaming) { // Send back an upstream failure. upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -631,7 +853,7 @@ TEST_P(ProtocolIntegrationTest, RetryStreamingReset) { }); // Make sure the fake stream is reset. - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -698,7 +920,7 @@ TEST_P(ProtocolIntegrationTest, RetryStreamingCancelDueToBufferOverflow) { // Send back an upstream failure. upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -740,7 +962,7 @@ TEST_P(DownstreamProtocolIntegrationTest, RetryAttemptCountHeader) { EXPECT_EQ(atoi(std::string(upstream_request_->headers().getEnvoyAttemptCountValue()).c_str()), 1); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { @@ -811,14 +1033,14 @@ TEST_P(DownstreamProtocolIntegrationTest, RetryPriority) { waitForNextUpstreamRequest(0); upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[0]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[0]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[1]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); } else { ASSERT_TRUE(upstream_request_->waitForReset()); } - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { + if (upstreamProtocol() == Http::CodecType::HTTP3) { // Make sure waitForNextUpstreamRequest waits for a new connection. fake_upstream_connection_.reset(); } @@ -878,7 +1100,7 @@ TEST_P(DownstreamProtocolIntegrationTest, RetryHostPredicateFilter) { ASSERT_TRUE(upstream_idx.has_value()); upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "503"}}, false); - if (fake_upstreams_[*upstream_idx]->httpType() == FakeHttpConnection::Type::HTTP1) { + if (fake_upstreams_[*upstream_idx]->httpType() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); ASSERT_TRUE(fake_upstreams_[*upstream_idx]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); @@ -978,7 +1200,7 @@ TEST_P(DownstreamProtocolIntegrationTest, HittingDecoderFilterLimit) { // the 413-and-connection-close may be sent while the body is still being // sent, resulting in a write error and the connection being closed before the // response is read. - if (downstream_protocol_ >= Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ >= Http::CodecType::HTTP2) { ASSERT_TRUE(response->complete()); } if (response->complete()) { @@ -1020,7 +1242,7 @@ TEST_P(ProtocolIntegrationTest, HittingEncoderFilterLimit) { // Now send an overly large response body. At some point, too much data will // be buffered, the stream will be reset, and the connection will disconnect. upstream_request_->encodeData(1024 * 65, false); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -1116,13 +1338,13 @@ TEST_P(ProtocolIntegrationTest, HeadersWithUnderscoresDropped) { Stats::Store& stats = test_server_->server().stats(); std::string stat_name; switch (downstreamProtocol()) { - case Http::CodecClient::Type::HTTP1: + case Http::CodecType::HTTP1: stat_name = "http1.dropped_headers_with_underscores"; break; - case Http::CodecClient::Type::HTTP2: + case Http::CodecType::HTTP2: stat_name = "http2.dropped_headers_with_underscores"; break; - case Http::CodecClient::Type::HTTP3: + case Http::CodecType::HTTP3: stat_name = "http3.dropped_headers_with_underscores"; break; default: @@ -1171,7 +1393,7 @@ TEST_P(DownstreamProtocolIntegrationTest, HeadersWithUnderscoresCauseRequestReje {":authority", "host"}, {"foo_bar", "baz"}}); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); ASSERT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); @@ -1218,15 +1440,15 @@ TEST_P(ProtocolIntegrationTest, 304WithBody) { // For HTTP/1.1 http_parser is explicitly told that 304s are header-only // requests. - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1 || - upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1 || + upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(response->complete()); } else { ASSERT_FALSE(response->complete()); } upstream_request_->encodeData(2, true); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { // Any body sent after the request is considered complete will not be handled as part of the // active request, but will be flagged as a protocol error for the no-longer-associated // connection. @@ -1239,8 +1461,8 @@ TEST_P(ProtocolIntegrationTest, 304WithBody) { // Only for HTTP/2 and Http/3, where streams are ended with an explicit end-stream so we // can differentiate between 304-with-advertised-but-absent-body and // 304-with-body, is there a protocol error on the active stream. - if (downstream_protocol_ >= Http::CodecClient::Type::HTTP2 && - upstreamProtocol() >= FakeHttpConnection::Type::HTTP2) { + if (downstream_protocol_ >= Http::CodecType::HTTP2 && + upstreamProtocol() >= Http::CodecType::HTTP2) { ASSERT_TRUE(response->waitForReset()); } } @@ -1251,7 +1473,7 @@ TEST_P(ProtocolIntegrationTest, OverflowingResponseCode) { codec_client_ = makeHttpConnection(lookupPort("http")); auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { // The http1 codec won't send illegal status codes so send raw HTTP/1.1 FakeRawConnectionPtr fake_upstream_connection; ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection)); @@ -1280,13 +1502,13 @@ TEST_P(ProtocolIntegrationTest, MissingStatus) { codec_client_ = makeHttpConnection(lookupPort("http")); auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { FakeRawConnectionPtr fake_upstream_connection; ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection)); ASSERT(fake_upstream_connection != nullptr); ASSERT_TRUE(fake_upstream_connection->write("HTTP/1.1 OK\r\n", false)); ASSERT_TRUE(fake_upstream_connection->waitForDisconnect()); - } else if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + } else if (upstreamProtocol() == Http::CodecType::HTTP2) { FakeRawConnectionPtr fake_upstream_connection; ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection)); Http::Http2::Http2Frame::SettingsFlags settings_flags = @@ -1314,7 +1536,7 @@ TEST_P(ProtocolIntegrationTest, MissingStatus) { // Validate that lots of tiny cookies doesn't cause a DoS (single cookie header). TEST_P(DownstreamProtocolIntegrationTest, LargeCookieParsingConcatenated) { - if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { + if (downstreamProtocol() == Http::CodecType::HTTP3) { // QUICHE Qpack splits concatenated cookies into crumbs to increase // compression ratio. On the receiver side, the total size of these crumbs // may be larger than coalesced cookie headers. Increase the max request @@ -1326,7 +1548,7 @@ TEST_P(DownstreamProtocolIntegrationTest, LargeCookieParsingConcatenated) { hcm.mutable_common_http_protocol_options()->mutable_max_headers_count()->set_value(8000); }); } - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { + if (upstreamProtocol() == Http::CodecType::HTTP3) { setMaxRequestHeadersKb(96); setMaxRequestHeadersCount(8000); } @@ -1393,7 +1615,7 @@ TEST_P(DownstreamProtocolIntegrationTest, InvalidContentLength) { ASSERT_TRUE(codec_client_->waitForDisconnect()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); test_server_->waitForCounterGe("http.config_test.downstream_rq_4xx", 1); @@ -1429,14 +1651,14 @@ TEST_P(DownstreamProtocolIntegrationTest, InvalidContentLengthAllowed) { {"content-length", "-1"}}); auto response = std::move(encoder_decoder.second); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response->waitForReset()); codec_client_->close(); } - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); } else { @@ -1457,7 +1679,7 @@ TEST_P(DownstreamProtocolIntegrationTest, MultipleContentLengths) { ASSERT_TRUE(codec_client_->waitForDisconnect()); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); } else { @@ -1488,14 +1710,14 @@ TEST_P(DownstreamProtocolIntegrationTest, MultipleContentLengthsAllowed) { {"content-length", "3,2"}}); auto response = std::move(encoder_decoder.second); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response->waitForReset()); codec_client_->close(); } - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); } else { @@ -1570,14 +1792,11 @@ TEST_P(DownstreamProtocolIntegrationTest, LargeRequestHeadersRejected) { } TEST_P(DownstreamProtocolIntegrationTest, VeryLargeRequestHeadersRejected) { -#ifdef WIN32 - // TODO(alyssawilk, wrowe) debug. - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { - return; - } -#endif - // Send one very large 2048 kB (2 MB) header with limit 1024 kB (1 MB) and 100 headers. - testLargeRequestHeaders(2048, 1, 1024, 100); + // Send one very large 600 kB header with limit 500 kB and 100 headers. + // The limit and the header size are set in such a way to accommodate for flow control limits. + // If the headers are too large and the flow control blocks the response is truncated and the test + // flakes. + testLargeRequestHeaders(600, 1, 500, 100); } TEST_P(DownstreamProtocolIntegrationTest, LargeRequestHeadersAccepted) { @@ -1586,10 +1805,6 @@ TEST_P(DownstreamProtocolIntegrationTest, LargeRequestHeadersAccepted) { } TEST_P(DownstreamProtocolIntegrationTest, ManyLargeRequestHeadersAccepted) { - // Fail under TSAN. Quic blackhole detection fired and closed the connection with - // QUIC_TOO_MANY_RTOS while waiting for upstream finishing transferring the large header. Observed - // long event loop. - EXCLUDE_DOWNSTREAM_HTTP3; // Send 70 headers each of size 100 kB with limit 8192 kB (8 MB) and 100 headers. testLargeRequestHeaders(100, 70, 8192, 100, TSAN_TIMEOUT_FACTOR * TestUtility::DefaultTimeout); } @@ -1626,7 +1841,7 @@ TEST_P(DownstreamProtocolIntegrationTest, ManyRequestTrailersRejected) { codec_client_->sendData(*request_encoder_, 1, false); codec_client_->sendTrailers(*request_encoder_, request_trailers); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); EXPECT_TRUE(response->complete()); EXPECT_EQ("431", response->headers().getStatusValue()); @@ -1749,7 +1964,7 @@ TEST_P(ProtocolIntegrationTest, LargeRequestMethod) { initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { auto encoder_decoder = codec_client_->startRequest(request_headers); request_encoder_ = &encoder_decoder.first; auto response = std::move(encoder_decoder.second); @@ -1757,8 +1972,8 @@ TEST_P(ProtocolIntegrationTest, LargeRequestMethod) { EXPECT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); } else { - ASSERT(downstreamProtocol() >= Http::CodecClient::Type::HTTP2); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + ASSERT(downstreamProtocol() >= Http::CodecType::HTTP2); + if (upstreamProtocol() == Http::CodecType::HTTP1) { auto response = codec_client_->makeHeaderOnlyRequest(request_headers); ASSERT_TRUE( fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_)); @@ -1766,7 +1981,7 @@ TEST_P(ProtocolIntegrationTest, LargeRequestMethod) { EXPECT_TRUE(response->complete()); EXPECT_EQ("400", response->headers().getStatusValue()); } else { - ASSERT(upstreamProtocol() >= FakeHttpConnection::Type::HTTP2); + ASSERT(upstreamProtocol() >= Http::CodecType::HTTP2); auto response = sendRequestAndWaitForResponse(request_headers, 0, default_response_headers_, 0); EXPECT_TRUE(response->complete()); @@ -1934,8 +2149,6 @@ name: passthrough-filter // Tests encodeHeaders() returns StopAllIterationAndBuffer. TEST_P(DownstreamProtocolIntegrationTest, TestEncodeHeadersReturnsStopAll) { - // encodeMetadata() not supported in QUICHE. - EXCLUDE_DOWNSTREAM_HTTP3 config_helper_.addFilter(R"EOF( name: encode-headers-return-stop-all-filter )EOF"); @@ -1964,22 +2177,12 @@ name: encode-headers-return-stop-all-filter ASSERT_TRUE(response->waitForEndStream()); ASSERT_TRUE(response->complete()); // Data is added in encodeData for all protocols, and encodeTrailers for HTTP/2 and above. - int times_added = (upstreamProtocol() == FakeHttpConnection::Type::HTTP1 || - downstreamProtocol() == Http::CodecClient::Type::HTTP1) - ? 1 - : 2; - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1 && - upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { - // TODO(alyssawilk) Figure out why the bytes mismatch with the test expectation below. - return; - } + int times_added = upstreamProtocol() == Http::CodecType::HTTP1 ? 1 : 2; EXPECT_EQ(count_ * size_ + added_decoded_data_size_ * times_added, response->body().size()); } // Tests encodeHeaders() returns StopAllIterationAndWatermark. TEST_P(DownstreamProtocolIntegrationTest, TestEncodeHeadersReturnsStopAllWatermark) { - // Metadata is not supported in QUICHE. - EXCLUDE_DOWNSTREAM_HTTP3 config_helper_.addFilter(R"EOF( name: encode-headers-return-stop-all-filter )EOF"); @@ -2016,29 +2219,28 @@ name: encode-headers-return-stop-all-filter ASSERT_TRUE(response->waitForEndStream()); ASSERT_TRUE(response->complete()); // Data is added in encodeData for all protocols, and encodeTrailers for HTTP/2 and above. - int times_added = (upstreamProtocol() == FakeHttpConnection::Type::HTTP1 || - downstreamProtocol() == Http::CodecClient::Type::HTTP1) - ? 1 - : 2; - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1 && - upstreamProtocol() == FakeHttpConnection::Type::HTTP3) { - // TODO(alyssawilk) Figure out why the bytes mismatch with the test expectation below. - return; - } + int times_added = upstreamProtocol() == Http::CodecType::HTTP1 ? 1 : 2; EXPECT_EQ(count_ * size_ + added_decoded_data_size_ * times_added, response->body().size()); } // Per https://github.com/envoyproxy/envoy/issues/7488 make sure we don't // combine set-cookie headers -TEST_P(ProtocolIntegrationTest, MultipleSetCookies) { +TEST_P(ProtocolIntegrationTest, MultipleCookiesAndSetCookies) { initialize(); codec_client_ = makeHttpConnection(lookupPort("http")); + Http::TestRequestHeaderMapImpl request_headers{{":method", "GET"}, {":path", "/dynamo/url"}, + {":scheme", "http"}, {":authority", "host"}, + {"cookie", "a=b"}, {"cookie", "c=d"}}; Http::TestResponseHeaderMapImpl response_headers{ {":status", "200"}, {"set-cookie", "foo"}, {"set-cookie", "bar"}}; - auto response = sendRequestAndWaitForResponse(default_request_headers_, 0, response_headers, 0); + auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 0); + if (downstreamProtocol() == Http::CodecClient::Type::HTTP3) { + EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Cookie)[0]->value(), + "a=b; c=d"); + } ASSERT_TRUE(response->complete()); EXPECT_EQ("200", response->headers().getStatusValue()); @@ -2049,6 +2251,42 @@ TEST_P(ProtocolIntegrationTest, MultipleSetCookies) { ASSERT_EQ(out[1]->value().getStringView(), "bar"); } +// Test that delay closed connections are eventually force closed when the timeout triggers. +TEST_P(DownstreamProtocolIntegrationTest, TestDelayedConnectionTeardownTimeoutTrigger) { + config_helper_.addFilter("{ name: encoder-decoder-buffer-filter, typed_config: { \"@type\": " + "type.googleapis.com/google.protobuf.Empty } }"); + config_helper_.setBufferLimits(1024, 1024); + config_helper_.addConfigModifier( + [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& + hcm) { + // 200ms. + hcm.mutable_delayed_close_timeout()->set_nanos(200000000); + hcm.mutable_drain_timeout()->set_seconds(1); + hcm.mutable_common_http_protocol_options()->mutable_idle_timeout()->set_seconds(1); + }); + + initialize(); + + codec_client_ = makeHttpConnection(lookupPort("http")); + + auto encoder_decoder = + codec_client_->startRequest(Http::TestRequestHeaderMapImpl{{":method", "POST"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host"}}); + request_encoder_ = &encoder_decoder.first; + auto response = std::move(encoder_decoder.second); + + codec_client_->sendData(*request_encoder_, 1024 * 65, false); + + ASSERT_TRUE(response->waitForEndStream()); + // The delayed close timeout should trigger since client is not closing the connection. + EXPECT_TRUE(codec_client_->waitForDisconnect(std::chrono::milliseconds(5000))); + EXPECT_EQ(codec_client_->lastConnectionEvent(), Network::ConnectionEvent::RemoteClose); + EXPECT_EQ(test_server_->counter("http.config_test.downstream_cx_delayed_close_timeout")->value(), + 1); +} + // Resets the downstream stream immediately and verifies that we clean up everything. TEST_P(ProtocolIntegrationTest, TestDownstreamResetIdleTimeout) { useAccessLog("%RESPONSE_FLAGS% %RESPONSE_CODE_DETAILS%"); @@ -2063,13 +2301,13 @@ TEST_P(ProtocolIntegrationTest, TestDownstreamResetIdleTimeout) { EXPECT_TRUE(fake_upstream_connection_->waitForNewStream(*dispatcher_, upstream_request_)); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { codec_client_->close(); } else { codec_client_->sendReset(encoder_decoder.first); } - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -2157,7 +2395,7 @@ TEST_P(DownstreamProtocolIntegrationTest, TestPreconnect) { auto response = sendRequestAndWaitForResponse(default_request_headers_, 0, default_response_headers_, 0); FakeHttpConnectionPtr fake_upstream_connection_two; - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { // For HTTP/1.1 there should be a preconnected connection. ASSERT_TRUE( fake_upstreams_[0]->waitForHttpConnection(*dispatcher_, fake_upstream_connection_two)); @@ -2219,7 +2457,7 @@ TEST_P(DownstreamProtocolIntegrationTest, InvalidAuthority) { {":authority", "ho|st|"}}; auto response = codec_client_->makeHeaderOnlyRequest(request_headers); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { // For HTTP/1 this is handled by the HCM, which sends a full 400 response. ASSERT_TRUE(response->waitForEndStream()); ASSERT_TRUE(response->complete()); @@ -2240,7 +2478,7 @@ TEST_P(DownstreamProtocolIntegrationTest, ConnectIsBlocked) { request_encoder_ = &encoder_decoder.first; auto response = std::move(encoder_decoder.second); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { // Because CONNECT requests for HTTP/1 do not include a path, they will fail // to find a route match and return a 404. ASSERT_TRUE(response->waitForEndStream()); @@ -2257,7 +2495,7 @@ TEST_P(DownstreamProtocolIntegrationTest, ConnectIsBlocked) { TEST_P(DownstreamProtocolIntegrationTest, ConnectStreamRejection) { // TODO(danzh) add "allow_connect" to http3 options. EXCLUDE_DOWNSTREAM_HTTP3; - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { return; } config_helper_.addConfigModifier( @@ -2332,4 +2570,121 @@ TEST_P(DownstreamProtocolIntegrationTest, LocalReplyWithMetadata) { ASSERT_EQ("200", response->headers().getStatusValue()); } +// Verify that host's trailing dot is removed and matches the domain for routing request. +TEST_P(ProtocolIntegrationTest, EnableStripTrailingHostDot) { + config_helper_.addConfigModifier( + [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& + hcm) -> void { + hcm.set_strip_trailing_host_dot(true); + // clear existing domains and add new domain. + auto* route_config = hcm.mutable_route_config(); + auto* virtual_host = route_config->mutable_virtual_hosts(0); + virtual_host->clear_domains(); + virtual_host->add_domains("host"); + }); + + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host."}}); + waitForNextUpstreamRequest(); + + upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}}, true); + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); +} + +// Verify that host's trailing dot is not removed and thus fails to match configured domains for +// routing request. +TEST_P(DownstreamProtocolIntegrationTest, DisableStripTrailingHostDot) { + config_helper_.addConfigModifier( + [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& + hcm) -> void { + hcm.set_strip_trailing_host_dot(false); + // clear existing domains and add new domain. + auto* route_config = hcm.mutable_route_config(); + auto* virtual_host = route_config->mutable_virtual_hosts(0); + virtual_host->clear_domains(); + virtual_host->add_domains("host"); + }); + + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + auto response = codec_client_->makeHeaderOnlyRequest( + Http::TestRequestHeaderMapImpl{{":method", "GET"}, + {":path", "/test/long/url"}, + {":scheme", "http"}, + {":authority", "host."}}); + // Expect local reply as request host fails to match configured domains. + ASSERT_TRUE(response->waitForEndStream()); + EXPECT_TRUE(response->complete()); + EXPECT_EQ("404", response->headers().getStatusValue()); +} + +static std::string remove_response_headers_filter = R"EOF( +name: remove-response-headers-filter +typed_config: + "@type": type.googleapis.com/google.protobuf.Empty +)EOF"; + +TEST_P(ProtocolIntegrationTest, HeadersOnlyRequestWithRemoveResponseHeadersFilter) { + config_helper_.addFilter(remove_response_headers_filter); + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + + IntegrationStreamDecoderPtr response = + codec_client_->makeHeaderOnlyRequest(default_request_headers_); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, false); + ASSERT_TRUE(response->waitForEndStream()); + // If a filter chain removes :status from the response headers, then Envoy must reply with + // BadGateway and must not crash. + ASSERT_TRUE(codec_client_->connected()); + EXPECT_EQ("502", response->headers().getStatusValue()); + EXPECT_THAT(response->body(), HasSubstr("missing required header: :status")); +} + +TEST_P(ProtocolIntegrationTest, RemoveResponseHeadersFilter) { + config_helper_.addFilter(remove_response_headers_filter); + initialize(); + codec_client_ = makeHttpConnection(lookupPort("http")); + + IntegrationStreamDecoderPtr response = + codec_client_->makeRequestWithBody(default_request_headers_, 10); + waitForNextUpstreamRequest(); + upstream_request_->encodeHeaders(default_response_headers_, false); + ASSERT_TRUE(response->waitForEndStream()); + // If a filter chain removes :status from the response headers, then Envoy must reply with + // BadGateway and not crash. + ASSERT_TRUE(codec_client_->connected()); + EXPECT_EQ("502", response->headers().getStatusValue()); + EXPECT_THAT(response->body(), HasSubstr("missing required header: :status")); +} + +TEST_P(ProtocolIntegrationTest, ReqRespSizeStats) { + config_helper_.addConfigModifier([&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { + RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, ""); + auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0); + cluster.mutable_track_cluster_stats()->set_request_response_sizes(true); + }); + initialize(); + + codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); + Http::TestRequestHeaderMapImpl request_headers{ + {":method", "GET"}, {":path", "/found"}, {":scheme", "http"}, {":authority", "foo.com"}}; + Http::TestResponseHeaderMapImpl response_headers{{":status", "200"}}; + auto response = sendRequestAndWaitForResponse(request_headers, 0, response_headers, 0, 0, + TestUtility::DefaultTimeout); + EXPECT_TRUE(upstream_request_->complete()); + ASSERT_TRUE(response->complete()); + EXPECT_EQ("200", response->headers().getStatusValue()); + + test_server_->waitUntilHistogramHasSamples("cluster.cluster_0.upstream_rq_headers_size"); + test_server_->waitUntilHistogramHasSamples("cluster.cluster_0.upstream_rs_headers_size"); +} + } // namespace Envoy diff --git a/test/integration/protocol_integration_test.h b/test/integration/protocol_integration_test.h index 953111451954..fdebe2034f8d 100644 --- a/test/integration/protocol_integration_test.h +++ b/test/integration/protocol_integration_test.h @@ -42,7 +42,7 @@ class DownstreamProtocolIntegrationTest : public HttpProtocolIntegrationTest { } void verifyUpStreamRequestAfterStopAllFilter() { - if (downstreamProtocol() >= Http::CodecClient::Type::HTTP2) { + if (downstreamProtocol() >= Http::CodecType::HTTP2) { // decode-headers-return-stop-all-filter calls addDecodedData in decodeData and // decodeTrailers. 2 decoded data were added. EXPECT_EQ(count_ * size_ + added_decoded_data_size_ * 2, upstream_request_->bodyLength()); diff --git a/test/integration/proxy_proto_integration_test.cc b/test/integration/proxy_proto_integration_test.cc index b678c4d2977b..dc683f677205 100644 --- a/test/integration/proxy_proto_integration_test.cc +++ b/test/integration/proxy_proto_integration_test.cc @@ -5,7 +5,7 @@ #include "envoy/extensions/access_loggers/file/v3/file.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/test_common/network_utility.h" #include "test/test_common/printers.h" @@ -30,7 +30,7 @@ insertProxyProtocolFilterConfigModifier(envoy::config::bootstrap::v3::Bootstrap& } ProxyProtoIntegrationTest::ProxyProtoIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) { + : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) { config_helper_.addConfigModifier(insertProxyProtocolFilterConfigModifier); } @@ -56,7 +56,7 @@ TEST_P(ProxyProtoIntegrationTest, CaptureTlvToMetadata) { testRouterRequestAndResponseWithBody(1024, 512, false, false, &creator); cleanupUpstreamAndDownstream(); const std::string log_line = waitForAccessLog(listener_access_log_name_); - EXPECT_EQ(log_line, "\"foo.com\""); + EXPECT_EQ(log_line, "foo.com"); } TEST_P(ProxyProtoIntegrationTest, V1RouterRequestAndResponseWithBodyNoBuffer) { diff --git a/test/integration/proxy_proto_integration_test.h b/test/integration/proxy_proto_integration_test.h index 3a719ad44aaf..cfce0d553461 100644 --- a/test/integration/proxy_proto_integration_test.h +++ b/test/integration/proxy_proto_integration_test.h @@ -2,9 +2,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/http/codec_client.h" - -#include "extensions/filters/listener/proxy_protocol/proxy_protocol.h" +#include "source/common/http/codec_client.h" +#include "source/extensions/filters/listener/proxy_protocol/proxy_protocol.h" #include "test/integration/fake_upstream.h" #include "test/integration/http_integration.h" diff --git a/test/integration/quic_http_integration_test.cc b/test/integration/quic_http_integration_test.cc index 8f6ce0c4bc69..9ef03170c68e 100644 --- a/test/integration/quic_http_integration_test.cc +++ b/test/integration/quic_http_integration_test.cc @@ -27,23 +27,23 @@ #pragma GCC diagnostic pop #endif -#include "common/quic/client_connection_factory_impl.h" -#include "common/quic/envoy_quic_client_session.h" -#include "common/quic/envoy_quic_client_connection.h" -#include "common/quic/envoy_quic_proof_verifier.h" -#include "common/quic/envoy_quic_connection_helper.h" -#include "common/quic/envoy_quic_alarm_factory.h" -#include "common/quic/envoy_quic_packet_writer.h" -#include "common/quic/envoy_quic_utils.h" -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/client_connection_factory_impl.h" +#include "source/common/quic/envoy_quic_client_session.h" +#include "source/common/quic/envoy_quic_client_connection.h" +#include "source/common/quic/envoy_quic_proof_verifier.h" +#include "source/common/quic/envoy_quic_connection_helper.h" +#include "source/common/quic/envoy_quic_alarm_factory.h" +#include "source/common/quic/envoy_quic_packet_writer.h" +#include "source/common/quic/envoy_quic_utils.h" +#include "source/common/quic/quic_transport_socket_factory.h" #include "test/common/quic/test_utils.h" #include "test/config/integration/certs/clientcert_hash.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" -#if (defined(__has_feature) && __has_feature(thread_sanitizer)) || defined(ENVOY_CONFIG_COVERAGE) -#define DISABLE_UNDER_TSAN_OR_COVERAGE return +#if defined(ENVOY_CONFIG_COVERAGE) +#define DISABLE_UNDER_COVERAGE return #else -#define DISABLE_UNDER_TSAN_OR_COVERAGE \ +#define DISABLE_UNDER_COVERAGE \ do { \ } while (0) #endif @@ -62,15 +62,11 @@ class CodecClientCallbacksForTest : public Http::CodecClientCallbacks { Http::StreamResetReason last_stream_reset_reason_{Http::StreamResetReason::LocalReset}; }; -void updateResource(AtomicFileUpdater& updater, double pressure) { - updater.update(absl::StrCat(pressure)); -} - // A test that sets up its own client connection with customized quic version and connection ID. class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVersionTest { public: QuicHttpIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP3, GetParam().first, + : HttpIntegrationTest(Http::CodecType::HTTP3, GetParam().first, ConfigHelper::quicHttpProxyConfig()), supported_versions_([]() { if (GetParam().second == QuicVersionType::GquicQuicCrypto) { @@ -78,13 +74,10 @@ class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVers } bool use_http3 = GetParam().second == QuicVersionType::Iquic; SetQuicReloadableFlag(quic_disable_version_draft_29, !use_http3); + SetQuicReloadableFlag(quic_enable_version_rfcv1, use_http3); return quic::CurrentSupportedVersions(); }()), - conn_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *conn_helper_.GetClock()), - injected_resource_filename_1_(TestEnvironment::temporaryPath("injected_resource_1")), - injected_resource_filename_2_(TestEnvironment::temporaryPath("injected_resource_2")), - file_updater_1_(injected_resource_filename_1_), - file_updater_2_(injected_resource_filename_2_) {} + conn_helper_(*dispatcher_), alarm_factory_(*dispatcher_, *conn_helper_.GetClock()) {} ~QuicHttpIntegrationTest() override { cleanupUpstreamAndDownstream(); @@ -117,7 +110,8 @@ class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVers *dispatcher_, // Use smaller window than the default one to have test coverage of client codec buffer // exceeding high watermark. - /*send_buffer_limit=*/2 * Http2::Utility::OptionsLimits::MIN_INITIAL_STREAM_WINDOW_SIZE); + /*send_buffer_limit=*/2 * Http2::Utility::OptionsLimits::MIN_INITIAL_STREAM_WINDOW_SIZE, + persistent_info.crypto_stream_factory_); return session; } @@ -144,42 +138,6 @@ class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVers } void initialize() override { - config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { - const std::string overload_config = - fmt::format(R"EOF( - refresh_interval: - seconds: 0 - nanos: 1000000 - resource_monitors: - - name: "envoy.resource_monitors.injected_resource_1" - typed_config: - "@type": type.googleapis.com/envoy.extensions.resource_monitors.injected_resource.v3.InjectedResourceConfig - filename: "{}" - - name: "envoy.resource_monitors.injected_resource_2" - typed_config: - "@type": type.googleapis.com/envoy.extensions.resource_monitors.injected_resource.v3.InjectedResourceConfig - filename: "{}" - actions: - - name: "envoy.overload_actions.stop_accepting_requests" - triggers: - - name: "envoy.resource_monitors.injected_resource_1" - threshold: - value: 0.95 - - name: "envoy.overload_actions.stop_accepting_connections" - triggers: - - name: "envoy.resource_monitors.injected_resource_1" - threshold: - value: 0.9 - - name: "envoy.overload_actions.disable_http_keepalive" - triggers: - - name: "envoy.resource_monitors.injected_resource_2" - threshold: - value: 0.8 - )EOF", - injected_resource_filename_1_, injected_resource_filename_2_); - *bootstrap.mutable_overload_manager() = - TestUtility::parseYaml(overload_config); - }); config_helper_.addConfigModifier( [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& hcm) { @@ -189,8 +147,6 @@ class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVers v3::HttpConnectionManager::HTTP3); }); - updateResource(file_updater_1_, 0); - updateResource(file_updater_2_, 0); HttpIntegrationTest::initialize(); // Latch quic_transport_socket_factory_ which is instantiated in initialize(). transport_socket_factory_ = @@ -270,10 +226,6 @@ class QuicHttpIntegrationTest : public HttpIntegrationTest, public QuicMultiVers CodecClientCallbacksForTest client_codec_callback_; Network::Address::InstanceConstSharedPtr server_addr_; EnvoyQuicClientConnection* quic_connection_{nullptr}; - const std::string injected_resource_filename_1_; - const std::string injected_resource_filename_2_; - AtomicFileUpdater file_updater_1_; - AtomicFileUpdater file_updater_2_; std::list designated_connection_ids_; Quic::QuicClientTransportSocketFactory* transport_socket_factory_{nullptr}; }; @@ -313,107 +265,23 @@ TEST_P(QuicHttpIntegrationTest, ZeroRtt) { ->EarlyDataAccepted()); // Close the second connection. codec_client_->close(); -} - -TEST_P(QuicHttpIntegrationTest, GetRequestAndResponseWithBody) { - initialize(); - sendRequestAndVerifyResponse(default_request_headers_, /*request_size=*/0, - default_response_headers_, /*response_size=*/1024, - /*backend_index*/ 0); -} - -TEST_P(QuicHttpIntegrationTest, PostRequestAndResponseWithBody) { - testRouterRequestAndResponseWithBody(1024, 512, false); -} - -TEST_P(QuicHttpIntegrationTest, PostRequestWithBigHeadersAndResponseWithBody) { - testRouterRequestAndResponseWithBody(1024, 512, true); -} - -TEST_P(QuicHttpIntegrationTest, RouterUpstreamDisconnectBeforeRequestcomplete) { - testRouterUpstreamDisconnectBeforeRequestComplete(); -} - -TEST_P(QuicHttpIntegrationTest, RouterUpstreamDisconnectBeforeResponseComplete) { - testRouterUpstreamDisconnectBeforeResponseComplete(); - EXPECT_EQ(Http::StreamResetReason::RemoteReset, client_codec_callback_.last_stream_reset_reason_); -} - -TEST_P(QuicHttpIntegrationTest, RouterDownstreamDisconnectBeforeRequestComplete) { - testRouterDownstreamDisconnectBeforeRequestComplete(); -} - -TEST_P(QuicHttpIntegrationTest, RouterDownstreamDisconnectBeforeResponseComplete) { - testRouterDownstreamDisconnectBeforeResponseComplete(); -} - -TEST_P(QuicHttpIntegrationTest, RouterUpstreamResponseBeforeRequestComplete) { - testRouterUpstreamResponseBeforeRequestComplete(); -} - -TEST_P(QuicHttpIntegrationTest, Retry) { testRetry(); } - -TEST_P(QuicHttpIntegrationTest, UpstreamReadDisabledOnGiantResponseBody) { - DISABLE_UNDER_TSAN_OR_COVERAGE; - config_helper_.addConfigModifier(ConfigHelper::adjustUpstreamTimeoutForTsan); - config_helper_.setBufferLimits(/*upstream_buffer_limit=*/1024, /*downstream_buffer_limit=*/1024); - testRouterRequestAndResponseWithBody(/*request_size=*/512, /*response_size=*/10 * 1024 * 1024, - false, false, nullptr, - TSAN_TIMEOUT_FACTOR * TestUtility::DefaultTimeout); -} - -TEST_P(QuicHttpIntegrationTest, DownstreamReadDisabledOnGiantPost) { - DISABLE_UNDER_TSAN_OR_COVERAGE; - config_helper_.addConfigModifier(ConfigHelper::adjustUpstreamTimeoutForTsan); - config_helper_.setBufferLimits(/*upstream_buffer_limit=*/1024, /*downstream_buffer_limit=*/1024); - testRouterRequestAndResponseWithBody(/*request_size=*/10 * 1024 * 1024, /*response_size=*/1024, - false); -} - -TEST_P(QuicHttpIntegrationTest, LargeFlowControlOnAndGiantBody) { - DISABLE_UNDER_TSAN_OR_COVERAGE; - config_helper_.addConfigModifier(ConfigHelper::adjustUpstreamTimeoutForTsan); - config_helper_.setBufferLimits(/*upstream_buffer_limit=*/128 * 1024, - /*downstream_buffer_limit=*/128 * 1024); - testRouterRequestAndResponseWithBody(/*request_size=*/10 * 1024 * 1024, - /*response_size=*/10 * 1024 * 1024, false, false, nullptr, - TSAN_TIMEOUT_FACTOR * TestUtility::DefaultTimeout); -} - -// Tests that a connection idle times out after 1s and starts delayed close. -TEST_P(QuicHttpIntegrationTest, TestDelayedConnectionTeardownTimeoutTrigger) { - config_helper_.addFilter("{ name: encoder-decoder-buffer-filter, typed_config: { \"@type\": " - "type.googleapis.com/google.protobuf.Empty } }"); - config_helper_.setBufferLimits(1024, 1024); - config_helper_.addConfigModifier( - [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& - hcm) { - // 200ms. - hcm.mutable_delayed_close_timeout()->set_nanos(200000000); - hcm.mutable_drain_timeout()->set_seconds(1); - hcm.mutable_common_http_protocol_options()->mutable_idle_timeout()->set_seconds(1); - }); - - initialize(); - - codec_client_ = makeHttpConnection(lookupPort("http")); - - auto encoder_decoder = - codec_client_->startRequest(Http::TestRequestHeaderMapImpl{{":method", "POST"}, - {":path", "/test/long/url"}, - {":scheme", "http"}, - {":authority", "host"}}); - request_encoder_ = &encoder_decoder.first; - auto response = std::move(encoder_decoder.second); - - codec_client_->sendData(*request_encoder_, 1024 * 65, false); - - ASSERT_TRUE(response->waitForEndStream()); - // The delayed close timeout should trigger since client is not closing the connection. - EXPECT_TRUE(codec_client_->waitForDisconnect(std::chrono::milliseconds(5000))); - EXPECT_EQ(codec_client_->lastConnectionEvent(), Network::ConnectionEvent::RemoteClose); - EXPECT_EQ(test_server_->counter("http.config_test.downstream_cx_delayed_close_timeout")->value(), - 1); + if (GetParam().first == Network::Address::IpVersion::v4) { + test_server_->waitForCounterEq( + "listener.127.0.0.1_0.http3.downstream.rx.quic_connection_close_error_" + "code_QUIC_NO_ERROR", + 2u); + } else { + test_server_->waitForCounterEq("listener.[__1]_0.http3.downstream.rx.quic_connection_close_" + "error_code_QUIC_NO_ERROR", + 2u); + } + if (GetParam().second == QuicVersionType::GquicQuicCrypto) { + test_server_->waitForCounterEq("http3.quic_version_50", 2u); + } else if (GetParam().second == QuicVersionType::GquicTls) { + test_server_->waitForCounterEq("http3.quic_version_51", 2u); + } else { + test_server_->waitForCounterEq("http3.quic_version_rfc_v1", 2u); + } } // Ensure multiple quic connections work, regardless of platform BPF support @@ -478,77 +346,8 @@ TEST_P(QuicHttpIntegrationTest, PortMigration) { cleanupUpstreamAndDownstream(); } -TEST_P(QuicHttpIntegrationTest, StopAcceptingConnectionsWhenOverloaded) { - initialize(); - - // Put envoy in overloaded state and check that it doesn't accept the new client connection. - updateResource(file_updater_1_, 0.9); - test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", - 1); - codec_client_ = makeRawHttpConnection(makeClientConnection((lookupPort("http"))), absl::nullopt); - EXPECT_TRUE(codec_client_->disconnected()); - - // Reduce load a little to allow the connection to be accepted connection. - updateResource(file_updater_1_, 0.8); - test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_connections.active", - 0); - codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); - auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - waitForNextUpstreamRequest(0); - // Send response headers, but hold response body for now. - upstream_request_->encodeHeaders(default_response_headers_, /*end_stream=*/false); - - updateResource(file_updater_1_, 0.95); - test_server_->waitForGaugeEq("overload.envoy.overload_actions.stop_accepting_requests.active", 1); - // Existing request should be able to finish. - upstream_request_->encodeData(10, true); - ASSERT_TRUE(response->waitForEndStream()); - EXPECT_TRUE(response->complete()); - EXPECT_EQ("200", response->headers().getStatusValue()); - - // New request should be rejected. - auto response2 = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - ASSERT_TRUE(response2->waitForEndStream()); - EXPECT_EQ("503", response2->headers().getStatusValue()); - EXPECT_EQ("envoy overloaded", response2->body()); - codec_client_->close(); - - EXPECT_TRUE(makeRawHttpConnection(makeClientConnection((lookupPort("http"))), absl::nullopt) - ->disconnected()); -} - -TEST_P(QuicHttpIntegrationTest, NoNewStreamsWhenOverloaded) { - initialize(); - updateResource(file_updater_1_, 0.7); - - codec_client_ = makeHttpConnection(makeClientConnection((lookupPort("http")))); - - // Send a complete request and start a second. - auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - waitForNextUpstreamRequest(0); - upstream_request_->encodeHeaders(default_response_headers_, true); - ASSERT_TRUE(response->waitForEndStream()); - - auto response2 = codec_client_->makeHeaderOnlyRequest(default_request_headers_); - waitForNextUpstreamRequest(0); - - // Enable the disable-keepalive overload action. This should send a shutdown notice before - // encoding the headers. - updateResource(file_updater_2_, 0.9); - test_server_->waitForGaugeEq("overload.envoy.overload_actions.disable_http_keepalive.active", 1); - - upstream_request_->encodeHeaders(default_response_headers_, /*end_stream=*/false); - upstream_request_->encodeData(10, true); - - response2->waitForHeaders(); - EXPECT_TRUE(codec_client_->waitForDisconnect()); - - EXPECT_TRUE(codec_client_->sawGoAway()); - codec_client_->close(); -} - TEST_P(QuicHttpIntegrationTest, AdminDrainDrainsListeners) { - testAdminDrain(Http::CodecClient::Type::HTTP1); + testAdminDrain(Http::CodecType::HTTP1); } TEST_P(QuicHttpIntegrationTest, CertVerificationFailure) { @@ -566,18 +365,6 @@ TEST_P(QuicHttpIntegrationTest, CertVerificationFailure) { EXPECT_EQ(failure_reason, codec_client_->connection()->transportFailureReason()); } -TEST_P(QuicHttpIntegrationTest, RequestResponseWithTrailers) { - config_helper_.addConfigModifier(setEnableUpstreamTrailersHttp1()); - testTrailers(/*request_size=*/10, /*response_size=*/10, /*request_trailers_present=*/true, - /*response_trailers_present=*/true); -} - -// Multiple 1xx before the request completes. -TEST_P(QuicHttpIntegrationTest, EnvoyProxyingEarlyMultiple1xx) { - testEnvoyProxying1xx(/*continue_before_upstream_complete=*/true, /*with_encoder_filter=*/false, - /*with_multiple_1xx_headers=*/true); -} - // HTTP3 doesn't support 101 SwitchProtocol response code, the client should // reset the request. TEST_P(QuicHttpIntegrationTest, Reset101SwitchProtocolResponse) { @@ -604,6 +391,15 @@ TEST_P(QuicHttpIntegrationTest, Reset101SwitchProtocolResponse) { ASSERT_TRUE(response->waitForReset()); codec_client_->close(); EXPECT_FALSE(response->complete()); + + // Verify stream error counters are correctly incremented. + std::string counter_scope = GetParam().first == Network::Address::IpVersion::v4 + ? "listener.127.0.0.1_0.http3.downstream.rx." + : "listener.[__1]_0.http3.downstream.rx."; + std::string error_code = GetParam().second == QuicVersionType::Iquic + ? "quic_reset_stream_error_code_QUIC_STREAM_GENERAL_PROTOCOL_ERROR" + : "quic_reset_stream_error_code_QUIC_BAD_APPLICATION_PAYLOAD"; + test_server_->waitForCounterEq(absl::StrCat(counter_scope, error_code), 1U); } TEST_P(QuicHttpIntegrationTest, ResetRequestWithoutAuthorityHeader) { @@ -621,38 +417,5 @@ TEST_P(QuicHttpIntegrationTest, ResetRequestWithoutAuthorityHeader) { EXPECT_EQ("400", response->headers().getStatusValue()); } -TEST_P(QuicHttpIntegrationTest, MultipleSetCookieAndCookieHeaders) { - initialize(); - - codec_client_ = makeHttpConnection(lookupPort("http")); - auto encoder_decoder = - codec_client_->startRequest(Http::TestRequestHeaderMapImpl{{":method", "GET"}, - {":path", "/dynamo/url"}, - {":scheme", "http"}, - {":authority", "host"}, - {"cookie", "a=b"}, - {"cookie", "c=d"}}); - request_encoder_ = &encoder_decoder.first; - auto response = std::move(encoder_decoder.second); - codec_client_->sendData(*request_encoder_, 0, true); - waitForNextUpstreamRequest(); - if (Runtime::runtimeFeatureEnabled( - "envoy.reloadable_features.header_map_correctly_coalesce_cookies")) { - EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Cookie)[0]->value(), - "a=b; c=d"); - } - - upstream_request_->encodeHeaders(Http::TestResponseHeaderMapImpl{{":status", "200"}, - {"set-cookie", "foo"}, - {"set-cookie", "bar"}}, - true); - ASSERT_TRUE(response->waitForEndStream()); - EXPECT_TRUE(response->complete()); - const auto out = response->headers().get(Http::LowerCaseString("set-cookie")); - ASSERT_EQ(out.size(), 2); - ASSERT_EQ(out[0]->value().getStringView(), "foo"); - ASSERT_EQ(out[1]->value().getStringView(), "bar"); -} - } // namespace Quic } // namespace Envoy diff --git a/test/integration/quic_protocol_integration_test.cc b/test/integration/quic_protocol_integration_test.cc index 197eb3761c7f..94601c9356b7 100644 --- a/test/integration/quic_protocol_integration_test.cc +++ b/test/integration/quic_protocol_integration_test.cc @@ -5,27 +5,27 @@ namespace Envoy { // These will run with HTTP/3 downstream, and Http upstream. INSTANTIATE_TEST_SUITE_P(DownstreamProtocols, DownstreamProtocolIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP3}, {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP3}, {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); // These will run with HTTP/3 downstream, and Http and HTTP/2 upstream. INSTANTIATE_TEST_SUITE_P(DownstreamProtocols, ProtocolIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP3}, - {FakeHttpConnection::Type::HTTP1, FakeHttpConnection::Type::HTTP2})), + {Http::CodecType::HTTP3}, + {Http::CodecType::HTTP1, Http::CodecType::HTTP2})), HttpProtocolIntegrationTest::protocolTestParamsToString); // These will run with HTTP/1 and HTTP/2 downstream, and HTTP/3 upstream. INSTANTIATE_TEST_SUITE_P(UpstreamProtocols, DownstreamProtocolIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP3})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP3})), HttpProtocolIntegrationTest::protocolTestParamsToString); INSTANTIATE_TEST_SUITE_P(UpstreamProtocols, ProtocolIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1, Http::CodecClient::Type::HTTP2}, - {FakeHttpConnection::Type::HTTP3})), + {Http::CodecType::HTTP1, Http::CodecType::HTTP2}, + {Http::CodecType::HTTP3})), HttpProtocolIntegrationTest::protocolTestParamsToString); } // namespace Envoy diff --git a/test/integration/redirect_integration_test.cc b/test/integration/redirect_integration_test.cc index 4fac5f20765d..68f0193948a5 100644 --- a/test/integration/redirect_integration_test.cc +++ b/test/integration/redirect_integration_test.cc @@ -397,7 +397,7 @@ TEST_P(RedirectIntegrationTest, InternalRedirectCancelledDueToEarlyResponse) { upstream_request_->encodeHeaders(redirect_response_, true); ASSERT_TRUE(response->waitForEndStream()); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -405,7 +405,7 @@ TEST_P(RedirectIntegrationTest, InternalRedirectCancelledDueToEarlyResponse) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { codec_client_->close(); diff --git a/test/integration/rtds_integration_test.cc b/test/integration/rtds_integration_test.cc index 5114d1078849..114b24a67957 100644 --- a/test/integration/rtds_integration_test.cc +++ b/test/integration/rtds_integration_test.cc @@ -83,7 +83,7 @@ class RtdsIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public H public: RtdsIntegrationTest() : HttpIntegrationTest( - Http::CodecClient::Type::HTTP2, ipVersion(), + Http::CodecType::HTTP2, ipVersion(), tdsBootstrapConfig(sotwOrDelta() == Grpc::SotwOrDelta::Sotw ? "GRPC" : "DELTA_GRPC")) { use_lds_ = false; create_xds_upstream_ = true; @@ -96,7 +96,7 @@ class RtdsIntegrationTest : public Grpc::DeltaSotwIntegrationParamTest, public H // The tests infra expects the xDS server to be the second fake upstream, so // we need a dummy data plane cluster. setUpstreamCount(1); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); // Register admin port. registerTestServerPorts({}); diff --git a/test/integration/scoped_rds_integration_test.cc b/test/integration/scoped_rds_integration_test.cc index 0de02704c054..6daa40e230a8 100644 --- a/test/integration/scoped_rds_integration_test.cc +++ b/test/integration/scoped_rds_integration_test.cc @@ -6,8 +6,8 @@ #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/api_version.h" -#include "common/config/version_converter.h" +#include "source/common/config/api_version.h" +#include "source/common/config/version_converter.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -29,7 +29,7 @@ class ScopedRdsIntegrationTest : public HttpIntegrationTest, absl::flat_hash_map stream_by_resource_name_; }; - ScopedRdsIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()) {} + ScopedRdsIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()) {} ~ScopedRdsIntegrationTest() override { resetConnections(); } @@ -125,9 +125,9 @@ class ScopedRdsIntegrationTest : public HttpIntegrationTest, void createUpstreams() override { HttpIntegrationTest::createUpstreams(); // Create the SRDS upstream. - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); // Create the RDS upstream. - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void resetFakeUpstreamInfo(FakeUpstreamInfo* upstream_info) { @@ -552,7 +552,7 @@ route_configuration_name: {} http_connection_manager) { auto* filter = http_connection_manager.mutable_http_filters()->Add(); filter->set_name("filter.unknown"); - filter->set_is_optional("true"); + filter->set_is_optional(true); // keep router the last auto size = http_connection_manager.http_filters_size(); http_connection_manager.mutable_http_filters()->SwapElements(size - 2, size - 1); diff --git a/test/integration/sds_dynamic_integration_test.cc b/test/integration/sds_dynamic_integration_test.cc index 19b2636fcb5f..e29fc1e9cf4b 100644 --- a/test/integration/sds_dynamic_integration_test.cc +++ b/test/integration/sds_dynamic_integration_test.cc @@ -9,19 +9,19 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/service/secret/v3/sds.pb.h" -#include "common/config/api_version.h" -#include "common/event/dispatcher_impl.h" -#include "common/http/utility.h" -#include "common/network/connection_impl.h" -#include "common/network/utility.h" +#include "source/common/config/api_version.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/http/utility.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/utility.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/client_connection_factory_impl.h" +#include "source/common/quic/client_connection_factory_impl.h" #endif -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/config/integration/certs/clientcert_hash.h" @@ -82,14 +82,12 @@ class SdsDynamicIntegrationBaseTest : public Grpc::BaseGrpcClientIntegrationPara public testing::TestWithParam { public: SdsDynamicIntegrationBaseTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam().ip_version), - server_cert_("server_cert"), validation_secret_("validation_secret"), - client_cert_("client_cert"), test_quic_(GetParam().test_quic) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam().ip_version), + test_quic_(GetParam().test_quic) {} - SdsDynamicIntegrationBaseTest(Http::CodecClient::Type downstream_protocol, + SdsDynamicIntegrationBaseTest(Http::CodecType downstream_protocol, Network::Address::IpVersion version, const std::string& config) - : HttpIntegrationTest(downstream_protocol, version, config), server_cert_("server_cert"), - validation_secret_("validation_secret"), client_cert_("client_cert"), + : HttpIntegrationTest(downstream_protocol, version, config), test_quic_(GetParam().test_quic) {} Network::Address::IpVersion ipVersion() const override { return GetParam().ip_version; } @@ -116,9 +114,9 @@ class SdsDynamicIntegrationBaseTest : public Grpc::BaseGrpcClientIntegrationPara setGrpcService(*grpc_service, "sds_cluster", fake_upstreams_.back()->localAddress()); } - envoy::extensions::transport_sockets::tls::v3::Secret getServerSecret() { + envoy::extensions::transport_sockets::tls::v3::Secret getServerSecretRsa() { envoy::extensions::transport_sockets::tls::v3::Secret secret; - secret.set_name(server_cert_); + secret.set_name(server_cert_rsa_); auto* tls_certificate = secret.mutable_tls_certificate(); tls_certificate->mutable_certificate_chain()->set_filename( TestEnvironment::runfilesPath("test/config/integration/certs/servercert.pem")); @@ -181,9 +179,10 @@ class SdsDynamicIntegrationBaseTest : public Grpc::BaseGrpcClientIntegrationPara } } - const std::string server_cert_; - const std::string validation_secret_; - const std::string client_cert_; + const std::string server_cert_rsa_{"server_cert_rsa"}; + const std::string server_cert_ecdsa_{"server_cert_ecdsa"}; + const std::string validation_secret_{"validation_secret"}; + const std::string client_cert_{"client_cert"}; bool v3_resource_api_{false}; bool test_quic_; }; @@ -192,14 +191,13 @@ class SdsDynamicIntegrationBaseTest : public Grpc::BaseGrpcClientIntegrationPara class SdsDynamicDownstreamIntegrationTest : public SdsDynamicIntegrationBaseTest { public: SdsDynamicDownstreamIntegrationTest() - : SdsDynamicIntegrationBaseTest((GetParam().test_quic ? Http::CodecClient::Type::HTTP3 - : Http::CodecClient::Type::HTTP1), - GetParam().ip_version, - ConfigHelper::httpProxyConfig(GetParam().test_quic)) {} + : SdsDynamicIntegrationBaseTest( + (GetParam().test_quic ? Http::CodecType::HTTP3 : Http::CodecType::HTTP1), + GetParam().ip_version, ConfigHelper::httpProxyConfig(GetParam().test_quic)) {} void initialize() override { - ASSERT(test_quic_ ? downstream_protocol_ == Http::CodecClient::Type::HTTP3 - : downstream_protocol_ == Http::CodecClient::Type::HTTP1); + ASSERT(test_quic_ ? downstream_protocol_ == Http::CodecType::HTTP3 + : downstream_protocol_ == Http::CodecType::HTTP1); config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { config_helper_.configDownstreamTransportSocketWithTls( bootstrap, @@ -232,8 +230,40 @@ class SdsDynamicDownstreamIntegrationTest : public SdsDynamicIntegrationBaseTest validation_context->add_verify_certificate_hash(TEST_CLIENT_CERT_HASH); // Modify the listener ssl cert to use SDS from sds_cluster - auto* secret_config = common_tls_context.add_tls_certificate_sds_secret_configs(); - setUpSdsConfig(secret_config, "server_cert"); + auto* secret_config_rsa = common_tls_context.add_tls_certificate_sds_secret_configs(); + setUpSdsConfig(secret_config_rsa, server_cert_rsa_); + + // Add an additional SDS config for an EC cert (the base test has SDS config for an RSA cert). + // This is done via the filesystem instead of gRPC to simplify the test setup. + if (dual_cert_) { + auto* secret_config_ecdsa = common_tls_context.add_tls_certificate_sds_secret_configs(); + + secret_config_ecdsa->set_name(server_cert_ecdsa_); + auto* config_source = secret_config_ecdsa->mutable_sds_config(); + const std::string sds_template = + R"EOF( +--- +version_info: "0" +resources: +- "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret + name: "{}" + tls_certificate: + certificate_chain: + filename: "{}" + private_key: + filename: "{}" +)EOF"; + + const std::string sds_content = fmt::format( + sds_template, server_cert_ecdsa_, + TestEnvironment::runfilesPath("test/config/integration/certs/server_ecdsacert.pem"), + TestEnvironment::runfilesPath("test/config/integration/certs/server_ecdsakey.pem")); + + auto sds_path = + TestEnvironment::writeStringToFileForTest("server_cert_ecdsa.sds.yaml", sds_content); + config_source->set_path(sds_path); + config_source->set_resource_api_version(envoy::config::core::v3::ApiVersion::V3); + } } void createUpstreams() override { @@ -256,7 +286,7 @@ class SdsDynamicDownstreamIntegrationTest : public SdsDynamicIntegrationBaseTest Network::ClientConnectionPtr makeSslClientConnection() { int port = lookupPort("http"); - if (downstream_protocol_ <= Http::CodecClient::Type::HTTP2) { + if (downstream_protocol_ <= Http::CodecType::HTTP2) { Network::Address::InstanceConstSharedPtr address = getSslAddress(version_, port); return dispatcher_->createClientConnection( address, Network::Address::InstanceConstSharedPtr(), @@ -281,6 +311,7 @@ class SdsDynamicDownstreamIntegrationTest : public SdsDynamicIntegrationBaseTest protected: Network::TransportSocketFactoryPtr client_ssl_ctx_; + bool dual_cert_{false}; }; INSTANTIATE_TEST_SUITE_P(IpVersionsClientType, SdsDynamicDownstreamIntegrationTest, @@ -290,7 +321,7 @@ class SdsDynamicKeyRotationIntegrationTest : public SdsDynamicDownstreamIntegrat protected: envoy::extensions::transport_sockets::tls::v3::Secret getCurrentServerSecret() { envoy::extensions::transport_sockets::tls::v3::Secret secret; - secret.set_name(server_cert_); + secret.set_name(server_cert_rsa_); auto* tls_certificate = secret.mutable_tls_certificate(); tls_certificate->mutable_certificate_chain()->set_filename( TestEnvironment::temporaryPath("root/current/servercert.pem")); @@ -333,8 +364,8 @@ TEST_P(SdsDynamicKeyRotationIntegrationTest, BasicRotation) { TestEnvironment::temporaryPath("root/current")); waitForSdsUpdateStats(2); // The rotation is not a SDS attempt, so no change to these stats. - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_success")->value()); - EXPECT_EQ(0, test_server_->counter("sds.server_cert.update_rejected")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); // First request with server_ecdsa{cert,key}.pem. testRouterHeaderOnlyRequestAndResponse(&creator); @@ -365,11 +396,11 @@ TEST_P(SdsDynamicKeyRotationIntegrationTest, EmptyRotation) { // Rotate to an empty directory, this should fail. TestEnvironment::renameFile(TestEnvironment::temporaryPath("root/empty"), TestEnvironment::temporaryPath("root/current")); - test_server_->waitForCounterEq("sds.server_cert.key_rotation_failed", 1); + test_server_->waitForCounterEq("sds.server_cert_rsa.key_rotation_failed", 1); waitForSdsUpdateStats(1); // The rotation is not a SDS attempt, so no change to these stats. - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_success")->value()); - EXPECT_EQ(0, test_server_->counter("sds.server_cert.update_rejected")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); // Requests continue to work with key/cert pair. testRouterHeaderOnlyRequestAndResponse(&creator); @@ -380,18 +411,64 @@ TEST_P(SdsDynamicKeyRotationIntegrationTest, EmptyRotation) { TEST_P(SdsDynamicDownstreamIntegrationTest, BasicSuccess) { on_server_init_function_ = [this]() { createSdsStream(*(fake_upstreams_[1])); - sendSdsResponse(getServerSecret()); + sendSdsResponse(getServerSecretRsa()); + }; + initialize(); + + ConnectionCreationFunction creator = [&]() -> Network::ClientConnectionPtr { + return makeSslClientConnection(); + }; + testRouterHeaderOnlyRequestAndResponse(&creator); + + // Success + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); +} + +TEST_P(SdsDynamicDownstreamIntegrationTest, DualCert) { + on_server_init_function_ = [this]() { + createSdsStream(*(fake_upstreams_[1])); + sendSdsResponse(getServerSecretRsa()); }; + + dual_cert_ = true; initialize(); ConnectionCreationFunction creator = [&]() -> Network::ClientConnectionPtr { return makeSslClientConnection(); }; + + client_ssl_ctx_ = createClientSslTransportSocketFactory( + ClientSslTransportOptions() + .setTlsVersion(envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2) + .setCipherSuites({"ECDHE-ECDSA-AES128-GCM-SHA256"}), + context_manager_, *api_); + testRouterHeaderOnlyRequestAndResponse(&creator); + + cleanupUpstreamAndDownstream(); + client_ssl_ctx_ = createClientSslTransportSocketFactory( + ClientSslTransportOptions() + .setTlsVersion(envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2) + .setCipherSuites({"ECDHE-RSA-AES128-GCM-SHA256"}), + context_manager_, *api_); testRouterHeaderOnlyRequestAndResponse(&creator); // Success - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_success")->value()); - EXPECT_EQ(0, test_server_->counter("sds.server_cert.update_rejected")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_ecdsa.update_success")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_ecdsa.update_rejected")->value()); + + // QUIC ignores the `setTlsVersion` set above and always uses TLS 1.3, and TLS 1.3 ignores the + // `setCipherSuites`, so in the QUIC config, this test only uses one of the certs. + if (!test_quic_) { + EXPECT_EQ(1, + test_server_->counter(listenerStatPrefix("ssl.ciphers.ECDHE-RSA-AES128-GCM-SHA256")) + ->value()); + EXPECT_EQ(1, + test_server_->counter(listenerStatPrefix("ssl.ciphers.ECDHE-ECDSA-AES128-GCM-SHA256")) + ->value()); + } } // A test that SDS server send a bad secret for a static listener, @@ -400,7 +477,7 @@ TEST_P(SdsDynamicDownstreamIntegrationTest, BasicSuccess) { TEST_P(SdsDynamicDownstreamIntegrationTest, WrongSecretFirst) { on_server_init_function_ = [this]() { createSdsStream(*(fake_upstreams_[1])); - sendSdsResponse(getWrongSecret(server_cert_)); + sendSdsResponse(getWrongSecret(server_cert_rsa_)); }; initialize(); @@ -410,10 +487,10 @@ TEST_P(SdsDynamicDownstreamIntegrationTest, WrongSecretFirst) { codec_client_->connection()->close(Network::ConnectionCloseType::NoFlush); // Failure - EXPECT_EQ(0, test_server_->counter("sds.server_cert.update_success")->value()); - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_rejected")->value()); + EXPECT_EQ(0, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); - sendSdsResponse(getServerSecret()); + sendSdsResponse(getServerSecretRsa()); // Wait for sds update counter. waitForSdsUpdateStats(1); @@ -424,8 +501,8 @@ TEST_P(SdsDynamicDownstreamIntegrationTest, WrongSecretFirst) { testRouterHeaderOnlyRequestAndResponse(&creator); // Success - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_success")->value()); - EXPECT_EQ(1, test_server_->counter("sds.server_cert.update_rejected")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_success")->value()); + EXPECT_EQ(1, test_server_->counter("sds.server_cert_rsa.update_rejected")->value()); } class SdsDynamicDownstreamCertValidationContextTest : public SdsDynamicDownstreamIntegrationTest { @@ -643,7 +720,7 @@ class SdsDynamicUpstreamIntegrationTest : public SdsDynamicIntegrationBaseTest { void initialize() override { if (test_quic_) { upstream_tls_ = true; - setUpstreamProtocol(FakeHttpConnection::Type::HTTP3); + setUpstreamProtocol(Http::CodecType::HTTP3); } config_helper_.addConfigModifier([this](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { // add sds cluster first. @@ -746,7 +823,7 @@ TEST_P(SdsDynamicUpstreamIntegrationTest, WrongSecretFirst) { EXPECT_EQ("503", response->headers().getStatusValue()); // Wait for the raw TCP connection with bad credentials and close it. - if (upstreamProtocol() != FakeHttpConnection::Type::HTTP3) { + if (upstreamProtocol() != Http::CodecType::HTTP3) { FakeRawConnectionPtr fake_upstream_connection; ASSERT_TRUE(fake_upstreams_[0]->waitForRawConnection(fake_upstream_connection)); ASSERT_TRUE(fake_upstream_connection->waitForDisconnect()); @@ -831,11 +908,11 @@ class SdsCdsIntegrationTest : public SdsDynamicIntegrationBaseTest { void createUpstreams() override { // Static cluster. - addFakeUpstream(FakeHttpConnection::Type::HTTP1); + addFakeUpstream(Http::CodecType::HTTP1); // Cds Cluster. - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); // Sds Cluster. - addFakeUpstream(FakeHttpConnection::Type::HTTP2); + addFakeUpstream(Http::CodecType::HTTP2); } void sendCdsResponse() { diff --git a/test/integration/sds_generic_secret_integration_test.cc b/test/integration/sds_generic_secret_integration_test.cc index 9cf1019fc6dc..581870cab2c7 100644 --- a/test/integration/sds_generic_secret_integration_test.cc +++ b/test/integration/sds_generic_secret_integration_test.cc @@ -6,8 +6,8 @@ #include "envoy/secret/secret_provider.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/config/datasource.h" -#include "common/grpc/common.h" +#include "source/common/config/datasource.h" +#include "source/common/grpc/common.h" #include "test/extensions/filters/http/common/empty_http_filter_config.h" #include "test/integration/http_integration.h" @@ -90,7 +90,7 @@ class SdsGenericSecretIntegrationTest : public Grpc::GrpcClientIntegrationParamT public HttpIntegrationTest { public: SdsGenericSecretIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, ipVersion()), registration_(factory_) {} + : HttpIntegrationTest(Http::CodecType::HTTP1, ipVersion()), registration_(factory_) {} void initialize() override { config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { diff --git a/test/integration/sds_static_integration_test.cc b/test/integration/sds_static_integration_test.cc index 8e0be765e98f..47d19d59fa54 100644 --- a/test/integration/sds_static_integration_test.cc +++ b/test/integration/sds_static_integration_test.cc @@ -5,13 +5,12 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/stats/scope.h" -#include "common/common/thread.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/connection_impl.h" -#include "common/network/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/common/thread.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/connection_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/config/integration/certs/clientcert_hash.h" #include "test/integration/http_integration.h" @@ -35,8 +34,7 @@ class SdsStaticDownstreamIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - SdsStaticDownstreamIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + SdsStaticDownstreamIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { @@ -110,8 +108,7 @@ TEST_P(SdsStaticDownstreamIntegrationTest, RouterRequestAndResponseWithGiantBody class SdsStaticUpstreamIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - SdsStaticUpstreamIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + SdsStaticUpstreamIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void initialize() override { config_helper_.addConfigModifier([](envoy::config::bootstrap::v3::Bootstrap& bootstrap) { @@ -146,8 +143,7 @@ class SdsStaticUpstreamIntegrationTest : public testing::TestWithParamcomplete()); EXPECT_EQ("200", response->headers().getStatusValue()); server_gone_.WaitForNotification(); diff --git a/test/integration/server.h b/test/integration/server.h index d62e3f7dd5f4..1f6a2b95039a 100644 --- a/test/integration/server.h +++ b/test/integration/server.h @@ -11,16 +11,15 @@ #include "envoy/server/process_context.h" #include "envoy/stats/stats.h" -#include "common/common/assert.h" -#include "common/common/lock_guard.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/stats/allocator_impl.h" - -#include "server/drain_manager_impl.h" -#include "server/listener_hooks.h" -#include "server/options_impl.h" -#include "server/server.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/stats/allocator_impl.h" +#include "source/server/drain_manager_impl.h" +#include "source/server/listener_hooks.h" +#include "source/server/options_impl.h" +#include "source/server/server.h" #include "test/integration/server_stats.h" #include "test/integration/tcp_dump.h" @@ -442,27 +441,24 @@ class IntegrationTestServer : public Logger::Loggable, Buffer::WatermarkFactorySharedPtr watermark_factory, bool v2_bootstrap); void waitForCounterEq(const std::string& name, uint64_t value, - std::chrono::milliseconds timeout = std::chrono::milliseconds::zero(), + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout, Event::Dispatcher* dispatcher = nullptr) override { ASSERT_TRUE( TestUtility::waitForCounterEq(statStore(), name, value, time_system_, timeout, dispatcher)); } - void - waitForCounterGe(const std::string& name, uint64_t value, - std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()) override { + void waitForCounterGe(const std::string& name, uint64_t value, + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout) override { ASSERT_TRUE(TestUtility::waitForCounterGe(statStore(), name, value, time_system_, timeout)); } - void - waitForGaugeEq(const std::string& name, uint64_t value, - std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()) override { + void waitForGaugeEq(const std::string& name, uint64_t value, + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout) override { ASSERT_TRUE(TestUtility::waitForGaugeEq(statStore(), name, value, time_system_, timeout)); } - void - waitForGaugeGe(const std::string& name, uint64_t value, - std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()) override { + void waitForGaugeGe(const std::string& name, uint64_t value, + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout) override { ASSERT_TRUE(TestUtility::waitForGaugeGe(statStore(), name, value, time_system_, timeout)); } @@ -470,6 +466,13 @@ class IntegrationTestServer : public Logger::Loggable, notifyingStatsAllocator().waitForCounterExists(name); } + void waitUntilHistogramHasSamples( + const std::string& name, + std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()) override { + ASSERT_TRUE(TestUtility::waitUntilHistogramHasSamples(statStore(), name, time_system_, + server().dispatcher(), timeout)); + } + Stats::CounterSharedPtr counter(const std::string& name) override { // When using the thread local store, only counters() is thread safe. This also allows us // to test if a counter exists at all versus just defaulting to zero. @@ -486,6 +489,10 @@ class IntegrationTestServer : public Logger::Loggable, std::vector gauges() override { return statStore().gauges(); } + std::vector histograms() override { + return statStore().histograms(); + } + // ListenerHooks void onWorkerListenerAdded() override; void onWorkerListenerRemoved() override; diff --git a/test/integration/server_stats.h b/test/integration/server_stats.h index 6c169ed68dd4..66cb7e07e7d2 100644 --- a/test/integration/server_stats.h +++ b/test/integration/server_stats.h @@ -38,6 +38,14 @@ class IntegrationTestServerStats { */ virtual void waitForCounterExists(const std::string& name) PURE; + /** + * Wait until a histogram has samples. + * @param name histogram name. + */ + virtual void waitUntilHistogramHasSamples( + const std::string& name, + std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()) PURE; + /** * Wait for a gauge to >= a given value. * @param name gauge name. @@ -83,6 +91,11 @@ class IntegrationTestServerStats { * @return std::vector snapshot of server counters. */ virtual std::vector gauges() PURE; + + /** + * @return std::vector snapshot of server histograms. + */ + virtual std::vector histograms() PURE; }; } // namespace Envoy diff --git a/test/integration/socket_interface_integration_test.cc b/test/integration/socket_interface_integration_test.cc index 235867e57739..63a531a41575 100644 --- a/test/integration/socket_interface_integration_test.cc +++ b/test/integration/socket_interface_integration_test.cc @@ -1,6 +1,6 @@ -#include "common/buffer/buffer_impl.h" -#include "common/network/address_impl.h" -#include "common/network/socket_interface.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/socket_interface.h" #include "test/integration/integration.h" #include "test/test_common/environment.h" diff --git a/test/integration/socket_interface_swap.cc b/test/integration/socket_interface_swap.cc new file mode 100644 index 000000000000..521153817a25 --- /dev/null +++ b/test/integration/socket_interface_swap.cc @@ -0,0 +1,30 @@ +#include "test/integration/socket_interface_swap.h" + +namespace Envoy { + +SocketInterfaceSwap::SocketInterfaceSwap() { + Envoy::Network::SocketInterfaceSingleton::clear(); + test_socket_interface_loader_ = std::make_unique( + std::make_unique( + [writev_matcher = writev_matcher_](Envoy::Network::TestIoSocketHandle* io_handle, + const Buffer::RawSlice*, + uint64_t) -> absl::optional { + if (writev_matcher->shouldReturnEgain(io_handle)) { + return Api::IoCallUint64Result( + 0, Api::IoErrorPtr(Network::IoSocketError::getIoSocketEagainInstance(), + Network::IoSocketError::deleteIoError)); + } + return absl::nullopt; + })); +} + +void SocketInterfaceSwap::IoHandleMatcher::setResumeWrites() { + absl::MutexLock lock(&mutex_); + mutex_.Await(absl::Condition( + +[](Network::TestIoSocketHandle** matched_iohandle) { return *matched_iohandle != nullptr; }, + &matched_iohandle_)); + writev_returns_egain_ = false; + matched_iohandle_->activateInDispatcherThread(Event::FileReadyType::Write); +} + +} // namespace Envoy diff --git a/test/integration/socket_interface_swap.h b/test/integration/socket_interface_swap.h new file mode 100644 index 000000000000..ee4f84db4765 --- /dev/null +++ b/test/integration/socket_interface_swap.h @@ -0,0 +1,73 @@ +#pragma once + +#include "source/common/network/socket_interface.h" + +#include "test/integration/filters/test_socket_interface.h" + +namespace Envoy { + +// Enables control at the socket level to stop and resume writes. +// Useful for tests want to temporarily stop Envoy from draining data. + +class SocketInterfaceSwap { +public: + // Object of this class hold the state determining the IoHandle which + // should return EAGAIN from the `writev` call. + struct IoHandleMatcher { + bool shouldReturnEgain(Envoy::Network::TestIoSocketHandle* io_handle) { + absl::MutexLock lock(&mutex_); + if (writev_returns_egain_ && (io_handle->localAddress()->ip()->port() == src_port_ || + io_handle->peerAddress()->ip()->port() == dst_port_)) { + ASSERT(matched_iohandle_ == nullptr || matched_iohandle_ == io_handle, + "Matched multiple io_handles, expected at most one to match."); + matched_iohandle_ = io_handle; + return true; + } + return false; + } + + // Source port to match. The port specified should be associated with a listener. + void setSourcePort(uint32_t port) { + absl::WriterMutexLock lock(&mutex_); + dst_port_ = 0; + src_port_ = port; + } + + // Destination port to match. The port specified should be associated with a listener. + void setDestinationPort(uint32_t port) { + absl::WriterMutexLock lock(&mutex_); + src_port_ = 0; + dst_port_ = port; + } + + void setWritevReturnsEgain() { + absl::WriterMutexLock lock(&mutex_); + ASSERT(src_port_ != 0 || dst_port_ != 0); + writev_returns_egain_ = true; + } + + void setResumeWrites(); + + private: + mutable absl::Mutex mutex_; + uint32_t src_port_ ABSL_GUARDED_BY(mutex_) = 0; + uint32_t dst_port_ ABSL_GUARDED_BY(mutex_) = 0; + bool writev_returns_egain_ ABSL_GUARDED_BY(mutex_) = false; + Network::TestIoSocketHandle* matched_iohandle_{}; + }; + + SocketInterfaceSwap(); + + ~SocketInterfaceSwap() { + test_socket_interface_loader_.reset(); + Envoy::Network::SocketInterfaceSingleton::initialize(previous_socket_interface_); + } + +protected: + Envoy::Network::SocketInterface* const previous_socket_interface_{ + Envoy::Network::SocketInterfaceSingleton::getExisting()}; + std::shared_ptr writev_matcher_{std::make_shared()}; + std::unique_ptr test_socket_interface_loader_; +}; + +} // namespace Envoy diff --git a/test/integration/ssl_utility.cc b/test/integration/ssl_utility.cc index 0cc1f7de4cfb..36b93b6f81bc 100644 --- a/test/integration/ssl_utility.cc +++ b/test/integration/ssl_utility.cc @@ -2,13 +2,12 @@ #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.h" -#include "common/http/utility.h" -#include "common/json/json_loader.h" -#include "common/network/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/http/utility.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/config/utility.h" #include "test/integration/server.h" diff --git a/test/integration/stats_integration_test.cc b/test/integration/stats_integration_test.cc index 7a6981a5d9a3..43ad25d1096a 100644 --- a/test/integration/stats_integration_test.cc +++ b/test/integration/stats_integration_test.cc @@ -5,8 +5,8 @@ #include "envoy/stats/scope.h" #include "envoy/stats/stats.h" -#include "common/config/well_known_names.h" -#include "common/memory/stats.h" +#include "source/common/config/well_known_names.h" +#include "source/common/memory/stats.h" #include "test/common/stats/stat_test_utility.h" #include "test/config/utility.h" diff --git a/test/integration/tcp_conn_pool_integration_test.cc b/test/integration/tcp_conn_pool_integration_test.cc index bf02e97f5ccf..faea32638e77 100644 --- a/test/integration/tcp_conn_pool_integration_test.cc +++ b/test/integration/tcp_conn_pool_integration_test.cc @@ -24,13 +24,13 @@ class TestFilter : public Network::ReadFilter { Network::FilterStatus onData(Buffer::Instance& data, bool end_stream) override { UNREFERENCED_PARAMETER(end_stream); - Tcp::ConnectionPool::Instance* pool = + absl::optional pool_data = cluster_manager_.getThreadLocalCluster("cluster_0") ->tcpConnPool(Upstream::ResourcePriority::Default, nullptr); - ASSERT(pool != nullptr); + ASSERT(pool_data.has_value()); requests_.emplace_back(*this, data); - pool->newConnection(requests_.back()); + pool_data.value().newConnection(requests_.back()); ASSERT(data.length() == 0); return Network::FilterStatus::StopIteration; @@ -47,7 +47,7 @@ class TestFilter : public Network::ReadFilter { Request(TestFilter& parent, Buffer::Instance& data) : parent_(parent) { data_.move(data); } // Tcp::ConnectionPool::Callbacks - void onPoolFailure(ConnectionPool::PoolFailureReason, + void onPoolFailure(ConnectionPool::PoolFailureReason, absl::string_view, Upstream::HostDescriptionConstSharedPtr) override { ASSERT(false); } diff --git a/test/integration/tcp_dump.cc b/test/integration/tcp_dump.cc index b8d7c8486156..bd31e60606ee 100644 --- a/test/integration/tcp_dump.cc +++ b/test/integration/tcp_dump.cc @@ -7,8 +7,8 @@ #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" namespace Envoy { diff --git a/test/integration/tcp_proxy_integration_test.cc b/test/integration/tcp_proxy_integration_test.cc index 8cb605c65ba3..687b6ab9241a 100644 --- a/test/integration/tcp_proxy_integration_test.cc +++ b/test/integration/tcp_proxy_integration_test.cc @@ -9,11 +9,10 @@ #include "envoy/extensions/access_loggers/file/v3/file.pb.h" #include "envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.pb.h" -#include "common/config/api_version.h" -#include "common/network/utility.h" - -#include "extensions/filters/network/common/factory_base.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/config/api_version.h" +#include "source/common/network/utility.h" +#include "source/extensions/filters/network/common/factory_base.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/integration/ssl_utility.h" #include "test/integration/tcp_proxy_integration_test.pb.h" @@ -114,7 +113,7 @@ TEST_P(TcpProxyIntegrationTest, TcpProxyUpstreamWritesFirst) { // Test TLS upstream. TEST_P(TcpProxyIntegrationTest, TcpProxyUpstreamTls) { upstream_tls_ = true; - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); config_helper_.configureUpstreamTls(); initialize(); IntegrationTcpClientPtr tcp_client = makeTcpConnection(lookupPort("tcp_proxy")); @@ -1469,7 +1468,7 @@ TEST_P(MysqlIntegrationTest, Preconnect) { testPreconnect(); } TEST_P(MysqlIntegrationTest, PreconnectWithTls) { upstream_tls_ = true; - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); config_helper_.configureUpstreamTls(); testPreconnect(); } diff --git a/test/integration/tcp_tunneling_integration_test.cc b/test/integration/tcp_tunneling_integration_test.cc index 42d70385524e..c6aae7bef4ba 100644 --- a/test/integration/tcp_tunneling_integration_test.cc +++ b/test/integration/tcp_tunneling_integration_test.cc @@ -16,8 +16,7 @@ class ConnectTerminationIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - ConnectTerminationIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) { + ConnectTerminationIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) { enableHalfClose(true); } @@ -226,7 +225,7 @@ TEST_P(ConnectTerminationIntegrationTest, BasicMaxStreamDuration) { test_server_->waitForCounterGe("cluster.cluster_0.upstream_rq_max_duration_reached", 1); - if (downstream_protocol_ == Http::CodecClient::Type::HTTP1) { + if (downstream_protocol_ == Http::CodecType::HTTP1) { ASSERT_TRUE(codec_client_->waitForDisconnect()); } else { ASSERT_TRUE(response_->waitForReset()); @@ -274,7 +273,7 @@ TEST_P(ProxyingConnectIntegrationTest, ProxyConnect) { RELEASE_ASSERT(result, result.message()); ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Method)[0]->value(), "CONNECT"); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { EXPECT_TRUE(upstream_request_->headers().get(Http::Headers::get().Protocol).empty()); } else { EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Protocol)[0]->value(), @@ -322,7 +321,7 @@ TEST_P(ProxyingConnectIntegrationTest, ProxyConnectWithPortStrippingLegacy) { ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); EXPECT_EQ(upstream_request_->headers().getMethodValue(), "CONNECT"); EXPECT_EQ(upstream_request_->headers().getHostValue(), "host:80"); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { EXPECT_TRUE(upstream_request_->headers().get(Http::Headers::get().Protocol).empty()); } else { EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Protocol)[0]->value(), @@ -376,7 +375,7 @@ TEST_P(ProxyingConnectIntegrationTest, ProxyConnectWithPortStripping) { ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); EXPECT_EQ(upstream_request_->headers().getMethodValue(), "CONNECT"); EXPECT_EQ(upstream_request_->headers().getHostValue(), "host:80"); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { EXPECT_TRUE(upstream_request_->headers().getProtocolValue().empty()); } else { EXPECT_EQ(upstream_request_->headers().getProtocolValue(), "bytestream"); @@ -421,7 +420,7 @@ TEST_P(ProxyingConnectIntegrationTest, ProxyConnectWithIP) { RELEASE_ASSERT(result, result.message()); ASSERT_TRUE(upstream_request_->waitForHeadersComplete()); EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Method)[0]->value(), "CONNECT"); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { EXPECT_TRUE(upstream_request_->headers().get(Http::Headers::get().Protocol).empty()); } else { EXPECT_EQ(upstream_request_->headers().get(Http::Headers::get().Protocol)[0]->value(), @@ -442,26 +441,26 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, ConnectTerminationIntegrationTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); -using Params = std::tuple; +using Params = std::tuple; // Tunneling downstream TCP over an upstream HTTP CONNECT tunnel. class TcpTunnelingIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: TcpTunnelingIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, std::get<0>(GetParam())) {} + : HttpIntegrationTest(Http::CodecType::HTTP2, std::get<0>(GetParam())) {} static std::string paramsToString(const testing::TestParamInfo& p) { return fmt::format( "{}_{}_{}", std::get<0>(p.param) == Network::Address::IpVersion::v4 ? "IPv4" : "IPv6", - std::get<1>(p.param) == FakeHttpConnection::Type::HTTP1 ? "HTTP1Upstream" : "HTTP2Upstream", + std::get<1>(p.param) == Http::CodecType::HTTP1 ? "HTTP1Upstream" : "HTTP2Upstream", std::get<2>(p.param) ? "WaitConnectResponse" : "DoNotWaitConnectResponse"); } void SetUp() override { wait_for_connect_response_ = std::get<2>(GetParam()); enableHalfClose(true); - setDownstreamProtocol(Http::CodecClient::Type::HTTP2); + setDownstreamProtocol(Http::CodecType::HTTP2); setUpstreamProtocol(std::get<1>(GetParam())); if (wait_for_connect_response_) { @@ -519,7 +518,7 @@ TEST_P(TcpTunnelingIntegrationTest, Basic) { ASSERT_TRUE(tcp_client->write("hello", false)); tcp_client->close(); ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, 5)); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForEndStream(*dispatcher_)); @@ -574,7 +573,7 @@ TEST_P(TcpTunnelingIntegrationTest, BasicUsePost) { ASSERT_TRUE(tcp_client->write("hello", false)); tcp_client->close(); ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, 5)); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForEndStream(*dispatcher_)); @@ -596,7 +595,7 @@ TEST_P(TcpTunnelingIntegrationTest, InvalidResponseHeaders) { // upstream gets a stream reset. default_response_headers_.setStatus(enumToInt(Http::Code::ServiceUnavailable)); upstream_request_->encodeHeaders(default_response_headers_, false); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -625,13 +624,13 @@ TEST_P(TcpTunnelingIntegrationTest, CloseUpstreamFirst) { // Send data from upstream to downstream with an end stream and make sure the data is received // before the connection is half-closed. upstream_request_->encodeData(12, true); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->close()); } ASSERT_TRUE(tcp_client->waitForData(12)); tcp_client->waitForHalfClose(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); tcp_client->close(); } else { @@ -647,7 +646,7 @@ TEST_P(TcpTunnelingIntegrationTest, CloseUpstreamFirst) { } TEST_P(TcpTunnelingIntegrationTest, ResetStreamTest) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { return; } enableHalfClose(false); @@ -696,7 +695,7 @@ TEST_P(TcpTunnelingIntegrationTest, TestIdletimeoutWithLargeOutstandingData) { upstream_request_->encodeData(data, false); tcp_client->waitForDisconnect(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); tcp_client->close(); } else { @@ -719,7 +718,7 @@ TEST_P(TcpTunnelingIntegrationTest, TcpProxyDownstreamFlush) { upstream_request_->encodeHeaders(default_response_headers_, false); tcp_client->readDisable(true); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(tcp_client->write("hello", false)); ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, 5)); @@ -739,7 +738,7 @@ TEST_P(TcpTunnelingIntegrationTest, TcpProxyDownstreamFlush) { tcp_client->readDisable(false); tcp_client->waitForData(data); tcp_client->waitForHalfClose(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { tcp_client->close(); } } @@ -765,7 +764,7 @@ TEST_P(TcpTunnelingIntegrationTest, TcpProxyUpstreamFlush) { ASSERT_TRUE(tcp_client->waitForData(5)); ASSERT_TRUE(tcp_client->write(data, true)); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { tcp_client->close(); upstream_request_->readDisable(false); @@ -785,7 +784,7 @@ TEST_P(TcpTunnelingIntegrationTest, TcpProxyUpstreamFlush) { // Test that h2 connection is reused. TEST_P(TcpTunnelingIntegrationTest, H2ConnectionReuse) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { return; } initialize(); @@ -831,7 +830,7 @@ TEST_P(TcpTunnelingIntegrationTest, H2ConnectionReuse) { // Test that with HTTP1 we have no connection reuse with downstream close. TEST_P(TcpTunnelingIntegrationTest, H1NoConnectionReuse) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() == Http::CodecType::HTTP2) { return; } initialize(); @@ -872,7 +871,7 @@ TEST_P(TcpTunnelingIntegrationTest, H1NoConnectionReuse) { // Test that with HTTP1 we have no connection with upstream close. TEST_P(TcpTunnelingIntegrationTest, H1UpstreamCloseNoConnectionReuse) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() == Http::CodecType::HTTP2) { return; } initialize(); @@ -916,7 +915,7 @@ TEST_P(TcpTunnelingIntegrationTest, H1UpstreamCloseNoConnectionReuse) { } TEST_P(TcpTunnelingIntegrationTest, 2xxStatusCodeValidHttp1) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() == Http::CodecType::HTTP2) { return; } initialize(); @@ -946,7 +945,7 @@ TEST_P(TcpTunnelingIntegrationTest, 2xxStatusCodeValidHttp1) { } TEST_P(TcpTunnelingIntegrationTest, ContentLengthHeaderIgnoredHttp1) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() == Http::CodecType::HTTP2) { return; } initialize(); @@ -975,7 +974,7 @@ TEST_P(TcpTunnelingIntegrationTest, ContentLengthHeaderIgnoredHttp1) { } TEST_P(TcpTunnelingIntegrationTest, TransferEncodingHeaderIgnoredHttp1) { - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (upstreamProtocol() == Http::CodecType::HTTP2) { return; } initialize(); @@ -1029,7 +1028,7 @@ TEST_P(TcpTunnelingIntegrationTest, DeferTransmitDataUntilSuccessConnectResponse ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, 5)); tcp_client->close(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForEndStream(*dispatcher_)); @@ -1061,7 +1060,7 @@ TEST_P(TcpTunnelingIntegrationTest, NoDataTransmittedIfConnectFailureResponseIsR ASSERT_FALSE(upstream_request_->waitForData(*dispatcher_, 1, std::chrono::milliseconds(100))); tcp_client->close(); - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(fake_upstream_connection_->waitForDisconnect()); } else { ASSERT_TRUE(upstream_request_->waitForReset()); @@ -1086,8 +1085,7 @@ TEST_P(TcpTunnelingIntegrationTest, UpstreamDisconnectBeforeResponseReceived) { INSTANTIATE_TEST_SUITE_P( IpAndHttpVersions, TcpTunnelingIntegrationTest, ::testing::Combine(testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), - testing::Values(FakeHttpConnection::Type::HTTP1, - FakeHttpConnection::Type::HTTP2), + testing::Values(Http::CodecType::HTTP1, Http::CodecType::HTTP2), testing::Values(false, true)), TcpTunnelingIntegrationTest::paramsToString); diff --git a/test/integration/tracked_watermark_buffer.cc b/test/integration/tracked_watermark_buffer.cc index e67acf088f3a..61c74f79ac75 100644 --- a/test/integration/tracked_watermark_buffer.cc +++ b/test/integration/tracked_watermark_buffer.cc @@ -1,5 +1,11 @@ #include "test/integration/tracked_watermark_buffer.h" +#include "envoy/thread/thread.h" +#include "envoy/thread_local/thread_local.h" +#include "envoy/thread_local/thread_local_object.h" + +#include "source/common/common/assert.h" + namespace Envoy { namespace Buffer { @@ -18,18 +24,52 @@ TrackedWatermarkBufferFactory::create(std::function below_low_watermark, return std::make_unique( [this, &buffer_info](uint64_t current_size) { absl::MutexLock lock(&mutex_); + total_buffer_size_ = total_buffer_size_ + current_size - buffer_info.current_size_; if (buffer_info.max_size_ < current_size) { buffer_info.max_size_ = current_size; } + buffer_info.current_size_ = current_size; + + checkIfExpectedBalancesMet(); }, [this, &buffer_info](uint32_t watermark) { absl::MutexLock lock(&mutex_); buffer_info.watermark_ = watermark; }, - [this]() { + [this, &buffer_info](TrackedWatermarkBuffer* buffer) { absl::MutexLock lock(&mutex_); ASSERT(active_buffer_count_ > 0); --active_buffer_count_; + total_buffer_size_ -= buffer_info.current_size_; + buffer_info.current_size_ = 0; + + // Remove bound account tracking. + auto account = buffer->getAccountForTest(); + if (account) { + auto& set = account_infos_[account]; + RELEASE_ASSERT(set.erase(buffer) == 1, "Expected to remove buffer from account_infos."); + RELEASE_ASSERT(actively_bound_buffers_.erase(buffer) == 1, + "Did not find buffer in actively_bound_buffers_."); + // Erase account entry if there are no active bound buffers, and + // there's no other pointers to the account besides the local account + // pointer and within the map. + // + // It's possible for an account to no longer be bound to a buffer in + // the case that the H2 stream completes, but the data hasn't flushed + // at TCP. + if (set.empty() && account.use_count() == 2) { + RELEASE_ASSERT(account_infos_.erase(account) == 1, + "Expected to remove account from account_infos."); + } + } + }, + [this](BufferMemoryAccountSharedPtr& account, TrackedWatermarkBuffer* buffer) { + absl::MutexLock lock(&mutex_); + // Only track non-null accounts. + if (account) { + account_infos_[account].emplace(buffer); + actively_bound_buffers_.emplace(buffer); + } }, below_low_watermark, above_high_watermark, above_overflow_watermark); } @@ -44,6 +84,11 @@ uint64_t TrackedWatermarkBufferFactory::numBuffersActive() const { return active_buffer_count_; } +uint64_t TrackedWatermarkBufferFactory::totalBufferSize() const { + absl::MutexLock lock(&mutex_); + return total_buffer_size_; +} + uint64_t TrackedWatermarkBufferFactory::maxBufferSize() const { absl::MutexLock lock(&mutex_); uint64_t val = 0; @@ -94,5 +139,107 @@ std::pair TrackedWatermarkBufferFactory::highWatermarkRange( return std::make_pair(min_watermark, max_watermark); } +bool TrackedWatermarkBufferFactory::waitUntilTotalBufferedExceeds( + uint64_t byte_size, std::chrono::milliseconds timeout) { + absl::MutexLock lock(&mutex_); + auto predicate = [this, byte_size]() ABSL_SHARED_LOCKS_REQUIRED(mutex_) { + mutex_.AssertHeld(); + return total_buffer_size_ >= byte_size; + }; + return mutex_.AwaitWithTimeout(absl::Condition(&predicate), absl::Milliseconds(timeout.count())); +} + +void TrackedWatermarkBufferFactory::removeDanglingAccounts() { + auto accounts_it = account_infos_.begin(); + while (accounts_it != account_infos_.end()) { + auto next = std::next(accounts_it); + + // Remove all "dangling" accounts. + if (accounts_it->first.use_count() == 1) { + ASSERT(accounts_it->second.empty()); + account_infos_.erase(accounts_it); + } + + accounts_it = next; + } +} + +void TrackedWatermarkBufferFactory::inspectAccounts( + std::function func, Server::Instance& server) { + absl::Notification done_notification; + ThreadLocal::TypedSlotPtr<> slot; + Envoy::Thread::ThreadId main_tid; + + server.dispatcher().post([&] { + slot = ThreadLocal::TypedSlot<>::makeUnique(server.threadLocal()); + slot->set( + [](Envoy::Event::Dispatcher&) -> std::shared_ptr { + return nullptr; + }); + + main_tid = server.api().threadFactory().currentThreadId(); + + slot->runOnAllThreads( + [main_tid, &server, &func, this](OptRef) { + // Run on the worker thread. + if (server.api().threadFactory().currentThreadId() != main_tid) { + absl::MutexLock lock(&(this->mutex_)); + func(this->account_infos_); + } + }, + [&slot, &done_notification] { + slot.reset(nullptr); + done_notification.Notify(); + }); + }); + + done_notification.WaitForNotification(); +} + +void TrackedWatermarkBufferFactory::setExpectedAccountBalance(uint64_t byte_size_per_account, + uint32_t num_accounts) { + absl::MutexLock lock(&mutex_); + ASSERT(!expected_balances_.has_value()); + expected_balances_.emplace(byte_size_per_account, num_accounts); +} + +bool TrackedWatermarkBufferFactory::waitForExpectedAccountBalanceWithTimeout( + std::chrono::milliseconds timeout) { + return expected_balances_met_.WaitForNotificationWithTimeout(absl::FromChrono(timeout)); +} + +bool TrackedWatermarkBufferFactory::waitUntilExpectedNumberOfAccountsAndBoundBuffers( + uint32_t num_accounts, uint32_t num_bound_buffers, std::chrono::milliseconds timeout) { + absl::MutexLock lock(&mutex_); + auto predicate = [this, num_accounts, num_bound_buffers]() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_) { + mutex_.AssertHeld(); + removeDanglingAccounts(); + return num_bound_buffers == actively_bound_buffers_.size() && + num_accounts == account_infos_.size(); + }; + return mutex_.AwaitWithTimeout(absl::Condition(&predicate), absl::FromChrono(timeout)); +} + +void TrackedWatermarkBufferFactory::checkIfExpectedBalancesMet() { + if (!expected_balances_ || expected_balances_met_.HasBeenNotified()) { + return; + } + + removeDanglingAccounts(); + + if (account_infos_.size() == expected_balances_->num_accounts_) { + // This is thread safe since this function should run on the only Envoy worker + // thread. + for (auto& acc : account_infos_) { + if (static_cast(acc.first.get())->balance() < + expected_balances_->balance_per_account_) { + return; + } + } + + expected_balances_met_.Notify(); + } +} + } // namespace Buffer } // namespace Envoy diff --git a/test/integration/tracked_watermark_buffer.h b/test/integration/tracked_watermark_buffer.h index 64d8473dbf10..b3402d3c643b 100644 --- a/test/integration/tracked_watermark_buffer.h +++ b/test/integration/tracked_watermark_buffer.h @@ -1,9 +1,16 @@ #pragma once -#include "common/buffer/watermark_buffer.h" +#include "envoy/buffer/buffer.h" +#include "envoy/server/instance.h" + +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/watermark_buffer.h" + +#include "test/test_common/utility.h" #include "absl/container/node_hash_map.h" #include "absl/synchronization/mutex.h" +#include "absl/synchronization/notification.h" namespace Envoy { namespace Buffer { @@ -11,31 +18,44 @@ namespace Buffer { // WatermarkBuffer subclass that hooks into updates to buffer size and buffer high watermark config. class TrackedWatermarkBuffer : public Buffer::WatermarkBuffer { public: - TrackedWatermarkBuffer(std::function update_max_size, - std::function update_high_watermark, - std::function on_delete, std::function below_low_watermark, - std::function above_high_watermark, - std::function above_overflow_watermark) + TrackedWatermarkBuffer( + std::function update_size, + std::function update_high_watermark, + std::function on_delete, + std::function on_bind, + std::function below_low_watermark, std::function above_high_watermark, + std::function above_overflow_watermark) : WatermarkBuffer(below_low_watermark, above_high_watermark, above_overflow_watermark), - update_max_size_(update_max_size), update_high_watermark_(update_high_watermark), - on_delete_(on_delete) {} - ~TrackedWatermarkBuffer() override { on_delete_(); } + update_size_(update_size), update_high_watermark_(update_high_watermark), + on_delete_(on_delete), on_bind_(on_bind) {} + ~TrackedWatermarkBuffer() override { on_delete_(this); } void setWatermarks(uint32_t watermark) override { update_high_watermark_(watermark); WatermarkBuffer::setWatermarks(watermark); } + void bindAccount(BufferMemoryAccountSharedPtr account) override { + on_bind_(account, this); + WatermarkBuffer::bindAccount(account); + } + protected: void checkHighAndOverflowWatermarks() override { - update_max_size_(length()); + update_size_(length()); WatermarkBuffer::checkHighAndOverflowWatermarks(); } + void checkLowWatermark() override { + update_size_(length()); + WatermarkBuffer::checkLowWatermark(); + } + private: - std::function update_max_size_; + std::function update_size_; std::function update_high_watermark_; - std::function on_delete_; + std::function on_delete_; + std::function on_bind_; }; // Factory that tracks how the created buffers are used. @@ -52,6 +72,8 @@ class TrackedWatermarkBufferFactory : public Buffer::WatermarkFactory { uint64_t numBuffersCreated() const; // Number of buffers still in use. uint64_t numBuffersActive() const; + // Total bytes buffered. + uint64_t totalBufferSize() const; // Size of the largest buffer. uint64_t maxBufferSize() const; // Sum of the max size of all known buffers. @@ -60,19 +82,84 @@ class TrackedWatermarkBufferFactory : public Buffer::WatermarkFactory { // functionality is disabled. std::pair highWatermarkRange() const; + // Total bytes currently buffered across all known buffers. + uint64_t totalBytesBuffered() const { + absl::MutexLock lock(&mutex_); + return total_buffer_size_; + } + + // Wait until total bytes buffered exceeds the a given size. + bool + waitUntilTotalBufferedExceeds(uint64_t byte_size, + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout); + + // Set the expected account balance, prior to sending requests. + // The test thread can then wait for this condition to be true. + // This is separated so that the test thread can spin up requests however it + // desires in between. + // + // The Envoy worker thread will notify the test thread once the condition is + // met. + void setExpectedAccountBalance(uint64_t byte_size_per_account, uint32_t num_accounts); + bool waitForExpectedAccountBalanceWithTimeout( + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout); + + // Wait for the expected number of accounts and number of bound buffers. + // + // Due to deferred deletion, it possible that the Envoy hasn't cleaned up on + // its end, but the stream has been completed. This avoids that by awaiting + // for the side effect of the deletion to have occurred. + bool waitUntilExpectedNumberOfAccountsAndBoundBuffers( + uint32_t num_accounts, uint32_t num_bound_buffers, + std::chrono::milliseconds timeout = TestUtility::DefaultTimeout); + + using AccountToBoundBuffersMap = + absl::flat_hash_map>; + void inspectAccounts(std::function func, + Server::Instance& server); + private: + // Remove "dangling" accounts; accounts where the account_info map is the only + // entity still pointing to the account. + void removeDanglingAccounts() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); + // Should only be executed on the Envoy's worker thread. Otherwise, we have a + // possible race condition. + void checkIfExpectedBalancesMet() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_); + struct BufferInfo { uint32_t watermark_ = 0; + uint64_t current_size_ = 0; uint64_t max_size_ = 0; }; + struct AccountBalanceExpectations { + AccountBalanceExpectations(uint64_t balance_per_account, uint32_t num_accounts) + : balance_per_account_(balance_per_account), num_accounts_(num_accounts) {} + + uint64_t balance_per_account_ = 0; + uint32_t num_accounts_ = 0; + }; + mutable absl::Mutex mutex_; // Id of the next buffer to create. uint64_t next_idx_ ABSL_GUARDED_BY(mutex_) = 0; // Number of buffers currently in existence. uint64_t active_buffer_count_ ABSL_GUARDED_BY(mutex_) = 0; + // total bytes buffered across all buffers. + uint64_t total_buffer_size_ ABSL_GUARDED_BY(mutex_) = 0; // Info about the buffer, by buffer idx. absl::node_hash_map buffer_infos_ ABSL_GUARDED_BY(mutex_); + // The expected balances for the accounts. If set, when a buffer updates its + // size, it also checks whether the expected_balances has been satisfied, and + // notifies waiters of expected_balances_met_. + absl::optional expected_balances_ ABSL_GUARDED_BY(mutex_); + absl::Notification expected_balances_met_; + // Map from accounts to buffers bound to that account. + AccountToBoundBuffersMap account_infos_ ABSL_GUARDED_BY(mutex_); + // Set of actively bound buffers. Used for asserting that buffers are bound + // only once. + absl::flat_hash_set actively_bound_buffers_ ABSL_GUARDED_BY(mutex_); }; } // namespace Buffer diff --git a/test/integration/tracked_watermark_buffer_test.cc b/test/integration/tracked_watermark_buffer_test.cc index 9d4eb6110d9e..c6579bfcddbc 100644 --- a/test/integration/tracked_watermark_buffer_test.cc +++ b/test/integration/tracked_watermark_buffer_test.cc @@ -1,6 +1,14 @@ +#include +#include + +#include "envoy/buffer/buffer.h" + +#include "source/common/buffer/buffer_impl.h" + #include "test/integration/tracked_watermark_buffer.h" #include "test/mocks/common.h" #include "test/test_common/test_runtime.h" +#include "test/test_common/thread_factory_for_test.h" #include "gtest/gtest.h" @@ -59,29 +67,31 @@ TEST_F(TrackedWatermarkBufferTest, BufferSizes) { auto buffer = factory_.create([]() {}, []() {}, []() {}); buffer->setWatermarks(100); auto buffer2 = factory_.create([]() {}, []() {}, []() {}); - EXPECT_EQ(2, factory_.numBuffersCreated()); EXPECT_EQ(2, factory_.numBuffersActive()); - // Add some bytes to the buffers, and verify max and sum(max). buffer->add("abcde"); buffer2->add("a"); EXPECT_EQ(5, factory_.maxBufferSize()); EXPECT_EQ(6, factory_.sumMaxBufferSizes()); + EXPECT_EQ(6, factory_.totalBytesBuffered()); // Add more bytes and drain the buffer. Verify that max is latched. buffer->add(std::string(1000, 'a')); EXPECT_TRUE(buffer->highWatermarkTriggered()); + EXPECT_EQ(1006, factory_.totalBytesBuffered()); buffer->drain(1005); EXPECT_EQ(0, buffer->length()); EXPECT_FALSE(buffer->highWatermarkTriggered()); EXPECT_EQ(1005, factory_.maxBufferSize()); EXPECT_EQ(1006, factory_.sumMaxBufferSizes()); + EXPECT_EQ(1, factory_.totalBytesBuffered()); buffer2->add("a"); EXPECT_EQ(1005, factory_.maxBufferSize()); EXPECT_EQ(1007, factory_.sumMaxBufferSizes()); + EXPECT_EQ(2, factory_.totalBytesBuffered()); // Verify cleanup tracking. buffer.reset(); @@ -90,12 +100,101 @@ TEST_F(TrackedWatermarkBufferTest, BufferSizes) { buffer2.reset(); EXPECT_EQ(2, factory_.numBuffersCreated()); EXPECT_EQ(0, factory_.numBuffersActive()); + // Bytes in deleted buffers are removed from the total. + EXPECT_EQ(0, factory_.totalBytesBuffered()); // Max sizes are remembered even after buffers are deleted. EXPECT_EQ(1005, factory_.maxBufferSize()); EXPECT_EQ(1007, factory_.sumMaxBufferSizes()); } +TEST_F(TrackedWatermarkBufferTest, WaitUntilTotalBufferedExceeds) { + auto buffer1 = factory_.create([]() {}, []() {}, []() {}); + auto buffer2 = factory_.create([]() {}, []() {}, []() {}); + auto buffer3 = factory_.create([]() {}, []() {}, []() {}); + + auto thread1 = Thread::threadFactoryForTest().createThread([&]() { buffer1->add("a"); }); + auto thread2 = Thread::threadFactoryForTest().createThread([&]() { buffer2->add("b"); }); + auto thread3 = Thread::threadFactoryForTest().createThread([&]() { buffer3->add("c"); }); + + factory_.waitUntilTotalBufferedExceeds(2, std::chrono::milliseconds(10000)); + thread1->join(); + thread2->join(); + thread3->join(); + + EXPECT_EQ(3, factory_.totalBytesBuffered()); + EXPECT_EQ(1, factory_.maxBufferSize()); +} + +TEST_F(TrackedWatermarkBufferTest, TracksNumberOfBuffersActivelyBound) { + auto buffer1 = factory_.create([]() {}, []() {}, []() {}); + auto buffer2 = factory_.create([]() {}, []() {}, []() {}); + auto buffer3 = factory_.create([]() {}, []() {}, []() {}); + BufferMemoryAccountSharedPtr account = std::make_shared(); + ASSERT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); + + buffer1->bindAccount(account); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 1)); + buffer2->bindAccount(account); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 2)); + buffer3->bindAccount(account); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 3)); + + // Release test access to the account. + account.reset(); + + buffer3.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 2)); + buffer2.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 1)); + buffer1.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); +} + +TEST_F(TrackedWatermarkBufferTest, TracksNumberOfAccountsActive) { + auto buffer1 = factory_.create([]() {}, []() {}, []() {}); + auto buffer2 = factory_.create([]() {}, []() {}, []() {}); + auto buffer3 = factory_.create([]() {}, []() {}, []() {}); + BufferMemoryAccountSharedPtr account1 = std::make_shared(); + ASSERT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); + + buffer1->bindAccount(account1); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 1)); + buffer2->bindAccount(account1); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 2)); + + // Release test access to the account. + account1.reset(); + + buffer3->bindAccount(std::make_shared()); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(2, 3)); + + buffer2.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(2, 2)); + buffer1.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(1, 1)); + + buffer3.reset(); + EXPECT_TRUE(factory_.waitUntilExpectedNumberOfAccountsAndBoundBuffers(0, 0)); +} + +TEST_F(TrackedWatermarkBufferTest, WaitForExpectedAccountBalanceShouldReturnTrueWhenConditionsMet) { + auto buffer1 = factory_.create([]() {}, []() {}, []() {}); + auto buffer2 = factory_.create([]() {}, []() {}, []() {}); + BufferMemoryAccountSharedPtr account1 = std::make_shared(); + BufferMemoryAccountSharedPtr account2 = std::make_shared(); + buffer1->bindAccount(account1); + buffer2->bindAccount(account2); + + factory_.setExpectedAccountBalance(4096, 2); + + buffer1->add("Need to wait on the other buffer to get data."); + EXPECT_FALSE(factory_.waitForExpectedAccountBalanceWithTimeout(std::chrono::seconds(0))); + + buffer2->add("Now we have expected balances!"); + EXPECT_TRUE(factory_.waitForExpectedAccountBalanceWithTimeout(std::chrono::seconds(0))); +} + } // namespace } // namespace Buffer } // namespace Envoy diff --git a/test/integration/transport_socket_match_integration_test.cc b/test/integration/transport_socket_match_integration_test.cc index 1bc92bae21f8..fe5fe47026df 100644 --- a/test/integration/transport_socket_match_integration_test.cc +++ b/test/integration/transport_socket_match_integration_test.cc @@ -13,8 +13,7 @@ namespace Envoy { class TransportSockeMatchIntegrationTest : public testing::Test, public HttpIntegrationTest { public: TransportSockeMatchIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, - TestEnvironment::getIpVersionsForTest().front(), + : HttpIntegrationTest(Http::CodecType::HTTP1, TestEnvironment::getIpVersionsForTest().front(), ConfigHelper::httpProxyConfig()) { autonomous_upstream_ = true; setUpstreamCount(num_hosts_); @@ -130,8 +129,8 @@ name: "tls_socket" } void SetUp() override { - setDownstreamProtocol(Http::CodecClient::Type::HTTP1); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP1); + setDownstreamProtocol(Http::CodecType::HTTP1); + setUpstreamProtocol(Http::CodecType::HTTP1); } const uint32_t num_hosts_{2}; diff --git a/test/integration/uds_integration_test.cc b/test/integration/uds_integration_test.cc index b6cef5449b52..11cfcd10efac 100644 --- a/test/integration/uds_integration_test.cc +++ b/test/integration/uds_integration_test.cc @@ -2,9 +2,9 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/event/dispatcher_impl.h" -#include "common/network/utility.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/network/utility.h" #include "test/test_common/network_utility.h" diff --git a/test/integration/uds_integration_test.h b/test/integration/uds_integration_test.h index 8d5675e16805..23df1ee7643f 100644 --- a/test/integration/uds_integration_test.h +++ b/test/integration/uds_integration_test.h @@ -4,8 +4,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/common/fmt.h" -#include "common/http/codec_client.h" +#include "source/common/common/fmt.h" +#include "source/common/http/codec_client.h" #include "test/integration/fake_upstream.h" #include "test/integration/http_integration.h" @@ -21,12 +21,12 @@ class UdsUpstreamIntegrationTest public HttpIntegrationTest { public: UdsUpstreamIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, std::get<0>(GetParam())), + : HttpIntegrationTest(Http::CodecType::HTTP1, std::get<0>(GetParam())), abstract_namespace_(std::get<1>(GetParam())) {} void createUpstreams() override { FakeUpstreamConfig config = upstreamConfig(); - config.upstream_protocol_ = FakeHttpConnection::Type::HTTP1; + config.upstream_protocol_ = Http::CodecType::HTTP1; auto uds_path = TestEnvironment::unixDomainSocketPath("udstest.1.sock", abstract_namespace_); fake_upstreams_.emplace_back(std::make_unique(uds_path, config)); @@ -60,7 +60,7 @@ class UdsListenerIntegrationTest public HttpIntegrationTest { public: UdsListenerIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, std::get<0>(GetParam())), + : HttpIntegrationTest(Http::CodecType::HTTP1, std::get<0>(GetParam())), abstract_namespace_(std::get<1>(GetParam())), mode_(std::get<2>(GetParam())) {} void initialize() override; diff --git a/test/integration/upstreams/BUILD b/test/integration/upstreams/BUILD index ddf032637408..238f2fa3d4f4 100644 --- a/test/integration/upstreams/BUILD +++ b/test/integration/upstreams/BUILD @@ -14,11 +14,11 @@ envoy_cc_library( "per_host_upstream_config.h", ], deps = [ - "//include/envoy/http:codes_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:codes_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:filter_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:assert_lib", "//source/common/http:header_map_lib", "//source/common/http:headers_lib", diff --git a/test/integration/upstreams/per_host_upstream_config.h b/test/integration/upstreams/per_host_upstream_config.h index bfa8ba595033..e649aa087a8f 100644 --- a/test/integration/upstreams/per_host_upstream_config.h +++ b/test/integration/upstreams/per_host_upstream_config.h @@ -7,11 +7,10 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/host_description.h" -#include "common/http/header_map_impl.h" -#include "common/router/router.h" -#include "common/router/upstream_request.h" - -#include "extensions/upstreams/http/http/upstream_request.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/router/router.h" +#include "source/common/router/upstream_request.h" +#include "source/extensions/upstreams/http/http/upstream_request.h" namespace Envoy { @@ -29,11 +28,12 @@ namespace { void addHeader(Envoy::Http::RequestHeaderMap& header_map, absl::string_view header_name, const envoy::config::core::v3::Metadata& metadata, absl::string_view key1, absl::string_view key2) { - if (auto filter_metadata = metadata.filter_metadata().find(key1); + if (auto filter_metadata = metadata.filter_metadata().find(std::string(key1)); filter_metadata != metadata.filter_metadata().end()) { const ProtobufWkt::Struct& data_struct = filter_metadata->second; const auto& fields = data_struct.fields(); - if (auto iter = fields.find(key2); iter != fields.end()) { + if (auto iter = fields.find(toStdStringView(key2)); // NOLINT(std::string_view) + iter != fields.end()) { if (iter->second.kind_case() == ProtobufWkt::Value::kStringValue) { header_map.setCopy(Envoy::Http::LowerCaseString(std::string(header_name)), iter->second.string_value()); diff --git a/test/integration/utility.cc b/test/integration/utility.cc index 7d99f7e4dcc8..abf19d24a643 100644 --- a/test/integration/utility.cc +++ b/test/integration/utility.cc @@ -9,20 +9,20 @@ #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.h" #include "envoy/network/connection.h" -#include "common/api/api_impl.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/config/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/http/http3/quic_client_connection_factory.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/config/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/http/http3/quic_client_connection_factory.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/upstream/upstream_impl.h" #ifdef ENVOY_ENABLE_QUIC -#include "common/quic/client_connection_factory_impl.h" +#include "source/common/quic/client_connection_factory_impl.h" #endif #include "test/common/upstream/utility.h" @@ -179,7 +179,7 @@ sendRequestAndWaitForResponse(Event::Dispatcher& dispatcher, const std::string& BufferingStreamDecoderPtr IntegrationUtil::makeSingleRequest(const Network::Address::InstanceConstSharedPtr& addr, const std::string& method, const std::string& url, - const std::string& body, Http::CodecClient::Type type, + const std::string& body, Http::CodecType type, const std::string& host, const std::string& content_type) { NiceMock mock_stats_store; NiceMock random; @@ -191,11 +191,10 @@ IntegrationUtil::makeSingleRequest(const Network::Address::InstanceConstSharedPt TestConnectionCallbacks connection_callbacks(*dispatcher); std::shared_ptr cluster{new NiceMock()}; Upstream::HostDescriptionConstSharedPtr host_description{Upstream::makeTestHostDescription( - cluster, - fmt::format("{}://127.0.0.1:80", (type == Http::CodecClient::Type::HTTP3 ? "udp" : "tcp")), + cluster, fmt::format("{}://127.0.0.1:80", (type == Http::CodecType::HTTP3 ? "udp" : "tcp")), time_system)}; - if (type <= Http::CodecClient::Type::HTTP2) { + if (type <= Http::CodecType::HTTP2) { Http::CodecClientProd client( type, dispatcher->createClientConnection(addr, Network::Address::InstanceConstSharedPtr(), @@ -210,9 +209,10 @@ IntegrationUtil::makeSingleRequest(const Network::Address::InstanceConstSharedPt Network::TransportSocketFactoryPtr transport_socket_factory = createQuicUpstreamTransportSocketFactory(api, mock_stats_store, manager, "spiffe://lyft.com/backend-team"); + quic::QuicConfig config; std::unique_ptr persistent_info; persistent_info = std::make_unique( - *dispatcher, *transport_socket_factory, time_system, addr); + *dispatcher, *transport_socket_factory, time_system, addr, config, 0); Network::Address::InstanceConstSharedPtr local_address; if (addr->ip()->version() == Network::Address::IpVersion::v4) { @@ -236,7 +236,7 @@ IntegrationUtil::makeSingleRequest(const Network::Address::InstanceConstSharedPt BufferingStreamDecoderPtr IntegrationUtil::makeSingleRequest(uint32_t port, const std::string& method, const std::string& url, - const std::string& body, Http::CodecClient::Type type, + const std::string& body, Http::CodecType type, Network::Address::IpVersion ip_version, const std::string& host, const std::string& content_type) { auto addr = Network::Utility::resolveUrl( diff --git a/test/integration/utility.h b/test/integration/utility.h index 2deaf8920370..8f7e36178c91 100644 --- a/test/integration/utility.h +++ b/test/integration/utility.h @@ -11,11 +11,11 @@ #include "envoy/network/filter.h" #include "envoy/server/factory_context.h" -#include "common/common/assert.h" -#include "common/common/dump_state_utils.h" -#include "common/common/utility.h" -#include "common/http/codec_client.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/dump_state_utils.h" +#include "source/common/common/utility.h" +#include "source/common/http/codec_client.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/test_common/printers.h" #include "test/test_common/test_time.h" @@ -168,7 +168,7 @@ class IntegrationUtil { */ static BufferingStreamDecoderPtr makeSingleRequest(const Network::Address::InstanceConstSharedPtr& addr, const std::string& method, - const std::string& url, const std::string& body, Http::CodecClient::Type type, + const std::string& url, const std::string& body, Http::CodecType type, const std::string& host = "host", const std::string& content_type = ""); /** @@ -184,11 +184,12 @@ class IntegrationUtil { * @return BufferingStreamDecoderPtr the complete request or a partial request if there was * remote early disconnection. */ - static BufferingStreamDecoderPtr - makeSingleRequest(uint32_t port, const std::string& method, const std::string& url, - const std::string& body, Http::CodecClient::Type type, - Network::Address::IpVersion ip_version, const std::string& host = "host", - const std::string& content_type = ""); + static BufferingStreamDecoderPtr makeSingleRequest(uint32_t port, const std::string& method, + const std::string& url, + const std::string& body, Http::CodecType type, + Network::Address::IpVersion ip_version, + const std::string& host = "host", + const std::string& content_type = ""); /** * Create transport socket factory for Quic upstream transport socket. diff --git a/test/integration/version_integration_test.cc b/test/integration/version_integration_test.cc index 4888f5c7ceef..67b376a83e52 100644 --- a/test/integration/version_integration_test.cc +++ b/test/integration/version_integration_test.cc @@ -9,7 +9,7 @@ namespace { class VersionIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - VersionIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + VersionIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} }; INSTANTIATE_TEST_SUITE_P(IpVersions, VersionIntegrationTest, diff --git a/test/integration/vhds_integration_test.cc b/test/integration/vhds_integration_test.cc index f310ded250f4..3af21e7945fe 100644 --- a/test/integration/vhds_integration_test.cc +++ b/test/integration/vhds_integration_test.cc @@ -3,9 +3,9 @@ #include "envoy/grpc/status.h" #include "envoy/stats/scope.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" #include "test/common/grpc/grpc_client_integration.h" #include "test/integration/http_integration.h" @@ -155,8 +155,7 @@ domains: [{}] class VhdsInitializationTest : public HttpIntegrationTest, public Grpc::GrpcClientIntegrationParamTest { public: - VhdsInitializationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), config()) { + VhdsInitializationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), config()) { use_lds_ = false; } @@ -169,8 +168,8 @@ class VhdsInitializationTest : public HttpIntegrationTest, // BaseIntegrationTest::createUpstreams() (which is part of initialize()). // Make sure this number matches the size of the 'clusters' repeated field in the bootstrap // config that you use! - setUpstreamCount(2); // the CDS cluster - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); // CDS uses gRPC uses HTTP2. + setUpstreamCount(2); // the CDS cluster + setUpstreamProtocol(Http::CodecType::HTTP2); // CDS uses gRPC uses HTTP2. // BaseIntegrationTest::initialize() does many things: // 1) It appends to fake_upstreams_ as many as you asked for via setUpstreamCount(). @@ -252,8 +251,7 @@ TEST_P(VhdsInitializationTest, InitializeVhdsAfterRdsHasBeenInitialized) { class VhdsIntegrationTest : public HttpIntegrationTest, public Grpc::GrpcClientIntegrationParamTest { public: - VhdsIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, ipVersion(), config()) { + VhdsIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, ipVersion(), config()) { use_lds_ = false; } @@ -291,8 +289,8 @@ class VhdsIntegrationTest : public HttpIntegrationTest, // BaseIntegrationTest::createUpstreams() (which is part of initialize()). // Make sure this number matches the size of the 'clusters' repeated field in the bootstrap // config that you use! - setUpstreamCount(2); // the CDS cluster - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); // CDS uses gRPC uses HTTP2. + setUpstreamCount(2); // the CDS cluster + setUpstreamProtocol(Http::CodecType::HTTP2); // CDS uses gRPC uses HTTP2. // BaseIntegrationTest::initialize() does many things: // 1) It appends to fake_upstreams_ as many as you asked for via setUpstreamCount(). diff --git a/test/integration/websocket_integration_test.cc b/test/integration/websocket_integration_test.cc index ef6cab3ed57c..c7159200ab9e 100644 --- a/test/integration/websocket_integration_test.cc +++ b/test/integration/websocket_integration_test.cc @@ -5,8 +5,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/utility.h" #include "test/integration/utility.h" #include "test/test_common/network_utility.h" @@ -117,7 +117,7 @@ ConfigHelper::HttpModifierFunction setRouteUsingWebsocket() { } void WebsocketIntegrationTest::initialize() { - if (upstreamProtocol() != FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() != Http::CodecType::HTTP1) { config_helper_.addConfigModifier( [&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void { ConfigHelper::HttpProtocolOptions protocol_options; @@ -128,7 +128,7 @@ void WebsocketIntegrationTest::initialize() { *bootstrap.mutable_static_resources()->mutable_clusters(0), protocol_options); }); } - if (downstreamProtocol() != Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() != Http::CodecType::HTTP1) { config_helper_.addConfigModifier( [&](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager& hcm) -> void { hcm.mutable_http2_protocol_options()->set_allow_connect(true); }); @@ -195,7 +195,7 @@ TEST_P(WebsocketIntegrationTest, WebSocketConnectionDownstreamDisconnect) { } TEST_P(WebsocketIntegrationTest, PortStrippingForHttp2) { - if (downstreamProtocol() != Http::CodecClient::Type::HTTP2) { + if (downstreamProtocol() != Http::CodecType::HTTP2) { return; } @@ -217,8 +217,8 @@ TEST_P(WebsocketIntegrationTest, PortStrippingForHttp2) { } TEST_P(WebsocketIntegrationTest, EarlyData) { - if (downstreamProtocol() == Http::CodecClient::Type::HTTP2 || - upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (downstreamProtocol() == Http::CodecType::HTTP2 || + upstreamProtocol() == Http::CodecType::HTTP2) { return; } config_helper_.addConfigModifier(setRouteUsingWebsocket()); @@ -255,7 +255,7 @@ TEST_P(WebsocketIntegrationTest, EarlyData) { auto upgrade_response_headers(upgradeResponseHeaders()); validateUpgradeResponseHeaders(response_->headers(), upgrade_response_headers); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { // For H2, the disconnect may result in the terminal data not being proxied. response_->waitForBodyData(5); } @@ -301,7 +301,7 @@ TEST_P(WebsocketIntegrationTest, NonWebsocketUpgrade) { performUpgrade(upgradeRequestHeaders("foo", 0), upgradeResponseHeaders("foo")); sendBidirectionalData(); codec_client_->sendData(*request_encoder_, "bye!", false); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { codec_client_->close(); } else { codec_client_->sendReset(*request_encoder_); @@ -331,7 +331,7 @@ TEST_P(WebsocketIntegrationTest, RouteSpecificUpgrade) { performUpgrade(upgradeRequestHeaders("foo", 0), upgradeResponseHeaders("foo")); sendBidirectionalData(); codec_client_->sendData(*request_encoder_, "bye!", false); - if (downstreamProtocol() == Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() == Http::CodecType::HTTP1) { codec_client_->close(); } else { codec_client_->sendReset(*request_encoder_); @@ -395,7 +395,7 @@ TEST_P(WebsocketIntegrationTest, WebsocketCustomFilterChain) { // Foo upgrades are configured without the buffer filter, so should explicitly // allow large payload. - if (downstreamProtocol() != Http::CodecClient::Type::HTTP2) { + if (downstreamProtocol() != Http::CodecType::HTTP2) { performUpgrade(upgradeRequestHeaders("foo"), upgradeResponseHeaders("foo")); codec_client_->sendData(*request_encoder_, large_req_str, false); ASSERT_TRUE(upstream_request_->waitForData(*dispatcher_, large_req_str)); @@ -407,8 +407,8 @@ TEST_P(WebsocketIntegrationTest, WebsocketCustomFilterChain) { } TEST_P(WebsocketIntegrationTest, BidirectionalChunkedData) { - if (downstreamProtocol() == Http::CodecClient::Type::HTTP2 || - upstreamProtocol() == FakeHttpConnection::Type::HTTP2) { + if (downstreamProtocol() == Http::CodecType::HTTP2 || + upstreamProtocol() == Http::CodecType::HTTP2) { return; } @@ -423,7 +423,7 @@ TEST_P(WebsocketIntegrationTest, BidirectionalChunkedData) { // With content-length not present, the HTTP codec will send the request with // transfer-encoding: chunked. - if (upstreamProtocol() == FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() == Http::CodecType::HTTP1) { ASSERT_TRUE(upstream_request_->headers().TransferEncoding() != nullptr); } diff --git a/test/integration/websocket_integration_test.h b/test/integration/websocket_integration_test.h index 1f3aa362ebf2..4e03ca44bd87 100644 --- a/test/integration/websocket_integration_test.h +++ b/test/integration/websocket_integration_test.h @@ -10,8 +10,8 @@ namespace Envoy { struct WebsocketProtocolTestParams { Network::Address::IpVersion version; - Http::CodecClient::Type downstream_protocol; - FakeHttpConnection::Type upstream_protocol; + Http::CodecType downstream_protocol; + Http::CodecType upstream_protocol; }; class WebsocketIntegrationTest : public HttpProtocolIntegrationTest { @@ -30,7 +30,7 @@ class WebsocketIntegrationTest : public HttpProtocolIntegrationTest { ABSL_MUST_USE_RESULT testing::AssertionResult waitForUpstreamDisconnectOrReset() { - if (upstreamProtocol() != FakeHttpConnection::Type::HTTP1) { + if (upstreamProtocol() != Http::CodecType::HTTP1) { return upstream_request_->waitForReset(); } else { return fake_upstream_connection_->waitForDisconnect(); @@ -39,7 +39,7 @@ class WebsocketIntegrationTest : public HttpProtocolIntegrationTest { void waitForClientDisconnectOrReset( Http::StreamResetReason reason = Http::StreamResetReason::RemoteReset) { - if (downstreamProtocol() != Http::CodecClient::Type::HTTP1) { + if (downstreamProtocol() != Http::CodecType::HTTP1) { ASSERT_TRUE(response_->waitForReset()); ASSERT_EQ(reason, response_->resetReason()); } else { diff --git a/test/integration/xds_integration_test.cc b/test/integration/xds_integration_test.cc index c5d316771966..114359d2bda3 100644 --- a/test/integration/xds_integration_test.cc +++ b/test/integration/xds_integration_test.cc @@ -1,7 +1,7 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/buffer/buffer_impl.h" +#include "source/common/buffer/buffer_impl.h" #include "test/integration/http_integration.h" #include "test/integration/http_protocol_integration.h" @@ -21,8 +21,8 @@ using testing::HasSubstr; class XdsIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - XdsIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP2, GetParam()) { - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + XdsIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP2, GetParam()) { + setUpstreamProtocol(Http::CodecType::HTTP2); } void createEnvoy() override { @@ -291,8 +291,7 @@ class LdsInplaceUpdateHttpIntegrationTest : public testing::TestWithParam, public HttpIntegrationTest { public: - LdsInplaceUpdateHttpIntegrationTest() - : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {} + LdsInplaceUpdateHttpIntegrationTest() : HttpIntegrationTest(Http::CodecType::HTTP1, GetParam()) {} void inplaceInitialize(bool add_default_filter_chain = false) { autonomous_upstream_ = true; @@ -533,7 +532,7 @@ using LdsIntegrationTest = HttpProtocolIntegrationTest; INSTANTIATE_TEST_SUITE_P(Protocols, LdsIntegrationTest, testing::ValuesIn(HttpProtocolIntegrationTest::getProtocolTestParams( - {Http::CodecClient::Type::HTTP1}, {FakeHttpConnection::Type::HTTP1})), + {Http::CodecType::HTTP1}, {Http::CodecType::HTTP1})), HttpProtocolIntegrationTest::protocolTestParamsToString); // Sample test making sure our config framework correctly reloads listeners. diff --git a/test/integration/xfcc_integration_test.cc b/test/integration/xfcc_integration_test.cc index 0df12253e728..19186660db21 100644 --- a/test/integration/xfcc_integration_test.cc +++ b/test/integration/xfcc_integration_test.cc @@ -8,13 +8,12 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" #include "envoy/stats/scope.h" -#include "common/event/dispatcher_impl.h" -#include "common/http/header_map_impl.h" -#include "common/network/utility.h" - -#include "extensions/transport_sockets/tls/context_config_impl.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/network/utility.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/test_common/network_utility.h" #include "test/test_common/printers.h" @@ -118,7 +117,7 @@ Network::ClientConnectionPtr XfccIntegrationTest::makeMtlsClientConnection() { } void XfccIntegrationTest::createUpstreams() { - addFakeUpstream(createUpstreamSslContext(), FakeHttpConnection::Type::HTTP1); + addFakeUpstream(createUpstreamSslContext(), Http::CodecType::HTTP1); } void XfccIntegrationTest::initialize() { diff --git a/test/integration/xfcc_integration_test.h b/test/integration/xfcc_integration_test.h index 6e4997f8b0dc..1057051b5685 100644 --- a/test/integration/xfcc_integration_test.h +++ b/test/integration/xfcc_integration_test.h @@ -37,7 +37,7 @@ class XfccIntegrationTest : public testing::TestWithParam -#include "common/buffer/buffer_impl.h" -#include "common/buffer/watermark_buffer.h" -#include "common/network/io_socket_error_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/buffer/watermark_buffer.h" +#include "source/common/network/io_socket_error_impl.h" #include "test/test_common/printers.h" #include "test/test_common/utility.h" diff --git a/test/mocks/common.h b/test/mocks/common.h index e4a4b37f6756..d313358e1fb9 100644 --- a/test/mocks/common.h +++ b/test/mocks/common.h @@ -7,7 +7,7 @@ #include "envoy/common/scope_tracker.h" #include "envoy/common/time.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "test/test_common/test_time.h" @@ -88,7 +88,7 @@ inline bool operator==(const StringViewSaver& saver, const char* str) { return saver.value() == str; } -class MockScopedTrackedObject : public ScopeTrackedObject { +class MockScopeTrackedObject : public ScopeTrackedObject { public: MOCK_METHOD(void, dumpState, (std::ostream&, int), (const)); }; diff --git a/test/mocks/compression/compressor/BUILD b/test/mocks/compression/compressor/BUILD index 855752e06a41..a4565c0fa688 100644 --- a/test/mocks/compression/compressor/BUILD +++ b/test/mocks/compression/compressor/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/compression/compressor:compressor_config_interface", - "//include/envoy/compression/compressor:compressor_interface", + "//envoy/compression/compressor:compressor_config_interface", + "//envoy/compression/compressor:compressor_interface", ], ) diff --git a/test/mocks/compression/decompressor/BUILD b/test/mocks/compression/decompressor/BUILD index 5e308cef1ded..23c012a13d7a 100644 --- a/test/mocks/compression/decompressor/BUILD +++ b/test/mocks/compression/decompressor/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/compression/decompressor:decompressor_config_interface", - "//include/envoy/compression/decompressor:decompressor_interface", + "//envoy/compression/decompressor:decompressor_config_interface", + "//envoy/compression/decompressor:decompressor_interface", ], ) diff --git a/test/mocks/config/BUILD b/test/mocks/config/BUILD index 9489eda5e187..198c6c06d293 100644 --- a/test/mocks/config/BUILD +++ b/test/mocks/config/BUILD @@ -13,9 +13,9 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/config:config_provider_manager_interface", - "//include/envoy/config:grpc_mux_interface", - "//include/envoy/config:subscription_interface", + "//envoy/config:config_provider_manager_interface", + "//envoy/config:grpc_mux_interface", + "//envoy/config:subscription_interface", "//source/common/common:callback_impl_lib", "//source/common/config:config_provider_lib", "//source/common/protobuf:utility_lib", diff --git a/test/mocks/config/mocks.h b/test/mocks/config/mocks.h index cf7574dc696a..ae12fa665c6d 100644 --- a/test/mocks/config/mocks.h +++ b/test/mocks/config/mocks.h @@ -8,9 +8,9 @@ #include "envoy/config/typed_config.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/common/callback_impl.h" -#include "common/config/config_provider_impl.h" -#include "common/protobuf/utility.h" +#include "source/common/common/callback_impl.h" +#include "source/common/config/config_provider_impl.h" +#include "source/common/protobuf/utility.h" #include "test/test_common/resources.h" #include "test/test_common/utility.h" diff --git a/test/mocks/event/BUILD b/test/mocks/event/BUILD index b7fd49f8c266..3ce542748b73 100644 --- a/test/mocks/event/BUILD +++ b/test/mocks/event/BUILD @@ -14,17 +14,17 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/event:deferred_deletable", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:file_event_interface", - "//include/envoy/event:scaled_range_timer_manager_interface", - "//include/envoy/event:signal_interface", - "//include/envoy/event:timer_interface", - "//include/envoy/network:connection_handler_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:dns_interface", - "//include/envoy/network:listener_interface", - "//include/envoy/ssl:context_interface", + "//envoy/event:deferred_deletable", + "//envoy/event:dispatcher_interface", + "//envoy/event:file_event_interface", + "//envoy/event:scaled_range_timer_manager_interface", + "//envoy/event:signal_interface", + "//envoy/event:timer_interface", + "//envoy/network:connection_handler_interface", + "//envoy/network:connection_interface", + "//envoy/network:dns_interface", + "//envoy/network:listener_interface", + "//envoy/ssl:context_interface", "//test/mocks/buffer:buffer_mocks", "//test/test_common:test_time_lib", ], @@ -34,6 +34,6 @@ envoy_cc_test_library( name = "wrapped_dispatcher", hdrs = ["wrapped_dispatcher.h"], deps = [ - "//include/envoy/event:dispatcher_interface", + "//envoy/event:dispatcher_interface", ], ) diff --git a/test/mocks/event/mocks.cc b/test/mocks/event/mocks.cc index ab47d2fc9b5e..0c64b69d9702 100644 --- a/test/mocks/event/mocks.cc +++ b/test/mocks/event/mocks.cc @@ -54,6 +54,13 @@ MockTimer::MockTimer(MockDispatcher* dispatcher) : MockTimer() { EXPECT_CALL(*dispatcher, createTimer_(_)) .WillOnce(DoAll(SaveArg<0>(&callback_), Return(this))) .RetiresOnSaturation(); + ON_CALL(*this, enableTimer(_, _)) + .WillByDefault(Invoke([&](const std::chrono::milliseconds&, const ScopeTrackedObject* scope) { + enabled_ = true; + scope_ = scope; + })); + ON_CALL(*this, disableTimer()).WillByDefault(Assign(&enabled_, false)); + ON_CALL(*this, enabled()).WillByDefault(ReturnPointee(&enabled_)); } MockTimer::~MockTimer() { diff --git a/test/mocks/event/mocks.h b/test/mocks/event/mocks.h index 36544bd2c1d2..7943db8e9db4 100644 --- a/test/mocks/event/mocks.h +++ b/test/mocks/event/mocks.h @@ -19,7 +19,7 @@ #include "envoy/network/transport_socket.h" #include "envoy/ssl/context.h" -#include "common/common/scope_tracker.h" +#include "source/common/common/scope_tracker.h" #include "test/mocks/buffer/mocks.h" #include "test/test_common/test_time.h" @@ -132,7 +132,7 @@ class MockDispatcher : public Dispatcher { const Network::ConnectionSocket::OptionsSharedPtr& options)); MOCK_METHOD(Network::DnsResolverSharedPtr, createDnsResolver, (const std::vector& resolvers, - const bool use_tcp_for_dns_lookups)); + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options)); MOCK_METHOD(FileEvent*, createFileEvent_, (os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, uint32_t events)); MOCK_METHOD(Filesystem::Watcher*, createFilesystemWatcher_, ()); diff --git a/test/mocks/event/wrapped_dispatcher.h b/test/mocks/event/wrapped_dispatcher.h index 776f0a5035ec..56f5270e05ab 100644 --- a/test/mocks/event/wrapped_dispatcher.h +++ b/test/mocks/event/wrapped_dispatcher.h @@ -50,10 +50,10 @@ class WrappedDispatcher : public Dispatcher { std::move(transport_socket), options); } - Network::DnsResolverSharedPtr - createDnsResolver(const std::vector& resolvers, - const bool use_tcp_for_dns_lookups) override { - return impl_.createDnsResolver(resolvers, use_tcp_for_dns_lookups); + Network::DnsResolverSharedPtr createDnsResolver( + const std::vector& resolvers, + const envoy::config::core::v3::DnsResolverOptions& dns_resolver_options) override { + return impl_.createDnsResolver(resolvers, dns_resolver_options); } FileEventPtr createFileEvent(os_fd_t fd, FileReadyCb cb, FileTriggerType trigger, diff --git a/test/mocks/filesystem/BUILD b/test/mocks/filesystem/BUILD index d4c58d07e808..afb733e838ec 100644 --- a/test/mocks/filesystem/BUILD +++ b/test/mocks/filesystem/BUILD @@ -13,8 +13,8 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/filesystem:filesystem_interface", - "//include/envoy/filesystem:watcher_interface", + "//envoy/filesystem:filesystem_interface", + "//envoy/filesystem:watcher_interface", "//source/common/common:thread_lib", ], ) diff --git a/test/mocks/filesystem/mocks.cc b/test/mocks/filesystem/mocks.cc index af5d9fcddc7c..9ce4201006d6 100644 --- a/test/mocks/filesystem/mocks.cc +++ b/test/mocks/filesystem/mocks.cc @@ -1,7 +1,7 @@ #include "test/mocks/filesystem/mocks.h" -#include "common/common/assert.h" -#include "common/common/lock_guard.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" namespace Envoy { namespace Filesystem { diff --git a/test/mocks/filesystem/mocks.h b/test/mocks/filesystem/mocks.h index 71e57f9307bc..982c0dfb73b7 100644 --- a/test/mocks/filesystem/mocks.h +++ b/test/mocks/filesystem/mocks.h @@ -6,7 +6,7 @@ #include "envoy/filesystem/filesystem.h" #include "envoy/filesystem/watcher.h" -#include "common/common/thread.h" +#include "source/common/common/thread.h" #include "gmock/gmock.h" diff --git a/test/mocks/grpc/BUILD b/test/mocks/grpc/BUILD index 972cba77fbe1..c61c03bf4f90 100644 --- a/test/mocks/grpc/BUILD +++ b/test/mocks/grpc/BUILD @@ -13,8 +13,8 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/grpc:async_client_interface", - "//include/envoy/grpc:async_client_manager_interface", + "//envoy/grpc:async_client_interface", + "//envoy/grpc:async_client_manager_interface", "//source/common/grpc:typed_async_client_lib", "//test/mocks/http:http_mocks", "//test/test_common:utility_lib", diff --git a/test/mocks/grpc/mocks.h b/test/mocks/grpc/mocks.h index 476ba677f945..8097d34f6af8 100644 --- a/test/mocks/grpc/mocks.h +++ b/test/mocks/grpc/mocks.h @@ -9,7 +9,7 @@ #include "envoy/grpc/async_client_manager.h" #include "envoy/stats/scope.h" -#include "common/grpc/typed_async_client.h" +#include "source/common/grpc/typed_async_client.h" #include "test/test_common/utility.h" diff --git a/test/mocks/http/BUILD b/test/mocks/http/BUILD index 8a8313f51e05..51c6c7f2fae1 100644 --- a/test/mocks/http/BUILD +++ b/test/mocks/http/BUILD @@ -9,12 +9,21 @@ licenses(["notice"]) # Apache 2 envoy_package() +envoy_cc_mock( + name = "alternate_protocols_cache_mocks", + srcs = ["alternate_protocols_cache.cc"], + hdrs = ["alternate_protocols_cache.h"], + deps = [ + "//envoy/http:alternate_protocols_cache_interface", + ], +) + envoy_cc_mock( name = "api_listener_mocks", srcs = ["api_listener.cc"], hdrs = ["api_listener.h"], deps = [ - "//include/envoy/http:api_listener_interface", + "//envoy/http:api_listener_interface", ], ) @@ -23,7 +32,7 @@ envoy_cc_mock( srcs = ["conn_pool.cc"], hdrs = ["conn_pool.h"], deps = [ - "//include/envoy/http:conn_pool_interface", + "//envoy/http:conn_pool_interface", "//test/mocks:common_lib", "//test/mocks/upstream:host_mocks", ], @@ -41,15 +50,15 @@ envoy_cc_mock( ":stream_decoder_mock", ":stream_encoder_mock", ":stream_mock", - "//include/envoy/access_log:access_log_interface", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/http:async_client_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/http:conn_pool_interface", - "//include/envoy/http:filter_interface", - "//include/envoy/ssl:connection_interface", - "//include/envoy/tracing:http_tracer_interface", + "//envoy/access_log:access_log_interface", + "//envoy/buffer:buffer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/http:async_client_interface", + "//envoy/http:codec_interface", + "//envoy/http:conn_pool_interface", + "//envoy/http:filter_interface", + "//envoy/ssl:connection_interface", + "//envoy/tracing:http_tracer_interface", "//source/common/http:conn_manager_config_interface", "//source/common/http:filter_manager_lib", "//source/common/http:header_map_lib", @@ -66,7 +75,7 @@ envoy_cc_mock( srcs = ["stream.cc"], hdrs = ["stream.h"], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", ], ) @@ -75,7 +84,7 @@ envoy_cc_mock( srcs = ["stream_decoder.cc"], hdrs = ["stream_decoder.h"], deps = [ - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", ], ) @@ -85,7 +94,7 @@ envoy_cc_mock( hdrs = ["stream_encoder.h"], deps = [ ":stream_mock", - "//include/envoy/http:codec_interface", + "//envoy/http:codec_interface", "//source/common/http:header_utility_lib", ], ) @@ -95,7 +104,7 @@ envoy_cc_test( srcs = ["mocks_test.cc"], deps = [ ":http_mocks", - "//include/envoy/http:header_map_interface", + "//envoy/http:header_map_interface", "//test/test_common:utility_lib", ], ) diff --git a/test/mocks/http/alternate_protocols_cache.cc b/test/mocks/http/alternate_protocols_cache.cc new file mode 100644 index 000000000000..27b2ad85da7f --- /dev/null +++ b/test/mocks/http/alternate_protocols_cache.cc @@ -0,0 +1,13 @@ +#include "test/mocks/http/alternate_protocols_cache.h" + +namespace Envoy { +namespace Http { + +MockAlternateProtocolsCache::~MockAlternateProtocolsCache() = default; + +MockAlternateProtocolsCacheManager::~MockAlternateProtocolsCacheManager() = default; + +MockAlternateProtocolsCacheManagerFactory::~MockAlternateProtocolsCacheManagerFactory() = default; + +} // namespace Http +} // namespace Envoy diff --git a/test/mocks/http/alternate_protocols_cache.h b/test/mocks/http/alternate_protocols_cache.h new file mode 100644 index 000000000000..2f1f28768573 --- /dev/null +++ b/test/mocks/http/alternate_protocols_cache.h @@ -0,0 +1,36 @@ +#pragma once +#include "envoy/http/alternate_protocols_cache.h" + +#include "gmock/gmock.h" + +namespace Envoy { +namespace Http { + +class MockAlternateProtocolsCache : public AlternateProtocolsCache { +public: + ~MockAlternateProtocolsCache() override; + + MOCK_METHOD(void, setAlternatives, + (const Origin& origin, const std::vector& protocols)); + MOCK_METHOD(OptRef>, findAlternatives, + (const Origin& origin)); + MOCK_METHOD(size_t, size, (), (const)); +}; + +class MockAlternateProtocolsCacheManager : public AlternateProtocolsCacheManager { +public: + ~MockAlternateProtocolsCacheManager() override; + + MOCK_METHOD(AlternateProtocolsCacheSharedPtr, getCache, + (const envoy::config::core::v3::AlternateProtocolsCacheOptions& config)); +}; + +class MockAlternateProtocolsCacheManagerFactory : public AlternateProtocolsCacheManagerFactory { +public: + ~MockAlternateProtocolsCacheManagerFactory() override; + + MOCK_METHOD(AlternateProtocolsCacheManagerSharedPtr, get, ()); +}; + +} // namespace Http +} // namespace Envoy diff --git a/test/mocks/http/conn_pool.h b/test/mocks/http/conn_pool.h index 97d22e6bd677..2f3d5b9352de 100644 --- a/test/mocks/http/conn_pool.h +++ b/test/mocks/http/conn_pool.h @@ -13,6 +13,15 @@ namespace Envoy { namespace Http { namespace ConnectionPool { +class MockCallbacks : public Callbacks { + MOCK_METHOD(void, onPoolFailure, + (PoolFailureReason reason, absl::string_view transport_failure_reason, + Upstream::HostDescriptionConstSharedPtr host)); + MOCK_METHOD(void, onPoolReady, + (RequestEncoder & encoder, Upstream::HostDescriptionConstSharedPtr host, + const StreamInfo::StreamInfo& info, absl::optional protocol)); +}; + class MockInstance : public Instance { public: MockInstance(); diff --git a/test/mocks/http/mocks.h b/test/mocks/http/mocks.h index 366170ba33b2..ea45b0b6044f 100644 --- a/test/mocks/http/mocks.h +++ b/test/mocks/http/mocks.h @@ -15,10 +15,10 @@ #include "envoy/matcher/matcher.h" #include "envoy/ssl/connection.h" -#include "common/http/conn_manager_config.h" -#include "common/http/filter_manager.h" -#include "common/http/header_map_impl.h" -#include "common/http/utility.h" +#include "source/common/http/conn_manager_config.h" +#include "source/common/http/filter_manager.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/utility.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" @@ -270,12 +270,13 @@ class MockStreamDecoderFilterCallbacks : public StreamDecoderFilterCallbacks, std::function modify_headers, const absl::optional grpc_status, absl::string_view details)); + MOCK_METHOD(Buffer::BufferMemoryAccountSharedPtr, account, (), (const)); Buffer::InstancePtr buffer_; std::list callbacks_{}; testing::NiceMock active_span_; testing::NiceMock tracing_config_; - testing::NiceMock scope_; + testing::NiceMock scope_; bool is_grpc_request_{}; bool is_head_request_{false}; bool stream_destroyed_{}; @@ -327,7 +328,7 @@ class MockStreamEncoderFilterCallbacks : public StreamEncoderFilterCallbacks, Buffer::InstancePtr buffer_; testing::NiceMock active_span_; testing::NiceMock tracing_config_; - testing::NiceMock scope_; + testing::NiceMock scope_; }; class MockStreamDecoderFilter : public StreamDecoderFilter { @@ -585,6 +586,7 @@ class MockConnectionManagerConfig : public ConnectionManagerConfig { MOCK_METHOD(const Http::Http1Settings&, http1Settings, (), (const)); MOCK_METHOD(bool, shouldNormalizePath, (), (const)); MOCK_METHOD(bool, shouldMergeSlashes, (), (const)); + MOCK_METHOD(bool, shouldStripTrailingHostDot, (), (const)); MOCK_METHOD(Http::StripPortType, stripPortType, (), (const)); MOCK_METHOD(envoy::config::core::v3::HttpProtocolOptions::HeadersWithUnderscoresAction, headersWithUnderscoresAction, (), (const)); diff --git a/test/mocks/http/stream.cc b/test/mocks/http/stream.cc index 25e8e14b2544..1a3d4e8bcae6 100644 --- a/test/mocks/http/stream.cc +++ b/test/mocks/http/stream.cc @@ -23,6 +23,10 @@ MockStream::MockStream() { })); ON_CALL(*this, connectionLocalAddress()).WillByDefault(ReturnRef(connection_local_address_)); + + ON_CALL(*this, setAccount(_)) + .WillByDefault(Invoke( + [this](Buffer::BufferMemoryAccountSharedPtr account) -> void { account_ = account; })); } MockStream::~MockStream() = default; diff --git a/test/mocks/http/stream.h b/test/mocks/http/stream.h index ce6579f13ad4..f456ade6fc96 100644 --- a/test/mocks/http/stream.h +++ b/test/mocks/http/stream.h @@ -21,9 +21,11 @@ class MockStream : public Stream { MOCK_METHOD(uint32_t, bufferLimit, ()); MOCK_METHOD(const Network::Address::InstanceConstSharedPtr&, connectionLocalAddress, ()); MOCK_METHOD(void, setFlushTimeout, (std::chrono::milliseconds timeout)); + MOCK_METHOD(void, setAccount, (Buffer::BufferMemoryAccountSharedPtr)); std::list callbacks_{}; Network::Address::InstanceConstSharedPtr connection_local_address_; + Buffer::BufferMemoryAccountSharedPtr account_; void runHighWatermarkCallbacks() { for (auto* callback : callbacks_) { diff --git a/test/mocks/http/stream_encoder.cc b/test/mocks/http/stream_encoder.cc index 5d872c64db15..f0fb89bcd66c 100644 --- a/test/mocks/http/stream_encoder.cc +++ b/test/mocks/http/stream_encoder.cc @@ -1,6 +1,6 @@ #include "test/mocks/http/stream_encoder.h" -#include "common/http/header_utility.h" +#include "source/common/http/header_utility.h" using testing::_; using testing::Invoke; @@ -17,7 +17,7 @@ MockRequestEncoder::MockRequestEncoder() { .WillByDefault(Invoke([](const RequestHeaderMap& headers, bool) -> Status { // Check to see that method is not-null. Path can be null for CONNECT and authority can be // null at the codec level. - ASSERT(HeaderUtility::checkRequiredHeaders(headers).ok()); + ASSERT(HeaderUtility::checkRequiredRequestHeaders(headers).ok()); return okStatus(); })); } diff --git a/test/mocks/http/stream_encoder.h b/test/mocks/http/stream_encoder.h index 3277fe1d8a80..8f783e69b283 100644 --- a/test/mocks/http/stream_encoder.h +++ b/test/mocks/http/stream_encoder.h @@ -2,7 +2,7 @@ #include "envoy/http/codec.h" -#include "common/http/status.h" +#include "source/common/http/status.h" #include "test/mocks/http/stream.h" diff --git a/test/mocks/init/BUILD b/test/mocks/init/BUILD index d2969531ecb6..fd433f677d44 100644 --- a/test/mocks/init/BUILD +++ b/test/mocks/init/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/init:manager_interface", + "//envoy/init:manager_interface", "//source/common/init:target_lib", "//source/common/init:watcher_lib", ], diff --git a/test/mocks/init/mocks.h b/test/mocks/init/mocks.h index fc997e4030c4..eaecf0d4c9f1 100644 --- a/test/mocks/init/mocks.h +++ b/test/mocks/init/mocks.h @@ -2,8 +2,8 @@ #include "envoy/init/manager.h" -#include "common/init/target_impl.h" -#include "common/init/watcher_impl.h" +#include "source/common/init/target_impl.h" +#include "source/common/init/watcher_impl.h" #include "absl/container/flat_hash_map.h" #include "gmock/gmock.h" diff --git a/test/mocks/local_info/BUILD b/test/mocks/local_info/BUILD index cab27ccb858e..3bfd32510c2d 100644 --- a/test/mocks/local_info/BUILD +++ b/test/mocks/local_info/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/local_info:local_info_interface", + "//envoy/local_info:local_info_interface", "//source/common/network:address_lib", "//test/common/stats:stat_test_utility_lib", "//test/mocks/config:config_mocks", diff --git a/test/mocks/local_info/mocks.cc b/test/mocks/local_info/mocks.cc index b719bad16b43..ff6a03502cfb 100644 --- a/test/mocks/local_info/mocks.cc +++ b/test/mocks/local_info/mocks.cc @@ -1,6 +1,6 @@ #include "mocks.h" -#include "common/network/address_impl.h" +#include "source/common/network/address_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/local_reply/mocks.h b/test/mocks/local_reply/mocks.h index 44676c92a074..390c20d76cf5 100644 --- a/test/mocks/local_reply/mocks.h +++ b/test/mocks/local_reply/mocks.h @@ -1,6 +1,6 @@ #pragma once -#include "common/local_reply/local_reply.h" +#include "source/common/local_reply/local_reply.h" #include "gmock/gmock.h" diff --git a/test/mocks/matcher/mocks.h b/test/mocks/matcher/mocks.h index 8a93f6b850f6..ab2aee120ed0 100644 --- a/test/mocks/matcher/mocks.h +++ b/test/mocks/matcher/mocks.h @@ -1,6 +1,6 @@ #pragma once -#include "common/matcher/matcher.h" +#include "source/common/matcher/matcher.h" #include "gmock/gmock.h" @@ -14,7 +14,7 @@ class MockMatchTreeValidationVisitor : public MatchTreeValidationVisitor&, absl::string_view)); + (const Matcher::DataInputFactory&, absl::string_view)); }; } // namespace Matcher diff --git a/test/mocks/network/BUILD b/test/mocks/network/BUILD index e37c3a4ec633..8bc9532c114d 100644 --- a/test/mocks/network/BUILD +++ b/test/mocks/network/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["connection.cc"], hdrs = ["connection.h"], deps = [ - "//include/envoy/network:connection_interface", + "//envoy/network:connection_interface", "//source/common/network:filter_manager_lib", "//test/mocks/event:event_mocks", "//test/mocks/stream_info:stream_info_mocks", @@ -25,8 +25,8 @@ envoy_cc_mock( srcs = ["io_handle.cc"], hdrs = ["io_handle.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/network:io_handle_interface", + "//envoy/event:dispatcher_interface", + "//envoy/network:io_handle_interface", "//source/common/buffer:buffer_lib", ], ) @@ -37,7 +37,7 @@ envoy_cc_mock( hdrs = ["socket.h"], deps = [ ":io_handle_mocks", - "//include/envoy/network:socket_interface", + "//envoy/network:socket_interface", ], ) @@ -48,13 +48,13 @@ envoy_cc_mock( deps = [ ":connection_mocks", ":transport_socket_mocks", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/network:connection_interface", - "//include/envoy/network:drain_decision_interface", - "//include/envoy/network:filter_interface", - "//include/envoy/network:resolver_interface", - "//include/envoy/network:transport_socket_interface", - "//include/envoy/server:listener_manager_interface", + "//envoy/buffer:buffer_interface", + "//envoy/network:connection_interface", + "//envoy/network:drain_decision_interface", + "//envoy/network:filter_interface", + "//envoy/network:resolver_interface", + "//envoy/network:transport_socket_interface", + "//envoy/server:listener_manager_interface", "//source/common/network:address_lib", "//source/common/network:utility_lib", "//source/common/stats:isolated_store_lib", @@ -71,7 +71,7 @@ envoy_cc_mock( srcs = ["transport_socket.cc"], hdrs = ["transport_socket.h"], deps = [ - "//include/envoy/network:transport_socket_interface", + "//envoy/network:transport_socket_interface", "//source/common/network:utility_lib", ], ) diff --git a/test/mocks/network/connection.h b/test/mocks/network/connection.h index 24fe1ee7a341..3ec78cb5d47b 100644 --- a/test/mocks/network/connection.h +++ b/test/mocks/network/connection.h @@ -5,7 +5,7 @@ #include "envoy/network/connection.h" -#include "common/network/filter_manager_impl.h" +#include "source/common/network/filter_manager_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/stream_info/mocks.h" diff --git a/test/mocks/network/mocks.cc b/test/mocks/network/mocks.cc index 5575eeb722bb..71a61eb674ee 100644 --- a/test/mocks/network/mocks.cc +++ b/test/mocks/network/mocks.cc @@ -5,10 +5,10 @@ #include "envoy/buffer/buffer.h" #include "envoy/server/listener_manager.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/utility.h" #include "test/test_common/printers.h" diff --git a/test/mocks/network/mocks.h b/test/mocks/network/mocks.h index c102194d4016..e22250f5e214 100644 --- a/test/mocks/network/mocks.h +++ b/test/mocks/network/mocks.h @@ -17,9 +17,9 @@ #include "envoy/network/transport_socket.h" #include "envoy/stats/scope.h" -#include "common/network/filter_manager_impl.h" -#include "common/network/socket_interface.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/network/filter_manager_impl.h" +#include "source/common/network/socket_interface.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/event/mocks.h" #include "test/mocks/network/connection.h" @@ -153,6 +153,7 @@ class MockUdpListenerCallbacks : public UdpListenerCallbacks { MOCK_METHOD(uint32_t, workerIndex, (), (const)); MOCK_METHOD(void, onDataWorker, (Network::UdpRecvData && data)); MOCK_METHOD(void, post, (Network::UdpRecvData && data)); + MOCK_METHOD(size_t, numPacketsExpectedPerEventLoop, (), (const)); }; class MockDrainDecision : public DrainDecision { @@ -586,5 +587,17 @@ class MockListenerFilterMatcher : public ListenerFilterMatcher { ~MockListenerFilterMatcher() override; MOCK_METHOD(bool, matches, (Network::ListenerFilterCallbacks & cb), (const)); }; + +class MockUdpPacketProcessor : public UdpPacketProcessor { +public: + MOCK_METHOD(void, processPacket, + (Address::InstanceConstSharedPtr local_address, + Address::InstanceConstSharedPtr peer_address, Buffer::InstancePtr buffer, + MonotonicTime receive_time)); + MOCK_METHOD(void, onDatagramsDropped, (uint32_t dropped)); + MOCK_METHOD(uint64_t, maxDatagramSize, (), (const)); + MOCK_METHOD(size_t, numPacketsExpectedPerEventLoop, (), (const)); +}; + } // namespace Network } // namespace Envoy diff --git a/test/mocks/protobuf/BUILD b/test/mocks/protobuf/BUILD index 67b4c15cd644..fd7416df7bfe 100644 --- a/test/mocks/protobuf/BUILD +++ b/test/mocks/protobuf/BUILD @@ -13,6 +13,6 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/protobuf:message_validator_interface", + "//envoy/protobuf:message_validator_interface", ], ) diff --git a/test/mocks/ratelimit/BUILD b/test/mocks/ratelimit/BUILD index db30620b1edd..a21994defdac 100644 --- a/test/mocks/ratelimit/BUILD +++ b/test/mocks/ratelimit/BUILD @@ -12,6 +12,6 @@ envoy_cc_mock( name = "ratelimit_mocks", hdrs = ["mocks.h"], deps = [ - "//include/envoy/ratelimit:ratelimit_interface", + "//envoy/ratelimit:ratelimit_interface", ], ) diff --git a/test/mocks/router/BUILD b/test/mocks/router/BUILD index 4bb335ea67a8..1cfbbf669bf7 100644 --- a/test/mocks/router/BUILD +++ b/test/mocks/router/BUILD @@ -13,19 +13,19 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/event:dispatcher_interface", - "//include/envoy/json:json_object_interface", - "//include/envoy/local_info:local_info_interface", - "//include/envoy/router:route_config_provider_manager_interface", - "//include/envoy/router:router_interface", - "//include/envoy/router:router_ratelimit_interface", - "//include/envoy/router:scopes_interface", - "//include/envoy/router:shadow_writer_interface", - "//include/envoy/runtime:runtime_interface", - "//include/envoy/stats:stats_interface", - "//include/envoy/stream_info:stream_info_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/event:dispatcher_interface", + "//envoy/json:json_object_interface", + "//envoy/local_info:local_info_interface", + "//envoy/router:route_config_provider_manager_interface", + "//envoy/router:router_interface", + "//envoy/router:router_ratelimit_interface", + "//envoy/router:scopes_interface", + "//envoy/router:shadow_writer_interface", + "//envoy/runtime:runtime_interface", + "//envoy/stats:stats_interface", + "//envoy/stream_info:stream_info_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//test/mocks:common_lib", "//test/mocks/stats:stats_mocks", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", diff --git a/test/mocks/router/mocks.h b/test/mocks/router/mocks.h index aa06b6e0a662..141c3934886a 100644 --- a/test/mocks/router/mocks.h +++ b/test/mocks/router/mocks.h @@ -29,7 +29,7 @@ #include "envoy/type/v3/percent.pb.h" #include "envoy/upstream/cluster_manager.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/global.h" @@ -50,7 +50,7 @@ class MockDirectResponseEntry : public DirectResponseEntry { (Http::ResponseHeaderMap & headers, const StreamInfo::StreamInfo& stream_info), (const)); MOCK_METHOD(Http::HeaderTransforms, responseHeaderTransforms, - (const StreamInfo::StreamInfo& stream_info), (const)); + (const StreamInfo::StreamInfo& stream_info, bool do_formatting), (const)); MOCK_METHOD(std::string, newPath, (const Http::RequestHeaderMap& headers), (const)); MOCK_METHOD(void, rewritePathHeader, (Http::RequestHeaderMap & headers, bool insert_envoy_original_path), (const)); @@ -361,7 +361,7 @@ class MockRouteEntry : public RouteEntry { (Http::ResponseHeaderMap & headers, const StreamInfo::StreamInfo& stream_info), (const)); MOCK_METHOD(Http::HeaderTransforms, responseHeaderTransforms, - (const StreamInfo::StreamInfo& stream_info), (const)); + (const StreamInfo::StreamInfo& stream_info, bool do_formatting), (const)); MOCK_METHOD(const Http::HashPolicy*, hashPolicy, (), (const)); MOCK_METHOD(const HedgePolicy&, hedgePolicy, (), (const)); MOCK_METHOD(const Router::MetadataMatchCriteria*, metadataMatchCriteria, (), (const)); diff --git a/test/mocks/router/router_filter_interface.h b/test/mocks/router/router_filter_interface.h index a37bf61cffce..7ca27675a3d5 100644 --- a/test/mocks/router/router_filter_interface.h +++ b/test/mocks/router/router_filter_interface.h @@ -1,6 +1,6 @@ #pragma once -#include "common/router/router.h" +#include "source/common/router/router.h" #include "test/mocks/http/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/mocks/runtime/BUILD b/test/mocks/runtime/BUILD index a6af7e7570fe..180056c3d5ac 100644 --- a/test/mocks/runtime/BUILD +++ b/test/mocks/runtime/BUILD @@ -14,8 +14,8 @@ envoy_cc_mock( hdrs = ["mocks.h"], external_deps = ["abseil_optional"], deps = [ - "//include/envoy/runtime:runtime_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/runtime:runtime_interface", + "//envoy/upstream:cluster_manager_interface", "//test/mocks:common_lib", "//test/mocks/stats:stats_mocks", "@envoy_api//envoy/type/v3:pkg_cc_proto", diff --git a/test/mocks/secret/BUILD b/test/mocks/secret/BUILD index 92a80718db01..9537595a3b2a 100644 --- a/test/mocks/secret/BUILD +++ b/test/mocks/secret/BUILD @@ -13,10 +13,10 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/secret:secret_callbacks_interface", - "//include/envoy/secret:secret_manager_interface", - "//include/envoy/server:transport_socket_config_interface", - "//include/envoy/ssl:tls_certificate_config_interface", + "//envoy/secret:secret_callbacks_interface", + "//envoy/secret:secret_manager_interface", + "//envoy/server:transport_socket_config_interface", + "//envoy/ssl:tls_certificate_config_interface", "//source/common/secret:secret_provider_impl_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", diff --git a/test/mocks/secret/mocks.cc b/test/mocks/secret/mocks.cc index 613cb30fa46f..ecfc940e2830 100644 --- a/test/mocks/secret/mocks.cc +++ b/test/mocks/secret/mocks.cc @@ -2,7 +2,7 @@ #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" -#include "common/secret/secret_provider_impl.h" +#include "source/common/secret/secret_provider_impl.h" using testing::_; using testing::Invoke; diff --git a/test/mocks/server/BUILD b/test/mocks/server/BUILD index 7f4408de326d..679f3e6d1b2d 100644 --- a/test/mocks/server/BUILD +++ b/test/mocks/server/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["config_tracker.cc"], hdrs = ["config_tracker.h"], deps = [ - "//include/envoy/server:configuration_interface", + "//envoy/server:configuration_interface", ], ) @@ -22,7 +22,7 @@ envoy_cc_mock( srcs = ["admin.cc"], hdrs = ["admin.h"], deps = [ - "//include/envoy/server:admin_interface", + "//envoy/server:admin_interface", "//test/mocks/network:socket_mocks", "//test/mocks/server:config_tracker_mocks", ], @@ -33,7 +33,7 @@ envoy_cc_mock( srcs = ["bootstrap_extension_factory.cc"], hdrs = ["bootstrap_extension_factory.h"], deps = [ - "//include/envoy/server:bootstrap_extension_config_interface", + "//envoy/server:bootstrap_extension_config_interface", ], ) @@ -41,7 +41,7 @@ envoy_cc_mock( name = "fatal_action_factory_mocks", hdrs = ["fatal_action_factory.h"], deps = [ - "//include/envoy/server:fatal_action_interface", + "//envoy/server:fatal_action_interface", ], ) @@ -50,7 +50,7 @@ envoy_cc_mock( srcs = ["options.cc"], hdrs = ["options.h"], deps = [ - "//include/envoy/server:options_interface", + "//envoy/server:options_interface", "@envoy_api//envoy/admin/v3:pkg_cc_proto", "@envoy_api//envoy/config/bootstrap/v3:pkg_cc_proto", ], @@ -61,7 +61,7 @@ envoy_cc_mock( srcs = ["admin_stream.cc"], hdrs = ["admin_stream.h"], deps = [ - "//include/envoy/server:admin_interface", + "//envoy/server:admin_interface", "//test/mocks/http:http_mocks", ], ) @@ -71,7 +71,7 @@ envoy_cc_mock( srcs = ["drain_manager.cc"], hdrs = ["drain_manager.h"], deps = [ - "//include/envoy/server:drain_manager_interface", + "//envoy/server:drain_manager_interface", ], ) @@ -80,7 +80,7 @@ envoy_cc_mock( srcs = ["watch_dog.cc"], hdrs = ["watch_dog.h"], deps = [ - "//include/envoy/server:watchdog_interface", + "//envoy/server:watchdog_interface", ], ) @@ -89,7 +89,7 @@ envoy_cc_mock( srcs = ["watchdog_config.cc"], hdrs = ["watchdog_config.h"], deps = [ - "//include/envoy/server:configuration_interface", + "//envoy/server:configuration_interface", "//test/test_common:utility_lib", ], ) @@ -99,7 +99,7 @@ envoy_cc_mock( srcs = ["guard_dog.cc"], hdrs = ["guard_dog.h"], deps = [ - "//include/envoy/server:guarddog_interface", + "//envoy/server:guarddog_interface", "//test/mocks/server:watch_dog_mocks", ], ) @@ -109,7 +109,7 @@ envoy_cc_mock( srcs = ["hot_restart.cc"], hdrs = ["hot_restart.h"], deps = [ - "//include/envoy/server:instance_interface", + "//envoy/server:instance_interface", "//test/mocks/stats:stats_mocks", ], ) @@ -119,8 +119,8 @@ envoy_cc_mock( srcs = ["listener_component_factory.cc"], hdrs = ["listener_component_factory.h"], deps = [ - "//include/envoy/server:drain_manager_interface", - "//include/envoy/server:listener_manager_interface", + "//envoy/server:drain_manager_interface", + "//envoy/server:listener_manager_interface", "//test/mocks/network:network_mocks", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", "@envoy_api//envoy/config/listener/v3:pkg_cc_proto", @@ -132,7 +132,7 @@ envoy_cc_mock( srcs = ["listener_manager.cc"], hdrs = ["listener_manager.h"], deps = [ - "//include/envoy/server:listener_manager_interface", + "//envoy/server:listener_manager_interface", ], ) @@ -141,7 +141,7 @@ envoy_cc_mock( srcs = ["server_lifecycle_notifier.cc"], hdrs = ["server_lifecycle_notifier.h"], deps = [ - "//include/envoy/server:lifecycle_notifier_interface", + "//envoy/server:lifecycle_notifier_interface", ], ) @@ -150,7 +150,7 @@ envoy_cc_mock( srcs = ["worker_factory.cc"], hdrs = ["worker_factory.h"], deps = [ - "//include/envoy/server:worker_interface", + "//envoy/server:worker_interface", "//test/mocks/server:worker_mocks", ], ) @@ -160,7 +160,7 @@ envoy_cc_mock( srcs = ["worker.cc"], hdrs = ["worker.h"], deps = [ - "//include/envoy/server:worker_interface", + "//envoy/server:worker_interface", ], ) @@ -169,7 +169,7 @@ envoy_cc_mock( srcs = ["overload_manager.cc"], hdrs = ["overload_manager.h"], deps = [ - "//include/envoy/server/overload:overload_manager_interface", + "//envoy/server/overload:overload_manager_interface", "//test/mocks/event:event_mocks", ], ) @@ -179,7 +179,7 @@ envoy_cc_mock( srcs = ["instance.cc"], hdrs = ["instance.h"], deps = [ - "//include/envoy/server:instance_interface", + "//envoy/server:instance_interface", "//source/common/grpc:context_lib", "//source/common/http:context_lib", "//source/common/router:context_lib", @@ -215,8 +215,8 @@ envoy_cc_mock( name = "main_mocks", hdrs = ["main.h"], deps = [ - "//include/envoy/server:configuration_interface", - "//include/envoy/server/overload:overload_manager_interface", + "//envoy/server:configuration_interface", + "//envoy/server/overload:overload_manager_interface", ], ) @@ -238,7 +238,7 @@ envoy_cc_mock( srcs = ["transport_socket_factory_context.cc"], hdrs = ["transport_socket_factory_context.h"], deps = [ - "//include/envoy/server:tracer_config_interface", + "//envoy/server:tracer_config_interface", "//source/common/secret:secret_manager_impl_lib", "//test/mocks/api:api_mocks", "//test/mocks/server:config_tracker_mocks", @@ -252,7 +252,7 @@ envoy_cc_mock( srcs = ["listener_factory_context.cc"], hdrs = ["listener_factory_context.h"], deps = [ - "//include/envoy/server:listener_manager_interface", + "//envoy/server:listener_manager_interface", "//test/mocks/server:factory_context_mocks", ], ) @@ -262,7 +262,7 @@ envoy_cc_mock( srcs = ["health_checker_factory_context.cc"], hdrs = ["health_checker_factory_context.h"], deps = [ - "//include/envoy/server:health_checker_config_interface", + "//envoy/server:health_checker_config_interface", "//test/mocks:common_lib", "//test/mocks/api:api_mocks", "//test/mocks/event:event_mocks", @@ -280,7 +280,7 @@ envoy_cc_mock( srcs = ["filter_chain_factory_context.cc"], hdrs = ["filter_chain_factory_context.h"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/common/router:context_lib", "//test/mocks/server:factory_context_mocks", ], @@ -291,8 +291,8 @@ envoy_cc_mock( srcs = ["tracer_factory.cc"], hdrs = ["tracer_factory.h"], deps = [ - "//include/envoy/protobuf:message_validator_interface", - "//include/envoy/server:tracer_config_interface", + "//envoy/protobuf:message_validator_interface", + "//envoy/server:tracer_config_interface", ], ) @@ -301,7 +301,7 @@ envoy_cc_mock( srcs = ["tracer_factory_context.cc"], hdrs = ["tracer_factory_context.h"], deps = [ - "//include/envoy/server:configuration_interface", + "//envoy/server:configuration_interface", "//test/mocks/server:instance_mocks", "//test/mocks/server:tracer_factory_mocks", ], diff --git a/test/mocks/server/factory_context.cc b/test/mocks/server/factory_context.cc index 723019095c70..c8a3e082414c 100644 --- a/test/mocks/server/factory_context.cc +++ b/test/mocks/server/factory_context.cc @@ -2,7 +2,7 @@ #include -#include "common/singleton/manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/server/factory_context.h b/test/mocks/server/factory_context.h index 8615ca5242ec..41f3c20bf440 100644 --- a/test/mocks/server/factory_context.h +++ b/test/mocks/server/factory_context.h @@ -2,9 +2,8 @@ #include "envoy/server/configuration.h" -#include "common/router/context_impl.h" - -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/router/context_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "admin.h" #include "drain_manager.h" diff --git a/test/mocks/server/instance.cc b/test/mocks/server/instance.cc index 9b1a728b76c0..ebd079c44b96 100644 --- a/test/mocks/server/instance.cc +++ b/test/mocks/server/instance.cc @@ -1,6 +1,6 @@ #include "instance.h" -#include "common/singleton/manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/server/instance.h b/test/mocks/server/instance.h index 2fd4f2cc28b2..b7eb87536320 100644 --- a/test/mocks/server/instance.h +++ b/test/mocks/server/instance.h @@ -2,12 +2,11 @@ #include "envoy/server/instance.h" -#include "common/grpc/context_impl.h" -#include "common/http/context_impl.h" -#include "common/router/context_impl.h" -#include "common/stats/symbol_table_impl.h" - -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/router/context_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/api/mocks.h" diff --git a/test/mocks/server/listener_factory_context.cc b/test/mocks/server/listener_factory_context.cc index 10ec7dc48156..bf2cc8992247 100644 --- a/test/mocks/server/listener_factory_context.cc +++ b/test/mocks/server/listener_factory_context.cc @@ -2,7 +2,7 @@ #include -#include "common/singleton/manager_impl.h" +#include "source/common/singleton/manager_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/server/listener_factory_context.h b/test/mocks/server/listener_factory_context.h index 10e54c629188..a72237a2eaf4 100644 --- a/test/mocks/server/listener_factory_context.h +++ b/test/mocks/server/listener_factory_context.h @@ -3,7 +3,7 @@ #include "envoy/server/configuration.h" #include "envoy/server/listener_manager.h" -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" #include "admin.h" #include "drain_manager.h" diff --git a/test/mocks/server/overload_manager.cc b/test/mocks/server/overload_manager.cc index 3cb951ea7f8e..4ebf19f032b8 100644 --- a/test/mocks/server/overload_manager.cc +++ b/test/mocks/server/overload_manager.cc @@ -10,8 +10,6 @@ namespace Envoy { namespace Server { -using ::testing::NiceMock; -using ::testing::ReturnNew; using ::testing::ReturnRef; MockThreadLocalOverloadState::MockThreadLocalOverloadState() diff --git a/test/mocks/server/transport_socket_factory_context.h b/test/mocks/server/transport_socket_factory_context.h index f14bdd0ac9fe..ee98720c8d42 100644 --- a/test/mocks/server/transport_socket_factory_context.h +++ b/test/mocks/server/transport_socket_factory_context.h @@ -2,7 +2,7 @@ #include "envoy/server/transport_socket_config.h" -#include "common/secret/secret_manager_impl.h" +#include "source/common/secret/secret_manager_impl.h" #include "test/mocks/api/mocks.h" #include "test/mocks/ssl/mocks.h" diff --git a/test/mocks/server/worker.cc b/test/mocks/server/worker.cc index a7e981b299b1..b4f1e5e8d9ee 100644 --- a/test/mocks/server/worker.cc +++ b/test/mocks/server/worker.cc @@ -42,6 +42,10 @@ MockWorker::MockWorker() { EXPECT_EQ(nullptr, remove_filter_chains_completion_); remove_filter_chains_completion_ = completion; })); + + ON_CALL(*this, start(_, _)).WillByDefault(Invoke([](GuardDog&, const Event::PostCb& cb) -> void { + cb(); + })); } MockWorker::~MockWorker() = default; diff --git a/test/mocks/server/worker.h b/test/mocks/server/worker.h index 978ab3bbcc21..b72f38c5c2c1 100644 --- a/test/mocks/server/worker.h +++ b/test/mocks/server/worker.h @@ -37,7 +37,7 @@ class MockWorker : public Worker { MOCK_METHOD(uint64_t, numConnections, (), (const)); MOCK_METHOD(void, removeListener, (Network::ListenerConfig & listener, std::function completion)); - MOCK_METHOD(void, start, (GuardDog & guard_dog)); + MOCK_METHOD(void, start, (GuardDog & guard_dog, const Event::PostCb& cb)); MOCK_METHOD(void, initializeStats, (Stats::Scope & scope)); MOCK_METHOD(void, stop, ()); MOCK_METHOD(void, stopListener, diff --git a/test/mocks/ssl/BUILD b/test/mocks/ssl/BUILD index e79694f5224f..caaa6483ee1e 100644 --- a/test/mocks/ssl/BUILD +++ b/test/mocks/ssl/BUILD @@ -13,12 +13,12 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/ssl:certificate_validation_context_config_interface", - "//include/envoy/ssl:connection_interface", - "//include/envoy/ssl:context_config_interface", - "//include/envoy/ssl:context_interface", - "//include/envoy/ssl:context_manager_interface", - "//include/envoy/stats:stats_interface", + "//envoy/ssl:certificate_validation_context_config_interface", + "//envoy/ssl:connection_interface", + "//envoy/ssl:context_config_interface", + "//envoy/ssl:context_interface", + "//envoy/ssl:context_manager_interface", + "//envoy/stats:stats_interface", "//test/mocks/secret:secret_mocks", "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto", ], diff --git a/test/mocks/ssl/mocks.h b/test/mocks/ssl/mocks.h index 94cf360a3e70..43ad275fce27 100644 --- a/test/mocks/ssl/mocks.h +++ b/test/mocks/ssl/mocks.h @@ -156,7 +156,6 @@ class MockCertificateValidationContextConfig : public CertificateValidationConte MOCK_METHOD(const std::string&, caCertPath, (), (const)); MOCK_METHOD(const std::string&, certificateRevocationList, (), (const)); MOCK_METHOD(const std::string&, certificateRevocationListPath, (), (const)); - MOCK_METHOD(const std::vector&, verifySubjectAltNameList, (), (const)); MOCK_METHOD(const std::vector&, subjectAltNameMatchers, (), (const)); MOCK_METHOD(const std::vector&, verifyCertificateHashList, (), (const)); diff --git a/test/mocks/stats/BUILD b/test/mocks/stats/BUILD index 2fbabbb328d0..039a42fbd948 100644 --- a/test/mocks/stats/BUILD +++ b/test/mocks/stats/BUILD @@ -13,10 +13,10 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/stats:stats_interface", - "//include/envoy/stats:timespan_interface", - "//include/envoy/thread_local:thread_local_interface", - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/stats:stats_interface", + "//envoy/stats:timespan_interface", + "//envoy/thread_local:thread_local_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/stats:histogram_lib", "//source/common/stats:isolated_store_lib", "//source/common/stats:stats_lib", diff --git a/test/mocks/stats/mocks.cc b/test/mocks/stats/mocks.cc index 6af79f074331..66ed44834fc1 100644 --- a/test/mocks/stats/mocks.cc +++ b/test/mocks/stats/mocks.cc @@ -2,7 +2,7 @@ #include -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/stats/mocks.h b/test/mocks/stats/mocks.h index bc43b8d61dea..b83dd3310c4c 100644 --- a/test/mocks/stats/mocks.h +++ b/test/mocks/stats/mocks.h @@ -14,11 +14,11 @@ #include "envoy/thread_local/thread_local.h" #include "envoy/upstream/cluster_manager.h" -#include "common/stats/histogram_impl.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stats/store_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stats/timespan_impl.h" +#include "source/common/stats/histogram_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stats/store_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stats/timespan_impl.h" #include "test/common/stats/stat_test_utility.h" diff --git a/test/mocks/stream_info/BUILD b/test/mocks/stream_info/BUILD index da45abf717ce..ca80a08e3b4e 100644 --- a/test/mocks/stream_info/BUILD +++ b/test/mocks/stream_info/BUILD @@ -13,9 +13,9 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/http:request_id_extension_interface", - "//include/envoy/stream_info:stream_info_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:request_id_extension_interface", + "//envoy/stream_info:stream_info_interface", + "//envoy/upstream:upstream_interface", "//test/mocks/upstream:host_mocks", "//test/test_common:simulated_time_system_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", diff --git a/test/mocks/stream_info/mocks.cc b/test/mocks/stream_info/mocks.cc index 17162d885a7b..3907bb515f13 100644 --- a/test/mocks/stream_info/mocks.cc +++ b/test/mocks/stream_info/mocks.cc @@ -1,6 +1,6 @@ #include "test/mocks/stream_info/mocks.h" -#include "common/network/address_impl.h" +#include "source/common/network/address_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" @@ -31,8 +31,9 @@ MockStreamInfo::MockStreamInfo() response_code_details_ = std::string(details); })); ON_CALL(*this, setConnectionTerminationDetails(_)) - .WillByDefault( - Invoke([this](absl::string_view details) { connection_termination_details_ = details; })); + .WillByDefault(Invoke([this](absl::string_view details) { + connection_termination_details_ = std::string(details); + })); ON_CALL(*this, startTime()).WillByDefault(ReturnPointee(&start_time_)); ON_CALL(*this, startTimeMonotonic()).WillByDefault(ReturnPointee(&start_time_monotonic_)); ON_CALL(*this, lastDownstreamRxByteReceived()) diff --git a/test/mocks/stream_info/mocks.h b/test/mocks/stream_info/mocks.h index 62a377ecb97e..1a0a81b36d9a 100644 --- a/test/mocks/stream_info/mocks.h +++ b/test/mocks/stream_info/mocks.h @@ -4,8 +4,8 @@ #include "envoy/http/request_id_extension.h" #include "envoy/stream_info/stream_info.h" -#include "common/network/socket_impl.h" -#include "common/stream_info/filter_state_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/common/stream_info/filter_state_impl.h" #include "test/mocks/upstream/host.h" #include "test/test_common/simulated_time_system.h" diff --git a/test/mocks/tcp/BUILD b/test/mocks/tcp/BUILD index 263b2e49ba08..b3cbd6903f68 100644 --- a/test/mocks/tcp/BUILD +++ b/test/mocks/tcp/BUILD @@ -13,8 +13,8 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/buffer:buffer_interface", - "//include/envoy/tcp:conn_pool_interface", + "//envoy/buffer:buffer_interface", + "//envoy/tcp:conn_pool_interface", "//test/mocks:common_lib", "//test/mocks/network:network_mocks", "//test/mocks/upstream:host_mocks", diff --git a/test/mocks/tcp/mocks.cc b/test/mocks/tcp/mocks.cc index 75b07cf8cd5f..d6828f046a14 100644 --- a/test/mocks/tcp/mocks.cc +++ b/test/mocks/tcp/mocks.cc @@ -41,9 +41,9 @@ void MockInstance::poolFailure(PoolFailureReason reason, bool host_null) { callbacks_.pop_front(); handles_.pop_front(); if (host_null) { - cb->onPoolFailure(reason, nullptr); + cb->onPoolFailure(reason, "", nullptr); } else { - cb->onPoolFailure(reason, host_); + cb->onPoolFailure(reason, "", host_); } } diff --git a/test/mocks/tcp/mocks.h b/test/mocks/tcp/mocks.h index b052e712353a..6b486918cb99 100644 --- a/test/mocks/tcp/mocks.h +++ b/test/mocks/tcp/mocks.h @@ -15,6 +15,14 @@ namespace Envoy { namespace Tcp { namespace ConnectionPool { +class MockCallbacks : public Callbacks { + MOCK_METHOD(void, onPoolFailure, + (PoolFailureReason reason, absl::string_view details, + Upstream::HostDescriptionConstSharedPtr host)); + MOCK_METHOD(void, onPoolReady, + (ConnectionDataPtr && conn, Upstream::HostDescriptionConstSharedPtr host)); +}; + class MockUpstreamCallbacks : public UpstreamCallbacks { public: MockUpstreamCallbacks(); diff --git a/test/mocks/thread_local/BUILD b/test/mocks/thread_local/BUILD index e05b8f6f4b96..1928ad5ce567 100644 --- a/test/mocks/thread_local/BUILD +++ b/test/mocks/thread_local/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/thread_local:thread_local_interface", + "//envoy/thread_local:thread_local_interface", "//test/mocks/event:event_mocks", ], ) diff --git a/test/mocks/thread_local/mocks.cc b/test/mocks/thread_local/mocks.cc index aff789b21936..18a8cfb30bae 100644 --- a/test/mocks/thread_local/mocks.cc +++ b/test/mocks/thread_local/mocks.cc @@ -10,10 +10,10 @@ namespace Envoy { namespace ThreadLocal { MockInstance::MockInstance() { - ON_CALL(*this, allocateSlot()).WillByDefault(Invoke(this, &MockInstance::allocateSlot_)); - ON_CALL(*this, runOnAllThreads(_)).WillByDefault(Invoke(this, &MockInstance::runOnAllThreads1_)); + ON_CALL(*this, allocateSlot()).WillByDefault(Invoke(this, &MockInstance::allocateSlotMock)); + ON_CALL(*this, runOnAllThreads(_)).WillByDefault(Invoke(this, &MockInstance::runOnAllThreads1)); ON_CALL(*this, runOnAllThreads(_, _)) - .WillByDefault(Invoke(this, &MockInstance::runOnAllThreads2_)); + .WillByDefault(Invoke(this, &MockInstance::runOnAllThreads2)); ON_CALL(*this, shutdownThread()).WillByDefault(Invoke(this, &MockInstance::shutdownThread_)); ON_CALL(*this, dispatcher()).WillByDefault(ReturnRef(dispatcher_)); } diff --git a/test/mocks/thread_local/mocks.h b/test/mocks/thread_local/mocks.h index e735c543b0e1..3fa0f8d3479d 100644 --- a/test/mocks/thread_local/mocks.h +++ b/test/mocks/thread_local/mocks.h @@ -22,13 +22,14 @@ class MockInstance : public Instance { // Server::ThreadLocal MOCK_METHOD(SlotPtr, allocateSlot, ()); MOCK_METHOD(void, registerThread, (Event::Dispatcher & dispatcher, bool main_thread)); - MOCK_METHOD(void, shutdownGlobalThreading, ()); + void shutdownGlobalThreading() override { shutdown_ = true; } MOCK_METHOD(void, shutdownThread, ()); MOCK_METHOD(Event::Dispatcher&, dispatcher, ()); + bool isShutdown() const override { return shutdown_; } - SlotPtr allocateSlot_() { return SlotPtr{new SlotImpl(*this, current_slot_++)}; } - void runOnAllThreads1_(Event::PostCb cb) { cb(); } - void runOnAllThreads2_(Event::PostCb cb, Event::PostCb main_callback) { + SlotPtr allocateSlotMock() { return SlotPtr{new SlotImpl(*this, current_slot_++)}; } + void runOnAllThreads1(Event::PostCb cb) { cb(); } + void runOnAllThreads2(Event::PostCb cb, Event::PostCb main_callback) { cb(); main_callback(); } diff --git a/test/mocks/tracing/BUILD b/test/mocks/tracing/BUILD index 3f4eaf881d4d..b89ea160d951 100644 --- a/test/mocks/tracing/BUILD +++ b/test/mocks/tracing/BUILD @@ -13,7 +13,7 @@ envoy_cc_mock( srcs = ["mocks.cc"], hdrs = ["mocks.h"], deps = [ - "//include/envoy/tracing:http_tracer_interface", - "//include/envoy/tracing:http_tracer_manager_interface", + "//envoy/tracing:http_tracer_interface", + "//envoy/tracing:http_tracer_manager_interface", ], ) diff --git a/test/mocks/upstream/BUILD b/test/mocks/upstream/BUILD index 5ab7a4d10109..e7fcdef38adc 100644 --- a/test/mocks/upstream/BUILD +++ b/test/mocks/upstream/BUILD @@ -14,8 +14,8 @@ envoy_cc_mock( hdrs = ["cluster_info.h"], deps = [ ":transport_socket_match_mocks", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:thread_lib", "//source/common/config:metadata_lib", "//source/common/http:utility_lib", @@ -37,7 +37,7 @@ envoy_cc_mock( hdrs = ["host.h"], deps = [ ":cluster_info_mocks", - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/network:utility_lib", "//test/mocks/network:transport_socket_mocks", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -50,7 +50,7 @@ envoy_cc_mock( srcs = ["transport_socket_match.cc"], hdrs = ["transport_socket_match.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/network:raw_buffer_socket_lib", "//test/common/stats:stat_test_utility_lib", "@envoy_api//envoy/config/core/v3:pkg_cc_proto", @@ -62,7 +62,7 @@ envoy_cc_mock( srcs = ["load_balancer_context.cc"], hdrs = ["load_balancer_context.h"], deps = [ - "//include/envoy/upstream:load_balancer_interface", + "//envoy/upstream:load_balancer_interface", ], ) @@ -93,12 +93,12 @@ envoy_cc_mock( ":thread_aware_load_balancer_mocks", ":thread_local_cluster_mocks", ":transport_socket_match_mocks", - "//include/envoy/http:async_client_interface", - "//include/envoy/upstream:cluster_factory_interface", - "//include/envoy/upstream:cluster_manager_interface", - "//include/envoy/upstream:health_checker_interface", - "//include/envoy/upstream:load_balancer_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/http:async_client_interface", + "//envoy/upstream:cluster_factory_interface", + "//envoy/upstream:cluster_manager_interface", + "//envoy/upstream:health_checker_interface", + "//envoy/upstream:load_balancer_interface", + "//envoy/upstream:upstream_interface", "//source/common/http:header_utility_lib", "//source/common/upstream:cluster_factory_lib", "//source/common/upstream:health_discovery_service_lib", @@ -122,7 +122,7 @@ envoy_cc_mock( srcs = ["host_set.cc"], hdrs = ["host_set.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//source/common/common:callback_impl_lib", "//source/common/upstream:upstream_lib", ], @@ -133,7 +133,7 @@ envoy_cc_mock( srcs = ["priority_set.cc"], hdrs = ["priority_set.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//test/mocks/upstream:host_set_mocks", ], ) @@ -143,7 +143,7 @@ envoy_cc_mock( srcs = ["retry_priority.cc"], hdrs = ["retry_priority.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", ], ) @@ -151,7 +151,7 @@ envoy_cc_mock( name = "retry_priority_factory_mocks", hdrs = ["retry_priority_factory.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", "//test/mocks/upstream:retry_priority_mocks", ], ) @@ -161,7 +161,7 @@ envoy_cc_mock( srcs = ["cluster.cc"], hdrs = ["cluster.h"], deps = [ - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:upstream_interface", "//test/mocks/upstream:cluster_info_mocks", ], ) @@ -190,7 +190,7 @@ envoy_cc_mock( srcs = ["load_balancer.cc"], hdrs = ["load_balancer.h"], deps = [ - "//include/envoy/upstream:load_balancer_interface", + "//envoy/upstream:load_balancer_interface", "//test/mocks/upstream:host_mocks", ], ) @@ -200,7 +200,7 @@ envoy_cc_mock( srcs = ["thread_aware_load_balancer.cc"], hdrs = ["thread_aware_load_balancer.h"], deps = [ - "//include/envoy/upstream:load_balancer_interface", + "//envoy/upstream:load_balancer_interface", ], ) @@ -209,7 +209,7 @@ envoy_cc_mock( srcs = ["thread_local_cluster.cc"], hdrs = ["thread_local_cluster.h"], deps = [ - "//include/envoy/upstream:thread_local_cluster_interface", + "//envoy/upstream:thread_local_cluster_interface", "//test/mocks/http:conn_pool_mocks", "//test/mocks/http:http_mocks", "//test/mocks/tcp:tcp_mocks", @@ -223,7 +223,7 @@ envoy_cc_mock( srcs = ["cluster_manager_factory.cc"], hdrs = ["cluster_manager_factory.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//test/mocks/secret:secret_mocks", ], ) @@ -233,7 +233,7 @@ envoy_cc_mock( srcs = ["cluster_update_callbacks_handle.cc"], hdrs = ["cluster_update_callbacks_handle.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", ], ) @@ -242,7 +242,7 @@ envoy_cc_mock( srcs = ["cluster_manager.cc"], hdrs = ["cluster_manager.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//test/mocks/config:config_mocks", "//test/mocks/grpc:grpc_mocks", "//test/mocks/http:http_mocks", @@ -257,7 +257,7 @@ envoy_cc_mock( srcs = ["health_checker.cc"], hdrs = ["health_checker.h"], deps = [ - "//include/envoy/upstream:health_checker_interface", + "//envoy/upstream:health_checker_interface", ], ) @@ -265,7 +265,7 @@ envoy_cc_mock( name = "health_check_event_logger_mocks", hdrs = ["health_check_event_logger.h"], deps = [ - "//include/envoy/upstream:health_checker_interface", + "//envoy/upstream:health_checker_interface", "@envoy_api//envoy/data/core/v3:pkg_cc_proto", ], ) @@ -275,7 +275,7 @@ envoy_cc_mock( srcs = ["cds_api.cc"], hdrs = ["cds_api.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", ], ) @@ -284,7 +284,7 @@ envoy_cc_mock( srcs = ["cluster_update_callbacks.cc"], hdrs = ["cluster_update_callbacks.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", ], ) @@ -293,7 +293,7 @@ envoy_cc_mock( srcs = ["cluster_info_factory.cc"], hdrs = ["cluster_info_factory.h"], deps = [ - "//include/envoy/upstream:cluster_manager_interface", + "//envoy/upstream:cluster_manager_interface", "//source/common/common:minimal_logger_lib", ], ) @@ -303,7 +303,7 @@ envoy_cc_mock( srcs = ["retry_host_predicate.cc"], hdrs = ["retry_host_predicate.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", ], ) @@ -311,7 +311,7 @@ envoy_cc_mock( name = "test_retry_host_predicate_factory_mocks", hdrs = ["test_retry_host_predicate_factory.h"], deps = [ - "//include/envoy/upstream:retry_interface", + "//envoy/upstream:retry_interface", "//test/mocks/upstream:retry_host_predicate_mocks", ], ) @@ -321,6 +321,6 @@ envoy_cc_mock( srcs = ["basic_resource_limit.cc"], hdrs = ["basic_resource_limit.h"], deps = [ - "//include/envoy/common:resource_interface", + "//envoy/common:resource_interface", ], ) diff --git a/test/mocks/upstream/cluster_info.cc b/test/mocks/upstream/cluster_info.cc index 9c698a61ccd2..c24c81d95bc2 100644 --- a/test/mocks/upstream/cluster_info.cc +++ b/test/mocks/upstream/cluster_info.cc @@ -6,10 +6,10 @@ #include "envoy/upstream/host_description.h" #include "envoy/upstream/upstream.h" -#include "common/config/metadata.h" -#include "common/http/utility.h" -#include "common/network/raw_buffer_socket.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/http/utility.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/upstream/upstream_impl.h" using testing::_; using testing::Invoke; @@ -59,7 +59,8 @@ MockClusterInfo::MockClusterInfo() cluster_circuit_breakers_stat_names_)), resource_manager_(new Upstream::ResourceManagerImpl( runtime_, "fake_key", 1, 1024, 1024, 1, std::numeric_limits::max(), - circuit_breakers_stats_, absl::nullopt, absl::nullopt)) { + circuit_breakers_stats_, absl::nullopt, absl::nullopt)), + stats_scope_(stats_store_.createScope("test_scope")) { ON_CALL(*this, connectTimeout()).WillByDefault(Return(std::chrono::milliseconds(1))); ON_CALL(*this, idleTimeout()).WillByDefault(Return(absl::optional())); ON_CALL(*this, perUpstreamPreconnectRatio()).WillByDefault(Return(1.0)); @@ -126,15 +127,15 @@ MockClusterInfo::MockClusterInfo() MockClusterInfo::~MockClusterInfo() = default; Http::Http1::CodecStats& MockClusterInfo::http1CodecStats() const { - return Http::Http1::CodecStats::atomicGet(http1_codec_stats_, statsScope()); + return Http::Http1::CodecStats::atomicGet(http1_codec_stats_, *stats_scope_); } Http::Http2::CodecStats& MockClusterInfo::http2CodecStats() const { - return Http::Http2::CodecStats::atomicGet(http2_codec_stats_, statsScope()); + return Http::Http2::CodecStats::atomicGet(http2_codec_stats_, *stats_scope_); } Http::Http3::CodecStats& MockClusterInfo::http3CodecStats() const { - return Http::Http3::CodecStats::atomicGet(http3_codec_stats_, statsScope()); + return Http::Http3::CodecStats::atomicGet(http3_codec_stats_, *stats_scope_); } } // namespace Upstream diff --git a/test/mocks/upstream/cluster_info.h b/test/mocks/upstream/cluster_info.h index 5a3322536313..060806a37636 100644 --- a/test/mocks/upstream/cluster_info.h +++ b/test/mocks/upstream/cluster_info.h @@ -13,11 +13,11 @@ #include "envoy/upstream/cluster_manager.h" #include "envoy/upstream/upstream.h" -#include "common/common/thread.h" -#include "common/http/http1/codec_stats.h" -#include "common/http/http2/codec_stats.h" -#include "common/http/http3/codec_stats.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/thread.h" +#include "source/common/http/http1/codec_stats.h" +#include "source/common/http/http2/codec_stats.h" +#include "source/common/http/http3/codec_stats.h" +#include "source/common/upstream/upstream_impl.h" #include "test/mocks/runtime/mocks.h" #include "test/mocks/stats/mocks.h" @@ -200,6 +200,7 @@ class MockClusterInfo : public ClusterInfo { envoy::config::core::v3::Metadata metadata_; std::unique_ptr typed_metadata_; absl::optional max_stream_duration_; + Stats::ScopePtr stats_scope_; mutable Http::Http1::CodecStats::AtomicPtr http1_codec_stats_; mutable Http::Http2::CodecStats::AtomicPtr http2_codec_stats_; mutable Http::Http3::CodecStats::AtomicPtr http3_codec_stats_; diff --git a/test/mocks/upstream/cluster_info_factory.h b/test/mocks/upstream/cluster_info_factory.h index 08144c57154d..f9f237e490d9 100644 --- a/test/mocks/upstream/cluster_info_factory.h +++ b/test/mocks/upstream/cluster_info_factory.h @@ -2,7 +2,7 @@ #include "envoy/upstream/cluster_manager.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/upstream/cluster_manager.cc b/test/mocks/upstream/cluster_manager.cc index a789f485d47b..7e17320ba63d 100644 --- a/test/mocks/upstream/cluster_manager.cc +++ b/test/mocks/upstream/cluster_manager.cc @@ -9,8 +9,6 @@ namespace Envoy { namespace Upstream { -using ::testing::_; -using ::testing::Eq; using ::testing::Return; using ::testing::ReturnRef; @@ -51,7 +49,7 @@ void MockClusterManager::initializeThreadLocalClusters( // TODO(mattklein123): This should create a dedicated and new mock for each initialized cluster, // but this has larger test implications. I will fix this in a follow up. for (const auto& cluster_name : cluster_names) { - ON_CALL(*this, getThreadLocalCluster(cluster_name)) + ON_CALL(*this, getThreadLocalCluster(absl::string_view(cluster_name))) .WillByDefault(Return(&thread_local_cluster_)); } } diff --git a/test/mocks/upstream/host.cc b/test/mocks/upstream/host.cc index 0670abadd5c0..53cab64d27a4 100644 --- a/test/mocks/upstream/host.cc +++ b/test/mocks/upstream/host.cc @@ -1,6 +1,6 @@ #include "test/mocks/upstream/host.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" using testing::_; using testing::Invoke; diff --git a/test/mocks/upstream/host.h b/test/mocks/upstream/host.h index 82ea4bd8e5df..211698283782 100644 --- a/test/mocks/upstream/host.h +++ b/test/mocks/upstream/host.h @@ -9,7 +9,7 @@ #include "envoy/data/cluster/v3/outlier_detection_event.pb.h" #include "envoy/upstream/upstream.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/mocks/network/transport_socket.h" #include "test/mocks/upstream/cluster_info.h" @@ -83,6 +83,8 @@ class MockHostDescription : public HostDescription { ~MockHostDescription() override; MOCK_METHOD(Network::Address::InstanceConstSharedPtr, address, (), (const)); + MOCK_METHOD(const std::vector&, addressList, (), + (const)); MOCK_METHOD(Network::Address::InstanceConstSharedPtr, healthCheckAddress, (), (const)); MOCK_METHOD(bool, canary, (), (const)); MOCK_METHOD(void, canary, (bool new_canary)); @@ -158,6 +160,8 @@ class MockHost : public Host { } MOCK_METHOD(Network::Address::InstanceConstSharedPtr, address, (), (const)); + MOCK_METHOD(const std::vector&, addressList, (), + (const)); MOCK_METHOD(Network::Address::InstanceConstSharedPtr, healthCheckAddress, (), (const)); MOCK_METHOD(bool, canary, (), (const)); MOCK_METHOD(void, canary, (bool new_canary)); diff --git a/test/mocks/upstream/host_set.h b/test/mocks/upstream/host_set.h index 529d34d387f6..7fd18d438f0d 100644 --- a/test/mocks/upstream/host_set.h +++ b/test/mocks/upstream/host_set.h @@ -2,8 +2,8 @@ #include "envoy/upstream/upstream.h" -#include "common/common/callback_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/callback_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "gmock/gmock.h" #include "gtest/gtest.h" diff --git a/test/mocks/upstream/mocks.h b/test/mocks/upstream/mocks.h index 879280b0aef1..433aec61f06e 100644 --- a/test/mocks/upstream/mocks.h +++ b/test/mocks/upstream/mocks.h @@ -12,10 +12,10 @@ #include "envoy/upstream/health_checker.h" #include "envoy/upstream/upstream.h" -#include "common/common/callback_impl.h" -#include "common/upstream/health_discovery_service.h" -#include "common/upstream/load_balancer_impl.h" -#include "common/upstream/upstream_impl.h" +#include "source/common/common/callback_impl.h" +#include "source/common/upstream/health_discovery_service.h" +#include "source/common/upstream/load_balancer_impl.h" +#include "source/common/upstream/upstream_impl.h" #include "test/mocks/config/mocks.h" #include "test/mocks/grpc/mocks.h" diff --git a/test/mocks/upstream/thread_local_cluster.cc b/test/mocks/upstream/thread_local_cluster.cc index 9e0d9eedd33e..5842f04d8807 100644 --- a/test/mocks/upstream/thread_local_cluster.cc +++ b/test/mocks/upstream/thread_local_cluster.cc @@ -13,8 +13,10 @@ MockThreadLocalCluster::MockThreadLocalCluster() { ON_CALL(*this, prioritySet()).WillByDefault(ReturnRef(cluster_.priority_set_)); ON_CALL(*this, info()).WillByDefault(Return(cluster_.info_)); ON_CALL(*this, loadBalancer()).WillByDefault(ReturnRef(lb_)); - ON_CALL(*this, httpConnPool(_, _, _)).WillByDefault(Return(&conn_pool_)); - ON_CALL(*this, tcpConnPool(_, _)).WillByDefault(Return(&tcp_conn_pool_)); + ON_CALL(*this, httpConnPool(_, _, _)) + .WillByDefault(Return(Upstream::HttpPoolData([]() {}, &conn_pool_))); + ON_CALL(*this, tcpConnPool(_, _)) + .WillByDefault(Return(Upstream::TcpPoolData([]() {}, &tcp_conn_pool_))); ON_CALL(*this, httpAsyncClient()).WillByDefault(ReturnRef(async_client_)); } diff --git a/test/mocks/upstream/thread_local_cluster.h b/test/mocks/upstream/thread_local_cluster.h index d4900d18c493..7057b07da876 100644 --- a/test/mocks/upstream/thread_local_cluster.h +++ b/test/mocks/upstream/thread_local_cluster.h @@ -30,10 +30,10 @@ class MockThreadLocalCluster : public ThreadLocalCluster { MOCK_METHOD(const PrioritySet&, prioritySet, ()); MOCK_METHOD(ClusterInfoConstSharedPtr, info, ()); MOCK_METHOD(LoadBalancer&, loadBalancer, ()); - MOCK_METHOD(Http::ConnectionPool::Instance*, httpConnPool, + MOCK_METHOD(absl::optional, httpConnPool, (ResourcePriority priority, absl::optional downstream_protocol, LoadBalancerContext* context)); - MOCK_METHOD(Tcp::ConnectionPool::Instance*, tcpConnPool, + MOCK_METHOD(absl::optional, tcpConnPool, (ResourcePriority priority, LoadBalancerContext* context)); MOCK_METHOD(MockHost::MockCreateConnectionData, tcpConn_, (LoadBalancerContext * context)); MOCK_METHOD(Http::AsyncClient&, httpAsyncClient, ()); diff --git a/test/mocks/upstream/transport_socket_match.cc b/test/mocks/upstream/transport_socket_match.cc index 27a77289b64b..0f12148f90d3 100644 --- a/test/mocks/upstream/transport_socket_match.cc +++ b/test/mocks/upstream/transport_socket_match.cc @@ -1,6 +1,6 @@ #include "test/mocks/upstream/transport_socket_match.h" -#include "common/network/raw_buffer_socket.h" +#include "source/common/network/raw_buffer_socket.h" using testing::_; using testing::Return; diff --git a/test/per_file_coverage.sh b/test/per_file_coverage.sh index b0b6f6a11f3e..a29182fe7bf7 100755 --- a/test/per_file_coverage.sh +++ b/test/per_file_coverage.sh @@ -5,7 +5,7 @@ declare -a KNOWN_LOW_COVERAGE=( "source/common:96.3" # Raise when QUIC coverage goes up "source/common/api:75.3" -"source/common/api/posix:73.0" +"source/common/api/posix:73.9" "source/common/common:96.3" "source/common/common/posix:94.1" "source/common/crypto:0.0" @@ -15,10 +15,10 @@ declare -a KNOWN_LOW_COVERAGE=( "source/common/network:95.0" # Flaky, `activateFileEvents`, `startSecureTransport` and `ioctl` do not always report LCOV "source/common/protobuf:94.8" "source/common/signal:84.5" # Death tests don't report LCOV -"source/common/singleton:95.1" +"source/common/singleton:95.8" "source/common/thread:0.0" # Death tests don't report LCOV "source/common/matcher:93.3" -"source/common/quic:87.8" +"source/common/quic:90.6" "source/common/tracing:95.7" "source/common/watchdog:42.9" # Death tests don't report LCOV "source/exe:94.3" @@ -33,11 +33,11 @@ declare -a KNOWN_LOW_COVERAGE=( "source/extensions/filters/common/rbac:87.5" "source/extensions/filters/http/cache:92.4" "source/extensions/filters/http/cache/simple_http_cache:95.2" -"source/extensions/filters/http/grpc_json_transcoder:95.7" +"source/extensions/filters/http/grpc_json_transcoder:95.6" "source/extensions/filters/http/ip_tagging:91.2" "source/extensions/filters/http/kill_request:85.0" # Death tests don't report LCOV "source/extensions/filters/listener/tls_inspector:92.4" -"source/extensions/filters/network/common:96.1" +"source/extensions/filters/network/common:96.2" "source/extensions/filters/network/common/redis:96.3" "source/extensions/filters/network/dubbo_proxy:96.2" "source/extensions/filters/network/dubbo_proxy/router:95.3" @@ -47,6 +47,9 @@ declare -a KNOWN_LOW_COVERAGE=( "source/extensions/health_checkers:95.9" "source/extensions/health_checkers/redis:95.9" "source/extensions/quic_listeners:85.1" +"source/extensions/stat_sinks/common:96.5" +"source/extensions/stat_sinks/common/statsd:96.5" +"source/extensions/stat_sinks/graphite_statsd:85.2" "source/extensions/stat_sinks/statsd:85.2" "source/extensions/tracers:96.4" "source/extensions/tracers/opencensus:91.6" @@ -55,14 +58,15 @@ declare -a KNOWN_LOW_COVERAGE=( "source/extensions/transport_sockets/tls/cert_validator:96.5" "source/extensions/transport_sockets/tls/private_key:76.9" "source/extensions/transport_sockets/tls:95.1" -"source/extensions/wasm_runtime:50.0" +"source/extensions/wasm_runtime:40.0" +"source/extensions/wasm_runtime/wamr:0.0" # Not enabled in coverage build "source/extensions/wasm_runtime/wasmtime:0.0" # Not enabled in coverage build "source/extensions/wasm_runtime/wavm:0.0" # Not enabled in coverage build "source/extensions/watchdog:85.7" # Death tests within extensions "source/extensions/watchdog/profile_action:85.7" "source/server:94.4" # flaky: be careful adjusting. See https://github.com/envoyproxy/envoy/issues/15239 -"source/server/admin:95.7" -"source/server/config_validation:78.2" +"source/server/admin:95.8" +"source/server/config_validation:78.7" ) [[ -z "${SRCDIR}" ]] && SRCDIR="${PWD}" diff --git a/test/server/BUILD b/test/server/BUILD index 498bc7ecef0b..acfa8ec40fc7 100644 --- a/test/server/BUILD +++ b/test/server/BUILD @@ -125,7 +125,7 @@ envoy_cc_test( name = "filter_config_test", srcs = ["filter_config_test.cc"], deps = [ - "//include/envoy/server:filter_config_interface", + "//envoy/server:filter_config_interface", "//source/extensions/filters/http/common:pass_through_filter_lib", "//test/mocks/server:server_mocks", ], @@ -173,7 +173,7 @@ envoy_cc_test( size = "small", srcs = ["guarddog_impl_test.cc"], deps = [ - "//include/envoy/common:time_interface", + "//envoy/common:time_interface", "//source/common/api:api_lib", "//source/common/common:macros", "//source/common/common:utility_lib", @@ -193,11 +193,10 @@ envoy_cc_test( name = "options_impl_test", srcs = ["options_impl_test.cc"], deps = [ - "//include/envoy/config:typed_config_interface", - "//include/envoy/server:filter_config_interface", + "//envoy/config:typed_config_interface", + "//envoy/server:filter_config_interface", "//source/common/common:utility_lib", "//source/common/stats:stats_lib", - "//source/extensions/filters/http:well_known_names", "//source/extensions/filters/http/buffer:config", "//source/server:options_lib", "//test/mocks/api:api_mocks", @@ -217,7 +216,7 @@ envoy_cc_test( name = "overload_manager_impl_test", srcs = ["overload_manager_impl_test.cc"], deps = [ - "//include/envoy/registry", + "//envoy/registry", "//source/common/stats:isolated_store_lib", "//source/extensions/resource_monitors/common:factory_base_lib", "//source/server:overload_manager_lib", diff --git a/test/server/active_tcp_listener_test.cc b/test/server/active_tcp_listener_test.cc index cc1e2710f9f2..9d15d452475b 100644 --- a/test/server/active_tcp_listener_test.cc +++ b/test/server/active_tcp_listener_test.cc @@ -4,12 +4,11 @@ #include "envoy/network/listener.h" #include "envoy/stats/scope.h" -#include "common/network/address_impl.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/utility.h" - -#include "server/active_tcp_listener.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/utility.h" +#include "source/server/active_tcp_listener.h" #include "test/mocks/api/mocks.h" #include "test/mocks/common.h" diff --git a/test/server/admin/BUILD b/test/server/admin/BUILD index 1952d5f6007f..6f94719122f4 100644 --- a/test/server/admin/BUILD +++ b/test/server/admin/BUILD @@ -27,8 +27,8 @@ envoy_cc_test( srcs = ["admin_test.cc"], deps = [ ":admin_instance_lib", - "//include/envoy/json:json_object_interface", - "//include/envoy/runtime:runtime_interface", + "//envoy/json:json_object_interface", + "//envoy/runtime:runtime_interface", "//source/common/http:message_lib", "//source/common/json:json_loader_lib", "//source/common/protobuf", @@ -61,6 +61,7 @@ envoy_cc_test( ":admin_instance_lib", "//source/common/stats:thread_local_store_lib", "//source/server/admin:stats_handler_lib", + "//test/mocks/server:admin_stream_mocks", "//test/test_common:logging_lib", "//test/test_common:utility_lib", ], diff --git a/test/server/admin/admin_filter_test.cc b/test/server/admin/admin_filter_test.cc index ee51cdecc169..d7b3cc2ef3de 100644 --- a/test/server/admin/admin_filter_test.cc +++ b/test/server/admin/admin_filter_test.cc @@ -1,4 +1,4 @@ -#include "server/admin/admin_filter.h" +#include "source/server/admin/admin_filter.h" #include "test/mocks/server/instance.h" #include "test/test_common/environment.h" diff --git a/test/server/admin/admin_instance.cc b/test/server/admin/admin_instance.cc index e41695c4b0d4..d63b0887c746 100644 --- a/test/server/admin/admin_instance.cc +++ b/test/server/admin/admin_instance.cc @@ -1,8 +1,7 @@ #include "test/server/admin/admin_instance.h" -#include "common/access_log/access_log_impl.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" namespace Envoy { namespace Server { diff --git a/test/server/admin/admin_instance.h b/test/server/admin/admin_instance.h index 7092d973c00e..b087b926e218 100644 --- a/test/server/admin/admin_instance.h +++ b/test/server/admin/admin_instance.h @@ -1,6 +1,6 @@ #pragma once -#include "server/admin/admin.h" +#include "source/server/admin/admin.h" #include "test/mocks/http/mocks.h" #include "test/mocks/runtime/mocks.h" diff --git a/test/server/admin/admin_test.cc b/test/server/admin/admin_test.cc index aa915f954ee1..b0f8e4532248 100644 --- a/test/server/admin/admin_test.cc +++ b/test/server/admin/admin_test.cc @@ -8,14 +8,13 @@ #include "envoy/upstream/outlier_detection.h" #include "envoy/upstream/upstream.h" -#include "common/access_log/access_log_impl.h" -#include "common/http/message_impl.h" -#include "common/json/json_loader.h" -#include "common/protobuf/protobuf.h" -#include "common/protobuf/utility.h" -#include "common/upstream/upstream_impl.h" - -#include "extensions/access_loggers/common/file_access_log_impl.h" +#include "source/common/access_log/access_log_impl.h" +#include "source/common/http/message_impl.h" +#include "source/common/json/json_loader.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/upstream_impl.h" +#include "source/extensions/access_loggers/common/file_access_log_impl.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" @@ -27,11 +26,6 @@ #include "gtest/gtest.h" using testing::HasSubstr; -using testing::Invoke; -using testing::NiceMock; -using testing::Return; -using testing::ReturnPointee; -using testing::ReturnRef; namespace Envoy { namespace Server { diff --git a/test/server/admin/config_tracker_impl_test.cc b/test/server/admin/config_tracker_impl_test.cc index 9388c2e2ef11..a666d59a1fbd 100644 --- a/test/server/admin/config_tracker_impl_test.cc +++ b/test/server/admin/config_tracker_impl_test.cc @@ -1,4 +1,4 @@ -#include "server/admin/config_tracker_impl.h" +#include "source/server/admin/config_tracker_impl.h" #include "test/mocks/common.h" diff --git a/test/server/admin/logs_handler_test.cc b/test/server/admin/logs_handler_test.cc index 3103164bb24e..1325af425d56 100644 --- a/test/server/admin/logs_handler_test.cc +++ b/test/server/admin/logs_handler_test.cc @@ -1,5 +1,5 @@ -#include "common/common/fancy_logger.h" -#include "common/common/logger.h" +#include "source/common/common/fancy_logger.h" +#include "source/common/common/logger.h" #include "test/server/admin/admin_instance.h" diff --git a/test/server/admin/profiling_handler_test.cc b/test/server/admin/profiling_handler_test.cc index 353bc780e87b..709675e00a11 100644 --- a/test/server/admin/profiling_handler_test.cc +++ b/test/server/admin/profiling_handler_test.cc @@ -1,4 +1,4 @@ -#include "common/profiler/profiler.h" +#include "source/common/profiler/profiler.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" diff --git a/test/server/admin/prometheus_stats_test.cc b/test/server/admin/prometheus_stats_test.cc index bd7ebd530d98..7824218e28bb 100644 --- a/test/server/admin/prometheus_stats_test.cc +++ b/test/server/admin/prometheus_stats_test.cc @@ -1,6 +1,6 @@ #include -#include "server/admin/prometheus_stats.h" +#include "source/server/admin/prometheus_stats.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/utility.h" diff --git a/test/server/admin/server_info_handler_test.cc b/test/server/admin/server_info_handler_test.cc index 6bb890289025..9b7e0fa3643f 100644 --- a/test/server/admin/server_info_handler_test.cc +++ b/test/server/admin/server_info_handler_test.cc @@ -1,6 +1,6 @@ #include "envoy/admin/v3/memory.pb.h" -#include "extensions/transport_sockets/tls/context_config_impl.h" +#include "source/extensions/transport_sockets/tls/context_config_impl.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" diff --git a/test/server/admin/stats_handler_test.cc b/test/server/admin/stats_handler_test.cc index 1059d642edbd..f07c79b8fb46 100644 --- a/test/server/admin/stats_handler_test.cc +++ b/test/server/admin/stats_handler_test.cc @@ -1,9 +1,10 @@ #include -#include "common/stats/thread_local_store.h" - -#include "server/admin/stats_handler.h" +#include "source/common/stats/thread_local_store.h" +#include "source/server/admin/stats_handler.h" +#include "test/mocks/server/admin_stream.h" +#include "test/mocks/server/instance.h" #include "test/server/admin/admin_instance.h" #include "test/test_common/logging.h" #include "test/test_common/utility.h" @@ -33,6 +34,12 @@ class AdminStatsTest : public testing::TestWithParamshutdownThreading(); + tls_.shutdownThread(); + } + Stats::SymbolTableImpl symbol_table_; NiceMock main_thread_dispatcher_; NiceMock tls_; @@ -45,6 +52,188 @@ INSTANTIATE_TEST_SUITE_P(IpVersions, AdminStatsTest, testing::ValuesIn(TestEnvironment::getIpVersionsForTest()), TestUtility::ipTestParamsToString); +TEST_P(AdminStatsTest, HandlerStatsInvalidFormat) { + const std::string url = "/stats?format=blergh"; + Http::TestResponseHeaderMapImpl response_headers; + Buffer::OwnedImpl data; + MockAdminStream admin_stream; + Configuration::MockStatsConfig stats_config; + EXPECT_CALL(stats_config, flushOnAdmin()).WillRepeatedly(testing::Return(false)); + MockInstance instance; + EXPECT_CALL(instance, stats()).WillRepeatedly(testing::ReturnRef(*store_)); + EXPECT_CALL(instance, statsConfig()).WillRepeatedly(testing::ReturnRef(stats_config)); + StatsHandler handler(instance); + Http::Code code = handler.handlerStats(url, response_headers, data, admin_stream); + EXPECT_EQ(Http::Code::NotFound, code); + EXPECT_EQ("usage: /stats?format=json or /stats?format=prometheus \n\n", data.toString()); +} + +TEST_P(AdminStatsTest, HandlerStatsPlainText) { + const std::string url = "/stats"; + Http::TestResponseHeaderMapImpl response_headers; + Buffer::OwnedImpl data; + MockAdminStream admin_stream; + Configuration::MockStatsConfig stats_config; + EXPECT_CALL(stats_config, flushOnAdmin()).WillRepeatedly(testing::Return(false)); + MockInstance instance; + store_->initializeThreading(main_thread_dispatcher_, tls_); + EXPECT_CALL(instance, stats()).WillRepeatedly(testing::ReturnRef(*store_)); + EXPECT_CALL(instance, statsConfig()).WillRepeatedly(testing::ReturnRef(stats_config)); + StatsHandler handler(instance); + + Stats::Counter& c1 = store_->counterFromString("c1"); + Stats::Counter& c2 = store_->counterFromString("c2"); + + c1.add(10); + c2.add(20); + + Stats::TextReadout& t = store_->textReadoutFromString("t"); + t.set("hello world"); + + Stats::Histogram& h1 = store_->histogramFromString("h1", Stats::Histogram::Unit::Unspecified); + Stats::Histogram& h2 = store_->histogramFromString("h2", Stats::Histogram::Unit::Unspecified); + + EXPECT_CALL(sink_, onHistogramComplete(Ref(h1), 200)); + h1.recordValue(200); + + EXPECT_CALL(sink_, onHistogramComplete(Ref(h2), 100)); + h2.recordValue(100); + + store_->mergeHistograms([]() -> void {}); + + Http::Code code = handler.handlerStats(url, response_headers, data, admin_stream); + EXPECT_EQ(Http::Code::OK, code); + EXPECT_EQ("t: \"hello world\"\n" + "c1: 10\n" + "c2: 20\n" + "h1: P0(200.0,200.0) P25(202.5,202.5) P50(205.0,205.0) P75(207.5,207.5) " + "P90(209.0,209.0) P95(209.5,209.5) P99(209.9,209.9) P99.5(209.95,209.95) " + "P99.9(209.99,209.99) P100(210.0,210.0)\n" + "h2: P0(100.0,100.0) P25(102.5,102.5) P50(105.0,105.0) P75(107.5,107.5) " + "P90(109.0,109.0) P95(109.5,109.5) P99(109.9,109.9) P99.5(109.95,109.95) " + "P99.9(109.99,109.99) P100(110.0,110.0)\n", + data.toString()); + + shutdownThreading(); +} + +TEST_P(AdminStatsTest, HandlerStatsJson) { + const std::string url = "/stats?format=json"; + Http::TestResponseHeaderMapImpl response_headers; + Buffer::OwnedImpl data; + MockAdminStream admin_stream; + Configuration::MockStatsConfig stats_config; + EXPECT_CALL(stats_config, flushOnAdmin()).WillRepeatedly(testing::Return(false)); + MockInstance instance; + store_->initializeThreading(main_thread_dispatcher_, tls_); + EXPECT_CALL(instance, stats()).WillRepeatedly(testing::ReturnRef(*store_)); + EXPECT_CALL(instance, statsConfig()).WillRepeatedly(testing::ReturnRef(stats_config)); + StatsHandler handler(instance); + + Stats::Counter& c1 = store_->counterFromString("c1"); + Stats::Counter& c2 = store_->counterFromString("c2"); + + c1.add(10); + c2.add(20); + + Stats::TextReadout& t = store_->textReadoutFromString("t"); + t.set("hello world"); + + Stats::Histogram& h = store_->histogramFromString("h", Stats::Histogram::Unit::Unspecified); + + EXPECT_CALL(sink_, onHistogramComplete(Ref(h), 200)); + h.recordValue(200); + + store_->mergeHistograms([]() -> void {}); + + Http::Code code = handler.handlerStats(url, response_headers, data, admin_stream); + EXPECT_EQ(Http::Code::OK, code); + + const std::string expected_json_old = R"EOF({ + "stats": [ + { + "name":"t", + "value":"hello world" + }, + { + "name":"c1", + "value":10, + }, + { + "name":"c2", + "value":20 + }, + { + "histograms": { + "supported_quantiles": [ + 0.0, + 25.0, + 50.0, + 75.0, + 90.0, + 95.0, + 99.0, + 99.5, + 99.9, + 100.0 + ], + "computed_quantiles": [ + { + "name":"h", + "values": [ + { + "cumulative":200, + "interval":200 + }, + { + "cumulative":202.5, + "interval":202.5 + }, + { + "cumulative":205, + "interval":205 + }, + { + "cumulative":207.5, + "interval":207.5 + }, + { + "cumulative":209, + "interval":209 + }, + { + "cumulative":209.5, + "interval":209.5 + }, + { + "cumulative":209.9, + "interval":209.9 + }, + { + "cumulative":209.95, + "interval":209.95 + }, + { + "cumulative":209.99, + "interval":209.99 + }, + { + "cumulative":210, + "interval":210 + } + ] + }, + ] + } + } + ] +})EOF"; + + EXPECT_THAT(expected_json_old, JsonStringEq(data.toString())); + + shutdownThreading(); +} + TEST_P(AdminStatsTest, StatsAsJson) { InSequence s; store_->initializeThreading(main_thread_dispatcher_, tls_); @@ -189,7 +378,7 @@ TEST_P(AdminStatsTest, StatsAsJson) { })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); - store_->shutdownThreading(); + shutdownThreading(); } TEST_P(AdminStatsTest, UsedOnlyStatsAsJson) { @@ -289,7 +478,7 @@ TEST_P(AdminStatsTest, UsedOnlyStatsAsJson) { })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); - store_->shutdownThreading(); + shutdownThreading(); } TEST_P(AdminStatsTest, StatsAsJsonFilterString) { @@ -391,7 +580,7 @@ TEST_P(AdminStatsTest, StatsAsJsonFilterString) { })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); - store_->shutdownThreading(); + shutdownThreading(); } TEST_P(AdminStatsTest, UsedOnlyStatsAsJsonFilterString) { @@ -502,7 +691,7 @@ TEST_P(AdminStatsTest, UsedOnlyStatsAsJsonFilterString) { })EOF"; EXPECT_THAT(expected_json, JsonStringEq(actual_json)); - store_->shutdownThreading(); + shutdownThreading(); } INSTANTIATE_TEST_SUITE_P(IpVersions, AdminInstanceTest, diff --git a/test/server/api_listener_test.cc b/test/server/api_listener_test.cc index 477b36dc9069..4572e40a1ce6 100644 --- a/test/server/api_listener_test.cc +++ b/test/server/api_listener_test.cc @@ -2,8 +2,8 @@ #include "envoy/config/listener/v3/listener.pb.h" -#include "server/api_listener_impl.h" -#include "server/listener_manager_impl.h" +#include "source/server/api_listener_impl.h" +#include "source/server/listener_manager_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/instance.h" diff --git a/test/server/backtrace_test.cc b/test/server/backtrace_test.cc index a83ae4d9a409..8ba11f538717 100644 --- a/test/server/backtrace_test.cc +++ b/test/server/backtrace_test.cc @@ -1,4 +1,4 @@ -#include "server/backtrace.h" +#include "source/server/backtrace.h" #include "test/test_common/logging.h" diff --git a/test/server/config_validation/BUILD b/test/server/config_validation/BUILD index 0f33ffe205e3..2292906cddb9 100644 --- a/test/server/config_validation/BUILD +++ b/test/server/config_validation/BUILD @@ -10,8 +10,8 @@ envoy_cc_test( name = "cluster_manager_test", srcs = ["cluster_manager_test.cc"], deps = [ - "//include/envoy/upstream:resource_manager_interface", - "//include/envoy/upstream:upstream_interface", + "//envoy/upstream:resource_manager_interface", + "//envoy/upstream:upstream_interface", "//source/common/api:api_lib", "//source/common/singleton:manager_impl_lib", "//source/common/stats:stats_lib", diff --git a/test/server/config_validation/cluster_manager_test.cc b/test/server/config_validation/cluster_manager_test.cc index 7f00522f2518..4a5ec1f4fd0d 100644 --- a/test/server/config_validation/cluster_manager_test.cc +++ b/test/server/config_validation/cluster_manager_test.cc @@ -2,14 +2,12 @@ #include "envoy/upstream/resource_manager.h" #include "envoy/upstream/upstream.h" -#include "common/api/api_impl.h" -#include "common/grpc/context_impl.h" -#include "common/http/context_impl.h" -#include "common/singleton/manager_impl.h" - -#include "server/config_validation/cluster_manager.h" - -#include "extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/grpc/context_impl.h" +#include "source/common/http/context_impl.h" +#include "source/common/singleton/manager_impl.h" +#include "source/extensions/transport_sockets/tls/context_manager_impl.h" +#include "source/server/config_validation/cluster_manager.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/event/mocks.h" diff --git a/test/server/config_validation/config_fuzz_test.cc b/test/server/config_validation/config_fuzz_test.cc index a94dbb01aeb3..f2b197ba02eb 100644 --- a/test/server/config_validation/config_fuzz_test.cc +++ b/test/server/config_validation/config_fuzz_test.cc @@ -2,10 +2,9 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/common/thread.h" -#include "common/network/address_impl.h" - -#include "server/config_validation/server.h" +#include "source/common/common/thread.h" +#include "source/common/network/address_impl.h" +#include "source/server/config_validation/server.h" #include "test/fuzz/fuzz_runner.h" #include "test/integration/server.h" @@ -41,8 +40,9 @@ DEFINE_PROTO_FUZZER(const envoy::config::bootstrap::v3::Bootstrap& input) { options.log_level_ = Fuzz::Runner::logLevel(); try { - validateConfig(options, Network::Address::InstanceConstSharedPtr(), component_factory, - Thread::threadFactoryForTest(), Filesystem::fileSystemForTest()); + validateConfig(options, std::make_shared("127.0.0.1"), + component_factory, Thread::threadFactoryForTest(), + Filesystem::fileSystemForTest()); } catch (const EnvoyException& ex) { ENVOY_LOG_MISC(debug, "Controlled EnvoyException exit: {}", ex.what()); } diff --git a/test/server/config_validation/dispatcher_test.cc b/test/server/config_validation/dispatcher_test.cc index b8a60c1da7a1..608135be22ae 100644 --- a/test/server/config_validation/dispatcher_test.cc +++ b/test/server/config_validation/dispatcher_test.cc @@ -1,13 +1,12 @@ #include -#include "common/common/thread.h" -#include "common/event/dispatcher_impl.h" -#include "common/event/libevent.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" -#include "common/stats/isolated_store_impl.h" - -#include "server/config_validation/api.h" +#include "source/common/common/thread.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/common/event/libevent.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/server/config_validation/api.h" #include "test/mocks/common.h" #include "test/test_common/environment.h" @@ -62,10 +61,13 @@ TEST_P(ConfigValidation, CreateScaledTimer) { // DNS resolver returns the same shared_ptr. TEST_F(ConfigValidation, SharedDnsResolver) { std::vector resolvers; + auto dns_resolver_options = envoy::config::core::v3::DnsResolverOptions(); - Network::DnsResolverSharedPtr dns1 = dispatcher_->createDnsResolver(resolvers, false); + Network::DnsResolverSharedPtr dns1 = + dispatcher_->createDnsResolver(resolvers, dns_resolver_options); long use_count = dns1.use_count(); - Network::DnsResolverSharedPtr dns2 = dispatcher_->createDnsResolver(resolvers, false); + Network::DnsResolverSharedPtr dns2 = + dispatcher_->createDnsResolver(resolvers, dns_resolver_options); EXPECT_EQ(dns1.get(), dns2.get()); // Both point to the same instance. EXPECT_EQ(use_count + 1, dns2.use_count()); // Each call causes ++ in use_count. diff --git a/test/server/config_validation/server_test.cc b/test/server/config_validation/server_test.cc index 8ec76fe3a961..14611beda5a6 100644 --- a/test/server/config_validation/server_test.cc +++ b/test/server/config_validation/server_test.cc @@ -2,12 +2,13 @@ #include "envoy/server/filter_config.h" -#include "server/config_validation/server.h" +#include "source/server/config_validation/server.h" #include "test/integration/server.h" #include "test/mocks/server/options.h" #include "test/mocks/stats/mocks.h" #include "test/test_common/environment.h" +#include "test/test_common/network_utility.h" #include "test/test_common/registry.h" #include "test/test_common/test_time.h" @@ -170,6 +171,20 @@ TEST_P(RuntimeFeatureValidationServerTest, ValidRuntimeLoaderSingleton) { Thread::threadFactoryForTest(), Filesystem::fileSystemForTest())); } +// Test the admin handler stubs used in validation +TEST(ValidationTest, Admin) { + auto local_address = + Network::Test::getCanonicalLoopbackAddress(TestEnvironment::getIpVersionsForTest()[0]); + + ValidationAdmin admin(local_address); + std::string empty = ""; + Server::Admin::HandlerCb cb; + EXPECT_TRUE(admin.addHandler(empty, empty, cb, false, false)); + EXPECT_TRUE(admin.removeHandler(empty)); + EXPECT_EQ(1, admin.concurrency()); + admin.socket(); +} + INSTANTIATE_TEST_SUITE_P( AllConfigs, RuntimeFeatureValidationServerTest, ::testing::ValuesIn(RuntimeFeatureValidationServerTest::getAllConfigFiles())); diff --git a/test/server/config_validation/test_data/runtime_config.yaml b/test/server/config_validation/test_data/runtime_config.yaml index 02c9e01d3368..a044a519a57b 100644 --- a/test/server/config_validation/test_data/runtime_config.yaml +++ b/test/server/config_validation/test_data/runtime_config.yaml @@ -3,22 +3,22 @@ node: id: "test" layered_runtime: layers: - - name: static-layer - static_layer: - "test.runtime.loaded": true + - name: static-layer + static_layer: + "test.runtime.loaded": true static_resources: listeners: - - name: "test.listener" - address: - socket_address: - protocol: TCP - address: 0.0.0.0 - port_value: 0 - filter_chains: - - filters: - - name: envoy.filters.network.test - typed_config: - "@type": type.googleapis.com/google.protobuf.Struct + - name: "test.listener" + address: + socket_address: + protocol: TCP + address: 0.0.0.0 + port_value: 0 + filter_chains: + - filters: + - name: envoy.filters.network.test + typed_config: + "@type": type.googleapis.com/google.protobuf.Struct admin: address: socket_address: diff --git a/test/server/config_validation/xds_fuzz.cc b/test/server/config_validation/xds_fuzz.cc index d1543c238ad0..3b4d23f4b157 100644 --- a/test/server/config_validation/xds_fuzz.cc +++ b/test/server/config_validation/xds_fuzz.cc @@ -56,7 +56,7 @@ void XdsFuzzTest::updateRoute( XdsFuzzTest::XdsFuzzTest(const test::server::config_validation::XdsTestCase& input, envoy::config::core::v3::ApiVersion api_version) : HttpIntegrationTest( - Http::CodecClient::Type::HTTP2, TestEnvironment::getIpVersionsForTest()[0], + Http::CodecType::HTTP2, TestEnvironment::getIpVersionsForTest()[0], ConfigHelper::adsBootstrap(input.config().sotw_or_delta() == test::server::config_validation::Config::SOTW ? "GRPC" @@ -92,7 +92,7 @@ void XdsFuzzTest::initialize() { ads_cluster->MergeFrom(bootstrap.static_resources().clusters()[0]); ads_cluster->set_name("ads_cluster"); }); - setUpstreamProtocol(FakeHttpConnection::Type::HTTP2); + setUpstreamProtocol(Http::CodecType::HTTP2); HttpIntegrationTest::initialize(); if (xds_stream_ == nullptr) { createXdsConnection(); diff --git a/test/server/config_validation/xds_verifier.cc b/test/server/config_validation/xds_verifier.cc index 4107fd23eabe..954e2793b249 100644 --- a/test/server/config_validation/xds_verifier.cc +++ b/test/server/config_validation/xds_verifier.cc @@ -1,6 +1,6 @@ #include "test/server/config_validation/xds_verifier.h" -#include "common/common/logger.h" +#include "source/common/common/logger.h" namespace Envoy { diff --git a/test/server/config_validation/xds_verifier.h b/test/server/config_validation/xds_verifier.h index cfe896856373..69425f1cd403 100644 --- a/test/server/config_validation/xds_verifier.h +++ b/test/server/config_validation/xds_verifier.h @@ -8,7 +8,7 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.pb.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/server/config_validation/xds_fuzz.pb.h" diff --git a/test/server/configuration_impl_test.cc b/test/server/configuration_impl_test.cc index a277dbbaeb40..d4625db96388 100644 --- a/test/server/configuration_impl_test.cc +++ b/test/server/configuration_impl_test.cc @@ -7,15 +7,13 @@ #include "envoy/config/core/v3/base.pb.h" #include "envoy/config/metrics/v3/stats.pb.h" -#include "common/api/api_impl.h" -#include "common/config/well_known_names.h" -#include "common/json/json_loader.h" -#include "common/protobuf/utility.h" -#include "common/upstream/cluster_manager_impl.h" - -#include "server/configuration_impl.h" - -#include "extensions/stat_sinks/well_known_names.h" +#include "source/common/api/api_impl.h" +#include "source/common/config/well_known_names.h" +#include "source/common/json/json_loader.h" +#include "source/common/protobuf/utility.h" +#include "source/common/upstream/cluster_manager_impl.h" +#include "source/extensions/stat_sinks/well_known_names.h" +#include "source/server/configuration_impl.h" #include "test/common/upstream/utility.h" #include "test/mocks/common.h" @@ -32,7 +30,6 @@ using testing::NiceMock; using testing::Return; -using testing::ReturnRef; namespace Envoy { namespace Server { diff --git a/test/server/connection_handler_test.cc b/test/server/connection_handler_test.cc index c15f984a4e94..b97a3d140c61 100644 --- a/test/server/connection_handler_test.cc +++ b/test/server/connection_handler_test.cc @@ -4,18 +4,17 @@ #include "envoy/network/filter.h" #include "envoy/stats/scope.h" -#include "common/common/utility.h" -#include "common/config/utility.h" -#include "common/network/address_impl.h" -#include "common/network/connection_balancer_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/udp_listener_impl.h" -#include "common/network/udp_packet_writer_handler_impl.h" -#include "common/network/utility.h" - -#include "server/active_raw_udp_listener_config.h" -#include "server/connection_handler_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/utility.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/connection_balancer_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/udp_listener_impl.h" +#include "source/common/network/udp_packet_writer_handler_impl.h" +#include "source/common/network/utility.h" +#include "source/server/active_raw_udp_listener_config.h" +#include "source/server/connection_handler_impl.h" #include "test/mocks/access_log/mocks.h" #include "test/mocks/api/mocks.h" diff --git a/test/server/drain_manager_impl_test.cc b/test/server/drain_manager_impl_test.cc index f5a5687af366..eadddc978abe 100644 --- a/test/server/drain_manager_impl_test.cc +++ b/test/server/drain_manager_impl_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/listener/v3/listener.pb.h" -#include "server/drain_manager_impl.h" +#include "source/server/drain_manager_impl.h" #include "test/mocks/server/instance.h" diff --git a/test/server/filter_chain_benchmark_test.cc b/test/server/filter_chain_benchmark_test.cc index 07f12b7812a8..f14ab189beb7 100644 --- a/test/server/filter_chain_benchmark_test.cc +++ b/test/server/filter_chain_benchmark_test.cc @@ -7,9 +7,8 @@ #include "envoy/network/listen_socket.h" #include "envoy/protobuf/message_validator.h" -#include "common/network/socket_impl.h" - -#include "server/filter_chain_manager_impl.h" +#include "source/common/network/socket_impl.h" +#include "source/server/filter_chain_manager_impl.h" #include "test/benchmark/main.h" #include "test/mocks/network/mocks.h" diff --git a/test/server/filter_chain_manager_impl_test.cc b/test/server/filter_chain_manager_impl_test.cc index c66d80e86819..a329d6e86214 100644 --- a/test/server/filter_chain_manager_impl_test.cc +++ b/test/server/filter_chain_manager_impl_test.cc @@ -9,20 +9,18 @@ #include "envoy/registry/registry.h" #include "envoy/server/filter_config.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/config/metadata.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" - -#include "server/configuration_impl.h" -#include "server/filter_chain_manager_impl.h" -#include "server/listener_manager_impl.h" - -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" +#include "source/server/configuration_impl.h" +#include "source/server/filter_chain_manager_impl.h" +#include "source/server/listener_manager_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/drain_manager.h" diff --git a/test/server/filter_config_test.cc b/test/server/filter_config_test.cc index 15e89c590020..71c1318be8f9 100644 --- a/test/server/filter_config_test.cc +++ b/test/server/filter_config_test.cc @@ -1,6 +1,6 @@ #include "envoy/server/filter_config.h" -#include "extensions/filters/http/common/pass_through_filter.h" +#include "source/extensions/filters/http/common/pass_through_filter.h" #include "test/mocks/server/factory_context.h" diff --git a/test/server/guarddog_impl_test.cc b/test/server/guarddog_impl_test.cc index d5ff1f4698b4..53b2dcc962e6 100644 --- a/test/server/guarddog_impl_test.cc +++ b/test/server/guarddog_impl_test.cc @@ -10,12 +10,11 @@ #include "envoy/server/watchdog.h" #include "envoy/thread/thread.h" -#include "common/api/api_impl.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/protobuf/utility.h" - -#include "server/guarddog_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/protobuf/utility.h" +#include "source/server/guarddog_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/server/hot_restart_impl_test.cc b/test/server/hot_restart_impl_test.cc index 3c61523ebfdf..a1e29d04b513 100644 --- a/test/server/hot_restart_impl_test.cc +++ b/test/server/hot_restart_impl_test.cc @@ -1,10 +1,9 @@ #include -#include "common/api/os_sys_calls_impl.h" -#include "common/api/os_sys_calls_impl_hot_restart.h" -#include "common/common/hex.h" - -#include "server/hot_restart_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl_hot_restart.h" +#include "source/common/common/hex.h" +#include "source/server/hot_restart_impl.h" #include "test/mocks/api/hot_restart.h" #include "test/mocks/api/mocks.h" diff --git a/test/server/hot_restarting_base_test.cc b/test/server/hot_restarting_base_test.cc index e9f326edf6e5..4bb851d2dfc6 100644 --- a/test/server/hot_restarting_base_test.cc +++ b/test/server/hot_restarting_base_test.cc @@ -1,4 +1,4 @@ -#include "server/hot_restarting_base.h" +#include "source/server/hot_restarting_base.h" #include "test/mocks/api/mocks.h" #include "test/mocks/network/mocks.h" diff --git a/test/server/hot_restarting_parent_test.cc b/test/server/hot_restarting_parent_test.cc index 32485e964092..a403002c4478 100644 --- a/test/server/hot_restarting_parent_test.cc +++ b/test/server/hot_restarting_parent_test.cc @@ -1,7 +1,7 @@ #include -#include "server/hot_restarting_child.h" -#include "server/hot_restarting_parent.h" +#include "source/server/hot_restarting_child.h" +#include "source/server/hot_restarting_parent.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/instance.h" diff --git a/test/server/lds_api_test.cc b/test/server/lds_api_test.cc index 1bc639f3e042..95045d81f214 100644 --- a/test/server/lds_api_test.cc +++ b/test/server/lds_api_test.cc @@ -4,9 +4,8 @@ #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/service/discovery/v3/discovery.pb.h" -#include "common/protobuf/utility.h" - -#include "server/lds_api.h" +#include "source/common/protobuf/utility.h" +#include "source/server/lds_api.h" #include "test/mocks/config/mocks.h" #include "test/mocks/init/mocks.h" diff --git a/test/server/listener_manager_impl_quic_only_test.cc b/test/server/listener_manager_impl_quic_only_test.cc index 52e1fee586ef..60b923887514 100644 --- a/test/server/listener_manager_impl_quic_only_test.cc +++ b/test/server/listener_manager_impl_quic_only_test.cc @@ -2,7 +2,7 @@ #include "envoy/config/listener/v3/listener.pb.h" #if defined(ENVOY_ENABLE_QUIC) -#include "common/quic/quic_transport_socket_factory.h" +#include "source/common/quic/quic_transport_socket_factory.h" #endif #include "test/server/listener_manager_impl_test.h" diff --git a/test/server/listener_manager_impl_test.cc b/test/server/listener_manager_impl_test.cc index 246579d4f129..e8fc4bb10616 100644 --- a/test/server/listener_manager_impl_test.cc +++ b/test/server/listener_manager_impl_test.cc @@ -15,16 +15,15 @@ #include "envoy/server/listener_manager.h" #include "envoy/stream_info/filter_state.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/config/metadata.h" -#include "common/init/manager_impl.h" -#include "common/network/address_impl.h" -#include "common/network/io_socket_handle_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/protobuf.h" - -#include "extensions/filters/listener/original_dst/original_dst.h" -#include "extensions/transport_sockets/tls/ssl_socket.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/config/metadata.h" +#include "source/common/init/manager_impl.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/io_socket_handle_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/protobuf.h" +#include "source/extensions/filters/listener/original_dst/original_dst.h" +#include "source/extensions/transport_sockets/tls/ssl_socket.h" #include "test/mocks/init/mocks.h" #include "test/server/utility.h" @@ -335,7 +334,7 @@ TEST_F(ListenerManagerImplWithRealFiltersTest, TransportSocketConnectTimeout) { } TEST_F(ListenerManagerImplWithRealFiltersTest, UdpAddress) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); EXPECT_FALSE(manager_->isWorkerStarted()); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Validate that there are no active listeners and workers are started. @@ -717,7 +716,7 @@ version_info: version2 )EOF"); EXPECT_CALL(*worker_, addListener(_, _, _)); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); worker_->callAddCompletion(true); @@ -1041,7 +1040,7 @@ version_info: version1 static_listeners: )EOF"); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Now add new version listener foo after workers start, note it's fine that server_init_mgr is @@ -1118,7 +1117,7 @@ filter_chains: {} })) .RetiresOnSaturation(); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); EXPECT_EQ(0, server_.stats_store_.counter("listener_manager.listener_create_success").value()); @@ -1260,7 +1259,7 @@ version_info: version2 // Start workers. EXPECT_CALL(*worker_, addListener(_, _, _)); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Validate that workers_started stat is still zero before workers set the status via // completion callback. @@ -1465,7 +1464,7 @@ name: baz TEST_F(ListenerManagerImplTest, UpdateActiveToWarmAndBack) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add and initialize foo listener. @@ -1526,7 +1525,7 @@ per_connection_buffer_limit_bytes: 999 TEST_F(ListenerManagerImplTest, AddReusableDrainingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener directly into active. @@ -1586,7 +1585,7 @@ name: foo TEST_F(ListenerManagerImplTest, AddClosedDrainingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener directly into active. @@ -1639,7 +1638,7 @@ name: foo TEST_F(ListenerManagerImplTest, BindToPortEqualToFalse) { InSequence s; ProdListenerComponentFactory real_listener_factory(server_); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); const std::string listener_foo_yaml = R"EOF( name: foo @@ -1676,7 +1675,7 @@ bind_to_port: false TEST_F(ListenerManagerImplTest, DEPRECATED_FEATURE_TEST(DeprecatedBindToPortEqualToFalse)) { InSequence s; ProdListenerComponentFactory real_listener_factory(server_); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); const std::string listener_foo_yaml = R"EOF( name: foo @@ -1714,7 +1713,7 @@ name: foo TEST_F(ListenerManagerImplTest, ReusePortEqualToTrue) { InSequence s; ProdListenerComponentFactory real_listener_factory(server_); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); const std::string listener_foo_yaml = R"EOF( name: foo @@ -1769,7 +1768,7 @@ TEST_F(ListenerManagerImplTest, CantBindSocket) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); const std::string listener_foo_yaml = R"EOF( @@ -1822,7 +1821,7 @@ TEST_F(ListenerManagerImplTest, ConfigDumpWithExternalError) { time_system_.setSystemTime(std::chrono::milliseconds(1001001001001)); InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Make sure the config dump is empty by default. @@ -1858,7 +1857,7 @@ TEST_F(ListenerManagerImplTest, ConfigDumpWithExternalError) { TEST_F(ListenerManagerImplTest, ListenerDraining) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); const std::string listener_foo_yaml = R"EOF( @@ -1908,7 +1907,7 @@ name: foo TEST_F(ListenerManagerImplTest, RemoveListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Remove an unknown listener. @@ -1990,7 +1989,7 @@ per_connection_buffer_limit_bytes: 999 TEST_F(ListenerManagerImplTest, StopListeners) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener in inbound direction. @@ -2095,7 +2094,7 @@ traffic_direction: INBOUND TEST_F(ListenerManagerImplTest, StopAllListeners) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -2143,7 +2142,7 @@ name: bar TEST_F(ListenerManagerImplTest, StopWarmingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -2200,7 +2199,7 @@ per_connection_buffer_limit_bytes: 999 TEST_F(ListenerManagerImplTest, AddListenerFailure) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into active. @@ -2237,7 +2236,7 @@ name: foo TEST_F(ListenerManagerImplTest, StaticListenerAddFailure) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into active. @@ -2308,7 +2307,7 @@ stat_prefix: test_prefix TEST_F(ListenerManagerImplTest, DuplicateAddressDontBind) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -2365,7 +2364,7 @@ bind_to_port: false TEST_F(ListenerManagerImplTest, EarlyShutdown) { // If stopWorkers is called before the workers are started, it should be a no-op: they should be // neither started nor stopped. - EXPECT_CALL(*worker_, start(_)).Times(0); + EXPECT_CALL(*worker_, start(_, _)).Times(0); EXPECT_CALL(*worker_, stop()).Times(0); manager_->stopWorkers(); } @@ -4598,7 +4597,7 @@ TEST_F(ListenerManagerImplWithRealFiltersTest, VerifyIgnoreExpirationWithCA) { // Validate that dispatcher stats prefix is set correctly when enabled. TEST_F(ListenerManagerImplWithDispatcherStatsTest, DispatherStatsWithCorrectPrefix) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); EXPECT_CALL(*worker_, initializeStats(_)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); } @@ -4728,7 +4727,7 @@ name: test_api_listener_2 TEST_F(ListenerManagerImplTest, StopInplaceWarmingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -4790,7 +4789,7 @@ traffic_direction: INBOUND TEST_F(ListenerManagerImplTest, RemoveInplaceUpdatingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -4859,7 +4858,7 @@ traffic_direction: INBOUND TEST_F(ListenerManagerImplTest, UpdateInplaceWarmingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -4922,7 +4921,7 @@ traffic_direction: INBOUND TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, RemoveTheInplaceUpdatingListener) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -5004,7 +5003,7 @@ traffic_direction: INBOUND TEST_F(ListenerManagerImplTest, DrainageDuringInplaceUpdate) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); // Add foo listener into warming. @@ -5154,7 +5153,7 @@ TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfWo } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfAnyListenerIsNotTcp) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); auto listener_proto = createDefaultListener(); @@ -5180,7 +5179,7 @@ TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfImplicitTlsInspectorChanges) { auto tls_inspector_injection_enabled_guard = enableTlsInspectorInjectionForThisTest(); - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); auto listener_proto = createDefaultListener(); @@ -5206,7 +5205,7 @@ TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, DEPRECATED_FEATURE_TEST(TraditionalUpdateIfImplicitProxyProtocolChanges)) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); auto listener_proto = createDefaultListener(); @@ -5226,7 +5225,7 @@ TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, } TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateOnZeroFilterChain) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); auto listener_proto = createDefaultListener(); @@ -5250,7 +5249,7 @@ TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateOnZe TEST_F(ListenerManagerImplForInPlaceFilterChainUpdateTest, TraditionalUpdateIfListenerConfigHasUpdateOtherThanFilterChain) { - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); auto listener_proto = createDefaultListener(); @@ -5317,7 +5316,7 @@ TEST_F(ListenerManagerImplTest, TcpBacklogCustomConfig) { TEST_F(ListenerManagerImplTest, WorkersStartedCallbackCalled) { InSequence s; - EXPECT_CALL(*worker_, start(_)); + EXPECT_CALL(*worker_, start(_, _)); EXPECT_CALL(callback_, Call()); manager_->startWorkers(guard_dog_, callback_.AsStdFunction()); } diff --git a/test/server/listener_manager_impl_test.h b/test/server/listener_manager_impl_test.h index 5dff439d8a6d..26b19f70e672 100644 --- a/test/server/listener_manager_impl_test.h +++ b/test/server/listener_manager_impl_test.h @@ -7,11 +7,10 @@ #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener_components.pb.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_impl.h" - -#include "server/configuration_impl.h" -#include "server/listener_manager_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_impl.h" +#include "source/server/configuration_impl.h" +#include "source/server/listener_manager_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/drain_manager.h" diff --git a/test/server/options_impl_test.cc b/test/server/options_impl_test.cc index 9ed6289c323e..b0c744cfde56 100644 --- a/test/server/options_impl_test.cc +++ b/test/server/options_impl_test.cc @@ -13,16 +13,13 @@ #include "envoy/extensions/filters/http/buffer/v3/buffer.pb.h" #include "envoy/server/filter_config.h" -#include "common/common/utility.h" - -#include "server/options_impl.h" - -#include "extensions/filters/http/buffer/buffer_filter.h" -#include "extensions/filters/http/well_known_names.h" +#include "source/common/common/utility.h" +#include "source/extensions/filters/http/buffer/buffer_filter.h" +#include "source/server/options_impl.h" #if defined(__linux__) #include -#include "server/options_impl_platform_linux.h" +#include "source/server/options_impl_platform_linux.h" #endif #include "test/mocks/api/mocks.h" #include "test/test_common/environment.h" @@ -180,7 +177,7 @@ TEST_F(OptionsImplTest, SetAll) { options->setHotRestartDisabled(!options->hotRestartDisabled()); options->setSignalHandling(!options->signalHandlingEnabled()); options->setCpusetThreads(!options->cpusetThreadsEnabled()); - options->setAllowUnkownFields(true); + options->setAllowUnknownFields(true); options->setRejectUnknownFieldsDynamic(true); options->setSocketPath("/foo/envoy_domain_socket"); options->setSocketMode(0644); @@ -643,13 +640,13 @@ TEST(FactoryByTypeTest, EarlierVersionConfigType) { auto factory = Registry::FactoryRegistry:: getFactoryByType(v2_config.GetDescriptor()->full_name()); EXPECT_NE(factory, nullptr); - EXPECT_EQ(factory->name(), Extensions::HttpFilters::HttpFilterNames::get().Buffer); + EXPECT_EQ(factory->name(), "envoy.filters.http.buffer"); envoy::extensions::filters::http::buffer::v3::Buffer v3_config; factory = Registry::FactoryRegistry:: getFactoryByType(v3_config.GetDescriptor()->full_name()); EXPECT_NE(factory, nullptr); - EXPECT_EQ(factory->name(), Extensions::HttpFilters::HttpFilterNames::get().Buffer); + EXPECT_EQ(factory->name(), "envoy.filters.http.buffer"); ProtobufWkt::Any non_api_type; factory = Registry::FactoryRegistry:: diff --git a/test/server/overload_manager_impl_test.cc b/test/server/overload_manager_impl_test.cc index 394b6dc96b7d..7bad384afdd9 100644 --- a/test/server/overload_manager_impl_test.cc +++ b/test/server/overload_manager_impl_test.cc @@ -8,11 +8,9 @@ #include "envoy/server/resource_monitor.h" #include "envoy/server/resource_monitor_config.h" -#include "common/stats/isolated_store_impl.h" - -#include "server/overload_manager_impl.h" - -#include "extensions/resource_monitors/common/factory_base.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/extensions/resource_monitors/common/factory_base.h" +#include "source/server/overload_manager_impl.h" #include "test/common/stats/stat_test_utility.h" #include "test/mocks/event/mocks.h" diff --git a/test/server/server_corpus/big_maglev_table b/test/server/server_corpus/big_maglev_table new file mode 100644 index 000000000000..8d8667c06b38 --- /dev/null +++ b/test/server/server_corpus/big_maglev_table @@ -0,0 +1,106 @@ +static_resources { + clusters { + name: "ser" + type: STATIC + connect_timeout { + nanos: 813 + } + lb_policy: MAGLEV + circuit_breakers { + } + http_protocol_options { + default_host_for_http_10: "\005" + } + dns_lookup_family: V6_ONLY + metadata { + filter_metadata { + key: "\177" + value { + } + } + } + alt_stat_name: "search" + load_assignment { + cluster_name: "." + endpoints { + locality { + sub_zone: "\002\000\000\000\000\000\000\000" + } + priority: 50 + } + endpoints { + lb_endpoints { + endpoint { + address { + envoy_internal_address { + } + } + } + health_status: DRAINING + } + } + endpoints { + lb_endpoints { + endpoint { + address { + envoy_internal_address { + } + } + } + health_status: DRAINING + } + lb_endpoints { + endpoint { + address { + pipe { + path: ")" + } + } + } + health_status: DRAINING + } + load_balancing_weight { + value: 262144 + } + priority: 16 + } + endpoints { + } + endpoints { + locality { + sub_zone: "\002\000\000\000\000\000\000\000" + } + priority: 16 + } + } + upstream_http_protocol_options { + auto_sni: true + auto_san_validation: true + } + maglev_lb_config { + table_size { + value: 18374967954648334337 + } + } + } +} +watchdog { + megamiss_timeout { + nanos: 95 + } + multikill_timeout { + nanos: 620756992 + } + max_kill_timeout_jitter { + nanos: 262239 + } +} +stats_config { +} +hds_config { + refresh_delay { + seconds: -648518346341351424 + } +} +stats_server_version_override { +} diff --git a/test/server/server_corpus/start_async_client_when_validate_config b/test/server/server_corpus/start_async_client_when_validate_config new file mode 100644 index 000000000000..68870032ba71 --- /dev/null +++ b/test/server/server_corpus/start_async_client_when_validate_config @@ -0,0 +1,220 @@ +static_resources { + clusters { + name: "z" + type: STRICT_DNS + connect_timeout { + seconds: 1000000 + } + lb_policy: MAGLEV + dns_lookup_family: V4_ONLY + metadata { + filter_metadata { + key: "V" + value { + } + } + } + ignore_health_on_host_removal: true + } + clusters { + name: "+" + connect_timeout { + nanos: 55040 + } + lb_policy: RING_HASH + dns_lookup_family: V4_ONLY + metadata { + } + load_balancing_policy { + } + } + clusters { + name: "V" + connect_timeout { + seconds: 256 + } + lb_policy: RING_HASH + http2_protocol_options { + allow_metadata: true + } + dns_lookup_family: V4_ONLY + outlier_detection { + } + common_http_protocol_options { + max_connection_duration { + nanos: 55040 + } + } + upstream_connection_options { + tcp_keepalive { + keepalive_probes { + value: 589951 + } + } + } + close_connections_on_host_health_failure: true + ignore_health_on_host_removal: true + use_tcp_for_dns_lookups: true + } + clusters { + name: "0" + connect_timeout { + seconds: 2304 + } + lb_policy: RING_HASH + http2_protocol_options { + initial_connection_window_size { + value: 67110913 + } + max_inbound_window_update_frames_per_data_frame_sent { + value: 589951 + } + } + cleanup_interval { + seconds: 2304 + } + alt_stat_name: "\r\002\000\000" + upstream_connection_options { + tcp_keepalive { + keepalive_interval { + value: 268435456 + } + } + } + maglev_lb_config { + } + } + clusters { + name: "a" + type: STRICT_DNS + connect_timeout { + seconds: 1000000 + nanos: 96 + } + lb_policy: RING_HASH + dns_lookup_family: V6_ONLY + metadata { + filter_metadata { + key: "V" + value { + } + } + } + upstream_connection_options { + } + least_request_lb_config { + } + connection_pool_per_downstream_connection: true + } + clusters { + name: ";" + connect_timeout { + seconds: 256 + } + lb_policy: RING_HASH + metadata { + } + alt_stat_name: "+" + upstream_connection_options { + tcp_keepalive { + } + } + respect_dns_ttl: true + } + clusters { + name: "\000\000\000\017~" + connect_timeout { + seconds: 2324 + } + lb_policy: RING_HASH + circuit_breakers { + } + http2_protocol_options { + initial_connection_window_size { + value: 67110913 + } + max_inbound_window_update_frames_per_data_frame_sent { + value: 589951 + } + } + dns_lookup_family: V6_ONLY + lb_subset_config { + } + metadata { + } + upstream_connection_options { + tcp_keepalive { + keepalive_time { + value: 2 + } + } + } + track_timeout_budgets: true + track_cluster_stats { + timeout_budgets: true + } + } +} +dynamic_resources { + ads_config { + api_type: DELTA_GRPC + grpc_services { + envoy_grpc { + cluster_name: "+" + } + } + set_node_on_first_message_only: true + transport_api_version: V3 + } +} +flags_path: "+" +stats_sinks { +} +stats_sinks { + name: "h" +} +stats_sinks { +} +stats_sinks { +} +stats_sinks { + name: "\026" + typed_config { + type_url: "type.googleapis.com/envoy.api.v2.route.Route" + value: "\022\000B\023\n\000\022\017\n\r\n\000\022\t*\007\n\005\n\001\026\022\000R\000R\000R\000R\000R\000R\000b\000b\000" + } +} +stats_sinks { +} +stats_sinks { +} +stats_sinks { +} +stats_sinks { + name: "?\026" +} +stats_sinks { +} +stats_sinks { +} +stats_sinks { + name: "\r\002\000\000" +} +stats_sinks { +} +stats_sinks { + name: "\026" +} +stats_sinks { + name: "\r\002\000\000" +} +stats_sinks { +} +stats_sinks { + name: "\026" +} +config_sources { + path: "+" + resource_api_version: V3 +} + diff --git a/test/server/server_fuzz_test.cc b/test/server/server_fuzz_test.cc index 30c399bc008a..7795619951f2 100644 --- a/test/server/server_fuzz_test.cc +++ b/test/server/server_fuzz_test.cc @@ -3,12 +3,11 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" #include "envoy/config/core/v3/address.pb.h" -#include "common/common/random_generator.h" -#include "common/network/address_impl.h" -#include "common/thread_local/thread_local_impl.h" - -#include "server/listener_hooks.h" -#include "server/server.h" +#include "source/common/common/random_generator.h" +#include "source/common/network/address_impl.h" +#include "source/common/thread_local/thread_local_impl.h" +#include "source/server/listener_hooks.h" +#include "source/server/server.h" #include "test/common/runtime/utility.h" #include "test/fuzz/fuzz_runner.h" @@ -64,10 +63,6 @@ makeHermeticPathsAndPorts(Fuzz::PerTestEnvironment& test_env, health_check.mutable_http_health_check()->clear_codec_client_type(); } } - // We may have both deprecated hosts() or load_assignment(). - for (auto& host : *cluster.mutable_hidden_envoy_deprecated_hosts()) { - makePortHermetic(test_env, host); - } for (int j = 0; j < cluster.load_assignment().endpoints_size(); ++j) { auto* locality_lb = cluster.mutable_load_assignment()->mutable_endpoints(j); for (int k = 0; k < locality_lb->lb_endpoints_size(); ++k) { @@ -93,8 +88,13 @@ bool validateLbSubsetConfig(const envoy::config::bootstrap::v3::Bootstrap& input subset_selectors++; if (subset_selector.single_host_per_subset()) { use_single_host_per_subset = true; + const auto& keys = subset_selector.keys(); // Only expect 1 key inside subset selector when use_single_host_per_subset is set to true. - if (subset_selector.keys().size() != 1) { + if (keys.size() != 1) { + return false; + } + // Expect key to be non-empty when use_single_host_per_subset is set to true. + if (keys[0].empty()) { return false; } } diff --git a/test/server/server_test.cc b/test/server/server_test.cc index c7d8ef0692e6..45851e2abd96 100644 --- a/test/server/server_test.cc +++ b/test/server/server_test.cc @@ -6,16 +6,15 @@ #include "envoy/server/bootstrap_extension_config.h" #include "envoy/server/fatal_action_config.h" -#include "common/common/assert.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/socket_option_impl.h" -#include "common/protobuf/protobuf.h" -#include "common/thread_local/thread_local_impl.h" -#include "common/version/version.h" - -#include "server/process_context_impl.h" -#include "server/server.h" +#include "source/common/common/assert.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/socket_option_impl.h" +#include "source/common/protobuf/protobuf.h" +#include "source/common/thread_local/thread_local_impl.h" +#include "source/common/version/version.h" +#include "source/server/process_context_impl.h" +#include "source/server/server.h" #include "test/common/config/dummy_config.pb.h" #include "test/common/stats/stat_test_utility.h" @@ -36,6 +35,7 @@ #include "absl/synchronization/notification.h" #include "gtest/gtest.h" +#include "openssl/crypto.h" using testing::_; using testing::Assign; @@ -379,6 +379,13 @@ TEST_P(ServerInstanceImplTest, ValidateFIPSModeStat) { server_thread->join(); } +// Validate the the Envoy FIPS compilation flags are consistent with the FIPS +// mode of the underlying BoringSSL build. +TEST_P(ServerInstanceImplTest, ValidateFIPSModeConsistency) { + bool isFIPS = (FIPS_mode() != 0); + EXPECT_EQ(isFIPS, VersionInfo::sslFipsCompliant()); +} + TEST_P(ServerInstanceImplTest, EmptyShutdownLifecycleNotifications) { auto server_thread = startTestServer("test/server/test_data/server/node_bootstrap.yaml", false); server_->dispatcher().post([&] { server_->shutdown(); }); @@ -866,6 +873,23 @@ TEST_P(ServerInstanceImplTest, ZoneStatNameFromOption) { stats_store_.symbolTable().toString(server_->localInfo().zoneStatName())); } +// Validate user agent information from bootstrap Node. +TEST_P(ServerInstanceImplTest, UserAgentOverrideFromNode) { + initialize("test/server/test_data/server/node_bootstrap_agent_override.yaml"); + EXPECT_EQ("test-ci-user-agent", server_->localInfo().node().user_agent_name()); + EXPECT_TRUE(server_->localInfo().node().has_user_agent_build_version()); + EXPECT_EQ(9, server_->localInfo().node().user_agent_build_version().version().major_number()); + EXPECT_EQ(8, server_->localInfo().node().user_agent_build_version().version().minor_number()); + EXPECT_EQ(7, server_->localInfo().node().user_agent_build_version().version().patch()); +} + +// Validate deprecated user agent version field from bootstrap Node. +TEST_P(ServerInstanceImplTest, DEPRECATED_FEATURE_TEST(UserAgentBuildDeprecatedOverrideFromNode)) { + initialize("test/server/test_data/server/node_bootstrap_agent_deprecated_override.yaml"); + EXPECT_EQ("test-ci-user-agent", server_->localInfo().node().user_agent_name()); + EXPECT_EQ("test", server_->localInfo().node().hidden_envoy_deprecated_build_version()); +} + // Validate that bootstrap with v2 dynamic transport is rejected when --bootstrap-version is not // set. TEST_P(ServerInstanceImplTest, diff --git a/test/server/ssl_context_manager_test.cc b/test/server/ssl_context_manager_test.cc index 19257fdb9d07..70bc7d6c1a5c 100644 --- a/test/server/ssl_context_manager_test.cc +++ b/test/server/ssl_context_manager_test.cc @@ -1,4 +1,4 @@ -#include "server/ssl_context_manager.h" +#include "source/server/ssl_context_manager.h" #include "test/mocks/ssl/mocks.h" #include "test/mocks/stats/mocks.h" diff --git a/test/server/test_data/server/bad_sds_config_source.yaml b/test/server/test_data/server/bad_sds_config_source.yaml index f4face09489f..3601192def76 100644 --- a/test/server/test_data/server/bad_sds_config_source.yaml +++ b/test/server/test_data/server/bad_sds_config_source.yaml @@ -4,7 +4,6 @@ node: static_resources: clusters: - name: xds-grpc - connect_timeout: 0.25s type: STRICT_DNS connect_timeout: 1s load_assignment: diff --git a/test/server/test_data/server/bootstrap_extensions.yaml b/test/server/test_data/server/bootstrap_extensions.yaml index 8a85583403c9..bf8c62914af4 100644 --- a/test/server/test_data/server/bootstrap_extensions.yaml +++ b/test/server/test_data/server/bootstrap_extensions.yaml @@ -1,5 +1,5 @@ bootstrap_extensions: - - name: envoy_test.bootstrap.foo - typed_config: - "@type": type.googleapis.com/test.common.config.DummyConfig - a: foo +- name: envoy_test.bootstrap.foo + typed_config: + "@type": type.googleapis.com/test.common.config.DummyConfig + a: foo diff --git a/test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml b/test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml index 47a21977a549..03fe2ae33da4 100644 --- a/test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml +++ b/test/server/test_data/server/callbacks_stats_sink_bootstrap.yaml @@ -9,10 +9,10 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 stats_sinks: - name: envoy.callbacks_stats_sink diff --git a/test/server/test_data/server/cluster_dupe_bootstrap.yaml b/test/server/test_data/server/cluster_dupe_bootstrap.yaml index c363111b2190..1780bde2d7bd 100644 --- a/test/server/test_data/server/cluster_dupe_bootstrap.yaml +++ b/test/server/test_data/server/cluster_dupe_bootstrap.yaml @@ -3,10 +3,10 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 static_resources: clusters: diff --git a/test/server/test_data/server/cluster_health_check_bootstrap.yaml b/test/server/test_data/server/cluster_health_check_bootstrap.yaml index 9e2e197f3c5e..45a940eddd27 100644 --- a/test/server/test_data/server/cluster_health_check_bootstrap.yaml +++ b/test/server/test_data/server/cluster_health_check_bootstrap.yaml @@ -3,19 +3,19 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 static_resources: clusters: - name: service_google connect_timeout: 0.25s health_checks: - - timeout: {{ health_check_timeout }}s - interval: {{ health_check_interval }}s - unhealthy_threshold: 1 - healthy_threshold: 1 - http_health_check: - path: "/" + - timeout: "{{ health_check_timeout }}s" + interval: "{{ health_check_interval }}s" + unhealthy_threshold: 1 + healthy_threshold: 1 + http_health_check: + path: "/" diff --git a/test/server/test_data/server/fatal_actions.yaml b/test/server/test_data/server/fatal_actions.yaml index cbebfaa188eb..6aa06ba5e2f2 100644 --- a/test/server/test_data/server/fatal_actions.yaml +++ b/test/server/test_data/server/fatal_actions.yaml @@ -1,9 +1,9 @@ fatal_actions: - - config: - name: envoy_test.fatal_action.safe - typed_config: - '@type': type.googleapis.com/google.protobuf.Empty - - config: - name: envoy_test.fatal_action.unsafe - typed_config: - '@type': type.googleapis.com/google.protobuf.Empty +- config: + name: envoy_test.fatal_action.safe + typed_config: + '@type': type.googleapis.com/google.protobuf.Empty +- config: + name: envoy_test.fatal_action.unsafe + typed_config: + '@type': type.googleapis.com/google.protobuf.Empty diff --git a/test/server/test_data/server/hds_exception.yaml b/test/server/test_data/server/hds_exception.yaml index bb9816e1f004..9ff770c7cb58 100644 --- a/test/server/test_data/server/hds_exception.yaml +++ b/test/server/test_data/server/hds_exception.yaml @@ -1,24 +1,24 @@ staticResources: clusters: - - name: ser - connectTimeout: 0.000000813s - healthChecks: - - timeout: 0.926363914s - interval: 165537s - unhealthyThreshold: 16 - healthyThreshold: 0 - httpHealthCheck: - host: h - path: '&' - loadAssignment: - clusterName: . - endpoints: - - lbEndpoints: - - endpoint: - address: - pipe: - path: . - healthStatus: DRAINING + - name: ser + connectTimeout: 0.000000813s + healthChecks: + - timeout: 0.926363914s + interval: 165537s + unhealthyThreshold: 16 + healthyThreshold: 0 + httpHealthCheck: + host: h + path: '&' + loadAssignment: + clusterName: . + endpoints: + - lbEndpoints: + - endpoint: + address: + pipe: + path: . + healthStatus: DRAINING hdsConfig: apiType: GRPC requestTimeout: 0.014024704s diff --git a/test/server/test_data/server/health_check_nullptr.yaml b/test/server/test_data/server/health_check_nullptr.yaml index e150a3fc717d..125e8a85bbe1 100644 --- a/test/server/test_data/server/health_check_nullptr.yaml +++ b/test/server/test_data/server/health_check_nullptr.yaml @@ -1,20 +1,20 @@ staticResources: clusters: - - name: foo - connectTimeout: 0.000000813s - perConnectionBufferLimitBytes: 0 - lbPolicy: LEAST_REQUEST - loadAssignment: - clusterName: '*' - endpoints: - - locality: - subZone: "\x1F\x1F" - lbEndpoints: - - endpoint: - address: - pipe: - path: . - healthStatus: HEALTHY + - name: foo + connectTimeout: 0.000000813s + perConnectionBufferLimitBytes: 0 + lbPolicy: LEAST_REQUEST + loadAssignment: + clusterName: '*' + endpoints: + - locality: + subZone: "\x1F\x1F" + lbEndpoints: + - endpoint: + address: + pipe: + path: . + healthStatus: HEALTHY clusterManager: loadStatsConfig: apiType: GRPC diff --git a/test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml b/test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml index 9115d8a0c382..4a375731a174 100644 --- a/test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml +++ b/test/server/test_data/server/invalid_layered_runtime_duplicate_name.yaml @@ -1,8 +1,8 @@ layered_runtime: layers: - - name: some_static_layer - static_layer: - foo: bar - - name: some_static_layer - static_layer: - foo: baz + - name: some_static_layer + static_layer: + foo: bar + - name: some_static_layer + static_layer: + foo: baz diff --git a/test/server/test_data/server/invalid_layered_runtime_missing_name.yaml b/test/server/test_data/server/invalid_layered_runtime_missing_name.yaml index ec91562e9f28..f0c75c18ef92 100644 --- a/test/server/test_data/server/invalid_layered_runtime_missing_name.yaml +++ b/test/server/test_data/server/invalid_layered_runtime_missing_name.yaml @@ -1,4 +1,4 @@ layered_runtime: layers: - - static_layer: - foo: bar + - static_layer: + foo: bar diff --git a/test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml b/test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml index da4d5dd56bd2..396194470cc1 100644 --- a/test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml +++ b/test/server/test_data/server/invalid_layered_runtime_no_layer_specifier.yaml @@ -1,3 +1,3 @@ layered_runtime: layers: - - name: "foo" + - name: "foo" diff --git a/test/server/test_data/server/invalid_runtime_bootstrap.yaml b/test/server/test_data/server/invalid_runtime_bootstrap.yaml index 3ed04a71c3b0..ba04f2f3c4d7 100644 --- a/test/server/test_data/server/invalid_runtime_bootstrap.yaml +++ b/test/server/test_data/server/invalid_runtime_bootstrap.yaml @@ -1,6 +1,6 @@ layered_runtime: layers: - - name: some_static_layer - static_layer: - foo: - - bar: baz + - name: some_static_layer + static_layer: + foo: + - bar: baz diff --git a/test/server/test_data/server/node_bootstrap.yaml b/test/server/test_data/server/node_bootstrap.yaml index bce1b610dc7c..f662534dfeb4 100644 --- a/test/server/test_data/server/node_bootstrap.yaml +++ b/test/server/test_data/server/node_bootstrap.yaml @@ -5,8 +5,8 @@ node: zone: bootstrap_zone sub_zone: bootstrap_sub_zone admin: - access_log_path: {{ null_device_path }} + access_log_path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 diff --git a/test/server/test_data/server/node_bootstrap_agent_deprecated_override.yaml b/test/server/test_data/server/node_bootstrap_agent_deprecated_override.yaml new file mode 100644 index 000000000000..1b466cd4a887 --- /dev/null +++ b/test/server/test_data/server/node_bootstrap_agent_deprecated_override.yaml @@ -0,0 +1,11 @@ +node: + id: bootstrap_id + cluster: bootstrap_cluster + user_agent_name: test-ci-user-agent + user_agent_version: test +admin: + access_log_path: "{{ null_device_path }}" + address: + socket_address: + address: "{{ ntop_ip_loopback_address }}" + port_value: 0 diff --git a/test/server/test_data/server/node_bootstrap_agent_override.yaml b/test/server/test_data/server/node_bootstrap_agent_override.yaml new file mode 100644 index 000000000000..bfd5dae1cf00 --- /dev/null +++ b/test/server/test_data/server/node_bootstrap_agent_override.yaml @@ -0,0 +1,15 @@ +node: + id: bootstrap_id + cluster: bootstrap_cluster + user_agent_name: test-ci-user-agent + user_agent_build_version: + version: + major_number: 9 + minor_number: 8 + patch: 7 +admin: + access_log_path: "{{ null_device_path }}" + address: + socket_address: + address: "{{ ntop_ip_loopback_address }}" + port_value: 0 diff --git a/test/server/test_data/server/node_bootstrap_no_admin_port.yaml b/test/server/test_data/server/node_bootstrap_no_admin_port.yaml index d7646ce65622..6af0d901a634 100644 --- a/test/server/test_data/server/node_bootstrap_no_admin_port.yaml +++ b/test/server/test_data/server/node_bootstrap_no_admin_port.yaml @@ -9,4 +9,4 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" diff --git a/test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml b/test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml index ab69375bbeb2..1d83987d05b2 100644 --- a/test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml +++ b/test/server/test_data/server/node_bootstrap_with_admin_socket_options.yaml @@ -9,14 +9,14 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 socket_options: - description: SO_REUSEPORT - level: {{ sol_socket }} - name: {{ so_reuseport }} + level: "{{ sol_socket }}" + name: "{{ so_reuseport }}" int_value: 1 state: STATE_PREBIND diff --git a/test/server/test_data/server/node_bootstrap_without_access_log.yaml b/test/server/test_data/server/node_bootstrap_without_access_log.yaml index 096a2c8f8366..c47464b5e7d5 100644 --- a/test/server/test_data/server/node_bootstrap_without_access_log.yaml +++ b/test/server/test_data/server/node_bootstrap_without_access_log.yaml @@ -7,6 +7,5 @@ node: admin: address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 - diff --git a/test/server/test_data/server/proxy_version_bootstrap.yaml b/test/server/test_data/server/proxy_version_bootstrap.yaml index 9f52987ba95e..ff9c15ae03d5 100644 --- a/test/server/test_data/server/proxy_version_bootstrap.yaml +++ b/test/server/test_data/server/proxy_version_bootstrap.yaml @@ -9,9 +9,9 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 stats_server_version_override: 100012001 diff --git a/test/server/test_data/server/runtime_bootstrap.yaml b/test/server/test_data/server/runtime_bootstrap.yaml index e92c3fd5a903..9d14d094e7d8 100644 --- a/test/server/test_data/server/runtime_bootstrap.yaml +++ b/test/server/test_data/server/runtime_bootstrap.yaml @@ -1,9 +1,9 @@ layered_runtime: layers: - - name: some_static_layer - static_layer: - foo: bar - - name: base_disk_layer - disk_layer: { symlink_root: {{ test_rundir }}/test/server/test_data/runtime/primary } - - name: overlay_disk_layer - disk_layer: { symlink_root: {{ test_rundir }}/test/server/test_data/runtime/override, append_service_cluster: true } + - name: some_static_layer + static_layer: + foo: bar + - name: base_disk_layer + disk_layer: {symlink_root: "{{ test_rundir }}/test/server/test_data/runtime/primary"} + - name: overlay_disk_layer + disk_layer: {symlink_root: "{{ test_rundir }}/test/server/test_data/runtime/override", append_service_cluster: true} diff --git a/test/server/test_data/server/runtime_bootstrap_ads_eds.yaml b/test/server/test_data/server/runtime_bootstrap_ads_eds.yaml index c538aeadf61e..87e10d9f1ea0 100644 --- a/test/server/test_data/server/runtime_bootstrap_ads_eds.yaml +++ b/test/server/test_data/server/runtime_bootstrap_ads_eds.yaml @@ -9,7 +9,7 @@ static_resources: - endpoint: address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 - name: ads_cluster connect_timeout: 1s @@ -33,9 +33,9 @@ dynamic_resources: set_node_on_first_message_only: true layered_runtime: layers: - - name: foobar - rtds_layer: - name: foobar - rtds_config: - resource_api_version: V3 - ads: {} + - name: foobar + rtds_layer: + name: foobar + rtds_config: + resource_api_version: V3 + ads: {} diff --git a/test/server/test_data/server/runtime_bootstrap_eds.yaml b/test/server/test_data/server/runtime_bootstrap_eds.yaml index df04b1e326d9..c07eb4009a12 100644 --- a/test/server/test_data/server/runtime_bootstrap_eds.yaml +++ b/test/server/test_data/server/runtime_bootstrap_eds.yaml @@ -9,7 +9,7 @@ static_resources: - endpoint: address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 - name: rtds_cluster connect_timeout: 1s @@ -25,14 +25,14 @@ static_resources: cluster_name: "dummy_cluster" layered_runtime: layers: - - name: foobar - rtds_layer: - name: foobar - rtds_config: - resource_api_version: V3 - api_config_source: - api_type: GRPC - transport_api_version: V3 - grpc_services: - envoy_grpc: - cluster_name: rtds_cluster + - name: foobar + rtds_layer: + name: foobar + rtds_config: + resource_api_version: V3 + api_config_source: + api_type: GRPC + transport_api_version: V3 + grpc_services: + envoy_grpc: + cluster_name: rtds_cluster diff --git a/test/server/test_data/server/stats_sink_bootstrap.yaml b/test/server/test_data/server/stats_sink_bootstrap.yaml index 11b08776c7e3..9e94fa854637 100644 --- a/test/server/test_data/server/stats_sink_bootstrap.yaml +++ b/test/server/test_data/server/stats_sink_bootstrap.yaml @@ -9,10 +9,10 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 stats_sinks: - name: envoy.custom_stats_sink diff --git a/test/server/test_data/server/stats_sink_manual_flush_bootstrap.yaml b/test/server/test_data/server/stats_sink_manual_flush_bootstrap.yaml index f023380b73f3..47d41309d00f 100644 --- a/test/server/test_data/server/stats_sink_manual_flush_bootstrap.yaml +++ b/test/server/test_data/server/stats_sink_manual_flush_bootstrap.yaml @@ -9,10 +9,10 @@ admin: - name: envoy.access_loggers.file typed_config: "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog - path: {{ null_device_path }} + path: "{{ null_device_path }}" address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 stats_sinks: - name: envoy.custom_stats_sink diff --git a/test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml b/test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml index 79e53f61565b..817dac07e87e 100644 --- a/test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml +++ b/test/server/test_data/server/valid_v3_but_invalid_v2_bootstrap.yaml @@ -1,5 +1,5 @@ static_resources: - clusters : + clusters: name: "cluster" ignore_health_on_host_removal: true connect_timeout: 1s diff --git a/test/server/test_data/server/zipkin_tracing_deprecated_config.yaml b/test/server/test_data/server/zipkin_tracing_deprecated_config.yaml index 0c8c79f22d8a..d249a8dbb745 100644 --- a/test/server/test_data/server/zipkin_tracing_deprecated_config.yaml +++ b/test/server/test_data/server/zipkin_tracing_deprecated_config.yaml @@ -12,6 +12,6 @@ tracing: collector_endpoint_version: HTTP_JSON layered_runtime: layers: - - name: static_layer - static_layer: - envoy.test_only.broken_in_production.enable_deprecated_v2_api: true + - name: static_layer + static_layer: + envoy.test_only.broken_in_production.enable_deprecated_v2_api: true diff --git a/test/server/test_data/static_validation/cluster_unknown_field.yaml b/test/server/test_data/static_validation/cluster_unknown_field.yaml index 61675f55ee30..202ce89bf418 100644 --- a/test/server/test_data/static_validation/cluster_unknown_field.yaml +++ b/test/server/test_data/static_validation/cluster_unknown_field.yaml @@ -1,5 +1,5 @@ static_resources: clusters: name: foo - connect_timeout: { seconds: 5 } + connect_timeout: {seconds: 5} foo: bar diff --git a/test/server/test_data/static_validation/listener_unknown_field.yaml b/test/server/test_data/static_validation/listener_unknown_field.yaml index 8dcf743e63ee..8e1cc81d3ec9 100644 --- a/test/server/test_data/static_validation/listener_unknown_field.yaml +++ b/test/server/test_data/static_validation/listener_unknown_field.yaml @@ -3,7 +3,7 @@ static_resources: name: foo address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 foo: bar filter_chains: diff --git a/test/server/test_data/static_validation/network_filter_unknown_field.yaml b/test/server/test_data/static_validation/network_filter_unknown_field.yaml index 6535893cce4b..deaa999f06e7 100644 --- a/test/server/test_data/static_validation/network_filter_unknown_field.yaml +++ b/test/server/test_data/static_validation/network_filter_unknown_field.yaml @@ -3,7 +3,7 @@ static_resources: name: foo address: socket_address: - address: {{ ntop_ip_loopback_address }} + address: "{{ ntop_ip_loopback_address }}" port_value: 0 filter_chains: - filters: diff --git a/test/server/utility.h b/test/server/utility.h index 567388492280..fc5139fff0a1 100644 --- a/test/server/utility.h +++ b/test/server/utility.h @@ -5,7 +5,7 @@ #include "envoy/config/listener/v3/listener.pb.h" #include "envoy/config/listener/v3/listener.pb.validate.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "test/test_common/utility.h" diff --git a/test/server/worker_impl_test.cc b/test/server/worker_impl_test.cc index 6fd4291f2d9a..f506f20c3989 100644 --- a/test/server/worker_impl_test.cc +++ b/test/server/worker_impl_test.cc @@ -1,9 +1,8 @@ #include "envoy/network/exception.h" -#include "common/api/api_impl.h" -#include "common/event/dispatcher_impl.h" - -#include "server/worker_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/event/dispatcher_impl.h" +#include "source/server/worker_impl.h" #include "test/mocks/network/mocks.h" #include "test/mocks/server/guard_dog.h" @@ -12,6 +11,7 @@ #include "test/mocks/thread_local/mocks.h" #include "test/test_common/utility.h" +#include "absl/synchronization/notification.h" #include "gtest/gtest.h" using testing::_; @@ -26,6 +26,8 @@ namespace Envoy { namespace Server { namespace { +Event::PostCb emptyCallback = []() {}; + class WorkerImplTest : public testing::Test { public: WorkerImplTest() @@ -77,7 +79,7 @@ TEST_F(WorkerImplTest, BasicFlow) { }); NiceMock store; - worker_.start(guard_dog_); + worker_.start(guard_dog_, emptyCallback); worker_.initializeStats(store); ci.waitReady(); @@ -156,7 +158,16 @@ TEST_F(WorkerImplTest, ListenerException) { .WillOnce(Throw(Network::CreateListenerException("failed"))); worker_.addListener(absl::nullopt, listener, [](bool success) -> void { EXPECT_FALSE(success); }); - worker_.start(guard_dog_); + worker_.start(guard_dog_, emptyCallback); + worker_.stop(); +} + +TEST_F(WorkerImplTest, WorkerInvokesProvidedCallback) { + absl::Notification callback_ran; + auto cb = [&callback_ran]() { callback_ran.Notify(); }; + worker_.start(guard_dog_, cb); + + callback_ran.WaitForNotification(); worker_.stop(); } diff --git a/test/test_common/BUILD b/test/test_common/BUILD index 50b758d06353..75a544563785 100644 --- a/test/test_common/BUILD +++ b/test/test_common/BUILD @@ -22,7 +22,7 @@ envoy_cc_test_library( ], deps = [ ":network_utility_lib", - "//include/envoy/server:options_interface", + "//envoy/server:options_interface", "//source/common/common:assert_lib", "//source/common/common:compiler_requirements_lib", "//source/common/common:macros", @@ -44,7 +44,7 @@ envoy_cc_test_library( hdrs = ["network_utility.h"], deps = [ ":utility_lib", - "//include/envoy/network:filter_interface", + "//envoy/network:filter_interface", "//source/common/common:assert_lib", "//source/common/network:address_lib", "//source/common/network:listen_socket_lib", @@ -81,7 +81,7 @@ envoy_cc_library( srcs = ["printers.cc"], hdrs = ["printers.h"], deps = [ - "//include/envoy/network:address_interface", + "//envoy/network:address_interface", "//source/common/buffer:buffer_lib", "//source/common/http:header_map_lib", ], @@ -91,7 +91,7 @@ envoy_cc_test_library( name = "registry_lib", hdrs = ["registry.h"], deps = [ - "//include/envoy/registry", + "//envoy/registry", ], ) @@ -115,9 +115,9 @@ envoy_cc_test_library( ":resources_lib", ":test_time_lib", ":thread_factory_for_test_lib", - "//include/envoy/buffer:buffer_interface", - "//include/envoy/http:codec_interface", - "//include/envoy/network:address_interface", + "//envoy/buffer:buffer_interface", + "//envoy/http:codec_interface", + "//envoy/network:address_interface", "//source/common/api:api_lib", "//source/common/common:empty_string", "//source/common/common:thread_lib", @@ -251,8 +251,8 @@ envoy_cc_test_library( deps = [ ":global_lib", ":only_one_thread_lib", - "//include/envoy/event:dispatcher_interface", - "//include/envoy/event:timer_interface", + "//envoy/event:dispatcher_interface", + "//envoy/event:timer_interface", "//source/common/common:thread_lib", ], ) diff --git a/test/test_common/contention.h b/test/test_common/contention.h index d90ab20d4eea..e91bbfd61b88 100644 --- a/test/test_common/contention.h +++ b/test/test_common/contention.h @@ -5,9 +5,9 @@ #include "envoy/api/api.h" -#include "common/common/lock_guard.h" -#include "common/common/mutex_tracer_impl.h" -#include "common/common/thread.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/mutex_tracer_impl.h" +#include "source/common/common/thread.h" #include "test/test_common/test_time.h" diff --git a/test/test_common/delegating_route_utility.h b/test/test_common/delegating_route_utility.h index a8d560c086e1..2189f88946bb 100644 --- a/test/test_common/delegating_route_utility.h +++ b/test/test_common/delegating_route_utility.h @@ -1,4 +1,4 @@ -#include "common/router/delegating_route_impl.h" +#include "source/common/router/delegating_route_impl.h" namespace Envoy { namespace Router { diff --git a/test/test_common/environment.cc b/test/test_common/environment.cc index 63fffcafc7fa..d2d33a73c4e7 100644 --- a/test/test_common/environment.cc +++ b/test/test_common/environment.cc @@ -9,20 +9,20 @@ #include "envoy/common/platform.h" -#include "common/common/assert.h" -#include "common/common/compiler_requirements.h" -#include "common/common/logger.h" -#include "common/common/macros.h" -#include "common/common/utility.h" -#include "common/filesystem/directory.h" +#include "source/common/common/assert.h" +#include "source/common/common/compiler_requirements.h" +#include "source/common/common/logger.h" +#include "source/common/common/macros.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/directory.h" #include "absl/container/node_hash_map.h" #ifdef ENVOY_HANDLE_SIGNALS -#include "common/signal/signal_action.h" +#include "source/common/signal/signal_action.h" #endif -#include "server/options_impl.h" +#include "source/server/options_impl.h" #include "test/test_common/file_system_for_test.h" #include "test/test_common/network_utility.h" diff --git a/test/test_common/environment.h b/test/test_common/environment.h index 935c495c95e5..0aa1cdd632d7 100644 --- a/test/test_common/environment.h +++ b/test/test_common/environment.h @@ -7,7 +7,7 @@ #include "envoy/network/address.h" #include "envoy/server/options.h" -#include "common/json/json_loader.h" +#include "source/common/json/json_loader.h" #include "absl/container/node_hash_map.h" #include "absl/strings/str_cat.h" diff --git a/test/test_common/file_system_for_test.cc b/test/test_common/file_system_for_test.cc index c00e82d5835b..35ea2b1754ea 100644 --- a/test/test_common/file_system_for_test.cc +++ b/test/test_common/file_system_for_test.cc @@ -1,6 +1,6 @@ #include "test/test_common/file_system_for_test.h" -#include "common/filesystem/filesystem_impl.h" +#include "source/common/filesystem/filesystem_impl.h" namespace Envoy { diff --git a/test/test_common/file_system_for_test.h b/test/test_common/file_system_for_test.h index d3f891e76cb4..bd5abfcfd502 100644 --- a/test/test_common/file_system_for_test.h +++ b/test/test_common/file_system_for_test.h @@ -2,7 +2,7 @@ #include "envoy/filesystem/filesystem.h" -#include "common/filesystem/file_shared_impl.h" +#include "source/common/filesystem/file_shared_impl.h" #include "absl/synchronization/mutex.h" @@ -35,7 +35,7 @@ class MemfileImpl : public FileSharedImpl { if (!flags_.test(File::Operation::Append)) { info_->data_.clear(); } - info_->data_.append(buffer); + info_->data_.append(std::string(buffer)); const ssize_t size = info_->data_.size(); return resultSuccess(size); } diff --git a/test/test_common/global.cc b/test/test_common/global.cc index 4c827922ee91..1fdaf758fd6c 100644 --- a/test/test_common/global.cc +++ b/test/test_common/global.cc @@ -1,6 +1,6 @@ #include "test/test_common/global.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" namespace Envoy { namespace Test { diff --git a/test/test_common/global.h b/test/test_common/global.h index 872f81e520eb..704bd412ff2f 100644 --- a/test/test_common/global.h +++ b/test/test_common/global.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/lock_guard.h" -#include "common/common/thread.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" #include "absl/container/flat_hash_map.h" diff --git a/test/test_common/logging.cc b/test/test_common/logging.cc index f014241fb198..3663feb0c83d 100644 --- a/test/test_common/logging.cc +++ b/test/test_common/logging.cc @@ -1,6 +1,6 @@ #include "test/test_common/logging.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "absl/synchronization/mutex.h" diff --git a/test/test_common/logging.h b/test/test_common/logging.h index 698fba241aad..124f553fe766 100644 --- a/test/test_common/logging.h +++ b/test/test_common/logging.h @@ -4,7 +4,7 @@ #include #include -#include "common/common/logger.h" +#include "source/common/common/logger.h" #include "absl/strings/str_join.h" #include "absl/strings/str_split.h" diff --git a/test/test_common/network_utility.cc b/test/test_common/network_utility.cc index 1e1eeba9f1c1..976f2e2205e6 100644 --- a/test/test_common/network_utility.cc +++ b/test/test_common/network_utility.cc @@ -5,15 +5,15 @@ #include "envoy/common/platform.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/assert.h" -#include "common/common/fmt.h" -#include "common/network/address_impl.h" -#include "common/network/listen_socket_impl.h" -#include "common/network/raw_buffer_socket.h" -#include "common/network/socket_interface.h" -#include "common/network/socket_option_factory.h" -#include "common/runtime/runtime_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/fmt.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/listen_socket_impl.h" +#include "source/common/network/raw_buffer_socket.h" +#include "source/common/network/socket_interface.h" +#include "source/common/network/socket_option_factory.h" +#include "source/common/runtime/runtime_impl.h" #include "test/test_common/utility.h" @@ -211,6 +211,9 @@ struct SyncPacketProcessor : public Network::UdpPacketProcessor { } uint64_t maxDatagramSize() const override { return max_rx_datagram_size_; } void onDatagramsDropped(uint32_t) override {} + size_t numPacketsExpectedPerEventLoop() const override { + return Network::MAX_NUM_PACKETS_PER_EVENT_LOOP; + } std::list& data_; const uint64_t max_rx_datagram_size_; diff --git a/test/test_common/network_utility.h b/test/test_common/network_utility.h index 8970e790c6b8..47cea59e53ba 100644 --- a/test/test_common/network_utility.h +++ b/test/test_common/network_utility.h @@ -8,7 +8,7 @@ #include "envoy/network/io_handle.h" #include "envoy/network/transport_socket.h" -#include "common/network/utility.h" +#include "source/common/network/utility.h" namespace Envoy { namespace Network { diff --git a/test/test_common/network_utility_test.cc b/test/test_common/network_utility_test.cc index dc40f1d28f2f..e23575234fa4 100644 --- a/test/test_common/network_utility_test.cc +++ b/test/test_common/network_utility_test.cc @@ -1,6 +1,6 @@ #include -#include "common/api/os_sys_calls_impl.h" +#include "source/common/api/os_sys_calls_impl.h" #include "test/test_common/environment.h" #include "test/test_common/network_utility.h" diff --git a/test/test_common/only_one_thread.cc b/test/test_common/only_one_thread.cc index 06cc9855446d..5b51f7664d40 100644 --- a/test/test_common/only_one_thread.cc +++ b/test/test_common/only_one_thread.cc @@ -2,7 +2,7 @@ #include "envoy/thread/thread.h" -#include "common/common/lock_guard.h" +#include "source/common/common/lock_guard.h" #include "test/test_common/thread_factory_for_test.h" diff --git a/test/test_common/only_one_thread.h b/test/test_common/only_one_thread.h index c726ae6d28fa..fe2a4de752eb 100644 --- a/test/test_common/only_one_thread.h +++ b/test/test_common/only_one_thread.h @@ -1,7 +1,7 @@ #pragma once -#include "common/common/assert.h" -#include "common/common/thread.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Thread { diff --git a/test/test_common/printers.cc b/test/test_common/printers.cc index 8a2ece63ad13..6d671b669631 100644 --- a/test/test_common/printers.cc +++ b/test/test_common/printers.cc @@ -3,8 +3,8 @@ #include -#include "common/buffer/buffer_impl.h" -#include "common/http/header_map_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/header_map_impl.h" namespace Envoy { namespace Http { diff --git a/test/test_common/resources.h b/test/test_common/resources.h index e6508837f3cf..9dcc8ec54b6b 100644 --- a/test/test_common/resources.h +++ b/test/test_common/resources.h @@ -2,7 +2,7 @@ #include -#include "common/singleton/const_singleton.h" +#include "source/common/singleton/const_singleton.h" namespace Envoy { namespace Config { diff --git a/test/test_common/simulated_time_system.cc b/test/test_common/simulated_time_system.cc index b01f13f6e0b3..de3b4e23db0f 100644 --- a/test/test_common/simulated_time_system.cc +++ b/test/test_common/simulated_time_system.cc @@ -4,11 +4,11 @@ #include "envoy/event/dispatcher.h" -#include "common/common/assert.h" -#include "common/common/lock_guard.h" -#include "common/event/real_time_system.h" -#include "common/event/timer_impl.h" -#include "common/runtime/runtime_features.h" +#include "source/common/common/assert.h" +#include "source/common/common/lock_guard.h" +#include "source/common/event/real_time_system.h" +#include "source/common/event/timer_impl.h" +#include "source/common/runtime/runtime_features.h" namespace Envoy { namespace Event { diff --git a/test/test_common/simulated_time_system.h b/test/test_common/simulated_time_system.h index bdd860e13594..16c09c67299f 100644 --- a/test/test_common/simulated_time_system.h +++ b/test/test_common/simulated_time_system.h @@ -2,9 +2,9 @@ #include "envoy/event/timer.h" -#include "common/common/lock_guard.h" -#include "common/common/thread.h" -#include "common/common/utility.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread.h" +#include "source/common/common/utility.h" #include "test/test_common/test_time_system.h" #include "test/test_common/utility.h" diff --git a/test/test_common/simulated_time_system_test.cc b/test/test_common/simulated_time_system_test.cc index f518a1a24985..422669b0725e 100644 --- a/test/test_common/simulated_time_system_test.cc +++ b/test/test_common/simulated_time_system_test.cc @@ -1,7 +1,7 @@ -#include "common/common/thread.h" -#include "common/event/libevent.h" -#include "common/event/libevent_scheduler.h" -#include "common/event/timer_impl.h" +#include "source/common/common/thread.h" +#include "source/common/event/libevent.h" +#include "source/common/event/libevent_scheduler.h" +#include "source/common/event/timer_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/test_common/test_runtime.h b/test/test_common/test_runtime.h index 0f270c122d5a..433292a4f5e0 100644 --- a/test/test_common/test_runtime.h +++ b/test/test_common/test_runtime.h @@ -13,8 +13,8 @@ #include "envoy/config/bootstrap/v3/bootstrap.pb.h" -#include "common/runtime/runtime_impl.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/mocks/common.h" #include "test/mocks/event/mocks.h" diff --git a/test/test_common/test_time.cc b/test/test_common/test_time.cc index 98deac1a959d..691c48ad8d34 100644 --- a/test/test_common/test_time.cc +++ b/test/test_common/test_time.cc @@ -1,6 +1,6 @@ #include "test/test_common/test_time.h" -#include "common/common/utility.h" +#include "source/common/common/utility.h" #include "test/test_common/global.h" diff --git a/test/test_common/test_time.h b/test/test_common/test_time.h index 038a44e734c5..8234584a2ef2 100644 --- a/test/test_common/test_time.h +++ b/test/test_common/test_time.h @@ -1,6 +1,6 @@ #pragma once -#include "common/event/real_time_system.h" +#include "source/common/event/real_time_system.h" #include "test/test_common/global.h" #include "test/test_common/test_time_system.h" diff --git a/test/test_common/test_time_system.cc b/test/test_common/test_time_system.cc index a24763e9c07d..3b81864402ca 100644 --- a/test/test_common/test_time_system.cc +++ b/test/test_common/test_time_system.cc @@ -2,7 +2,7 @@ #include "envoy/event/timer.h" -#include "common/common/thread.h" +#include "source/common/common/thread.h" namespace Envoy { namespace Event { diff --git a/test/test_common/test_time_system.h b/test/test_common/test_time_system.h index 932f7083260d..17a6ac3a7017 100644 --- a/test/test_common/test_time_system.h +++ b/test/test_common/test_time_system.h @@ -4,8 +4,8 @@ #include "envoy/event/dispatcher.h" #include "envoy/event/timer.h" -#include "common/common/assert.h" -#include "common/common/thread.h" +#include "source/common/common/assert.h" +#include "source/common/common/thread.h" #include "test/test_common/global.h" #include "test/test_common/only_one_thread.h" diff --git a/test/test_common/thread_factory_for_test.cc b/test/test_common/thread_factory_for_test.cc index 38b966bae066..55c4d84ed12b 100644 --- a/test/test_common/thread_factory_for_test.cc +++ b/test/test_common/thread_factory_for_test.cc @@ -1,4 +1,4 @@ -#include "common/common/thread_impl.h" +#include "source/common/common/thread_impl.h" namespace Envoy { diff --git a/test/test_common/threadsafe_singleton_injector.h b/test/test_common/threadsafe_singleton_injector.h index b9a0020dc88a..ae90022d7770 100644 --- a/test/test_common/threadsafe_singleton_injector.h +++ b/test/test_common/threadsafe_singleton_injector.h @@ -1,6 +1,6 @@ #pragma once -#include "common/singleton/threadsafe_singleton.h" +#include "source/common/singleton/threadsafe_singleton.h" namespace Envoy { diff --git a/test/test_common/utility.cc b/test/test_common/utility.cc index 1b22d4a14ec1..35b5305cd0a9 100644 --- a/test/test_common/utility.cc +++ b/test/test_common/utility.cc @@ -20,17 +20,17 @@ #include "envoy/http/codec.h" #include "envoy/service/runtime/v3/rtds.pb.h" -#include "common/api/api_impl.h" -#include "common/common/fmt.h" -#include "common/common/lock_guard.h" -#include "common/common/thread_impl.h" -#include "common/common/utility.h" -#include "common/filesystem/directory.h" -#include "common/filesystem/filesystem_impl.h" -#include "common/http/header_utility.h" -#include "common/json/json_loader.h" -#include "common/network/address_impl.h" -#include "common/network/utility.h" +#include "source/common/api/api_impl.h" +#include "source/common/common/fmt.h" +#include "source/common/common/lock_guard.h" +#include "source/common/common/thread_impl.h" +#include "source/common/common/utility.h" +#include "source/common/filesystem/directory.h" +#include "source/common/filesystem/filesystem_impl.h" +#include "source/common/http/header_utility.h" +#include "source/common/json/json_loader.h" +#include "source/common/network/address_impl.h" +#include "source/common/network/utility.h" #include "test/mocks/common.h" #include "test/mocks/stats/mocks.h" @@ -41,6 +41,7 @@ #include "absl/container/fixed_array.h" #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" +#include "absl/synchronization/notification.h" #include "gtest/gtest.h" using testing::GTEST_FLAG(random_seed); @@ -222,6 +223,45 @@ AssertionResult TestUtility::waitForGaugeEq(Stats::Store& store, const std::stri return AssertionSuccess(); } +AssertionResult TestUtility::waitUntilHistogramHasSamples(Stats::Store& store, + const std::string& name, + Event::TestTimeSystem& time_system, + Event::Dispatcher& main_dispatcher, + std::chrono::milliseconds timeout) { + Event::TestTimeSystem::RealTimeBound bound(timeout); + while (true) { + auto histo = findByName(store.histograms(), name); + if (histo) { + uint64_t sample_count = readSampleCount(main_dispatcher, *histo); + if (sample_count) { + break; + } + } + + time_system.advanceTimeWait(std::chrono::milliseconds(10)); + + if (timeout != std::chrono::milliseconds::zero() && !bound.withinBound()) { + return AssertionFailure() << fmt::format("timed out waiting for {} to have samples", name); + } + } + return AssertionSuccess(); +} + +uint64_t TestUtility::readSampleCount(Event::Dispatcher& main_dispatcher, + const Stats::ParentHistogram& histogram) { + // Note: we need to read the sample count from the main thread, to avoid data races. + uint64_t sample_count = 0; + absl::Notification notification; + + main_dispatcher.post([&] { + sample_count = histogram.cumulativeStatistics().sampleCount(); + notification.Notify(); + }); + notification.WaitForNotification(); + + return sample_count; +} + std::list TestUtility::makeDnsResponse(const std::list& addresses, std::chrono::seconds ttl) { std::list ret; diff --git a/test/test_common/utility.h b/test/test_common/utility.h index 86d03c5d009a..e0470f27a59e 100644 --- a/test/test_common/utility.h +++ b/test/test_common/utility.h @@ -15,17 +15,17 @@ #include "envoy/type/matcher/v3/string.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/buffer/buffer_impl.h" -#include "common/common/c_smart_ptr.h" -#include "common/common/empty_string.h" -#include "common/common/thread.h" -#include "common/config/decoded_resource_impl.h" -#include "common/config/opaque_resource_decoder_impl.h" -#include "common/config/version_converter.h" -#include "common/http/header_map_impl.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/stats/symbol_table_impl.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/common/c_smart_ptr.h" +#include "source/common/common/empty_string.h" +#include "source/common/common/thread.h" +#include "source/common/config/decoded_resource_impl.h" +#include "source/common/config/opaque_resource_decoder_impl.h" +#include "source/common/config/version_converter.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/symbol_table_impl.h" #include "test/test_common/file_system_for_test.h" #include "test/test_common/logging.h" @@ -278,6 +278,29 @@ class TestUtility { Event::TestTimeSystem& time_system, std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()); + /** + * Wait for a histogram to have samples. + * @param store supplies the stats store. + * @param name histogram name. + * @param time_system the time system to use for waiting. + * @param timeout the maximum time to wait before timing out, or 0 for no timeout. + * @return AssertionSuccess() if the histogram was populated within the timeout, else + * AssertionFailure(). + */ + static AssertionResult waitUntilHistogramHasSamples( + Stats::Store& store, const std::string& name, Event::TestTimeSystem& time_system, + Event::Dispatcher& main_dispatcher, + std::chrono::milliseconds timeout = std::chrono::milliseconds::zero()); + + /** + * Read a histogram's sample count from the main thread. + * @param store supplies the stats store. + * @param name histogram name. + * @return uint64_t the sample count. + */ + static uint64_t readSampleCount(Event::Dispatcher& main_dispatcher, + const Stats::ParentHistogram& histogram); + /** * Find a readout in a stats store. * @param store supplies the stats store. @@ -554,7 +577,9 @@ class TestUtility { */ static const envoy::type::matcher::v3::StringMatcher createRegexMatcher(std::string str) { envoy::type::matcher::v3::StringMatcher matcher; - matcher.set_hidden_envoy_deprecated_regex(str); + auto* regex = matcher.mutable_safe_regex(); + regex->mutable_google_re2(); + regex->set_regex(str); return matcher; } diff --git a/test/test_common/wasm_base.h b/test/test_common/wasm_base.h index 775197c2ddfe..8231788e24ec 100644 --- a/test/test_common/wasm_base.h +++ b/test/test_common/wasm_base.h @@ -5,12 +5,11 @@ #include "envoy/extensions/wasm/v3/wasm.pb.validate.h" #include "envoy/server/lifecycle_notifier.h" -#include "common/buffer/buffer_impl.h" -#include "common/http/message_impl.h" -#include "common/stats/isolated_store_impl.h" -#include "common/stream_info/stream_info_impl.h" - -#include "extensions/common/wasm/wasm.h" +#include "source/common/buffer/buffer_impl.h" +#include "source/common/http/message_impl.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/common/stream_info/stream_info_impl.h" +#include "source/extensions/common/wasm/wasm.h" #include "test/mocks/grpc/mocks.h" #include "test/mocks/http/mocks.h" @@ -34,8 +33,8 @@ namespace Wasm { #define MOCK_CONTEXT_LOG_ \ using Context::log; \ - proxy_wasm::WasmResult log(uint32_t level, absl::string_view message) override { \ - log_(static_cast(level), message); \ + proxy_wasm::WasmResult log(uint32_t level, std::string_view message) override { \ + log_(static_cast(level), toAbslStringView(message)); \ return proxy_wasm::WasmResult::Ok; \ } \ MOCK_METHOD(void, log_, (spdlog::level::level_enum level, absl::string_view message)) diff --git a/test/test_listener.cc b/test/test_listener.cc index 61e6b6b12bf3..12dba6668f81 100644 --- a/test/test_listener.cc +++ b/test/test_listener.cc @@ -1,6 +1,6 @@ #include "test/test_listener.h" -#include "common/common/assert.h" +#include "source/common/common/assert.h" #include "test/test_common/global.h" diff --git a/test/test_runner.cc b/test/test_runner.cc index d30a78b0b9e6..c910d4fb505a 100644 --- a/test/test_runner.cc +++ b/test/test_runner.cc @@ -2,15 +2,13 @@ #include -#include "common/common/logger.h" -#include "common/common/logger_delegates.h" -#include "common/common/thread.h" -#include "common/event/libevent.h" -#include "common/runtime/runtime_features.h" - -#include "exe/process_wide.h" - -#include "server/backtrace.h" +#include "source/common/common/logger.h" +#include "source/common/common/logger_delegates.h" +#include "source/common/common/thread.h" +#include "source/common/event/libevent.h" +#include "source/common/runtime/runtime_features.h" +#include "source/exe/process_wide.h" +#include "source/server/backtrace.h" #include "test/common/runtime/utility.h" #include "test/mocks/access_log/mocks.h" diff --git a/test/tools/config_load_check/config_load_check.cc b/test/tools/config_load_check/config_load_check.cc index 6b521c3340d4..5dfee0adc3b4 100644 --- a/test/tools/config_load_check/config_load_check.cc +++ b/test/tools/config_load_check/config_load_check.cc @@ -3,11 +3,11 @@ #include #include -#include "common/common/fmt.h" -#include "common/common/logger.h" -#include "common/common/thread.h" -#include "common/config/protobuf_link_hacks.h" -#include "common/event/libevent.h" +#include "source/common/common/fmt.h" +#include "source/common/common/logger.h" +#include "source/common/common/thread.h" +#include "source/common/config/protobuf_link_hacks.h" +#include "source/common/event/libevent.h" #include "test/config_test/config_test.h" diff --git a/test/tools/router_check/router.cc b/test/tools/router_check/router.cc index 80441856af30..7da0acffffa7 100644 --- a/test/tools/router_check/router.cc +++ b/test/tools/router_check/router.cc @@ -8,12 +8,12 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/random_generator.h" -#include "common/network/socket_impl.h" -#include "common/network/utility.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/common/random_generator.h" +#include "source/common/network/socket_impl.h" +#include "source/common/network/utility.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/test_common/printers.h" diff --git a/test/tools/router_check/router.h b/test/tools/router_check/router.h index 337d54832abc..3624efcb9cc4 100644 --- a/test/tools/router_check/router.h +++ b/test/tools/router_check/router.h @@ -6,14 +6,14 @@ #include "envoy/config/route/v3/route.pb.h" #include "envoy/type/v3/percent.pb.h" -#include "common/common/logger.h" -#include "common/common/utility.h" -#include "common/http/header_map_impl.h" -#include "common/http/headers.h" -#include "common/json/json_loader.h" -#include "common/router/config_impl.h" -#include "common/stats/symbol_table_impl.h" -#include "common/stream_info/stream_info_impl.h" +#include "source/common/common/logger.h" +#include "source/common/common/utility.h" +#include "source/common/http/header_map_impl.h" +#include "source/common/http/headers.h" +#include "source/common/json/json_loader.h" +#include "source/common/router/config_impl.h" +#include "source/common/stats/symbol_table_impl.h" +#include "source/common/stream_info/stream_info_impl.h" #include "test/mocks/server/instance.h" #include "test/test_common/global.h" diff --git a/test/tools/router_check/router_check.cc b/test/tools/router_check/router_check.cc index fea89d3eca98..bba8b036b229 100644 --- a/test/tools/router_check/router_check.cc +++ b/test/tools/router_check/router_check.cc @@ -2,7 +2,7 @@ #include #include -#include "exe/platform_impl.h" +#include "source/exe/platform_impl.h" #include "test/test_common/test_runtime.h" #include "test/tools/router_check/router.h" diff --git a/test/tools/router_check/test/config/ClusterHeader.yaml b/test/tools/router_check/test/config/ClusterHeader.yaml index 493d279db7e6..da647a511045 100644 --- a/test/tools/router_check/test/config/ClusterHeader.yaml +++ b/test/tools/router_check/test/config/ClusterHeader.yaml @@ -3,15 +3,15 @@ virtual_hosts: domains: - '*' routes: - - match: - prefix: "/foo" - headers: - - name: ":authority" - route: - cluster_header: ":authority" - - match: - prefix: "/bar" - route: - cluster_header: "some_header" - timeout: - nanos: 0 + - match: + prefix: "/foo" + headers: + - name: ":authority" + route: + cluster_header: ":authority" + - match: + prefix: "/bar" + route: + cluster_header: "some_header" + timeout: + nanos: 0 diff --git a/test/tools/router_check/test/config/ComprehensiveRoutes.yaml b/test/tools/router_check/test/config/ComprehensiveRoutes.yaml index 6efad99a099e..a477fbe0a7a8 100644 --- a/test/tools/router_check/test/config/ComprehensiveRoutes.yaml +++ b/test/tools/router_check/test/config/ComprehensiveRoutes.yaml @@ -1,27 +1,27 @@ virtual_hosts: - - name: www2_host - domains: - - www.lyft.com - routes: - - match: - prefix: /new_endpoint - route: - cluster: www2 - prefix_rewrite: /api/new_endpoint - - match: - path: / - route: - cluster: root_www2 - - match: - prefix: / - route: - cluster: www2 - virtual_clusters: - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users/\d+$ - - name: :method - exact_match: PUT - name: update_user +- name: www2_host + domains: + - www.lyft.com + routes: + - match: + prefix: /new_endpoint + route: + cluster: www2 + prefix_rewrite: /api/new_endpoint + - match: + path: / + route: + cluster: root_www2 + - match: + prefix: / + route: + cluster: www2 + virtual_clusters: + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users/\d+$ + - name: :method + exact_match: PUT + name: update_user diff --git a/test/tools/router_check/test/config/ContentType.yaml b/test/tools/router_check/test/config/ContentType.yaml index 819eade4d088..17f1d551755e 100644 --- a/test/tools/router_check/test/config/ContentType.yaml +++ b/test/tools/router_check/test/config/ContentType.yaml @@ -6,8 +6,8 @@ virtual_hosts: - match: prefix: "/" headers: - - name: "content-type" - exact_match: "application/grpc" + - name: "content-type" + exact_match: "application/grpc" route: cluster: local_service_grpc - match: diff --git a/test/tools/router_check/test/config/DirectResponse.yaml b/test/tools/router_check/test/config/DirectResponse.yaml index 1ce420d28da4..bf624eff3d6c 100644 --- a/test/tools/router_check/test/config/DirectResponse.yaml +++ b/test/tools/router_check/test/config/DirectResponse.yaml @@ -1,39 +1,39 @@ virtual_hosts: - - name: www2 - domains: - - lyft.com - routes: - - match: - path: /ping - direct_response: - status: 200 - body: - inline_string: "Success!" - - match: - path: /ping-json - direct_response: - status: 200 - body: - inline_string: "{ 'message': 'Success!' }" - response_headers_to_add: - - header: - key: "content-type" - value: "application/json" - append: false - - match: - path: /ping-json2 - direct_response: - status: 200 - body: - inline_string: "{ 'message': 'Success!' }" - response_headers_to_add: - # This is bad, don't do it! Use append: false! - - header: - key: "content-type" - value: "application/json" - - match: - path: /ping-empty - direct_response: - status: 200 - body: - inline_string: "" +- name: www2 + domains: + - lyft.com + routes: + - match: + path: /ping + direct_response: + status: 200 + body: + inline_string: "Success!" + - match: + path: /ping-json + direct_response: + status: 200 + body: + inline_string: "{ 'message': 'Success!' }" + response_headers_to_add: + - header: + key: "content-type" + value: "application/json" + append: false + - match: + path: /ping-json2 + direct_response: + status: 200 + body: + inline_string: "{ 'message': 'Success!' }" + response_headers_to_add: + # This is bad, don't do it! Use append: false! + - header: + key: "content-type" + value: "application/json" + - match: + path: /ping-empty + direct_response: + status: 200 + body: + inline_string: "" diff --git a/test/tools/router_check/test/config/Redirect.yaml b/test/tools/router_check/test/config/Redirect.yaml index 28944a6bd3be..10d779c15ead 100644 --- a/test/tools/router_check/test/config/Redirect.yaml +++ b/test/tools/router_check/test/config/Redirect.yaml @@ -4,51 +4,51 @@ virtual_hosts: - www.lyft.com require_tls: ALL routes: - - match: - prefix: / - route: - cluster: www2 + - match: + prefix: / + route: + cluster: www2 - name: api domains: - api.lyft.com require_tls: EXTERNAL_ONLY routes: - - match: - prefix: /pretest - route: - prefix_rewrite: /pre/test - cluster: www2 - - match: - prefix: /secondtest - route: - prefix_rewrite: /second/test - cluster: www2 - - match: - prefix: / - route: - cluster: www2 + - match: + prefix: /pretest + route: + prefix_rewrite: /pre/test + cluster: www2 + - match: + prefix: /secondtest + route: + prefix_rewrite: /second/test + cluster: www2 + - match: + prefix: / + route: + cluster: www2 - name: redirect domains: - redirect.lyft.com routes: - - match: - prefix: /blah - route: - cluster: www2 - - match: - prefix: /foo - redirect: - host_redirect: new.lyft.com - - match: - prefix: /bar - redirect: - path_redirect: /new_bar - - match: - prefix: /baz - redirect: - host_redirect: new.lyft.com - path_redirect: /new_baz - - match: - prefix: /rewrite - redirect: - prefix_rewrite: /blah + - match: + prefix: /blah + route: + cluster: www2 + - match: + prefix: /foo + redirect: + host_redirect: new.lyft.com + - match: + prefix: /bar + redirect: + path_redirect: /new_bar + - match: + prefix: /baz + redirect: + host_redirect: new.lyft.com + path_redirect: /new_baz + - match: + prefix: /rewrite + redirect: + prefix_rewrite: /blah diff --git a/test/tools/router_check/test/config/Redirect2.yaml b/test/tools/router_check/test/config/Redirect2.yaml index 181265d34d37..e4aaab2e47cc 100644 --- a/test/tools/router_check/test/config/Redirect2.yaml +++ b/test/tools/router_check/test/config/Redirect2.yaml @@ -3,15 +3,15 @@ virtual_hosts: domains: - www.lyft.com routes: - - match: - prefix: / - route: - cluster: www2 + - match: + prefix: / + route: + cluster: www2 - name: redirect domains: - redirect.lyft.com routes: - - match: - prefix: /foo - redirect: - host_redirect: new.lyft.com + - match: + prefix: /foo + redirect: + host_redirect: new.lyft.com diff --git a/test/tools/router_check/test/config/Redirect3.yaml b/test/tools/router_check/test/config/Redirect3.yaml index 44cceab82153..7852fa4e1cb9 100644 --- a/test/tools/router_check/test/config/Redirect3.yaml +++ b/test/tools/router_check/test/config/Redirect3.yaml @@ -3,19 +3,19 @@ virtual_hosts: domains: - www.lyft.com routes: - - match: - prefix: / - route: - weighted_clusters: - clusters: - - name: www2 - weight: 100 - total_weight: 100 + - match: + prefix: / + route: + weighted_clusters: + clusters: + - name: www2 + weight: 100 + total_weight: 100 - name: redirect domains: - redirect.lyft.com routes: - - match: - prefix: /foo - redirect: - host_redirect: new.lyft.com + - match: + prefix: /foo + redirect: + host_redirect: new.lyft.com diff --git a/test/tools/router_check/test/config/Runtime.yaml b/test/tools/router_check/test/config/Runtime.yaml index a35c9165a079..c81981fa9bcb 100644 --- a/test/tools/router_check/test/config/Runtime.yaml +++ b/test/tools/router_check/test/config/Runtime.yaml @@ -3,25 +3,25 @@ virtual_hosts: domains: - www.lyft.com routes: - - match: - prefix: /disabled - runtime_fraction: - runtime_key: runtime.key - default_value: - numerator: 0 - denominator: HUNDRED - route: - cluster: www4 - - match: - prefix: / - runtime_fraction: - runtime_key: runtime.key - default_value: - numerator: 30 - denominator: HUNDRED - route: - cluster: www2 - - match: - prefix: / - route: - cluster: www3 + - match: + prefix: /disabled + runtime_fraction: + runtime_key: runtime.key + default_value: + numerator: 0 + denominator: HUNDRED + route: + cluster: www4 + - match: + prefix: / + runtime_fraction: + runtime_key: runtime.key + default_value: + numerator: 30 + denominator: HUNDRED + route: + cluster: www2 + - match: + prefix: / + route: + cluster: www3 diff --git a/test/tools/router_check/test/config/TestRoutes.yaml b/test/tools/router_check/test/config/TestRoutes.yaml index 61aecfdcd0cf..a047ce0f89bc 100644 --- a/test/tools/router_check/test/config/TestRoutes.yaml +++ b/test/tools/router_check/test/config/TestRoutes.yaml @@ -1,180 +1,180 @@ virtual_hosts: - - name: www2 - domains: - - lyft.com - - www.lyft.com - - w.lyft.com - - ww.lyft.com - - wwww.lyft.com - routes: - - match: - prefix: /new_endpoint - route: - cluster: www2 - prefix_rewrite: /api/new_endpoint - - match: - prefix: /ping - direct_response: - status: 200 - body: - inline_string: "{ 'message': 'Success!' }" - response_headers_to_add: - - header: - key: "x-ping-response" - value: "yes" - - match: - path: / - route: - cluster: root_www2 - - match: - prefix: / - route: - cluster: www2 - - name: www2_staging - domains: - - www-staging.lyft.net - - www-staging-orca.lyft.com - routes: - - match: - prefix: / - route: - cluster: www2_staging - - name: default - domains: - - '*' - routes: - - match: - prefix: /api/application_data - route: - cluster: ats - - match: - path: /api/locations - case_sensitive: false - route: - cluster: locations - prefix_rewrite: /rewrote - - match: - prefix: /api/leads/me - route: - cluster: ats - - match: - prefix: /host/rewrite/me - route: - cluster: ats - host_rewrite: new_host - - match: - prefix: /oldhost/rewrite/me - route: - cluster: ats - host_rewrite: new_oldhost - - match: - path: /foo - case_sensitive: true - route: - prefix_rewrite: /bar - cluster: instant-server - - match: - path: /tar - case_sensitive: false - route: - prefix_rewrite: /car - cluster: instant-server - - match: - prefix: /newhost/rewrite/me - case_sensitive: false - route: - cluster: ats - host_rewrite: new_host - - match: - path: /FOOD - case_sensitive: false - route: - prefix_rewrite: /cAndy - cluster: ats - - match: - path: /ApplEs - case_sensitive: true - route: - prefix_rewrite: /oranGES - cluster: instant-server - - match: - prefix: /customheaders - route: - cluster: ats - host_rewrite: new_host - request_headers_to_add: - - header: - key: X-Client-IP - value: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%' - - match: - prefix: / - route: - cluster: instant-server - timeout: - seconds: 30 - virtual_clusters: - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/rides$ - - name: :method - exact_match: POST - name: ride_request - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/rides/\d+$ - - name: :method - exact_match: PUT - name: update_ride - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users/\d+/chargeaccounts$ - - name: :method - exact_match: POST - name: cc_add - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users/\d+/chargeaccounts/[^validate]\w+$ - - name: :method - exact_match: PUT - name: cc_add - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users$ - - name: :method - exact_match: POST - name: create_user_login - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users/\d+$ - - name: :method - exact_match: PUT - name: update_user - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/users/\d+/location$ - - name: :method - exact_match: POST - name: ulu +- name: www2 + domains: + - lyft.com + - www.lyft.com + - w.lyft.com + - ww.lyft.com + - wwww.lyft.com + routes: + - match: + prefix: /new_endpoint + route: + cluster: www2 + prefix_rewrite: /api/new_endpoint + - match: + prefix: /ping + direct_response: + status: 200 + body: + inline_string: "{ 'message': 'Success!' }" + response_headers_to_add: + - header: + key: "x-ping-response" + value: "yes" + - match: + path: / + route: + cluster: root_www2 + - match: + prefix: / + route: + cluster: www2 +- name: www2_staging + domains: + - www-staging.lyft.net + - www-staging-orca.lyft.com + routes: + - match: + prefix: / + route: + cluster: www2_staging +- name: default + domains: + - '*' + routes: + - match: + prefix: /api/application_data + route: + cluster: ats + - match: + path: /api/locations + case_sensitive: false + route: + cluster: locations + prefix_rewrite: /rewrote + - match: + prefix: /api/leads/me + route: + cluster: ats + - match: + prefix: /host/rewrite/me + route: + cluster: ats + host_rewrite: new_host + - match: + prefix: /oldhost/rewrite/me + route: + cluster: ats + host_rewrite: new_oldhost + - match: + path: /foo + case_sensitive: true + route: + prefix_rewrite: /bar + cluster: instant-server + - match: + path: /tar + case_sensitive: false + route: + prefix_rewrite: /car + cluster: instant-server + - match: + prefix: /newhost/rewrite/me + case_sensitive: false + route: + cluster: ats + host_rewrite: new_host + - match: + path: /FOOD + case_sensitive: false + route: + prefix_rewrite: /cAndy + cluster: ats + - match: + path: /ApplEs + case_sensitive: true + route: + prefix_rewrite: /oranGES + cluster: instant-server + - match: + prefix: /customheaders + route: + cluster: ats + host_rewrite: new_host + request_headers_to_add: + - header: + key: X-Client-IP + value: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%' + - match: + prefix: / + route: + cluster: instant-server + timeout: + seconds: 30 + virtual_clusters: + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/rides$ + - name: :method + exact_match: POST + name: ride_request + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/rides/\d+$ + - name: :method + exact_match: PUT + name: update_ride + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users/\d+/chargeaccounts$ + - name: :method + exact_match: POST + name: cc_add + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users/\d+/chargeaccounts/[^validate]\w+$ + - name: :method + exact_match: PUT + name: cc_add + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users$ + - name: :method + exact_match: POST + name: create_user_login + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users/\d+$ + - name: :method + exact_match: PUT + name: update_user + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/users/\d+/location$ + - name: :method + exact_match: POST + name: ulu internal_only_headers: - - x-lyft-user-id +- x-lyft-user-id response_headers_to_add: - - header: - key: x-envoy-upstream-canary - value: "true" +- header: + key: x-envoy-upstream-canary + value: "true" response_headers_to_remove: - - x-envoy-upstream-canary - - x-envoy-virtual-cluster +- x-envoy-upstream-canary +- x-envoy-virtual-cluster diff --git a/test/tools/router_check/test/config/Weighted.yaml b/test/tools/router_check/test/config/Weighted.yaml index 074a24b75b62..a7f6f3b6667a 100644 --- a/test/tools/router_check/test/config/Weighted.yaml +++ b/test/tools/router_check/test/config/Weighted.yaml @@ -3,39 +3,39 @@ virtual_hosts: domains: - www1.lyft.com routes: - - match: - prefix: / - route: - weighted_clusters: - clusters: - - name: cluster1 - weight: 30 - - name: cluster2 - weight: 30 - - name: cluster3 - weight: 40 + - match: + prefix: / + route: + weighted_clusters: + clusters: + - name: cluster1 + weight: 30 + - name: cluster2 + weight: 30 + - name: cluster3 + weight: 40 virtual_clusters: - - headers: - - name: :path - safe_regex_match: - google_re2: {} - regex: ^/test/\d+$ - - name: :method - exact_match: GET - name: test_virtual_cluster + - headers: + - name: :path + safe_regex_match: + google_re2: {} + regex: ^/test/\d+$ + - name: :method + exact_match: GET + name: test_virtual_cluster - name: www2 domains: - www2.lyft.com routes: - - match: - prefix: / - route: - weighted_clusters: - runtime_key_prefix: www2_weights - clusters: - - name: cluster1 - weight: 30 - - name: cluster2 - weight: 30 - - name: cluster3 - weight: 40 + - match: + prefix: / + route: + weighted_clusters: + runtime_key_prefix: www2_weights + clusters: + - name: cluster1 + weight: 30 + - name: cluster2 + weight: 30 + - name: cluster3 + weight: 40 diff --git a/test/tools/schema_validator/BUILD b/test/tools/schema_validator/BUILD index c0d198f6f5d5..1891bb24a036 100644 --- a/test/tools/schema_validator/BUILD +++ b/test/tools/schema_validator/BUILD @@ -25,7 +25,7 @@ envoy_cc_test_library( copts = ["-DHAVE_LONG_LONG"], external_deps = ["tclap"], deps = [ - "//include/envoy/api:api_interface", + "//envoy/api:api_interface", "//source/common/protobuf:utility_lib", "//source/common/stats:isolated_store_lib", "//test/test_common:utility_lib", diff --git a/test/tools/schema_validator/validator.cc b/test/tools/schema_validator/validator.cc index d6d24219cb56..28ab9316a8a1 100644 --- a/test/tools/schema_validator/validator.cc +++ b/test/tools/schema_validator/validator.cc @@ -5,7 +5,7 @@ #include "envoy/service/discovery/v3/discovery.pb.h" #include "envoy/service/discovery/v3/discovery.pb.validate.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" #include "tclap/CmdLine.h" diff --git a/test/tools/schema_validator/validator.h b/test/tools/schema_validator/validator.h index af2dcce0331a..1e92cce035cb 100644 --- a/test/tools/schema_validator/validator.h +++ b/test/tools/schema_validator/validator.h @@ -4,7 +4,7 @@ #include "envoy/api/api.h" -#include "common/stats/isolated_store_impl.h" +#include "source/common/stats/isolated_store_impl.h" #include "test/test_common/utility.h" diff --git a/tools/api/generate_go_protobuf.py b/tools/api/generate_go_protobuf.py index bde296a423ae..833e0b87322c 100755 --- a/tools/api/generate_go_protobuf.py +++ b/tools/api/generate_go_protobuf.py @@ -22,12 +22,12 @@ USER_EMAIL = 'go-control-plane@users.noreply.github.com' -def generate_protobufs(output): +def generate_protobufs(targets, output, api_repo): bazel_bin = check_output(['bazel', 'info', 'bazel-bin']).decode().strip() go_protos = check_output([ 'bazel', 'query', - 'kind("go_proto_library", %s)' % TARGETS, + 'kind("go_proto_library", %s)' % targets, ]).split() # Each rule has the form @envoy_api//foo/bar:baz_go_proto. @@ -47,9 +47,10 @@ def generate_protobufs(output): # # Example output directory: # go_out/envoy/config/bootstrap/v2 - rule_dir, proto = rule.decode()[len('@envoy_api//'):].rsplit(':', 1) - input_dir = os.path.join( - bazel_bin, 'external', 'envoy_api', rule_dir, proto + '_', IMPORT_BASE, rule_dir) + rule_dir, proto = rule.decode().rsplit('//', 1)[1].rsplit(':', 1) + + prefix = '' if not api_repo else os.path.join('external', api_repo) + input_dir = os.path.join(bazel_bin, prefix, rule_dir, proto + '_', IMPORT_BASE, rule_dir) input_files = glob.glob(os.path.join(input_dir, '*.go')) output_dir = os.path.join(output, rule_dir) @@ -126,11 +127,13 @@ def updated(repo): description='Generate Go protobuf files and sync with go-control-plane') parser.add_argument('--sync', action='store_true') parser.add_argument('--output_base', default='build_go') + parser.add_argument('--targets', default=TARGETS) + parser.add_argument('--api_repo', default="envoy_api") args = parser.parse_args() workspace = check_output(['bazel', 'info', 'workspace']).decode().strip() output = os.path.join(workspace, args.output_base) - generate_protobufs(output) + generate_protobufs(args.targets, output, args.api_repo) if not args.sync: print('Skipping sync with go-control-plane') sys.exit() diff --git a/tools/api_boost/testdata/BUILD b/tools/api_boost/testdata/BUILD index 148b1b5c4787..f3e1298ff05b 100644 --- a/tools/api_boost/testdata/BUILD +++ b/tools/api_boost/testdata/BUILD @@ -59,7 +59,7 @@ envoy_cc_library( name = "validate", srcs = ["validate.cc"], deps = [ - "//include/envoy/protobuf:message_validator_interface", + "//envoy/protobuf:message_validator_interface", "//source/common/protobuf:utility_lib", "@envoy_api//envoy/api/v2:pkg_cc_proto", ], diff --git a/tools/api_boost/testdata/validate.cc b/tools/api_boost/testdata/validate.cc index 7de4b2b65ace..97fbd6bac35d 100644 --- a/tools/api_boost/testdata/validate.cc +++ b/tools/api_boost/testdata/validate.cc @@ -2,7 +2,7 @@ #include "envoy/api/v2/cluster.pb.validate.h" #include "envoy/protobuf/message_validator.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" void foo(Envoy::ProtobufMessage::ValidationVisitor& validator) { envoy::api::v2::Cluster msg; diff --git a/tools/api_boost/testdata/validate.cc.gold b/tools/api_boost/testdata/validate.cc.gold index f358c7aec715..5b991b7294e5 100644 --- a/tools/api_boost/testdata/validate.cc.gold +++ b/tools/api_boost/testdata/validate.cc.gold @@ -2,7 +2,7 @@ #include "envoy/config/cluster/v4alpha/cluster.pb.validate.h" #include "envoy/protobuf/message_validator.h" -#include "common/protobuf/utility.h" +#include "source/common/protobuf/utility.h" void foo(Envoy::ProtobufMessage::ValidationVisitor& validator) { envoy::config::cluster::v4alpha::Cluster msg; diff --git a/tools/api_versioning/generate_api_version_header.py b/tools/api_versioning/generate_api_version_header.py index 7d8ab3342983..a7519ecb02d3 100644 --- a/tools/api_versioning/generate_api_version_header.py +++ b/tools/api_versioning/generate_api_version_header.py @@ -9,7 +9,7 @@ FILE_TEMPLATE = string.Template( """#pragma once -#include "common/version/api_version_struct.h" +#include "source/common/version/api_version_struct.h" namespace Envoy { diff --git a/tools/api_versioning/generate_api_version_header_test.py b/tools/api_versioning/generate_api_version_header_test.py index 6a324ac85907..8035b21ce878 100644 --- a/tools/api_versioning/generate_api_version_header_test.py +++ b/tools/api_versioning/generate_api_version_header_test.py @@ -13,7 +13,7 @@ class GenerateApiVersionHeaderTest(unittest.TestCase): EXPECTED_TEMPLATE = string.Template( """#pragma once -#include "common/version/api_version_struct.h" +#include "source/common/version/api_version_struct.h" namespace Envoy { diff --git a/tools/bootstrap2pb.cc b/tools/bootstrap2pb.cc index 5cb2c6c3aeaa..0c41fd948efb 100644 --- a/tools/bootstrap2pb.cc +++ b/tools/bootstrap2pb.cc @@ -11,15 +11,14 @@ #include "envoy/config/bootstrap/v2/bootstrap.pb.h" -#include "common/api/api_impl.h" -#include "common/common/assert.h" -#include "common/common/random_generator.h" -#include "common/event/real_time_system.h" -#include "common/protobuf/message_validator_impl.h" -#include "common/protobuf/utility.h" -#include "common/stats/isolated_store_impl.h" - -#include "exe/platform_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/common/assert.h" +#include "source/common/common/random_generator.h" +#include "source/common/event/real_time_system.h" +#include "source/common/protobuf/message_validator_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/stats/isolated_store_impl.h" +#include "source/exe/platform_impl.h" // NOLINT(namespace-envoy) int main(int argc, char** argv) { diff --git a/tools/code_format/check_format.py b/tools/code_format/check_format.py index 3e24b50f261a..603cd7635afe 100755 --- a/tools/code_format/check_format.py +++ b/tools/code_format/check_format.py @@ -117,10 +117,28 @@ EXCEPTION_DENYLIST = ( "./source/common/http/http2/codec_impl.h", "./source/common/http/http2/codec_impl.cc") +# Files that are allowed to use try without main thread assertion. RAW_TRY_ALLOWLIST = ( - "./source/common/common/regex.cc", - "./source/common/common/thread.h", - "./source/common/network/utility.cc", + "./source/common/common/regex.cc", "./source/common/common/thread.h", + "./source/common/network/utility.cc") + +# These are entire files that are allowed to use std::string_view vs. individual exclusions. Right +# now this is just WASM which makes use of std::string_view heavily so we need to convert to +# absl::string_view internally. Everywhere else should be using absl::string_view for additional +# safety. +STD_STRING_VIEW_ALLOWLIST = ( + "./source/extensions/common/wasm/context.h", + "./source/extensions/common/wasm/context.cc", + "./source/extensions/common/wasm/foreign.cc", + "./source/extensions/common/wasm/wasm.h", + "./source/extensions/common/wasm/wasm.cc", + "./source/extensions/common/wasm/wasm_vm.h", + "./source/extensions/common/wasm/wasm_vm.cc", + "./test/extensions/bootstrap/wasm/wasm_speed_test.cc", + "./test/extensions/bootstrap/wasm/wasm_test.cc", + "./test/extensions/common/wasm/wasm_test.cc", + "./test/extensions/stats_sinks/wasm/wasm_stat_sink_test.cc", + "./test/test_common/wasm_base.h", ) # Header files that can throw exceptions. These should be limited; the only @@ -256,7 +274,6 @@ "envoy.reloadable_features.activate_timers_next_event_loop", "envoy.reloadable_features.check_ocsp_policy", "envoy.reloadable_features.grpc_json_transcoder_adhere_to_buffer_limits", - "envoy.reloadable_features.http2_skip_encoding_empty_trailers", "envoy.reloadable_features.upstream_http2_flood_checks", "envoy.reloadable_features.header_map_correctly_coalesce_cookies", } @@ -438,6 +455,9 @@ def allow_listed_for_register_factory(self, file_path): def allow_listed_for_serialize_as_string(self, file_path): return file_path in SERIALIZE_AS_STRING_ALLOWLIST or file_path.endswith(DOCS_SUFFIX) + def allow_listed_for_std_string_view(self, file_path): + return file_path in STD_STRING_VIEW_ALLOWLIST + def allow_listed_for_json_string_to_message(self, file_path): return file_path in JSON_STRING_TO_MESSAGE_ALLOWLIST @@ -824,8 +844,12 @@ def check_source_line(self, line, file_path, report_error): report_error("Don't use std::monostate; use absl::monostate instead") if self.token_in_line("std::optional", line): report_error("Don't use std::optional; use absl::optional instead") - if self.token_in_line("std::string_view", line): - report_error("Don't use std::string_view; use absl::string_view instead") + if not self.allow_listed_for_std_string_view( + file_path) and not "NOLINT(std::string_view)" in line: + if self.token_in_line("std::string_view", line) or self.token_in_line("toStdStringView", + line): + report_error( + "Don't use std::string_view or toStdStringView; use absl::string_view instead") if self.token_in_line("std::variant", line): report_error("Don't use std::variant; use absl::variant instead") if self.token_in_line("std::visit", line): @@ -835,12 +859,12 @@ def check_source_line(self, line, file_path, report_error): report_error( "Don't use raw try, use TRY_ASSERT_MAIN_THREAD if on the main thread otherwise don't use exceptions." ) - if "__attribute__((packed))" in line and file_path != "./include/envoy/common/platform.h": + if "__attribute__((packed))" in line and file_path != "./envoy/common/platform.h": # __attribute__((packed)) is not supported by MSVC, we have a PACKED_STRUCT macro that # can be used instead report_error( "Don't use __attribute__((packed)), use the PACKED_STRUCT macro defined " - "in include/envoy/common/platform.h instead") + "in envoy/common/platform.h instead") if DESIGNATED_INITIALIZER_REGEX.search(line): # Designated initializers are not part of the C++14 standard and are not supported # by MSVC diff --git a/tools/code_format/check_format_test_helper.py b/tools/code_format/check_format_test_helper.py index 8f8d0ac8a31b..057362709f76 100755 --- a/tools/code_format/check_format_test_helper.py +++ b/tools/code_format/check_format_test_helper.py @@ -265,7 +265,8 @@ def run_checks(): errors += check_unfixable_error( "std_optional.cc", "Don't use std::optional; use absl::optional instead") errors += check_unfixable_error( - "std_string_view.cc", "Don't use std::string_view; use absl::string_view instead") + "std_string_view.cc", + "Don't use std::string_view or toStdStringView; use absl::string_view instead") errors += check_unfixable_error( "std_variant.cc", "Don't use std::variant; use absl::variant instead") errors += check_unfixable_error("std_visit.cc", "Don't use std::visit; use absl::visit instead") diff --git a/tools/code_format/envoy_build_fixer.py b/tools/code_format/envoy_build_fixer.py index 378a1af63fdd..cfdbf59d24a9 100755 --- a/tools/code_format/envoy_build_fixer.py +++ b/tools/code_format/envoy_build_fixer.py @@ -150,6 +150,8 @@ def fix_api_deps(path, contents): kind, name, srcs, hdrs, deps = match.groups() if not name: continue + if kind == "envoy_pch_library": + continue source_paths = [] if srcs != 'missing': source_paths.extend( diff --git a/tools/code_format/glint.sh b/tools/code_format/glint.sh index aa0a5e93afa7..7e57cf266963 100755 --- a/tools/code_format/glint.sh +++ b/tools/code_format/glint.sh @@ -12,6 +12,8 @@ ERRORS= MISSING_NEWLINE=0 MIXED_TABS_AND_SPACES=0 TRAILING_WHITESPACE=0 +# AZP appears to make lines with this prefix red +BASH_ERR_PREFIX="##[error]: " # Checks whether a file has a mixture of indents starting with tabs and spaces @@ -20,7 +22,7 @@ check_mixed_tabs_spaces () { tabbed=$(grep -cP "^\t" "$1") spaced=$(grep -cP "^ " "$1") if [[ $tabbed -gt 0 ]] && [[ $spaced -gt 0 ]]; then - echo "mixed tabs and spaces: ${1}" >&2 + echo "${BASH_ERR_PREFIX}mixed tabs and spaces: ${1}" >&2 ERRORS=yes ((MIXED_TABS_AND_SPACES=MIXED_TABS_AND_SPACES+1)) fi @@ -29,7 +31,7 @@ check_mixed_tabs_spaces () { # Checks whether a file has a terminating newline check_new_line () { test "$(tail -c 1 "$1" | wc -l)" -eq 0 && { - echo "no newline at eof: ${1}" >&2 + echo "${BASH_ERR_PREFIX}no newline at eof: ${1}" >&2 ERRORS=yes ((MISSING_NEWLINE=MISSING_NEWLINE+1)) } @@ -38,7 +40,7 @@ check_new_line () { # Checks whether a file contains lines ending in whitespace check_trailing_whitespace () { if grep -r '[[:blank:]]$' "$1" > /dev/null; then - echo "trailing whitespace: ${1}" >&2 + echo "${BASH_ERR_PREFIX}trailing whitespace: ${1}" >&2 ERRORS=yes ((TRAILING_WHITESPACE=TRAILING_WHITESPACE+1)) fi @@ -64,10 +66,10 @@ done if [[ -n "$ERRORS" ]]; then echo >&2 - echo "ERRORS found" >&2 - echo "${MISSING_NEWLINE} files with missing newline" >&2 - echo "${MIXED_TABS_AND_SPACES} files with mixed tabs and spaces" >&2 - echo "${TRAILING_WHITESPACE} files with trailing whitespace" >&2 + echo "${BASH_ERR_PREFIX}ERRORS found" >&2 + echo "${BASH_ERR_PREFIX}${MISSING_NEWLINE} files with missing newline" >&2 + echo "${BASH_ERR_PREFIX}${MIXED_TABS_AND_SPACES} files with mixed tabs and spaces" >&2 + echo "${BASH_ERR_PREFIX}${TRAILING_WHITESPACE} files with trailing whitespace" >&2 echo >&2 exit 1 fi diff --git a/tools/code_format/header_order.py b/tools/code_format/header_order.py index e365cee84fec..c47166daef06 100755 --- a/tools/code_format/header_order.py +++ b/tools/code_format/header_order.py @@ -56,7 +56,7 @@ def reorder_headers(path): # Filter for includes that finds the #include of the header file associated with the source file # being processed. E.g. if 'path' is source/common/common/hex.cc, this filter matches - # "common/common/hex.h". + # "source/common/common/hex.h". def file_header_filter(): return lambda f: f.endswith('.h"') and path.endswith(f[1:-3] + '.cc') diff --git a/tools/code_format/requirements.txt b/tools/code_format/requirements.txt index 15ba3b2f5e01..1b6d092dbc63 100644 --- a/tools/code_format/requirements.txt +++ b/tools/code_format/requirements.txt @@ -1,27 +1,36 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --generate-hashes tools/code_format/requirements.txt +# +flake8-polyfill==1.0.2 \ + --hash=sha256:12be6a34ee3ab795b19ca73505e7b55826d5f6ad7230d31b18e106400169b9e9 \ + --hash=sha256:e44b087597f6da52ec6393a709e7108b2905317d0c0b744cdca6208e670d8eda + # via pep8-naming flake8==3.9.2 \ - --hash=sha256:bf8fd333346d844f616e8d47905ef3a3384edae6b4e9beb0c5101e25e3110907 \ - --hash=sha256:07528381786f2a6237b061f6e96610a4167b226cb926e2aa2b6b1d78057c576b -importlib-metadata==4.0.1 \ - --hash=sha256:d7eb1dea6d6a6086f8be21784cc9e3bcfa55872b52309bc5fad53a8ea444465d \ - --hash=sha256:8c501196e49fb9df5df43833bdb1e4328f64847763ec8a50703148b73784d581 + --hash=sha256:07528381786f2a6237b061f6e96610a4167b226cb926e2aa2b6b1d78057c576b \ + --hash=sha256:bf8fd333346d844f616e8d47905ef3a3384edae6b4e9beb0c5101e25e3110907 + # via + # -r tools/code_format/requirements.txt + # flake8-polyfill mccabe==0.6.1 \ --hash=sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42 \ --hash=sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f + # via flake8 +pep8-naming==0.11.1 \ + --hash=sha256:a1dd47dd243adfe8a83616e27cf03164960b507530f155db94e10b36a6cd6724 \ + --hash=sha256:f43bfe3eea7e0d73e8b5d07d6407ab47f2476ccaeff6937c84275cd30b016738 + # via -r tools/code_format/requirements.txt pycodestyle==2.7.0 \ --hash=sha256:514f76d918fcc0b55c6680472f0a37970994e07bbb80725808c17089be302068 \ --hash=sha256:c389c1d06bf7904078ca03399a4816f974a1d590090fecea0c63ec26ebaf1cef + # via flake8 pyflakes==2.3.1 \ --hash=sha256:7893783d01b8a89811dd72d7dfd4d84ff098e5eed95cfa8905b22bbffe52efc3 \ --hash=sha256:f5bc8ecabc05bb9d291eb5203d6810b49040f6ff446a756326104746cc00c1db + # via flake8 yapf==0.31.0 \ - --hash=sha256:e3a234ba8455fe201eaa649cdac872d590089a18b661e39bbac7020978dd9c2e \ - --hash=sha256:408fb9a2b254c302f49db83c59f9aa0b4b0fd0ec25be3a5c51181327922ff63d -zipp==3.4.1 \ - --hash=sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098 \ - --hash=sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76 -pep8-naming==0.11.1 \ - --hash=sha256:f43bfe3eea7e0d73e8b5d07d6407ab47f2476ccaeff6937c84275cd30b016738 \ - --hash=sha256:a1dd47dd243adfe8a83616e27cf03164960b507530f155db94e10b36a6cd6724 -flake8-polyfill==1.0.2 \ - --hash=sha256:12be6a34ee3ab795b19ca73505e7b55826d5f6ad7230d31b18e106400169b9e9 \ - --hash=sha256:e44b087597f6da52ec6393a709e7108b2905317d0c0b744cdca6208e670d8eda + --hash=sha256:408fb9a2b254c302f49db83c59f9aa0b4b0fd0ec25be3a5c51181327922ff63d \ + --hash=sha256:e3a234ba8455fe201eaa649cdac872d590089a18b661e39bbac7020978dd9c2e + # via -r tools/code_format/requirements.txt diff --git a/tools/config_validation/validate_fragment.py b/tools/config_validation/validate_fragment.py index e708a228a0ce..d79f62847719 100644 --- a/tools/config_validation/validate_fragment.py +++ b/tools/config_validation/validate_fragment.py @@ -21,7 +21,38 @@ import argparse -def validate_fragment(type_name, fragment): +class IgnoredKey(yaml.YAMLObject): + """Python support type for Envoy's config !ignore tag.""" + yaml_tag = '!ignore' + + def __init__(self, strval): + self.strval = strval + + def __repr__(self): + return f'IgnoredKey({str})' + + def __eq__(self, other): + return isinstance(other, IgnoredKey) and self.strval == other.strval + + def __hash__(self): + return hash((self.yaml_tag, self.strval)) + + @classmethod + def from_yaml(cls, loader, node): + return IgnoredKey(node.value) + + @classmethod + def to_yaml(cls, dumper, data): + return dumper.represent_scalar(cls.yaml_tag, data.strval) + + +def validate_yaml(type_name, content, descriptor_path=None): + yaml.SafeLoader.add_constructor('!ignore', IgnoredKey.from_yaml) + yaml.SafeDumper.add_multi_representer(IgnoredKey, IgnoredKey.to_yaml) + validate_fragment(type_name, yaml.safe_load(content), descriptor_path) + + +def validate_fragment(type_name, fragment, descriptor_path=None): """Validate a dictionary representing a JSON/YAML fragment against an Envoy API proto3 type. Throws Protobuf errors on parsing exceptions, successful validations produce @@ -33,16 +64,16 @@ def validate_fragment(type_name, fragment): fragment: a dictionary representing the parsed JSON/YAML configuration fragment. """ - json_fragment = json.dumps(fragment) + json_fragment = json.dumps(fragment, skipkeys=True) + + if not descriptor_path: + r = runfiles.Create() + descriptor_path = r.Rlocation( + 'envoy/tools/type_whisperer/all_protos_with_ext_pb_text.pb_text') - r = runfiles.Create() - all_protos_pb_text_path = r.Rlocation( - 'envoy/tools/type_whisperer/all_protos_with_ext_pb_text.pb_text') file_desc_set = descriptor_pb2.FileDescriptorSet() text_format.Parse( - pathlib.Path(all_protos_pb_text_path).read_text(), - file_desc_set, - allow_unknown_extension=True) + pathlib.Path(descriptor_path).read_text(), file_desc_set, allow_unknown_extension=True) pool = descriptor_pool.DescriptorPool() for f in file_desc_set.file: @@ -60,7 +91,7 @@ def parse_args(): help='a string providing the type name, e.g. envoy.config.bootstrap.v3.Bootstrap.') parser.add_argument('fragment_path', nargs='?', help='Path to a YAML configuration fragment.') parser.add_argument('-s', required=False, help='YAML configuration fragment.') - + parser.add_argument('--descriptor_path', nargs='?', help='Path to a protobuf descriptor file.') return parser.parse_args() @@ -69,4 +100,4 @@ def parse_args(): message_type = parsed_args.message_type content = parsed_args.s if (parsed_args.fragment_path is None) else pathlib.Path( parsed_args.fragment_path).read_text() - validate_fragment(message_type, yaml.safe_load(content)) + validate_yaml(message_type, content, descriptor_path=parsed_args.descriptor_path) diff --git a/tools/dependency/BUILD b/tools/dependency/BUILD index 3bbd85b8ce52..2e9942d3c2f8 100644 --- a/tools/dependency/BUILD +++ b/tools/dependency/BUILD @@ -1,4 +1,4 @@ -load("@rules_python//python:defs.bzl", "py_binary") +load("@rules_python//python:defs.bzl", "py_binary", "py_library") load("@deps_pip3//:requirements.bzl", "requirement") load("//bazel:envoy_build_system.bzl", "envoy_package") load("//tools/base:envoy_python.bzl", "envoy_py_binary") @@ -7,7 +7,7 @@ licenses(["notice"]) # Apache 2 envoy_package() -py_binary( +py_library( name = "exports", srcs = ["exports.py"], data = [ @@ -17,15 +17,10 @@ py_binary( ], ) -py_binary( - name = "generate_external_dep_rst", - srcs = [ - "generate_external_dep_rst.py", - "utils.py", - ], - data = [ - ":exports", - ], +py_library( + name = "utils", + srcs = ["utils.py"], + deps = [":exports"], ) py_binary( diff --git a/tools/dependency/release_dates.py b/tools/dependency/release_dates.py index 25071f9320df..10733549ae77 100644 --- a/tools/dependency/release_dates.py +++ b/tools/dependency/release_dates.py @@ -19,9 +19,12 @@ import exports import utils +from colorama import Fore, Style +from packaging import version -# Thrown on errors related to release date. -class ReleaseDateError(Exception): + +# Thrown on errors related to release date or version. +class ReleaseDateVersionError(Exception): pass @@ -29,7 +32,9 @@ class ReleaseDateError(Exception): def format_utc_date(date): # We only handle naive datetime objects right now, which is what PyGithub # appears to be handing us. - assert (date.tzinfo is None) + if date.tzinfo is not None: + raise ReleaseDateVersionError( + "Expected UTC date without timezone information. Received timezone information") return date.date().isoformat() @@ -38,35 +43,66 @@ def format_utc_date(date): def verify_and_print_latest_release(dep, repo, metadata_version, release_date): try: latest_release = repo.get_latest_release() - if latest_release.created_at > release_date and latest_release.tag_name != metadata_version: - print( - f'*WARNING* {dep} has a newer release than {metadata_version}@<{release_date}>: ' - f'{latest_release.tag_name}@<{latest_release.created_at}>') - except github.UnknownObjectException: - pass + except github.GithubException as err: + # Repositories can not have releases or if they have releases may not publish a latest releases. Return + print(f'GithubException {repo.name}: {err.data} {err.status} while getting latest release.') + return + if latest_release.created_at > release_date and latest_release.tag_name != metadata_version: + print( + f'{Fore.YELLOW}*WARNING* {dep} has a newer release than {metadata_version}@<{release_date}>: ' + f'{latest_release.tag_name}@<{latest_release.created_at}>{Style.RESET_ALL}') -# Print GitHub release date, throw ReleaseDateError on mismatch with metadata release date. +# Print GitHub release date, throw ReleaseDateVersionError on mismatch with metadata release date. def verify_and_print_release_date(dep, github_release_date, metadata_release_date): mismatch = '' iso_release_date = format_utc_date(github_release_date) - print(f'{dep} has a GitHub release date {iso_release_date}') + print(f'{Fore.GREEN}{dep} has a GitHub release date {iso_release_date}{Style.RESET_ALL}') if iso_release_date != metadata_release_date: - raise ReleaseDateError(f'Mismatch with metadata release date of {metadata_release_date}') + raise ReleaseDateVersionError( + f'Mismatch with metadata release date of {metadata_release_date}') -# Extract release date from GitHub API. -def get_release_date(repo, metadata_version, github_release): - if github_release.tagged: +# Extract release date from GitHub API for tagged releases. +def get_tagged_release_date(repo, metadata_version, github_release): + + try: + latest = repo.get_latest_release() + except github.GithubException as err: + # Repositories can not have releases or if they have releases may not publish a latest releases. If this is the case we keep going + latest = '' + print(f'GithubException {repo.name}: {err.data} {err.status} while getting latest release.') + + if latest and github_release.version <= latest.tag_name: + release = repo.get_release(github_release.version) + return release.published_at + else: tags = repo.get_tags() - for tag in tags: + current_metadata_tag_commit_date = '' + for tag in tags.reversed: if tag.name == github_release.version: - return tag.commit.commit.committer.date - return None - else: - assert (metadata_version == github_release.version) - commit = repo.get_commit(github_release.version) - return commit.commit.committer.date + current_metadata_tag_commit_date = tag.commit.commit.committer.date + if not version.parse(tag.name).is_prerelease and version.parse( + tag.name) > version.parse(github_release.version): + print( + f'{Fore.YELLOW}*WARNING* {repo.name} has a newer release than {github_release.version}@<{current_metadata_tag_commit_date}>: ' + f'{tag.name}@<{tag.commit.commit.committer.date}>{Style.RESET_ALL}') + return current_metadata_tag_commit_date + + +# Extract release date from GitHub API for untagged releases. +def get_untagged_release_date(repo, metadata_version, github_release): + if metadata_version != github_release.version: + raise ReleaseDateVersionError( + f'Mismatch with metadata version {metadata_version} and github release version {github_release.version}' + ) + commit = repo.get_commit(github_release.version) + commits = repo.get_commits(since=commit.commit.committer.date) + if commits.totalCount > 1: + print( + f'{Fore.YELLOW}*WARNING* {repo.name} has {str(commits.totalCount - 1)} commits since {github_release.version}@<{commit.commit.committer.date}>{Style.RESET_ALL}' + ) + return commit.commit.committer.date # Verify release dates in metadata against GitHub API. @@ -75,19 +111,23 @@ def verify_and_print_release_dates(repository_locations, github_instance): release_date = None # Obtain release information from GitHub API. github_release = utils.get_github_release_from_urls(metadata['urls']) + print('github_release: ', github_release) if not github_release: print(f'{dep} is not a GitHub repository') continue repo = github_instance.get_repo(f'{github_release.organization}/{github_release.project}') - release_date = get_release_date(repo, metadata['version'], github_release) + if github_release.tagged: + release_date = get_tagged_release_date(repo, metadata['version'], github_release) + else: + release_date = get_untagged_release_date(repo, metadata['version'], github_release) if release_date: # Check whether there is a more recent version and warn if necessary. verify_and_print_latest_release(dep, repo, github_release.version, release_date) # Verify that the release date in metadata and GitHub correspond, - # otherwise throw ReleaseDateError. + # otherwise throw ReleaseDateVersionError. verify_and_print_release_date(dep, release_date, metadata['release_date']) else: - raise ReleaseDateError( + raise ReleaseDateVersionError( f'{dep} is a GitHub repository with no no inferrable release date') @@ -105,8 +145,8 @@ def verify_and_print_release_dates(repository_locations, github_instance): try: verify_and_print_release_dates( spec_loader(path_module.REPOSITORY_LOCATIONS_SPEC), github.Github(access_token)) - except ReleaseDateError as e: + except ReleaseDateVersionError as e: print( - f'An error occurred while processing {path}, please verify the correctness of the ' - f'metadata: {e}') + f'{Fore.RED}An error occurred while processing {path}, please verify the correctness of the ' + f'metadata: {e}{Style.RESET_ALL}') sys.exit(1) diff --git a/tools/dependency/release_dates.sh b/tools/dependency/release_dates.sh index 5e32abdedf6b..de12f53e4512 100755 --- a/tools/dependency/release_dates.sh +++ b/tools/dependency/release_dates.sh @@ -7,4 +7,4 @@ set -e # TODO(phlax): move this job to bazel and remove this export API_PATH=api/ -python_venv release_dates "$1" +PYTHONPATH=. python_venv release_dates "$1" diff --git a/tools/dependency/requirements.txt b/tools/dependency/requirements.txt index 68995769e313..e7e6d5c74ae0 100644 --- a/tools/dependency/requirements.txt +++ b/tools/dependency/requirements.txt @@ -4,9 +4,9 @@ # # pip-compile --generate-hashes tools/dependency/requirements.txt # -certifi==2020.12.5 \ - --hash=sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c \ - --hash=sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830 +certifi==2021.5.30 \ + --hash=sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8 \ + --hash=sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee # via # -r tools/dependency/requirements.txt # requests @@ -48,13 +48,19 @@ cffi==1.14.5 \ --hash=sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406 \ --hash=sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d \ --hash=sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c - # via pynacl + # via + # -r tools/dependency/requirements.txt + # pynacl chardet==4.0.0 \ --hash=sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa \ --hash=sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5 # via # -r tools/dependency/requirements.txt # requests +colorama==0.4.4 \ + --hash=sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b \ + --hash=sha256:9f47eda37229f68eee03b24b9748937c7dc3868f906e8ba69fbcbdd3bc5dc3e2 + # via -r tools/dependency/requirements.txt deprecated==1.2.12 \ --hash=sha256:08452d69b6b5bc66e8330adde0a4f8642e969b9e1702904d137eeb29c8ffc771 \ --hash=sha256:6d2de2de7931a968874481ef30208fd4e08da39177d61d3d4ebdf4366e7dbca1 @@ -67,10 +73,16 @@ idna==2.10 \ # via # -r tools/dependency/requirements.txt # requests +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via -r tools/dependency/requirements.txt pycparser==2.20 \ --hash=sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0 \ --hash=sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705 - # via cffi + # via + # -r tools/dependency/requirements.txt + # cffi pygithub==1.55 \ --hash=sha256:1bbfff9372047ff3f21d5cd8e07720f3dbfdaf6462fcaed9d815f528f1ba7283 \ --hash=sha256:2caf0054ea079b71e539741ae56c5a95e073b81fa472ce222e81667381b9601b @@ -78,7 +90,9 @@ pygithub==1.55 \ pyjwt==2.1.0 \ --hash=sha256:934d73fbba91b0483d3857d1aff50e96b2a892384ee2c17417ed3203f173fca1 \ --hash=sha256:fba44e7898bbca160a2b2b501f492824fc8382485d3a6f11ba5d0c1937ce6130 - # via pygithub + # via + # -r tools/dependency/requirements.txt + # pygithub pynacl==1.4.0 \ --hash=sha256:06cbb4d9b2c4bd3c8dc0d267416aaed79906e7b33f114ddbf0911969794b1cc4 \ --hash=sha256:11335f09060af52c97137d4ac54285bcb7df0cef29014a1a4efe64ac065434c4 \ @@ -98,7 +112,15 @@ pynacl==1.4.0 \ --hash=sha256:d452a6746f0a7e11121e64625109bc4468fc3100452817001dbe018bb8b08514 \ --hash=sha256:ea6841bc3a76fa4942ce00f3bda7d436fda21e2d91602b9e21b7ca9ecab8f3ff \ --hash=sha256:f8851ab9041756003119368c1e6cd0b9c631f46d686b3904b18c0139f4419f80 - # via pygithub + # via + # -r tools/dependency/requirements.txt + # pygithub +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via + # -r tools/dependency/requirements.txt + # packaging pyyaml==5.4.1 \ --hash=sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf \ --hash=sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696 \ @@ -140,9 +162,9 @@ six==1.16.0 \ --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 \ --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 # via pynacl -urllib3==1.26.4 \ - --hash=sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df \ - --hash=sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937 +urllib3==1.26.5 \ + --hash=sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c \ + --hash=sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 # via # -r tools/dependency/requirements.txt # requests diff --git a/tools/dependency/utils.py b/tools/dependency/utils.py index 7332f6072df1..e47107fe1463 100644 --- a/tools/dependency/utils.py +++ b/tools/dependency/utils.py @@ -2,7 +2,7 @@ from collections import namedtuple -from exports import ( +from tools.dependency.exports import ( api_repository_locations, envoy_repository_locations, repository_locations_utils) diff --git a/tools/deprecate_version/requirements.txt b/tools/deprecate_version/requirements.txt index e9024ac6f3bd..7789602e2d47 100644 --- a/tools/deprecate_version/requirements.txt +++ b/tools/deprecate_version/requirements.txt @@ -4,9 +4,9 @@ # # pip-compile --generate-hashes tools/deprecate_version/requirements.txt # -certifi==2020.12.5 \ - --hash=sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c \ - --hash=sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830 +certifi==2021.5.30 \ + --hash=sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8 \ + --hash=sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee # via # -r tools/deprecate_version/requirements.txt # requests @@ -125,9 +125,9 @@ smmap==4.0.0 \ # via # -r tools/deprecate_version/requirements.txt # gitdb -urllib3==1.26.4 \ - --hash=sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df \ - --hash=sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937 +urllib3==1.26.5 \ + --hash=sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c \ + --hash=sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 # via # -r tools/deprecate_version/requirements.txt # requests diff --git a/tools/docs/BUILD b/tools/docs/BUILD new file mode 100644 index 000000000000..733836005bcf --- /dev/null +++ b/tools/docs/BUILD @@ -0,0 +1,77 @@ +load("@rules_python//python:defs.bzl", "py_binary") +load("//bazel:envoy_build_system.bzl", "envoy_package") +load("@docs_pip3//:requirements.bzl", "requirement") +load("//tools/base:envoy_python.bzl", "envoy_py_binary") + +licenses(["notice"]) # Apache 2 + +envoy_package() + +py_binary( + name = "generate_extensions_security_rst", + srcs = ["generate_extensions_security_rst.py"], + data = ["//source/extensions:extensions_metadata.yaml"], + deps = [ + requirement("pyyaml"), + ], +) + +py_binary( + name = "generate_external_deps_rst", + srcs = [ + "generate_external_deps_rst.py", + ], + deps = [ + "//tools/dependency:exports", + "//tools/dependency:utils", + ], +) + +py_binary( + name = "generate_api_rst", + srcs = [ + "generate_api_rst.py", + ], +) + +envoy_py_binary( + name = "tools.docs.sphinx_runner", + deps = [ + "//tools/base:runner", + requirement("alabaster"), + requirement("Babel"), + requirement("certifi"), + requirement("chardet"), + requirement("colorama"), + requirement("docutils"), + requirement("gitdb"), + requirement("GitPython"), + requirement("idna"), + requirement("imagesize"), + requirement("Jinja2"), + requirement("MarkupSafe"), + requirement("packaging"), + requirement("Pygments"), + requirement("pyparsing"), + requirement("pytz"), + requirement("pyyaml"), + requirement("requests"), + requirement("setuptools"), + requirement("six"), + requirement("smmap"), + requirement("snowballstemmer"), + requirement("Sphinx"), + requirement("sphinx-copybutton"), + requirement("sphinx-rtd-theme"), + requirement("sphinx-tabs"), + requirement("sphinxcontrib-applehelp"), + requirement("sphinxcontrib-devhelp"), + requirement("sphinxcontrib-htmlhelp"), + requirement("sphinxcontrib-httpdomain"), + requirement("sphinxcontrib-jsmath"), + requirement("sphinxcontrib-qthelp"), + requirement("sphinxext-rediraffe"), + requirement("sphinxcontrib-serializinghtml"), + requirement("urllib3"), + ], +) diff --git a/tools/docs/generate_api_rst.py b/tools/docs/generate_api_rst.py new file mode 100644 index 000000000000..2076b50d4427 --- /dev/null +++ b/tools/docs/generate_api_rst.py @@ -0,0 +1,52 @@ +import os +import shutil +import sys +import tarfile + + +def main(): + proto_srcs = sys.argv[1] + envoy_api_rst_files = sys.argv[1:-1] + output_filename = sys.argv[-1] + + with open(proto_srcs) as f: + # the contents of `proto_srcs` are the result of a bazel genquery, + # containing bazel target rules, eg: + # + # @envoy_api_canonical//envoy/watchdog/v3alpha:abort_action.proto + # + # this transforms them to a list with a "canonical" form of: + # + # envoy/watchdog/v3alpha/abort_action.proto.rst + # + envoy_api_protos = [ + f"{src.split('//')[1].replace(':', '/')}.rst" for src in f.read().split("\n") if src + ] + + for rst_file_path in envoy_api_rst_files: + # `envoy_api_rst_files` is a list of file paths for .proto.rst files + # generated by protodoc + # + # we are only interested in the proto files generated for envoy protos, + # not for non-envoy dependencies + if "pkg/envoy" not in rst_file_path: + continue + # derive the "canonical" path from the filepath + canonical = f"{rst_file_path.split('pkg/envoy/')[1]}" + + # we are only interested in the actual v3 protos, not their dependencies + if f"envoy/{canonical}" not in envoy_api_protos: + continue + target = os.path.join("rst-out/api-v3", canonical) + if not os.path.exists(os.path.dirname(target)): + os.makedirs(os.path.dirname(target)) + shutil.copy(rst_file_path, target) + + # output the generated rst files to a tarfile for consumption + # by other bazel rules + with tarfile.open(output_filename, "w") as tar: + tar.add("rst-out", arcname=".") + + +if __name__ == "__main__": + main() diff --git a/tools/extensions/generate_extension_rst.py b/tools/docs/generate_extensions_security_rst.py similarity index 56% rename from tools/extensions/generate_extension_rst.py rename to tools/docs/generate_extensions_security_rst.py index 9199873f7079..4c3f649b18a8 100644 --- a/tools/extensions/generate_extension_rst.py +++ b/tools/docs/generate_extensions_security_rst.py @@ -3,38 +3,32 @@ # Generate RST lists of extensions grouped by their security posture. from collections import defaultdict -import json import os import pathlib -import subprocess +import sys +import tarfile + +import yaml def format_item(extension, metadata): - if metadata['undocumented']: + if metadata.get('undocumented'): item = '* %s' % extension else: item = '* :ref:`%s `' % (extension, extension) - if metadata['status'] == 'alpha': + if metadata.get('status') == 'alpha': item += ' (alpha)' return item -if __name__ == '__main__': - try: - generated_rst_dir = os.environ["GENERATED_RST_DIR"] - except KeyError: - raise SystemExit( - "Path to an output directory must be specified with GENERATED_RST_DIR env var") +def main(): + metadata_filepath = sys.argv[1] + output_filename = sys.argv[2] + generated_rst_dir = os.path.dirname(output_filename) security_rst_root = os.path.join(generated_rst_dir, "intro/arch_overview/security") - try: - extension_db_path = os.environ["EXTENSION_DB_PATH"] - except KeyError: - raise SystemExit( - "Path to a json extension db must be specified with EXTENSION_DB_PATH env var") - if not os.path.exists(extension_db_path): - subprocess.run("tools/extensions/generate_extension_db".split(), check=True) - extension_db = json.loads(pathlib.Path(extension_db_path).read_text()) + with open(metadata_filepath) as f: + extension_db = yaml.safe_load(f.read()) pathlib.Path(security_rst_root).mkdir(parents=True, exist_ok=True) @@ -47,5 +41,12 @@ def format_item(extension, metadata): content = '\n'.join( format_item(extension, extension_db[extension]) for extension in sorted(extensions) - if extension_db[extension]['status'] != 'wip') + if extension_db[extension].get('status') != 'wip') output_path.write_text(content) + + with tarfile.open(output_filename, "w") as tar: + tar.add(generated_rst_dir, arcname=".") + + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tools/dependency/generate_external_dep_rst.py b/tools/docs/generate_external_deps_rst.py similarity index 92% rename from tools/dependency/generate_external_dep_rst.py rename to tools/docs/generate_external_deps_rst.py index 48e7c0491260..f1dbaa178e16 100755 --- a/tools/dependency/generate_external_dep_rst.py +++ b/tools/docs/generate_external_deps_rst.py @@ -6,6 +6,7 @@ import os import pathlib import sys +import tarfile import urllib.parse from tools.dependency import utils as dep_utils @@ -67,13 +68,13 @@ def get_version_url(metadata): return f'{github_repo}/tree/{github_release.version}' -if __name__ == '__main__': - try: - generated_rst_dir = os.getenv("GENERATED_RST_DIR") or sys.argv[1] - except IndexError: - raise SystemExit( - "Output dir path must be either specified as arg or with GENERATED_RST_DIR env var") +def csv_row(dep): + return [dep.name, dep.version, dep.release_date, dep.cpe] + +def main(): + output_filename = sys.argv[1] + generated_rst_dir = os.path.dirname(output_filename) security_rst_root = os.path.join(generated_rst_dir, "intro/arch_overview/security") pathlib.Path(security_rst_root).mkdir(parents=True, exist_ok=True) @@ -97,9 +98,6 @@ def get_version_url(metadata): for ext in v.get('extensions', ['core']): use_categories[category][ext].append(dep) - def csv_row(dep): - return [dep.name, dep.version, dep.release_date, dep.cpe] - # Generate per-use category RST with CSV tables. for category, exts in use_categories.items(): content = '' @@ -110,3 +108,10 @@ def csv_row(dep): content += csv_table(['Name', 'Version', 'Release date', 'CPE'], [2, 1, 1, 2], [csv_row(dep) for dep in sorted(deps, key=lambda d: d.sort_name)]) output_path.write_text(content) + + with tarfile.open(output_filename, "w") as tar: + tar.add(generated_rst_dir, arcname=".") + + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tools/docs/requirements.txt b/tools/docs/requirements.txt new file mode 100644 index 000000000000..2683c4f9840c --- /dev/null +++ b/tools/docs/requirements.txt @@ -0,0 +1,266 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --allow-unsafe --generate-hashes tools/docs/requirements.txt +# +alabaster==0.7.12 \ + --hash=sha256:446438bdcca0e05bd45ea2de1668c1d9b032e1a9154c2c259092d77031ddd359 \ + --hash=sha256:a661d72d58e6ea8a57f7a86e37d86716863ee5e92788398526d58b26a4e4dc02 + # via + # -r tools/docs/requirements.txt + # sphinx +babel==2.9.1 \ + --hash=sha256:ab49e12b91d937cd11f0b67cb259a57ab4ad2b59ac7a3b41d6c06c0ac5b0def9 \ + --hash=sha256:bc0c176f9f6a994582230df350aa6e05ba2ebe4b3ac317eab29d9be5d2768da0 + # via + # -r tools/docs/requirements.txt + # sphinx +certifi==2021.5.30 \ + --hash=sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee \ + --hash=sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8 + # via + # -r tools/docs/requirements.txt + # requests +chardet==4.0.0 \ + --hash=sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa \ + --hash=sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5 + # via + # -r tools/docs/requirements.txt + # requests +colorama==0.4.4 \ + --hash=sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b \ + --hash=sha256:9f47eda37229f68eee03b24b9748937c7dc3868f906e8ba69fbcbdd3bc5dc3e2 + # via -r tools/docs/requirements.txt +docutils==0.16 \ + --hash=sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af \ + --hash=sha256:c2de3a60e9e7d07be26b7f2b00ca0309c207e06c100f9cc2a94931fc75a478fc + # via + # -r tools/docs/requirements.txt + # sphinx + # sphinx-rtd-theme + # sphinx-tabs +gitdb==4.0.7 \ + --hash=sha256:6c4cc71933456991da20917998acbe6cf4fb41eeaab7d6d67fbc05ecd4c865b0 \ + --hash=sha256:96bf5c08b157a666fec41129e6d327235284cca4c81e92109260f353ba138005 + # via + # -r tools/docs/requirements.txt + # gitpython +gitpython==3.1.17 \ + --hash=sha256:29fe82050709760081f588dd50ce83504feddbebdc4da6956d02351552b1c135 \ + --hash=sha256:ee24bdc93dce357630764db659edaf6b8d664d4ff5447ccfeedd2dc5c253f41e + # via -r tools/docs/requirements.txt +idna==2.10 \ + --hash=sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6 \ + --hash=sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0 + # via + # -r tools/docs/requirements.txt + # requests +imagesize==1.2.0 \ + --hash=sha256:6965f19a6a2039c7d48bca7dba2473069ff854c36ae6f19d2cde309d998228a1 \ + --hash=sha256:b1f6b5a4eab1f73479a50fb79fcf729514a900c341d8503d62a62dbc4127a2b1 + # via + # -r tools/docs/requirements.txt + # sphinx +jinja2==3.0.1 \ + --hash=sha256:1f06f2da51e7b56b8f238affdd6b4e2c61e39598a378cc49345bc1bd42a978a4 \ + --hash=sha256:703f484b47a6af502e743c9122595cc812b0271f661722403114f71a79d0f5a4 + # via + # -r tools/docs/requirements.txt + # sphinx +markupsafe==2.0.1 \ + --hash=sha256:01a9b8ea66f1658938f65b93a85ebe8bc016e6769611be228d797c9d998dd298 \ + --hash=sha256:023cb26ec21ece8dc3907c0e8320058b2e0cb3c55cf9564da612bc325bed5e64 \ + --hash=sha256:0446679737af14f45767963a1a9ef7620189912317d095f2d9ffa183a4d25d2b \ + --hash=sha256:0717a7390a68be14b8c793ba258e075c6f4ca819f15edfc2a3a027c823718567 \ + --hash=sha256:0955295dd5eec6cb6cc2fe1698f4c6d84af2e92de33fbcac4111913cd100a6ff \ + --hash=sha256:10f82115e21dc0dfec9ab5c0223652f7197feb168c940f3ef61563fc2d6beb74 \ + --hash=sha256:1d609f577dc6e1aa17d746f8bd3c31aa4d258f4070d61b2aa5c4166c1539de35 \ + --hash=sha256:2ef54abee730b502252bcdf31b10dacb0a416229b72c18b19e24a4509f273d26 \ + --hash=sha256:3c112550557578c26af18a1ccc9e090bfe03832ae994343cfdacd287db6a6ae7 \ + --hash=sha256:47ab1e7b91c098ab893b828deafa1203de86d0bc6ab587b160f78fe6c4011f75 \ + --hash=sha256:49e3ceeabbfb9d66c3aef5af3a60cc43b85c33df25ce03d0031a608b0a8b2e3f \ + --hash=sha256:4efca8f86c54b22348a5467704e3fec767b2db12fc39c6d963168ab1d3fc9135 \ + --hash=sha256:53edb4da6925ad13c07b6d26c2a852bd81e364f95301c66e930ab2aef5b5ddd8 \ + --hash=sha256:594c67807fb16238b30c44bdf74f36c02cdf22d1c8cda91ef8a0ed8dabf5620a \ + --hash=sha256:611d1ad9a4288cf3e3c16014564df047fe08410e628f89805e475368bd304914 \ + --hash=sha256:6557b31b5e2c9ddf0de32a691f2312a32f77cd7681d8af66c2692efdbef84c18 \ + --hash=sha256:693ce3f9e70a6cf7d2fb9e6c9d8b204b6b39897a2c4a1aa65728d5ac97dcc1d8 \ + --hash=sha256:6a7fae0dd14cf60ad5ff42baa2e95727c3d81ded453457771d02b7d2b3f9c0c2 \ + --hash=sha256:6c4ca60fa24e85fe25b912b01e62cb969d69a23a5d5867682dd3e80b5b02581d \ + --hash=sha256:7d91275b0245b1da4d4cfa07e0faedd5b0812efc15b702576d103293e252af1b \ + --hash=sha256:905fec760bd2fa1388bb5b489ee8ee5f7291d692638ea5f67982d968366bef9f \ + --hash=sha256:97383d78eb34da7e1fa37dd273c20ad4320929af65d156e35a5e2d89566d9dfb \ + --hash=sha256:984d76483eb32f1bcb536dc27e4ad56bba4baa70be32fa87152832cdd9db0833 \ + --hash=sha256:a30e67a65b53ea0a5e62fe23682cfe22712e01f453b95233b25502f7c61cb415 \ + --hash=sha256:ab3ef638ace319fa26553db0624c4699e31a28bb2a835c5faca8f8acf6a5a902 \ + --hash=sha256:b2f4bf27480f5e5e8ce285a8c8fd176c0b03e93dcc6646477d4630e83440c6a9 \ + --hash=sha256:b7f2d075102dc8c794cbde1947378051c4e5180d52d276987b8d28a3bd58c17d \ + --hash=sha256:be98f628055368795d818ebf93da628541e10b75b41c559fdf36d104c5787066 \ + --hash=sha256:d7f9850398e85aba693bb640262d3611788b1f29a79f0c93c565694658f4071f \ + --hash=sha256:f5653a225f31e113b152e56f154ccbe59eeb1c7487b39b9d9f9cdb58e6c79dc5 \ + --hash=sha256:f826e31d18b516f653fe296d967d700fddad5901ae07c622bb3705955e1faa94 \ + --hash=sha256:f8ba0e8349a38d3001fae7eadded3f6606f0da5d748ee53cc1dab1d6527b9509 \ + --hash=sha256:f9081981fe268bd86831e5c75f7de206ef275defcb82bc70740ae6dc507aee51 \ + --hash=sha256:fa130dd50c57d53368c9d59395cb5526eda596d3ffe36666cd81a44d56e48872 + # via + # -r tools/docs/requirements.txt + # jinja2 +packaging==20.9 \ + --hash=sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5 \ + --hash=sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a + # via + # -r tools/docs/requirements.txt + # sphinx +pygments==2.9.0 \ + --hash=sha256:a18f47b506a429f6f4b9df81bb02beab9ca21d0a5fee38ed15aef65f0545519f \ + --hash=sha256:d66e804411278594d764fc69ec36ec13d9ae9147193a1740cd34d272ca383b8e + # via + # -r tools/docs/requirements.txt + # sphinx + # sphinx-tabs +pyparsing==2.4.7 \ + --hash=sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1 \ + --hash=sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b + # via + # -r tools/docs/requirements.txt + # packaging +pytz==2021.1 \ + --hash=sha256:83a4a90894bf38e243cf052c8b58f381bfe9a7a483f6a9cab140bc7f702ac4da \ + --hash=sha256:eb10ce3e7736052ed3623d49975ce333bcd712c7bb19a58b9e2089d4057d0798 + # via + # -r tools/docs/requirements.txt + # babel +pyyaml==5.4.1 \ + --hash=sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf \ + --hash=sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696 \ + --hash=sha256:129def1b7c1bf22faffd67b8f3724645203b79d8f4cc81f674654d9902cb4393 \ + --hash=sha256:294db365efa064d00b8d1ef65d8ea2c3426ac366c0c4368d930bf1c5fb497f77 \ + --hash=sha256:3b2b1824fe7112845700f815ff6a489360226a5609b96ec2190a45e62a9fc922 \ + --hash=sha256:3bd0e463264cf257d1ffd2e40223b197271046d09dadf73a0fe82b9c1fc385a5 \ + --hash=sha256:4465124ef1b18d9ace298060f4eccc64b0850899ac4ac53294547536533800c8 \ + --hash=sha256:49d4cdd9065b9b6e206d0595fee27a96b5dd22618e7520c33204a4a3239d5b10 \ + --hash=sha256:4e0583d24c881e14342eaf4ec5fbc97f934b999a6828693a99157fde912540cc \ + --hash=sha256:5accb17103e43963b80e6f837831f38d314a0495500067cb25afab2e8d7a4018 \ + --hash=sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e \ + --hash=sha256:6c78645d400265a062508ae399b60b8c167bf003db364ecb26dcab2bda048253 \ + --hash=sha256:72a01f726a9c7851ca9bfad6fd09ca4e090a023c00945ea05ba1638c09dc3347 \ + --hash=sha256:74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183 \ + --hash=sha256:895f61ef02e8fed38159bb70f7e100e00f471eae2bc838cd0f4ebb21e28f8541 \ + --hash=sha256:8c1be557ee92a20f184922c7b6424e8ab6691788e6d86137c5d93c1a6ec1b8fb \ + --hash=sha256:bb4191dfc9306777bc594117aee052446b3fa88737cd13b7188d0e7aa8162185 \ + --hash=sha256:bfb51918d4ff3d77c1c856a9699f8492c612cde32fd3bcd344af9be34999bfdc \ + --hash=sha256:c20cfa2d49991c8b4147af39859b167664f2ad4561704ee74c1de03318e898db \ + --hash=sha256:cb333c16912324fd5f769fff6bc5de372e9e7a202247b48870bc251ed40239aa \ + --hash=sha256:d2d9808ea7b4af864f35ea216be506ecec180628aced0704e34aca0b040ffe46 \ + --hash=sha256:d483ad4e639292c90170eb6f7783ad19490e7a8defb3e46f97dfe4bacae89122 \ + --hash=sha256:dd5de0646207f053eb0d6c74ae45ba98c3395a571a2891858e87df7c9b9bd51b \ + --hash=sha256:e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63 \ + --hash=sha256:e4fac90784481d221a8e4b1162afa7c47ed953be40d31ab4629ae917510051df \ + --hash=sha256:fa5ae20527d8e831e8230cbffd9f8fe952815b2b7dae6ffec25318803a7528fc \ + --hash=sha256:fd7f6999a8070df521b6384004ef42833b9bd62cfee11a09bda1079b4b704247 \ + --hash=sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6 \ + --hash=sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0 + # via -r tools/docs/requirements.txt +requests==2.25.1 \ + --hash=sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804 \ + --hash=sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e + # via + # -r tools/docs/requirements.txt + # sphinx +six==1.16.0 \ + --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \ + --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 + # via + # -r tools/docs/requirements.txt + # sphinxcontrib-httpdomain +smmap==4.0.0 \ + --hash=sha256:7e65386bd122d45405ddf795637b7f7d2b532e7e401d46bbe3fb49b9986d5182 \ + --hash=sha256:a9a7479e4c572e2e775c404dcd3080c8dc49f39918c2cf74913d30c4c478e3c2 + # via + # -r tools/docs/requirements.txt + # gitdb +snowballstemmer==2.1.0 \ + --hash=sha256:b51b447bea85f9968c13b650126a888aabd4cb4463fca868ec596826325dedc2 \ + --hash=sha256:e997baa4f2e9139951b6f4c631bad912dfd3c792467e2f03d7239464af90e914 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinx-copybutton==0.3.1 \ + --hash=sha256:0e0461df394515284e3907e3f418a0c60ef6ab6c9a27a800c8552772d0a402a2 \ + --hash=sha256:5125c718e763596e6e52d92e15ee0d6f4800ad3817939be6dee51218870b3e3d + # via -r tools/docs/requirements.txt +sphinx-rtd-theme==0.5.2 \ + --hash=sha256:32bd3b5d13dc8186d7a42fc816a23d32e83a4827d7d9882948e7b837c232da5a \ + --hash=sha256:4a05bdbe8b1446d77a01e20a23ebc6777c74f43237035e76be89699308987d6f + # via -r tools/docs/requirements.txt +sphinx-tabs==3.0.0 \ + --hash=sha256:2abbcaaa3b8a857de06f3db31762a7bdd17aba1b8979d000f193debe6f917c2c \ + --hash=sha256:3f766762fffacc99828cb877a9e4cb8ac0ba3582f2a054ea68248e5e026e5612 + # via -r tools/docs/requirements.txt +sphinx==4.0.2 \ + --hash=sha256:b5c2ae4120bf00c799ba9b3699bc895816d272d120080fbc967292f29b52b48c \ + --hash=sha256:d1cb10bee9c4231f1700ec2e24a91be3f3a3aba066ea4ca9f3bbe47e59d5a1d4 + # via + # -r tools/docs/requirements.txt + # sphinx-copybutton + # sphinx-rtd-theme + # sphinx-tabs + # sphinxcontrib-httpdomain + # sphinxext-rediraffe +sphinxcontrib-applehelp==1.0.2 \ + --hash=sha256:806111e5e962be97c29ec4c1e7fe277bfd19e9652fb1a4392105b43e01af885a \ + --hash=sha256:a072735ec80e7675e3f432fcae8610ecf509c5f1869d17e2eecff44389cdbc58 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxcontrib-devhelp==1.0.2 \ + --hash=sha256:8165223f9a335cc1af7ffe1ed31d2871f325254c0423bc0c4c7cd1c1e4734a2e \ + --hash=sha256:ff7f1afa7b9642e7060379360a67e9c41e8f3121f2ce9164266f61b9f4b338e4 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxcontrib-htmlhelp==2.0.0 \ + --hash=sha256:d412243dfb797ae3ec2b59eca0e52dac12e75a241bf0e4eb861e450d06c6ed07 \ + --hash=sha256:f5f8bb2d0d629f398bf47d0d69c07bc13b65f75a81ad9e2f71a63d4b7a2f6db2 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxcontrib-httpdomain==1.7.0 \ + --hash=sha256:1fb5375007d70bf180cdd1c79e741082be7aa2d37ba99efe561e1c2e3f38191e \ + --hash=sha256:ac40b4fba58c76b073b03931c7b8ead611066a6aebccafb34dc19694f4eb6335 + # via -r tools/docs/requirements.txt +sphinxcontrib-jsmath==1.0.1 \ + --hash=sha256:2ec2eaebfb78f3f2078e73666b1415417a116cc848b72e5172e596c871103178 \ + --hash=sha256:a9925e4a4587247ed2191a22df5f6970656cb8ca2bd6284309578f2153e0c4b8 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxcontrib-qthelp==1.0.3 \ + --hash=sha256:4c33767ee058b70dba89a6fc5c1892c0d57a54be67ddd3e7875a18d14cba5a72 \ + --hash=sha256:bd9fc24bcb748a8d51fd4ecaade681350aa63009a347a8c14e637895444dfab6 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxcontrib-serializinghtml==1.1.5 \ + --hash=sha256:352a9a00ae864471d3a7ead8d7d79f5fc0b57e8b3f95e9867eb9eb28999b92fd \ + --hash=sha256:aa5f6de5dfdf809ef505c4895e51ef5c9eac17d0f287933eb49ec495280b6952 + # via + # -r tools/docs/requirements.txt + # sphinx +sphinxext-rediraffe==0.2.7 \ + --hash=sha256:651dcbfae5ffda9ffd534dfb8025f36120e5efb6ea1a33f5420023862b9f725d \ + --hash=sha256:9e430a52d4403847f4ffb3a8dd6dfc34a9fe43525305131f52ed899743a5fd8c + # via -r tools/docs/requirements.txt +urllib3==1.26.5 \ + --hash=sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c \ + --hash=sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 + # via + # -r tools/docs/requirements.txt + # requests + +# The following packages are considered to be unsafe in a requirements file: +setuptools==57.0.0 \ + --hash=sha256:401cbf33a7bf817d08014d51560fc003b895c4cdc1a5b521ad2969e928a07535 \ + --hash=sha256:c8b9f1a457949002e358fea7d3f2a1e1b94ddc0354b2e40afc066bf95d21bf7b + # via sphinx diff --git a/tools/docs/sphinx_runner.py b/tools/docs/sphinx_runner.py new file mode 100644 index 000000000000..4476b6ae3a5d --- /dev/null +++ b/tools/docs/sphinx_runner.py @@ -0,0 +1,228 @@ +import argparse +import os +import platform +import re +import sys +import tarfile +import tempfile +from functools import cached_property + +import yaml + +from colorama import Fore, Style + +from sphinx.cmd.build import main as sphinx_build + +from tools.base import runner + + +class SphinxBuildError(Exception): + pass + + +class SphinxEnvError(Exception): + pass + + +class SphinxRunner(runner.Runner): + _build_dir = "." + _build_sha = "UNKNOWN" + + @property + def blob_sha(self) -> str: + """Returns either the version tag or the current build sha""" + return self.docs_tag or self.build_sha + + @property + def build_dir(self) -> str: + """Returns current build_dir - most likely a temp directory""" + return self._build_dir + + @property + def build_sha(self) -> str: + """Returns either a provided build_sha or a default""" + return self.args.build_sha or self._build_sha + + @cached_property + def colors(self) -> dict: + """Color scheme for build summary""" + return dict(chrome=Fore.LIGHTYELLOW_EX, key=Fore.LIGHTCYAN_EX, value=Fore.LIGHTMAGENTA_EX) + + @cached_property + def config_file(self) -> str: + """Populates a config file with self.configs and returns the file path""" + with open(self.config_file_path, "w") as f: + f.write(yaml.dump(self.configs)) + return self.config_file_path + + @property + def config_file_path(self) -> str: + """Path to a (temporary) build config""" + return os.path.join(self.build_dir, "build.yaml") + + @cached_property + def configs(self) -> str: + """Build configs derived from provided args""" + _configs = dict( + version_string=self.version_string, + release_level=self.release_level, + blob_sha=self.blob_sha, + version_number=self.version_number, + docker_image_tag_name=self.docker_image_tag_name) + if self.validator_path: + _configs["validator_path"] = self.validator_path + if self.descriptor_path: + _configs["descriptor_path"] = self.descriptor_path + return _configs + + @property + def descriptor_path(self) -> str: + """Path to a descriptor file for config validation""" + return os.path.abspath(self.args.descriptor_path) + + @property + def docker_image_tag_name(self) -> str: + """Tag name of current docker image""" + return re.sub(r"([0-9]+\.[0-9]+)\.[0-9]+.*", r"v\1-latest", self.version_number) + + @property + def docs_tag(self) -> str: + """Tag name - ie named version for this docs build""" + return self.args.docs_tag + + @cached_property + def html_dir(self) -> str: + """Path to (temporary) directory for outputting html""" + return os.path.join(self.build_dir, "generated/html") + + @property + def output_filename(self) -> str: + """Path to tar file for saving generated html docs""" + return self.args.output_filename + + @property + def py_compatible(self) -> bool: + """Current python version is compatible""" + return bool(sys.version_info.major == 3 and sys.version_info.minor >= 8) + + @property + def release_level(self) -> str: + """Current python version is compatible""" + return "tagged" if self.docs_tag else "pre-release" + + @cached_property + def rst_dir(self) -> str: + """Populates an rst directory with contents of given rst tar, + and returns the path to the directory + """ + rst_dir = os.path.join(self.build_dir, "generated/rst") + if self.rst_tar: + with tarfile.open(self.rst_tar) as tarfiles: + tarfiles.extractall(path=rst_dir) + return rst_dir + + @property + def rst_tar(self) -> str: + """Path to the rst tarball""" + return self.args.rst_tar + + @property + def sphinx_args(self) -> list: + """Command args for sphinx""" + return ["-W", "--keep-going", "--color", "-b", "html", self.rst_dir, self.html_dir] + + @property + def validator_path(self) -> str: + """Path to validator utility for validating snippets""" + return os.path.abspath(self.args.validator_path) + + @property + def version_file(self) -> str: + """Path to version files for deriving docs version""" + return self.args.version_file + + @cached_property + def version_number(self) -> str: + """Semantic version""" + with open(self.version_file) as f: + return f.read().strip() + + @property + def version_string(self) -> str: + """Version string derived from either docs_tag or build_sha""" + return ( + f"tag-{self.docs_tag}" + if self.docs_tag else f"{self.version_number}-{self.build_sha[:6]}") + + def add_arguments(self, parser: argparse.ArgumentParser) -> None: + parser.add_argument("--build_sha") + parser.add_argument("--docs_tag") + parser.add_argument("--version_file") + parser.add_argument("--validator_path") + parser.add_argument("--descriptor_path") + parser.add_argument("rst_tar") + parser.add_argument("output_filename") + + def build_html(self) -> None: + if sphinx_build(self.sphinx_args): + raise SphinxBuildError("BUILD FAILED") + + def build_summary(self) -> None: + print() + print(self._color("#### Sphinx build configs #####################")) + print(self._color("###")) + for k, v in self.configs.items(): + print(f"{self._color('###')} {self._color(k, 'key')}: {self._color(v, 'value')}") + print(self._color("###")) + print(self._color("###############################################")) + print() + + def check_env(self) -> None: + if not self.py_compatible: + raise SphinxEnvError( + f"ERROR: python version must be >= 3.8, you have {platform.python_version()}") + if not self.configs["release_level"] == "tagged": + return + if f"v{self.version_number}" != self.docs_tag: + raise SphinxEnvError( + "Given git tag does not match the VERSION file content:" + f"{self.docs_tag} vs v{self.version_number}") + with open(os.path.join(self.rst_dir, "version_history/current.rst")) as f: + if not self.version_number in f.read(): + raise SphinxEnvError( + f"Git tag ({self.version_number}) not found in version_history/current.rst") + + def create_tarball(self) -> None: + with tarfile.open(self.output_filename, "w") as tar: + tar.add(self.html_dir, arcname=".") + + def run(self) -> int: + with tempfile.TemporaryDirectory() as build_dir: + return self._run(build_dir) + + def _color(self, msg, name=None): + return f"{self.colors[name or 'chrome']}{msg}{Style.RESET_ALL}" + + def _run(self, build_dir): + self._build_dir = build_dir + os.environ["ENVOY_DOCS_BUILD_CONFIG"] = self.config_file + try: + self.check_env() + except SphinxEnvError as e: + print(e) + return 1 + self.build_summary() + try: + self.build_html() + except SphinxBuildError as e: + print(e) + return 1 + self.create_tarball() + + +def main(*args) -> int: + return SphinxRunner(*args).run() + + +if __name__ == "__main__": + sys.exit(main(*sys.argv[1:])) diff --git a/tools/docs/tests/test_sphinx_runner.py b/tools/docs/tests/test_sphinx_runner.py new file mode 100644 index 000000000000..527b7ef44c12 --- /dev/null +++ b/tools/docs/tests/test_sphinx_runner.py @@ -0,0 +1,659 @@ +from unittest.mock import MagicMock, PropertyMock + +import pytest + +from tools.docs import sphinx_runner + + +def test_sphinx_runner_constructor(): + runner = sphinx_runner.SphinxRunner() + assert runner.build_dir == "." + runner._build_dir = "foo" + assert runner.build_dir == "foo" + assert runner._build_sha == "UNKNOWN" + assert "blob_dir" not in runner.__dict__ + + +@pytest.mark.parametrize("docs_tag", [None, "", "SOME_DOCS_TAG"]) +def test_sphinx_runner_blob_sha(patches, docs_tag): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.build_sha", dict(new_callable=PropertyMock)), + ("SphinxRunner.docs_tag", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_sha, m_tag): + m_tag.return_value = docs_tag + if docs_tag: + assert runner.blob_sha == docs_tag + else: + assert runner.blob_sha == m_sha.return_value + assert "blob_sha" not in runner.__dict__ + + +@pytest.mark.parametrize("build_sha", [None, "", "SOME_BUILD_SHA"]) +def test_sphinx_runner_build_sha(patches, build_sha): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_args, ): + m_args.return_value.build_sha = build_sha + if build_sha: + assert runner.build_sha == build_sha + else: + assert runner.build_sha == "UNKNOWN" + + assert "build_sha" not in runner.__dict__ + + +def test_sphinx_runner_colors(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "Fore", + prefix="tools.docs.sphinx_runner") + + with patched as (m_colors, ): + assert ( + runner.colors + == dict( + chrome=m_colors.LIGHTYELLOW_EX, + key=m_colors.LIGHTCYAN_EX, + value=m_colors.LIGHTMAGENTA_EX)) + + assert "colors" in runner.__dict__ + + +def test_sphinx_runner_config_file(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "open", + "yaml", + ("SphinxRunner.config_file_path", dict(new_callable=PropertyMock)), + ("SphinxRunner.configs", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_open, m_yaml, m_fpath, m_configs): + assert ( + runner.config_file + == m_fpath.return_value) + + assert ( + list(m_open.call_args) + == [(m_fpath.return_value, 'w'), {}]) + assert ( + list(m_yaml.dump.call_args) + == [(m_configs.return_value,), {}]) + assert ( + m_open.return_value.__enter__.return_value.write.call_args + == [(m_yaml.dump.return_value,), {}]) + + assert "config_file" in runner.__dict__ + + +def test_sphinx_runner_config_file_path(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "os.path", + ("SphinxRunner.build_dir", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_path, m_build): + assert runner.config_file_path == m_path.join.return_value + + assert ( + list(m_path.join.call_args) + == [(m_build.return_value, 'build.yaml',), {}]) + assert "config_file_path" not in runner.__dict__ + + +def test_sphinx_runner_configs(patches): + runner = sphinx_runner.SphinxRunner() + mapping = dict( + version_string="version_string", + release_level="release_level", + blob_sha="blob_sha", + version_number="version_number", + docker_image_tag_name="docker_image_tag_name", + validator_path="validator_path", + descriptor_path="descriptor_path") + + patched = patches( + *[f"SphinxRunner.{v}" for v in mapping.values()], + prefix="tools.docs.sphinx_runner") + + with patched as _mocks: + result = runner.configs + + _configs = {} + for k, v in mapping.items(): + _configs[k] = _mocks[list(mapping.values()).index(v)] + assert result == _configs + assert "configs" in runner.__dict__ + + +def test_sphinx_runner_descriptor_path(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "os.path", + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_path, m_args): + assert ( + runner.descriptor_path + == m_path.abspath.return_value) + + assert ( + list(m_path.abspath.call_args) + == [(m_args.return_value.descriptor_path,), {}]) + assert "descriptor_path" not in runner.__dict__ + + +def test_sphinx_runner_docker_image_tag_name(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "re", + ("SphinxRunner.version_number", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_re, m_version): + assert ( + runner.docker_image_tag_name + == m_re.sub.return_value) + + assert ( + list(m_re.sub.call_args) + == [('([0-9]+\\.[0-9]+)\\.[0-9]+.*', 'v\\1-latest', + m_version.return_value), {}]) + assert "docker_image_tag_name" not in runner.__dict__ + + +def test_sphinx_runner_docs_tag(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_args, ): + assert runner.docs_tag == m_args.return_value.docs_tag + + assert "docs_tag" not in runner.__dict__ + + +def test_sphinx_runner_html_dir(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "os.path", + ("SphinxRunner.build_dir", dict(new_callable=PropertyMock)), + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_path, m_build, m_args): + assert runner.html_dir == m_path.join.return_value + + assert ( + list(m_path.join.call_args) + == [(m_build.return_value, 'generated/html'), {}]) + + assert "html_dir" in runner.__dict__ + + +def test_sphinx_runner_output_filename(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_args, ): + assert runner.output_filename == m_args.return_value.output_filename + assert "output_filename" not in runner.__dict__ + + +@pytest.mark.parametrize("major", [2, 3, 4]) +@pytest.mark.parametrize("minor", [5, 6, 7, 8, 9]) +def test_sphinx_runner_py_compatible(patches, major, minor): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "bool", + "sys", + prefix="tools.docs.sphinx_runner") + + with patched as (m_bool, m_sys): + m_sys.version_info.major = major + m_sys.version_info.minor = minor + assert runner.py_compatible == m_bool.return_value + expected = ( + True + if major == 3 and minor >= 8 + else False) + assert ( + list(m_bool.call_args) + == [(expected,), {}]) + assert "py_compatible" not in runner.__dict__ + + +@pytest.mark.parametrize("docs_tag", [None, "", "SOME_DOCS_TAG"]) +def test_sphinx_runner_release_level(patches, docs_tag): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.docs_tag", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_tag, ): + m_tag.return_value = docs_tag + if docs_tag: + assert runner.release_level == "tagged" + else: + assert runner.release_level == "pre-release" + assert "release_level" not in runner.__dict__ + + +@pytest.mark.parametrize("rst_tar", [None, "", "SOME_DOCS_TAG"]) +def test_sphinx_runner_rst_dir(patches, rst_tar): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "os.path", + "tarfile", + ("SphinxRunner.build_dir", dict(new_callable=PropertyMock)), + ("SphinxRunner.rst_tar", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_path, m_tar, m_dir, m_rst): + m_rst.return_value = rst_tar + assert runner.rst_dir == m_path.join.return_value + + assert ( + list(m_path.join.call_args) + == [(m_dir.return_value, 'generated/rst'), {}]) + + if rst_tar: + assert ( + list(m_tar.open.call_args) + == [(rst_tar,), {}]) + assert ( + list(m_tar.open.return_value.__enter__.return_value.extractall.call_args) + == [(), {'path': m_path.join.return_value}]) + else: + assert not m_tar.open.called + assert "rst_dir" in runner.__dict__ + + +def test_sphinx_runner_rst_tar(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_args, ): + assert runner.rst_tar == m_args.return_value.rst_tar + + assert "rst_tar" not in runner.__dict__ + + +def test_sphinx_runner_sphinx_args(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.html_dir", dict(new_callable=PropertyMock)), + ("SphinxRunner.rst_dir", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_html, m_rst): + assert ( + runner.sphinx_args + == ['-W', '--keep-going', '--color', '-b', 'html', + m_rst.return_value, + m_html.return_value]) + + assert "sphinx_args" not in runner.__dict__ + + +def test_sphinx_runner_validator_path(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "os.path", + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_path, m_args): + assert ( + runner.validator_path + == m_path.abspath.return_value) + + assert ( + list(m_path.abspath.call_args) + == [(m_args.return_value.validator_path,), {}]) + assert "validator_path" not in runner.__dict__ + + +def test_sphinx_runner_version_file(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_args, ): + assert runner.version_file == m_args.return_value.version_file + + assert "version_file" not in runner.__dict__ + + +def test_sphinx_runner_version_number(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "open", + ("SphinxRunner.version_file", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_open, m_file): + assert ( + runner.version_number + == m_open.return_value.__enter__.return_value.read.return_value.strip.return_value) + + assert ( + list(m_open.call_args) + == [(m_file.return_value,), {}]) + assert ( + list(m_open.return_value.__enter__.return_value.read.call_args) + == [(), {}]) + assert ( + list(m_open.return_value.__enter__.return_value.read.return_value.strip.call_args) + == [(), {}]) + + assert "version_number" in runner.__dict__ + + +@pytest.mark.parametrize("docs_tag", [None, "", "SOME_DOCS_TAG"]) +def test_sphinx_runner_version_string(patches, docs_tag): + runner = sphinx_runner.SphinxRunner() + patched = patches( + ("SphinxRunner.docs_tag", dict(new_callable=PropertyMock)), + ("SphinxRunner.build_sha", dict(new_callable=PropertyMock)), + ("SphinxRunner.version_number", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_tag, m_sha, m_version): + m_tag.return_value = docs_tag + if docs_tag: + assert runner.version_string == f"tag-{docs_tag}" + else: + assert runner.version_string == f"{m_version.return_value}-{m_sha.return_value.__getitem__.return_value}" + assert ( + list(m_sha.return_value.__getitem__.call_args) + == [(slice(None, 6, None),), {}]) + + assert "version_string" not in runner.__dict__ + + +def test_sphinx_runner_add_arguments(): + runner = sphinx_runner.SphinxRunner() + parser = MagicMock() + runner.add_arguments(parser) + assert ( + list(list(c) for c in parser.add_argument.call_args_list) + == [[('--build_sha',), {}], + [('--docs_tag',), {}], + [('--version_file',), {}], + [('--validator_path',), {}], + [('--descriptor_path',), {}], + [('rst_tar',), {}], + [('output_filename',), {}]]) + + +@pytest.mark.parametrize("fails", [True, False]) +def test_sphinx_runner_build_html(patches, fails): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "sphinx_build", + ("SphinxRunner.sphinx_args", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_sphinx, m_args): + m_sphinx.side_effect = lambda s: fails + e = None + if fails: + with pytest.raises(sphinx_runner.SphinxBuildError) as e: + runner.build_html() + else: + runner.build_html() + + assert ( + list(m_sphinx.call_args) + == [(m_args.return_value,), {}]) + + if fails: + assert e.value.args == ('BUILD FAILED',) + else: + assert not e + + +def test_sphinx_runner_build_summary(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "print", + "SphinxRunner._color", + ("SphinxRunner.configs", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_print, m_color, m_configs): + m_configs.return_value.items.return_value = (("a", "A"), ("b", "B")) + runner.build_summary() + + assert ( + list(list(c) for c in m_print.call_args_list) + == [[(), {}], + [(m_color.return_value,), {}], + [(m_color.return_value,), {}], + [(f"{m_color.return_value} {m_color.return_value}: {m_color.return_value}",), {}], + [(f"{m_color.return_value} {m_color.return_value}: {m_color.return_value}",), {}], + [(m_color.return_value,), {}], + [(m_color.return_value,), {}], + [(), {}]]) + assert ( + list(list(c) for c in m_color.call_args_list) + == [[('#### Sphinx build configs #####################',), {}], + [('###',), {}], + [('###',), {}], + [('a', 'key'), {}], + [('A', 'value'), {}], + [('###',), {}], + [('b', 'key'), {}], + [('B', 'value'), {}], + [('###',), {}], + [('###############################################',), {}]]) + + +@pytest.mark.parametrize("py_compat", [True, False]) +@pytest.mark.parametrize("release_level", ["pre-release", "tagged"]) +@pytest.mark.parametrize("version_number", ["1.17", "1.23", "1.43"]) +@pytest.mark.parametrize("docs_tag", ["v1.17", "v1.23", "v1.73"]) +@pytest.mark.parametrize("current", ["XXX v1.17 ZZZ", "AAA v1.23 VVV", "BBB v1.73 EEE"]) +def test_sphinx_runner_check_env(patches, py_compat, release_level, version_number, docs_tag, current): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "open", + "os.path", + "platform", + ("SphinxRunner.configs", dict(new_callable=PropertyMock)), + ("SphinxRunner.version_number", dict(new_callable=PropertyMock)), + ("SphinxRunner.docs_tag", dict(new_callable=PropertyMock)), + ("SphinxRunner.py_compatible", dict(new_callable=PropertyMock)), + ("SphinxRunner.rst_dir", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + fails = ( + not py_compat + or (release_level == "tagged" + and (f"v{version_number}" != docs_tag + or version_number not in current))) + + with patched as (m_open, m_path, m_platform, m_configs, m_version, m_tag, m_py, m_rst): + m_py.return_value = py_compat + m_configs.return_value.__getitem__.return_value = release_level + m_version.return_value = version_number + m_tag.return_value = docs_tag + m_open.return_value.__enter__.return_value.read.return_value = current + + if fails: + with pytest.raises(sphinx_runner.SphinxEnvError) as e: + runner.check_env() + else: + runner.check_env() + + if not py_compat: + assert ( + e.value.args + == ("ERROR: python version must be >= 3.8, " + f"you have {m_platform.python_version.return_value}", )) + assert not m_open.called + return + + if release_level != "tagged": + assert not m_open.called + return + + if f"v{version_number}" != docs_tag: + assert not m_open.called + assert ( + e.value.args + == ("Given git tag does not match the VERSION file content:" + f"{docs_tag} vs v{version_number}", )) + return + + assert ( + list(m_open.call_args) + == [(m_path.join.return_value,), {}]) + assert ( + list(m_path.join.call_args) + == [(m_rst.return_value, "version_history/current.rst"), {}]) + assert ( + list(m_open.return_value.__enter__.return_value.read.call_args) + == [(), {}]) + + if version_number not in current: + assert ( + e.value.args + == (f"Git tag ({version_number}) not found in version_history/current.rst", )) + + +def test_sphinx_runner_create_tarball(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "tarfile", + ("SphinxRunner.output_filename", dict(new_callable=PropertyMock)), + ("SphinxRunner.html_dir", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_tar, m_out, m_html): + runner.create_tarball() + + assert ( + list(m_tar.open.call_args) + == [(m_out.return_value, 'w'), {}]) + assert ( + list(m_tar.open.return_value.__enter__.return_value.add.call_args) + == [(m_html.return_value,), {'arcname': '.'}]) + + +def test_sphinx_runner_run(patches): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "tempfile", + "SphinxRunner._run", + prefix="tools.docs.sphinx_runner") + + with patched as (m_tmp, m_run): + assert runner.run() == m_run.return_value + + assert ( + list(m_run.call_args) + == [(m_tmp.TemporaryDirectory.return_value.__enter__.return_value,), {}]) + + +@pytest.mark.parametrize("color", [None, "COLOR"]) +def test_sphinx_runner__color(patches, color): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "Style", + ("SphinxRunner.colors", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + with patched as (m_style, m_colors): + assert ( + runner._color("MSG", color) + == f"{m_colors.return_value.__getitem__.return_value}MSG{m_style.RESET_ALL}") + assert ( + list(m_colors.return_value.__getitem__.call_args) + == [(color or "chrome",), {}]) + + +@pytest.mark.parametrize("check_fails", [True, False]) +@pytest.mark.parametrize("build_fails", [True, False]) +def test_sphinx_runner__run(patches, check_fails, build_fails): + runner = sphinx_runner.SphinxRunner() + patched = patches( + "print", + "os", + "SphinxRunner.build_summary", + "SphinxRunner.check_env", + "SphinxRunner.build_html", + "SphinxRunner.create_tarball", + ("SphinxRunner.config_file", dict(new_callable=PropertyMock)), + prefix="tools.docs.sphinx_runner") + + def _raise(error): + raise error + + with patched as (m_print, m_os, m_summary, m_check, m_build, m_create, m_config): + if check_fails: + _check_error = sphinx_runner.SphinxEnvError("CHECK FAILED") + m_check.side_effect = lambda: _raise(_check_error) + if build_fails: + _build_error = sphinx_runner.SphinxBuildError("BUILD FAILED") + m_build.side_effect = lambda: _raise(_build_error) + assert runner._run("BUILD_DIR") == (1 if (check_fails or build_fails) else None) + + assert ( + runner._build_dir + == "BUILD_DIR") + assert ( + list(m_check.call_args) + == [(), {}]) + assert ( + list(m_os.environ.__setitem__.call_args) + == [('ENVOY_DOCS_BUILD_CONFIG', m_config.return_value), {}]) + + if check_fails: + assert ( + list(m_print.call_args) + == [(_check_error,), {}]) + assert not m_summary.called + assert not m_build.called + assert not m_create.called + return + + assert ( + list(m_summary.call_args) + == [(), {}]) + assert ( + list(m_build.call_args) + == [(), {}]) + + if build_fails: + assert ( + list(m_print.call_args) + == [(_build_error,), {}]) + assert not m_create.called + return + + assert not m_print.called + assert ( + list(m_create.call_args) + == [(), {}]) + + +def test_sphinx_runner_main(command_main): + command_main( + sphinx_runner.main, + "tools.docs.sphinx_runner.SphinxRunner") diff --git a/tools/envoy_headersplit/BUILD b/tools/envoy_headersplit/BUILD deleted file mode 100644 index 0ae981664961..000000000000 --- a/tools/envoy_headersplit/BUILD +++ /dev/null @@ -1,67 +0,0 @@ -load("@rules_python//python:defs.bzl", "py_binary", "py_test") -load("@headersplit_pip3//:requirements.bzl", "requirement") -load( - "//bazel:envoy_build_system.bzl", - "envoy_package", -) - -licenses(["notice"]) # Apache 2 - -envoy_package() - -py_binary( - name = "headersplit", - srcs = [ - "headersplit.py", - ], - python_version = "PY3", - srcs_version = "PY3", - visibility = ["//visibility:public"], - deps = [ - requirement("clang"), - ], -) - -py_binary( - name = "replace_includes", - srcs = [ - "replace_includes.py", - ], - python_version = "PY3", - srcs_version = "PY3", - visibility = ["//visibility:public"], - deps = [ - ":headersplit", - ], -) - -py_test( - name = "headersplit_test", - srcs = [ - "headersplit_test.py", - ], - data = glob(["code_corpus/**"]), - python_version = "PY3", - srcs_version = "PY3", - tags = ["no-sandbox"], # TODO (foreseeable): make this test run under sandbox - visibility = ["//visibility:public"], - deps = [ - requirement("clang"), - ":headersplit", - ], -) - -py_test( - name = "replace_includes_test", - srcs = [ - "replace_includes_test.py", - ], - data = glob(["code_corpus/**"]), - python_version = "PY3", - srcs_version = "PY3", - tags = ["no-sandbox"], # TODO (foreseeable): make this test run under sandbox - visibility = ["//visibility:public"], - deps = [ - ":replace_includes", - ], -) diff --git a/tools/envoy_headersplit/README.md b/tools/envoy_headersplit/README.md deleted file mode 100644 index b779671fc1a4..000000000000 --- a/tools/envoy_headersplit/README.md +++ /dev/null @@ -1,24 +0,0 @@ -# Envoy Header Split -Tool for spliting monolithic header files in Envoy to speed up compilation - -Steps to divide Envoy mock headers: - -1. Run `headersplit.py` to divide the monolithic mock header into different classes - -Example (to split monolithic mock header test/mocks/network/mocks.h): - -``` -cd ${ENVOY_SRCDIR}/test/mocks/network/ -python3 ${ENVOY_SRCDIR}/tools/envoy_headersplit/headersplit.py -i mocks.cc -d mocks.h -``` - -2. Remove unused `#includes` from the new mock headers, and write Bazel dependencies for the newly divided mock classes. (this step needs to be done manually) - -3. Run `replace_includes.py` to replace superfluous `#includes` in Envoy directory after dividing. It will also modify the corresponding Bazel `BUILD` file. - -Example (to replace `#includes` after dividing mock header test/mocks/network/mocks.h): - -``` -cd ${ENVOY_SRCDIR} -python3 ${ENVOY_SRCDIR}/tools/envoy_headersplit/replace_includes.py -m network -``` diff --git a/tools/envoy_headersplit/code_corpus/class_defn.h b/tools/envoy_headersplit/code_corpus/class_defn.h deleted file mode 100644 index 37b104a1253c..000000000000 --- a/tools/envoy_headersplit/code_corpus/class_defn.h +++ /dev/null @@ -1,20 +0,0 @@ -#include "envoy/split" - -// NOLINT(namespace-envoy) - -namespace { - -class Foo {}; - -class Bar { - Foo getFoo(); -}; - -class FooBar : Foo, Bar {}; - -class DeadBeaf { -public: - int val(); - FooBar foobar; -}; -} // namespace \ No newline at end of file diff --git a/tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h b/tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h deleted file mode 100644 index 955444b43a27..000000000000 --- a/tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h +++ /dev/null @@ -1,17 +0,0 @@ -#include "envoy/split" - -// NOLINT(namespace-envoy) - -class Foo {}; - -class Bar { - Foo getFoo(); -}; - -class FooBar : Foo, Bar {}; - -class DeadBeaf { -public: - int val(); - FooBar foobar; -}; \ No newline at end of file diff --git a/tools/envoy_headersplit/code_corpus/class_impl.cc b/tools/envoy_headersplit/code_corpus/class_impl.cc deleted file mode 100644 index 3486120adf16..000000000000 --- a/tools/envoy_headersplit/code_corpus/class_impl.cc +++ /dev/null @@ -1,14 +0,0 @@ -#include "class_defn.h" - -// NOLINT(namespace-envoy) - -namespace { -Foo Bar::getFoo() { - Foo foo; - return foo; -} - -int DeadBeaf::val() { return 42; } - -DeadBeaf::DeadBeaf() = default; -} // namespace \ No newline at end of file diff --git a/tools/envoy_headersplit/code_corpus/fail_mocks.cc b/tools/envoy_headersplit/code_corpus/fail_mocks.cc deleted file mode 100644 index 17fca78fae7f..000000000000 --- a/tools/envoy_headersplit/code_corpus/fail_mocks.cc +++ /dev/null @@ -1,51 +0,0 @@ -#include "fail_mocks.h" - -// NOLINT(namespace-envoy) - -#include - -#include "envoy/admin/v3/server_info.pb.h" -#include "envoy/config/core/v3/base.pb.h" - -#include "common/singleton/manager_impl.h" - -#include "gmock/gmock.h" -#include "gtest/gtest.h" - -using testing::_; -using testing::Invoke; -using testing::Return; -using testing::ReturnPointee; -using testing::ReturnRef; -using testing::SaveArg; - -namespace Envoy { -namespace Server { - -MockConfigTracker::MockConfigTracker() { - ON_CALL(*this, add_(_, _)) - .WillByDefault(Invoke([this](const std::string& key, Cb callback) -> EntryOwner* { - EXPECT_TRUE(config_tracker_callbacks_.find(key) == config_tracker_callbacks_.end()); - config_tracker_callbacks_[key] = callback; - return new MockEntryOwner(); - })); -} -MockConfigTracker::~MockConfigTracker() = default; - -MockListenerComponentFactory::MockListenerComponentFactory() - : socket_(std::make_shared>()) { - ON_CALL(*this, createListenSocket(_, _, _, _)) - .WillByDefault(Invoke([&](Network::Address::InstanceConstSharedPtr, Network::Socket::Type, - const Network::Socket::OptionsSharedPtr& options, - const ListenSocketCreationParams&) -> Network::SocketSharedPtr { - if (!Network::Socket::applyOptions(options, *socket_, - envoy::config::core::v3::SocketOption::STATE_PREBIND)) { - throw EnvoyException("MockListenerComponentFactory: Setting socket options failed"); - } - return socket_; - })); -} -MockListenerComponentFactory::~MockListenerComponentFactory() = default; - -} // namespace Server -} // namespace Envoy diff --git a/tools/envoy_headersplit/code_corpus/fail_mocks.h b/tools/envoy_headersplit/code_corpus/fail_mocks.h deleted file mode 100644 index 2ce56feed957..000000000000 --- a/tools/envoy_headersplit/code_corpus/fail_mocks.h +++ /dev/null @@ -1,64 +0,0 @@ -#pragma once -// NOLINT(namespace-envoy) - -#include -#include -#include -#include - -namespace Envoy { -namespace Server { - -class MockConfigTracker : public ConfigTracker { -public: - MockConfigTracker(); - ~MockConfigTracker() override; - - struct MockEntryOwner : public EntryOwner {}; - - MOCK_METHOD(EntryOwner*, add_, (std::string, Cb)); - - // Server::ConfigTracker - MOCK_METHOD(const CbsMap&, getCallbacksMap, (), (const)); - EntryOwnerPtr add(const std::string& key, Cb callback) override { - return EntryOwnerPtr{add_(key, std::move(callback))}; - } - - absl::node_hash_map config_tracker_callbacks_; -}; - -class MockListenerComponentFactory : public ListenerComponentFactory { -public: - MockListenerComponentFactory(); - ~MockListenerComponentFactory() override; - - DrainManagerPtr - createDrainManager(envoy::config::listener::v3::Listener::DrainType drain_type) override { - return DrainManagerPtr{createDrainManager_(drain_type)}; - } - LdsApiPtr createLdsApi(const envoy::config::core::v3::ConfigSource& lds_config) override { - return LdsApiPtr{createLdsApi_(lds_config)}; - } - - MOCK_METHOD(LdsApi*, createLdsApi_, (const envoy::config::core::v3::ConfigSource& lds_config)); - MOCK_METHOD(std::vector, createNetworkFilterFactoryList, - (const Protobuf::RepeatedPtrField& filters, - Configuration::FilterChainFactoryContext& filter_chain_factory_context)); - MOCK_METHOD(std::vector, createListenerFilterFactoryList, - (const Protobuf::RepeatedPtrField&, - Configuration::ListenerFactoryContext& context)); - MOCK_METHOD(std::vector, createUdpListenerFilterFactoryList, - (const Protobuf::RepeatedPtrField&, - Configuration::ListenerFactoryContext& context)); - MOCK_METHOD(Network::SocketSharedPtr, createListenSocket, - (Network::Address::InstanceConstSharedPtr address, Network::Socket::Type socket_type, - const Network::Socket::OptionsSharedPtr& options, - const ListenSocketCreationParams& params)); - MOCK_METHOD(DrainManager*, createDrainManager_, - (envoy::config::listener::v3::Listener::DrainType drain_type)); - MOCK_METHOD(uint64_t, nextListenerTag, ()); - - std::shared_ptr socket_; -}; -} // namespace Server -} // namespace Envoy diff --git a/tools/envoy_headersplit/code_corpus/fake_build b/tools/envoy_headersplit/code_corpus/fake_build deleted file mode 100644 index bce4828828a0..000000000000 --- a/tools/envoy_headersplit/code_corpus/fake_build +++ /dev/null @@ -1,24 +0,0 @@ -envoy_cc_test( - name = "async_client_impl_test", - srcs = ["async_client_impl_test.cc"], - deps = [ - ":common_lib", - "//source/common/buffer:buffer_lib", - "//source/common/http:async_client_lib", - "//source/common/http:context_lib", - "//source/common/http:headers_lib", - "//source/common/http:utility_lib", - "//source/extensions/upstreams/http/generic:config", - "//test/mocks:common_lib", - "//test/mocks/buffer:buffer_mocks", - "//test/mocks/http:http_mocks", - "//test/mocks/local_info:local_info_mocks", - "//test/mocks/router:router_mocks", - "//test/mocks/runtime:runtime_mocks", - "//test/mocks/stats:stats_mocks", - "//test/mocks/upstream:upstream_mocks", - "//test/test_common:test_time_lib", - "@envoy_api//envoy/config/core/v3:pkg_cc_proto", - "@envoy_api//envoy/config/route/v3:pkg_cc_proto", - ], -) \ No newline at end of file diff --git a/tools/envoy_headersplit/code_corpus/fake_source_code.cc b/tools/envoy_headersplit/code_corpus/fake_source_code.cc deleted file mode 100644 index ecc63cbca718..000000000000 --- a/tools/envoy_headersplit/code_corpus/fake_source_code.cc +++ /dev/null @@ -1,32 +0,0 @@ -// NOLINT(namespace-envoy) -#include -#include -#include -#include - -#include "envoy/config/core/v3/base.pb.h" -#include "envoy/config/route/v3/route_components.pb.h" - -#include "common/buffer/buffer_impl.h" -#include "common/http/async_client_impl.h" -#include "common/http/context_impl.h" -#include "common/http/headers.h" -#include "common/http/utility.h" - -#include "test/common/http/common.h" -#include "test/mocks/buffer/mocks.h" -#include "test/mocks/common.h" -#include "test/mocks/http/mocks.h" -#include "test/mocks/local_info/mocks.h" -#include "test/mocks/router/mocks.h" -#include "test/mocks/runtime/mocks.h" -#include "test/mocks/stats/mocks.h" -#include "test/mocks/upstream/mocks.h" -#include "test/test_common/printers.h" - -....useless stuff... - - NiceMock - cm_; - -... uninteresting stuff.. \ No newline at end of file diff --git a/tools/envoy_headersplit/code_corpus/hello.h b/tools/envoy_headersplit/code_corpus/hello.h deleted file mode 100644 index a504044f8834..000000000000 --- a/tools/envoy_headersplit/code_corpus/hello.h +++ /dev/null @@ -1,11 +0,0 @@ -// your first c++ program -// NOLINT(namespace-envoy) -#include - -// random strings - -#include "foo/bar" - -class test { - test() { std::cout << "Hello World" << std::endl; } -}; \ No newline at end of file diff --git a/tools/envoy_headersplit/headersplit.py b/tools/envoy_headersplit/headersplit.py deleted file mode 100644 index afcf713eb77e..000000000000 --- a/tools/envoy_headersplit/headersplit.py +++ /dev/null @@ -1,366 +0,0 @@ -# !/usr/bin/env python3 -# Lint as: python3 -""" -This python script can dividing monolithic mock headers into different mock classes. We need to -remove the over-included header files in generated class codes and resolve dependencies in the -corresponding Bazel files manually. -""" -import argparse -from typing import Type, List, Tuple, Dict - -# libclang imports -from clang.cindex import TranslationUnit, Index, CursorKind, Cursor - - -def to_filename(classname: str) -> str: - """ - maps mock class name (in C++ codes) to filenames under the Envoy naming convention. - e.g. map "MockAdminStream" to "admin_stream" - - Args: - classname: mock class name from source - - Returns: - corresponding file name - """ - filename = classname.replace("Mock", "", 1) # Remove only first "Mock" - ret = "" - for index, val in enumerate(filename): - if val.isupper() and index > 0: - ret += "_" - ret += val - return ret.lower() - - -def get_directives(translation_unit: Type[TranslationUnit]) -> str: - """ - "extracts" all header includes statements and other directives from the target source code file - - for instance: - foo.h: - #pragma once - #include "a.h" - #include "b.h" - - int foo(){ - } - this function should return - '#pragma once\n#include "a.h"\n#include "b.h"' - - Args: - translation_unit: parsing result of target source code by libclang - - Returns: - A string, contains all includes statements and other preprocessor directives before the - first non-directive statement. - - Notes: - clang lib provides API like tranlation_unit.get_includes() to get include directives. - But we can't use it as it requires presence of the included files to return the full list. - We choose to return the string instead of list of includes since we will simply copy-paste - the include statements into generated headers. Return string seems more convenient - """ - cursor = translation_unit.cursor - for descendant in cursor.walk_preorder(): - if descendant.location.file is not None and descendant.location.file.name == cursor.displayname: - filename = descendant.location.file.name - contents = read_file_contents(filename) - return contents[:descendant.extent.start.offset] - return "" - - -def cursors_in_same_file(cursor: Cursor) -> List[Cursor]: - """ - get all child cursors which are pointing to the same file as the input cursor - - Args: - cursor: cursor of parsing result of target source code by libclang - - Returns: - a list of cursor - """ - cursors = [] - for descendant in cursor.walk_preorder(): - # We don't want Cursors from files other than the input file, - # otherwise we get definitions for every file included - # when clang parsed the input file (i.e. if we don't limit descendant location, - # it will check definitions from included headers and get class definitions like std::string) - if descendant.location.file is None: - continue - if descendant.location.file.name != cursor.displayname: - continue - cursors.append(descendant) - return cursors - - -def class_definitions(cursor: Cursor) -> List[Cursor]: - """ - extracts all class definitions in the file pointed by cursor. (typical mocks.h) - - Args: - cursor: cursor of parsing result of target source code by libclang - - Returns: - a list of cursor, each pointing to a class definition. - """ - cursors = cursors_in_same_file(cursor) - class_cursors = [] - for descendant in cursors: - # check if descendant is pointing to a class declaration block. - if descendant.kind != CursorKind.CLASS_DECL: - continue - if not descendant.is_definition(): - continue - # check if this class is directly enclosed by a namespace. - if descendant.semantic_parent.kind != CursorKind.NAMESPACE: - continue - class_cursors.append(descendant) - return class_cursors - - -def class_implementations(cursor: Cursor) -> List[Cursor]: - """ - extracts all class implementation in the file pointed by cursor. (typical mocks.cc) - - Args: - cursor: cursor of parsing result of target source code by libclang - - Returns: - a list of cursor, each pointing to a class implementation. - """ - cursors = cursors_in_same_file(cursor) - impl_cursors = [] - for descendant in cursors: - if descendant.kind == CursorKind.NAMESPACE: - continue - # check if descendant is pointing to a class method - if descendant.semantic_parent is None: - continue - if descendant.semantic_parent.kind == CursorKind.CLASS_DECL: - impl_cursors.append(descendant) - return impl_cursors - - -def extract_definition(cursor: Cursor, classnames: List[str]) -> Tuple[str, str, List[str]]: - """ - extracts class definition source code pointed by the cursor parameter. - and find dependent mock classes by naming look up. - - Args: - cursor: libclang cursor pointing to the target mock class definition. - classnames: all mock class names defined in the definition header that needs to be - divided, used to parse class dependencies. - Returns: - class_name: a string representing the mock class name. - class_defn: a string contains the whole class definition body. - deps: a set of string contains all dependent classes for the return class. - - Note: - It can not detect and resolve forward declaration and cyclic dependency. Need to address - manually. - """ - filename = cursor.location.file.name - contents = read_file_contents(filename) - class_name = cursor.spelling - class_defn = contents[cursor.extent.start.offset:cursor.extent.end.offset] + ";" - # need to know enclosing semantic parents (namespaces) - # to generate corresponding definitions - parent_cursor = cursor.semantic_parent - while parent_cursor.kind == CursorKind.NAMESPACE: - if parent_cursor.spelling == "": - break - class_defn = "namespace {} {{\n".format(parent_cursor.spelling) + class_defn + "\n}\n" - parent_cursor = parent_cursor.semantic_parent - # resolve dependency - # by simple naming look up - deps = set() - for classname in classnames: - if classname in class_defn and classname != class_name: - deps.add(classname) - return class_name, class_defn, deps - - -def get_implline(cursor: Cursor) -> int: - """ - finds the first line of implementation source code for class method pointed by the cursor - parameter. - - Args: - cursor: libclang cursor pointing to the target mock class definition. - - Returns: - an integer, the line number of the first line of the corresponding method implementation - code (zero indexed) - - Note: - This function return line number only. Because in certain case libclang will fail in parsing - the method body and stops parsing early (see headersplit_test.test_class_implementations_error - for details). To address this issue when parsing implementation code, we passed the flag that - ask clang to ignore function bodies. - We can not get the function body directly with the same way we used in extract_definition() - since clang didn't parse function this time. Though we can't get the correct method extent - offset from Cursor, we can still get the start line of the corresponding method instead. - (We can't get the correct line number for the last line due to skipping function bodies) - """ - return cursor.extent.start.line - 1 - - -def extract_implementations(impl_cursors: List[Cursor], source_code: str) -> Dict[str, str]: - """ - extracts method function body for each cursor in list impl_cursors from source code - groups those function bodies with class name to help generating the divided {classname}.cc - returns a dict maps class name to the concatenation of all its member methods implementations. - - Args: - impl_cursors: list of cursors, each pointing to a mock class member function implementation. - source_code: string, the source code for implementations (e.g. mocks.cc) - - Returns: - classname_to_impl: a dict maps class name to its member methods implementations - """ - classname_to_impl = dict() - for i, cursor in enumerate(impl_cursors): - classname = cursor.semantic_parent.spelling - # get first line of function body - implline = get_implline(cursor) - # get last line of function body - if i + 1 < len(impl_cursors): - # i is not the last method, get the start line for the next method - # as the last line of i - impl_end = get_implline(impl_cursors[i + 1]) - impl = "".join(source_code[implline:impl_end]) - else: - # i is the last method, after removing the lines containing close brackets - # for namespaces, the rest should be the function body - offset = 0 - while implline + offset < len(source_code): - if "// namespace" in source_code[implline + offset]: - break - offset += 1 - impl = "".join(source_code[implline:implline + offset]) - if classname in classname_to_impl: - classname_to_impl[classname] += impl + "\n" - else: - classname_to_impl[classname] = impl + "\n" - return classname_to_impl - - -def get_enclosing_namespace(defn: Cursor) -> Tuple[str, str]: - """ - retrieves all enclosing namespaces for the class pointed by defn. - this is necessary to construct the mock class header - e.g.: - defn is pointing MockClass in the follow source code: - - namespace Envoy { - namespace Server { - class MockClass2 {...} - namespace Configuration { - class MockClass {...} - ^ - defn - } - } - } - - this function will return: - "namespace Envoy {\nnamespace Server {\nnamespace Configuration{\n" and "\n}\n}\n}\n" - - Args: - defn: libclang Cursor pointing to a mock class - - Returns: - namespace_prefix, namespace_suffix: a pair of string, representing the enclosing namespaces - """ - namespace_prefix = "" - namespace_suffix = "" - parent_cursor = defn.semantic_parent - while parent_cursor.kind == CursorKind.NAMESPACE: - if parent_cursor.spelling == "": - break - namespace_prefix = "namespace {} {{\n".format(parent_cursor.spelling) + namespace_prefix - namespace_suffix += "\n}" - parent_cursor = parent_cursor.semantic_parent - namespace_suffix += "\n" - return namespace_prefix, namespace_suffix - - -def read_file_contents(path): - with open(path, "r") as input_file: - return input_file.read() - - -def write_file_contents(class_name, class_defn, class_impl): - with open("{}.h".format(to_filename(class_name)), "w") as decl_file: - decl_file.write(class_defn) - with open("{}.cc".format(to_filename(class_name)), "w") as impl_file: - impl_file.write(class_impl) - # generating bazel build file, need to fill dependency manually - bazel_text = """ -envoy_cc_mock( - name = "{}_mocks", - srcs = ["{}.cc"], - hdrs = ["{}.h"], - deps = [ - - ] -) -""".format(to_filename(class_name), to_filename(class_name), to_filename(class_name)) - with open("BUILD", "r+") as bazel_file: - contents = bazel_file.read() - if 'name = "{}_mocks"'.format(to_filename(class_name)) not in contents: - bazel_file.write(bazel_text) - - -def main(args): - """ - divides the monolithic mock file into different mock class files. - """ - decl_filename = args["decl"] - impl_filename = args["impl"] - idx = Index.create() - impl_translation_unit = TranslationUnit.from_source( - impl_filename, options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) - impl_includes = get_directives(impl_translation_unit) - decl_translation_unit = idx.parse(decl_filename, ["-x", "c++"]) - defns = class_definitions(decl_translation_unit.cursor) - decl_includes = get_directives(decl_translation_unit) - impl_cursors = class_implementations(impl_translation_unit.cursor) - contents = read_file_contents(impl_filename) - classname_to_impl = extract_implementations(impl_cursors, contents) - classnames = [cursor.spelling for cursor in defns] - for defn in defns: - # writing {class}.h and {classname}.cc - class_name, class_defn, deps = extract_definition(defn, classnames) - includes = "" - for name in deps: - includes += '#include "{}.h"\n'.format(to_filename(name)) - class_defn = decl_includes + includes + class_defn - class_impl = "" - if class_name not in classname_to_impl: - print("Warning: empty class {}".format(class_name)) - else: - impl_include = impl_includes.replace( - decl_filename, "{}.h".format(to_filename(class_name))) - # we need to enclose methods with namespaces - namespace_prefix, namespace_suffix = get_enclosing_namespace(defn) - class_impl = impl_include + namespace_prefix + \ - classname_to_impl[class_name] + namespace_suffix - write_file_contents(class_name, class_defn, class_impl) - - -if __name__ == "__main__": - PARSER = argparse.ArgumentParser() - PARSER.add_argument( - "-d", - "--decl", - default="mocks.h", - help="Path to the monolithic header .h file that needs to be splitted", - ) - PARSER.add_argument( - "-i", - "--impl", - default="mocks.cc", - help="Path to the implementation code .cc file that needs to be splitted", - ) - main(vars(PARSER.parse_args())) diff --git a/tools/envoy_headersplit/headersplit_test.py b/tools/envoy_headersplit/headersplit_test.py deleted file mode 100644 index 7cd7cc480195..000000000000 --- a/tools/envoy_headersplit/headersplit_test.py +++ /dev/null @@ -1,100 +0,0 @@ -# Lint as: python3 -"""Tests for headersplit.""" - -import headersplit -import unittest - -# libclang imports -from clang.cindex import TranslationUnit, Index - - -class HeadersplitTest(unittest.TestCase): - # A header contains a simple class print hello world - source_code_hello_world = open("tools/envoy_headersplit/code_corpus/hello.h", "r").read() - # A C++ source code contains definition for several classes - source_class_defn = open("tools/envoy_headersplit/code_corpus/class_defn.h", "r").read() - # almost the same as above, but classes are not enclosed by namespace - source_class_defn_without_namespace = open( - "tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h", "r").read() - # A C++ source code contains method implementations for class_defn.h - source_class_impl = open("tools/envoy_headersplit/code_corpus/class_impl.cc", "r").read() - - def test_to_filename(self): - # Test class name with one "mock" - self.assertEqual(headersplit.to_filename("MockAdminStream"), "admin_stream") - - # Test class name with two "Mock" - self.assertEqual( - headersplit.to_filename("MockClusterMockPrioritySet"), "cluster_mock_priority_set") - - # Test class name with no "Mock" - self.assertEqual( - headersplit.to_filename("TestRetryHostPredicateFactory"), - "test_retry_host_predicate_factory") - - def test_get_directives(self): - includes = """// your first c++ program -// NOLINT(namespace-envoy) -#include - -// random strings - -#include "foo/bar" - -""" - translation_unit_hello_world = TranslationUnit.from_source( - "tools/envoy_headersplit/code_corpus/hello.h", - options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) - self.assertEqual(headersplit.get_directives(translation_unit_hello_world), includes) - - def test_class_definitions(self): - idx = Index.create() - translation_unit_class_defn = idx.parse( - "tools/envoy_headersplit/code_corpus/class_defn.h", ["-x", "c++"]) - defns_cursors = headersplit.class_definitions(translation_unit_class_defn.cursor) - defns_names = [cursor.spelling for cursor in defns_cursors] - self.assertEqual(defns_names, ["Foo", "Bar", "FooBar", "DeadBeaf"]) - idx = Index.create() - translation_unit_class_defn = idx.parse( - "tools/envoy_headersplit/code_corpus/class_defn_without_namespace.h", ["-x", "c++"]) - defns_cursors = headersplit.class_definitions(translation_unit_class_defn.cursor) - defns_names = [cursor.spelling for cursor in defns_cursors] - self.assertEqual(defns_names, []) - - def test_class_implementations(self): - translation_unit_class_impl = TranslationUnit.from_source( - "tools/envoy_headersplit/code_corpus/class_impl.cc", - options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) - impls_cursors = headersplit.class_implementations(translation_unit_class_impl.cursor) - impls_names = [cursor.spelling for cursor in impls_cursors] - self.assertEqual(impls_names, ["getFoo", "val", "DeadBeaf"]) - - def test_class_implementations_error(self): - # LibClang will fail in parse this source file (it's modified from the original - # test/server/mocks.cc from Envoy repository) if we don't add flag PARSE_SKIP_FUNCTION_BODIES - # to ignore function bodies. - impl_translation_unit = TranslationUnit.from_source( - "tools/envoy_headersplit/code_corpus/fail_mocks.cc") - impls_cursors = headersplit.class_implementations(impl_translation_unit.cursor) - # impls_name is not complete in this case - impls_names = [cursor.spelling for cursor in impls_cursors] - # LibClang will stop parsing at - # MockListenerComponentFactory::MockListenerComponentFactory() - # : socket_(std::make_shared>()) { - # ^ - # Since parsing stops early, we will have incomplete method list. - # The reason is not clear, however, this issue can be addressed by adding parsing flag to - # ignore function body - - # get correct list of member methods - impl_translation_unit_correct = TranslationUnit.from_source( - "tools/envoy_headersplit/code_corpus/fail_mocks.cc", - options=TranslationUnit.PARSE_SKIP_FUNCTION_BODIES) - impls_cursors_correct = headersplit.class_implementations( - impl_translation_unit_correct.cursor) - impls_names_correct = [cursor.spelling for cursor in impls_cursors_correct] - self.assertNotEqual(impls_names, impls_names_correct) - - -if __name__ == "__main__": - unittest.main() diff --git a/tools/envoy_headersplit/replace_includes.py b/tools/envoy_headersplit/replace_includes.py deleted file mode 100644 index 0fed19714e71..000000000000 --- a/tools/envoy_headersplit/replace_includes.py +++ /dev/null @@ -1,121 +0,0 @@ -# !/usr/bin/env python3 -# Lint as: python3 -""" -This python script can be used to refactor Envoy source code #include after dividing the monolithic -mock headers into different mock classes. This will reduce the building time for specific tests -significantly. - -e.g. - -#include "test/mocks/server.h" -> #include "test/mocks/admin.h" if the source code only used mock -class Server::MockAdmin. - -this script needs to be executed in the Envoy directory -""" -from pathlib import Path -from headersplit import to_filename -from typing import List -import argparse - - -def to_classname(filename: str) -> str: - """ - maps divided mock class file name to class names - inverse function of headersplit.to_filename - e.g. map "test/mocks/server/admin_stream.h" to "MockAdminStream" - - Args: - filename: string, mock class header file name (might be the whole path instead of the base name) - - Returns: - corresponding class name - """ - classname_tokens = filename.split('/')[-1].replace('.h', '').split('_') - classname = "Mock" + ''.join(map(lambda x: x[:1].upper() + x[1:], classname_tokens)) - return classname - - -def to_bazelname(filename: str, mockname: str) -> str: - """ - maps divided mock class file name to bazel target name - e.g. map "test/mocks/server/admin_stream.h" to "//test/mocks/server:admin_stream_mocks" - - Args: - filename: string, mock class header file name (might be the whole path instead of the base name) - mockname: string, mock directory name - - Returns: - corresponding bazel target name - """ - bazelname = "//test/mocks/{}:".format(mockname) - bazelname += filename.split('/')[-1].replace('.h', '') + '_mocks'.format(mockname) - return bazelname - - -def get_filenames(mockname: str) -> List[str]: - """ - scans all headers in test/mocks/{mockname}, return corresponding file names - - Args: - mockname: string, mock directory name - - Returns: - List of file name for the headers in test/mock/{mocksname} - """ - dir = Path("test/mocks/{}/".format(mockname)) - filenames = list(map(str, dir.glob('*.h'))) - return filenames - - -def replace_includes(mockname): - filenames = get_filenames(mockname) - classnames = [to_classname(filename) for filename in filenames] - p = Path('./test') - changed_list = [] # list of test code that been refactored - # walk through all files and check files that contains "{mockname}/mocks.h" - # don't forget change dependency on bazel - for test_file in p.glob('**/*.cc'): - replace_includes = "" - used_mock_header = False - bazel_targets = "" - with test_file.open() as f: - content = f.read() - if '#include "test/mocks/{}/mocks.h"'.format(mockname) in content: - used_mock_header = True - replace_includes = "" - for classname in classnames: - if classname in content: - # replace mocks.h with mock class header used by this test library - # limitation: if some class names in classnames are substrings of others, this part - # will bring over-inclusion e.g. if we have MockCluster and MockClusterFactory, and - # the source code only used MockClusterFactory, then the result code will also include - # MockCluster since it also shows in the file. - # TODO: use clang to analysis class usage instead by simple find and replace - replace_includes += '#include "test/mocks/{}/{}.h"\n'.format( - mockname, to_filename(classname)) - bazel_targets += '"{}",'.format( - to_bazelname(to_filename(classname), mockname)) - if used_mock_header: - changed_list.append(str(test_file.relative_to(Path('.'))) + '\n') - with test_file.open(mode='w') as f: - f.write( - content.replace( - '#include "test/mocks/{}/mocks.h"\n'.format(mockname), replace_includes)) - with (test_file.parent / 'BUILD').open() as f: - # write building files - content = f.read() - split_content = content.split(test_file.name) - split_content[1] = split_content[1].replace( - '"//test/mocks/{}:{}_mocks",'.format(mockname, mockname), bazel_targets, 1) - content = split_content[0] + test_file.name + split_content[1] - with (test_file.parent / 'BUILD').open('w') as f: - f.write(content) - with open("changed.txt", "w") as f: - f.writelines(changed_list) - - -if __name__ == '__main__': - PARSER = argparse.ArgumentParser() - PARSER.add_argument('-m', '--mockname', default="server", help="mock folder that been divided") - mockname = vars(PARSER.parse_args())['mockname'] - replace_includes(mockname) diff --git a/tools/envoy_headersplit/replace_includes_test.py b/tools/envoy_headersplit/replace_includes_test.py deleted file mode 100644 index ff04559cab56..000000000000 --- a/tools/envoy_headersplit/replace_includes_test.py +++ /dev/null @@ -1,76 +0,0 @@ -# Lint as: python3 -"""Tests for replace_includes.""" - -import unittest -from unittest import mock -import os -from pathlib import Path -import replace_includes - - -class ReplaceIncludesTest(unittest.TestCase): - - def test_to_classname(self): - # Test file name with whole path - self.assertEqual( - replace_includes.to_classname("test/mocks/server/admin_stream.h"), "MockAdminStream") - # Test file name without .h extension - self.assertEqual( - replace_includes.to_classname("cluster_mock_priority_set"), - "MockClusterMockPrioritySet") - - def test_to_bazelname(self): - # Test file name with whole path - self.assertEqual( - replace_includes.to_bazelname("test/mocks/server/admin_stream.h", "server"), - "//test/mocks/server:admin_stream_mocks") - # Test file name without .h extension - self.assertEqual( - replace_includes.to_bazelname("cluster_mock_priority_set", "upstream"), - "//test/mocks/upstream:cluster_mock_priority_set_mocks") - - class FakeDir(): - # fake directory to test get_filenames - def glob(self, _): - return [ - Path("test/mocks/server/admin_stream.h"), - Path("test/mocks/server/admin.h"), - Path("test/mocks/upstream/cluster_manager.h") - ] - - @mock.patch("replace_includes.Path", return_value=FakeDir()) - def test_get_filenames(self, mock_Path): - self.assertEqual( - replace_includes.get_filenames("sever"), [ - "test/mocks/server/admin_stream.h", "test/mocks/server/admin.h", - "test/mocks/upstream/cluster_manager.h" - ]) - - def test_replace_includes(self): - fake_source_code = open("tools/envoy_headersplit/code_corpus/fake_source_code.cc", - "r").read() - fake_build_file = open("tools/envoy_headersplit/code_corpus/fake_build", "r").read() - os.mkdir("test") - os.mkdir("test/mocks") - os.mkdir("test/mocks/upstream") - open("test/mocks/upstream/cluster_manager.h", "a").close() - with open("test/async_client_impl_test.cc", "w") as f: - f.write(fake_source_code) - with open("test/BUILD", "w") as f: - f.write(fake_build_file) - replace_includes.replace_includes("upstream") - source_code = "" - build_file = "" - with open("test/async_client_impl_test.cc", "r") as f: - source_code = f.read() - with open("test/BUILD", "r") as f: - build_file = f.read() - self.assertEqual( - source_code, fake_source_code.replace("upstream/mocks", "upstream/cluster_manager")) - self.assertEqual( - build_file, - fake_build_file.replace("upstream:upstream_mocks", "upstream:cluster_manager_mocks")) - - -if __name__ == "__main__": - unittest.main() diff --git a/tools/envoy_headersplit/requirements.txt b/tools/envoy_headersplit/requirements.txt deleted file mode 100644 index dd1cd51a642a..000000000000 --- a/tools/envoy_headersplit/requirements.txt +++ /dev/null @@ -1,3 +0,0 @@ -clang==11.0 \ - --hash=sha256:de1b1e7defe3b499e82cc9851cdc968790575c510f62c2a000c724e1943ca8bb \ - --hash=sha256:f838e6475b1fe5c91efb97e80ae19420c39483fd5aa7ef10f03ffb51edc6f8c5 diff --git a/tools/extensions/BUILD b/tools/extensions/BUILD index 43f21c21d207..5afa137c1c6f 100644 --- a/tools/extensions/BUILD +++ b/tools/extensions/BUILD @@ -1,25 +1,21 @@ -load("@rules_python//python:defs.bzl", "py_binary") load("//bazel:envoy_build_system.bzl", "envoy_package") +load("@extensions_pip3//:requirements.bzl", "requirement") load("//source/extensions:all_extensions.bzl", "envoy_all_extensions") +load("//tools/base:envoy_python.bzl", "envoy_py_binary") licenses(["notice"]) # Apache 2 envoy_package() -py_binary( - name = "generate_extension_db", - srcs = ["generate_extension_db.py"], +envoy_py_binary( + name = "tools.extensions.extensions_check", data = [ - "@com_github_bazelbuild_buildtools//buildozer:buildozer", + "//source/extensions:extensions_metadata.yaml", + "//source/extensions:extensions_build_config.bzl", + "//test/extensions/filters/network/common/fuzz:uber_per_readfilter.cc", ] + envoy_all_extensions(), - python_version = "PY3", - srcs_version = "PY3", - visibility = ["//visibility:public"], -) - -py_binary( - name = "generate_extension_rst", - srcs = ["generate_extension_rst.py"], - data = [":generate_extension_db"], - visibility = ["//visibility:public"], + deps = [ + "//tools/base:checker", + requirement("pyyaml"), + ], ) diff --git a/tools/extensions/extensions_check.py b/tools/extensions/extensions_check.py new file mode 100644 index 000000000000..b3e0b6865c60 --- /dev/null +++ b/tools/extensions/extensions_check.py @@ -0,0 +1,178 @@ +#!/usr/bin/env python3 + +# Validate extension metadata + +import pathlib +import re +import sys +from functools import cached_property +from importlib.util import spec_from_loader, module_from_spec +from importlib.machinery import SourceFileLoader +from typing import Iterator + +import yaml + +from tools.base import checker + +BUILD_CONFIG_PATH = "source/extensions/extensions_build_config.bzl" + +BUILTIN_EXTENSIONS = ( + "envoy.request_id.uuid", "envoy.upstreams.tcp.generic", "envoy.transport_sockets.tls", + "envoy.upstreams.http.http_protocol_options", "envoy.upstreams.http.generic") + +# All Envoy extensions must be tagged with their security hardening stance with +# respect to downstream and upstream data plane threats. These are verbose +# labels intended to make clear the trust that operators may place in +# extensions. +EXTENSION_SECURITY_POSTURES = ( + # This extension is hardened against untrusted downstream traffic. It + # assumes that the upstream is trusted. + "robust_to_untrusted_downstream", + # This extension is hardened against both untrusted downstream and upstream + # traffic. + "robust_to_untrusted_downstream_and_upstream", + # This extension is not hardened and should only be used in deployments + # where both the downstream and upstream are trusted. + "requires_trusted_downstream_and_upstream", + # This is functionally equivalent to + # requires_trusted_downstream_and_upstream, but acts as a placeholder to + # allow us to identify extensions that need classifying. + "unknown", + # Not relevant to data plane threats, e.g. stats sinks. + "data_plane_agnostic") + +# Extension categories as defined by factories +EXTENSION_CATEGORIES = ( + "envoy.access_loggers", "envoy.bootstrap", "envoy.clusters", "envoy.compression.compressor", + "envoy.compression.decompressor", "envoy.filters.http", "envoy.filters.http.cache", + "envoy.filters.listener", "envoy.filters.network", "envoy.filters.udp_listener", + "envoy.formatter", "envoy.grpc_credentials", "envoy.guarddog_actions", "envoy.health_checkers", + "envoy.http.stateful_header_formatters", "envoy.internal_redirect_predicates", + "envoy.io_socket", "envoy.http.original_ip_detection", "envoy.matching.common_inputs", + "envoy.matching.input_matchers", "envoy.quic.proof_source", "envoy.quic.server.crypto_stream", + "envoy.rate_limit_descriptors", "envoy.request_id", "envoy.resource_monitors", + "envoy.retry_host_predicates", "envoy.retry_priorities", "envoy.stats_sinks", + "envoy.thrift_proxy.filters", "envoy.tracers", "envoy.transport_sockets.downstream", + "envoy.transport_sockets.upstream", "envoy.tls.cert_validator", "envoy.upstreams", + "envoy.wasm.runtime") + +EXTENSION_STATUS_VALUES = ( + # This extension is stable and is expected to be production usable. + "stable", + # This extension is functional but has not had substantial production burn + # time, use only with this caveat. + "alpha", + # This extension is work-in-progress. Functionality is incomplete and it is + # not intended for production use. + "wip") + +FILTER_NAMES_PATTERN = "NetworkFilterNames::get()" + +FUZZ_TEST_PATH = "test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc" + +METADATA_PATH = "source/extensions/extensions_metadata.yaml" + + +class ExtensionsChecker(checker.Checker): + checks = ("registered", "fuzzed", "metadata") + extension_categories = EXTENSION_CATEGORIES + extension_security_postures = EXTENSION_SECURITY_POSTURES + extension_status_values = EXTENSION_STATUS_VALUES + + @cached_property + def all_extensions(self) -> set: + return set(self.configured_extensions.keys()) | set(BUILTIN_EXTENSIONS) + + @cached_property + def configured_extensions(self) -> dict: + # source/extensions/extensions_build_config.bzl must have a + # .bzl suffix for Starlark import, so we are forced to do this workaround. + _extensions_build_config_spec = spec_from_loader( + "extensions_build_config", + SourceFileLoader("extensions_build_config", BUILD_CONFIG_PATH)) + extensions_build_config = module_from_spec(_extensions_build_config_spec) + _extensions_build_config_spec.loader.exec_module(extensions_build_config) + return extensions_build_config.EXTENSIONS + + @property + def fuzzed_count(self) -> int: + data = pathlib.Path(FUZZ_TEST_PATH).read_text() + # Hack-ish! We only search the first 50 lines to capture the filters + # in `filterNames()`. + return len(re.findall(FILTER_NAMES_PATTERN, "".join(data.splitlines()[:50]))) + + @cached_property + def metadata(self) -> dict: + with open(METADATA_PATH) as f: + return yaml.safe_load(f.read()) + + @property + def robust_to_downstream_count(self) -> int: + # Count number of network filters robust to untrusted downstreams. + return len([ + ext for ext, data in self.metadata.items() + if "network" in ext and data["security_posture"] == "robust_to_untrusted_downstream" + ]) + + def check_fuzzed(self) -> None: + if self.robust_to_downstream_count == self.fuzzed_count: + return + self.error( + "fuzzed", [ + "Check that all network filters robust against untrusted " + f"downstreams are fuzzed by adding them to filterNames() in {FUZZ_TEST_PATH}" + ]) + + def check_metadata(self) -> None: + for extension in self.metadata: + errors = self._check_metadata(extension) + if errors: + self.error("metadata", errors) + + def check_registered(self) -> None: + only_metadata = set(self.metadata.keys()) - self.all_extensions + missing_metadata = self.all_extensions - set(self.metadata.keys()) + + for extension in only_metadata: + self.error("registered", [f"Metadata for unused extension found: {extension}"]) + + for extension in missing_metadata: + self.error("registered", [f"Metadata missing for extension: {extension}"]) + + def _check_metadata(self, extension: str) -> list: + return ( + list(self._check_metadata_categories(extension)) + + list(self._check_metadata_security_posture(extension)) + + list(self._check_metadata_status(extension))) + + def _check_metadata_categories(self, extension: str) -> Iterator[str]: + categories = self.metadata[extension].get("categories", ()) + for cat in categories: + if cat not in self.extension_categories: + yield f"Unknown extension category for {extension}: {cat}" + if not categories: + yield ( + f"Missing extension category for {extension}. " + "Please make sure the target is an envoy_cc_extension and category is set") + + def _check_metadata_security_posture(self, extension: str) -> Iterator[str]: + security_posture = self.metadata[extension]["security_posture"] + if not security_posture: + yield ( + f"Missing security posture for {extension}. " + "Please make sure the target is an envoy_cc_extension and security_posture is set") + elif security_posture not in self.extension_security_postures: + yield f"Unknown security posture for {extension}: {security_posture}" + + def _check_metadata_status(self, extension: str) -> Iterator[str]: + status = self.metadata[extension]["status"] + if status not in self.extension_status_values: + yield f"Unknown status for {extension}: {status}" + + +def main() -> int: + return ExtensionsChecker().run() + + +if __name__ == "__main__": + sys.exit(main()) diff --git a/tools/extensions/generate_extension_db.py b/tools/extensions/generate_extension_db.py deleted file mode 100644 index ec689e701e01..000000000000 --- a/tools/extensions/generate_extension_db.py +++ /dev/null @@ -1,133 +0,0 @@ -#!/usr/bin/env python3 - -# Generate an extension database, a JSON file mapping from qualified well known -# extension name to metadata derived from the envoy_cc_extension target. - -# This script expects a copy of the envoy source to be located at /source -# Alternatively, you can specify a path to the source dir with `ENVOY_SRCDIR` - -# You must specify the target file to save the generated json db to. -# You can do this either as an arg to this script/target or with the env var -# `EXTENSION_DB_PATH` - -import ast -import json -import os -import pathlib -import re -import subprocess -import sys - -from importlib.util import spec_from_loader, module_from_spec -from importlib.machinery import SourceFileLoader - -BUILDOZER_PATH = os.path.abspath( - "external/com_github_bazelbuild_buildtools/buildozer/buildozer_/buildozer") - -ENVOY_SRCDIR = os.getenv('ENVOY_SRCDIR', '/source') - -if not os.path.exists(ENVOY_SRCDIR): - raise SystemExit( - "Envoy source must either be located at /source, or ENVOY_SRCDIR env var must be set") - -# source/extensions/extensions_build_config.bzl must have a .bzl suffix for Starlark -# import, so we are forced to do this workaround. -_extensions_build_config_spec = spec_from_loader( - 'extensions_build_config', - SourceFileLoader( - 'extensions_build_config', - os.path.join(ENVOY_SRCDIR, 'source/extensions/extensions_build_config.bzl'))) -extensions_build_config = module_from_spec(_extensions_build_config_spec) -_extensions_build_config_spec.loader.exec_module(extensions_build_config) - - -class ExtensionDbError(Exception): - pass - - -def is_missing(value): - return value == '(missing)' - - -def num_read_filters_fuzzed(): - data = pathlib.Path( - os.path.join( - ENVOY_SRCDIR, - 'test/extensions/filters/network/common/fuzz/uber_per_readfilter.cc')).read_text() - # Hack-ish! We only search the first 50 lines to capture the filters in filterNames(). - return len(re.findall('NetworkFilterNames::get()', ''.join(data.splitlines()[:50]))) - - -def num_robust_to_downstream_network_filters(db): - # Count number of network filters robust to untrusted downstreams. - return len([ - ext for ext, data in db.items() - if 'network' in ext and data['security_posture'] == 'robust_to_untrusted_downstream' - ]) - - -def get_extension_metadata(target): - if not BUILDOZER_PATH: - raise ExtensionDbError('Buildozer not found!') - r = subprocess.run( - [BUILDOZER_PATH, '-stdout', 'print security_posture status undocumented category', target], - stdout=subprocess.PIPE, - stderr=subprocess.PIPE) - rout = r.stdout.decode('utf-8').strip().split(' ') - security_posture, status, undocumented = rout[:3] - categories = ' '.join(rout[3:]) - if is_missing(security_posture): - raise ExtensionDbError( - 'Missing security posture for %s. Please make sure the target is an envoy_cc_extension and security_posture is set' - % target) - if is_missing(categories): - raise ExtensionDbError( - 'Missing extension category for %s. Please make sure the target is an envoy_cc_extension and category is set' - % target) - # evaluate tuples/lists - # wrap strings in a list - categories = ( - ast.literal_eval(categories) if ('[' in categories or '(' in categories) else [categories]) - return { - 'security_posture': security_posture, - 'undocumented': False if is_missing(undocumented) else bool(undocumented), - 'status': 'stable' if is_missing(status) else status, - 'categories': categories, - } - - -if __name__ == '__main__': - try: - output_path = os.getenv("EXTENSION_DB_PATH") or sys.argv[1] - except IndexError: - raise SystemExit( - "Output path must be either specified as arg or with EXTENSION_DB_PATH env var") - - extension_db = {} - # Include all extensions from source/extensions/extensions_build_config.bzl - all_extensions = {} - all_extensions.update(extensions_build_config.EXTENSIONS) - for extension, target in all_extensions.items(): - extension_db[extension] = get_extension_metadata(target) - if num_robust_to_downstream_network_filters(extension_db) != num_read_filters_fuzzed(): - raise ExtensionDbError( - 'Check that all network filters robust against untrusted' - 'downstreams are fuzzed by adding them to filterNames() in' - 'test/extensions/filters/network/common/uber_per_readfilter.cc') - # The TLS and generic upstream extensions are hard-coded into the build, so - # not in source/extensions/extensions_build_config.bzl - # TODO(mattklein123): Read these special keys from all_extensions.bzl or a shared location to - # avoid duplicate logic. - extension_db['envoy.transport_sockets.tls'] = get_extension_metadata( - '//source/extensions/transport_sockets/tls:config') - extension_db['envoy.upstreams.http.generic'] = get_extension_metadata( - '//source/extensions/upstreams/http/generic:config') - extension_db['envoy.upstreams.tcp.generic'] = get_extension_metadata( - '//source/extensions/upstreams/tcp/generic:config') - extension_db['envoy.upstreams.http.http_protocol_options'] = get_extension_metadata( - '//source/extensions/upstreams/http:config') - extension_db['envoy.request_id.uuid'] = get_extension_metadata( - '//source/extensions/request_id/uuid:config') - - pathlib.Path(os.path.dirname(output_path)).mkdir(parents=True, exist_ok=True) - pathlib.Path(output_path).write_text(json.dumps(extension_db)) diff --git a/tools/extensions/requirements.txt b/tools/extensions/requirements.txt new file mode 100644 index 000000000000..910e1e3519fe --- /dev/null +++ b/tools/extensions/requirements.txt @@ -0,0 +1,37 @@ +# +# This file is autogenerated by pip-compile +# To update, run: +# +# pip-compile --generate-hashes tools/extensions/requirements.txt +# +pyyaml==5.4.1 \ + --hash=sha256:08682f6b72c722394747bddaf0aa62277e02557c0fd1c42cb853016a38f8dedf \ + --hash=sha256:0f5f5786c0e09baddcd8b4b45f20a7b5d61a7e7e99846e3c799b05c7c53fa696 \ + --hash=sha256:129def1b7c1bf22faffd67b8f3724645203b79d8f4cc81f674654d9902cb4393 \ + --hash=sha256:294db365efa064d00b8d1ef65d8ea2c3426ac366c0c4368d930bf1c5fb497f77 \ + --hash=sha256:3b2b1824fe7112845700f815ff6a489360226a5609b96ec2190a45e62a9fc922 \ + --hash=sha256:3bd0e463264cf257d1ffd2e40223b197271046d09dadf73a0fe82b9c1fc385a5 \ + --hash=sha256:4465124ef1b18d9ace298060f4eccc64b0850899ac4ac53294547536533800c8 \ + --hash=sha256:49d4cdd9065b9b6e206d0595fee27a96b5dd22618e7520c33204a4a3239d5b10 \ + --hash=sha256:4e0583d24c881e14342eaf4ec5fbc97f934b999a6828693a99157fde912540cc \ + --hash=sha256:5accb17103e43963b80e6f837831f38d314a0495500067cb25afab2e8d7a4018 \ + --hash=sha256:607774cbba28732bfa802b54baa7484215f530991055bb562efbed5b2f20a45e \ + --hash=sha256:6c78645d400265a062508ae399b60b8c167bf003db364ecb26dcab2bda048253 \ + --hash=sha256:72a01f726a9c7851ca9bfad6fd09ca4e090a023c00945ea05ba1638c09dc3347 \ + --hash=sha256:74c1485f7707cf707a7aef42ef6322b8f97921bd89be2ab6317fd782c2d53183 \ + --hash=sha256:895f61ef02e8fed38159bb70f7e100e00f471eae2bc838cd0f4ebb21e28f8541 \ + --hash=sha256:8c1be557ee92a20f184922c7b6424e8ab6691788e6d86137c5d93c1a6ec1b8fb \ + --hash=sha256:bb4191dfc9306777bc594117aee052446b3fa88737cd13b7188d0e7aa8162185 \ + --hash=sha256:bfb51918d4ff3d77c1c856a9699f8492c612cde32fd3bcd344af9be34999bfdc \ + --hash=sha256:c20cfa2d49991c8b4147af39859b167664f2ad4561704ee74c1de03318e898db \ + --hash=sha256:cb333c16912324fd5f769fff6bc5de372e9e7a202247b48870bc251ed40239aa \ + --hash=sha256:d2d9808ea7b4af864f35ea216be506ecec180628aced0704e34aca0b040ffe46 \ + --hash=sha256:d483ad4e639292c90170eb6f7783ad19490e7a8defb3e46f97dfe4bacae89122 \ + --hash=sha256:dd5de0646207f053eb0d6c74ae45ba98c3395a571a2891858e87df7c9b9bd51b \ + --hash=sha256:e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63 \ + --hash=sha256:e4fac90784481d221a8e4b1162afa7c47ed953be40d31ab4629ae917510051df \ + --hash=sha256:fa5ae20527d8e831e8230cbffd9f8fe952815b2b7dae6ffec25318803a7528fc \ + --hash=sha256:fd7f6999a8070df521b6384004ef42833b9bd62cfee11a09bda1079b4b704247 \ + --hash=sha256:fdc842473cd33f45ff6bce46aea678a54e3d21f1b61a7750ce3c498eedfe25d6 \ + --hash=sha256:fe69978f3f768926cfa37b867e3843918e012cf83f680806599ddce33c2c68b0 + # via -r tools/extensions/requirements.txt diff --git a/tools/extensions/tests/test_extensions_check.py b/tools/extensions/tests/test_extensions_check.py new file mode 100644 index 000000000000..95ccd9f2aa12 --- /dev/null +++ b/tools/extensions/tests/test_extensions_check.py @@ -0,0 +1,382 @@ +import types +from unittest.mock import patch, PropertyMock + +import pytest + +from tools.extensions import extensions_check + + +def test_extensions_checker_constructor(): + checker = extensions_check.ExtensionsChecker() + assert checker.checks == ("registered", "fuzzed", "metadata") + assert checker.extension_categories == extensions_check.EXTENSION_CATEGORIES + + +def test_extensions_checker_all_extensions(): + checker = extensions_check.ExtensionsChecker() + exts_mock = patch( + "tools.extensions.extensions_check.ExtensionsChecker.configured_extensions", + new_callable=PropertyMock) + _configured = dict(foo="FOO", bar="BAR") + + with exts_mock as m_exts: + m_exts.return_value = _configured + result = checker.all_extensions + + assert ( + result + == set(_configured.keys()) | set(extensions_check.BUILTIN_EXTENSIONS)) + assert "all_extensions" in checker.__dict__ + + +def test_extensions_checker_configured_extensions(patches): + checker = extensions_check.ExtensionsChecker() + patched = patches( + "spec_from_loader", + "SourceFileLoader", + "module_from_spec", + prefix="tools.extensions.extensions_check") + + with patched as (m_spec, m_loader, m_module): + assert ( + checker.configured_extensions + == m_module.return_value.EXTENSIONS) + + assert ( + list(m_spec.call_args) + == [('extensions_build_config', m_loader.return_value), {}]) + assert ( + list(m_loader.call_args) + == [('extensions_build_config', extensions_check.BUILD_CONFIG_PATH), {}]) + assert ( + list(m_module.call_args) + == [(m_spec.return_value,), {}]) + assert ( + list(m_spec.return_value.loader.exec_module.call_args) + == [(m_module.return_value,), {}]) + assert "configured_extensions" in checker.__dict__ + + +def test_extensions_fuzzed_count(patches): + checker = extensions_check.ExtensionsChecker() + patched = patches( + "re", + "pathlib", + prefix="tools.extensions.extensions_check") + + with patched as (m_re, m_path): + data = m_path.Path.return_value.read_text.return_value + data.splitlines.return_value.__getitem__.return_value = ["FOO", "BAR", "BAZ"] + m_re.findall.return_value = "X" * 23 + assert checker.fuzzed_count == 23 + + assert ( + list(m_path.Path.call_args) + == [(extensions_check.FUZZ_TEST_PATH,), {}]) + assert ( + list(m_path.Path.return_value.read_text.call_args) + == [(), {}]) + assert ( + list(data.splitlines.call_args) + == [(), {}]) + assert ( + list(data.splitlines.return_value.__getitem__.call_args) + == [(slice(None, 50, None),), {}]) + assert ( + list(m_re.findall.call_args) + == [(extensions_check.FILTER_NAMES_PATTERN, 'FOOBARBAZ'), {}]) + assert "fuzzed_count" not in checker.__dict__ + + +def test_extensions_metadata(patches): + checker = extensions_check.ExtensionsChecker() + patched = patches( + "open", + "yaml", + prefix="tools.extensions.extensions_check") + + with patched as (m_open, m_yaml): + assert ( + checker.metadata + == m_yaml.safe_load.return_value) + + assert ( + list(m_open.call_args) + == [(extensions_check.METADATA_PATH,), {}]) + assert ( + list(m_open.return_value.__enter__.return_value.read.call_args) + == [(), {}]) + assert ( + list(m_yaml.safe_load.call_args) + == [(m_open.return_value.__enter__.return_value.read.return_value,), {}]) + assert "metadata" in checker.__dict__ + + +def test_extensions_robust_to_downstream_count(): + checker = extensions_check.ExtensionsChecker() + + metadata_mock = patch( + "tools.extensions.extensions_check.ExtensionsChecker.metadata", + new_callable=PropertyMock) + + metadata = dict( + foo0=dict(security_posture="robust_to_untrusted_downstream"), + bar0=dict(security_posture="robust_to_untrusted_downstream"), + baz0=dict(security_posture="robust_to_untrusted_downstream"), + foo1=dict(security_posture="NOT_robust_to_untrusted_downstream"), + bar1=dict(security_posture="NOT_robust_to_untrusted_downstream"), + baz1=dict(security_posture="NOT_robust_to_untrusted_downstream"), + foo0network=dict(security_posture="robust_to_untrusted_downstream"), + bar0network=dict(security_posture="robust_to_untrusted_downstream"), + baz0network=dict(security_posture="robust_to_untrusted_downstream"), + foo1network=dict(security_posture="NOT_robust_to_untrusted_downstream"), + bar1network=dict(security_posture="NOT_robust_to_untrusted_downstream"), + baz1network=dict(security_posture="NOT_robust_to_untrusted_downstream")) + + with metadata_mock as m_meta: + m_meta.return_value = metadata + assert checker.robust_to_downstream_count == 3 + + assert "robust_to_downstream_count" not in checker.__dict__ + + +@pytest.mark.parametrize("robust", ["FUZZED_COUNT", "NOT_FUZZED_COUNT"]) +def test_extensions_check_fuzzed(patches, robust): + checker = extensions_check.ExtensionsChecker() + patched = patches( + ("ExtensionsChecker.robust_to_downstream_count", dict(new_callable=PropertyMock)), + ("ExtensionsChecker.fuzzed_count", dict(new_callable=PropertyMock)), + "ExtensionsChecker.error", + prefix="tools.extensions.extensions_check") + + with patched as (m_robust, m_fuzzed, m_error): + m_fuzzed.return_value = "FUZZED_COUNT" + m_robust.return_value = robust + checker.check_fuzzed() + + ERR_MESSAGE = ( + "Check that all network filters robust against untrusted downstreams are fuzzed " + f"by adding them to filterNames() in {extensions_check.FUZZ_TEST_PATH}") + + if robust != "FUZZED_COUNT": + assert ( + list(m_error.call_args) + == [('fuzzed', [ERR_MESSAGE]), {}]) + else: + assert not m_error.called + + +@pytest.mark.parametrize( + "meta_errors", + [dict(foo=True, bar=False, baz=True), + dict(foo=False, bar=False, baz=False)]) +def test_extensions_check_metadata(patches, meta_errors): + checker = extensions_check.ExtensionsChecker() + patched = patches( + ("ExtensionsChecker.metadata", dict(new_callable=PropertyMock)), + "ExtensionsChecker._check_metadata", + "ExtensionsChecker.error", + prefix="tools.extensions.extensions_check") + + def _check(k): + if meta_errors[k]: + return k + + with patched as (m_meta, m_check, m_error): + m_meta.return_value = meta_errors + m_check.side_effect = _check + checker.check_metadata() + + assert ( + list(list(c) for c in m_check.call_args_list) + == [[('foo',), {}], [('bar',), {}], [('baz',), {}]]) + if True in meta_errors.values(): + assert ( + list(list(c) for c in m_error.call_args_list) + == [[('metadata', 'foo'), {}], [('metadata', 'baz'), {}]]) + else: + assert not m_error.called + + +@pytest.mark.parametrize( + "all_ext", + [("A", "B", "C", "D"), + ("A", "B"), + ("B", "C", "D")]) +@pytest.mark.parametrize( + "metadata", + [("A", "B", "C", "D"), + ("A", "B"), + ("B", "C", "D")]) +def test_extensions_registered(patches, all_ext, metadata): + checker = extensions_check.ExtensionsChecker() + patched = patches( + ("ExtensionsChecker.metadata", dict(new_callable=PropertyMock)), + ("ExtensionsChecker.all_extensions", dict(new_callable=PropertyMock)), + "ExtensionsChecker.error", + prefix="tools.extensions.extensions_check") + + with patched as (m_meta, m_all, m_error): + m_meta.return_value = {k: k for k in metadata} + m_all.return_value = set(all_ext) + checker.check_registered() + + if set(all_ext) == set(metadata): + assert not m_error.called + return + + only_metadata = set(metadata) - set(all_ext) + missing_metadata = set(all_ext) - set(metadata) + errors = [] + + for ext in only_metadata: + errors.append(f"Metadata for unused extension found: {ext}") + for ext in missing_metadata: + errors.append(f"Metadata missing for extension: {ext}") + + assert ( + list(list(c) for c in m_error.call_args_list) + == [[('registered', [error]), {}] + for error + in errors]) + + +def test_extensions__check_metadata(patches): + checker = extensions_check.ExtensionsChecker() + patched = patches( + "ExtensionsChecker._check_metadata_categories", + "ExtensionsChecker._check_metadata_security_posture", + "ExtensionsChecker._check_metadata_status", + prefix="tools.extensions.extensions_check") + + with patched as (m_cat, m_sec, m_status): + m_cat.return_value = ["CAT"] + m_sec.return_value = ["SEC"] + m_status.return_value = ["STATUS"] + assert ( + checker._check_metadata("EXTENSION") + == ['CAT', 'SEC', 'STATUS']) + + for _patch in (m_cat, m_sec, m_status): + assert ( + list(_patch.call_args) + == [('EXTENSION',), {}]) + + +@pytest.mark.parametrize( + "ext_cats", + [(), + ("A", "B", "C", "D"), + ("A", "B"), + ("B", "C", "D")]) +@pytest.mark.parametrize( + "all_cats", + [("A", "B", "C", "D"), + ("A", "B"), + ("B", "C", "D")]) +def test_extensions__check_metadata_categories(ext_cats, all_cats): + checker = extensions_check.ExtensionsChecker() + metadata_mock = patch( + "tools.extensions.extensions_check.ExtensionsChecker.metadata", + new_callable=PropertyMock) + + checker.extension_categories = all_cats + + with metadata_mock as m_meta: + m_meta.return_value.__getitem__.return_value.get.return_value = ext_cats + _result = checker._check_metadata_categories("EXTENSION") + assert isinstance(_result, types.GeneratorType) + result = list(_result) + + assert ( + list(m_meta.return_value.__getitem__.call_args) + == [('EXTENSION',), {}]) + assert ( + list(m_meta.return_value.__getitem__.return_value.get.call_args) + == [('categories', ()), {}]) + + if not ext_cats: + assert ( + result + == ['Missing extension category for EXTENSION. ' + 'Please make sure the target is an envoy_cc_extension and category is set']) + return + + wrong_cats = [cat for cat in ext_cats if cat not in all_cats] + if wrong_cats: + assert ( + result + == [f'Unknown extension category for EXTENSION: {cat}' for cat in wrong_cats]) + return + + assert result == [] + + +@pytest.mark.parametrize("sec_posture", [None, "A", "Z"]) +def test_extensions__check_metadata_security_posture(sec_posture): + checker = extensions_check.ExtensionsChecker() + metadata_mock = patch( + "tools.extensions.extensions_check.ExtensionsChecker.metadata", + new_callable=PropertyMock) + + checker.extension_security_postures = ["A", "B", "C"] + + with metadata_mock as m_meta: + m_meta.return_value.__getitem__.return_value.__getitem__.return_value = sec_posture + _result = checker._check_metadata_security_posture("EXTENSION") + assert isinstance(_result, types.GeneratorType) + result = list(_result) + + assert ( + list(m_meta.return_value.__getitem__.call_args) + == [('EXTENSION',), {}]) + assert ( + list(m_meta.return_value.__getitem__.return_value.__getitem__.call_args) + == [('security_posture',), {}]) + + if not sec_posture: + assert ( + result + == [f"Missing security posture for EXTENSION. " + "Please make sure the target is an envoy_cc_extension and security_posture is set"]) + elif sec_posture not in checker.extension_security_postures: + assert ( + result + == [f"Unknown security posture for EXTENSION: {sec_posture}"]) + else: + assert result == [] + + +@pytest.mark.parametrize("status", ["A", "Z"]) +def test_extensions__check_metadata_status(status): + checker = extensions_check.ExtensionsChecker() + metadata_mock = patch( + "tools.extensions.extensions_check.ExtensionsChecker.metadata", + new_callable=PropertyMock) + + checker.extension_status_values = ["A", "B", "C"] + + with metadata_mock as m_meta: + m_meta.return_value.__getitem__.return_value.__getitem__.return_value = status + _result = checker._check_metadata_status("EXTENSION") + assert isinstance(_result, types.GeneratorType) + result = list(_result) + + assert ( + list(m_meta.return_value.__getitem__.call_args) + == [('EXTENSION',), {}]) + assert ( + list(m_meta.return_value.__getitem__.return_value.__getitem__.call_args) + == [('status',), {}]) + + if status not in checker.extension_status_values: + assert result == [f'Unknown status for EXTENSION: {status}'] + else: + assert result == [] + + +def test_extensions_checker_main(command_main): + command_main( + extensions_check.main, + "tools.extensions.extensions_check.ExtensionsChecker", + args=()) diff --git a/tools/proto_format/proto_format.sh b/tools/proto_format/proto_format.sh index 43ad645367e8..74e0a8992f72 100755 --- a/tools/proto_format/proto_format.sh +++ b/tools/proto_format/proto_format.sh @@ -22,7 +22,7 @@ read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" if [[ "$2" == "--test" ]]; then echo "protoxform_test..." - ./tools/protoxform/protoxform_test.sh + BAZEL_BUILD_OPTIONS="${BAZEL_BUILD_OPTIONS[*]}" ./tools/protoxform/protoxform_test.sh bazel test "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:merge_active_shadow_test fi @@ -62,7 +62,7 @@ bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:protoprint //tools/pr # Copy back the FileDescriptorProtos that protoxform emitted to the source tree. This involves # pretty-printing to format with protoprint and potentially merging active/shadow versions of protos # with merge_active_shadow. -./tools/proto_format/proto_sync.py "--mode=${PROTO_SYNC_CMD}" "${PROTO_TARGETS[@]}" +./tools/proto_format/proto_sync.py "--mode=${PROTO_SYNC_CMD}" "${PROTO_TARGETS[@]}" --ci # Need to regenerate //versioning:active_protos before building type DB below if freezing. if [[ "$1" == "freeze" ]]; then diff --git a/tools/proto_format/proto_sync.py b/tools/proto_format/proto_sync.py index 024e8435ed01..9dd232a4fae3 100755 --- a/tools/proto_format/proto_sync.py +++ b/tools/proto_format/proto_sync.py @@ -51,6 +51,71 @@ api_proto_package($fields) """) +IGNORED_V2_PROTOS = [ + "envoy/config/accesslog/v2", + "envoy/config/cluster/aggregate/v2alpha", + "envoy/config/cluster/redis", + "envoy/config/common/tap/v2alpha", + "envoy/config/filter/dubbo/router/v2alpha1", + "envoy/config/filter/http/adaptive_concurrency/v2alpha", + "envoy/config/filter/http/aws_lambda/v2alpha", + "envoy/config/filter/http/aws_request_signing/v2alpha", + "envoy/config/filter/http/buffer/v2", + "envoy/config/filter/http/cache/v2alpha", + "envoy/config/filter/http/cors/v2", + "envoy/config/filter/http/csrf/v2", + "envoy/config/filter/http/dynamic_forward_proxy/v2alpha", + "envoy/config/filter/http/dynamo/v2", + "envoy/config/filter/http/fault/v2", + "envoy/config/filter/http/grpc_http1_bridge/v2", + "envoy/config/filter/http/grpc_http1_reverse_bridge/v2alpha1", + "envoy/config/filter/http/grpc_stats/v2alpha", + "envoy/config/filter/http/grpc_web/v2", + "envoy/config/filter/http/header_to_metadata/v2", + "envoy/config/filter/http/jwt_authn/v2alpha", + "envoy/config/filter/http/lua/v2", + "envoy/config/filter/http/on_demand/v2", + "envoy/config/filter/http/original_src/v2alpha1", + "envoy/config/filter/http/rate_limit/v2", + "envoy/config/filter/http/rbac/v2", + "envoy/config/filter/http/router/v2", + "envoy/config/filter/http/squash/v2", + "envoy/config/filter/http/tap/v2alpha", + "envoy/config/filter/http/transcoder/v2", + "envoy/config/filter/listener/http_inspector/v2", + "envoy/config/filter/listener/original_dst/v2", + "envoy/config/filter/listener/original_src/v2alpha1", + "envoy/config/filter/listener/proxy_protocol/v2", + "envoy/config/filter/listener/tls_inspector/v2", + "envoy/config/filter/network/client_ssl_auth/v2", + "envoy/config/filter/network/direct_response/v2", + "envoy/config/filter/network/dubbo_proxy/v2alpha1", + "envoy/config/filter/network/echo/v2", + "envoy/config/filter/network/ext_authz/v2", + "envoy/config/filter/network/kafka_broker/v2alpha1", + "envoy/config/filter/network/local_rate_limit/v2alpha", + "envoy/config/filter/network/mongo_proxy/v2", + "envoy/config/filter/network/mysql_proxy/v1alpha1", + "envoy/config/filter/network/rate_limit/v2", + "envoy/config/filter/network/rbac/v2", + "envoy/config/filter/network/sni_cluster/v2", + "envoy/config/filter/network/zookeeper_proxy/v1alpha1", + "envoy/config/filter/thrift/rate_limit/v2alpha1", + "envoy/config/filter/udp/udp_proxy/v2alpha", + "envoy/config/grpc_credential/v2alpha", + "envoy/config/ratelimit/v2", + "envoy/config/rbac/v2", + "envoy/config/retry/omit_host_metadata/v2", + "envoy/config/retry/previous_priorities", + "envoy/config/transport_socket/raw_buffer/v2", + "envoy/config/transport_socket/tap/v2alpha", + "envoy/data/cluster/v2alpha", + "envoy/data/dns/v2alpha", + "envoy/data/core/v2alpha", + "envoy/service/event_reporting/v2alpha", + "envoy/service/trace/v2", +] + IMPORT_REGEX = re.compile('import "(.*)";') SERVICE_REGEX = re.compile('service \w+ {') PACKAGE_REGEX = re.compile('\npackage: "([^"]*)"') @@ -239,8 +304,10 @@ def get_previous_message_type_deps(proto_path): matches = re.findall(PREVIOUS_MESSAGE_TYPE_REGEX, contents) deps = [] for m in matches: - target = '//%s:pkg' % get_directory_from_package(m) - deps.append(target) + pkg = get_directory_from_package(m) + if pkg in IGNORED_V2_PROTOS: + continue + deps.append('//%s:pkg' % pkg) return deps @@ -327,6 +394,9 @@ def generate_current_api_dir(api_dir, dst_dir): # so we ignore it here. shutil.rmtree(str(dst.joinpath("service", "auth", "v2alpha"))) + for proto in IGNORED_V2_PROTOS: + shutil.rmtree(str(dst.joinpath(proto[6:]))) + def git_status(path): return subprocess.check_output(['git', 'status', '--porcelain', str(path)]).decode() @@ -373,7 +443,7 @@ def should_sync(path, api_proto_modified_files, py_tools_modified_files): return False -def sync(api_root, mode, labels, shadow): +def sync(api_root, mode, is_ci, labels, shadow): api_proto_modified_files = git_modified_files('api', 'proto') py_tools_modified_files = git_modified_files('tools', 'py') with tempfile.TemporaryDirectory() as tmp: @@ -387,7 +457,7 @@ def sync(api_root, mode, labels, shadow): if shadow else '.next_major_version_candidate.proto')) dst_src_paths = defaultdict(list) for path in paths: - if os.stat(path).st_size > 0: + if os.path.exists(path) and os.stat(path).st_size > 0: abs_dst_path, rel_dst_path = get_abs_rel_destination_path(dst_dir, path) if should_sync(path, api_proto_modified_files, py_tools_modified_files): dst_src_paths[abs_dst_path].append(path) @@ -427,7 +497,7 @@ def sync(api_root, mode, labels, shadow): print( 'Proto formatting may overwrite or delete files in the above list with no git backup.' ) - if input('Continue? [yN] ').strip().lower() != 'y': + if not is_ci and input('Continue? [yN] ').strip().lower() != 'y': sys.exit(1) src_files = set( str(p.relative_to(current_api_dir)) for p in current_api_dir.rglob('*')) @@ -438,12 +508,12 @@ def sync(api_root, mode, labels, shadow): print( 'If this is not intended, please see https://github.com/envoyproxy/envoy/blob/main/api/STYLE.md#adding-an-extension-configuration-to-the-api.' ) - if input('Delete files? [yN] ').strip().lower() == 'y': + if not is_ci and input('Delete files? [yN] ').strip().lower() != 'y': + sys.exit(1) + else: subprocess.run(['patch', '-p1'], input=diff, cwd=str(api_root_path.resolve())) - else: - sys.exit(1) else: subprocess.run(['patch', '-p1'], input=diff, cwd=str(api_root_path.resolve())) @@ -453,8 +523,9 @@ def sync(api_root, mode, labels, shadow): parser.add_argument('--mode', choices=['check', 'fix']) parser.add_argument('--api_root', default='./api') parser.add_argument('--api_shadow_root', default='./generated_api_shadow') + parser.add_argument('--ci', action="store_true", default=False) parser.add_argument('labels', nargs='*') args = parser.parse_args() - sync(args.api_root, args.mode, args.labels, False) - sync(args.api_shadow_root, args.mode, args.labels, True) + sync(args.api_root, args.mode, args.ci, args.labels, False) + sync(args.api_shadow_root, args.mode, args.ci, args.labels, True) diff --git a/tools/protodoc/BUILD b/tools/protodoc/BUILD index d9eeb6ac203f..b6cb29bccef1 100644 --- a/tools/protodoc/BUILD +++ b/tools/protodoc/BUILD @@ -1,6 +1,7 @@ load("@rules_python//python:defs.bzl", "py_binary") load("@protodoc_pip3//:requirements.bzl", "requirement") load("//bazel:envoy_build_system.bzl", "envoy_package", "envoy_proto_library") +load("//tools/protodoc:protodoc.bzl", "protodoc_rule") licenses(["notice"]) # Apache 2 @@ -24,6 +25,7 @@ py_binary( data = [ "//docs:protodoc_manifest.yaml", "//docs:v2_mapping.json", + "//source/extensions:extensions_metadata.yaml", ], visibility = ["//visibility:public"], deps = [ @@ -37,3 +39,8 @@ py_binary( requirement("PyYAML"), ], ) + +protodoc_rule( + name = "api_v3_protodoc", + deps = ["@envoy_api_canonical//:v3_protos"], +) diff --git a/tools/protodoc/generate_empty.py b/tools/protodoc/generate_empty.py index a13d09b37307..bb48f53cf40e 100644 --- a/tools/protodoc/generate_empty.py +++ b/tools/protodoc/generate_empty.py @@ -2,9 +2,11 @@ # config. import json +import os import pathlib import string import sys +import tarfile import protodoc @@ -41,10 +43,19 @@ def generate_empty_extension_docs(extension, details, api_extensions_root): path.write_text(content) -if __name__ == '__main__': +def main(): empty_extensions_path = sys.argv[1] - api_extensions_root = sys.argv[2] + output_filename = sys.argv[2] + generated_rst_dir = os.path.dirname(output_filename) + api_extensions_root = os.path.join(generated_rst_dir, "api-v3/config") empty_extensions = json.loads(pathlib.Path(empty_extensions_path).read_text()) for extension, details in empty_extensions.items(): generate_empty_extension_docs(extension, details, api_extensions_root) + + with tarfile.open(output_filename, "w") as tar: + tar.add(generated_rst_dir, arcname=".") + + +if __name__ == '__main__': + main() diff --git a/tools/protodoc/protodoc.bzl b/tools/protodoc/protodoc.bzl index 0ed26121fe6a..751a24bc4484 100644 --- a/tools/protodoc/protodoc.bzl +++ b/tools/protodoc/protodoc.bzl @@ -13,3 +13,20 @@ def _protodoc_impl(target, ctx): # The aspect builds the transitive docs, so any .proto in the dependency graph # get docs created. protodoc_aspect = api_proto_plugin_aspect("//tools/protodoc", _protodoc_impl) + +def _protodoc_rule_impl(ctx): + return [ + DefaultInfo( + files = depset(transitive = [ + d[OutputGroupInfo].rst + for d in ctx.attr.deps + ]), + ), + ] + +protodoc_rule = rule( + implementation = _protodoc_rule_impl, + attrs = { + "deps": attr.label_list(aspects = [protodoc_aspect]), + }, +) diff --git a/tools/protodoc/protodoc.py b/tools/protodoc/protodoc.py index 0321afe0bd75..2edcd9103149 100755 --- a/tools/protodoc/protodoc.py +++ b/tools/protodoc/protodoc.py @@ -6,8 +6,6 @@ from collections import defaultdict import json import functools -import os -import pathlib import sys from google.protobuf import json_format @@ -115,7 +113,10 @@ 'This extension is work-in-progress. Functionality is incomplete and it is not intended for production use.', } -EXTENSION_DB = json.loads(pathlib.Path(os.getenv('EXTENSION_DB_PATH')).read_text()) +r = runfiles.Create() + +with open(r.Rlocation("envoy/source/extensions/extensions_metadata.yaml")) as f: + EXTENSION_DB = yaml.safe_load(f.read()) # create an index of extension categories from extension db EXTENSION_CATEGORIES = {} @@ -241,7 +242,7 @@ def format_extension(extension): """ try: extension_metadata = EXTENSION_DB[extension] - status = EXTENSION_STATUS_VALUES.get(extension_metadata['status'], '') + status = EXTENSION_STATUS_VALUES.get(extension_metadata.get('status'), '') security_posture = EXTENSION_SECURITY_POSTURES[extension_metadata['security_posture']] categories = extension_metadata["categories"] except KeyError as e: @@ -662,8 +663,6 @@ class RstFormatVisitor(visitor.Visitor): """ def __init__(self): - r = runfiles.Create() - with open(r.Rlocation('envoy/docs/v2_mapping.json'), 'r') as f: self.v2_mapping = json.load(f) @@ -678,7 +677,7 @@ def visit_enum(self, enum_proto, type_context): normal_enum_type = normalize_type_context_name(type_context.name) anchor = format_anchor(enum_cross_ref_label(normal_enum_type)) header = format_header('-', 'Enum %s' % normal_enum_type) - proto_link = github_url("f[{normal_enum_type} proto]", type_context) + '\n\n' + proto_link = github_url(f"[{normal_enum_type} proto]", type_context) + '\n\n' leading_comment = type_context.leading_comment formatted_leading_comment = format_comment_with_annotations(leading_comment, 'enum') if hide_not_implemented(leading_comment): diff --git a/tools/spelling/check_spelling.sh b/tools/spelling/check_spelling.sh deleted file mode 100755 index b5a0a9847d0b..000000000000 --- a/tools/spelling/check_spelling.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash - -# Applies requisite code formatters to the source tree -# check_spelling.sh - -# Why choose misspell? -# https://github.com/client9/misspell#what-are-other-misspelling-correctors-and-whats-wrong-with-them - -set -u -set -e - -VERSION="0.3.4" -LINUX_MISSPELL_SHA="34d489dbc5ddb4dfd6d3cfac9fde8660e6c37e6c" -MAC_MISSPELL_SHA="f2607e2297b9e8af562e384c38045033375c7433" -TMP_DIR="/tmp" -OS="" - -MISSPELL_ARGS="-error -o stderr" - -if [[ "$#" -lt 1 ]]; then - echo "Usage: $0 check|fix" - exit 1 -fi - -if [[ "$1" == "fix" ]]; then - MISSPELL_ARGS="-w" -fi - -if [[ "$(uname)" == "Darwin" ]]; then - OS="mac" -elif [[ "$(uname)" == "Linux" ]]; then - OS="linux" -else - echo "Current only support mac/Linux" - exit 1 -fi - -SCRIPTPATH=$( cd "$(dirname "$0")" ; pwd -P ) -ROOTDIR="${SCRIPTPATH}/../.." -cd "$ROOTDIR" - -BIN_FILENAME="misspell_${VERSION}_${OS}_64bit.tar.gz" -# Install tools we need -if [[ ! -e "${TMP_DIR}/misspell" ]]; then - if ! wget https://github.com/client9/misspell/releases/download/v"${VERSION}"/"${BIN_FILENAME}" \ - -O "${TMP_DIR}/${BIN_FILENAME}" --no-verbose --tries=3 -o "${TMP_DIR}/wget.log"; then - cat "${TMP_DIR}/wget.log" - exit 1 - fi - tar -xvf "${TMP_DIR}/${BIN_FILENAME}" -C "${TMP_DIR}" &> /dev/null -fi - -ACTUAL_SHA="" -EXPECT_SHA="" - -if [[ "${OS}" == "linux" ]]; then - ACTUAL_SHA=$(sha1sum "${TMP_DIR}"/misspell|cut -d' ' -f1) - EXPECT_SHA="${LINUX_MISSPELL_SHA}" -else - ACTUAL_SHA=$(shasum -a 1 "${TMP_DIR}"/misspell|cut -d' ' -f1) - EXPECT_SHA="${MAC_MISSPELL_SHA}" -fi - -if [[ ! ${ACTUAL_SHA} == "${EXPECT_SHA}" ]]; then - echo "Expect shasum is ${ACTUAL_SHA}, but actual is shasum ${EXPECT_SHA}" - exit 1 -fi - -chmod +x "${TMP_DIR}/misspell" - -# Spell checking -# All the skipping files are defined in tools/spelling/spelling_skip_files.txt -read -ra SKIP_FILES < "${ROOTDIR}/tools/spelling/spelling_skip_files.txt" -read -ra SKIP_FILES <<< "${SKIP_FILES[@]/#/-e }" - -# All the ignore words are defined in tools/spelling/spelling_allowlist_words.txt -SPELLING_ALLOWLIST_WORDS_FILE="${ROOTDIR}/tools/spelling/spelling_allowlist_words.txt" -ALLOWLIST_WORDS=$(grep -vE '^#|^$' "${SPELLING_ALLOWLIST_WORDS_FILE}" | xargs | tr ' ' ',') - -git ls-files | grep -v "${SKIP_FILES[@]}" | xargs "${TMP_DIR}/misspell" -i \ - "${ALLOWLIST_WORDS}" ${MISSPELL_ARGS} diff --git a/tools/spelling/spelling_allowlist_words.txt b/tools/spelling/spelling_allowlist_words.txt deleted file mode 100644 index 3f7b1b805087..000000000000 --- a/tools/spelling/spelling_allowlist_words.txt +++ /dev/null @@ -1,2 +0,0 @@ -# One word per line, these words are not spell checked. -# you can add a comment to each word to explain why you don't need to do a spell check. diff --git a/tools/spelling/spelling_dictionary.txt b/tools/spelling/spelling_dictionary.txt index 44481c60f7af..f5dad4b68e77 100644 --- a/tools/spelling/spelling_dictionary.txt +++ b/tools/spelling/spelling_dictionary.txt @@ -34,6 +34,7 @@ HEXDIG HEXDIGIT OWS Preconnecting +RCVBUF RTCP RTP STATNAME @@ -443,6 +444,8 @@ benchmarked bidi bignum bitfield +bitmask +bitmasks bitset bitwise blackhole @@ -934,6 +937,8 @@ preorder prepend prepended prepends +preresolve +preresolved prev probabilistically proc @@ -1241,6 +1246,7 @@ virtualize vptr wakeup wakeups +wamr wasmtime websocket wepoll diff --git a/tools/spelling/spelling_skip_files.txt b/tools/spelling/spelling_skip_files.txt deleted file mode 100644 index 8351c72345a4..000000000000 --- a/tools/spelling/spelling_skip_files.txt +++ /dev/null @@ -1 +0,0 @@ -OWNERS.md corpus diff --git a/tools/testdata/check_format/angle_bracket_include.cc b/tools/testdata/check_format/angle_bracket_include.cc index 2bfc07171578..31a857521890 100644 --- a/tools/testdata/check_format/angle_bracket_include.cc +++ b/tools/testdata/check_format/angle_bracket_include.cc @@ -1,5 +1,5 @@ namespace Envoy { -#include +#include } // namespace Envoy diff --git a/tools/testdata/check_format/angle_bracket_include.cc.gold b/tools/testdata/check_format/angle_bracket_include.cc.gold index 3be5b517b8bf..b953b0f47646 100644 --- a/tools/testdata/check_format/angle_bracket_include.cc.gold +++ b/tools/testdata/check_format/angle_bracket_include.cc.gold @@ -1,5 +1,5 @@ namespace Envoy { -#include "common/common/utility.h" +#include "source/common/common/utility.h" } // namespace Envoy diff --git a/tools/testdata/check_format/header_order.cc b/tools/testdata/check_format/header_order.cc index d387bb3415d5..b0aa98c3cd1a 100644 --- a/tools/testdata/check_format/header_order.cc +++ b/tools/testdata/check_format/header_order.cc @@ -1,19 +1,19 @@ #include "absl/types/optional.h" -#include "common/api/api_impl.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/utility.h" -#include "common/version/version.h" -#include "common/config/resources.h" -#include "common/config/utility.h" -#include "common/local_info/local_info_impl.h" -#include "common/memory/stats.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/rds_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/singleton/manager_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/upstream/cluster_manager_impl.h" +#include "source/common/api/api_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/utility.h" +#include "source/common/version/version.h" +#include "source/common/config/resources.h" +#include "source/common/config/utility.h" +#include "source/common/local_info/local_info_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/rds_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/upstream/cluster_manager_impl.h" #include #include "envoy/admin/v2alpha/config_dump.pb.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.h" @@ -25,10 +25,10 @@ #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" #include -#include "server/configuration_impl.h" -#include "server/connection_handler_impl.h" -#include "server/guarddog_impl.h" -#include "server/listener_hooks.h" +#include "source/server/configuration_impl.h" +#include "source/server/connection_handler_impl.h" +#include "source/server/guarddog_impl.h" +#include "source/server/listener_hooks.h" #include #include #include diff --git a/tools/testdata/check_format/header_order.cc.gold b/tools/testdata/check_format/header_order.cc.gold index 5f6d6433a91b..acd9fd1a9861 100644 --- a/tools/testdata/check_format/header_order.cc.gold +++ b/tools/testdata/check_format/header_order.cc.gold @@ -15,26 +15,25 @@ #include "envoy/server/options.h" #include "envoy/upstream/cluster_manager.h" -#include "common/api/api_impl.h" -#include "common/api/os_sys_calls_impl.h" -#include "common/common/utility.h" -#include "common/config/resources.h" -#include "common/config/utility.h" -#include "common/local_info/local_info_impl.h" -#include "common/memory/stats.h" -#include "common/network/address_impl.h" -#include "common/protobuf/utility.h" -#include "common/router/rds_impl.h" -#include "common/runtime/runtime_impl.h" -#include "common/singleton/manager_impl.h" -#include "common/stats/thread_local_store.h" -#include "common/upstream/cluster_manager_impl.h" -#include "common/version/version.h" - -#include "server/configuration_impl.h" -#include "server/connection_handler_impl.h" -#include "server/guarddog_impl.h" -#include "server/listener_hooks.h" +#include "source/common/api/api_impl.h" +#include "source/common/api/os_sys_calls_impl.h" +#include "source/common/common/utility.h" +#include "source/common/config/resources.h" +#include "source/common/config/utility.h" +#include "source/common/local_info/local_info_impl.h" +#include "source/common/memory/stats.h" +#include "source/common/network/address_impl.h" +#include "source/common/protobuf/utility.h" +#include "source/common/router/rds_impl.h" +#include "source/common/runtime/runtime_impl.h" +#include "source/common/singleton/manager_impl.h" +#include "source/common/stats/thread_local_store.h" +#include "source/common/upstream/cluster_manager_impl.h" +#include "source/common/version/version.h" +#include "source/server/configuration_impl.h" +#include "source/server/connection_handler_impl.h" +#include "source/server/guarddog_impl.h" +#include "source/server/listener_hooks.h" #include "absl/types/optional.h" diff --git a/tools/testing/plugin.py b/tools/testing/plugin.py index 49882722df63..2eb61ec6792d 100644 --- a/tools/testing/plugin.py +++ b/tools/testing/plugin.py @@ -41,13 +41,13 @@ def patches(): return _patches -def _command_main(main, handler): +def _command_main(main, handler, args=("arg0", "arg1", "arg2")): class_mock = patch(handler) with class_mock as m_class: - assert (main("arg0", "arg1", "arg2") == m_class.return_value.run.return_value) + assert (main(*args) == m_class.return_value.run.return_value) - assert (list(m_class.call_args) == [('arg0', 'arg1', 'arg2'), {}]) + assert (list(m_class.call_args) == [args, {}]) assert (list(m_class.return_value.run.call_args) == [(), {}]) diff --git a/tools/testing/requirements.txt b/tools/testing/requirements.txt index 77e56959bd61..6168ab3ee659 100644 --- a/tools/testing/requirements.txt +++ b/tools/testing/requirements.txt @@ -94,9 +94,9 @@ pyparsing==2.4.7 \ # via # -r tools/testing/requirements.txt # packaging -pytest-cov==2.12.0 \ - --hash=sha256:95d4933dcbbacfa377bb60b29801daa30d90c33981ab2a79e9ab4452c165066e \ - --hash=sha256:8535764137fecce504a49c2b742288e3d34bc09eed298ad65963616cc98fd45e +pytest-cov==2.12.1 \ + --hash=sha256:261bb9e47e65bd099c89c3edf92972865210c36813f80ede5277dceb77a4a62a \ + --hash=sha256:261ceeb8c227b726249b376b8526b600f38667ee314f910353fa318caa01f4d7 # via -r tools/testing/requirements.txt pytest==6.2.4 \ --hash=sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890 \ diff --git a/tools/type_whisperer/api_type_db.cc b/tools/type_whisperer/api_type_db.cc index 4d84bec799bb..198a3ee4a477 100644 --- a/tools/type_whisperer/api_type_db.cc +++ b/tools/type_whisperer/api_type_db.cc @@ -1,6 +1,6 @@ #include "tools/type_whisperer/api_type_db.h" -#include "common/protobuf/protobuf.h" +#include "source/common/protobuf/protobuf.h" #include "tools/type_whisperer/api_type_db.pb.h" #include "udpa/annotations/migrate.pb.h" diff --git a/tools/vscode/refresh_compdb.sh b/tools/vscode/refresh_compdb.sh index d8800deb15fe..24c0440ce473 100755 --- a/tools/vscode/refresh_compdb.sh +++ b/tools/vscode/refresh_compdb.sh @@ -3,7 +3,7 @@ [[ -z "${SKIP_PROTO_FORMAT}" ]] && tools/proto_format/proto_format.sh fix # Setting TEST_TMPDIR here so the compdb headers won't be overwritten by another bazel run -TEST_TMPDIR=${BUILD_DIR:-/tmp}/envoy-compdb tools/gen_compilation_database.py +TEST_TMPDIR=${BUILD_DIR:-/tmp}/envoy-compdb tools/gen_compilation_database.py --vscode # Kill clangd to reload the compilation database -pkill clangd +pkill clangd || :