From 4ca7fc5fd84848efd11a3fb93ef9069c17d962da Mon Sep 17 00:00:00 2001 From: JimmyCYJ Date: Mon, 15 Oct 2018 15:50:24 -0700 Subject: [PATCH 1/5] Update dependencies and fix compile errors. Signed-off-by: JimmyCYJ --- BUILD | 3 -- WORKSPACE | 4 +-- istio.deps | 2 +- protobuf.bzl | 2 +- src/envoy/http/authn/http_filter.cc | 4 +-- src/envoy/http/authn/http_filter_test.cc | 46 ++++++++++++------------ src/envoy/http/jwt_auth/http_filter.cc | 2 +- src/envoy/http/mixer/filter.cc | 14 ++++---- src/envoy/http/mixer/filter.h | 2 +- src/envoy/http/mixer/report_data.h | 10 +++--- 10 files changed, 42 insertions(+), 47 deletions(-) diff --git a/BUILD b/BUILD index 37252ae00af..f92e4715753 100644 --- a/BUILD +++ b/BUILD @@ -33,6 +33,3 @@ genrule( visibility = ["//visibility:public"], ) -load("@io_bazel_rules_go//go:def.bzl", "go_prefix") - -go_prefix("istio.io/proxy") diff --git a/WORKSPACE b/WORKSPACE index f214681c725..663380a5f18 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -30,7 +30,7 @@ bind( ) # When updating envoy sha manually please update the sha in istio.deps file also -ENVOY_SHA = "a637506da5f55f0bec37701d9e0a04f1179a6bfb" +ENVOY_SHA = "8607e912a1df840da1080b7b0d4a9ed6bc247c39" http_archive( name = "envoy", @@ -48,8 +48,6 @@ load("@envoy_api//bazel:repositories.bzl", "api_dependencies") api_dependencies() load("@io_bazel_rules_go//go:def.bzl", "go_rules_dependencies", "go_register_toolchains") -load("@com_lyft_protoc_gen_validate//bazel:go_proto_library.bzl", "go_proto_repositories") -go_proto_repositories(shared=0) go_rules_dependencies() go_register_toolchains() diff --git a/istio.deps b/istio.deps index f48e3b6294b..3538d282ef1 100644 --- a/istio.deps +++ b/istio.deps @@ -11,6 +11,6 @@ "name": "ENVOY_SHA", "repoName": "envoyproxy/envoy", "file": "WORKSPACE", - "lastStableSHA": "a637506da5f55f0bec37701d9e0a04f1179a6bfb" + "lastStableSHA": "8607e912a1df840da1080b7b0d4a9ed6bc247c39" } ] diff --git a/protobuf.bzl b/protobuf.bzl index c445757d231..860a3b42e09 100644 --- a/protobuf.bzl +++ b/protobuf.bzl @@ -20,7 +20,7 @@ def protobuf_repositories(load_repo=True, bind=True): if load_repo: git_repository( name = "com_google_protobuf", - commit = "6a4fec616ec4b20f54d5fb530808b855cb664390", # Match SHA used by Envoy + commit = "fa252ec2a54acb24ddc87d48fed1ecfd458445fd", # Match SHA used by Envoy remote = "https://github.com/google/protobuf.git", ) diff --git a/src/envoy/http/authn/http_filter.cc b/src/envoy/http/authn/http_filter.cc index a4a89c2299c..7889e81212c 100644 --- a/src/envoy/http/authn/http_filter.cc +++ b/src/envoy/http/authn/http_filter.cc @@ -49,7 +49,7 @@ FilterHeadersStatus AuthenticationFilter::decodeHeaders(HeaderMap& headers, state_ = State::PROCESSING; filter_context_.reset(new Istio::AuthN::FilterContext( - decoder_callbacks_->requestInfo().dynamicMetadata(), headers, + decoder_callbacks_->streamInfo().dynamicMetadata(), headers, decoder_callbacks_->connection(), filter_config_)); Payload payload; @@ -76,7 +76,7 @@ FilterHeadersStatus AuthenticationFilter::decodeHeaders(HeaderMap& headers, ProtobufWkt::Struct data; Utils::Authentication::SaveAuthAttributesToStruct( filter_context_->authenticationResult(), data); - decoder_callbacks_->requestInfo().setDynamicMetadata( + decoder_callbacks_->streamInfo().setDynamicMetadata( Utils::IstioFilterName::kAuthentication, data); ENVOY_LOG(debug, "Saved Dynamic Metadata:\n{}", data.DebugString()); } diff --git a/src/envoy/http/authn/http_filter_test.cc b/src/envoy/http/authn/http_filter_test.cc index 5ee4ddc8aca..7196384fae7 100644 --- a/src/envoy/http/authn/http_filter_test.cc +++ b/src/envoy/http/authn/http_filter_test.cc @@ -16,7 +16,7 @@ #include "src/envoy/http/authn/http_filter.h" #include "common/common/base64.h" #include "common/http/header_map_impl.h" -#include "common/request_info/request_info_impl.h" +#include "common/stream_info/stream_info_impl.h" #include "envoy/config/filter/http/authn/v2alpha1/config.pb.h" #include "gmock/gmock.h" #include "gtest/gtest.h" @@ -122,11 +122,11 @@ TEST_F(AuthenticationFilterTest, PeerFail) { .Times(1) .WillOnce(Invoke(createAlwaysFailAuthenticator)); DangerousDeprecatedTestTime test_time; - RequestInfo::RequestInfoImpl request_info(Http::Protocol::Http2, - test_time.timeSystem()); - EXPECT_CALL(decoder_callbacks_, requestInfo()) + StreamInfo::StreamInfoImpl stream_info(Http::Protocol::Http2, + test_time.timeSystem()); + EXPECT_CALL(decoder_callbacks_, streamInfo()) .Times(AtLeast(1)) - .WillRepeatedly(ReturnRef(request_info)); + .WillRepeatedly(ReturnRef(stream_info)); EXPECT_CALL(decoder_callbacks_, encodeHeaders_(_, _)) .Times(1) .WillOnce(testing::Invoke([](Http::HeaderMap &headers, bool) { @@ -135,7 +135,7 @@ TEST_F(AuthenticationFilterTest, PeerFail) { EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_.decodeHeaders(request_headers_, true)); EXPECT_FALSE(Utils::Authentication::GetResultFromMetadata( - request_info.dynamicMetadata())); + stream_info.dynamicMetadata())); } TEST_F(AuthenticationFilterTest, PeerPassOriginFail) { @@ -148,11 +148,11 @@ TEST_F(AuthenticationFilterTest, PeerPassOriginFail) { .Times(1) .WillOnce(Invoke(createAlwaysFailAuthenticator)); DangerousDeprecatedTestTime test_time; - RequestInfo::RequestInfoImpl request_info(Http::Protocol::Http2, - test_time.timeSystem()); - EXPECT_CALL(decoder_callbacks_, requestInfo()) + StreamInfo::StreamInfoImpl stream_info(Http::Protocol::Http2, + test_time.timeSystem()); + EXPECT_CALL(decoder_callbacks_, streamInfo()) .Times(AtLeast(1)) - .WillRepeatedly(ReturnRef(request_info)); + .WillRepeatedly(ReturnRef(stream_info)); EXPECT_CALL(decoder_callbacks_, encodeHeaders_(_, _)) .Times(1) .WillOnce(testing::Invoke([](Http::HeaderMap &headers, bool) { @@ -161,7 +161,7 @@ TEST_F(AuthenticationFilterTest, PeerPassOriginFail) { EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_.decodeHeaders(request_headers_, true)); EXPECT_FALSE(Utils::Authentication::GetResultFromMetadata( - request_info.dynamicMetadata())); + stream_info.dynamicMetadata())); } TEST_F(AuthenticationFilterTest, AllPass) { @@ -172,18 +172,18 @@ TEST_F(AuthenticationFilterTest, AllPass) { .Times(1) .WillOnce(Invoke(createAlwaysPassAuthenticator)); DangerousDeprecatedTestTime test_time; - RequestInfo::RequestInfoImpl request_info(Http::Protocol::Http2, - test_time.timeSystem()); - EXPECT_CALL(decoder_callbacks_, requestInfo()) + StreamInfo::StreamInfoImpl stream_info(Http::Protocol::Http2, + test_time.timeSystem()); + EXPECT_CALL(decoder_callbacks_, streamInfo()) .Times(AtLeast(1)) - .WillRepeatedly(ReturnRef(request_info)); + .WillRepeatedly(ReturnRef(stream_info)); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter_.decodeHeaders(request_headers_, true)); - EXPECT_EQ(1, request_info.dynamicMetadata().filter_metadata_size()); + EXPECT_EQ(1, stream_info.dynamicMetadata().filter_metadata_size()); const auto *data = Utils::Authentication::GetResultFromMetadata( - request_info.dynamicMetadata()); + stream_info.dynamicMetadata()); ASSERT_TRUE(data); ProtobufWkt::Struct expected_data; @@ -243,18 +243,18 @@ TEST_F(AuthenticationFilterTest, IgnoreBothPass) { .Times(1) .WillOnce(Invoke(createAlwaysPassAuthenticator)); DangerousDeprecatedTestTime test_time; - RequestInfo::RequestInfoImpl request_info(Http::Protocol::Http2, - test_time.timeSystem()); - EXPECT_CALL(decoder_callbacks_, requestInfo()) + StreamInfo::StreamInfoImpl stream_info(Http::Protocol::Http2, + test_time.timeSystem()); + EXPECT_CALL(decoder_callbacks_, streamInfo()) .Times(AtLeast(1)) - .WillRepeatedly(ReturnRef(request_info)); + .WillRepeatedly(ReturnRef(stream_info)); EXPECT_EQ(Http::FilterHeadersStatus::Continue, filter.decodeHeaders(request_headers_, true)); - EXPECT_EQ(1, request_info.dynamicMetadata().filter_metadata_size()); + EXPECT_EQ(1, stream_info.dynamicMetadata().filter_metadata_size()); const auto *data = Utils::Authentication::GetResultFromMetadata( - request_info.dynamicMetadata()); + stream_info.dynamicMetadata()); ASSERT_TRUE(data); ProtobufWkt::Struct expected_data; diff --git a/src/envoy/http/jwt_auth/http_filter.cc b/src/envoy/http/jwt_auth/http_filter.cc index 40a50e9ffb5..783693ec8d2 100644 --- a/src/envoy/http/jwt_auth/http_filter.cc +++ b/src/envoy/http/jwt_auth/http_filter.cc @@ -75,7 +75,7 @@ void JwtVerificationFilter::onDone(const JwtAuth::Status& status) { void JwtVerificationFilter::savePayload(const std::string& key, const std::string& payload) { - decoder_callbacks_->requestInfo().setDynamicMetadata( + decoder_callbacks_->streamInfo().setDynamicMetadata( Utils::IstioFilterName::kJwt, MessageUtil::keyValueStruct(key, payload)); } diff --git a/src/envoy/http/mixer/filter.cc b/src/envoy/http/mixer/filter.cc index 3db681fb392..68822e082f9 100644 --- a/src/envoy/http/mixer/filter.cc +++ b/src/envoy/http/mixer/filter.cc @@ -71,7 +71,7 @@ FilterHeadersStatus Filter::decodeHeaders(HeaderMap& headers, bool) { state_ = Calling; initiating_call_ = true; CheckData check_data(headers, - decoder_callbacks_->requestInfo().dynamicMetadata(), + decoder_callbacks_->streamInfo().dynamicMetadata(), decoder_callbacks_->connection()); Utils::HeaderUpdate header_update(&headers); headers_ = &headers; @@ -160,8 +160,8 @@ void Filter::completeCheck(const CheckResponseInfo& info) { int status_code = ::istio::utils::StatusHttpCode(status.error_code()); decoder_callbacks_->sendLocalReply(Code(status_code), status.ToString(), nullptr); - decoder_callbacks_->requestInfo().setResponseFlag( - RequestInfo::ResponseFlag::UnauthorizedExternalService); + decoder_callbacks_->streamInfo().setResponseFlag( + StreamInfo::ResponseFlag::UnauthorizedExternalService); return; } @@ -210,7 +210,7 @@ void Filter::onDestroy() { void Filter::log(const HeaderMap* request_headers, const HeaderMap* response_headers, const HeaderMap* response_trailers, - const RequestInfo::RequestInfo& request_info) { + const StreamInfo::StreamInfo& stream_info) { ENVOY_LOG(debug, "Called Mixer::Filter : {}", __func__); if (!handler_) { if (request_headers == nullptr) { @@ -219,15 +219,15 @@ void Filter::log(const HeaderMap* request_headers, // Here Request is rejected by other filters, Mixer filter is not called. ::istio::control::http::Controller::PerRouteConfig config; - ReadPerRouteConfig(request_info.routeEntry(), &config); + ReadPerRouteConfig(stream_info.routeEntry(), &config); handler_ = control_.controller()->CreateRequestHandler(config); } // If check is NOT called, check attributes are not extracted. - CheckData check_data(*request_headers, request_info.dynamicMetadata(), + CheckData check_data(*request_headers, stream_info.dynamicMetadata(), decoder_callbacks_->connection()); // response trailer header is not counted to response total size. - ReportData report_data(response_headers, response_trailers, request_info, + ReportData report_data(response_headers, response_trailers, stream_info, request_total_size_); handler_->Report(&check_data, &report_data); } diff --git a/src/envoy/http/mixer/filter.h b/src/envoy/http/mixer/filter.h index d1e73e56255..1f5287e47bc 100644 --- a/src/envoy/http/mixer/filter.h +++ b/src/envoy/http/mixer/filter.h @@ -69,7 +69,7 @@ class Filter : public StreamFilter, virtual void log(const HeaderMap* request_headers, const HeaderMap* response_headers, const HeaderMap* response_trailers, - const RequestInfo::RequestInfo& request_info) override; + const StreamInfo::StreamInfo& stream_info) override; private: // Read per-route config. diff --git a/src/envoy/http/mixer/report_data.h b/src/envoy/http/mixer/report_data.h index 86e9a8e3d62..161316a4e02 100644 --- a/src/envoy/http/mixer/report_data.h +++ b/src/envoy/http/mixer/report_data.h @@ -16,9 +16,9 @@ #pragma once #include "common/common/logger.h" -#include "common/request_info/utility.h" +#include "common/stream_info/utility.h" #include "envoy/http/header_map.h" -#include "envoy/request_info/request_info.h" +#include "envoy/stream_info/stream_info.h" #include "extensions/filters/http/well_known_names.h" #include "include/istio/control/http/controller.h" #include "src/envoy/utils/utils.h" @@ -53,13 +53,13 @@ class ReportData : public ::istio::control::http::ReportData, public Logger::Loggable { const HeaderMap *headers_; const HeaderMap *trailers_; - const RequestInfo::RequestInfo &info_; + const StreamInfo::StreamInfo &info_; uint64_t response_total_size_; uint64_t request_total_size_; public: ReportData(const HeaderMap *headers, const HeaderMap *response_trailers, - const RequestInfo::RequestInfo &info, uint64_t request_total_size) + const StreamInfo::StreamInfo &info, uint64_t request_total_size) : headers_(headers), trailers_(response_trailers), info_(info), @@ -96,7 +96,7 @@ class ReportData : public ::istio::control::http::ReportData, // is rejected by Envoy. Set the response code for such requests as 500. data->response_code = info_.responseCode().value_or(500); - data->response_flags = RequestInfo::ResponseFlagUtils::toShortString(info_); + data->response_flags = StreamInfo::ResponseFlagUtils::toShortString(info_); } bool GetDestinationIpPort(std::string *str_ip, int *port) const override { From 4da755ff865391a6db121df87887444e2ddab091 Mon Sep 17 00:00:00 2001 From: JimmyCYJ Date: Mon, 15 Oct 2018 16:29:33 -0700 Subject: [PATCH 2/5] update bazel version to 0.17 Signed-off-by: JimmyCYJ --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 29d1bcf2a92..9d09b16338c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,7 +3,7 @@ version: 2 jobs: build: docker: - - image: istio/ci:go1.10-bazel0.15-clang6.0 + - image: istio/ci:go1.10-bazel0.17-clang6.0 environment: - BAZEL_TEST_ARGS: "--test_env=ENVOY_IP_TEST_VERSIONS=v4only --test_output=all" resource_class: xlarge From 2ac0926de4f390f7f03d91b0e070f688d8930948 Mon Sep 17 00:00:00 2001 From: JimmyCYJ Date: Mon, 15 Oct 2018 16:31:29 -0700 Subject: [PATCH 3/5] update bazel version to 0.18 Signed-off-by: JimmyCYJ --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9d09b16338c..76bc197b488 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,7 +3,7 @@ version: 2 jobs: build: docker: - - image: istio/ci:go1.10-bazel0.17-clang6.0 + - image: istio/ci:go1.10-bazel0.18-clang6.0 environment: - BAZEL_TEST_ARGS: "--test_env=ENVOY_IP_TEST_VERSIONS=v4only --test_output=all" resource_class: xlarge From 9a4fd62d2e6de4e8e385eaa82f4c6391c1228b0b Mon Sep 17 00:00:00 2001 From: JimmyCYJ Date: Mon, 15 Oct 2018 16:32:26 -0700 Subject: [PATCH 4/5] revert bazel version to 0.15 Signed-off-by: JimmyCYJ --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 76bc197b488..29d1bcf2a92 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,7 +3,7 @@ version: 2 jobs: build: docker: - - image: istio/ci:go1.10-bazel0.18-clang6.0 + - image: istio/ci:go1.10-bazel0.15-clang6.0 environment: - BAZEL_TEST_ARGS: "--test_env=ENVOY_IP_TEST_VERSIONS=v4only --test_output=all" resource_class: xlarge From a4080f73a01dd0a41db726bddb04f099c4d837cd Mon Sep 17 00:00:00 2001 From: JimmyCYJ Date: Wed, 17 Oct 2018 15:10:09 -0700 Subject: [PATCH 5/5] Update bazel version for asan and tsan build in circieCI Signed-off-by: JimmyCYJ --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 76bc197b488..3cd641f5218 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -30,7 +30,7 @@ jobs: destination: /proxy/bin linux_asan: docker: - - image: istio/ci:go1.10-bazel0.15-clang6.0 + - image: istio/ci:go1.10-bazel0.18-clang6.0 environment: - BAZEL_TEST_ARGS: "--test_env=ENVOY_IP_TEST_VERSIONS=v4only --test_output=all" resource_class: xlarge @@ -49,7 +49,7 @@ jobs: - /home/circleci/.cache/bazel linux_tsan: docker: - - image: istio/ci:go1.10-bazel0.15-clang6.0 + - image: istio/ci:go1.10-bazel0.18-clang6.0 environment: - BAZEL_TEST_ARGS: "--test_env=ENVOY_IP_TEST_VERSIONS=v4only --test_output=all" resource_class: xlarge