diff --git a/CHANGES.md b/CHANGES.md index 3ca5cc582fb425fb18c73e2c6de98baf13c37b5c..47939e5c910b71ca894d06fbca9887fa27370f25 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -41,6 +41,7 @@ Release Notes. * Fix CVE of UninstrumentedGateways in Dynamic Configuration activation. * Improve query performance in storage-influxdb-plugin. * Fix the uuid field in GRPCConfigWatcherRegister is not updated. +* Support Envoy {AccessLog,Metrics}Service API V3. #### UI * Fix un-removed tags in trace query. diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandler.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandler.java index 4b8b79d8128912efa0f039866784721eee71c0e1..dbc9ed385845c4bf7eb8397eb6370cbebf4f3012 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandler.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandler.java @@ -19,8 +19,8 @@ package org.apache.skywalking.oap.server.receiver.envoy; import io.envoyproxy.envoy.service.accesslog.v2.AccessLogServiceGrpc; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsResponse; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsResponse; import io.grpc.stub.StreamObserver; import java.util.ArrayList; import java.util.List; @@ -67,6 +67,7 @@ public class AccessLogServiceGRPCHandler extends AccessLogServiceGrpc.AccessLogS sourceDispatcherCounter = metricCreator.createCounter("envoy_als_source_dispatch_count", "The count of envoy ALS metric received", MetricsTag.EMPTY_KEY, MetricsTag.EMPTY_VALUE); } + @Override public StreamObserver streamAccessLogs( StreamObserver responseObserver) { return new StreamObserver() { diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandlerV3.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandlerV3.java new file mode 100644 index 0000000000000000000000000000000000000000..603b5b839e6b7a76835fd9fa090910597a64d9e1 --- /dev/null +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/AccessLogServiceGRPCHandlerV3.java @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.skywalking.oap.server.receiver.envoy; + +import io.envoyproxy.envoy.service.accesslog.v3.AccessLogServiceGrpc; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsResponse; +import io.grpc.stub.StreamObserver; +import lombok.RequiredArgsConstructor; + +@RequiredArgsConstructor +public class AccessLogServiceGRPCHandlerV3 extends AccessLogServiceGrpc.AccessLogServiceImplBase { + private final AccessLogServiceGRPCHandler delegate; + + @Override + public StreamObserver streamAccessLogs(final StreamObserver responseObserver) { + return delegate.streamAccessLogs(responseObserver); + } +} diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/EnvoyMetricReceiverProvider.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/EnvoyMetricReceiverProvider.java index 28a9126adc6b32fa21ba8c37383efd0e80b63604..bbbce0bf5efd006d06b25491c571f7e7a1eb6463 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/EnvoyMetricReceiverProvider.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/EnvoyMetricReceiverProvider.java @@ -68,9 +68,13 @@ public class EnvoyMetricReceiverProvider extends ModuleProvider { .getService(OALEngineLoaderService.class) .load(EnvoyOALDefine.INSTANCE); - service.addHandler(new MetricServiceGRPCHandler(getManager())); + final MetricServiceGRPCHandler handler = new MetricServiceGRPCHandler(getManager()); + service.addHandler(handler); + service.addHandler(new MetricServiceGRPCHandlerV3(handler)); } - service.addHandler(new AccessLogServiceGRPCHandler(getManager(), config)); + final AccessLogServiceGRPCHandler handler = new AccessLogServiceGRPCHandler(getManager(), config); + service.addHandler(handler); + service.addHandler(new AccessLogServiceGRPCHandlerV3(handler)); } @Override diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandler.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandler.java index 0ed9b3eeeb9c8bf98bac4d80e20fe91a165c51c3..bb274cf92cd5989e9df6aa72a535e6943f6089c4 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandler.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandler.java @@ -18,10 +18,10 @@ package org.apache.skywalking.oap.server.receiver.envoy; -import io.envoyproxy.envoy.api.v2.core.Node; -import io.envoyproxy.envoy.service.metrics.v2.MetricsServiceGrpc; -import io.envoyproxy.envoy.service.metrics.v2.StreamMetricsMessage; -import io.envoyproxy.envoy.service.metrics.v2.StreamMetricsResponse; +import io.envoyproxy.envoy.config.core.v3.Node; +import io.envoyproxy.envoy.service.metrics.v3.MetricsServiceGrpc; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsMessage; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsResponse; import io.grpc.stub.StreamObserver; import io.prometheus.client.Metrics; import java.util.List; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerV3.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerV3.java new file mode 100644 index 0000000000000000000000000000000000000000..e768636f13c6c76649fc2ef0f9e4542ce66846c0 --- /dev/null +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerV3.java @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.skywalking.oap.server.receiver.envoy; + +import io.envoyproxy.envoy.service.metrics.v3.MetricsServiceGrpc; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsMessage; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsResponse; +import io.grpc.stub.StreamObserver; +import lombok.RequiredArgsConstructor; + +@RequiredArgsConstructor +public class MetricServiceGRPCHandlerV3 extends MetricsServiceGrpc.MetricsServiceImplBase { + private final MetricServiceGRPCHandler delegate; + + @Override + public StreamObserver streamMetrics(final StreamObserver responseObserver) { + return delegate.streamMetrics(responseObserver); + } +} diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/ALSHTTPAnalysis.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/ALSHTTPAnalysis.java index ae75c327e94962bbba1aea60edbd15ae97698dc6..3b51aa0e3e87494379093a5cefe575dea89d2202 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/ALSHTTPAnalysis.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/ALSHTTPAnalysis.java @@ -18,8 +18,8 @@ package org.apache.skywalking.oap.server.receiver.envoy.als; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPAccessLogEntry; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPAccessLogEntry; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import java.util.List; import org.apache.skywalking.apm.network.servicemesh.v3.ServiceMeshMetric; import org.apache.skywalking.oap.server.library.module.ModuleManager; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/AbstractALSAnalyzer.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/AbstractALSAnalyzer.java index 41e2a3cb9de8d6ba7b98bf9c9959adc3f78d03cd..462eeba57c1a507360edca0ef0337d4a69dfc6ff 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/AbstractALSAnalyzer.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/AbstractALSAnalyzer.java @@ -18,9 +18,9 @@ package org.apache.skywalking.oap.server.receiver.envoy.als; -import io.envoyproxy.envoy.api.v2.core.Node; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPAccessLogEntry; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.config.core.v3.Node; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPAccessLogEntry; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import lombok.extern.slf4j.Slf4j; import org.apache.skywalking.apm.network.servicemesh.v3.ServiceMeshMetric; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/LogEntry2MetricsAdapter.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/LogEntry2MetricsAdapter.java index 0ded78ef52356e30b1e6a13ed4181ff601e0139a..ba9c69dc3fd1df61bac9bc29a9659daa8cc3a3c9 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/LogEntry2MetricsAdapter.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/LogEntry2MetricsAdapter.java @@ -21,12 +21,12 @@ package org.apache.skywalking.oap.server.receiver.envoy.als; import com.google.protobuf.Duration; import com.google.protobuf.Timestamp; import com.google.protobuf.UInt32Value; -import io.envoyproxy.envoy.data.accesslog.v2.AccessLogCommon; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPAccessLogEntry; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPRequestProperties; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPResponseProperties; -import io.envoyproxy.envoy.data.accesslog.v2.ResponseFlags; -import io.envoyproxy.envoy.data.accesslog.v2.TLSProperties; +import io.envoyproxy.envoy.data.accesslog.v3.AccessLogCommon; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPAccessLogEntry; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPRequestProperties; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPResponseProperties; +import io.envoyproxy.envoy.data.accesslog.v3.ResponseFlags; +import io.envoyproxy.envoy.data.accesslog.v3.TLSProperties; import java.time.Instant; import java.util.List; import java.util.Optional; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8sALSServiceMeshHTTPAnalysis.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8sALSServiceMeshHTTPAnalysis.java index 357f6c7075ee4daa67a788c77f37864c253b7c9d..976a79054216d3c9d7ee24bd8c89166506c14991 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8sALSServiceMeshHTTPAnalysis.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8sALSServiceMeshHTTPAnalysis.java @@ -18,11 +18,11 @@ package org.apache.skywalking.oap.server.receiver.envoy.als.k8s; -import io.envoyproxy.envoy.api.v2.core.Address; -import io.envoyproxy.envoy.api.v2.core.SocketAddress; -import io.envoyproxy.envoy.data.accesslog.v2.AccessLogCommon; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPAccessLogEntry; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.config.core.v3.Address; +import io.envoyproxy.envoy.config.core.v3.SocketAddress; +import io.envoyproxy.envoy.data.accesslog.v3.AccessLogCommon; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPAccessLogEntry; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import java.util.ArrayList; import java.util.Collections; import java.util.List; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/MetaExchangeALSHTTPAnalyzer.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/MetaExchangeALSHTTPAnalyzer.java index 741a203e160176401b7bad9e0814e23399276498..a31cd0b73f93faf345e6e26200a76e1528ed02e2 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/MetaExchangeALSHTTPAnalyzer.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/main/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/MetaExchangeALSHTTPAnalyzer.java @@ -20,9 +20,9 @@ package org.apache.skywalking.oap.server.receiver.envoy.als.mx; import com.google.protobuf.Any; import com.google.protobuf.TextFormat; -import io.envoyproxy.envoy.data.accesslog.v2.AccessLogCommon; -import io.envoyproxy.envoy.data.accesslog.v2.HTTPAccessLogEntry; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.data.accesslog.v3.AccessLogCommon; +import io.envoyproxy.envoy.data.accesslog.v3.HTTPAccessLogEntry; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import java.util.ArrayList; import java.util.Base64; import java.util.Collections; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerTestMain.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerTestMain.java index 373f067a7f9955b56809b73c41e5e42916a4ebcb..ff59bd37a27ad99fcf92c386bc493458c5f4058e 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerTestMain.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/MetricServiceGRPCHandlerTestMain.java @@ -20,8 +20,8 @@ package org.apache.skywalking.oap.server.receiver.envoy; import com.google.protobuf.TextFormat; import io.envoyproxy.envoy.service.metrics.v2.MetricsServiceGrpc; -import io.envoyproxy.envoy.service.metrics.v2.StreamMetricsMessage; -import io.envoyproxy.envoy.service.metrics.v2.StreamMetricsResponse; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsMessage; +import io.envoyproxy.envoy.service.metrics.v3.StreamMetricsResponse; import io.grpc.ManagedChannel; import io.grpc.ManagedChannelBuilder; import io.grpc.stub.StreamObserver; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8SALSServiceMeshHTTPAnalysisTest.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8SALSServiceMeshHTTPAnalysisTest.java index 718996c2b7a5d84dd91bc66fe0f872b17a5dfc09..9832603bb2126822f93e35f56cc4148da7db4787 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8SALSServiceMeshHTTPAnalysisTest.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/k8s/K8SALSServiceMeshHTTPAnalysisTest.java @@ -19,7 +19,7 @@ package org.apache.skywalking.oap.server.receiver.envoy.als.k8s; import com.google.protobuf.util.JsonFormat; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/FieldsHelperTest.java b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/FieldsHelperTest.java index 40f327bc91cbc1c934987aa0ed9e401d62235578..dc4c210aea06955262ade4ff8786d669a979fa99 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/FieldsHelperTest.java +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/java/org/apache/skywalking/oap/server/receiver/envoy/als/mx/FieldsHelperTest.java @@ -19,7 +19,7 @@ package org.apache.skywalking.oap.server.receiver.envoy.als.mx; import com.google.protobuf.util.JsonFormat; -import io.envoyproxy.envoy.service.accesslog.v2.StreamAccessLogsMessage; +import io.envoyproxy.envoy.service.accesslog.v3.StreamAccessLogsMessage; import java.io.ByteArrayInputStream; import java.io.InputStreamReader; import java.util.Arrays; diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress.msg index 0f4917ef65e4d265e577c2b2e40f52c85c9c0337..c17b66732a0a2fe722305be6c0e97725f3eea34d 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress.msg @@ -30,8 +30,7 @@ "ROUTER_MODE": "sni-dnat", "istio": "sidecar" }, - "locality": { }, - "buildVersion": "55c80965eab994e6bfa2227e3942fa89928d0d70/1.10.0-dev/Clean/RELEASE/BoringSSL" + "locality": { } }, "logName": "als" }, @@ -86,4 +85,4 @@ } ] } -} \ No newline at end of file +} diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress2sidecar.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress2sidecar.msg index b641b142a451627e2ec8e8ac68fe1c99e8ca64e2..35311832f68809db19cff5c7b12c21ac9cec4361 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress2sidecar.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-ingress2sidecar.msg @@ -34,8 +34,7 @@ "pod-template-hash": "822879871", "version": "v1" }, - "locality": { }, - "buildVersion": "55c80965eab994e6bfa2227e3942fa89928d0d70/1.10.0-dev/Clean/RELEASE/BoringSSL" + "locality": { } }, "logName": "als" }, diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-client-sidecar.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-client-sidecar.msg index 104981823f33fdb8509f02e64c6ebb631577ac44..bb116197ede2db1c780864c5d85159f610b75678 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-client-sidecar.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-client-sidecar.msg @@ -33,8 +33,7 @@ "pod-template-hash": "822879871", "version": "v1" }, - "locality": { }, - "buildVersion": "55c80965eab994e6bfa2227e3942fa89928d0d70/1.10.0-dev/Clean/RELEASE/BoringSSL" + "locality": { } }, "logName": "als" }, @@ -89,4 +88,4 @@ ] } } -} \ No newline at end of file +} diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-server-sidecar.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-server-sidecar.msg index d02ce2bc9d57a0c8f15340fa30e30657116c488b..3555b34b685384feb29cf536c72359dffcd2358a 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-server-sidecar.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-mesh-server-sidecar.msg @@ -33,8 +33,7 @@ "pod-template-hash": "822879871", "version": "v1" }, - "locality": { }, - "buildVersion": "55c80965eab994e6bfa2227e3942fa89928d0d70/1.10.0-dev/Clean/RELEASE/BoringSSL" + "locality": { } }, "logName": "als" }, @@ -93,4 +92,4 @@ } ] } -} \ No newline at end of file +} diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-metric.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-metric.msg index 71af087c41ca2adcee34ab89edf79de4bb867004..e8a104e7b9c995b0b268feeaf8e7cf57f1540242 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-metric.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/envoy-metric.msg @@ -34,8 +34,7 @@ identifier { region: "ap-southeast-1" zone: "zone1" sub_zone: "subzone1" - }, - build_version: "caf7ab123964cedd172a2d4cb29b2f2e05ca9156/1.10.0-dev/Clean/RELEASE/BoringSSL" + } } } envoy_metrics [ diff --git a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/field-helper.msg b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/field-helper.msg index 9d589e8453a66428a182bd4aebf7fe3544bb0920..fe5132ddac69da7a493176f3209aba74df74f2ad 100644 --- a/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/field-helper.msg +++ b/oap-server/server-receiver-plugin/envoy-metrics-receiver-plugin/src/test/resources/field-helper.msg @@ -82,8 +82,7 @@ "locality": { "region": "us-central1", "zone": "us-central1-a" - }, - "buildVersion": "262253d9d066f8ef7ed82fd175c28b8f95acbec0/1.15.0/Clean/RELEASE/BoringSSL" + } }, "logName": "http_envoy_accesslog" } diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/base.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/base.proto deleted file mode 100644 index 6b4e931cfa4057c28b8b56af61d5f7a6118a302d..0000000000000000000000000000000000000000 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/base.proto +++ /dev/null @@ -1,256 +0,0 @@ -syntax = "proto3"; - -package envoy.api.v2.core; - -option java_outer_classname = "BaseProto"; -option java_multiple_files = true; -option java_package = "io.envoyproxy.envoy.api.v2.core"; -option go_package = "core"; - -import "google/protobuf/any.proto"; -import "google/protobuf/struct.proto"; -import "google/protobuf/wrappers.proto"; - -import "validate/validate.proto"; -import "gogoproto/gogo.proto"; - -import "envoy/type/percent.proto"; - -option (gogoproto.equal_all) = true; -option (gogoproto.stable_marshaler_all) = true; - -// [#protodoc-title: Common types] - -// Identifies location of where either Envoy runs or where upstream hosts run. -message Locality { - // Region this :ref:`zone ` belongs to. - string region = 1; - - // Defines the local service zone where Envoy is running. Though optional, it - // should be set if discovery service routing is used and the discovery - // service exposes :ref:`zone data `, - // either in this message or via :option:`--service-zone`. The meaning of zone - // is context dependent, e.g. `Availability Zone (AZ) - // `_ - // on AWS, `Zone `_ on - // GCP, etc. - string zone = 2; - - // When used for locality of upstream hosts, this field further splits zone - // into smaller chunks of sub-zones so they can be load balanced - // independently. - string sub_zone = 3; -} - -// Identifies a specific Envoy instance. The node identifier is presented to the -// management server, which may use this identifier to distinguish per Envoy -// configuration for serving. -message Node { - // An opaque node identifier for the Envoy node. This also provides the local - // service node name. It should be set if any of the following features are - // used: :ref:`statsd `, :ref:`CDS - // `, and :ref:`HTTP tracing - // `, either in this message or via - // :option:`--service-node`. - string id = 1; - - // Defines the local service cluster name where Envoy is running. Though - // optional, it should be set if any of the following features are used: - // :ref:`statsd `, :ref:`health check cluster - // verification `, - // :ref:`runtime override directory `, - // :ref:`user agent addition - // `, - // :ref:`HTTP global rate limiting `, - // :ref:`CDS `, and :ref:`HTTP tracing - // `, either in this message or via - // :option:`--service-cluster`. - string cluster = 2; - - // Opaque metadata extending the node identifier. Envoy will pass this - // directly to the management server. - google.protobuf.Struct metadata = 3; - - // Locality specifying where the Envoy instance is running. - Locality locality = 4; - - // This is motivated by informing a management server during canary which - // version of Envoy is being tested in a heterogeneous fleet. This will be set - // by Envoy in management server RPCs. - string build_version = 5; -} - -// Metadata provides additional inputs to filters based on matched listeners, -// filter chains, routes and endpoints. It is structured as a map, usually from -// filter name (in reverse DNS format) to metadata specific to the filter. Metadata -// key-values for a filter are merged as connection and request handling occurs, -// with later values for the same key overriding earlier values. -// -// An example use of metadata is providing additional values to -// http_connection_manager in the envoy.http_connection_manager.access_log -// namespace. -// -// Another example use of metadata is to per service config info in cluster metadata, which may get -// consumed by multiple filters. -// -// For load balancing, Metadata provides a means to subset cluster endpoints. -// Endpoints have a Metadata object associated and routes contain a Metadata -// object to match against. There are some well defined metadata used today for -// this purpose: -// -// * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an -// endpoint and is also used during header processing -// (x-envoy-upstream-canary) and for stats purposes. -message Metadata { - // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* - // namespace is reserved for Envoy's built-in filters. - map filter_metadata = 1; -} - -// Runtime derived uint32 with a default when not specified. -message RuntimeUInt32 { - // Default value if runtime value is not available. - uint32 default_value = 2; - - // Runtime key to get value for comparison. This value is used if defined. - string runtime_key = 3 [(validate.rules).string.min_bytes = 1]; -} - -// Envoy supports :ref:`upstream priority routing -// ` both at the route and the virtual -// cluster level. The current priority implementation uses different connection -// pool and circuit breaking settings for each priority level. This means that -// even for HTTP/2 requests, two physical connections will be used to an -// upstream host. In the future Envoy will likely support true HTTP/2 priority -// over a single upstream connection. -enum RoutingPriority { - DEFAULT = 0; - HIGH = 1; -} - -// HTTP request method. -enum RequestMethod { - option (gogoproto.goproto_enum_prefix) = false; - METHOD_UNSPECIFIED = 0; - GET = 1; - HEAD = 2; - POST = 3; - PUT = 4; - DELETE = 5; - CONNECT = 6; - OPTIONS = 7; - TRACE = 8; -} - -// Header name/value pair. -message HeaderValue { - // Header name. - string key = 1 [(validate.rules).string = {min_bytes: 1, max_bytes: 16384}]; - - // Header value. - // - // The same :ref:`format specifier ` as used for - // :ref:`HTTP access logging ` applies here, however - // unknown header values are replaced with the empty string instead of `-`. - string value = 2 [(validate.rules).string.max_bytes = 16384]; -} - -// Header name/value pair plus option to control append behavior. -message HeaderValueOption { - // Header name/value pair that this option applies to. - HeaderValue header = 1 [(validate.rules).message.required = true]; - - // Should the value be appended? If true (default), the value is appended to - // existing values. - google.protobuf.BoolValue append = 2; -} - -// Wrapper for a set of headers. -message HeaderMap { - repeated HeaderValue headers = 1; -} - -// Data source consisting of either a file or an inline value. -message DataSource { - oneof specifier { - option (validate.required) = true; - - // Local filesystem data source. - string filename = 1 [(validate.rules).string.min_bytes = 1]; - - // Bytes inlined in the configuration. - bytes inline_bytes = 2 [(validate.rules).bytes.min_len = 1]; - - // String inlined in the configuration. - string inline_string = 3 [(validate.rules).string.min_bytes = 1]; - } -} - -// Configuration for transport socket in :ref:`listeners ` and -// :ref:`clusters `. If the configuration is -// empty, a default transport socket implementation and configuration will be -// chosen based on the platform and existence of tls_context. -message TransportSocket { - // The name of the transport socket to instantiate. The name must match a supported transport - // socket implementation. - string name = 1 [(validate.rules).string.min_bytes = 1]; - - // Implementation specific configuration which depends on the implementation being instantiated. - // See the supported transport socket implementations for further documentation. - oneof config_type { - google.protobuf.Struct config = 2; - - google.protobuf.Any typed_config = 3; - } -} - -// Generic socket option message. This would be used to set socket options that -// might not exist in upstream kernels or precompiled Envoy binaries. -message SocketOption { - // An optional name to give this socket option for debugging, etc. - // Uniqueness is not required and no special meaning is assumed. - string description = 1; - // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP - int64 level = 2; - // The numeric name as passed to setsockopt - int64 name = 3; - oneof value { - option (validate.required) = true; - - // Because many sockopts take an int value. - int64 int_value = 4; - // Otherwise it's a byte buffer. - bytes buf_value = 5; - } - enum SocketState { - option (gogoproto.goproto_enum_prefix) = false; - // Socket options are applied after socket creation but before binding the socket to a port - STATE_PREBIND = 0; - // Socket options are applied after binding the socket to a port but before calling listen() - STATE_BOUND = 1; - // Socket options are applied after calling listen() - STATE_LISTENING = 2; - } - // The state in which the option will be applied. When used in BindConfig - // STATE_PREBIND is currently the only valid value. - SocketState state = 6 - [(validate.rules).message.required = true, (validate.rules).enum.defined_only = true]; -} - -// Runtime derived FractionalPercent with defaults for when the numerator or denominator is not -// specified via a runtime key. -message RuntimeFractionalPercent { - // Default value if the runtime value's for the numerator/denominator keys are not available. - envoy.type.FractionalPercent default_value = 1 [(validate.rules).message.required = true]; - - // Runtime key for a YAML representation of a FractionalPercent. - string runtime_key = 2; -} - -// Identifies a specific ControlPlane instance that Envoy is connected to. -message ControlPlane { - // An opaque control plane identifier that uniquely identifies an instance - // of control plane. This can be used to identify which control plane instance, - // the Envoy is connected to. - string identifier = 1; -} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/address.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/address.proto similarity index 54% rename from oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/address.proto rename to oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/address.proto index 6e76f5b721901505ccd9be15ff784ba8b48b8988..8228450eb93c17ce75cb17d3bea7ed402cdca8cd 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/api/v2/core/address.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/address.proto @@ -1,62 +1,87 @@ syntax = "proto3"; -package envoy.api.v2.core; +package envoy.config.core.v3; -option java_outer_classname = "AddressProto"; -option java_multiple_files = true; -option java_package = "io.envoyproxy.envoy.api.v2.core"; - -import "envoy/api/v2/core/base.proto"; +import "envoy/config/core/v3/socket_option.proto"; import "google/protobuf/wrappers.proto"; +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; -import "gogoproto/gogo.proto"; -option (gogoproto.equal_all) = true; +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "AddressProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Network addresses] message Pipe { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Pipe"; + // Unix Domain Socket path. On Linux, paths starting with '@' will use the // abstract namespace. The starting '@' is replaced by a null byte by Envoy. // Paths starting with '@' will result in an error in environments other than // Linux. - string path = 1 [(validate.rules).string.min_bytes = 1]; + string path = 1 [(validate.rules).string = {min_len: 1}]; + + // The mode for the Pipe. Not applicable for abstract sockets. + uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}]; } +// [#not-implemented-hide:] The address represents an envoy internal listener. +// TODO(lambdai): Make this address available for listener and endpoint. +// TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30. +message EnvoyInternalAddress { + oneof address_name_specifier { + option (validate.required) = true; + + // [#not-implemented-hide:] The :ref:`listener name ` of the destination internal listener. + string server_listener_name = 1; + } +} + +// [#next-free-field: 7] message SocketAddress { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketAddress"; + enum Protocol { - option (gogoproto.goproto_enum_prefix) = false; TCP = 0; - // [#not-implemented-hide:] UDP = 1; } - Protocol protocol = 1 [(validate.rules).enum.defined_only = true]; + + Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; + // The address for this socket. :ref:`Listeners ` will bind // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching - // in :ref:`FilterChainMatch `.] When used - // within an upstream :ref:`BindConfig `, the address + // in :ref:`FilterChainMatch `.] When used + // within an upstream :ref:`BindConfig `, the address // controls the source address of outbound connections. For :ref:`clusters - // `, the cluster type determines whether the + // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized - // via :ref:`resolver_name `. - string address = 2 [(validate.rules).string.min_bytes = 1]; + // via :ref:`resolver_name `. + string address = 2 [(validate.rules).string = {min_len: 1}]; + oneof port_specifier { option (validate.required) = true; - uint32 port_value = 3 [(validate.rules).uint32.lte = 65535]; + + uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}]; + // This is only valid if :ref:`resolver_name - // ` is specified below and the + // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } - // The name of the resolver. This must have been registered with Envoy. If this is - // empty, a context dependent default applies. If address is a hostname this - // should be set for resolution other than DNS. If the address is a concrete - // IP address, no resolution will occur. + + // The name of the custom resolver. This must have been registered with Envoy. If + // this is empty, a context dependent default applies. If the address is a concrete + // IP address, no resolution will occur. If address is a hostname this + // should be set for resolution other than DNS. Specifying a custom resolver with + // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; // When binding to an IPv6 address above, this enables `IPv4 compatibility @@ -67,27 +92,32 @@ message SocketAddress { } message TcpKeepalive { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpKeepalive"; + // Maximum number of keepalive probes to send without response before deciding // the connection is dead. Default is to use the OS level configuration (unless // overridden, Linux defaults to 9.) google.protobuf.UInt32Value keepalive_probes = 1; + // The number of seconds a connection needs to be idle before keep-alive probes // start being sent. Default is to use the OS level configuration (unless - // overridden, Linux defaults to 7200s (ie 2 hours.) + // overridden, Linux defaults to 7200s (i.e., 2 hours.) google.protobuf.UInt32Value keepalive_time = 2; + // The number of seconds between keep-alive probes. Default is to use the OS // level configuration (unless overridden, Linux defaults to 75s.) google.protobuf.UInt32Value keepalive_interval = 3; } message BindConfig { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BindConfig"; + // The address to bind to when creating a socket. - SocketAddress source_address = 1 - [(validate.rules).message.required = true, (gogoproto.nullable) = false]; + SocketAddress source_address = 1 [(validate.rules).message = {required: true}]; // Whether to set the *IP_FREEBIND* option when creating the socket. When this // flag is set to true, allows the :ref:`source_address - // ` to be an IP address + // ` to be an IP address // that is not configured on the system running Envoy. When this flag is set // to false, the option *IP_FREEBIND* is disabled on the socket. When this // flag is not set (default), the socket is not modified, i.e. the option is @@ -103,19 +133,28 @@ message BindConfig { // used to tell Envoy where to bind/listen, connect to upstream and find // management servers. message Address { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Address"; + oneof address { option (validate.required) = true; SocketAddress socket_address = 1; + Pipe pipe = 2; + + // [#not-implemented-hide:] + EnvoyInternalAddress envoy_internal_address = 3; } } // CidrRange specifies an IP Address and a prefix length to construct // the subnet mask for a `CIDR `_ range. message CidrRange { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.CidrRange"; + // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. - string address_prefix = 1 [(validate.rules).string.min_bytes = 1]; + string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; + // Length of prefix, e.g. 0, 32. - google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32.lte = 128]; + google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}]; } diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/backoff.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/backoff.proto new file mode 100644 index 0000000000000000000000000000000000000000..55b504e716577b13c72c5e427d4d3ddfbe33edb6 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/backoff.proto @@ -0,0 +1,36 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "google/protobuf/duration.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "BackoffProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Backoff Strategy] + +// Configuration defining a jittered exponential back off strategy. +message BackoffStrategy { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BackoffStrategy"; + + // The base interval to be used for the next back off computation. It should + // be greater than zero and less than or equal to :ref:`max_interval + // `. + google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { + required: true + gte {nanos: 1000000} + }]; + + // Specifies the maximum interval between retries. This parameter is optional, + // but must be greater than or equal to the :ref:`base_interval + // ` if set. The default + // is 10 times the :ref:`base_interval + // `. + google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {}}]; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/base.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/base.proto new file mode 100644 index 0000000000000000000000000000000000000000..7a53b31c546c35c33c7e35c2b16db2e75e735914 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/base.proto @@ -0,0 +1,435 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "envoy/config/core/v3/address.proto"; +import "envoy/config/core/v3/backoff.proto"; +import "envoy/config/core/v3/http_uri.proto"; +import "envoy/type/v3/percent.proto"; +import "envoy/type/v3/semantic_version.proto"; + +import "google/protobuf/any.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/wrappers.proto"; + +import "udpa/annotations/migrate.proto"; +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "BaseProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Common types] + +// Envoy supports :ref:`upstream priority routing +// ` both at the route and the virtual +// cluster level. The current priority implementation uses different connection +// pool and circuit breaking settings for each priority level. This means that +// even for HTTP/2 requests, two physical connections will be used to an +// upstream host. In the future Envoy will likely support true HTTP/2 priority +// over a single upstream connection. +enum RoutingPriority { + DEFAULT = 0; + HIGH = 1; +} + +// HTTP request method. +enum RequestMethod { + METHOD_UNSPECIFIED = 0; + GET = 1; + HEAD = 2; + POST = 3; + PUT = 4; + DELETE = 5; + CONNECT = 6; + OPTIONS = 7; + TRACE = 8; + PATCH = 9; +} + +// Identifies the direction of the traffic relative to the local Envoy. +enum TrafficDirection { + // Default option is unspecified. + UNSPECIFIED = 0; + + // The transport is used for incoming traffic. + INBOUND = 1; + + // The transport is used for outgoing traffic. + OUTBOUND = 2; +} + +// Identifies location of where either Envoy runs or where upstream hosts run. +message Locality { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Locality"; + + // Region this :ref:`zone ` belongs to. + string region = 1; + + // Defines the local service zone where Envoy is running. Though optional, it + // should be set if discovery service routing is used and the discovery + // service exposes :ref:`zone data `, + // either in this message or via :option:`--service-zone`. The meaning of zone + // is context dependent, e.g. `Availability Zone (AZ) + // `_ + // on AWS, `Zone `_ on + // GCP, etc. + string zone = 2; + + // When used for locality of upstream hosts, this field further splits zone + // into smaller chunks of sub-zones so they can be load balanced + // independently. + string sub_zone = 3; +} + +// BuildVersion combines SemVer version of extension with free-form build information +// (i.e. 'alpha', 'private-build') as a set of strings. +message BuildVersion { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BuildVersion"; + + // SemVer version of extension. + type.v3.SemanticVersion version = 1; + + // Free-form build information. + // Envoy defines several well known keys in the source/common/version/version.h file + google.protobuf.Struct metadata = 2; +} + +// Version and identification for an Envoy extension. +// [#next-free-field: 6] +message Extension { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Extension"; + + // This is the name of the Envoy filter as specified in the Envoy + // configuration, e.g. envoy.filters.http.router, com.acme.widget. + string name = 1; + + // Category of the extension. + // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" + // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from + // acme.com vendor. + // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] + string category = 2; + + // [#not-implemented-hide:] Type descriptor of extension configuration proto. + // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] + // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] + string type_descriptor = 3; + + // The version is a property of the extension and maintained independently + // of other extensions and the Envoy API. + // This field is not set when extension did not provide version information. + BuildVersion version = 4; + + // Indicates that the extension is present but was disabled via dynamic configuration. + bool disabled = 5; +} + +// Identifies a specific Envoy instance. The node identifier is presented to the +// management server, which may use this identifier to distinguish per Envoy +// configuration for serving. +// [#next-free-field: 12] +message Node { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Node"; + + reserved 5; + + reserved "build_version"; + + // An opaque node identifier for the Envoy node. This also provides the local + // service node name. It should be set if any of the following features are + // used: :ref:`statsd `, :ref:`CDS + // `, and :ref:`HTTP tracing + // `, either in this message or via + // :option:`--service-node`. + string id = 1; + + // Defines the local service cluster name where Envoy is running. Though + // optional, it should be set if any of the following features are used: + // :ref:`statsd `, :ref:`health check cluster + // verification + // `, + // :ref:`runtime override directory `, + // :ref:`user agent addition + // `, + // :ref:`HTTP global rate limiting `, + // :ref:`CDS `, and :ref:`HTTP tracing + // `, either in this message or via + // :option:`--service-cluster`. + string cluster = 2; + + // Opaque metadata extending the node identifier. Envoy will pass this + // directly to the management server. + google.protobuf.Struct metadata = 3; + + // Locality specifying where the Envoy instance is running. + Locality locality = 4; + + // Free-form string that identifies the entity requesting config. + // E.g. "envoy" or "grpc" + string user_agent_name = 6; + + oneof user_agent_version_type { + // Free-form string that identifies the version of the entity requesting config. + // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" + string user_agent_version = 7; + + // Structured version of the entity requesting config. + BuildVersion user_agent_build_version = 8; + } + + // List of extensions and their versions supported by the node. + repeated Extension extensions = 9; + + // Client feature support list. These are well known features described + // in the Envoy API repository for a given major version of an API. Client features + // use reverse DNS naming scheme, for example `com.acme.feature`. + // See :ref:`the list of features ` that xDS client may + // support. + repeated string client_features = 10; + + // Known listening ports on the node as a generic hint to the management server + // for filtering :ref:`listeners ` to be returned. For example, + // if there is a listener bound to port 80, the list can optionally contain the + // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. + repeated Address listening_addresses = 11 [deprecated = true]; +} + +// Metadata provides additional inputs to filters based on matched listeners, +// filter chains, routes and endpoints. It is structured as a map, usually from +// filter name (in reverse DNS format) to metadata specific to the filter. Metadata +// key-values for a filter are merged as connection and request handling occurs, +// with later values for the same key overriding earlier values. +// +// An example use of metadata is providing additional values to +// http_connection_manager in the envoy.http_connection_manager.access_log +// namespace. +// +// Another example use of metadata is to per service config info in cluster metadata, which may get +// consumed by multiple filters. +// +// For load balancing, Metadata provides a means to subset cluster endpoints. +// Endpoints have a Metadata object associated and routes contain a Metadata +// object to match against. There are some well defined metadata used today for +// this purpose: +// +// * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an +// endpoint and is also used during header processing +// (x-envoy-upstream-canary) and for stats purposes. +// [#next-major-version: move to type/metadata/v2] +message Metadata { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Metadata"; + + // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* + // namespace is reserved for Envoy's built-in filters. + map filter_metadata = 1; +} + +// Runtime derived uint32 with a default when not specified. +message RuntimeUInt32 { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeUInt32"; + + // Default value if runtime value is not available. + uint32 default_value = 2; + + // Runtime key to get value for comparison. This value is used if defined. + string runtime_key = 3 [(validate.rules).string = {min_len: 1}]; +} + +// Runtime derived percentage with a default when not specified. +message RuntimePercent { + // Default value if runtime value is not available. + type.v3.Percent default_value = 1; + + // Runtime key to get value for comparison. This value is used if defined. + string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; +} + +// Runtime derived double with a default when not specified. +message RuntimeDouble { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RuntimeDouble"; + + // Default value if runtime value is not available. + double default_value = 1; + + // Runtime key to get value for comparison. This value is used if defined. + string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; +} + +// Runtime derived bool with a default when not specified. +message RuntimeFeatureFlag { + option (udpa.annotations.versioning).previous_message_type = + "envoy.api.v2.core.RuntimeFeatureFlag"; + + // Default value if runtime value is not available. + google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; + + // Runtime key to get value for comparison. This value is used if defined. The boolean value must + // be represented via its + // `canonical JSON encoding `_. + string runtime_key = 2 [(validate.rules).string = {min_len: 1}]; +} + +// Header name/value pair. +message HeaderValue { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderValue"; + + // Header name. + string key = 1 + [(validate.rules).string = + {min_len: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; + + // Header value. + // + // The same :ref:`format specifier ` as used for + // :ref:`HTTP access logging ` applies here, however + // unknown header values are replaced with the empty string instead of `-`. + string value = 2 [ + (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} + ]; +} + +// Header name/value pair plus option to control append behavior. +message HeaderValueOption { + option (udpa.annotations.versioning).previous_message_type = + "envoy.api.v2.core.HeaderValueOption"; + + // Header name/value pair that this option applies to. + HeaderValue header = 1 [(validate.rules).message = {required: true}]; + + // Should the value be appended? If true (default), the value is appended to + // existing values. Otherwise it replaces any existing values. + google.protobuf.BoolValue append = 2; +} + +// Wrapper for a set of headers. +message HeaderMap { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HeaderMap"; + + repeated HeaderValue headers = 1; +} + +// A directory that is watched for changes, e.g. by inotify on Linux. Move/rename +// events inside this directory trigger the watch. +message WatchedDirectory { + // Directory path to watch. + string path = 1 [(validate.rules).string = {min_len: 1}]; +} + +// Data source consisting of either a file or an inline value. +message DataSource { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.DataSource"; + + oneof specifier { + option (validate.required) = true; + + // Local filesystem data source. + string filename = 1 [(validate.rules).string = {min_len: 1}]; + + // Bytes inlined in the configuration. + bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; + + // String inlined in the configuration. + string inline_string = 3 [(validate.rules).string = {min_len: 1}]; + } +} + +// The message specifies the retry policy of remote data source when fetching fails. +message RetryPolicy { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RetryPolicy"; + + // Specifies parameters that control :ref:`retry backoff strategy `. + // This parameter is optional, in which case the default base interval is 1000 milliseconds. The + // default maximum interval is 10 times the base interval. + BackoffStrategy retry_back_off = 1; + + // Specifies the allowed number of retries. This parameter is optional and + // defaults to 1. + google.protobuf.UInt32Value num_retries = 2 + [(udpa.annotations.field_migrate).rename = "max_retries"]; +} + +// The message specifies how to fetch data from remote and how to verify it. +message RemoteDataSource { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.RemoteDataSource"; + + // The HTTP URI to fetch the remote data. + HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; + + // SHA256 string for verifying data. + string sha256 = 2 [(validate.rules).string = {min_len: 1}]; + + // Retry policy for fetching remote data. + RetryPolicy retry_policy = 3; +} + +// Async data source which support async data fetch. +message AsyncDataSource { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.AsyncDataSource"; + + oneof specifier { + option (validate.required) = true; + + // Local async data source. + DataSource local = 1; + + // Remote async data source. + RemoteDataSource remote = 2; + } +} + +// Configuration for transport socket in :ref:`listeners ` and +// :ref:`clusters `. If the configuration is +// empty, a default transport socket implementation and configuration will be +// chosen based on the platform and existence of tls_context. +message TransportSocket { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TransportSocket"; + + reserved 2; + + reserved "config"; + + // The name of the transport socket to instantiate. The name must match a supported transport + // socket implementation. + string name = 1 [(validate.rules).string = {min_len: 1}]; + + // Implementation specific configuration which depends on the implementation being instantiated. + // See the supported transport socket implementations for further documentation. + oneof config_type { + google.protobuf.Any typed_config = 3; + } +} + +// Runtime derived FractionalPercent with defaults for when the numerator or denominator is not +// specified via a runtime key. +// +// .. note:: +// +// Parsing of the runtime key's data is implemented such that it may be represented as a +// :ref:`FractionalPercent ` proto represented as JSON/YAML +// and may also be represented as an integer with the assumption that the value is an integral +// percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse +// as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. +message RuntimeFractionalPercent { + option (udpa.annotations.versioning).previous_message_type = + "envoy.api.v2.core.RuntimeFractionalPercent"; + + // Default value if the runtime value's for the numerator/denominator keys are not available. + type.v3.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; + + // Runtime key for a YAML representation of a FractionalPercent. + string runtime_key = 2; +} + +// Identifies a specific ControlPlane instance that Envoy is connected to. +message ControlPlane { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.ControlPlane"; + + // An opaque control plane identifier that uniquely identifies an instance + // of control plane. This can be used to identify which control plane instance, + // the Envoy is connected to. + string identifier = 1; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/http_uri.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/http_uri.proto new file mode 100644 index 0000000000000000000000000000000000000000..5d1fc239e07ed215e376eb63593b908709165791 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/http_uri.proto @@ -0,0 +1,56 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "google/protobuf/duration.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "HttpUriProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: HTTP Service URI ] + +// Envoy external URI descriptor +message HttpUri { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.HttpUri"; + + // The HTTP server URI. It should be a full FQDN with protocol, host and path. + // + // Example: + // + // .. code-block:: yaml + // + // uri: https://www.googleapis.com/oauth2/v1/certs + // + string uri = 1 [(validate.rules).string = {min_len: 1}]; + + // Specify how `uri` is to be fetched. Today, this requires an explicit + // cluster, but in the future we may support dynamic cluster creation or + // inline DNS resolution. See `issue + // `_. + oneof http_upstream_type { + option (validate.required) = true; + + // A cluster is created in the Envoy "cluster_manager" config + // section. This field specifies the cluster name. + // + // Example: + // + // .. code-block:: yaml + // + // cluster: jwks_cluster + // + string cluster = 2 [(validate.rules).string = {min_len: 1}]; + } + + // Sets the maximum duration in milliseconds that a response can take to arrive upon request. + google.protobuf.Duration timeout = 3 [(validate.rules).duration = { + required: true + gte {} + }]; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/socket_option.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/socket_option.proto new file mode 100644 index 0000000000000000000000000000000000000000..b22169b86aeb8a6cf3ad7901c687bd9d0d9edd7e --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/config/core/v3/socket_option.proto @@ -0,0 +1,56 @@ +syntax = "proto3"; + +package envoy.config.core.v3; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.core.v3"; +option java_outer_classname = "SocketOptionProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Socket Option ] + +// Generic socket option message. This would be used to set socket options that +// might not exist in upstream kernels or precompiled Envoy binaries. +// [#next-free-field: 7] +message SocketOption { + option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketOption"; + + enum SocketState { + // Socket options are applied after socket creation but before binding the socket to a port + STATE_PREBIND = 0; + + // Socket options are applied after binding the socket to a port but before calling listen() + STATE_BOUND = 1; + + // Socket options are applied after calling listen() + STATE_LISTENING = 2; + } + + // An optional name to give this socket option for debugging, etc. + // Uniqueness is not required and no special meaning is assumed. + string description = 1; + + // Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP + int64 level = 2; + + // The numeric name as passed to setsockopt + int64 name = 3; + + oneof value { + option (validate.required) = true; + + // Because many sockopts take an int value. + int64 int_value = 4; + + // Otherwise it's a byte buffer. + bytes buf_value = 5; + } + + // The state in which the option will be applied. When used in BindConfig + // STATE_PREBIND is currently the only valid value. + SocketState state = 6 [(validate.rules).enum = {defined_only: true}]; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v2/accesslog.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v3/accesslog.proto similarity index 83% rename from oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v2/accesslog.proto rename to oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v3/accesslog.proto index ab5245a7682d7b7efa74d441e06a55e0adeb3184..af7edab5836a4f37002ce3d0abf2f497e5428aef 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v2/accesslog.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/data/accesslog/v3/accesslog.proto @@ -1,21 +1,24 @@ syntax = "proto3"; -package envoy.data.accesslog.v2; +package envoy.data.accesslog.v3; -option java_outer_classname = "AccesslogProto"; -option java_multiple_files = true; -option java_package = "io.envoyproxy.envoy.data.accesslog.v2"; - -import "envoy/api/v2/core/address.proto"; -import "envoy/api/v2/core/base.proto"; +import "envoy/config/core/v3/address.proto"; +import "envoy/config/core/v3/base.proto"; import "google/protobuf/any.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; +option java_package = "io.envoyproxy.envoy.data.accesslog.v3"; +option java_outer_classname = "AccesslogProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + // [#protodoc-title: gRPC access logs] // Envoy access logs describe incoming interaction with Envoy over a fixed // period of time, and typically cover a single request/response exchange, @@ -28,6 +31,9 @@ import "validate/validate.proto"; // in their name. message TCPAccessLogEntry { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.TCPAccessLogEntry"; + // Common properties shared by all Envoy access logs. AccessLogCommon common_properties = 1; @@ -36,6 +42,9 @@ message TCPAccessLogEntry { } message HTTPAccessLogEntry { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.HTTPAccessLogEntry"; + // HTTP version enum HTTPVersion { PROTOCOL_UNSPECIFIED = 0; @@ -59,6 +68,9 @@ message HTTPAccessLogEntry { // Defines fields for a connection message ConnectionProperties { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.ConnectionProperties"; + // Number of bytes received from downstream. uint64 received_bytes = 1; @@ -69,6 +81,9 @@ message ConnectionProperties { // Defines fields that are shared by all Envoy access logs. // [#next-free-field: 22] message AccessLogCommon { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.AccessLogCommon"; + // [#not-implemented-hide:] // This field indicates the rate at which this log entry was sampled. // Valid range is (0.0, 1.0]. @@ -77,10 +92,10 @@ message AccessLogCommon { // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. - envoy.api.v2.core.Address downstream_remote_address = 2; + config.core.v3.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. - envoy.api.v2.core.Address downstream_local_address = 3; + config.core.v3.Address downstream_local_address = 3; // If the connection is secure,S this field will contain TLS properties. TLSProperties tls_properties = 4; @@ -129,10 +144,10 @@ message AccessLogCommon { // The upstream remote/destination address that handles this exchange. This does not include // retries. - envoy.api.v2.core.Address upstream_remote_address = 13; + config.core.v3.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. - envoy.api.v2.core.Address upstream_local_address = 14; + config.core.v3.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; @@ -148,7 +163,7 @@ message AccessLogCommon { // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. - envoy.api.v2.core.Metadata metadata = 17; + config.core.v3.Metadata metadata = 17; // If upstream connection failed due to transport socket (e.g. TLS handshake), provides the // failure reason from the transport socket. The format of this field depends on the configured @@ -162,7 +177,7 @@ message AccessLogCommon { // This field is the downstream direct remote address on which the request from the user was // received. Note: This is always the physical peer, even if the remote address is inferred from // for example the x-forwarder-for header, proxy protocol, etc. - envoy.api.v2.core.Address downstream_direct_remote_address = 20; + config.core.v3.Address downstream_direct_remote_address = 20; // Map of filter state in stream info that have been configured to be logged. If the filter // state serialized to any message other than `google.protobuf.Any` it will be packed into @@ -171,9 +186,15 @@ message AccessLogCommon { } // Flags indicating occurrences during request/response processing. -// [#next-free-field: 20] +// [#next-free-field: 24] message ResponseFlags { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.ResponseFlags"; + message Unauthorized { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.ResponseFlags.Unauthorized"; + // Reasons why the request was unauthorized enum Reason { REASON_UNSPECIFIED = 0; @@ -242,11 +263,26 @@ message ResponseFlags { // Indicates there was an HTTP protocol error on the downstream request. bool downstream_protocol_error = 19; + + // Indicates there was a max stream duration reached on the upstream request. + bool upstream_max_stream_duration_reached = 20; + + // Indicates the response was served from a cache filter. + bool response_from_cache_filter = 21; + + // Indicates that a filter configuration is not available. + bool no_filter_config_found = 22; + + // Indicates that request or connection exceeded the downstream connection duration. + bool duration_timeout = 23; } // Properties of a negotiated TLS connection. // [#next-free-field: 7] message TLSProperties { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.TLSProperties"; + enum TLSVersion { VERSION_UNSPECIFIED = 0; TLSv1 = 1; @@ -256,7 +292,13 @@ message TLSProperties { } message CertificateProperties { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.TLSProperties.CertificateProperties"; + message SubjectAltName { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.TLSProperties.CertificateProperties.SubjectAltName"; + oneof san { string uri = 1; @@ -297,8 +339,11 @@ message TLSProperties { // [#next-free-field: 14] message HTTPRequestProperties { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.HTTPRequestProperties"; + // The request method (RFC 7231/2616). - envoy.api.v2.core.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; + config.core.v3.RequestMethod request_method = 1 [(validate.rules).enum = {defined_only: true}]; // The scheme portion of the incoming request URI. string scheme = 2; @@ -350,6 +395,9 @@ message HTTPRequestProperties { // [#next-free-field: 7] message HTTPResponseProperties { + option (udpa.annotations.versioning).previous_message_type = + "envoy.data.accesslog.v2.HTTPResponseProperties"; + // The HTTP response code returned by Envoy. google.protobuf.UInt32Value response_code = 1; diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v2/als.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v2/als.proto index 1ee6ccd0094c3b281fe30cd14b79d16c721f7d92..8c5a4227959172936649fea0437b91b8741391f6 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v2/als.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v2/als.proto @@ -8,66 +8,16 @@ option java_package = "io.envoyproxy.envoy.service.accesslog.v2"; option go_package = "v2"; option java_generic_services = true; -import "envoy/api/v2/core/base.proto"; -import "envoy/data/accesslog/v2/accesslog.proto"; - -import "validate/validate.proto"; +import "envoy/service/accesslog/v3/als.proto"; // [#protodoc-title: gRPC Access Log Service (ALS)] // Service for streaming access logs from Envoy to an access log server. service AccessLogService { - // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any - // response to be sent as nothing would be done in the case of failure. The server should - // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different - // API for "critical" access logs in which Envoy will buffer access logs for some period of time - // until it gets an ACK so it could then retry. This API is designed for high throughput with the - // expectation that it might be lossy. - rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { - } -} - -// Empty response for the StreamAccessLogs API. Will never be sent. See below. -message StreamAccessLogsResponse { -} - -// Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream -// access logs without ever expecting a response. -message StreamAccessLogsMessage { - message Identifier { - // The node sending the access log messages over the stream. - envoy.api.v2.core.Node node = 1 [(validate.rules).message.required = true]; - - // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig - // `. - string log_name = 2 [(validate.rules).string.min_bytes = 1]; - } - - // Identifier data that will only be sent in the first message on the stream. This is effectively - // structured metadata and is a performance optimization. - Identifier identifier = 1; - - // Wrapper for batches of HTTP access log entries. - message HTTPAccessLogEntries { - repeated envoy.data.accesslog.v2.HTTPAccessLogEntry log_entry = 1 - [(validate.rules).repeated .min_items = 1]; - } - - // [#not-implemented-hide:] - // Wrapper for batches of TCP access log entries. - message TCPAccessLogEntries { - repeated envoy.data.accesslog.v2.TCPAccessLogEntry log_entry = 1 - [(validate.rules).repeated .min_items = 1]; - } - - // Batches of log entries of a single type. Generally speaking, a given stream should only - // ever include one type of log entry. - oneof log_entries { - option (validate.required) = true; - - HTTPAccessLogEntries http_logs = 2; - - // [#not-implemented-hide:] - TCPAccessLogEntries tcp_logs = 3; + // In order to simultaneously support Envoy AccessLogService V2 and V3 without duplicating too many codes, + // we combine the V2 service definition and V3 message protobuf and delegate the V2 service handler to V3, + // this is only feasible when the message protobuf of V3 is compatible with V2 (i.e. backward compatibility). + // For more about AccessLogService, read envoy/service/accesslog/v3/als.proto + rpc StreamAccessLogs(stream envoy.service.accesslog.v3.StreamAccessLogsMessage) returns (envoy.service.accesslog.v3.StreamAccessLogsResponse) { } } diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v3/als.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v3/als.proto new file mode 100644 index 0000000000000000000000000000000000000000..5421c2304918245eb4a2084576aceba19647d261 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/accesslog/v3/als.proto @@ -0,0 +1,87 @@ +syntax = "proto3"; + +package envoy.service.accesslog.v3; + +import "envoy/config/core/v3/base.proto"; +import "envoy/data/accesslog/v3/accesslog.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.service.accesslog.v3"; +option java_outer_classname = "AlsProto"; +option java_multiple_files = true; +option java_generic_services = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: gRPC Access Log Service (ALS)] + +// Service for streaming access logs from Envoy to an access log server. +service AccessLogService { + // Envoy will connect and send StreamAccessLogsMessage messages forever. It does not expect any + // response to be sent as nothing would be done in the case of failure. The server should + // disconnect if it expects Envoy to reconnect. In the future we may decide to add a different + // API for "critical" access logs in which Envoy will buffer access logs for some period of time + // until it gets an ACK so it could then retry. This API is designed for high throughput with the + // expectation that it might be lossy. + rpc StreamAccessLogs(stream StreamAccessLogsMessage) returns (StreamAccessLogsResponse) { + } +} + +// Empty response for the StreamAccessLogs API. Will never be sent. See below. +message StreamAccessLogsResponse { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.accesslog.v2.StreamAccessLogsResponse"; +} + +// Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream +// access logs without ever expecting a response. +message StreamAccessLogsMessage { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.accesslog.v2.StreamAccessLogsMessage"; + + message Identifier { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.accesslog.v2.StreamAccessLogsMessage.Identifier"; + + // The node sending the access log messages over the stream. + config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; + + // The friendly name of the log configured in :ref:`CommonGrpcAccessLogConfig + // `. + string log_name = 2 [(validate.rules).string = {min_len: 1}]; + } + + // Wrapper for batches of HTTP access log entries. + message HTTPAccessLogEntries { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.accesslog.v2.StreamAccessLogsMessage.HTTPAccessLogEntries"; + + repeated data.accesslog.v3.HTTPAccessLogEntry log_entry = 1 + [(validate.rules).repeated = {min_items: 1}]; + } + + // Wrapper for batches of TCP access log entries. + message TCPAccessLogEntries { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.accesslog.v2.StreamAccessLogsMessage.TCPAccessLogEntries"; + + repeated data.accesslog.v3.TCPAccessLogEntry log_entry = 1 + [(validate.rules).repeated = {min_items: 1}]; + } + + // Identifier data that will only be sent in the first message on the stream. This is effectively + // structured metadata and is a performance optimization. + Identifier identifier = 1; + + // Batches of log entries of a single type. Generally speaking, a given stream should only + // ever include one type of log entry. + oneof log_entries { + option (validate.required) = true; + + HTTPAccessLogEntries http_logs = 2; + + TCPAccessLogEntries tcp_logs = 3; + } +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v2/metrics_service.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v2/metrics_service.proto index 75f8ee37b12641c3de1bd1df8581ee7f20704562..9cca707b8f8ac73c7f9514cac3ab9a959d190b25 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v2/metrics_service.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v2/metrics_service.proto @@ -8,7 +8,7 @@ option java_package = "io.envoyproxy.envoy.service.metrics.v2"; option go_package = "v2"; option java_generic_services = true; -import "envoy/api/v2/core/base.proto"; +import "envoy/service/metrics/v3/metrics_service.proto"; // This line is different from the definition in https://github.com/envoyproxy/data-plane-api to let // the dependency structure clearer. @@ -19,25 +19,10 @@ import "validate/validate.proto"; // Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric // data model as a standard to represent metrics information. service MetricsService { - // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any - // response to be sent as nothing would be done in the case of failure. - rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { + // In order to simultaneously support Envoy MetricsService V2 and V3 without duplicating too many codes, + // we combine the V2 service definition and V3 message protobuf and delegate the V2 service handler to V3, + // this is only feasible when the message protobuf of V3 is compatible with V2 (i.e. backward compatibility). + // For more about MetricsService, read envoy/service/metrics/v3/metrics_service.proto + rpc StreamMetrics(stream envoy.service.metrics.v3.StreamMetricsMessage) returns (envoy.service.metrics.v3.StreamMetricsResponse) { } } - -message StreamMetricsResponse { -} - -message StreamMetricsMessage { - message Identifier { - // The node sending metrics over the stream. - envoy.api.v2.core.Node node = 1 [(validate.rules).message.required = true]; - } - - // Identifier data effectively is a structured metadata. As a performance optimization this will - // only be sent in the first message on the stream. - Identifier identifier = 1; - - // A list of metric entries - repeated io.prometheus.client.MetricFamily envoy_metrics = 2; -} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v3/metrics_service.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v3/metrics_service.proto new file mode 100644 index 0000000000000000000000000000000000000000..38023f988ad0a8419f9a508e4cbf140d45532a54 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/service/metrics/v3/metrics_service.proto @@ -0,0 +1,53 @@ +syntax = "proto3"; + +package envoy.service.metrics.v3; + +import "envoy/config/core/v3/base.proto"; + +import "prometheus/client_model/metrics.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.service.metrics.v3"; +option java_outer_classname = "MetricsServiceProto"; +option java_multiple_files = true; +option java_generic_services = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Metrics service] + +// Service for streaming metrics to server that consumes the metrics data. It uses Prometheus metric +// data model as a standard to represent metrics information. +service MetricsService { + // Envoy will connect and send StreamMetricsMessage messages forever. It does not expect any + // response to be sent as nothing would be done in the case of failure. + rpc StreamMetrics(stream StreamMetricsMessage) returns (StreamMetricsResponse) { + } +} + +message StreamMetricsResponse { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.metrics.v2.StreamMetricsResponse"; +} + +message StreamMetricsMessage { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.metrics.v2.StreamMetricsMessage"; + + message Identifier { + option (udpa.annotations.versioning).previous_message_type = + "envoy.service.metrics.v2.StreamMetricsMessage.Identifier"; + + // The node sending metrics over the stream. + config.core.v3.Node node = 1 [(validate.rules).message = {required: true}]; + } + + // Identifier data effectively is a structured metadata. As a performance optimization this will + // only be sent in the first message on the stream. + Identifier identifier = 1; + + // A list of metric entries + repeated io.prometheus.client.MetricFamily envoy_metrics = 2; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/percent.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/percent.proto similarity index 67% rename from oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/percent.proto rename to oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/percent.proto index 551e93bfdd1ecc4a5c867bf51cab13ac621d9947..3a89a3f44fd5fdc1ed6f0a47e91314f3aada7c0d 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/percent.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/percent.proto @@ -1,21 +1,23 @@ syntax = "proto3"; -package envoy.type; - -option java_outer_classname = "PercentProto"; -option java_multiple_files = true; -option java_package = "io.envoyproxy.envoy.type"; +package envoy.type.v3; +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; import "validate/validate.proto"; -import "gogoproto/gogo.proto"; -option (gogoproto.equal_all) = true; +option java_package = "io.envoyproxy.envoy.type.v3"; +option java_outer_classname = "PercentProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Percent] // Identifies a percentage, in the range [0.0, 100.0]. message Percent { - double value = 1 [(validate.rules).double = {gte: 0, lte: 100}]; + option (udpa.annotations.versioning).previous_message_type = "envoy.type.Percent"; + + double value = 1 [(validate.rules).double = {lte: 100.0 gte: 0.0}]; } // A fractional percentage is used in cases in which for performance reasons performing floating @@ -25,8 +27,7 @@ message Percent { // * **Example**: 1/100 = 1%. // * **Example**: 3/10000 = 0.03%. message FractionalPercent { - // Specifies the numerator. Defaults to 0. - uint32 numerator = 1; + option (udpa.annotations.versioning).previous_message_type = "envoy.type.FractionalPercent"; // Fraction percentages support several fixed denominator values. enum DenominatorType { @@ -46,7 +47,10 @@ message FractionalPercent { MILLION = 2; } + // Specifies the numerator. Defaults to 0. + uint32 numerator = 1; + // Specifies the denominator. If the denominator specified is less than the numerator, the final // fractional percentage is capped at 1 (100%). - DenominatorType denominator = 2 [(validate.rules).enum.defined_only = true]; + DenominatorType denominator = 2 [(validate.rules).enum = {defined_only: true}]; } diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/semantic_version.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/semantic_version.proto new file mode 100644 index 0000000000000000000000000000000000000000..a4126336f03aee79de1eb5525bc9f273f339a612 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/envoy/type/v3/semantic_version.proto @@ -0,0 +1,26 @@ +syntax = "proto3"; + +package envoy.type.v3; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; + +option java_package = "io.envoyproxy.envoy.type.v3"; +option java_outer_classname = "SemanticVersionProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Semantic Version] + +// Envoy uses SemVer (https://semver.org/). Major/minor versions indicate +// expected behaviors and APIs, the patch version field is used only +// for security fixes and can be generally ignored. +message SemanticVersion { + option (udpa.annotations.versioning).previous_message_type = "envoy.type.SemanticVersion"; + + uint32 major_number = 1; + + uint32 minor_number = 2; + + uint32 patch = 3; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/migrate.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/migrate.proto new file mode 100644 index 0000000000000000000000000000000000000000..1c42a6404dcc1b7d069736749504a3db8984745b --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/migrate.proto @@ -0,0 +1,49 @@ +syntax = "proto3"; + +package udpa.annotations; + +import "google/protobuf/descriptor.proto"; + +// Magic number in this file derived from top 28bit of SHA256 digest of +// "udpa.annotation.migrate". + +extend google.protobuf.MessageOptions { + MigrateAnnotation message_migrate = 171962766; +} + +extend google.protobuf.FieldOptions { + FieldMigrateAnnotation field_migrate = 171962766; +} + +extend google.protobuf.EnumOptions { + MigrateAnnotation enum_migrate = 171962766; +} + +extend google.protobuf.EnumValueOptions { + MigrateAnnotation enum_value_migrate = 171962766; +} + +extend google.protobuf.FileOptions { + FileMigrateAnnotation file_migrate = 171962766; +} + +message MigrateAnnotation { + // Rename the message/enum/enum value in next version. + string rename = 1; +} + +message FieldMigrateAnnotation { + // Rename the field in next version. + string rename = 1; + + // Add the field to a named oneof in next version. If this already exists, the + // field will join its siblings under the oneof, otherwise a new oneof will be + // created with the given name. + string oneof_promotion = 2; +} + +message FileMigrateAnnotation { + // Move all types in the file to another package, this implies changing proto + // file path. + string move_to_package = 2; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/status.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/status.proto new file mode 100644 index 0000000000000000000000000000000000000000..9832ffd3a2febf528367cab72644887cecd61d9c --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/status.proto @@ -0,0 +1,34 @@ +syntax = "proto3"; + +package udpa.annotations; + +import "google/protobuf/descriptor.proto"; + +// Magic number in this file derived from top 28bit of SHA256 digest of +// "udpa.annotation.status". +extend google.protobuf.FileOptions { + StatusAnnotation file_status = 222707719; +} + +enum PackageVersionStatus { + // Unknown package version status. + UNKNOWN = 0; + + // This version of the package is frozen. + FROZEN = 1; + + // This version of the package is the active development version. + ACTIVE = 2; + + // This version of the package is the candidate for the next major version. It + // is typically machine generated from the active development version. + NEXT_MAJOR_VERSION_CANDIDATE = 3; +} + +message StatusAnnotation { + // The entity is work-in-progress and subject to breaking changes. + bool work_in_progress = 1; + + // The entity belongs to a package with the given version status. + PackageVersionStatus package_version_status = 2; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/versioning.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/versioning.proto new file mode 100644 index 0000000000000000000000000000000000000000..16f6dc30cad61d6a98db6dcd915cddd7a9bd1e24 --- /dev/null +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/udpa/annotations/versioning.proto @@ -0,0 +1,17 @@ +syntax = "proto3"; + +package udpa.annotations; + +import "google/protobuf/descriptor.proto"; + +extend google.protobuf.MessageOptions { + // Magic number derived from 0x78 ('x') 0x44 ('D') 0x53 ('S') + VersioningAnnotation versioning = 7881811; +} + +message VersioningAnnotation { + // Track the previous message type. E.g. this message might be + // udpa.foo.v3alpha.Foo and it was previously udpa.bar.v2.Bar. This + // information is consumed by UDPA via proto descriptors. + string previous_message_type = 1; +} diff --git a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/validate/validate.proto b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/validate/validate.proto index 1c5e04a16517d3b3a223df8a10760b2bfff6d3bc..74d0a7e821286ec5d05721bc463c75fe2402acc8 100644 --- a/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/validate/validate.proto +++ b/oap-server/server-receiver-plugin/receiver-proto/src/main/proto/validate/validate.proto @@ -1,8 +1,8 @@ syntax = "proto2"; package validate; -option go_package = "github.com/lyft/protoc-gen-validate/validate"; -option java_package = "com.lyft.pgv.validate"; +option go_package = "github.com/envoyproxy/protoc-gen-validate/validate"; +option java_package = "io.envoyproxy.pgv.validate"; import "google/protobuf/descriptor.proto"; import "google/protobuf/duration.proto"; @@ -12,26 +12,29 @@ import "google/protobuf/timestamp.proto"; extend google.protobuf.MessageOptions { // Disabled nullifies any validation rules for this message, including any // message fields associated with it that do support validation. - optional bool disabled = 919191; + optional bool disabled = 1071; + // Ignore skips generation of validation methods for this message. + optional bool ignored = 1072; } // Validation rules applied at the oneof level extend google.protobuf.OneofOptions { // Required ensures that exactly one the field options in a oneof is set; // validation fails if no fields in the oneof are set. - optional bool required = 919191; + optional bool required = 1071; } // Validation rules applied at the field level extend google.protobuf.FieldOptions { // Rules specify the validations to be performed on this field. By default, // no validation is performed against a field. - optional FieldRules rules = 919191; + optional FieldRules rules = 1071; } // FieldRules encapsulates the rules for each type of field. Depending on the // field, the correct set should be used to ensure proper validations. message FieldRules { + optional MessageRules message = 17; oneof type { // Scalar Field Types FloatRules float = 1; @@ -52,7 +55,6 @@ message FieldRules { // Complex Field Types EnumRules enum = 16; - MessageRules message = 17; RepeatedRules repeated = 18; MapRules map = 19; @@ -502,6 +504,10 @@ message StringRules { // anywhere in the string. optional string contains = 9; + // NotContains specifies that this field cannot have the specified substring + // anywhere in the string. + optional string not_contains = 23; + // In specifies that this field must be equal to one of the specified // values repeated string in = 10; @@ -540,7 +546,37 @@ message StringRules { // UriRef specifies that the field must be a valid URI as defined by RFC // 3986 and may be relative or absolute. bool uri_ref = 18; + + // Address specifies that the field must be either a valid hostname as + // defined by RFC 1034 (which does not support internationalized domain + // names or IDNs), or it can be a valid IP (v4 or v6). + bool address = 21; + + // Uuid specifies that the field must be a valid UUID as defined by + // RFC 4122 + bool uuid = 22; + + // WellKnownRegex specifies a common well known pattern defined as a regex. + KnownRegex well_known_regex = 24; } + + // This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable + // strict header validation. + // By default, this is true, and HTTP header validations are RFC-compliant. + // Setting to false will enable a looser validations that only disallows + // \r\n\0 characters, which can be used to bypass header matching rules. + optional bool strict = 25 [default = true]; +} + +// WellKnownRegex contain some well-known patterns. +enum KnownRegex { + UNKNOWN = 0; + + // HTTP header name as defined by RFC 7230. + HTTP_HEADER_NAME = 1; + + // HTTP header value as defined by RFC 7230. + HTTP_HEADER_VALUE = 2; } // BytesRules describe the constraints applied to `bytes` values diff --git a/pom.xml b/pom.xml index 1ecf07bc79f9b515b6b732d5d2147a4e174b75f0..ca46d9f61e160cfc448074bc8aadb1dc337eaed7 100755 --- a/pom.xml +++ b/pom.xml @@ -503,6 +503,7 @@ **/src/main/fbs/istio/** **/src/main/proto/envoy/** + **/src/main/proto/udpa/** **/src/main/proto/gogoproto/gogo.proto **/src/main/proto/google/** **/src/main/proto/istio/**