From 03dea180ad594eed4c3c62fcb6d53493358bd857 Mon Sep 17 00:00:00 2001 From: Kyle Havlovitz Date: Thu, 19 May 2022 10:06:13 -0700 Subject: [PATCH 1/3] Add connection limit setting to service defaults --- agent/structs/config_entry.go | 21 +-- agent/xds/clusters.go | 9 ++ agent/xds/clusters_test.go | 8 + agent/xds/config.go | 4 + agent/xds/listeners.go | 28 +++- agent/xds/listeners_test.go | 8 + ...stom-max-inbound-connections.latest.golden | 152 ++++++++++++++++++ ...ener-max-inbound-connections.latest.golden | 126 +++++++++++++++ agent/xds/z_xds_packages.go | 126 +++++---------- .../scripts/envoy-library-references.sh | 2 +- go.mod | 8 +- go.sum | 16 +- 12 files changed, 399 insertions(+), 109 deletions(-) create mode 100644 agent/xds/testdata/clusters/custom-max-inbound-connections.latest.golden create mode 100644 agent/xds/testdata/listeners/listener-max-inbound-connections.latest.golden diff --git a/agent/structs/config_entry.go b/agent/structs/config_entry.go index fd7bf66ec..d8953205e 100644 --- a/agent/structs/config_entry.go +++ b/agent/structs/config_entry.go @@ -96,16 +96,17 @@ type WarningConfigEntry interface { // ServiceConfiguration is the top-level struct for the configuration of a service // across the entire cluster. type ServiceConfigEntry struct { - Kind string - Name string - Protocol string - Mode ProxyMode `json:",omitempty"` - TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"` - MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"` - Expose ExposeConfig `json:",omitempty"` - ExternalSNI string `json:",omitempty" alias:"external_sni"` - UpstreamConfig *UpstreamConfiguration `json:",omitempty" alias:"upstream_config"` - Endpoint *EndpointConfig `json:",omitempty"` + Kind string + Name string + Protocol string + Mode ProxyMode `json:",omitempty"` + TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"` + MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"` + Expose ExposeConfig `json:",omitempty"` + ExternalSNI string `json:",omitempty" alias:"external_sni"` + UpstreamConfig *UpstreamConfiguration `json:",omitempty" alias:"upstream_config"` + Endpoint *EndpointConfig `json:",omitempty"` + MaxInboundConnections int `json:",omitempty" alias:"max_inbound_connections"` Meta map[string]string `json:",omitempty"` acl.EnterpriseMeta `hcl:",squash" mapstructure:",squash"` diff --git a/agent/xds/clusters.go b/agent/xds/clusters.go index bbbad4a8b..e2df471da 100644 --- a/agent/xds/clusters.go +++ b/agent/xds/clusters.go @@ -508,6 +508,15 @@ func (s *ResourceGenerator) makeAppCluster(cfgSnap *proxycfg.ConfigSnapshot, nam return c, err } } + if cfg.MaxInboundConnections > 0 { + c.CircuitBreakers = &envoy_cluster_v3.CircuitBreakers{ + Thresholds: []*envoy_cluster_v3.CircuitBreakers_Thresholds{ + { + MaxConnections: makeUint32Value(cfg.MaxInboundConnections), + }, + }, + } + } return c, err } diff --git a/agent/xds/clusters_test.go b/agent/xds/clusters_test.go index 9474a38ff..4c04f4e0e 100644 --- a/agent/xds/clusters_test.go +++ b/agent/xds/clusters_test.go @@ -172,6 +172,14 @@ func TestClustersFromSnapshot(t *testing.T) { }, nil) }, }, + { + name: "custom-max-inbound-connections", + create: func(t testinf.T) *proxycfg.ConfigSnapshot { + return proxycfg.TestConfigSnapshot(t, func(ns *structs.NodeService) { + ns.Proxy.Config["max_inbound_connections"] = 3456 + }, nil) + }, + }, { name: "custom-limits-max-connections-only", create: func(t testinf.T) *proxycfg.ConfigSnapshot { diff --git a/agent/xds/config.go b/agent/xds/config.go index 020cefeb5..004b94a65 100644 --- a/agent/xds/config.go +++ b/agent/xds/config.go @@ -58,6 +58,10 @@ type ProxyConfig struct { // enable proxies in network namespaces to bind to a different port // than the host port being advertised. BindPort int `mapstructure:"bind_port"` + + // MaxInboundConnections is the maximum number of inbound connections to + // the proxy. If not set, the default is 0 (no limit). + MaxInboundConnections int `mapstructure:"max_inbound_connections"` } // ParseProxyConfig returns the ProxyConfig parsed from the an opaque map. If an diff --git a/agent/xds/listeners.go b/agent/xds/listeners.go index 672d667ad..c462466d0 100644 --- a/agent/xds/listeners.go +++ b/agent/xds/listeners.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/connect/ca" "github.com/hashicorp/consul/types" + "google.golang.org/protobuf/types/known/wrapperspb" envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" @@ -23,6 +24,8 @@ import ( envoy_http_router_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3" envoy_original_dst_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/original_dst/v3" envoy_tls_inspector_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/tls_inspector/v3" + + envoy_connection_limit_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/connection_limit/v3" envoy_http_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" envoy_sni_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/sni_cluster/v3" envoy_tcp_proxy_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/tcp_proxy/v3" @@ -818,7 +821,7 @@ func (s *ResourceGenerator) makeInboundListener(cfgSnap *proxycfg.ConfigSnapshot } } - err := s.finalizePublicListenerFromConfig(l, cfgSnap, useHTTPFilter) + err := s.finalizePublicListenerFromConfig(l, cfgSnap, cfg, useHTTPFilter) if err != nil { return nil, fmt.Errorf("failed to attach Consul filters and TLS context to custom public listener: %v", err) } @@ -876,7 +879,7 @@ func (s *ResourceGenerator) makeInboundListener(cfgSnap *proxycfg.ConfigSnapshot }, } - err = s.finalizePublicListenerFromConfig(l, cfgSnap, useHTTPFilter) + err = s.finalizePublicListenerFromConfig(l, cfgSnap, cfg, useHTTPFilter) if err != nil { return nil, fmt.Errorf("failed to attach Consul filters and TLS context to custom public listener: %v", err) } @@ -886,7 +889,7 @@ func (s *ResourceGenerator) makeInboundListener(cfgSnap *proxycfg.ConfigSnapshot // finalizePublicListenerFromConfig is used for best-effort injection of Consul filter-chains onto listeners. // This include L4 authorization filters and TLS context. -func (s *ResourceGenerator) finalizePublicListenerFromConfig(l *envoy_listener_v3.Listener, cfgSnap *proxycfg.ConfigSnapshot, useHTTPFilter bool) error { +func (s *ResourceGenerator) finalizePublicListenerFromConfig(l *envoy_listener_v3.Listener, cfgSnap *proxycfg.ConfigSnapshot, proxyCfg ProxyConfig, useHTTPFilter bool) error { if !useHTTPFilter { // Best-effort injection of L4 intentions if err := s.injectConnectFilters(cfgSnap, l); err != nil { @@ -898,6 +901,18 @@ func (s *ResourceGenerator) finalizePublicListenerFromConfig(l *envoy_listener_v if err := s.injectConnectTLSOnFilterChains(cfgSnap, l); err != nil { return nil } + + // If an inbound connect limit is set, inject a connection limit filter on each chain. + if proxyCfg.MaxInboundConnections > 0 { + filter, err := makeConnectionLimitFilter(proxyCfg.MaxInboundConnections) + if err != nil { + return nil + } + for idx := range l.FilterChains { + l.FilterChains[idx].Filters = append(l.FilterChains[idx].Filters, filter) + } + } + return nil } @@ -1428,6 +1443,13 @@ func makeTCPProxyFilter(filterName, cluster, statPrefix string) (*envoy_listener return makeFilter("envoy.filters.network.tcp_proxy", cfg) } +func makeConnectionLimitFilter(limit int) (*envoy_listener_v3.Filter, error) { + cfg := &envoy_connection_limit_v3.ConnectionLimit{ + MaxConnections: wrapperspb.UInt64(uint64(limit)), + } + return makeFilter("envoy.filters.network.connection_limit", cfg) +} + func makeStatPrefix(prefix, filterName string) string { // Replace colons here because Envoy does that in the metrics for the actual // clusters but doesn't in the stat prefix here while dashboards assume they diff --git a/agent/xds/listeners_test.go b/agent/xds/listeners_test.go index 295ae6d4b..6f556e3f1 100644 --- a/agent/xds/listeners_test.go +++ b/agent/xds/listeners_test.go @@ -157,6 +157,14 @@ func TestListenersFromSnapshot(t *testing.T) { }, nil) }, }, + { + name: "listener-max-inbound-connections", + create: func(t testinf.T) *proxycfg.ConfigSnapshot { + return proxycfg.TestConfigSnapshot(t, func(ns *structs.NodeService) { + ns.Proxy.Config["max_inbound_connections"] = 222 + }, nil) + }, + }, { name: "http-public-listener", create: func(t testinf.T) *proxycfg.ConfigSnapshot { diff --git a/agent/xds/testdata/clusters/custom-max-inbound-connections.latest.golden b/agent/xds/testdata/clusters/custom-max-inbound-connections.latest.golden new file mode 100644 index 000000000..2306689c7 --- /dev/null +++ b/agent/xds/testdata/clusters/custom-max-inbound-connections.latest.golden @@ -0,0 +1,152 @@ +{ + "versionInfo": "00000001", + "resources": [ + { + "@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster", + "name": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul", + "altStatName": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul", + "type": "EDS", + "edsClusterConfig": { + "edsConfig": { + "ads": { + + }, + "resourceApiVersion": "V3" + } + }, + "connectTimeout": "5s", + "circuitBreakers": { + + }, + "outlierDetection": { + + }, + "commonLbConfig": { + "healthyPanicThreshold": { + + } + }, + "transportSocket": { + "name": "tls", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext", + "commonTlsContext": { + "tlsParams": { + + }, + "tlsCertificates": [ + { + "certificateChain": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICjDCCAjKgAwIBAgIIC5llxGV1gB8wCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowDjEMMAoG\nA1UEAxMDd2ViMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEADPv1RHVNRfa2VKR\nAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Favq5E0ivpNtv1QnFhxtPd7d5k4e+T7\nSkW1TaOCAXIwggFuMA4GA1UdDwEB/wQEAwIDuDAdBgNVHSUEFjAUBggrBgEFBQcD\nAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADBoBgNVHQ4EYQRfN2Q6MDc6ODc6M2E6\nNDA6MTk6NDc6YzM6NWE6YzA6YmE6NjI6ZGY6YWY6NGI6ZDQ6MDU6MjU6NzY6M2Q6\nNWE6OGQ6MTY6OGQ6Njc6NWU6MmU6YTA6MzQ6N2Q6ZGM6ZmYwagYDVR0jBGMwYYBf\nZDE6MTE6MTE6YWM6MmE6YmE6OTc6YjI6M2Y6YWM6N2I6YmQ6ZGE6YmU6YjE6OGE6\nZmM6OWE6YmE6YjU6YmM6ODM6ZTc6NWU6NDE6NmY6ZjI6NzM6OTU6NTg6MGM6ZGIw\nWQYDVR0RBFIwUIZOc3BpZmZlOi8vMTExMTExMTEtMjIyMi0zMzMzLTQ0NDQtNTU1\nNTU1NTU1NTU1LmNvbnN1bC9ucy9kZWZhdWx0L2RjL2RjMS9zdmMvd2ViMAoGCCqG\nSM49BAMCA0gAMEUCIGC3TTvvjj76KMrguVyFf4tjOqaSCRie3nmHMRNNRav7AiEA\npY0heYeK9A6iOLrzqxSerkXXQyj5e9bE4VgUnxgPU6g=\n-----END CERTIFICATE-----\n" + }, + "privateKey": { + "inlineString": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIMoTkpRggp3fqZzFKh82yS4LjtJI+XY+qX/7DefHFrtdoAoGCCqGSM49\nAwEHoUQDQgAEADPv1RHVNRfa2VKRAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Fav\nq5E0ivpNtv1QnFhxtPd7d5k4e+T7SkW1TQ==\n-----END EC PRIVATE KEY-----\n" + } + } + ], + "validationContext": { + "trustedCa": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICXDCCAgKgAwIBAgIICpZq70Z9LyUwCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowFDESMBAG\nA1UEAxMJVGVzdCBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIhywH1gx\nAsMwuF3ukAI5YL2jFxH6Usnma1HFSfVyxbXX1/uoZEYrj8yCAtdU2yoHETyd+Zx2\nThhRLP79pYegCaOCATwwggE4MA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD\nAQH/MGgGA1UdDgRhBF9kMToxMToxMTphYzoyYTpiYTo5NzpiMjozZjphYzo3Yjpi\nZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1ZTo0MTo2ZjpmMjo3\nMzo5NTo1ODowYzpkYjBqBgNVHSMEYzBhgF9kMToxMToxMTphYzoyYTpiYTo5Nzpi\nMjozZjphYzo3YjpiZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1\nZTo0MTo2ZjpmMjo3Mzo5NTo1ODowYzpkYjA/BgNVHREEODA2hjRzcGlmZmU6Ly8x\nMTExMTExMS0yMjIyLTMzMzMtNDQ0NC01NTU1NTU1NTU1NTUuY29uc3VsMAoGCCqG\nSM49BAMCA0gAMEUCICOY0i246rQHJt8o8Oya0D5PLL1FnmsQmQqIGCi31RwnAiEA\noR5f6Ku+cig2Il8T8LJujOp2/2A72QcHZA57B13y+8o=\n-----END CERTIFICATE-----\n" + }, + "matchSubjectAltNames": [ + { + "exact": "spiffe://11111111-2222-3333-4444-555555555555.consul/ns/default/dc/dc1/svc/db" + } + ] + } + }, + "sni": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul" + } + } + }, + { + "@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster", + "name": "geo-cache.default.dc1.query.11111111-2222-3333-4444-555555555555.consul", + "type": "EDS", + "edsClusterConfig": { + "edsConfig": { + "ads": { + + }, + "resourceApiVersion": "V3" + } + }, + "connectTimeout": "5s", + "circuitBreakers": { + + }, + "outlierDetection": { + + }, + "transportSocket": { + "name": "tls", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext", + "commonTlsContext": { + "tlsParams": { + + }, + "tlsCertificates": [ + { + "certificateChain": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICjDCCAjKgAwIBAgIIC5llxGV1gB8wCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowDjEMMAoG\nA1UEAxMDd2ViMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEADPv1RHVNRfa2VKR\nAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Favq5E0ivpNtv1QnFhxtPd7d5k4e+T7\nSkW1TaOCAXIwggFuMA4GA1UdDwEB/wQEAwIDuDAdBgNVHSUEFjAUBggrBgEFBQcD\nAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADBoBgNVHQ4EYQRfN2Q6MDc6ODc6M2E6\nNDA6MTk6NDc6YzM6NWE6YzA6YmE6NjI6ZGY6YWY6NGI6ZDQ6MDU6MjU6NzY6M2Q6\nNWE6OGQ6MTY6OGQ6Njc6NWU6MmU6YTA6MzQ6N2Q6ZGM6ZmYwagYDVR0jBGMwYYBf\nZDE6MTE6MTE6YWM6MmE6YmE6OTc6YjI6M2Y6YWM6N2I6YmQ6ZGE6YmU6YjE6OGE6\nZmM6OWE6YmE6YjU6YmM6ODM6ZTc6NWU6NDE6NmY6ZjI6NzM6OTU6NTg6MGM6ZGIw\nWQYDVR0RBFIwUIZOc3BpZmZlOi8vMTExMTExMTEtMjIyMi0zMzMzLTQ0NDQtNTU1\nNTU1NTU1NTU1LmNvbnN1bC9ucy9kZWZhdWx0L2RjL2RjMS9zdmMvd2ViMAoGCCqG\nSM49BAMCA0gAMEUCIGC3TTvvjj76KMrguVyFf4tjOqaSCRie3nmHMRNNRav7AiEA\npY0heYeK9A6iOLrzqxSerkXXQyj5e9bE4VgUnxgPU6g=\n-----END CERTIFICATE-----\n" + }, + "privateKey": { + "inlineString": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIMoTkpRggp3fqZzFKh82yS4LjtJI+XY+qX/7DefHFrtdoAoGCCqGSM49\nAwEHoUQDQgAEADPv1RHVNRfa2VKRAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Fav\nq5E0ivpNtv1QnFhxtPd7d5k4e+T7SkW1TQ==\n-----END EC PRIVATE KEY-----\n" + } + } + ], + "validationContext": { + "trustedCa": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICXDCCAgKgAwIBAgIICpZq70Z9LyUwCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowFDESMBAG\nA1UEAxMJVGVzdCBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIhywH1gx\nAsMwuF3ukAI5YL2jFxH6Usnma1HFSfVyxbXX1/uoZEYrj8yCAtdU2yoHETyd+Zx2\nThhRLP79pYegCaOCATwwggE4MA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD\nAQH/MGgGA1UdDgRhBF9kMToxMToxMTphYzoyYTpiYTo5NzpiMjozZjphYzo3Yjpi\nZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1ZTo0MTo2ZjpmMjo3\nMzo5NTo1ODowYzpkYjBqBgNVHSMEYzBhgF9kMToxMToxMTphYzoyYTpiYTo5Nzpi\nMjozZjphYzo3YjpiZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1\nZTo0MTo2ZjpmMjo3Mzo5NTo1ODowYzpkYjA/BgNVHREEODA2hjRzcGlmZmU6Ly8x\nMTExMTExMS0yMjIyLTMzMzMtNDQ0NC01NTU1NTU1NTU1NTUuY29uc3VsMAoGCCqG\nSM49BAMCA0gAMEUCICOY0i246rQHJt8o8Oya0D5PLL1FnmsQmQqIGCi31RwnAiEA\noR5f6Ku+cig2Il8T8LJujOp2/2A72QcHZA57B13y+8o=\n-----END CERTIFICATE-----\n" + }, + "matchSubjectAltNames": [ + { + "exact": "spiffe://11111111-2222-3333-4444-555555555555.consul/ns/default/dc/dc1/svc/geo-cache-target" + }, + { + "exact": "spiffe://11111111-2222-3333-4444-555555555555.consul/ns/default/dc/dc2/svc/geo-cache-target" + } + ] + } + }, + "sni": "geo-cache.default.dc1.query.11111111-2222-3333-4444-555555555555.consul" + } + } + }, + { + "@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster", + "name": "local_app", + "type": "STATIC", + "connectTimeout": "5s", + "loadAssignment": { + "clusterName": "local_app", + "endpoints": [ + { + "lbEndpoints": [ + { + "endpoint": { + "address": { + "socketAddress": { + "address": "127.0.0.1", + "portValue": 8080 + } + } + } + } + ] + } + ] + }, + "circuitBreakers": { + "thresholds": [ + { + "maxConnections": 3456 + } + ] + } + } + ], + "typeUrl": "type.googleapis.com/envoy.config.cluster.v3.Cluster", + "nonce": "00000001" +} \ No newline at end of file diff --git a/agent/xds/testdata/listeners/listener-max-inbound-connections.latest.golden b/agent/xds/testdata/listeners/listener-max-inbound-connections.latest.golden new file mode 100644 index 000000000..be3b83433 --- /dev/null +++ b/agent/xds/testdata/listeners/listener-max-inbound-connections.latest.golden @@ -0,0 +1,126 @@ +{ + "versionInfo": "00000001", + "resources": [ + { + "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", + "name": "db:127.0.0.1:9191", + "address": { + "socketAddress": { + "address": "127.0.0.1", + "portValue": 9191 + } + }, + "filterChains": [ + { + "filters": [ + { + "name": "envoy.filters.network.tcp_proxy", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy", + "statPrefix": "upstream.db.default.default.dc1", + "cluster": "db.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul" + } + } + ] + } + ], + "trafficDirection": "OUTBOUND" + }, + { + "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", + "name": "prepared_query:geo-cache:127.10.10.10:8181", + "address": { + "socketAddress": { + "address": "127.10.10.10", + "portValue": 8181 + } + }, + "filterChains": [ + { + "filters": [ + { + "name": "envoy.filters.network.tcp_proxy", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy", + "statPrefix": "upstream.prepared_query_geo-cache", + "cluster": "geo-cache.default.dc1.query.11111111-2222-3333-4444-555555555555.consul" + } + } + ] + } + ], + "trafficDirection": "OUTBOUND" + }, + { + "@type": "type.googleapis.com/envoy.config.listener.v3.Listener", + "name": "public_listener:0.0.0.0:9999", + "address": { + "socketAddress": { + "address": "0.0.0.0", + "portValue": 9999 + } + }, + "filterChains": [ + { + "filters": [ + { + "name": "envoy.filters.network.rbac", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.rbac.v3.RBAC", + "rules": { + + }, + "statPrefix": "connect_authz" + } + }, + { + "name": "envoy.filters.network.tcp_proxy", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy", + "statPrefix": "public_listener", + "cluster": "local_app" + } + }, + { + "name": "envoy.filters.network.connection_limit", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.connection_limit.v3.ConnectionLimit", + "maxConnections": "222" + } + } + ], + "transportSocket": { + "name": "tls", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext", + "commonTlsContext": { + "tlsParams": { + + }, + "tlsCertificates": [ + { + "certificateChain": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICjDCCAjKgAwIBAgIIC5llxGV1gB8wCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowDjEMMAoG\nA1UEAxMDd2ViMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEADPv1RHVNRfa2VKR\nAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Favq5E0ivpNtv1QnFhxtPd7d5k4e+T7\nSkW1TaOCAXIwggFuMA4GA1UdDwEB/wQEAwIDuDAdBgNVHSUEFjAUBggrBgEFBQcD\nAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADBoBgNVHQ4EYQRfN2Q6MDc6ODc6M2E6\nNDA6MTk6NDc6YzM6NWE6YzA6YmE6NjI6ZGY6YWY6NGI6ZDQ6MDU6MjU6NzY6M2Q6\nNWE6OGQ6MTY6OGQ6Njc6NWU6MmU6YTA6MzQ6N2Q6ZGM6ZmYwagYDVR0jBGMwYYBf\nZDE6MTE6MTE6YWM6MmE6YmE6OTc6YjI6M2Y6YWM6N2I6YmQ6ZGE6YmU6YjE6OGE6\nZmM6OWE6YmE6YjU6YmM6ODM6ZTc6NWU6NDE6NmY6ZjI6NzM6OTU6NTg6MGM6ZGIw\nWQYDVR0RBFIwUIZOc3BpZmZlOi8vMTExMTExMTEtMjIyMi0zMzMzLTQ0NDQtNTU1\nNTU1NTU1NTU1LmNvbnN1bC9ucy9kZWZhdWx0L2RjL2RjMS9zdmMvd2ViMAoGCCqG\nSM49BAMCA0gAMEUCIGC3TTvvjj76KMrguVyFf4tjOqaSCRie3nmHMRNNRav7AiEA\npY0heYeK9A6iOLrzqxSerkXXQyj5e9bE4VgUnxgPU6g=\n-----END CERTIFICATE-----\n" + }, + "privateKey": { + "inlineString": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIMoTkpRggp3fqZzFKh82yS4LjtJI+XY+qX/7DefHFrtdoAoGCCqGSM49\nAwEHoUQDQgAEADPv1RHVNRfa2VKRAB16b6rZnEt7tuhaxCFpQXPj7M2omb0B9Fav\nq5E0ivpNtv1QnFhxtPd7d5k4e+T7SkW1TQ==\n-----END EC PRIVATE KEY-----\n" + } + } + ], + "validationContext": { + "trustedCa": { + "inlineString": "-----BEGIN CERTIFICATE-----\nMIICXDCCAgKgAwIBAgIICpZq70Z9LyUwCgYIKoZIzj0EAwIwFDESMBAGA1UEAxMJ\nVGVzdCBDQSAyMB4XDTE5MDMyMjEzNTgyNloXDTI5MDMyMjEzNTgyNlowFDESMBAG\nA1UEAxMJVGVzdCBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIhywH1gx\nAsMwuF3ukAI5YL2jFxH6Usnma1HFSfVyxbXX1/uoZEYrj8yCAtdU2yoHETyd+Zx2\nThhRLP79pYegCaOCATwwggE4MA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD\nAQH/MGgGA1UdDgRhBF9kMToxMToxMTphYzoyYTpiYTo5NzpiMjozZjphYzo3Yjpi\nZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1ZTo0MTo2ZjpmMjo3\nMzo5NTo1ODowYzpkYjBqBgNVHSMEYzBhgF9kMToxMToxMTphYzoyYTpiYTo5Nzpi\nMjozZjphYzo3YjpiZDpkYTpiZTpiMTo4YTpmYzo5YTpiYTpiNTpiYzo4MzplNzo1\nZTo0MTo2ZjpmMjo3Mzo5NTo1ODowYzpkYjA/BgNVHREEODA2hjRzcGlmZmU6Ly8x\nMTExMTExMS0yMjIyLTMzMzMtNDQ0NC01NTU1NTU1NTU1NTUuY29uc3VsMAoGCCqG\nSM49BAMCA0gAMEUCICOY0i246rQHJt8o8Oya0D5PLL1FnmsQmQqIGCi31RwnAiEA\noR5f6Ku+cig2Il8T8LJujOp2/2A72QcHZA57B13y+8o=\n-----END CERTIFICATE-----\n" + } + } + }, + "requireClientCertificate": true + } + } + } + ], + "trafficDirection": "INBOUND" + } + ], + "typeUrl": "type.googleapis.com/envoy.config.listener.v3.Listener", + "nonce": "00000001" +} \ No newline at end of file diff --git a/agent/xds/z_xds_packages.go b/agent/xds/z_xds_packages.go index 4528e3ae2..f2ca8ed13 100644 --- a/agent/xds/z_xds_packages.go +++ b/agent/xds/z_xds_packages.go @@ -3,9 +3,19 @@ package xds import ( + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/http/squash/v3" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/http/sxg/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/kafka_broker/v3" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/kafka_mesh/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/mysql_proxy/v3" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/postgres_proxy/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/rocketmq_proxy/v3" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/sip_proxy/router/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/filters/network/sip_proxy/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/private_key_providers/cryptomb/v3alpha" + _ "github.com/envoyproxy/go-control-plane/contrib/envoy/extensions/vcl/v3alpha" _ "github.com/envoyproxy/go-control-plane/envoy/admin/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/admin/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/admin/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/annotations" _ "github.com/envoyproxy/go-control-plane/envoy/api/v2" _ "github.com/envoyproxy/go-control-plane/envoy/api/v2/auth" @@ -17,21 +27,17 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/api/v2/route" _ "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/cluster/aggregate/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/cluster/dynamic_forward_proxy/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/cluster/redis" _ "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/common/dynamic_forward_proxy/v2alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/config/common/key_value/v3" _ "github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/common/matcher/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/common/tap/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/core/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3" _ "github.com/envoyproxy/go-control-plane/envoy/config/filter/accesslog/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/filter/dubbo/router/v2alpha1" @@ -96,18 +102,14 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/config/health_checker/redis/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/listener/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/listener/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/metrics/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/metrics/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/overload/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/overload/v3" _ "github.com/envoyproxy/go-control-plane/envoy/config/ratelimit/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/ratelimit/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/ratelimit/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/resource_monitor/fixed_heap/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/resource_monitor/injected_resource/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/retry/omit_canary_hosts/v2" @@ -115,13 +117,10 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/config/retry/previous_hosts/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/retry/previous_priorities" _ "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/route/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/tap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/tap/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/trace/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/trace/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/trace/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/config/trace/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/transport_socket/alts/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/config/transport_socket/raw_buffer/v2" _ "github.com/envoyproxy/go-control-plane/envoy/config/transport_socket/tap/v2alpha" @@ -133,28 +132,21 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/data/core/v3" _ "github.com/envoyproxy/go-control-plane/envoy/data/dns/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/data/dns/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/data/dns/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/data/tap/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/data/tap/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/file/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/file/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/grpc/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/grpc/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/open_telemetry/v3alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/open_telemetry/v4alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/open_telemetry/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/stream/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/stream/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/wasm/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/cache/simple_http_cache/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/cache/simple_http_cache/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/aggregate/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/dynamic_forward_proxy/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/redis/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/dynamic_forward_proxy/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/matching/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/matching/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/ratelimit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/tap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/common/tap/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/compression/brotli/compressor/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/compression/brotli/decompressor/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/compression/gzip/compressor/v3" @@ -163,57 +155,45 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/fault/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/common/matcher/action/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/adaptive_concurrency/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/admission_control/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/admission_control/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/alternate_protocols_cache/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/aws_lambda/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/aws_request_signing/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/bandwidth_limit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/buffer/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cache/v3alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cache/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cdn_loop/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cache/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cdn_loop/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/composite/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/compressor/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/compressor/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cors/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/csrf/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/csrf/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/decompressor/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/dynamic_forward_proxy/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/dynamo/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_authz/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_authz/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_proc/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_proc/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/fault/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_http1_bridge/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_http1_reverse_bridge/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_json_transcoder/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_stats/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_web/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/gzip/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/gzip/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/header_to_metadata/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/header_to_metadata/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/health_check/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/health_check/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ip_tagging/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/jwt_authn/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/jwt_authn/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/kill_request/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/local_ratelimit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/lua/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/oauth2/v3alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/oauth2/v4alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/oauth2/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/on_demand/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/original_src/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ratelimit/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ratelimit/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/rbac/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/rbac/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/squash/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/set_metadata/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/tap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/tap/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/wasm/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/http_inspector/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/original_dst/v3" @@ -221,41 +201,31 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/proxy_protocol/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/tls_inspector/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/client_ssl_auth/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/connection_limit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/direct_response/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/dubbo_proxy/router/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/dubbo_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/dubbo_proxy/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/echo/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/ext_authz/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/ext_authz/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/kafka_broker/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/local_ratelimit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/mongo_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/mysql_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/postgres_proxy/v3alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/ratelimit/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/ratelimit/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rbac/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rbac/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/redis_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rocketmq_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/rocketmq_proxy/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/sni_cluster/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/sni_dynamic_forward_proxy/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/tcp_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/tcp_proxy/v4alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/filters/header_to_metadata/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/filters/ratelimit/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/router/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/thrift_proxy/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/wasm/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/zookeeper_proxy/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/udp/dns_filter/v3alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/udp/dns_filter/v4alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/udp/dns_filter/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/udp/udp_proxy/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/formatter/metadata/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/formatter/req_without_query/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/health_checkers/redis/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/http/header_formatters/preserve_case/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/http/original_ip_detection/custom_header/v3" @@ -263,10 +233,17 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/extensions/internal_redirect/allow_listed_routes/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/internal_redirect/previous_routes/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/internal_redirect/safe_cross_scheme/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/key_value/file_based/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/matching/common_inputs/environment_variable/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/matching/input_matchers/consistent_hashing/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/matching/input_matchers/ip/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/network/dns_resolver/apple/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/network/dns_resolver/cares/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/network/socket_interface/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/quic/crypto_stream/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/quic/proof_source/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/rate_limit_descriptors/expr/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/rbac/matchers/upstream_ip_port/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/request_id/uuid/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/resource_monitors/fixed_heap/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/resource_monitors/injected_resource/v3" @@ -274,60 +251,43 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/extensions/retry/host/omit_host_metadata/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/retry/host/previous_hosts/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/retry/priority/previous_priorities/v3" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/stat_sinks/graphite_statsd/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/stat_sinks/wasm/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/datadog/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/dynamic_ot/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/lightstep/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/opencensus/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/skywalking/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/xray/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/tracers/zipkin/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/alts/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/proxy_protocol/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/quic/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/quic/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/raw_buffer/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/s2a/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/s2a/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/starttls/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/starttls/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tap/v4alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tcp_stats/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/generic/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/http/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/tcp/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/tcp/generic/v3" _ "github.com/envoyproxy/go-control-plane/envoy/extensions/wasm/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/extensions/watchdog/profile_action/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/extensions/watchdog/profile_action/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/accesslog/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/accesslog/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/accesslog/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/auth/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/auth/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/auth/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/auth/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/cluster/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/endpoint/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/event_reporting/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/event_reporting/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/event_reporting/v4alpha" - _ "github.com/envoyproxy/go-control-plane/envoy/service/ext_proc/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/service/ext_proc/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/extension/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/health/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/health/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/listener/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/load_stats/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/metrics/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/metrics/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/metrics/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/ratelimit/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/ratelimit/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/route/v3" @@ -335,22 +295,18 @@ import ( _ "github.com/envoyproxy/go-control-plane/envoy/service/secret/v3" _ "github.com/envoyproxy/go-control-plane/envoy/service/status/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/status/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/status/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/tap/v2alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/tap/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/tap/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/service/trace/v2" _ "github.com/envoyproxy/go-control-plane/envoy/service/trace/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/service/trace/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/type" _ "github.com/envoyproxy/go-control-plane/envoy/type/http/v3" _ "github.com/envoyproxy/go-control-plane/envoy/type/matcher" _ "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v4alpha" _ "github.com/envoyproxy/go-control-plane/envoy/type/metadata/v2" _ "github.com/envoyproxy/go-control-plane/envoy/type/metadata/v3" _ "github.com/envoyproxy/go-control-plane/envoy/type/tracing/v2" _ "github.com/envoyproxy/go-control-plane/envoy/type/tracing/v3" _ "github.com/envoyproxy/go-control-plane/envoy/type/v3" - _ "github.com/envoyproxy/go-control-plane/envoy/watchdog/v3alpha" + _ "github.com/envoyproxy/go-control-plane/envoy/watchdog/v3" ) diff --git a/build-support/scripts/envoy-library-references.sh b/build-support/scripts/envoy-library-references.sh index 819f01e01..52f455053 100644 --- a/build-support/scripts/envoy-library-references.sh +++ b/build-support/scripts/envoy-library-references.sh @@ -41,7 +41,7 @@ cd _envoy_tmp git clone git@github.com:envoyproxy/go-control-plane cd go-control-plane -git co -b consul-temp "${LIBRARY_VERSION}" +git checkout -b consul-temp "${LIBRARY_VERSION}" IFS=$'\n' candidates=($(find . -name *.pb.go -a -type f | sed 's@/[^/]*\.pb\.go$@@' | sort -u)) diff --git a/go.mod b/go.mod index 92c10720a..9f4e69c00 100644 --- a/go.mod +++ b/go.mod @@ -18,9 +18,9 @@ require ( github.com/coreos/go-oidc v2.1.0+incompatible github.com/docker/go-connections v0.3.0 github.com/elazarl/go-bindata-assetfs v0.0.0-20160803192304-e1a2a7ec64b0 - github.com/envoyproxy/go-control-plane v0.9.9 + github.com/envoyproxy/go-control-plane v0.10.1 github.com/fsnotify/fsnotify v1.5.1 - github.com/golang/protobuf v1.4.3 + github.com/golang/protobuf v1.5.0 github.com/google/go-cmp v0.5.7 github.com/google/gofuzz v1.2.0 github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22 @@ -82,7 +82,7 @@ require ( golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e google.golang.org/genproto v0.0.0-20200623002339-fbb79eadd5eb google.golang.org/grpc v1.36.0 - google.golang.org/protobuf v1.25.0 + google.golang.org/protobuf v1.27.1 gopkg.in/square/go-jose.v2 v2.5.1 gotest.tools/v3 v3.0.3 k8s.io/api v0.18.2 @@ -113,7 +113,7 @@ require ( github.com/cespare/xxhash/v2 v2.1.1 // indirect github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible // indirect github.com/circonus-labs/circonusllhist v0.1.3 // indirect - github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed // indirect + github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/denverdino/aliyungo v0.0.0-20170926055100-d3308649c661 // indirect github.com/digitalocean/godo v1.10.0 // indirect diff --git a/go.sum b/go.sum index 963c84435..4d684567b 100644 --- a/go.sum +++ b/go.sum @@ -126,8 +126,8 @@ github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed h1:OZmjad4L3H8ncOIR8rnb5MREYqG8ixi5+WbeUsquF0c= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe h1:QJDJubh0OEcpeGjC7/8uF9tt4e39U/Ya1uyK+itnNPQ= +github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= github.com/coredns/coredns v1.1.2 h1:bAFHrSsBeTeRG5W3Nf2su3lUGw7Npw2UKeCJm/3A638= github.com/coredns/coredns v1.1.2/go.mod h1:zASH/MVDgR6XZTbxvOnsZfffS+31vg6Ackf/wo1+AM0= @@ -167,8 +167,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9 h1:vQLjymTobffN2R0F8eTqw6q7iozfRO5Z0m+/4Vw+/uA= -github.com/envoyproxy/go-control-plane v0.9.9/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.10.1 h1:cgDRLG7bs59Zd+apAWuzLQL95obVYAymNJek76W3mgw= +github.com/envoyproxy/go-control-plane v0.10.1/go.mod h1:AY7fTTXNdv/aJ2O5jwpxAPOWUZ7hQAEvzN5Pf27BkQQ= github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -238,8 +238,9 @@ github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:W github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0 h1:LUVKkCeviFUMKqHa4tXIIij/lbhnMbP7Fn5wKdKkRh4= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -252,6 +253,7 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= @@ -935,8 +937,10 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= -google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 749591ec98699ff2086aa6a2dd06a1aaf0054d00 Mon Sep 17 00:00:00 2001 From: Kyle Havlovitz Date: Tue, 24 May 2022 10:14:45 -0700 Subject: [PATCH 2/3] Specify go_package explicitly --- .changelog/13143.txt | 3 +++ agent/grpc/private/internal/testservice/simple.proto | 2 ++ proto-public/pbacl/acl.pb.go | 7 +------ proto-public/pbconnectca/ca.pb.go | 7 +------ proto-public/pbdataplane/dataplane.pb.go | 7 +------ proto-public/pbserverdiscovery/serverdiscovery.pb.go | 7 +------ proto/pbacl/acl.pb.go | 7 +------ proto/pbautoconf/auto_config.pb.go | 7 +------ proto/pbcommon/common.pb.go | 7 +------ proto/pbconfig/config.pb.go | 7 +------ proto/pbconnect/connect.pb.go | 7 +------ proto/pbpeering/peering.pb.go | 7 +------ proto/pbservice/healthcheck.pb.go | 7 +------ proto/pbservice/node.pb.go | 7 +------ proto/pbservice/service.pb.go | 7 +------ proto/pbstatus/status.pb.go | 7 +------ proto/pbsubscribe/subscribe.pb.go | 7 +------ 17 files changed, 20 insertions(+), 90 deletions(-) create mode 100644 .changelog/13143.txt diff --git a/.changelog/13143.txt b/.changelog/13143.txt new file mode 100644 index 000000000..4b0bf2388 --- /dev/null +++ b/.changelog/13143.txt @@ -0,0 +1,3 @@ +```release-note:improvement +connect: Added a `max_inbound_connections` setting to service-defaults for limiting the number of concurrent inbound connections to each service instance. +``` \ No newline at end of file diff --git a/agent/grpc/private/internal/testservice/simple.proto b/agent/grpc/private/internal/testservice/simple.proto index b3cc5b64a..31a53308f 100644 --- a/agent/grpc/private/internal/testservice/simple.proto +++ b/agent/grpc/private/internal/testservice/simple.proto @@ -2,6 +2,8 @@ syntax = "proto3"; package testservice; +option go_package = "github.com/hashicorp/consul/agent/grpc/private/internal/testservice"; + // Simple service is used to test gRPC plumbing. service Simple { rpc Something(Req) returns (Resp) {} diff --git a/proto-public/pbacl/acl.pb.go b/proto-public/pbacl/acl.pb.go index ec65a181c..24fbd31a0 100644 --- a/proto-public/pbacl/acl.pb.go +++ b/proto-public/pbacl/acl.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto-public/pbacl/acl.proto package pbacl import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -21,10 +20,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type LogoutResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/proto-public/pbconnectca/ca.pb.go b/proto-public/pbconnectca/ca.pb.go index c569cd173..b639d4a96 100644 --- a/proto-public/pbconnectca/ca.pb.go +++ b/proto-public/pbconnectca/ca.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto-public/pbconnectca/ca.proto package pbconnectca import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" timestamppb "google.golang.org/protobuf/types/known/timestamppb" @@ -22,10 +21,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type WatchRootsRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/proto-public/pbdataplane/dataplane.pb.go b/proto-public/pbdataplane/dataplane.pb.go index 8642778f5..4f9346b3f 100644 --- a/proto-public/pbdataplane/dataplane.pb.go +++ b/proto-public/pbdataplane/dataplane.pb.go @@ -2,14 +2,13 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto-public/pbdataplane/dataplane.proto package pbdataplane import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" structpb "google.golang.org/protobuf/types/known/structpb" @@ -24,10 +23,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type DataplaneFeatures int32 const ( diff --git a/proto-public/pbserverdiscovery/serverdiscovery.pb.go b/proto-public/pbserverdiscovery/serverdiscovery.pb.go index 3d969dc45..b9db1db2e 100644 --- a/proto-public/pbserverdiscovery/serverdiscovery.pb.go +++ b/proto-public/pbserverdiscovery/serverdiscovery.pb.go @@ -3,14 +3,13 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto-public/pbserverdiscovery/serverdiscovery.proto package pbserverdiscovery import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -24,10 +23,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type WatchServersRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/proto/pbacl/acl.pb.go b/proto/pbacl/acl.pb.go index 90c0a3189..435a298b0 100644 --- a/proto/pbacl/acl.pb.go +++ b/proto/pbacl/acl.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbacl/acl.proto package pbacl import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -21,10 +20,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type ACLLink struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/proto/pbautoconf/auto_config.pb.go b/proto/pbautoconf/auto_config.pb.go index 2bde181d9..41d2901e6 100644 --- a/proto/pbautoconf/auto_config.pb.go +++ b/proto/pbautoconf/auto_config.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbautoconf/auto_config.proto package pbautoconf import ( - proto "github.com/golang/protobuf/proto" pbconfig "github.com/hashicorp/consul/proto/pbconfig" pbconnect "github.com/hashicorp/consul/proto/pbconnect" protoreflect "google.golang.org/protobuf/reflect/protoreflect" @@ -23,10 +22,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // AutoConfigRequest is the data structure to be sent along with the // AutoConfig.InitialConfiguration RPC type AutoConfigRequest struct { diff --git a/proto/pbcommon/common.pb.go b/proto/pbcommon/common.pb.go index 0b06a2351..7ccab8739 100644 --- a/proto/pbcommon/common.pb.go +++ b/proto/pbcommon/common.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbcommon/common.proto package pbcommon import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" durationpb "google.golang.org/protobuf/types/known/durationpb" @@ -22,10 +21,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // RaftIndex is used to track the index used while creating // or modifying a given struct type. // diff --git a/proto/pbconfig/config.pb.go b/proto/pbconfig/config.pb.go index 23606097a..aea729fe3 100644 --- a/proto/pbconfig/config.pb.go +++ b/proto/pbconfig/config.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbconfig/config.proto package pbconfig import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" reflect "reflect" @@ -21,10 +20,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - type Config struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/proto/pbconnect/connect.pb.go b/proto/pbconnect/connect.pb.go index ebed2a558..78c9bb077 100644 --- a/proto/pbconnect/connect.pb.go +++ b/proto/pbconnect/connect.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbconnect/connect.proto package pbconnect import ( - proto "github.com/golang/protobuf/proto" pbcommon "github.com/hashicorp/consul/proto/pbcommon" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -23,10 +22,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // CARoots is the list of all currently trusted CA Roots. // // mog annotation: diff --git a/proto/pbpeering/peering.pb.go b/proto/pbpeering/peering.pb.go index 076559173..0259cc964 100644 --- a/proto/pbpeering/peering.pb.go +++ b/proto/pbpeering/peering.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbpeering/peering.proto package pbpeering import ( - proto "github.com/golang/protobuf/proto" pbstatus "github.com/hashicorp/consul/proto/pbstatus" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -23,10 +22,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // PeeringState enumerates all the states a peering can be in type PeeringState int32 diff --git a/proto/pbservice/healthcheck.pb.go b/proto/pbservice/healthcheck.pb.go index 3e14d425d..317f7f6db 100644 --- a/proto/pbservice/healthcheck.pb.go +++ b/proto/pbservice/healthcheck.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbservice/healthcheck.proto package pbservice import ( - proto "github.com/golang/protobuf/proto" pbcommon "github.com/hashicorp/consul/proto/pbcommon" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -23,10 +22,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // HealthCheck represents a single check on a given node // // mog annotation: diff --git a/proto/pbservice/node.pb.go b/proto/pbservice/node.pb.go index a946a8999..fee4534f8 100644 --- a/proto/pbservice/node.pb.go +++ b/proto/pbservice/node.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbservice/node.proto package pbservice import ( - proto "github.com/golang/protobuf/proto" pbcommon "github.com/hashicorp/consul/proto/pbcommon" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -22,10 +21,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // IndexedCheckServiceNodes is used to return multiple instances for a given service. type IndexedCheckServiceNodes struct { state protoimpl.MessageState diff --git a/proto/pbservice/service.pb.go b/proto/pbservice/service.pb.go index 0061db4b1..80d4b474e 100644 --- a/proto/pbservice/service.pb.go +++ b/proto/pbservice/service.pb.go @@ -1,13 +1,12 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbservice/service.proto package pbservice import ( - proto "github.com/golang/protobuf/proto" pbcommon "github.com/hashicorp/consul/proto/pbcommon" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -23,10 +22,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // ConnectProxyConfig describes the configuration needed for any proxy managed // or unmanaged. It describes a single logical service's listener and optionally // upstreams and sidecar-related config for a single instance. To describe a diff --git a/proto/pbstatus/status.pb.go b/proto/pbstatus/status.pb.go index 2a8df0f60..f97dbc773 100644 --- a/proto/pbstatus/status.pb.go +++ b/proto/pbstatus/status.pb.go @@ -14,14 +14,13 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbstatus/status.proto package pbstatus import ( - proto "github.com/golang/protobuf/proto" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" anypb "google.golang.org/protobuf/types/known/anypb" @@ -36,10 +35,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // The `Status` type defines a logical error model that is suitable for // different programming environments, including REST APIs and RPC APIs. It is // used by [gRPC](https://github.com/grpc). Each `Status` message contains diff --git a/proto/pbsubscribe/subscribe.pb.go b/proto/pbsubscribe/subscribe.pb.go index 3fcce5bb0..d7459ee9c 100644 --- a/proto/pbsubscribe/subscribe.pb.go +++ b/proto/pbsubscribe/subscribe.pb.go @@ -3,14 +3,13 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.23.0 +// protoc-gen-go v1.26.0-rc.1 // protoc (unknown) // source: proto/pbsubscribe/subscribe.proto package pbsubscribe import ( - proto "github.com/golang/protobuf/proto" pbservice "github.com/hashicorp/consul/proto/pbservice" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" @@ -25,10 +24,6 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) -// This is a compile-time assertion that a sufficiently up-to-date version -// of the legacy proto package is being used. -const _ = proto.ProtoPackageIsVersion4 - // Topic enumerates the supported event topics. type Topic int32 From f5f949d486398bc9892bcb0bee3d3a5dafece9c0 Mon Sep 17 00:00:00 2001 From: Kyle Havlovitz Date: Tue, 24 May 2022 18:44:54 -0700 Subject: [PATCH 3/3] Fix proto lint errors after version bump --- .golangci.yml | 9 +++++++++ agent/structs/structs.go | 15 ++++++--------- agent/xds/clusters.go | 20 ++++++++++---------- agent/xds/config.go | 4 ++-- agent/xds/listeners.go | 3 ++- agent/xds/routes.go | 8 ++++---- agent/xds/routes_test.go | 8 ++++---- agent/xds/xds_protocol_helpers_test.go | 13 +++++++------ 8 files changed, 44 insertions(+), 36 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index 40936a689..5dd923583 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -26,6 +26,15 @@ issues: - linters: [staticcheck] text: 'SA1019: Package github.com/golang/protobuf/proto is deprecated' + - linters: [staticcheck] + text: 'SA1019: ptypes.MarshalAny is deprecated' + + - linters: [staticcheck] + text: 'SA1019: ptypes.UnmarshalAny is deprecated' + + - linters: [staticcheck] + text: 'SA1019: package github.com/golang/protobuf/ptypes is deprecated' + # An argument that always receives the same value is often not a problem. - linters: [unparam] text: 'always receives' diff --git a/agent/structs/structs.go b/agent/structs/structs.go index 35d2f57a4..e1083ba7f 100644 --- a/agent/structs/structs.go +++ b/agent/structs/structs.go @@ -15,12 +15,13 @@ import ( "time" "github.com/golang/protobuf/proto" - "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/duration" "github.com/golang/protobuf/ptypes/timestamp" "github.com/hashicorp/go-multierror" "github.com/hashicorp/serf/coordinate" "github.com/mitchellh/hashstructure" + "google.golang.org/protobuf/types/known/durationpb" + "google.golang.org/protobuf/types/known/timestamppb" "github.com/hashicorp/consul-net-rpc/go-msgpack/codec" @@ -2815,23 +2816,19 @@ func (m MessageType) String() string { } func DurationToProto(d time.Duration) *duration.Duration { - return ptypes.DurationProto(d) + return durationpb.New(d) } func DurationFromProto(d *duration.Duration) time.Duration { - ret, _ := ptypes.Duration(d) - return ret - + return d.AsDuration() } func TimeFromProto(s *timestamp.Timestamp) time.Time { - ret, _ := ptypes.Timestamp(s) - return ret + return s.AsTime() } func TimeToProto(s time.Time) *timestamp.Timestamp { - ret, _ := ptypes.TimestampProto(s) - return ret + return timestamppb.New(s) } // IsZeroProtoTime returns true if the time is the minimum protobuf timestamp diff --git a/agent/xds/clusters.go b/agent/xds/clusters.go index e2df471da..d5044cb21 100644 --- a/agent/xds/clusters.go +++ b/agent/xds/clusters.go @@ -16,10 +16,10 @@ import ( "github.com/golang/protobuf/jsonpb" "github.com/golang/protobuf/proto" - "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/any" "github.com/golang/protobuf/ptypes/wrappers" "google.golang.org/protobuf/types/known/anypb" + "google.golang.org/protobuf/types/known/durationpb" "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/proxycfg" @@ -169,7 +169,7 @@ func makePassthroughClusters(cfgSnap *proxycfg.ConfigSnapshot) ([]proto.Message, Type: envoy_cluster_v3.Cluster_ORIGINAL_DST, }, LbPolicy: envoy_cluster_v3.Cluster_CLUSTER_PROVIDED, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), }) } @@ -196,11 +196,11 @@ func makePassthroughClusters(cfgSnap *proxycfg.ConfigSnapshot) ([]proto.Message, }, LbPolicy: envoy_cluster_v3.Cluster_CLUSTER_PROVIDED, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), } if discoTarget, ok := chain.Targets[targetID]; ok && discoTarget.ConnectTimeout > 0 { - c.ConnectTimeout = ptypes.DurationProto(discoTarget.ConnectTimeout) + c.ConnectTimeout = durationpb.New(discoTarget.ConnectTimeout) } spiffeID := connect.SpiffeIDService{ @@ -486,7 +486,7 @@ func (s *ResourceGenerator) makeAppCluster(cfgSnap *proxycfg.ConfigSnapshot, nam c = &envoy_cluster_v3.Cluster{ Name: name, - ConnectTimeout: ptypes.DurationProto(time.Duration(cfg.LocalConnectTimeoutMs) * time.Millisecond), + ConnectTimeout: durationpb.New(time.Duration(cfg.LocalConnectTimeoutMs) * time.Millisecond), ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{Type: envoy_cluster_v3.Cluster_STATIC}, LoadAssignment: &envoy_endpoint_v3.ClusterLoadAssignment{ ClusterName: name, @@ -550,7 +550,7 @@ func (s *ResourceGenerator) makeUpstreamClusterForPreparedQuery(upstream structs if c == nil { c = &envoy_cluster_v3.Cluster{ Name: sni, - ConnectTimeout: ptypes.DurationProto(time.Duration(cfg.ConnectTimeoutMs) * time.Millisecond), + ConnectTimeout: durationpb.New(time.Duration(cfg.ConnectTimeoutMs) * time.Millisecond), ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{Type: envoy_cluster_v3.Cluster_EDS}, EdsClusterConfig: &envoy_cluster_v3.Cluster_EdsClusterConfig{ EdsConfig: &envoy_core_v3.ConfigSource{ @@ -738,7 +738,7 @@ func (s *ResourceGenerator) makeUpstreamClustersForDiscoveryChain( c := &envoy_cluster_v3.Cluster{ Name: clusterName, AltStatName: clusterName, - ConnectTimeout: ptypes.DurationProto(node.Resolver.ConnectTimeout), + ConnectTimeout: durationpb.New(node.Resolver.ConnectTimeout), ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{Type: envoy_cluster_v3.Cluster_EDS}, CommonLbConfig: &envoy_cluster_v3.Cluster_CommonLbConfig{ HealthyPanicThreshold: &envoy_type_v3.Percent{ @@ -912,7 +912,7 @@ func (s *ResourceGenerator) makeGatewayCluster(snap *proxycfg.ConfigSnapshot, op cluster := &envoy_cluster_v3.Cluster{ Name: opts.name, - ConnectTimeout: ptypes.DurationProto(opts.connectTimeout), + ConnectTimeout: durationpb.New(opts.connectTimeout), // Having an empty config enables outlier detection with default config. OutlierDetection: &envoy_cluster_v3.OutlierDetection{}, @@ -940,7 +940,7 @@ func (s *ResourceGenerator) makeGatewayCluster(snap *proxycfg.ConfigSnapshot, op // When a service instance is addressed by a hostname we have Envoy do the DNS resolution // by setting a DNS cluster type and passing the hostname endpoints via CDS. rate := 10 * time.Second - cluster.DnsRefreshRate = ptypes.DurationProto(rate) + cluster.DnsRefreshRate = durationpb.New(rate) cluster.DnsLookupFamily = envoy_cluster_v3.Cluster_V4_ONLY discoveryType := envoy_cluster_v3.Cluster_Type{Type: envoy_cluster_v3.Cluster_LOGICAL_DNS} @@ -1099,7 +1099,7 @@ func (s *ResourceGenerator) setHttp2ProtocolOptions(c *envoy_cluster_v3.Cluster) }, }, } - any, err := ptypes.MarshalAny(cfg) + any, err := anypb.New(cfg) if err != nil { return err } diff --git a/agent/xds/config.go b/agent/xds/config.go index 004b94a65..2fdf9d115 100644 --- a/agent/xds/config.go +++ b/agent/xds/config.go @@ -4,8 +4,8 @@ import ( "strings" envoy_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3" + "google.golang.org/protobuf/types/known/durationpb" - "github.com/golang/protobuf/ptypes" "github.com/golang/protobuf/ptypes/wrappers" "github.com/mitchellh/mapstructure" @@ -163,7 +163,7 @@ func ToOutlierDetection(p *structs.PassiveHealthCheck) *envoy_cluster_v3.Outlier } if p.Interval != 0 { - od.Interval = ptypes.DurationProto(p.Interval) + od.Interval = durationpb.New(p.Interval) } if p.MaxFailures != 0 { od.Consecutive_5Xx = &wrappers.UInt32Value{Value: p.MaxFailures} diff --git a/agent/xds/listeners.go b/agent/xds/listeners.go index c462466d0..6b03122e8 100644 --- a/agent/xds/listeners.go +++ b/agent/xds/listeners.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/connect/ca" "github.com/hashicorp/consul/types" + "google.golang.org/protobuf/types/known/durationpb" "google.golang.org/protobuf/types/known/wrapperspb" envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" @@ -1519,7 +1520,7 @@ func makeHTTPFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error) if opts.requestTimeoutMs != nil { r := route.GetRoute() - r.Timeout = ptypes.DurationProto(time.Duration(*opts.requestTimeoutMs) * time.Millisecond) + r.Timeout = durationpb.New(time.Duration(*opts.requestTimeoutMs) * time.Millisecond) } // If a path is provided, do not match on a catch-all prefix diff --git a/agent/xds/routes.go b/agent/xds/routes.go index 0a772d3f5..2df52feef 100644 --- a/agent/xds/routes.go +++ b/agent/xds/routes.go @@ -10,9 +10,9 @@ import ( envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" envoy_matcher_v3 "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3" + "google.golang.org/protobuf/types/known/durationpb" "github.com/golang/protobuf/proto" - "github.com/golang/protobuf/ptypes" "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/proxycfg" @@ -387,7 +387,7 @@ func makeUpstreamRouteForDiscoveryChain( } if destination.RequestTimeout > 0 { - routeAction.Route.Timeout = ptypes.DurationProto(destination.RequestTimeout) + routeAction.Route.Timeout = durationpb.New(destination.RequestTimeout) } if destination.HasRetryFeatures() { @@ -699,12 +699,12 @@ func injectLBToRouteAction(lb *structs.LoadBalancer, action *envoy_route_v3.Rout cookie.Path = policy.CookieConfig.Path if policy.CookieConfig.TTL != 0*time.Second { - cookie.Ttl = ptypes.DurationProto(policy.CookieConfig.TTL) + cookie.Ttl = durationpb.New(policy.CookieConfig.TTL) } // Envoy will generate a session cookie if the ttl is present and zero. if policy.CookieConfig.Session { - cookie.Ttl = ptypes.DurationProto(0 * time.Second) + cookie.Ttl = durationpb.New(0 * time.Second) } } result = append(result, &envoy_route_v3.RouteAction_HashPolicy{ diff --git a/agent/xds/routes_test.go b/agent/xds/routes_test.go index ad033faad..501d05cb2 100644 --- a/agent/xds/routes_test.go +++ b/agent/xds/routes_test.go @@ -7,8 +7,8 @@ import ( "time" envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" + "google.golang.org/protobuf/types/known/durationpb" - "github.com/golang/protobuf/ptypes" testinf "github.com/mitchellh/go-testing-interface" "github.com/stretchr/testify/require" @@ -332,7 +332,7 @@ func TestEnvoyLBConfig_InjectToRouteAction(t *testing.T) { PolicySpecifier: &envoy_route_v3.RouteAction_HashPolicy_Cookie_{ Cookie: &envoy_route_v3.RouteAction_HashPolicy_Cookie{ Name: "oatmeal", - Ttl: ptypes.DurationProto(0 * time.Second), + Ttl: durationpb.New(0 * time.Second), }, }, }, @@ -437,7 +437,7 @@ func TestEnvoyLBConfig_InjectToRouteAction(t *testing.T) { PolicySpecifier: &envoy_route_v3.RouteAction_HashPolicy_Cookie_{ Cookie: &envoy_route_v3.RouteAction_HashPolicy_Cookie{ Name: "oatmeal", - Ttl: ptypes.DurationProto(10 * time.Second), + Ttl: durationpb.New(10 * time.Second), Path: "/oven", }, }, @@ -446,7 +446,7 @@ func TestEnvoyLBConfig_InjectToRouteAction(t *testing.T) { PolicySpecifier: &envoy_route_v3.RouteAction_HashPolicy_Cookie_{ Cookie: &envoy_route_v3.RouteAction_HashPolicy_Cookie{ Name: "chocolate-chip", - Ttl: ptypes.DurationProto(0 * time.Second), + Ttl: durationpb.New(0 * time.Second), Path: "/oven", }, }, diff --git a/agent/xds/xds_protocol_helpers_test.go b/agent/xds/xds_protocol_helpers_test.go index 1863aae0b..df4c65fb4 100644 --- a/agent/xds/xds_protocol_helpers_test.go +++ b/agent/xds/xds_protocol_helpers_test.go @@ -30,6 +30,7 @@ import ( "github.com/mitchellh/copystructure" "github.com/stretchr/testify/require" "google.golang.org/protobuf/types/known/anypb" + "google.golang.org/protobuf/types/known/durationpb" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" @@ -389,7 +390,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{ Type: envoy_cluster_v3.Cluster_STATIC, }, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), LoadAssignment: &envoy_endpoint_v3.ClusterLoadAssignment{ ClusterName: "local_app", Endpoints: []*envoy_endpoint_v3.LocalityLbEndpoints{{ @@ -414,7 +415,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st CommonLbConfig: &envoy_cluster_v3.Cluster_CommonLbConfig{ HealthyPanicThreshold: &envoy_type_v3.Percent{Value: 0}, }, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), TransportSocket: xdsNewUpstreamTransportSocket(t, snap, dbSNI, dbURI), } case "tcp:db:timeout": @@ -432,7 +433,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st CommonLbConfig: &envoy_cluster_v3.Cluster_CommonLbConfig{ HealthyPanicThreshold: &envoy_type_v3.Percent{Value: 0}, }, - ConnectTimeout: ptypes.DurationProto(1337 * time.Second), + ConnectTimeout: durationpb.New(1337 * time.Second), TransportSocket: xdsNewUpstreamTransportSocket(t, snap, dbSNI, dbURI), } case "http2:db": @@ -450,7 +451,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st CommonLbConfig: &envoy_cluster_v3.Cluster_CommonLbConfig{ HealthyPanicThreshold: &envoy_type_v3.Percent{Value: 0}, }, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), TransportSocket: xdsNewUpstreamTransportSocket(t, snap, dbSNI, dbURI), } typedExtensionProtocolOptions := &envoy_upstreams_v3.HttpProtocolOptions{ @@ -483,7 +484,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st CommonLbConfig: &envoy_cluster_v3.Cluster_CommonLbConfig{ HealthyPanicThreshold: &envoy_type_v3.Percent{Value: 0}, }, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), TransportSocket: xdsNewUpstreamTransportSocket(t, snap, dbSNI, dbURI), // HttpProtocolOptions: &envoy_core_v3.Http1ProtocolOptions{}, } @@ -498,7 +499,7 @@ func makeTestCluster(t *testing.T, snap *proxycfg.ConfigSnapshot, fixtureName st }, CircuitBreakers: &envoy_cluster_v3.CircuitBreakers{}, OutlierDetection: &envoy_cluster_v3.OutlierDetection{}, - ConnectTimeout: ptypes.DurationProto(5 * time.Second), + ConnectTimeout: durationpb.New(5 * time.Second), TransportSocket: xdsNewUpstreamTransportSocket(t, snap, geocacheSNI, geocacheURIs...), } default: