envoyproxy · phlax · Dec 17, 2021 · Nov 16, 2021 · Nov 29, 2021 · Nov 29, 2021
diff --git a/configs/encapsulate_in_http1_connect.yaml b/configs/encapsulate_in_http1_connect.yaml
@@ -1,6 +1,7 @@
 # This configuration takes incoming data on port 10000 and encapsulates it in a CONNECT
 # request which is sent upstream port 10001.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # and running `curl -x 127.0.0.1:10000 https://www.google.com`
 
 admin:

diff --git a/configs/encapsulate_in_http2_connect.yaml b/configs/encapsulate_in_http2_connect.yaml
@@ -1,6 +1,7 @@
 # This configuration takes incoming data on port 10000 and encapsulates it in a CONNECT
 # request which is sent upstream port 10001.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # and running `curl -x 127.0.0.1:10000 https://www.google.com`
 
 admin:

diff --git a/configs/encapsulate_in_http2_post.yaml b/configs/encapsulate_in_http2_post.yaml
@@ -1,6 +1,7 @@
 # This configuration takes incoming data on port 10000 and encapsulates it in a POST
 # request which is sent upstream port 10001.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # and running `curl -x 127.0.0.1:10000 https://www.google.com`
 
 admin:

diff --git a/configs/terminate_http1_connect.yaml b/configs/terminate_http1_connect.yaml
@@ -1,5 +1,6 @@
 # This configuration terminates a CONNECT request and sends the CONNECT payload upstream.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # or used to test CONNECT directly, by running `curl -k -v -x 127.0.0.1:10001 https://www.google.com`
 admin:
  address:

diff --git a/configs/terminate_http2_connect.yaml b/configs/terminate_http2_connect.yaml
@@ -1,5 +1,6 @@
 # This configuration terminates a CONNECT request and sends the CONNECT payload upstream.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # or used to test CONNECT directly, by running `curl -k -v -x 127.0.0.1:10001 https://www.google.com`
 admin:
  address:

diff --git a/configs/terminate_http2_post.yaml b/configs/terminate_http2_post.yaml
@@ -1,5 +1,6 @@
 # This configuration terminates a POST request and sends the POST payload upstream.
-# It can be used to test TCP tunneling as described in docs/root/intro/arch_overview/http/upgrades.rst
+# It can be used to test TCP tunneling as described in
+# https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades
 # or used to test POST directly, by running `curl -k -v -x 127.0.0.1:10001 https://www.google.com`
 admin:
  address:

@@ -12,7 +12,7 @@ licenses(["notice"]) # Apache 2
 envoy_contrib_package()
 
 # Kafka network filter.
-# Broker filter public docs: docs/root/configuration/network_filters/kafka_broker_filter.rst
+# Broker filter public docs: https://envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/kafka_broker_filter
 
 envoy_cc_contrib_extension(
  name = "kafka_broker_config_lib",

@@ -11,7 +11,7 @@ licenses(["notice"]) # Apache 2
 envoy_contrib_package()
 
 # Kafka-mesh network filter.
-# Mesh filter public docs: docs/root/configuration/listeners/network_filters/kafka_mesh_filter.rst
+# Mesh filter public docs: https://envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/kafka_mesh_filter
 
 envoy_cc_contrib_extension(
  name = "config_lib",

diff --git a/contrib/mysql_proxy/filters/network/source/BUILD b/contrib/mysql_proxy/filters/network/source/BUILD
@@ -10,7 +10,7 @@ licenses(["notice"]) # Apache 2
 envoy_contrib_package()
 
 # MySQL proxy L7 network filter.
-# Public docs: docs/root/configuration/network_filters/mysql_proxy_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/mysql_proxy_filter
 
 envoy_cc_library(
  name = "filter_lib",

diff --git a/contrib/postgres_proxy/filters/network/source/BUILD b/contrib/postgres_proxy/filters/network/source/BUILD
@@ -12,7 +12,7 @@ envoy_contrib_package()
 #package(default_visibility = ["//visibility:public"])
 
 # PostgresSQL proxy L7 network filter.
-# Public docs: docs/root/configuration/network_filters/postgres_proxy_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/postgres_proxy_filter
 
 envoy_cc_library(
  name = "filter",

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # L7 HTTP filter that implements the Squash microservice debugger
-# Public docs: docs/root/configuration/http_filters/squash_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/squash_filter
 
 envoy_contrib_package()
 

diff --git a/docs/root/configuration/http/http_filters/_include/composite.yaml b/docs/root/configuration/http/http_filters/_include/composite.yaml
@@ -21,7 +21,7 @@ static_resources:
  domains: ["*"]
  routes:
  # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path.
- # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
+ # Reference: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
  - match: {prefix: "/helloworld.Greeter"}
  route: {cluster: grpc, timeout: 60s}
  http_filters:

diff --git a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml
@@ -21,7 +21,7 @@ static_resources:
  domains: ["*"]
  routes:
  # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path.
- # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
+ # Reference: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
  - match: {prefix: "/helloworld.Greeter"}
  route: {cluster: grpc, timeout: 60s}
  http_filters:

diff --git a/examples/brotli/brotli-envoy.yaml b/examples/brotli/brotli-envoy.yaml
@@ -47,10 +47,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/brotli-key.pem -out a/brotli-crt.pem -days 3650 -nodes -subj '/CN=brotli'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----
@@ -147,10 +147,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/brotli.pem -out a/brotli-crt.pem -days 3650 -nodes -subj '/CN=brotli'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/examples/front-proxy/front-envoy.yaml b/examples/front-proxy/front-envoy.yaml
@@ -68,10 +68,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/examples/tls/envoy-https-http.yaml b/examples/tls/envoy-https-http.yaml
@@ -34,10 +34,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/examples/tls/envoy-https-https.yaml b/examples/tls/envoy-https-https.yaml
@@ -34,10 +34,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/examples/websocket/envoy-wss.yaml b/examples/websocket/envoy-wss.yaml
@@ -35,10 +35,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/examples/win32-front-proxy/front-envoy.yaml b/examples/win32-front-proxy/front-envoy.yaml
@@ -68,10 +68,10 @@ static_resources:
  # $ openssl req -x509 -newkey rsa:2048 -keyout a/front-proxy-key.pem -out a/front-proxy-crt.pem -days 3650 -nodes -subj '/CN=front-envoy'
  #
  # Instead of feeding it as an inline_string, certificate pair can also be fed to Envoy
- # via filename. Reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
+ # via filename. Reference: https://envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#config-core-v3-datasource.
  #
  # Or in a dynamic configuration scenario, certificate pair can be fetched remotely via
- # Secret Discovery Service (SDS). Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret.
+ # Secret Discovery Service (SDS). Reference: https://envoyproxy.io/docs/envoy/latest/configuration/security/secret.
  - certificate_chain:
  inline_string: |
  -----BEGIN CERTIFICATE-----

diff --git a/source/common/formatter/substitution_formatter.cc b/source/common/formatter/substitution_formatter.cc
@@ -310,7 +310,7 @@ void SubstitutionFormatParser::parseCommandHeader(const std::string& token, cons
  if (!subs.empty()) {
  throw EnvoyException(
  // Header format rules support only one alternative header.
- // docs/root/configuration/access_log.rst#format-rules
+ // docs/root/configuration/observability/access_log/access_log.rst#format-rules
  absl::StrCat("More than 1 alternative header specified in token: ", token));
  }
 

diff --git a/source/common/formatter/substitution_formatter.h b/source/common/formatter/substitution_formatter.h
@@ -31,7 +31,7 @@ class SubstitutionFormatParser {
  * Parse a header format rule of the form: %REQ(X?Y):Z% .
  * Will populate a main_header and an optional alternative header if specified.
  * See doc:
- * docs/root/configuration/access_log.rst#format-rules
+ * https://envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/access_log#format-rules
  */
  static void parseCommandHeader(const std::string& token, const size_t start,
  std::string& main_header, std::string& alternative_header,

@@ -7,7 +7,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # Access log implementation that writes to a file.
-# Public docs: docs/root/configuration/access_log.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/access_log
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ licenses(["notice"]) # Apache 2
 
 # Redis proxy L4 network filter. Implements consistent hashing and observability for large redis
 # clusters.
-# Public docs: docs/root/configuration/network_filters/redis_proxy_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/redis_proxy_filter
 
 envoy_extension_package()
 

diff --git a/source/extensions/extensions_metadata.yaml b/source/extensions/extensions_metadata.yaml
@@ -698,17 +698,17 @@ envoy.wasm.runtime.v8:
 envoy.wasm.runtime.wamr:
  categories:
  - envoy.wasm.runtime
- security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
+ security_posture: unknown # "This may never change from unknown until the threat model at https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
  status: alpha
 envoy.wasm.runtime.wasmtime:
  categories:
  - envoy.wasm.runtime
- security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
+ security_posture: unknown # "This may never change from unknown until the threat model at https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
  status: alpha
 envoy.wasm.runtime.wavm:
  categories:
  - envoy.wasm.runtime
- security_posture: unknown # "This may never change from unknown until the threat model at https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
+ security_posture: unknown # "This may never change from unknown until the threat model at https://envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/threat_model#core-and-extensions is updated to capture additional Wasm runtimes".
  status: alpha
 envoy.watchdog.profile_action:
  categories:

@@ -9,7 +9,7 @@ licenses(["notice"]) # Apache 2
 
 # HTTP L7 filter that dynamically adjusts the number of allowed concurrent
 # requests based on sampled latencies.
-# Public docs: docs/root/configuration/http_filters/adaptive_concurrency_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/adaptive_concurrency_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # HTTP L7 filter that probabilistically rejects requests based on upstream success-rate.
-# Public docs: docs/root/configuration/http_filters/admission_control.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/admission_control_filter
 
 envoy_extension_package()
 

@@ -9,7 +9,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # L7 HTTP AWS Lambda filter
-# Public docs: docs/root/configuration/http_filters/aws_lambda_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/aws_lambda_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # L7 HTTP AWS request signing filter
-# Public docs: docs/root/configuration/http_filters/aws_request_signing_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/aws_request_signing_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # Local Bandwidthlimit HTTP L7 filter
-# Public docs: docs/root/configuration/http_filters/bandwidth_limit_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/bandwidth_limit_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # Request buffering and timeout L7 HTTP filter
-# Public docs: docs/root/configuration/http_filters/buffer_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/buffer_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # HTTP L7 filter that performs compression with configurable compression libraries
-# Public docs: docs/root/configuration/http_filters/compressor_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/compressor_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # L7 HTTP filter which implements CORS processing (https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)
-# Public docs: docs/root/configuration/http_filters/cors_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/cors_filter
 
 envoy_extension_package()
 

@@ -8,7 +8,7 @@ load(
 licenses(["notice"]) # Apache 2
 
 # L7 HTTP filter which implements CSRF processing (https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF))
-# Public docs: docs/root/configuration/http_filters/csrf_filter.rst
+# Public docs: https://envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/csrf_filter
 
 envoy_extension_package()