Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build: marking extensions as extension-only visible by default #12337

Merged
merged 11 commits into from
Aug 1, 2020
Merged

build: marking extensions as extension-only visible by default #12337

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
d1ca7f2
build: marking extensions as extension-only visible by default
alyssawilk Jul 28, 2020
83d0054
and the rest
alyssawilk Jul 28, 2020
0fd2556
improvements for downstream
alyssawilk Jul 29, 2020
cf2bcee
Merge branch 'master' into visibility
alyssawilk Jul 30, 2020
1b46b11
package
alyssawilk Jul 30, 2020
4cc486f
fix build?
alyssawilk Jul 30, 2020
c7929d9
Merge branch 'master' into visibility
alyssawilk Jul 30, 2020
6ad8733
really build fix?
alyssawilk Jul 30, 2020
6a5fe07
review comments
alyssawilk Jul 30, 2020
8a374ac
comments
alyssawilk Jul 31, 2020
ba8d270
comments
alyssawilk Jul 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,28 @@ exports_files([
"VERSION",
".clang-format",
])

# These two definitions exist to help reduce Envoy upstream core code depending on extensions.
# To avoid visibility problems, one can replace the package lists below with "//visibility:public"
#
# TODO(#9953) //test/config_test:__pkg__ should probably be split up and removed.
# TODO(#9953) the config fuzz tests should be moved somewhere local and //test/config_test and //test/server removed.
package_group(
name = "extension_config",
packages = [
"//source/exe",
"//source/extensions/...",
"//test/config_test",
"//test/extensions/...",
"//test/server",
"//test/server/config_validation",
],
)

package_group(
name = "extension_library",
packages = [
"//source/extensions/...",
"//test/extensions/...",
],
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a TODO here to make this override more easier? I think potentially we can embed part of this in source/extensions/extensions_build_config.bzl (something like additional_visibility), that's where the overrides happen for downstream builds normally.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gah, that's a fair point.
I hate to make folks overwrite the build file, then move their workarounds when I do the TODO. Let me see if I can get something working tonight.

2 changes: 2 additions & 0 deletions bazel/envoy_build_system.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ load(
":envoy_library.bzl",
_envoy_basic_cc_library = "envoy_basic_cc_library",
_envoy_cc_extension = "envoy_cc_extension",
_envoy_cc_extension_library = "envoy_cc_extension_library",
_envoy_cc_library = "envoy_cc_library",
_envoy_cc_posix_library = "envoy_cc_posix_library",
_envoy_cc_win32_library = "envoy_cc_win32_library",
Expand Down Expand Up @@ -178,6 +179,7 @@ envoy_cc_binary = _envoy_cc_binary
envoy_basic_cc_library = _envoy_basic_cc_library
envoy_cc_extension = _envoy_cc_extension
envoy_cc_library = _envoy_cc_library
envoy_cc_extension_library = _envoy_cc_extension_library
envoy_cc_posix_library = _envoy_cc_posix_library
envoy_cc_win32_library = _envoy_cc_win32_library
envoy_include_prefix = _envoy_include_prefix
Expand Down
33 changes: 32 additions & 1 deletion bazel/envoy_library.bzl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,12 +70,43 @@ def envoy_cc_extension(
undocumented = False,
status = "stable",
tags = [],
extra_visibility = [],
visibility = ["//:extension_config"],
**kwargs):
visibility = visibility + extra_visibility
if security_posture not in EXTENSION_SECURITY_POSTURES:
fail("Unknown extension security posture: " + security_posture)
if status not in EXTENSION_STATUS_VALUES:
fail("Unknown extension status: " + status)
envoy_cc_library(name, tags = tags, **kwargs)
envoy_cc_library(name, tags = tags, visibility = visibility, **kwargs)

def envoy_cc_extension_library(
name,
srcs = [],
hdrs = [],
copts = [],
visibility = ["//:extension_library"],
external_deps = [],
tcmalloc_dep = None,
repository = "",
tags = [],
deps = [],
strip_include_prefix = None,
textual_hdrs = None):
envoy_cc_library(
name = name,
srcs = srcs,
hdrs = hdrs,
copts = copts,
visibility = visibility,
external_deps = external_deps,
tcmalloc_dep = tcmalloc_dep,
repository = repository,
tags = tags,
deps = deps,
strip_include_prefix = strip_include_prefix,
textual_hdrs = textual_hdrs,
)

# Envoy C++ library targets should be specified with this function.
def envoy_cc_library(
Expand Down
2 changes: 2 additions & 0 deletions docs/root/version_history/current.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ Incompatible Behavior Changes
-----------------------------
*Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*

* build: added visibility rules for upstream. If these cause visibility related breakage, see notes in //BUILD.

Minor Behavior Changes
----------------------
*Changes that may cause incompatibilities for some users, but should not for most*
Expand Down
6 changes: 4 additions & 2 deletions source/extensions/access_loggers/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

licenses(["notice"]) # Apache 2

envoy_package()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can define a envoy_extension_package with stricter default_visibility, use that instead of envoy_package in extensions. That limit visibility beyond cc_library.


envoy_cc_library(
envoy_cc_extension_library(
name = "well_known_names",
hdrs = ["well_known_names.h"],
# well known names files are public as long as they exist.
visibility = ["//visibility:public"],
deps = [
"//source/common/singleton:const_singleton",
],
Expand Down
4 changes: 2 additions & 2 deletions source/extensions/access_loggers/common/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

Expand All @@ -10,7 +10,7 @@ licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "access_log_base",
srcs = ["access_log_base.cc"],
hdrs = ["access_log_base.h"],
Expand Down
10 changes: 8 additions & 2 deletions source/extensions/access_loggers/file/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_extension",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

Expand All @@ -12,10 +12,12 @@ licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "file_access_log_lib",
srcs = ["file_access_log_impl.cc"],
hdrs = ["file_access_log_impl.h"],
# The file based access logger is core code.
visibility = ["//visibility:public"],
deps = [
"//source/extensions/access_loggers/common:access_log_base",
],
Expand All @@ -25,6 +27,10 @@ envoy_cc_extension(
name = "config",
srcs = ["config.cc"],
hdrs = ["config.h"],
# TODO(#9953) determine if this is core or should be cleaned up.
extra_visibility = [
"//test:__subpackages__",
],
security_posture = "robust_to_untrusted_downstream",
deps = [
":file_access_log_lib",
Expand Down
24 changes: 17 additions & 7 deletions source/extensions/access_loggers/grpc/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_extension",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

Expand All @@ -12,7 +12,7 @@ licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "config_utils",
srcs = ["config_utils.cc"],
hdrs = ["config_utils.h"],
Expand All @@ -24,7 +24,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "grpc_access_log_lib",
srcs = ["grpc_access_log_impl.cc"],
hdrs = ["grpc_access_log_impl.h"],
Expand All @@ -44,7 +44,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "grpc_access_log_utils",
srcs = ["grpc_access_log_utils.cc"],
hdrs = ["grpc_access_log_utils.h"],
Expand All @@ -58,7 +58,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "http_grpc_access_log_lib",
srcs = ["http_grpc_access_log_impl.cc"],
hdrs = ["http_grpc_access_log_impl.h"],
Expand All @@ -71,7 +71,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "tcp_grpc_access_log_lib",
srcs = ["tcp_grpc_access_log_impl.cc"],
hdrs = ["tcp_grpc_access_log_impl.h"],
Expand All @@ -83,7 +83,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "grpc_access_log_proto_descriptors_lib",
srcs = ["grpc_access_log_proto_descriptors.cc"],
hdrs = ["grpc_access_log_proto_descriptors.h"],
Expand All @@ -97,6 +97,11 @@ envoy_cc_extension(
name = "http_config",
srcs = ["http_config.cc"],
hdrs = ["http_config.h"],
# TODO(#9953) clean up.
extra_visibility = [
"//test/common/access_log:__subpackages__",
"//test/integration:__subpackages__",
],
security_posture = "robust_to_untrusted_downstream",
deps = [
":config_utils",
Expand All @@ -114,6 +119,11 @@ envoy_cc_extension(
name = "tcp_config",
srcs = ["tcp_config.cc"],
hdrs = ["tcp_config.h"],
# TODO(#9953) clean up.
extra_visibility = [
"//test/integration:__subpackages__",
"//test/common/access_log:__subpackages__",
],
security_posture = "robust_to_untrusted_downstream",
deps = [
":config_utils",
Expand Down
6 changes: 4 additions & 2 deletions source/extensions/clusters/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "well_known_names",
hdrs = ["well_known_names.h"],
# well known names files are public as long as they exist.
visibility = ["//visibility:public"],
deps = [
"//source/common/config:well_known_names",
"//source/common/singleton:const_singleton",
Expand Down
6 changes: 3 additions & 3 deletions source/extensions/clusters/redis/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_extension",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "crc16_lib",
srcs = [
"crc16.cc",
"crc16.h",
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "redis_cluster_lb",
srcs = [
"redis_cluster_lb.cc",
Expand Down
6 changes: 4 additions & 2 deletions source/extensions/common/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "utility_lib",
hdrs = ["utility.h"],
# Legacy. TODO(#9953) clean up.
visibility = ["//visibility:public"],
deps = [
"//include/envoy/runtime:runtime_interface",
"//source/common/common:documentation_url_lib",
Expand Down
16 changes: 8 additions & 8 deletions source/extensions/common/aws/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,22 @@
load(
"//bazel:envoy_build_system.bzl",
"envoy_cc_library",
"envoy_cc_extension_library",
"envoy_package",
)

licenses(["notice"]) # Apache 2

envoy_package()

envoy_cc_library(
envoy_cc_extension_library(
name = "signer_interface",
hdrs = ["signer.h"],
deps = [
"//include/envoy/http:message_interface",
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "signer_impl_lib",
srcs = ["signer_impl.cc"],
hdrs = ["signer_impl.h"],
Expand All @@ -35,13 +35,13 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "credentials_provider_interface",
hdrs = ["credentials_provider.h"],
external_deps = ["abseil_optional"],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "credentials_provider_impl_lib",
srcs = ["credentials_provider_impl.cc"],
hdrs = ["credentials_provider_impl.h"],
Expand All @@ -56,7 +56,7 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "utility_lib",
srcs = ["utility.cc"],
hdrs = ["utility.h"],
Expand All @@ -67,13 +67,13 @@ envoy_cc_library(
],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "region_provider_interface",
hdrs = ["region_provider.h"],
external_deps = ["abseil_optional"],
)

envoy_cc_library(
envoy_cc_extension_library(
name = "region_provider_impl_lib",
srcs = ["region_provider_impl.cc"],
hdrs = ["region_provider_impl.h"],
Expand Down
Loading