-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge attempt to upstream/36cf26b9d6ac32f5671c24b92f9ea22ab70bc6c1 #1
Commits on Aug 1, 2019
-
ci: use small image and use remote_jdk (envoyproxy#7786)
Description: Use smaller image, bazel 0.28.1, regenerates config with gcc and libcxx Risk Level: Low Testing: CI Docs Changes: Release Notes: Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 598c169 - Browse repository at this point
Copy the full SHA 598c169View commit details
Commits on Aug 2, 2019
-
Add flag when open file (envoyproxy#7445)
Add flag when open file (envoyproxy#7445) Signed-off-by: cwsong <cwsong@iflytek.com>
Configuration menu - View commit details
-
Copy full SHA for dd50110 - Browse repository at this point
Copy the full SHA dd50110View commit details -
Configuration menu - View commit details
-
Copy full SHA for cd8574d - Browse repository at this point
Copy the full SHA cd8574dView commit details -
docs: fix custom header example (envoyproxy#7806)
The example shows the request_headers_to_add in the RouteAction, and this should be in the Route Signed-off-by: Christian Ladrón de Guevara Reyes <christian@datank.ai>
Configuration menu - View commit details
-
Copy full SHA for 95a2b26 - Browse repository at this point
Copy the full SHA 95a2b26View commit details -
bump abseil to latest version (envoyproxy#7802)
This fixes envoyproxy#7357 on windows Visual Studio 2017 Signed-off-by: William Rowe <wrowe@pivotal.io>
Configuration menu - View commit details
-
Copy full SHA for b1fcf27 - Browse repository at this point
Copy the full SHA b1fcf27View commit details -
fuzz: remove header prefix from Bootstrap (envoyproxy#7803)
Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for fc8d6f5 - Browse repository at this point
Copy the full SHA fc8d6f5View commit details -
clang-tidy modernize-use-nullptr (envoyproxy#7791)
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 06119fa - Browse repository at this point
Copy the full SHA 06119faView commit details -
zookeeper: parse server responses (envoyproxy#7574)
This adds support for parsing server responses and watch events. One or more follow-up PRs will add support for latency measurements and access log. Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 266252e - Browse repository at this point
Copy the full SHA 266252eView commit details -
security: add @yanavlasov to Envoy security team. (envoyproxy#7811)
Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for a30986b - Browse repository at this point
Copy the full SHA a30986bView commit details -
ci: roll forward build image (envoyproxy#7809)
Description: Fixes post submit issue from envoyproxy#7786 Risk Level: Testing: Docs Changes: Release Notes: Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for fb7384e - Browse repository at this point
Copy the full SHA fb7384eView commit details -
config: do not finish initialization on stream disconnection (envoypr…
…oxy#7427) Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for 0957e9c - Browse repository at this point
Copy the full SHA 0957e9cView commit details
Commits on Aug 3, 2019
-
Make it easier to grok. Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 662eccc - Browse repository at this point
Copy the full SHA 662ecccView commit details -
clang-tidy: modernize-loop-convert (envoyproxy#7790)
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 2ca5b26 - Browse repository at this point
Copy the full SHA 2ca5b26View commit details -
docs: fix minor style issue in tracing.rst (envoyproxy#7821)
Remove an unnecessary bullet list to make the link to the v2 API reference inlined. Signed-off-by: Tal Nordan <github@talnordan.com>
Configuration menu - View commit details
-
Copy full SHA for f3121b0 - Browse repository at this point
Copy the full SHA f3121b0View commit details -
ci: compile_time_options in Azure RBE (envoyproxy#7817)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 56d03e0 - Browse repository at this point
Copy the full SHA 56d03e0View commit details
Commits on Aug 5, 2019
-
docs: link to GetEnvoy.io for pre-built binaries (envoyproxy#7814)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 01bf1c3 - Browse repository at this point
Copy the full SHA 01bf1c3View commit details -
docs: fix incorrect comment (envoyproxy#7827)
Signed-off-by: Derek Argueta <darguetap@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for c906df3 - Browse repository at this point
Copy the full SHA c906df3View commit details -
tracing: Update OpenCensus. (envoyproxy#7797)
Let the config override the Stackdriver address. This can be used for proxying and testing. Signed-off-by: Emil Mikulic <g-easy@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3e63182 - Browse repository at this point
Copy the full SHA 3e63182View commit details
Commits on Aug 6, 2019
-
accesslog: Add buffering and flushing to gRPC access log (envoyproxy#…
…7755) Signed-off-by: Ruslan Nigmatullin <elessar@dropbox.com>
Configuration menu - View commit details
-
Copy full SHA for e6145e0 - Browse repository at this point
Copy the full SHA e6145e0View commit details -
codec: add metadata_not_supported_error to HTTP/1 codec stats (envoyp…
…roxy#7801) Signed-off-by: Yang Song <yasong@google.com>
Configuration menu - View commit details
-
Copy full SHA for 3286ea0 - Browse repository at this point
Copy the full SHA 3286ea0View commit details -
header to metadata: add base64 encode and protobuf value type (envoyp…
…roxy#7796) For the first point in envoyproxy#7771 for converting arbitrary protobuf value from header to metadata. Risk Level: Low Testing: Unit tests Docs Changes: Updated version_history.rst Release Notes: Updated version_history.rst Signed-off-by: Yangmin Zhu <ymzhu@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9e552c5 - Browse repository at this point
Copy the full SHA 9e552c5View commit details -
config: add init fetch timeout stat (envoyproxy#7822)
Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for 7e5e0b5 - Browse repository at this point
Copy the full SHA 7e5e0b5View commit details -
fix respect_dns_ttl bug (envoyproxy#7815)
Use default DNS refresh TTL when DNS returns an NXDOMAIN Risk Level: Medium Testing: unit test, manual test Docs Changes: N/A Release Notes: N/A Fixes #Issue: envoyproxy#7808 Signed-off-by: Yan Xue <yxyan@google.com>
Configuration menu - View commit details
-
Copy full SHA for 41c4244 - Browse repository at this point
Copy the full SHA 41c4244View commit details -
security: update Istio contact e-mail. (envoyproxy#7837)
Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6ddfb94 - Browse repository at this point
Copy the full SHA 6ddfb94View commit details
Commits on Aug 7, 2019
-
fix portFromUrl when double protocol is provided (envoyproxy#7838)
revival of envoyproxy#7823 this fixes a particular exception case where an end-user configures a socket address to point at: `https://google.com` instead of just the hostname: `google.com`. instead of throwing an (stoi) error. because it can't turn: `//google.com` into a port. we now through a slightly more sane: `malformed url`. it isn't as good as a protoc-gen-validate message since it's not clear why: `tcp://` gets prepended, but I think it's digestable enough to know, you shouldn't be putting https there. not to mention it is a step forward from: `stoi`. Risk Level: Low Testing: Not only are there unit tests, but you can run through the following configurations and see the new error messages. Docs Changes: None Release Notes: None Signed-off-by: Cynthia Coan <ccoan@instructure.com>
Configuration menu - View commit details
-
Copy full SHA for 7e21623 - Browse repository at this point
Copy the full SHA 7e21623View commit details -
jwt_authn: clean not-used using (envoyproxy#7845)
Signed-off-by: Wayne Zhang <qiwzhang@google.com>
Configuration menu - View commit details
-
Copy full SHA for cb7c969 - Browse repository at this point
Copy the full SHA cb7c969View commit details -
http: add onComplete to AsyncClient::StreamCallbacks (envoyproxy#7752)
Signed-off-by: Mike Schore <mike.schore@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 67103ba - Browse repository at this point
Copy the full SHA 67103baView commit details -
http: introduce addEncodedMetadata() (envoyproxy#7756)
Signed-off-by: Yang Song <yasong@google.com>
Configuration menu - View commit details
-
Copy full SHA for 2942421 - Browse repository at this point
Copy the full SHA 2942421View commit details -
Clarify lifetime requirements on Envoy::Event::Timer (envoyproxy#7812)
Signed-off-by: Auni Ahsan <auni@google.com>
Configuration menu - View commit details
-
Copy full SHA for 3d4f6fa - Browse repository at this point
Copy the full SHA 3d4f6faView commit details -
docs: update ci/build docs (envoyproxy#7849)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 7a21bec - Browse repository at this point
Copy the full SHA 7a21becView commit details -
ip tagging: fix old TODO (envoyproxy#7834)
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for feb56a1 - Browse repository at this point
Copy the full SHA feb56a1View commit details -
fuzz: link libfuzzer engine to fuzz with bazel! (envoyproxy#7805)
This makes a new config "asan-fuzzer" that links to the libfuzzer engine. To run a fuzz target with asan and libfuzzer, do bazel build --config=asan-fuzzer test/common/router:route_fuzz_test_driver --config=asan-fuzzer bazel-bin/test/common/router/route_fuzz_test_driver test/common/router/route_corpus -runs=-1 (-runs=-1 for indefinite runs, -runs=100 for bounded). Testing: works locally Risk: Low Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6db95bd - Browse repository at this point
Copy the full SHA 6db95bdView commit details -
Ensure the pending requests are popped before the callback is called. (…
…envoyproxy#7843) Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 7c7a6c9 - Browse repository at this point
Copy the full SHA 7c7a6c9View commit details -
buffer filter: Populate content-length header (envoyproxy#7848)
Signed-off-by: Ruslan Nigmatullin <elessar@dropbox.com>
Configuration menu - View commit details
-
Copy full SHA for 4c08c00 - Browse repository at this point
Copy the full SHA 4c08c00View commit details -
Do not use SpdyString wrapper for std::string. (envoyproxy#7854)
Signed-off-by: Bence Béky <bnc@google.com>
Configuration menu - View commit details
-
Copy full SHA for 8b549bd - Browse repository at this point
Copy the full SHA 8b549bdView commit details
Commits on Aug 8, 2019
-
Adaptive concurrency no-op implementation (envoyproxy#7819)
Signed-off-by: Tony Allen <tallen@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 8e1dd33 - Browse repository at this point
Copy the full SHA 8e1dd33View commit details -
stats: More StatName conversions (envoyproxy#7810)
* Convert a few more counter() references to use the StatName interface. Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 3fdd00d - Browse repository at this point
Copy the full SHA 3fdd00dView commit details -
added logic to reset route cache
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 151fa54 - Browse repository at this point
Copy the full SHA 151fa54View commit details -
added fix for set cookie header
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for ccd9dbd - Browse repository at this point
Copy the full SHA ccd9dbdView commit details -
fixed ambassador issue envoyproxy#1313
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for b6dbd41 - Browse repository at this point
Copy the full SHA b6dbd41View commit details -
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 8824049 - Browse repository at this point
Copy the full SHA 8824049View commit details -
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6ba9a07 - Browse repository at this point
Copy the full SHA 6ba9a07View commit details -
Signed-off-by: Gabriel <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 9fada3c - Browse repository at this point
Copy the full SHA 9fada3cView commit details -
removed deprecation flags from fault, ext-authz and route protos
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 2f3fc11 - Browse repository at this point
Copy the full SHA 2f3fc11View commit details -
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for e23b2a6 - Browse repository at this point
Copy the full SHA e23b2a6View commit details -
added the tracing name string to the client config
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for f560629 - Browse repository at this point
Copy the full SHA f560629View commit details -
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for ac42dd2 - Browse repository at this point
Copy the full SHA ac42dd2View commit details -
added test for http client tracing ok
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for d82576b - Browse repository at this point
Copy the full SHA d82576bView commit details -
more tests for http client tracing
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5ce6873 - Browse repository at this point
Copy the full SHA 5ce6873View commit details -
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for bce7c36 - Browse repository at this point
Copy the full SHA bce7c36View commit details -
added tests for http client tracing
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for fa39a83 - Browse repository at this point
Copy the full SHA fa39a83View commit details -
use fmt instead of string concatenation
Signed-off-by: Gabriel Linden Sagula <gsagula@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for b1dae7d - Browse repository at this point
Copy the full SHA b1dae7dView commit details -
quiche: do not use Http2String wrapper for std::string (envoyproxy#7856)
Signed-off-by: Bence Béky <bnc@google.com>
Configuration menu - View commit details
-
Copy full SHA for c482279 - Browse repository at this point
Copy the full SHA c482279View commit details -
OriginalDstCluster: Use ThreadAwareLoadBalancer (envoyproxy#7820)
Signed-off-by: Jarno Rajahalme <jarno@covalent.io>
Configuration menu - View commit details
-
Copy full SHA for e03936e - Browse repository at this point
Copy the full SHA e03936eView commit details
Commits on Aug 9, 2019
-
Pass CC, CXX and PATH variables to Bazel. (envoyproxy#7874)
Without this change, the default system compiler is used in some rules (e.g. genrules). Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 04477ca - Browse repository at this point
Copy the full SHA 04477caView commit details -
grpc: Add AWS IAM grpc credentials extension (envoyproxy#7532)
Signed-off-by: Scott LaVigne <lavignes@amazon.com>
Configuration menu - View commit details
-
Copy full SHA for c92b8ba - Browse repository at this point
Copy the full SHA c92b8baView commit details -
Remove dummy.h, dummy.cc, dummy_test.cc. (envoyproxy#7871)
Signed-off-by: Bence Béky <bnc@google.com>
Configuration menu - View commit details
-
Copy full SHA for 05e3f6e - Browse repository at this point
Copy the full SHA 05e3f6eView commit details -
http2: Limit the number of outbound frames (envoyproxy#9)
Limit the number of outbound (these, waiting to be written into the socket) HTTP/2 frames. When the limit is exceeded the connection is terminated. This mitigates flood exploits where a client continually sends frames that are not subject to flow control without reading server responses. Fixes CVE-2019-9512, CVE-2019-9514 and CVE-2019-9515. Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for 85a294e - Browse repository at this point
Copy the full SHA 85a294eView commit details -
http2: limit the number of inbound frames. (envoyproxy#20)
This change adds protections against flooding using PRIORITY and/or WINDOW_UPDATE frames, as well as frames with an empty payload and no end stream flag. Fixes CVE-2019-9511, CVE-2019-9513 and CVE-2019-9518. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for f261942 - Browse repository at this point
Copy the full SHA f261942View commit details -
http2: enable strict validation of HTTP/2 headers. (envoyproxy#19)
Fixes CVE-2019-9516. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for c28b110 - Browse repository at this point
Copy the full SHA c28b110View commit details -
Always disable reads when connection is closed with the FlushWriteAnd…
…Delay (envoyproxy#16) Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9cd0ce4 - Browse repository at this point
Copy the full SHA 9cd0ce4View commit details -
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9c3bab4 - Browse repository at this point
Copy the full SHA 9c3bab4View commit details -
Fix flaky http2 integration tests (envoyproxy#29)
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9af4885 - Browse repository at this point
Copy the full SHA 9af4885View commit details -
runtime: changing snapshot access to be const (envoyproxy#7677) (envo…
…yproxy#26) This is a precursor to envoyproxy#7601 just to land the API change more quickly and make sure it sticks. Risk Level: Low Testing: existing unit tests Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 82067af - Browse repository at this point
Copy the full SHA 82067afView commit details -
runtime: making runtime accessible from non-worker threads (envoyprox…
…y#7695) (envoyproxy#27) Making runtime accessible for non-worker threads, and using the new accessor for runtime features. This allows the work done in envoyproxy#7601, moving the strict HTTP checks out of the HCM and into the codec, where the integration tests use them from client/server threads, and other downstream Envoys might use them from non-worker threads as well. Risk Level: High (affects runtime access for all runtime features) Testing: new unit tests, integration tests use in envoyproxy#7601 Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 4e9588b - Browse repository at this point
Copy the full SHA 4e9588bView commit details -
Disable outbound flood mitigation through runtime config (envoyproxy#22)
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for 71ff17c - Browse repository at this point
Copy the full SHA 71ff17cView commit details -
buffer filter: Deflake RouterRequestPopulateContentLength (envoyproxy…
…#7885) Signed-off-by: Ruslan Nigmatullin <elessar@dropbox.com>
Configuration menu - View commit details
-
Copy full SHA for 26a1346 - Browse repository at this point
Copy the full SHA 26a1346View commit details -
listener: add an option to continue on listener filters timeout (envo…
…yproxy#7859) Description: Add an option to continue on listener filters timeout. Risk Level: Med (mostly guarded by config) Testing: unittest Docs Changes: Added Release Notes: Added Fixes envoyproxy#7195 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 975c62d - Browse repository at this point
Copy the full SHA 975c62dView commit details
Commits on Aug 11, 2019
-
dynamic forward proxy: add factory declarations + linking validation (e…
…nvoyproxy#7889) Signed-off-by: Michael Rebello <me@michaelrebello.com>
Configuration menu - View commit details
-
Copy full SHA for 922f2f9 - Browse repository at this point
Copy the full SHA 922f2f9View commit details
Commits on Aug 12, 2019
-
runtime: add the ability to log downstream HTTP/2 attacks.
Signed-off-by: Matt Klein <mklein@lyft.com> Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 4616a09 - Browse repository at this point
Copy the full SHA 4616a09View commit details -
Introduce --features=compiler_param_file option for windows (envoypro…
…xy#7897) This resolves compile line length issues by triggering a command args file bazelbuild/bazel#5163 Signed-off-by: William Rowe <wrowe@pivotal.io>
Configuration menu - View commit details
-
Copy full SHA for dd5eb0c - Browse repository at this point
Copy the full SHA dd5eb0cView commit details -
cleanup: generator.py words correction. (envoyproxy#7891)
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
Configuration menu - View commit details
-
Copy full SHA for 93f87c3 - Browse repository at this point
Copy the full SHA 93f87c3View commit details -
build: miscellaneous hygiene fixes (envoyproxy#7888)
Signed-off-by: Alex Konradi <akonradi@google.com>
Configuration menu - View commit details
-
Copy full SHA for 1cf877d - Browse repository at this point
Copy the full SHA 1cf877dView commit details -
docs: add names to layers in runtime (envoyproxy#7887)
Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 3125646 - Browse repository at this point
Copy the full SHA 3125646View commit details -
runtime: add proto constraint to require a layer specifier (envoyprox…
…y#7886) Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 3380a14 - Browse repository at this point
Copy the full SHA 3380a14View commit details -
fuzz: add a simple fuzzer for xxhash utilities (envoyproxy#7855)
Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 5210894 - Browse repository at this point
Copy the full SHA 5210894View commit details -
tracing: Add B3 support in OpenCensus driver. (envoyproxy#7800)
Signed-off-by: Emil Mikulic <g-easy@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c3a7531 - Browse repository at this point
Copy the full SHA c3a7531View commit details
Commits on Aug 13, 2019
-
Register per opcode latencies (envoyproxy#7825)
This change adds histograms for each opcode, e.g.: * getdata * setdata * ... Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for e7fe198 - Browse repository at this point
Copy the full SHA e7fe198View commit details -
cluster: remove unused proto import (envoyproxy#7898)
This warms when building: > envoy/api/v2/cluster/filter.proto:12:1: warning: Import google/protobuf/struct.proto but not used. Signed-off-by: Michael Rebello <me@michaelrebello.com>
Configuration menu - View commit details
-
Copy full SHA for 7b0ce0d - Browse repository at this point
Copy the full SHA 7b0ce0dView commit details -
http2: limit the number of outbound frames (envoyproxy#23)
Limit the number of outbound (these, waiting to be written into the socket) HTTP/2 frames. When the limit is exceeded the connection is terminated. This mitigates flood exploits where a client continually sends frames that are not subject to flow control without reading server responses. Fixes CVE-2019-9512, CVE-2019-9514 and CVE-2019-9515. Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for b93886c - Browse repository at this point
Copy the full SHA b93886cView commit details -
http2: limit the number of inbound frames. (envoyproxy#24)
This change adds protections against flooding using PRIORITY and/or WINDOW_UPDATE frames, as well as frames with an empty payload and no end stream flag. Fixes CVE-2019-9511, CVE-2019-9513 and CVE-2019-9518. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9f16bca - Browse repository at this point
Copy the full SHA 9f16bcaView commit details -
http2: enable strict validation of HTTP/2 headers. (envoyproxy#25)
Fixes CVE-2019-9516. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 84dabbf - Browse repository at this point
Copy the full SHA 84dabbfView commit details -
connection: always disable reads when connection is closed with the F…
…lushWriteAndDelay (envoyproxy#28) Signed-off-by: Yan Avlasov <yavlasov@google.com>
Configuration menu - View commit details
-
Copy full SHA for 79cbdca - Browse repository at this point
Copy the full SHA 79cbdcaView commit details -
Configuration menu - View commit details
-
Copy full SHA for d3d5dcd - Browse repository at this point
Copy the full SHA d3d5dcdView commit details -
http2: configure logging of HTTP/2 flood attacks through runtime. (en…
…voyproxy#34) Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for f2129cb - Browse repository at this point
Copy the full SHA f2129cbView commit details -
config: enforcing terminal filters are the final filter in their resp…
…ective chains (envoyproxy#7779) An (no longer annoyingly one-off) solution to the common problem folks run into with Envoy configs where they add their filters behind the router filter and don't get why things aren't working. Ditto for HCM, tcp_proxy etc for L4 Risk Level: Low (except for folks with broken config) Testing: new UT Docs Changes: n/a Release Notes: n/a Fixes envoyproxy#7767 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for 3f5580f - Browse repository at this point
Copy the full SHA 3f5580fView commit details -
http1: remove unimplemented constructor (envoyproxy#7905)
Removes a stale, unimplemented constructor definition. Risk Level: low Testing: n/a Doc Changes: n/a Release Notes: n/a Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 38a4d86 - Browse repository at this point
Copy the full SHA 38a4d86View commit details -
Patch in ecf04cc and 49f0fb9 from gRPC. (envoyproxy#7850)
This is so that Envoy keeps building with the --incompatible_disable_legacy_proto_provider command line option of Bazel which is to be flipped in 1.0 . Description: Risk Level: Testing: Docs Changes: Release Notes: Signed-off-by: Lukacs T. Berki <lberki@google.com>
Configuration menu - View commit details
-
Copy full SHA for 1dc418f - Browse repository at this point
Copy the full SHA 1dc418fView commit details -
xds: apply node identifier optimization (envoyproxy#7876)
Omit the node identifier from subsequent discovery requests on the same stream. Restricted to non-incremental xDS for tractability. Risk Level: low, affects xDS protocol but guarded by an option Testing: Unit/integration tests are updated Docs Changes: xDS spec clarification Release Notes: omit the node identifier from subsequent discovery requests Fixes: envoyproxy#7860 Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for 8e07e82 - Browse repository at this point
Copy the full SHA 8e07e82View commit details -
config: WatchMap: cleaner management of watches (envoyproxy#7108)
To be used with delta ADS. Could probably be used with the current GrpcMuxImpl. Has the SubscriptionCallbacks interface, so a GrpcMux can just directly pass onConfigUpdate() calls through to the WatchMap, which will then appropriately distribute the various resources to the various watches' SubscriptionCallbacks. envoyproxy#4991 Risk Level: none, not yet built into Envoy Testing: unit tests for the new class Signed-off-by: Fred Douglas <fredlas@google.com>
Configuration menu - View commit details
-
Copy full SHA for 128acb5 - Browse repository at this point
Copy the full SHA 128acb5View commit details
Commits on Aug 14, 2019
-
grpc access logger: refactor common gRPC ALS out (envoyproxy#7879)
Description: In preparation to implement TCP gRPC Access Logger. Risk Level: Low (refactoring only) Testing: CI Docs Changes: N/A Release Notes: N/A Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 261d443 - Browse repository at this point
Copy the full SHA 261d443View commit details -
lua: Allow to set header entry as table to httpCall and respond APIs (e…
…nvoyproxy#7851) Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 5852653 - Browse repository at this point
Copy the full SHA 5852653View commit details -
tools: add comprehensive coverage reporting to router check (envoypro…
…xy#7865) Signed-off-by: Derek Schaller <d_a_schaller@yahoo.com>
Configuration menu - View commit details
-
Copy full SHA for 71a679d - Browse repository at this point
Copy the full SHA 71a679dView commit details -
grpc-json transcoder: add integration test (envoyproxy#7703)
Signed-off-by: Xuyang Tao <taoxuy@google.com>
Configuration menu - View commit details
-
Copy full SHA for 8747862 - Browse repository at this point
Copy the full SHA 8747862View commit details -
config: fully validating terminal filter ordering for L4 (envoyproxy#…
…7904) Signed-off-by: Alyssa Wilk <alyssar@google.com>
Configuration menu - View commit details
-
Copy full SHA for b2719f6 - Browse repository at this point
Copy the full SHA b2719f6View commit details -
coverage: publish report to GCS (envoyproxy#7909)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 4d2ca4d - Browse repository at this point
Copy the full SHA 4d2ca4dView commit details -
cleanup: conn_manager.cc err message word fix (envoyproxy#7901)
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
Configuration menu - View commit details
-
Copy full SHA for e1d713e - Browse repository at this point
Copy the full SHA e1d713eView commit details -
use new buffers by default (envoyproxy#7883)
Signed-off-by: Cynthia Coan <ccoan@instructure.com>
Configuration menu - View commit details
-
Copy full SHA for 3dd84d3 - Browse repository at this point
Copy the full SHA 3dd84d3View commit details
Commits on Aug 15, 2019
-
upgrade yapf to the latest version (envoyproxy#7926)
Description: Upgrade yapf to the latest version. We'd like to reuse it in our local repo, and some of the newer versions contain fixes we need. This required reformatting all the files for their new rules. Happy to change any rules, as necessary. Risk Level: Low Testing: Ensure py format checks can still pass. Docs Changes: N/A Release Notes: N/A fixes envoyproxy#7389 Signed-off-by: Cynthia Coan <ccoan@instructure.com>
Configuration menu - View commit details
-
Copy full SHA for aff9caf - Browse repository at this point
Copy the full SHA aff9cafView commit details -
router: remote implicit case of lambda to bool (envoyproxy#7930)
Per envoyproxy#7736, we're inadvertently casting a lambda expression to bool. Fortunately, the code is attempting to pass true, so it works. Risk Level: low Testing: n/a Docs Changes: n/a Release Notes: n/a Fixes: envoyproxy#7736 Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5c9f1f0 - Browse repository at this point
Copy the full SHA 5c9f1f0View commit details -
add DNS SAN as principal (envoyproxy#7881)
Description: Adds support for DNS SAN as Principal in RBAC filter. Risk Level: Low Testing: Added automated tests Docs Changes: Updated Release Notes: Added Fixes envoyproxy#7836 Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for 882a306 - Browse repository at this point
Copy the full SHA 882a306View commit details -
fix misspelled words in client.py help message (envoyproxy#7933)
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
Configuration menu - View commit details
-
Copy full SHA for 15d5486 - Browse repository at this point
Copy the full SHA 15d5486View commit details -
LoadBalancer: Skip EdfScheduler creation in LoadBalancerBase if all h…
…ost weights are equal. (envoyproxy#7877) Only create EdfScheduler for round-robing and least-request load balancers if hosts have different weights. This reduces CPU usage during load balancer creation and memory usage in the common case where all hosts have the same weight. Signed-off-by: Antonio Vicente <avd@google.com>
Configuration menu - View commit details
-
Copy full SHA for b73e5e6 - Browse repository at this point
Copy the full SHA b73e5e6View commit details -
Make iterators const (envoyproxy#7924)
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 6ab3351 - Browse repository at this point
Copy the full SHA 6ab3351View commit details -
bazel: set strict action env (envoyproxy#7940)
We pass all environment variables we care about explicitly and should not pass any other not set variables. Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for d4186f2 - Browse repository at this point
Copy the full SHA d4186f2View commit details -
runtime: add static layer case to loader impl (envoyproxy#7932)
Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 4f0fc2d - Browse repository at this point
Copy the full SHA 4f0fc2dView commit details -
test: mock cleanup (envoyproxy#7922)
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for e64361b - Browse repository at this point
Copy the full SHA e64361bView commit details -
Redis cluster read replica (envoyproxy#7496)
Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 560d09f - Browse repository at this point
Copy the full SHA 560d09fView commit details
Commits on Aug 16, 2019
-
docs: 0 disables route timeout (envoyproxy#7931)
Calling out that it's possible to use the value 0 to disable route timeout (as it is for idle timeout). Signed-off-by: nmeessen <nmeessen@atlassian.com>
Configuration menu - View commit details
-
Copy full SHA for b9fe0b9 - Browse repository at this point
Copy the full SHA b9fe0b9View commit details -
redis: fix merge race (envoyproxy#7943)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 5a7bab7 - Browse repository at this point
Copy the full SHA 5a7bab7View commit details -
Dependency: Update rules_go, Go, Python, curl, bazel-toolchains, baze…
…lisk (envoyproxy#7934) Description: Update dependencies: - rules_go 0.19.2 ([release](https://github.com/bazelbuild/rules_go/releases/tag/0.19.2)), [0.19.0 release notes](https://github.com/bazelbuild/rules_go/releases/tag/0.19.0). The big change is that `org_golang_google_grpc` is no longer declared in `go_rules_dependencies`. In order for the API to build, changes to `WORKSPACE` outlined [here](https://github.com/bazelbuild/rules_go/blob/0.19.0/go/workspace.rst#grpc-dependencies) are required. This pollutes `WORKSPACE` with some dependencies. Open on ways to improve this. - Go 1.12.8 (to match rules_go) - various Python updates - curl 7.65.3 ([changelog](https://curl.haxx.se/changes.html#7_65_3)) - bazel-toolchains switches to 0.28.5 release and address @lizan TODO ([changes](bazelbuild/bazel-toolchains@5a8611e...0.28.5)) - bazelisk 1.0 ([release notes](https://github.com/bazelbuild/bazelisk/releases/tag/v1.0)) Risk Level: Low Testing: `./docs/build.sh`, `bazel build @envoy_api//envoy/...`, `bazel test //test/...` Docs Changes: None required Release Notes: None required Signed-off-by: Michael Payne <michael@sooper.org>
Configuration menu - View commit details
-
Copy full SHA for cb15cc3 - Browse repository at this point
Copy the full SHA cb15cc3View commit details -
network: Conns with the same local/remote address are local (envoypro…
…xy#7840) Signed-off-by: Andrew Jenkins <andrew@volunteers.acasi.org>
Configuration menu - View commit details
-
Copy full SHA for 1c27f54 - Browse repository at this point
Copy the full SHA 1c27f54View commit details -
cleanup: fix words in assertion message. (envoyproxy#7950)
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
Configuration menu - View commit details
-
Copy full SHA for 817b2e3 - Browse repository at this point
Copy the full SHA 817b2e3View commit details
Commits on Aug 19, 2019
-
config: distinct CLI options for strict/permissive checking of static…
…/dynamic config. (envoyproxy#7857) As per envoyproxy#6651, this PR plumbs in CLI options to allow independent control over static/dynamic unknown field validation. The defaults are the same for static as today (strict) and for dynamic we are by default permissive. This permits easy rollout of new API minor versions, including those related to security fixes. Fixes a regression that occurred in envoyproxy#7200 where strict/permissive checking CLI options were inverted. As per envoyproxy#6818, added stats/warning for any unknown fields encountered. Risk level: Low (strictly more permissive by default) Testing: additional unit and integration tests added, exercising both permissive/strict checking over various parts of the API (bootstrap, listeners, clusters, xDS, network filters, etc). Fixes envoyproxy#6651 Fixed envoyproxy#6818 Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 0418a85 - Browse repository at this point
Copy the full SHA 0418a85View commit details -
tls: update BoringSSL to 265728de (3865). (envoyproxy#7952)
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6858df7 - Browse repository at this point
Copy the full SHA 6858df7View commit details -
test: fix data races in FakeStream. (envoyproxy#7929)
Fixes envoyproxy#7927. Risk Level: low (test only) Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 869981f - Browse repository at this point
Copy the full SHA 869981fView commit details -
filter: add conditions to access control filter (envoyproxy#7716)
Introduces a generic expression-based admission filter using https://github.com/google/cel-cpp. This is a follow-up to discussion in envoyproxy#6751. The advantage of this approach is: 1. Un-opinionated about the policy structure since the only config is an expression. This is friendly towards control planes which can bear the complexity of translation, analysis, and evolution of policies. 2. Multi-language, CEL supports go, java, and c++ runtimes. 3. Inter-operability with other filters using request `metadata`. Companion filters can populate metadata about requests and resources that affect policy decisions. 4. Generic utility, it can be used for custom metric labels, access log entries, etc. The dis-advantage of this approach is that its performance is lower than domain-optimized interpreters. On a fair example, the interpreter evaluates in around 1ms (see https://github.com/google/cel-cpp/blob/master/eval/tests/benchmark_test.cc#L591) vs ~150ns for hand-written C++ native code. There is space for improvement (especially if WASM can be used as a compilation target), but ultimately the generic expression form carries a cost. Conditions are added to support RBAC filter for complementing the existing principal/permission model. They add support for the extended checks (e.g. time of query, resource-bound), but add no cost unless used. Description: add expression-based admission filter Risk Level: low Testing: Docs Changes: Release Notes: Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for f90e1b0 - Browse repository at this point
Copy the full SHA f90e1b0View commit details
Commits on Aug 20, 2019
-
ext_authz: add metadata_context to ext_authz filter (envoyproxy#7818)
This adds the ability to specify dynamic metadata (by namespace) to send with the ext_authz check request. This allows one filter to specify information that can be then used in evaluating an authorization decision. Risk Level: Medium. Optional feature/extension of existing filter Testing: Unit testing Docs Changes: Inline in attribute_context.proto and ext_authz.proto Fixes envoyproxy#7699 Signed-off-by: Ben Plotnick <plotnick@yelp.com>
Configuration menu - View commit details
-
Copy full SHA for d2e2cd6 - Browse repository at this point
Copy the full SHA d2e2cd6View commit details -
fuzz: codec impl timeout fix + speed ups (envoyproxy#7963)
Some speed-ups and validations for codec impl fuzz test: * validate actions aren't empty (another approach would be to scrub / clean these) * limit actions to 1024 * require oneofs Fixes OSS-Fuzz Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16481 Testing: local asan/libfuzzer exec/sec go from 25 to 50 Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 5aede46 - Browse repository at this point
Copy the full SHA 5aede46View commit details -
docs: more detail about tracking down deprecated features (envoyproxy…
…#7972) Risk Level: n/a (docs only) Testing: n/a Docs Changes: yes Release Notes: no envoyproxy#7945 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for c6b190b - Browse repository at this point
Copy the full SHA c6b190bView commit details -
Fix the alignement in optval of setsockopt when compiled with libc++. (…
…envoyproxy#7958) Description: libc++ std::string may inline the data which results the memory is not aligned to `void*`. Use vector instead to store the optval. Detected by UBSAN with libc++ config. Preparation for envoyproxy#4251 Risk Level: Low Testing: unittest locally Docs Changes: N/A Release Notes: N/A Fixes envoyproxy#7968 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 9421bdd - Browse repository at this point
Copy the full SHA 9421bddView commit details
Commits on Aug 21, 2019
-
security: some intra-entity and 3rd party embargo clarifications. (en…
…voyproxy#7977) * security: some intra-entity and 3rd party embargo clarifications. These came up in the last set of CVEs. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for c505077 - Browse repository at this point
Copy the full SHA c505077View commit details -
protobuf: IWYU (envoyproxy#7989)
Include What You Use fix for source/common/protobuf/message_validator_impl.h. Signed-off-by: Andres Guedez <aguedez@google.com>
Configuration menu - View commit details
-
Copy full SHA for 7eed733 - Browse repository at this point
Copy the full SHA 7eed733View commit details -
api: add name into filter chain (envoyproxy#7966)
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for f04dccb - Browse repository at this point
Copy the full SHA f04dccbView commit details -
rds: validate config in depth before update config dump (envoyproxy#7956
) Route config need deep validation for virtual host duplication check, regex check, per filter config validation etc, which PGV wasn't enough. Risk Level: Low Testing: regression test Docs Changes: N/A Release Notes: N/A Fixes envoyproxy#7939 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 5d42b9b - Browse repository at this point
Copy the full SHA 5d42b9bView commit details -
tls: maintain a free slot index set in TLS InstanceImpl to allocate i…
…n O(1… (envoyproxy#7979) Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 87c38e1 - Browse repository at this point
Copy the full SHA 87c38e1View commit details -
redis: handle invalid ip address from cluster slots and added tests (e…
…nvoyproxy#7984) Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 09466b5 - Browse repository at this point
Copy the full SHA 09466b5View commit details -
protobuf: report field numbers for unknown fields. (envoyproxy#7978)
Since binary proto won't have field names, report at least the field numbers, as per https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.unknown_field_set#UnknownField. Also fix minor typo encountered while doing this work. Risk level: Low Testing: Unit tests added/updated. Fixes envoyproxy#7937 Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6ab225d - Browse repository at this point
Copy the full SHA 6ab225dView commit details -
Content in envoy docs does not cover whole page (envoyproxy#7993)
Signed-off-by: Manish Kumar <manishjpiet@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 4549d12 - Browse repository at this point
Copy the full SHA 4549d12View commit details -
stats: Add option to switch between fake and real symbol-tables on th…
…e command-line. (envoyproxy#7882) * Add option to switch between fake and real symbol-tables on the command-line. Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 719245f - Browse repository at this point
Copy the full SHA 719245fView commit details
Commits on Aug 22, 2019
-
api config: add build rules for go protos (envoyproxy#7987)
Some BUILD files are missing build rules to generate go protos. envoyproxy/go-control-plane depends on these protos, so they should be exposed publicly. Added build rules to generate *.pb.go files. Risk Level: Low Testing: These rules were copied to google3 and tested internally. Unfortunately, I am having a bit of trouble with bazel build directly on these targets ("Package is considered deleted due to --deleted_packages"). Please let me know if there is a better way to test this change. Signed-off-by: Teju Nareddy <nareddyt@google.com>
Configuration menu - View commit details
-
Copy full SHA for c7110f8 - Browse repository at this point
Copy the full SHA c7110f8View commit details -
test: don't use <experimental/filesystem> on macOS. (envoyproxy#8000)
Xcode 11 requires at least macOS 10.15 (upcoming) in order to use either <experimental/filesystem> or C++17 <filesystem>. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Configuration menu - View commit details
-
Copy full SHA for 7267542 - Browse repository at this point
Copy the full SHA 7267542View commit details -
event: adding the capability of creating an alarm with a given scope (…
…envoyproxy#7920) Precursor to envoyproxy#7782 Adding scope tracking functionality to the basic alarm functions. Risk Level: Medium (should be a no-op but is a large enough refactor) Testing: new unit tests Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for ffeffd7 - Browse repository at this point
Copy the full SHA ffeffd7View commit details -
ext authz: add dns san support for ext authz service (envoyproxy#7948)
Adds support for DNS SAN in ext authz peer validation Risk Level: Low Testing: Added Docs Changes: Added Release Notes: N/A Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for d4dc0a5 - Browse repository at this point
Copy the full SHA d4dc0a5View commit details -
accesslog: don't open log file with read flag (envoyproxy#7998)
Description: File access log shouldn't need read access for a file. Risk Level: Low Testing: local in mac, CI Docs Changes: Release Notes: Fixes envoyproxy#7997 Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for e1ecb02 - Browse repository at this point
Copy the full SHA e1ecb02View commit details -
protobuf: towards unifying PGV, deprecated and unknown field validati…
…on. (envoyproxy#8002) This is part of envoyproxy#7980; basically, we want to leverage the recursive pass that already exists for the deprecated check. This PR does not implement the recursive behavior yet for unknown fields though, because there is a ton of churn, so this PR just has the mechanical bits. We switch plumbing of validation visitor into places such as anyConvert() and instead pass this to MessageUtil::validate. There are a bunch of future followups planned in additional PRs: * Combine the recursive pass for unknown/deprecated check in MessageUtil::validate(). * Add mitigation for envoyproxy#5965 by copying to a temporary before recursive expansion. * [Future] consider moving deprecated reporting into a message validation visitor handler. Risk level: Low Testing: Some new //test/common/protobuf::utility_test unit test. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 43c4acd - Browse repository at this point
Copy the full SHA 43c4acdView commit details -
http: forwarding x-forwarded-proto from trusted proxies (envoyproxy#7995
) Trusting the x-forwarded-proto header from trusted proxies. If Envoy is operating as an edge proxy but has a trusted hop in front, the trusted proxy should be allowed to set x-forwarded-proto and its x-forwarded-proto should be preserved. Guarded by envoy.reloadable_features.trusted_forwarded_proto, default on. Risk Level: Medium (L7 header changes) but guarded Testing: new unit tests Docs Changes: n/a Release Notes: inline Fixes envoyproxy#4496 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for b2da45a - Browse repository at this point
Copy the full SHA b2da45aView commit details -
build: adding an option to hard-fail when deprecated config is used. (e…
…nvoyproxy#7962) Adding a build option to default all deprecated protos off, and using it on the debug build. Risk Level: Low Testing: new UT Docs Changes: inline Release Notes: n/a Fixes envoyproxy#7548 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for f12adac - Browse repository at this point
Copy the full SHA f12adacView commit details -
envoy_cc_library: add export of foo_with_external_headers (envoyproxy…
…#8005) Add a parallel native.cc_library to envoy_cc_library for external projects that consume Envoy's libraries. This allows the consuming project to disambiguate overlapping include paths when repository overlaying is used, as it can now include envoy headers via external/envoy/... Risk Level: Low Testing: N/A Signed-off-by: Otto van der Schaaf <oschaaf@we-amp.com>
Configuration menu - View commit details
-
Copy full SHA for 797d58f - Browse repository at this point
Copy the full SHA 797d58fView commit details -
ci: add fuzz test targets to ci (envoyproxy#7949)
Builds fuzz targets with asan+libfuzzer and runs them against their corpora. Our native bazel builds work, this PR integrates the asan+libfuzzer builds in to CI. The fuzz target binaries will be in your envoy docker build directory. Invoke with the following for all fuzz targets, or a specified one. ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.fuzz' ./ci/run_envoy_docker.sh './ci/do_ci.sh bazel.fuzz //test/common/common:utility_fuzz_test' Risk level: low Signed-off-by: Asra Ali asraa@google.com Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 57d48a3 - Browse repository at this point
Copy the full SHA 57d48a3View commit details -
tls: support BoringSSL private key async functionality (envoyproxy#6326)
This PR adds BoringSSL private key API abstraction, as discussed in envoyproxy#6248. All comments and discussion is welcomed to get the API sufficient for most private key API tasks. The PR contains the proposed API and the way how it can be used from ssl_socket.h. Also there is some code showing how the PrivateKeyMethodProvider is coming from TLS certificate config. Two example private key method providers are included in the tests. Description: tls: support BoringSSL private key async functionality Risk Level: medium Testing: two basic private key provider implementation Docs Changes: TLS arch doc, cert.proto doc Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com>
Configuration menu - View commit details
-
Copy full SHA for 9a3a234 - Browse repository at this point
Copy the full SHA 9a3a234View commit details -
use SymbolTableCreator rather than fakes in a few stray places. (envo…
…yproxy#8006) stats: use SymbolTableCreator rather than fakes in a few stray places. (envoyproxy#8006) Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for b44a00b - Browse repository at this point
Copy the full SHA b44a00bView commit details -
[router] Add SRDS configUpdate impl (envoyproxy#7451)
This PR contains changes on the xRDS side for SRDS impl, cribbed from http://go/gh/stevenzzzz/pull/8/files#diff-2071ab0887162eac1fd177e89d83175a * Add onConfigUpdate impl for SRDS subscription * Remove scoped_config_manager as it's not used now. * Move ScopedConfigInfo to scoped_config_impl.h/cc * Add a hash to scopeKey and scopeKeyFragment, so we can look up scopekey by hash value in constant time when SRDS has many scopes. * Add a initManager parameter to RDS createRdsRouteConfigProvider API interface, when creating RouteConfigProvider after listener/server warmed up, we need to specify a different initManager than the one from factoryContext to avoid an assertion failure. see related:envoyproxy#7617 This PR only latches a SRDS provider into the connection manager, the "conn manager using SRDS to make route decision" plus integration tests will be covered in a following PR. Risk Level: LOW [not fully implemented]. Testing: unit tests Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 69f805c - Browse repository at this point
Copy the full SHA 69f805cView commit details
Commits on Aug 23, 2019
-
Fix version history (envoyproxy#8021)
Follow-up for envoyproxy#7995. Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 225ad90 - Browse repository at this point
Copy the full SHA 225ad90View commit details -
tools: sync tool for envoyproxy/assignable team. (envoyproxy#8015)
Bulk update of team to match envoyproxy organization. While at it, cleaned up some venv stuff in shell_utils.sh. Risk level: Low Testing: Synced 157 members from envoyproxy to envoyproxy/assignable. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 7f97060 - Browse repository at this point
Copy the full SHA 7f97060View commit details -
redis: fix onHostHealthUpdate got called before the cluster is resolv…
…ed. (envoyproxy#8018) Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for faad477 - Browse repository at this point
Copy the full SHA faad477View commit details -
api/build: migrate UDPA proto tree to external cncf/udpa repository. (e…
…nvoyproxy#8017) This is a one-time movement of all UDPA content from envoyproxy/envoy to cncf/udpa. The permanent home of UDPA will be https://github.com/cncf/udpa. Risk level: Low Testing: Added UDPA service entry to build_test. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for e67923f - Browse repository at this point
Copy the full SHA e67923fView commit details -
http: tracking active session under L7 timers (envoyproxy#7782)
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for e958cf9 - Browse repository at this point
Copy the full SHA e958cf9View commit details -
upstream: remove thread local cluster after triggering call backs (en…
…voyproxy#8004) Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for 73c2b64 - Browse repository at this point
Copy the full SHA 73c2b64View commit details -
upstream: Introducing close_connections_on_host_set_change property (e…
…nvoyproxy#7675) Signed-off-by: Kateryna Nezdolii <nezdolik@spotify.com>
Configuration menu - View commit details
-
Copy full SHA for 07e3e28 - Browse repository at this point
Copy the full SHA 07e3e28View commit details -
upstream: delete stale TODO (envoyproxy#8028)
This was fixed in envoyproxy#7877 Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for dbb11fd - Browse repository at this point
Copy the full SHA dbb11fdView commit details -
Enhance comment about MonotonicTime (envoyproxy#8011)
Depending on the execution environment in which envoy is being run, it is possible that some of the assumption on the clock are maybe not holding as previously commented. With some sandboxing technologies the clock does not reference the machine boot time but the sandbox boot time. This invalidates the assumtpion that the first update in the cluster_manager will most likely fall out of the windows and ends up showing a non intuitive behavior difficult to catch. This PR simply adds a comment that will allow the reader to consider this option while reading to the code. Signed-off-by: Flavio Crisciani <f.crisciani@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 640b5a4 - Browse repository at this point
Copy the full SHA 640b5a4View commit details -
build: some missing dep fixups for Google import. (envoyproxy#8026)
Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for fd19af8 - Browse repository at this point
Copy the full SHA fd19af8View commit details -
introduce safe regex matcher based on re2 engine (envoyproxy#7878)
The libstdc++ std::regex implementation is not safe in all cases for user provided input. This change deprecates the used of std::regex in all user facing paths and introduces a new safe regex matcher with an explicitly configurable engine, right now limited to Google's re2 regex engine. This is not a drop in replacement for std::regex as all language features are not supported. As such we will go through a deprecation period for the old regex engine. Fixes envoyproxy#7728 Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for eff0201 - Browse repository at this point
Copy the full SHA eff0201View commit details -
docs: reorganize configuration tree (envoyproxy#8027)
This is similar to what I did for the arch overview a while ago as this section is also getting out of control. Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 25e3e86 - Browse repository at this point
Copy the full SHA 25e3e86View commit details -
build: missing regex include. (envoyproxy#8032)
Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 903351f - Browse repository at this point
Copy the full SHA 903351fView commit details
Commits on Aug 25, 2019
-
[headermap] speedup for appending data (envoyproxy#8029)
For debug builds, performance testing and fuzzers reveal that when appending to a header, we scan both the existing value and the data to append for invalid characters. This PR moves the validation check to just the data that is appended, to avoid hangups on re-scanning long header values multiple times. Testing: Added corpus entry that reveals time spent in validHeaderString Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6ff0bce - Browse repository at this point
Copy the full SHA 6ff0bceView commit details -
eds: avoid send too many ClusterLoadAssignment requests (envoyproxy#7976
) During initializing secondary clusters, for each initialized cluster, a ClusterLoadAssignment request is sent to istio pilot with the cluster's name appended into request's resource_names list. With a huge number of clusters(e.g 10k clusters), this behavior slows down Envoy's initialization and consumes ton of memory. This change pauses ADS mux for ClusterLoadAssignment to avoid that. Risk Level: Medium Testing: tiny change, no test case added Fixes envoyproxy#7955 Signed-off-by: lhuang8 <lhuang8@ebay.com>
Configuration menu - View commit details
-
Copy full SHA for 4d78ff5 - Browse repository at this point
Copy the full SHA 4d78ff5View commit details
Commits on Aug 26, 2019
-
Set the bazel verison to 0.28.1 explicitly (envoyproxy#8037)
In theopenlab/openlab-zuul-jobs#622 , the OpenLab add the ability to set the bazel to specific version explicitly. This patch add the bazel role for the envoy job. Signed-off-by: Yikun Jiang <yikunkero@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for b0aca30 - Browse repository at this point
Copy the full SHA b0aca30View commit details -
Read_policy is not set correctly. (envoyproxy#8034)
Add more integration test and additional checks in the unit tests. Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for fc32b64 - Browse repository at this point
Copy the full SHA fc32b64View commit details -
admin: fix /server_info hot restart version (envoyproxy#8022)
Signed-off-by: Matt Klein <mklein@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 5c2b34b - Browse repository at this point
Copy the full SHA 5c2b34bView commit details -
test: adding debug hints for integration test config failures (envoyp…
…roxy#8038) Risk Level: n/a (test only) Testing: manual Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for fdd0e01 - Browse repository at this point
Copy the full SHA fdd0e01View commit details -
udp_listener: refactor ActiveUdpListener creation (envoyproxy#7884)
Signed-off-by: Dan Zhang <danzh@google.com>
Configuration menu - View commit details
-
Copy full SHA for d39bd81 - Browse repository at this point
Copy the full SHA d39bd81View commit details -
accesslog: implement TCP gRPC access logger (envoyproxy#7941)
Description: Initial implementation for TCP gRPC access logger. Risk Level: Low (extension only) Testing: integration test Docs Changes: Added Release Notes: Added Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 8bdebbf - Browse repository at this point
Copy the full SHA 8bdebbfView commit details
Commits on Aug 27, 2019
-
tracing: add OpenCensus agent exporter support to OpenCensus driver. (e…
…nvoyproxy#8023) Signed-off-by: Emil Mikulic <g-easy@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 816d6f1 - Browse repository at this point
Copy the full SHA 816d6f1View commit details -
Exporting platform_impl_lib headers (envoyproxy#8045)
This allows consuming projects using repository overlaying to disambiguate overlapping include paths when it comes to platform_impl.h by going through envoy/external/... Addendum to envoyproxy#8005 Risk Level: Low Testing: N/A Signed-off-by: Otto van der Schaaf <oschaaf@we-amp.com>
Configuration menu - View commit details
-
Copy full SHA for e1cd4cc - Browse repository at this point
Copy the full SHA e1cd4ccView commit details -
access_log: minimal log file error handling (envoyproxy#7938)
Rather than ASSERT for a reasonably common error condition (e.g. disk full) record a stat that indicates log file writing failed. Also fixes a test race condition. Risk Level: low Testing: added stats checks Docs Changes: documented new stat Release Notes: updated Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 854e800 - Browse repository at this point
Copy the full SHA 854e800View commit details -
tracing: add grpc-status and grpc-message to spans (envoyproxy#7996)
Signed-off-by: Caleb Gilmour <caleb.gilmour@datadoghq.com>
Configuration menu - View commit details
-
Copy full SHA for 1fc6c6e - Browse repository at this point
Copy the full SHA 1fc6c6eView commit details -
fuzz: add bounds to statsh flush interval (envoyproxy#8043)
Add PGV bounds to the stats flush interval (greater than 1ms and less than 5000ms) to prevent Envoy from hanging from too small of a flush time. Risk Level: Low Testing: Corpus Entry added Fixes OSS-Fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16300 Signed-off-by: Asra Ali <asraa@google.com>
Configuration menu - View commit details
-
Copy full SHA for 0a3fc6a - Browse repository at this point
Copy the full SHA 0a3fc6aView commit details -
Improve tools/stack_decode.py (envoyproxy#8041)
Adjust tools/stack_decode.py to more obviously be Python 2 (not 3), and to work on stack traces that don't include the symbol names. Risk Level: Low Testing: Manually tested on a stack trace that one of our users sent us Signed-off-by: Luke Shumaker <lukeshu@datawire.io>
Configuration menu - View commit details
-
Copy full SHA for 44634d8 - Browse repository at this point
Copy the full SHA 44634d8View commit details -
build: tell googletest to use absl stacktrace (envoyproxy#8047)
Description: https://github.com/google/googletest/blob/d7003576dd133856432e2e07340f45926242cc3a/BUILD.bazel#L42 Risk Level: Low (test only) Testing: CI Docs Changes: Release Notes: Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 0006efc - Browse repository at this point
Copy the full SHA 0006efcView commit details -
Update references to local scripts to enable using build container fo…
…r filter repos (envoyproxy#7907) Description: This change enables using run_envoy_docker.sh to build envoy-filter-example Risk Level: Low Testing: Manually tested building envoy-filter-example using: envoy/ci/run_envoy_docker.sh './ci/do_ci.sh build' Docs Changes: N/A Release Notes: N/A Signed-off-by: Santosh Kumar Cheler <scheler@arubanetworks.com>
Configuration menu - View commit details
-
Copy full SHA for 6dd0ee1 - Browse repository at this point
Copy the full SHA 6dd0ee1View commit details -
bazel: patch gRPC to fix Envoy builds with glibc v2.30 (envoyproxy#7971)
Description: the latest glibc (v2.30) declares its own `gettid()` function (see [0]) and this creates a naming conflict in gRPC which has a function with the same name. Apply to gRPC [a patch](grpc/grpc#18950) which renames `gettid()` to `sys_gettid()`. [0] https://sourceware.org/git/?p=glibc.git;a=commit;h=1d0fc213824eaa2a8f8c4385daaa698ee8fb7c92 Risk Level: low Testing: unit tests Docs Changes: n/a Release Notes: n/a Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
Configuration menu - View commit details
-
Copy full SHA for d99e7f6 - Browse repository at this point
Copy the full SHA d99e7f6View commit details
Commits on Aug 28, 2019
-
build: link C++ stdlib dynamically in sanitizer runs (envoyproxy#8019)
Description: Sanitizers doesn't support static link, reverts envoyproxy#7929 and link lib(std)c++ dynamically in sanitizer runs. Addresses test issue for envoyproxy#4251. Added workaround in ASAN for envoyproxy#7647. Risk Level: Low (test only) Testing: CI, local libc++ runs Docs Changes: N/A Release Notes: N/A Fixes envoyproxy#7928
Configuration menu - View commit details
-
Copy full SHA for e674640 - Browse repository at this point
Copy the full SHA e674640View commit details -
test: cleaning up test runtime (envoyproxy#8012)
Using the new runtime utility to clean up a bunch of test gorp. Yay utils! Risk Level: n/a (test only) Testing: tests pass Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for b020b63 - Browse repository at this point
Copy the full SHA b020b63View commit details -
test: improved coverage and handling of deprecated config (envoyprox…
…y#8057) Making ENVOY_DISABLE_DEPRECATED_FEATURES work for unit tests without runtime configured. Fixing up a handful of unit tests to remove legacy code or use the handy DEPRECATED_FEATURE_TEST macro Adding back coverage of cors.enabled() and redis.catch_all_route() Risk Level: Low (test only) Testing: new unit tests Docs Changes: n/a Release Notes: n/a Fixes envoyproxy#8013 Fixes envoyproxy#7548 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for 64243c9 - Browse repository at this point
Copy the full SHA 64243c9View commit details -
[Docs typo] Remote Executioon -> Remote Execution (envoyproxy#8061)
Fixes mispelling of `Executioon` -> `Execution` Signed-off-by: Colin Schoen <schoen@yelp.com>
Configuration menu - View commit details
-
Copy full SHA for f8e42ae - Browse repository at this point
Copy the full SHA f8e42aeView commit details -
api: Fix duplicate java_outer_classname declarations (envoyproxy#8059)
The java_outer_classname is unintentionally duplicated in the new udp_listener_config and regex proto files. This changes them to unique names that match the predominant naming scheme. Signed-off-by: Bryce Anderson <banderson@twitter.com>
Configuration menu - View commit details
-
Copy full SHA for f80188e - Browse repository at this point
Copy the full SHA f80188eView commit details -
http: making the behavior of the response Server header configurable (e…
…nvoyproxy#8014) Default behavior remains unchanged, but now Envoy can override, override iff there's no server header from upstream, or always leave the server header (or lack thereof) unmodified. Risk Level: low (config guarded change) Testing: new unit tests Docs Changes: n/a Release Notes: inline Fixes envoyproxy#6716 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for b8966cb - Browse repository at this point
Copy the full SHA b8966cbView commit details -
use bazelversion for filter-example too (envoyproxy#8069)
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for f588da0 - Browse repository at this point
Copy the full SHA f588da0View commit details -
grpc-httpjson-transcode: Update for RFC2045 support (envoyproxy#8065)
RFC2045 (MIME) Base64 decoding support has been fixed upstream Description: The grpc transcoding filter has been updated to support RFC2045 (MIME) based inputs for protobuf type "Bytes". This is important since Base64 is often using the RFC2045 format for inputs. Also see: grpc-ecosystem/grpc-httpjson-transcoding#34 Risk Level: Low Testing: Integration / Manual Tests Docs Changes: N/A Release Notes: N/A Signed-off-by: Hans Viken Duedal <hans.duedal@visma.com>
Configuration menu - View commit details
-
Copy full SHA for c2e8eda - Browse repository at this point
Copy the full SHA c2e8edaView commit details -
stats: Clean up all calls to Scope::counter() et al in production cod…
…e. (envoyproxy#7842) * Convert a few more counter() references to use the StatName interface. Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 5e45d48 - Browse repository at this point
Copy the full SHA 5e45d48View commit details
Commits on Aug 29, 2019
-
tls_inspector: inline the recv in the onAccept (envoyproxy#7951)
Description: As discussed in envoyproxy#7864 this PR is the attempt to peek the socket at the invoke of onAccept. Usually client_hello packet should be in the buffer when tls_inspector is peeking, we could save a poll cycle for this connection. Once we agree on the solution I can apply to http_inspector as well. The expecting latency improvement especially when poll cycle is large. Benchmark: Env: hardware Intel(R) Xeon(R) CPU @ 2.20GHz envoy: concurrency = 1, tls_inspector as listener filter. One tls filter chain, and one plain text filter chain. load background: a [sniper](https://github.com/lubia/sniper) client with concurrency = 5 hitting the server with tls handshake, aiming to hit using the tls_filter chain. The qps is about 170/s Another load client hitting the plain text filter chain but would go through tls_inspector with concurrency = 1 This PR: TransactionTime: 10.3 - 11.0 ms(mean) Master TransactionTime: 12.3 - 12.8 ms(mean) Risk Level: Med (ActiveSocket code is affected to adopt the side effect of onAccept) Testing: Docs Changes: Release Notes: Fixes envoyproxy#7864 Signed-off-by: Yuchen Dai <silentdai@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 7f060b6 - Browse repository at this point
Copy the full SHA 7f060b6View commit details -
Fixes gcc 8.3.1 build failure due to FilterChainBenchmarkFixture::Set…
…Up hiding base-class virtual functions (envoyproxy#8071) Description: I'm seeing "bazel-out/k8-fastbuild/bin/external/com_github_google_benchmark/_virtual_includes/benchmark/benchmark/benchmark.h:1071:16: error: 'virtual void benchmark::Fixture::SetUp(benchmark::State&)' was hidden" when running tests. This resolves the issue with hiding of the base-class functions. Risk Level: low Testing: Docs Changes: Release Notes: Signed-off-by: Dmitri Dolguikh <ddolguik@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 0fde42e - Browse repository at this point
Copy the full SHA 0fde42eView commit details -
test: fix ups for various deprecated fields (envoyproxy#8068)
Takeaways: we've lost the ability to do empty regex (which was covered in router tests and is proto constraint validated on the new safe regex) as well as negative lookahead (also covered in tests) along with a host of other things conveniently documented as not supported here: https://github.com/google/re2/wiki/Syntax Otherwise split up a bunch of tests, duplicated and tagged a bunch of tests, and cleaning up after we finally can remove deprecated fields again will be an order of magnitude easier. Also fixing a dup relnote from envoyproxy#8014 Risk Level: n/a (test only) Testing: yes. yes there is. Docs Changes: no Release Notes: no Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for 9ac491a - Browse repository at this point
Copy the full SHA 9ac491aView commit details -
include: add log dependency header to connection_handler.h (envoyprox…
…y#8072) Signed-off-by: Teju Nareddy <nareddyt@google.com>
Configuration menu - View commit details
-
Copy full SHA for 8556a75 - Browse repository at this point
Copy the full SHA 8556a75View commit details -
quiche: Update QUICHE dep (envoyproxy#8044)
Update QUICHE tar ball to 4abb566fbbc63df8fe7c1ac30b21632b9eb18d0c. Add some new impl's for newly added api. Risk Level: low Testing: using quiche build in tests. Part of envoyproxy#2557 Signed-off-by: Dan Zhang <danzh@google.com>
Configuration menu - View commit details
-
Copy full SHA for 4f2c5a4 - Browse repository at this point
Copy the full SHA 4f2c5a4View commit details -
tools: deprecated field check in Route Checker tool (envoyproxy#8058)
We need a way to run the deprecated field check on the RouteConfiguration. Today the schema check tool validates the bootstrap config. This change will help achieve similar functionality on routes served from rds. Risk Level: Low Testing: Manual testing Docs Changes: included Release Notes: included Signed-off-by: Jyoti Mahapatra <jmahapatra@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 29f199c - Browse repository at this point
Copy the full SHA 29f199cView commit details
Commits on Aug 30, 2019
-
tracing: Add support for sending data in Zipkin v2 format (envoyproxy…
…#6985) Description: This patch supports sending a list of spans as JSON v2 and protobuf message over HTTP to Zipkin collector. [Sending protobuf](https://github.com/openzipkin/zipkin-api/blob/0.2.1/zipkin.proto) is considered to be more efficient than JSON, even compared to the v2's JSON (openzipkin/zipkin#2589 (comment)). This is an effort to rework envoyproxy#6798. The approach is by serializing the v1 model to both v2 JSON and protobuf. Risk Level: Low, since the default is still HTTP-JSON v1 based on https://github.com/openzipkin/zipkin-api/blob/0.2.2/zipkin-api.yaml. Testing: Unit testing, manual integration test with real Zipkin collector server. Docs Changes: Added Release Notes: Added Fixes: envoyproxy#4839 Signed-off-by: Dhi Aurrahman <dio@tetrate.io> Signed-off-by: José Carlos Chávez <jcchavezs@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6c6e18e - Browse repository at this point
Copy the full SHA 6c6e18eView commit details -
Route Checker tool Fix code coverage bug in proto based schema (envoy…
…proxy#8101) Signed-off-by: Jyoti Mahapatra <jmahapatra@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 0b0aa3f - Browse repository at this point
Copy the full SHA 0b0aa3fView commit details -
[hcm] Add scoped RDS routing into HCM (envoyproxy#7762)
Description: add Scoped RDS routing logic into HCM. Changes include: * in ActiveStream constructor latch a ScopedConfig impl to the activeStream if SRDS is enabled * in the beginning of ActiveStream::decodeHeaders(headers, end_stream), get routeConfig from latched ScopedConfig impl. This PR is the 3rd in the srds impl PR chain: [envoyproxy#7704, envoyproxy#7451, this]. Risk Level: Medium Testing: unit test and integration tests. Release Notes: Add scoped RDS routing support into HCM. Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 7960564 - Browse repository at this point
Copy the full SHA 7960564View commit details -
owners: add @asraa and @lambdai to OWNERS. (envoyproxy#8110)
Configuration menu - View commit details
-
Copy full SHA for 678bf8c - Browse repository at this point
Copy the full SHA 678bf8cView commit details
Commits on Sep 2, 2019
-
protobuf: recursively validate unknown fields. (envoyproxy#8094)
This PR unifies the recursive traversal of deprecated fields with that of unknown fields. It doesn't deal with moving to a validator visitor model for deprecation; this would be a nice cleanup that we track at envoyproxy#8092. Risk level: Low Testing: New nested unknown field test added. Fixes envoyproxy#7980 Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for dad0f2e - Browse repository at this point
Copy the full SHA dad0f2eView commit details
Commits on Sep 3, 2019
-
This PR allows the envoy_cc_fuzz_test rule to be used when pulling in envoy. which can be useful when you're writing filters for envoy, and want to reuse the fuzzing architecture envoy has already built. other rules already allow for this (see envoy_cc_test in this same file for example). Risk Level: Low Testing: Testing the Old Rule Still Works It is possible to test the old rules still work (even without specifying a repository), by simply choosing your favorite fuzz test, and choosing to run bazel test on it. For example: bazel test //test/common/router:header_parser_fuzz_test. Any envoy_cc_fuzz_test rule should do. Testing New Rules Work I've done testing inside my own repository, but if you want to create your own test rule you can probably do the following in envoy-filter-example: Checkout envoy-filter-example, and update the envoy submodule to this pr. Follow the directions in: test/fuzz/README.md to define a envoy_cc_fuzz_test rule. Make sure to add a line for: repository = "@envoy" which is the new argument being added. You should be able to run the fuzz test. Signed-off-by: Cynthia Coan <ccoan@instructure.com>
Configuration menu - View commit details
-
Copy full SHA for 0eab93b - Browse repository at this point
Copy the full SHA 0eab93bView commit details -
Set INCLUDE_DIRECTORIES so libcurl can find local urlapi.h (envoyprox…
…y#8113) Fixes envoyproxy#8112 Signed-off-by: John Millikin <jmillikin@stripe.com>
Configuration menu - View commit details
-
Copy full SHA for 0b026cf - Browse repository at this point
Copy the full SHA 0b026cfView commit details -
cleanup: move test utility methods in ScopedRdsIntegrationTest to bas…
…e class HttpIntegrationTest (envoyproxy#8108) Fixes envoyproxy#8050 Risk Level: LOW [refactor only] Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 911f3b0 - Browse repository at this point
Copy the full SHA 911f3b0View commit details -
upstream: fix invalid access of ClusterMap iterator during warming cl…
…uster modification (envoyproxy#8106) Risk Level: Medium Testing: New unit test added. Fix verified via --config=asan. Signed-off-by: Andres Guedez <aguedez@google.com>
Configuration menu - View commit details
-
Copy full SHA for 1339ed2 - Browse repository at this point
Copy the full SHA 1339ed2View commit details -
api:Add a flag to disable overprovisioning in ClusterLoadAssignment (e…
…nvoyproxy#8080) * api:Add a flag to disable overprovisioning in ClusterLoadAssignment Signed-off-by: Jie Chen <jiechen@google.com> * api:Add [#next-major-version and [#not-implemented-hide to the comment for field of disable_overprovisioning in ClusterLoadAssignment Signed-off-by: Jie Chen <jiechen@google.com> * api:Refine comments for the new added bool flag as suggested. Signed-off-by: Jie Chen <jiechen@google.com>
Configuration menu - View commit details
-
Copy full SHA for b28edca - Browse repository at this point
Copy the full SHA b28edcaView commit details -
api: clone v2[alpha] to v3alpha. (envoyproxy#8125)
This patch establishes a v3alpha baseline API, by doing a simple copy of v2[alpha] dirs and some sed-style heuristic fixups of BUILD dependencies and proto package namespaces. The objective is provide a baseline which we can compare the output from tooling described in envoyproxy#8083 in later PRs, providing smaller visual diffs. The core philosophy of the API migration is that every step will be captured in a script (at least until the last manual steps), api/migration/v3alpha.sh. This script will capture deterministic migration steps, allowing v2[alpha] to continue to be updated until we finalize v3. There is likely to be significant changes, e.g. in addition to the work scoped for v3, we might want to reduce the amount of API churn by referring back to v2 protos where it makes sense. This will be done via tooling in later PRs. Part of envoyproxy#8083. Risk level: Low Testing: build @envoy_api//... Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 085d72b - Browse repository at this point
Copy the full SHA 085d72bView commit details -
dubbo: Fix heartbeat packet parsing error (envoyproxy#8103)
Description: The heartbeat packet may carry data, and it is treated as null data when processing the heartbeat packet, causing some data to remain in the buffer. Risk Level: low Testing: Existing unit test Docs Changes: N/A Release Notes: N/A Fixes envoyproxy#7970 Signed-off-by: tianqian.zyf <tianqian.zyf@alibaba-inc.com>
Configuration menu - View commit details
-
Copy full SHA for 0ef3137 - Browse repository at this point
Copy the full SHA 0ef3137View commit details -
stats: Shared cluster isolated stats (envoyproxy#8118)
* shared the main symbol-table with the isolated stats used for cluster info. Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for cf55298 - Browse repository at this point
Copy the full SHA cf55298View commit details -
protodoc: upgrade to Python 3. (envoyproxy#8129)
Risk level: Low Testing: Rebuilt docs, manual inspection of some example generated files. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 39a4423 - Browse repository at this point
Copy the full SHA 39a4423View commit details -
protodoc: single source-of-truth for doc protos. (envoyproxy#8132)
This avoids having to list new docs protos in both docs/build.sh and api/docs/BUILD. This technical debt cleanup is helpful in v3 proto work to simplify collecting proto artifacts from a Bazel aspect. Risk level: Low Testing: docs/build.sh, visual inspection of docs. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for b06e2b5 - Browse repository at this point
Copy the full SHA b06e2b5View commit details
Commits on Sep 4, 2019
-
api: organize go_proto_libraries (envoyproxy#8003)
Fixes envoyproxy#7982 Defines a package level proto library and its associated internal go_proto_library. Deletes all existing api_go_proto_library, api_go_grpc_library, and go_package annotations in protos (they are not required and pollute the sources). I deliberately avoided touching anything under udpa since it's being moved to another repository. Risk Level: low Testing: build completes Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for d504fde - Browse repository at this point
Copy the full SHA d504fdeView commit details -
api: straggler v2alpha1 -> v3alpha clone. (envoyproxy#8133)
These were missed in envoyproxy#8125. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 1b3b4ae - Browse repository at this point
Copy the full SHA 1b3b4aeView commit details -
docs: remove extraneous escape (envoyproxy#8150)
Old versions of bash (e.g. on macOS) don't handle ${P/:/\/} the same way as modern versions. In particular, the expanded parameter on macOS includes a backslash, causing subsequent use of the string as a filename to include a slash (/) instead of treating the slash as a directory separator. Both versions of bash accept ${P/://} as a way to substitute : with /. Verified that this change does not alter the generated docs when running under Linux. Risk Level: low Testing: generated docs under linux & macOS Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 2e6695b - Browse repository at this point
Copy the full SHA 2e6695bView commit details -
Do not 503 on Upgrade: h2c instead remove the header and ignore. (env…
…oyproxy#7981) Description: When a request comes in on http1 with "upgrade: h2c", the current behavior is to 503. Instead we should ignore the upgrade and remove the header and continue with the request as http1. Risk Level: Medium Testing: Unit test. Hand test with ithub.com/rdsubhas/java-istio client server locally. Docs Changes: N/A Release Notes: http1: ignore and remove Upgrade: h2c. Fixes istio/istio#16391 Signed-off-by: John Plevyak <jplevyak@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for f62a389 - Browse repository at this point
Copy the full SHA f62a389View commit details -
docs: add line on installing xcode for macOS build flow (envoyproxy#8139
) Because of rules_foreign_cc in bazelbuild, Envoy will not compile successfully when following the instructions in the build docs due to how the tools are referenced. One fix for this is installing Xcode from the App Store (see bazel-contrib/rules_foreign_cc#185). Risk Level: Low Testing: N/A (docs change) Docs Changes: see Description Release Notes: N/A Signed-off-by: Lisa Lu <lisalu@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 32590dc - Browse repository at this point
Copy the full SHA 32590dcView commit details -
docs: note which header expressions cannot be used for request headers (
envoyproxy#8138) As discussed in envoyproxy#8127, some custom header expressions evaluate as empty when used in request headers. Risk Level: low, docs only Testing: n/a Docs Changes: updated Release Notes: n/a Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for aeb5d69 - Browse repository at this point
Copy the full SHA aeb5d69View commit details -
api: use traffic_direction over operation_name if specified (envoypro…
…xy#7999) Use the listener-level field for the tracing direction over the per-filter field. Unfortunately, the per filter did not provide an "unspecified" default, so this appears to be the right approach to deprecate the per-filter field with minimal impact. Risk Level: low (uses a newly introduce field traffic_direction) Testing: unit test Docs Changes: proto docs Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for 4478c19 - Browse repository at this point
Copy the full SHA 4478c19View commit details
Commits on Sep 5, 2019
-
add more diagnostic logs (envoyproxy#8153)
Istio sets listener filter timeout to 10ms by default but requests fail from time to tome. It's very difficult to debug. Even though downstream_pre_cx_timeout_ is exposed to track the number of timeouts, it would be better to have some debug logs. Description: add more diagnostic logs Risk Level: low Signed-off-by: crazyxy <yxyan@google.com>
Configuration menu - View commit details
-
Copy full SHA for d11c7e7 - Browse repository at this point
Copy the full SHA d11c7e7View commit details -
http conn man: add tracing config for path length in tag (envoyproxy#…
…8095) This PR adds a configuration option for controlling the length of the request path that is included in the HttpUrl span tag. Currently, this length is hard-coded to 256. With this PR, that length will be configurable (defaulting to the old value). Risk Level: Low Testing: Unit Docs Changes: Inline with the API proto. Documented new field. Release Notes: Added in the PR. Related issue: istio/istio#14563 Signed-off-by: Douglas Reid <douglas-reid@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 277e717 - Browse repository at this point
Copy the full SHA 277e717View commit details -
cds: Add general-purpose LB policy configuration (envoyproxy#7744)
This PR adds fields to CDS that allow for general-purpose LB policy configuration. Risk Level: Low Testing: None (but if anything is needed, please let me know) Docs Changes: Inline with API protos Release Notes: N/A Signed-off-by: Mark D. Roth <roth@google.com>
Configuration menu - View commit details
-
Copy full SHA for d21d92c - Browse repository at this point
Copy the full SHA d21d92cView commit details -
thrift_proxy: fix crash on invalid transport/protocol (envoyproxy#8143)
Transport/protocol decoder errors that occur before the connection manager initializes an ActiveRPC to track the request caused a crash. Modifies the connection manager to handle this case, terminating the downstream the connection. Risk Level: low Testing: test case that triggers crash Docs Changes: n/a Release Notes: added Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 22e4827 - Browse repository at this point
Copy the full SHA 22e4827View commit details
Commits on Sep 6, 2019
-
api: strip gogoproto annotations (envoyproxy#8163)
Remove gogoproto annotations. They can be replaced with a custom gogoproto compiler (e.g. something like https://github.com/gogo/googleapis/tree/master/protoc-gen-gogogoogleapis). I have an experimental version of it to validate that it's possible to re-apply important annotations in the compiler. Risk Level: low Testing: builds Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for e7f0b71 - Browse repository at this point
Copy the full SHA e7f0b71View commit details -
hotrestart: remove dynamic_resources from server config used by hotre…
…start_test (envoyproxy#8162) In the server config file `test/config/integration/server.yaml` used by //test/integration:hotrestart_test, `dynamic_resources` includes `lds_config` and `cds_config` definitions, which use HTTP API to fetch config, but CDS and LDS service do not exist, so the initial fetch will be failed with a connection failure, then Envoy server continue startup. Envoy server shouldn't continue startup because connection failure, see issue envoyproxy#8046. For this test, `dynamic_resources` is not needed, this change clean it up. Signed-off-by: lhuang8 <lhuang8@ebay.com>
Configuration menu - View commit details
-
Copy full SHA for c6f0ee2 - Browse repository at this point
Copy the full SHA c6f0ee2View commit details -
clang-tidy: misc-unused-using-decls (envoyproxy#8159)
Description: clang-tidy check to flag unused using statements. There's a lot in test code that's just copy pasta, and it's hard to manually review whether it's being used, especially for things like using testing::_; Risk Level: low Testing: existing Docs Changes: N/A Release Notes: N/A Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 84ceadc - Browse repository at this point
Copy the full SHA 84ceadcView commit details -
build: curl with c-ares, nghttp2 and zlib (envoyproxy#8154)
Build curl dependency with async DNS resolver c-ares avoiding potential crashes due to longjmp on modern kernels. Add zlib and nghttp2. Use Envoy's version of all of the above libraries. Signed-off-by: Taras Roshko <troshko@netflix.com>
Configuration menu - View commit details
-
Copy full SHA for 5dc6f09 - Browse repository at this point
Copy the full SHA 5dc6f09View commit details -
log: add upstream TLS info (envoyproxy#7911)
Description: add upstream TLS info for logging purposes Refactor SSL connection info to be a shared pointer. Use read-only interface. Cache computed values in the SSL info object (this allows transition to remove the underlying SSL object if necessary). Risk Level: medium due to use of bssl::SSL to back ConnectionInfo Testing: unit Docs Changes: none Release Notes: add upstream TLS info Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for 838eb20 - Browse repository at this point
Copy the full SHA 838eb20View commit details -
fix windows implementation of PlatformImpl (envoyproxy#8169)
Add missing destructor to class declaration. Fix copy/paste errors. These errors were apparently introduced in e1cd4cc. Risk Level: Low Testing: Passed Windows testing locally Docs Changes: n/a Release Notes: n/a Signed-off-by: William Rowe wrowe@pivotal.io Signed-off-by: Yechiel Kalmenson <ykalmenson@pivotal.io>
Configuration menu - View commit details
-
Copy full SHA for cc03f79 - Browse repository at this point
Copy the full SHA cc03f79View commit details
Commits on Sep 7, 2019
-
Update Opencensus SHA (envoyproxy#8173)
Signed-off-by: Pengyuan Bian <bianpengyuan@google.com>
Configuration menu - View commit details
-
Copy full SHA for 451bfe8 - Browse repository at this point
Copy the full SHA 451bfe8View commit details -
Outlier Detection: use gRPC status code for detecting failures (envoy…
…proxy#7942) Signed-off-by: ZhouyihaiDing <ddyihai@google.com>
Configuration menu - View commit details
-
Copy full SHA for 6f273c2 - Browse repository at this point
Copy the full SHA 6f273c2View commit details
Commits on Sep 8, 2019
-
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 99e3c65 - Browse repository at this point
Copy the full SHA 99e3c65View commit details
Commits on Sep 9, 2019
-
docs: improving websocket docs (envoyproxy#8156)
Making it clear H2 websockets don't work by default Risk Level: n/a Testing: n/a Docs Changes: yes Release Notes: no envoyproxy#8147 Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Configuration menu - View commit details
-
Copy full SHA for ced130a - Browse repository at this point
Copy the full SHA ced130aView commit details -
Upstream WebAssembly VM and Null VM from envoyproxy/envoy-wasm. (envo…
…yproxy#8020) Description: Upstream from envoyproxy/envoy-wasm the WebAssembly VM support along with the Null VM support and tests. This is the first PR dealing with WebAssembly filter support in envoy. See https://github.com/envoyproxy/envoy-wasm/blob/master/WASM.md and https://github.com/envoyproxy/envoy-wasm/blob/master/docs/root/api-v2/config/wasm/wasm.rst for details. Risk Level: Medium Testing: Unit tests. Docs Changes: N/A Release Notes: N/A Part of envoyproxy#4272 Signed-off-by: John Plevyak <jplevyak@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 3f63838 - Browse repository at this point
Copy the full SHA 3f63838View commit details -
quiche: implement Envoy Quic stream and connection (envoyproxy#7721)
Implement QuicStream|Session|Disptacher in Envoy. Weir up QUIC stream and connection with HCM callbacks. Risk Level: low, not in use Testing: Added unit tests for all new classes Part of envoyproxy#2557 Signed-off-by: Dan Zhang <danzh@google.com>
Configuration menu - View commit details
-
Copy full SHA for 44a8588 - Browse repository at this point
Copy the full SHA 44a8588View commit details -
protodoc/api_proto_plugin: generic API protoc plugin framework. (envo…
…yproxy#8157) Split out the generic plugin and FileDescriptorProto traversal bits from protodoc. This is in aid of the work in envoyproxy#8082 ad envoyproxy#8083, where additional protoc plugins will be responsible for v2 -> v3alpha API migrations and translation code generation. This is only the start really of the api_proto_plugin framework. I anticipate additional bits of protodoc will move here later, including field type analysis and oneof handling. In some respects, this is a re-implementation of some of https://github.com/lyft/protoc-gen-star in Python. The advantage is that this is super lightweight, has few dependencies and can be easily hacked. We also embed various bits of API business logic, e.g. annotations, in the framework (for now). Risk level: Low Testing: diff -ru against previous protodoc.py RST output, identical modulo some trivial whitespace that doesn't appear in generated HTML. There are no real tests yet, I anticipate adding some golden proto style tests. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for 809f0e3 - Browse repository at this point
Copy the full SHA 809f0e3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 874d7d3 - Browse repository at this point
Copy the full SHA 874d7d3View commit details
Commits on Sep 10, 2019
-
ext_authz: Check for cluster before sending HTTP request (envoyproxy#…
…8144) Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 5aea70c - Browse repository at this point
Copy the full SHA 5aea70cView commit details -
make getters const-ref (envoyproxy#8192)
Description: Follow-up to envoyproxy#7911 to make cached values be exposed as const-references, saving on a copy of a string during retrieval. Risk Level: low Testing: updated mocks to return references Docs Changes: none Release Notes: none Signed-off-by: Kuat Yessenov <kuat@google.com>
Configuration menu - View commit details
-
Copy full SHA for 66cc26a - Browse repository at this point
Copy the full SHA 66cc26aView commit details -
test: add curl features check (envoyproxy#8194)
Add a test ensuring curl was built with the expected features. Description: Add a test ensuring curl was built with the expected features. Risk Level: Low. Testing: n/a. Docs Changes: n/a. Release Notes: n/a. Signed-off-by: Taras Roshko <troshko@netflix.com>
Configuration menu - View commit details
-
Copy full SHA for d5515ae - Browse repository at this point
Copy the full SHA d5515aeView commit details -
subset lb: allow ring hash/maglev LB to work with subsets (envoyproxy…
…#8030) * subset lb: allow ring hash/maglev LB to work with subsets Skip initializing the thread aware LB for a cluster when the subset load balancer is enabled. Also adds some extra checks for LB policies that are incompatible with the subset load balancer. Risk Level: low Testing: test additional checks Docs Changes: updated docs w.r.t subset lb compatibility Release Notes: n/a Fixes: envoyproxy#7651 Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for cee989a - Browse repository at this point
Copy the full SHA cee989aView commit details -
redis: add a request time metric to redis upstream (envoyproxy#7890)
Signed-off-by: Nicolas Flacco <nflacco@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for ad10a97 - Browse repository at this point
Copy the full SHA ad10a97View commit details -
bazel: update bazel to 0.29.1 (envoyproxy#8198)
Description: Upgrade bazel to 0.29.1 and bazel-toolchains to corresponding version. Risk Level: Low Testing: CI Docs Changes: N/A Release Notes: N/A Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Configuration menu - View commit details
-
Copy full SHA for 38b926c - Browse repository at this point
Copy the full SHA 38b926cView commit details
Commits on Sep 11, 2019
-
upstream: Add ability to disable host selection during panic (envoypr…
…oxy#8024) Previously, when in a panic state, requests would be routed to all hosts. In some cases it is instead preferable to not route any requests. Add a configuration option for zone-aware load balancers which switches from routing to all hosts to no hosts. Closes envoyproxy#7550. Signed-off-by: James Forcier jforcier@grubhub.com Risk Level: Low Testing: 2 new unit tests written; manual testing Docs Changes: Note about new configuration option added Release Notes: added Signed-off-by: James Forcier <jforcier@grubhub.com>
Configuration menu - View commit details
-
Copy full SHA for e2eb258 - Browse repository at this point
Copy the full SHA e2eb258View commit details -
metrics service: flush histogram buckets (envoyproxy#8180)
Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Configuration menu - View commit details
-
Copy full SHA for a758e8c - Browse repository at this point
Copy the full SHA a758e8cView commit details -
tracing: fix random sample fraction percent (envoyproxy#8205)
Signed-off-by: Pengyuan Bian <bianpengyuan@google.com>
Configuration menu - View commit details
-
Copy full SHA for eb11fde - Browse repository at this point
Copy the full SHA eb11fdeView commit details -
stats: Add per-host memory usage test case to stats_integration_test (e…
…nvoyproxy#8189) Signed-off-by: Antonio Vicente <avd@google.com>
Configuration menu - View commit details
-
Copy full SHA for c78c4b4 - Browse repository at this point
Copy the full SHA c78c4b4View commit details -
router check tool: add flag for only printing failed tests (envoyprox…
…y#8160) Signed-off-by: Lisa Lu <lisalu@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for c9703f9 - Browse repository at this point
Copy the full SHA c9703f9View commit details -
fix link to runtime docs (envoyproxy#8204)
Description: Looks like the runtime docs moved under operations/. The PR fixes the link. Risk Level: low Testing: existing Docs Changes: this Release Notes: n/a Signed-off-by: Derek Argueta <dereka@pinterest.com>
Configuration menu - View commit details
-
Copy full SHA for 0ee3cc3 - Browse repository at this point
Copy the full SHA 0ee3cc3View commit details -
config: make SlotImpl detachable from its owner, and add a new runOnA…
…llThreads interface to Slot. (envoyproxy#8135) See the issue in envoyproxy#7902, this PR is to make the SlotImpl detachable from its owner, by introducing a Booker object wraps around a SlotImpl, which bookkeeps all the on-the-fly update callbacks. And on its destruction, if there are still on-the-fly callbacks, move the SlotImpl to an deferred-delete queue, instead of destructing the SlotImpl which may cause an SEGV error. More importantly, introduce a new runOnAllThreads(ThreadLocal::UpdateCb cb) API to Slot, which requests a Slot Owner to not assume that the Slot or its owner will out-live (in Main thread) the fired on-the-fly update callbacks, and should not capture the Slot or its owner in the update_cb. Picked RDS and config-providers-framework as examples to demonstrate that this change works. {i.e., changed from the runOnAllThreads(Event::PostCb) to the new runOnAllThreads(TLS::UpdateCb) interface. } Risk Level: Medium Testing: unit test Docs Changes: N/A Release Notes: N/A [Optional Fixes #Issue] envoyproxy#7902 Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Configuration menu - View commit details
-
Copy full SHA for c5ffdda - Browse repository at this point
Copy the full SHA c5ffddaView commit details -
test: remove static config from subset lb integration test (envoyprox…
…y#8203) Build the config programmatically to make future API changes less onerous. Risk Level: low (test change only) Testing: n/a Doc Changes: n/a Release Notes: n/a Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for da38e73 - Browse repository at this point
Copy the full SHA da38e73View commit details -
cleanup: clarify Cluster.filters and Dispatcher::createClientConnecti…
…on (envoyproxy#8186) Signed-off-by: Fred Douglas <fredlas@google.com>
Configuration menu - View commit details
-
Copy full SHA for 9de651a - Browse repository at this point
Copy the full SHA 9de651aView commit details -
redis: health check is not sending the auth command on its connection (…
…envoyproxy#8166) Signed-off-by: Henry Yang <hyang@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 7df4775 - Browse repository at this point
Copy the full SHA 7df4775View commit details -
redis: mirroring should work when default value is zero, not just gre…
…ater than zero (envoyproxy#8089) Signed-off-by: Nicolas Flacco <nflacco@lyft.com>
Configuration menu - View commit details
-
Copy full SHA for 73ad41a - Browse repository at this point
Copy the full SHA 73ad41aView commit details -
tools: regularize pip/venv for format_python_tools.py. (envoyproxy#8176)
As well as being a nice cleanup, this fixes some issues I had with local Docker use of fix_format as a non-root user. Signed-off-by: Harvey Tuch <htuch@google.com>
Configuration menu - View commit details
-
Copy full SHA for d0e1db6 - Browse repository at this point
Copy the full SHA d0e1db6View commit details
Commits on Sep 12, 2019
-
absl: Absl hash hook in a couple of places rather than hash functors (e…
…nvoyproxy#8179) Signed-off-by: Joshua Marantz <jmarantz@google.com>
Configuration menu - View commit details
-
Copy full SHA for 90ed92f - Browse repository at this point
Copy the full SHA 90ed92fView commit details -
Update dependency: jwt_verify_lib (envoyproxy#8212)
Signed-off-by: Daniel Grimm <dgrimm@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 5551315 - Browse repository at this point
Copy the full SHA 5551315View commit details -
upstream: add failure percentage-based outlier detection (envoyproxy#…
…8130) Description: Add a new outlier detection mode which compares each host's rate of request failure to a configured fixed threshold. Risk Level: Low Testing: 2 new unit tests added. Docs Changes: New mode and config options described. Release Notes: white_check_mark Fixes envoyproxy#8105 Signed-off-by: James Forcier <jforcier@grubhub.com>
Configuration menu - View commit details
-
Copy full SHA for 36cf26b - Browse repository at this point
Copy the full SHA 36cf26bView commit details
Commits on Sep 13, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 644d039 - Browse repository at this point
Copy the full SHA 644d039View commit details