diff --git a/.devcontainer/README.md b/.devcontainer/README.md index f8119f9c5f6a..5367105d7c71 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -7,7 +7,7 @@ This directory contains some experimental tools for Envoy Development in [VSCode Open with VSCode with the Container extension installed. Follow the [official guide](https://code.visualstudio.com/docs/remote/containers) to open this repository directly from GitHub or from checked-out source tree. -After opening, run the `Refresh Compilation Database` task to generate compilation database to navigate in source code. +After opening, run the `Refresh Compilation Database` task to generate compilation database to navigate in source code. This will run partial build of Envoy and may take a while depends on the machine performance. This task is needed to run everytime after: - Changing a BUILD file that add/remove files from a target, changes dependencies diff --git a/.gitattributes b/.gitattributes index 03203a47dda8..895c1eeb76ad 100644 --- a/.gitattributes +++ b/.gitattributes @@ -3,4 +3,6 @@ /generated_api_shadow/envoy/** linguist-generated=true /generated_api_shadow/bazel/** linguist-generated=true *.svg binary +/test/extensions/transport_sockets/tls/test_data/aes_128_key binary +/test/extensions/transport_sockets/tls/test_data/ticket_key_* binary /test/**/*_corpus/* linguist-generated=true diff --git a/.github/workflows/codeql-daily.yml b/.github/workflows/codeql-daily.yml index 52a6a30ea1ea..00707a85782a 100644 --- a/.github/workflows/codeql-daily.yml +++ b/.github/workflows/codeql-daily.yml @@ -37,19 +37,19 @@ jobs: sudo apt-get update && sudo apt-get install libtool cmake automake autoconf make ninja-build curl unzip virtualenv openjdk-11-jdk build-essential libc++1 mkdir -p bin/clang11 cd bin/clang11 - wget https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.1/clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz - tar -xf clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz --strip-components 1 + wget https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.1/clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz + tar -xf clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz --strip-components 1 export PATH=bin/clang11/bin:$PATH - name: Build run: | bazel/setup_clang.sh bin/clang11 bazelisk shutdown - bazelisk build -c fastbuild --spawn_strategy=local --discard_analysis_cache --nouse_action_cache --config clang --config libc++ //source/common/http/... + bazelisk build -c fastbuild --spawn_strategy=local --discard_analysis_cache --nouse_action_cache --config clang --config libc++ //source/common/http/... - name: Clean Artifacts run: | git clean -xdf - + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/codeql-push.yml b/.github/workflows/codeql-push.yml index e204ce770c7e..56254401e418 100644 --- a/.github/workflows/codeql-push.yml +++ b/.github/workflows/codeql-push.yml @@ -45,8 +45,8 @@ jobs: sudo apt-get update && sudo apt-get install libtool cmake automake autoconf make ninja-build curl unzip virtualenv openjdk-11-jdk build-essential libc++1 mkdir -p bin/clang11 cd bin/clang11 - wget https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.1/clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz - tar -xf clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz --strip-components 1 + wget https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.1/clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz + tar -xf clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz --strip-components 1 export PATH=bin/clang11/bin:$PATH @@ -60,7 +60,7 @@ jobs: - name: Clean Artifacts run: | git clean -xdf - + - name: Perform CodeQL Analysis if: env.BUILD_TARGETS != '' uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3c332fad3042..f3ce371f510e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -39,4 +39,4 @@ jobs: stale-pr-label: 'stale' exempt-pr-labels: 'no stalebot' operations-per-run: 500 - ascending: true \ No newline at end of file + ascending: true diff --git a/LICENSE b/LICENSE index 760a01df5b24..1e2bdc6ae7b5 100644 --- a/LICENSE +++ b/LICENSE @@ -199,4 +199,4 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file + limitations under the License. diff --git a/STYLE.md b/STYLE.md index 7156614b1d48..624023602fb8 100644 --- a/STYLE.md +++ b/STYLE.md @@ -159,7 +159,7 @@ A few general notes on our error handling philosophy: continue seems ridiculous because *"this should never happen"*, it's a very good indication that the appropriate behavior is to terminate the process and not handle the error. When in doubt, please discuss. - + # Macro Usage * The following macros are available: @@ -175,7 +175,7 @@ A few general notes on our error handling philosophy: detectability on probable conditions or invariants. * Per above it's acceptable to turn failures into crash semantics via `RELEASE_ASSERT(condition)` or - `PANIC(message)` if there is no other sensible behavior, e.g. in OOM (memory/FD) scenarios. + `PANIC(message)` if there is no other sensible behavior, e.g. in OOM (memory/FD) scenarios. * Do not `ASSERT` on conditions imposed by the external environment. Either add error handling (potentially with an `ENVOY_BUG` for detectability) or `RELEASE_ASSERT` if the condition indicates that the process is unrecoverable. diff --git a/api/envoy/config/filter/http/jwt_authn/v2alpha/README.md b/api/envoy/config/filter/http/jwt_authn/v2alpha/README.md index 0cfe8a2f9b60..d253c3f234a8 100644 --- a/api/envoy/config/filter/http/jwt_authn/v2alpha/README.md +++ b/api/envoy/config/filter/http/jwt_authn/v2alpha/README.md @@ -63,4 +63,4 @@ The `value_prefix` must match exactly, i.e., case-sensitively. If the `value_prefix` is not found, the header is skipped: not considered as a source for a JWT token. If there are no JWT-legal characters after the `value_prefix`, the entire string after it -is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. \ No newline at end of file +is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. diff --git a/api/envoy/extensions/filters/http/jwt_authn/v3/README.md b/api/envoy/extensions/filters/http/jwt_authn/v3/README.md index 0cfe8a2f9b60..d253c3f234a8 100644 --- a/api/envoy/extensions/filters/http/jwt_authn/v3/README.md +++ b/api/envoy/extensions/filters/http/jwt_authn/v3/README.md @@ -63,4 +63,4 @@ The `value_prefix` must match exactly, i.e., case-sensitively. If the `value_prefix` is not found, the header is skipped: not considered as a source for a JWT token. If there are no JWT-legal characters after the `value_prefix`, the entire string after it -is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. \ No newline at end of file +is taken to be the JWT token. This is unlikely to succeed; the error will reported by the JWT parser. diff --git a/api/envoy/extensions/filters/network/rocketmq_proxy/v3/README.md b/api/envoy/extensions/filters/network/rocketmq_proxy/v3/README.md index 3bd849bc2530..c6fb05d18063 100644 --- a/api/envoy/extensions/filters/network/rocketmq_proxy/v3/README.md +++ b/api/envoy/extensions/filters/network/rocketmq_proxy/v3/README.md @@ -1 +1 @@ -Protocol buffer definitions for the Rocketmq proxy. \ No newline at end of file +Protocol buffer definitions for the Rocketmq proxy. diff --git a/ci/docker-entrypoint.sh b/ci/docker-entrypoint.sh index b778560db0f3..6337b4621cb3 100755 --- a/ci/docker-entrypoint.sh +++ b/ci/docker-entrypoint.sh @@ -7,22 +7,22 @@ USERID=$(id -u) # if the first argument look like a parameter (i.e. start with '-'), run Envoy if [ "${1#-}" != "$1" ]; then - set -- envoy "$@" + set -- envoy "$@" fi if [ "$1" = 'envoy' ]; then - # set the log level if the $loglevel variable is set - if [ -n "$loglevel" ]; then - set -- "$@" --log-level "$loglevel" - fi + # set the log level if the $loglevel variable is set + if [ -n "$loglevel" ]; then + set -- "$@" --log-level "$loglevel" + fi fi if [ "$ENVOY_UID" != "0" ] && [ "$USERID" = 0 ]; then if [ -n "$ENVOY_UID" ]; then - usermod -u "$ENVOY_UID" envoy + usermod -u "$ENVOY_UID" envoy fi if [ -n "$ENVOY_GID" ]; then - groupmod -g "$ENVOY_GID" envoy + groupmod -g "$ENVOY_GID" envoy fi # Ensure the envoy user is able to write to container logs chown envoy:envoy /dev/stdout /dev/stderr diff --git a/ci/format_pre.sh b/ci/format_pre.sh index a80a6bf53670..ab29ecc4135b 100755 --- a/ci/format_pre.sh +++ b/ci/format_pre.sh @@ -31,6 +31,10 @@ trap_errors () { trap trap_errors ERR trap exit 1 INT +# TODO: move these to bazel +CURRENT=glint +./tools/code_format/glint.sh + CURRENT=shellcheck ./tools/code_format/check_shellcheck_format.sh check diff --git a/ci/mac_ci_setup.sh b/ci/mac_ci_setup.sh index f6cd976b59e2..196d79ff7eae 100755 --- a/ci/mac_ci_setup.sh +++ b/ci/mac_ci_setup.sh @@ -31,13 +31,13 @@ function install { function retry () { local returns=1 i=1 while ((i<=HOMEBREW_RETRY_ATTEMPTS)); do - if "$@"; then - returns=0 - break - else - sleep "$HOMEBREW_RETRY_INTERVAL"; - ((i++)) - fi + if "$@"; then + returns=0 + break + else + sleep "$HOMEBREW_RETRY_INTERVAL"; + ((i++)) + fi done return "$returns" } diff --git a/ci/upload_gcs_artifact.sh b/ci/upload_gcs_artifact.sh index 83dd13b1c189..68d8afc4d94c 100755 --- a/ci/upload_gcs_artifact.sh +++ b/ci/upload_gcs_artifact.sh @@ -3,8 +3,8 @@ set -e -o pipefail if [[ -z "${GCS_ARTIFACT_BUCKET}" ]]; then - echo "Artifact bucket is not set, not uploading artifacts." - exit 0 + echo "Artifact bucket is not set, not uploading artifacts." + exit 0 fi # Fail when service account key is not specified @@ -14,8 +14,8 @@ SOURCE_DIRECTORY="$1" TARGET_SUFFIX="$2" if [ ! -d "${SOURCE_DIRECTORY}" ]; then - echo "ERROR: ${SOURCE_DIRECTORY} is not found." - exit 1 + echo "ERROR: ${SOURCE_DIRECTORY} is not found." + exit 1 fi if [[ "$BUILD_REASON" == "PullRequest" ]]; then @@ -36,14 +36,14 @@ if [[ "$BUILD_REASON" == "PullRequest" ]]; then TMP_REDIRECT="/tmp/redirect/${REDIRECT_PATH}/${TARGET_SUFFIX}" mkdir -p "$TMP_REDIRECT" echo "" \ - > "${TMP_REDIRECT}/index.html" + > "${TMP_REDIRECT}/index.html" GCS_REDIRECT="${GCS_ARTIFACT_BUCKET}/${REDIRECT_PATH}/${TARGET_SUFFIX}" echo "Uploading redirect to gs://${GCS_REDIRECT} ..." gsutil -h "Cache-Control:no-cache,max-age=0" -mq rsync -dr "${TMP_REDIRECT}" "gs://${GCS_REDIRECT}" fi if [[ "${COVERAGE_FAILED}" -eq 1 ]]; then - echo "##vso[task.logissue type=error]Coverage failed, check artifact at: https://storage.googleapis.com/${GCS_LOCATION}/index.html" + echo "##vso[task.logissue type=error]Coverage failed, check artifact at: https://storage.googleapis.com/${GCS_LOCATION}/index.html" fi echo "Artifacts uploaded to: https://storage.googleapis.com/${GCS_LOCATION}/index.html" diff --git a/configs/original-dst-cluster/netns_setup.sh b/configs/original-dst-cluster/netns_setup.sh index 6b1cedcbd1f6..8ab53035629b 100755 --- a/configs/original-dst-cluster/netns_setup.sh +++ b/configs/original-dst-cluster/netns_setup.sh @@ -9,7 +9,7 @@ set -e # name of the network namespace -NETNS=$1 +NETNS=$1 # IP address or prefix that will be redirected TARGET_IP=$2 diff --git a/docs/root/api-v3/config/endpoint/endpoint.rst b/docs/root/api-v3/config/endpoint/endpoint.rst index c1b64b1e4651..317acb045776 100644 --- a/docs/root/api-v3/config/endpoint/endpoint.rst +++ b/docs/root/api-v3/config/endpoint/endpoint.rst @@ -5,4 +5,4 @@ Endpoint :glob: :maxdepth: 2 - v3/* \ No newline at end of file + v3/* diff --git a/docs/root/api-v3/config/http/header_formatters.rst b/docs/root/api-v3/config/http/header_formatters.rst index 1518defddb38..2f6cea17dd8b 100644 --- a/docs/root/api-v3/config/http/header_formatters.rst +++ b/docs/root/api-v3/config/http/header_formatters.rst @@ -5,4 +5,4 @@ HTTP header formatters :glob: :maxdepth: 2 - ../../extensions/http/header_formatters/*/v3/* \ No newline at end of file + ../../extensions/http/header_formatters/*/v3/* diff --git a/docs/root/api-v3/config/request_id/request_id.rst b/docs/root/api-v3/config/request_id/request_id.rst index 672e5af6d704..58c62fe10a35 100644 --- a/docs/root/api-v3/config/request_id/request_id.rst +++ b/docs/root/api-v3/config/request_id/request_id.rst @@ -5,4 +5,4 @@ Request ID :glob: :maxdepth: 2 - ../../extensions/request_id/*/v3/* \ No newline at end of file + ../../extensions/request_id/*/v3/* diff --git a/docs/root/configuration/best_practices/level_two.rst b/docs/root/configuration/best_practices/level_two.rst index 44c52ace8a8e..857649ce6787 100644 --- a/docs/root/configuration/best_practices/level_two.rst +++ b/docs/root/configuration/best_practices/level_two.rst @@ -9,24 +9,24 @@ edge use case may need to be adjusted when using Envoy in a multi-level deployme .. image:: /_static/multilevel_deployment.svg -**In summary, if you run level two Envoy version 1.11.1 or greater which terminates +**In summary, if you run level two Envoy version 1.11.1 or greater which terminates HTTP/2, we strongly advise you to change the HttpConnectionManager configuration of your level two Envoy, by setting its downstream** :ref:`validation of HTTP messaging option ` **to true.** -If there is an invalid HTTP/2 request and this option is not set, the Envoy in -question will reset the entire connection. This behavior was changed as part of -the 1.11.1 security release, to increase the security of Edge Envoys. Unfortunately, -because there are no guarantees that edge proxies will enforce HTTP/1 or HTTP/2 -standards compliance as rigorously as Envoy’s HTTP/2 stack does, this can result -in a problem as follows. If one client sends a request that for example passes -level one proxy's validation checks, and it is forwarded over an upstream multiplexed -HTTP/2 connection (potentially shared with other clients) the strict enforcement on -the level two Envoy HTTP/2 will reset all the streams on that connection, causing -a service disruption to the clients sharing that L1-L2 connection. If a malicious +If there is an invalid HTTP/2 request and this option is not set, the Envoy in +question will reset the entire connection. This behavior was changed as part of +the 1.11.1 security release, to increase the security of Edge Envoys. Unfortunately, +because there are no guarantees that edge proxies will enforce HTTP/1 or HTTP/2 +standards compliance as rigorously as Envoy’s HTTP/2 stack does, this can result +in a problem as follows. If one client sends a request that for example passes +level one proxy's validation checks, and it is forwarded over an upstream multiplexed +HTTP/2 connection (potentially shared with other clients) the strict enforcement on +the level two Envoy HTTP/2 will reset all the streams on that connection, causing +a service disruption to the clients sharing that L1-L2 connection. If a malicious user has insight into what traffic will bypass level one checks, they could spray -“bad” traffic across the level one fleet, causing serious disruption to other users’ +“bad” traffic across the level one fleet, causing serious disruption to other users’ traffic. This configuration option also has implications for invalid HTTP/1.1 though slightly less diff --git a/docs/root/configuration/http/http_conn_man/rds.rst b/docs/root/configuration/http/http_conn_man/rds.rst index 11f8e367a04d..d124d694c50b 100644 --- a/docs/root/configuration/http/http_conn_man/rds.rst +++ b/docs/root/configuration/http/http_conn_man/rds.rst @@ -7,7 +7,7 @@ The route discovery service (RDS) API is an optional API that Envoy will call to :ref:`route configurations `. A route configuration includes both HTTP header modifications, virtual hosts, and the individual route entries contained within each virtual host. Each :ref:`HTTP connection manager filter ` can independently -fetch its own route configuration via the API. Optionally, the +fetch its own route configuration via the API. Optionally, the :ref:`virtual host discovery service ` can be used to fetch virtual hosts separately from the route configuration. diff --git a/docs/root/configuration/http/http_conn_man/vhds.rst b/docs/root/configuration/http/http_conn_man/vhds.rst index f9bcdf517bec..6a92c94d1319 100644 --- a/docs/root/configuration/http/http_conn_man/vhds.rst +++ b/docs/root/configuration/http/http_conn_man/vhds.rst @@ -42,7 +42,7 @@ If a route for the contents of a host/authority header cannot be resolved, the a paused while a :ref:`DeltaDiscoveryRequest ` is sent. When a :ref:`DeltaDiscoveryResponse ` is received where one of -the :ref:`aliases ` or the +the :ref:`aliases ` or the :ref:`name ` in the response exactly matches the :ref:`resource_names_subscribe ` entry from the :ref:`DeltaDiscoveryRequest `, the route @@ -52,7 +52,7 @@ Updates to virtual hosts occur in two ways. If a virtual host was originally sen virtual host should be updated over RDS. If a virtual host was subscribed to over VHDS, then updates will take place over VHDS. -When a route configuration entry is updated, if the +When a route configuration entry is updated, if the :ref:`vhds field ` has changed, the virtual host table for that route configuration is cleared, which will require that all virtual hosts be sent again. diff --git a/docs/root/configuration/http/http_filters/ext_proc_filter.rst b/docs/root/configuration/http/http_filters/ext_proc_filter.rst index f00eb27d1bf1..004e2744213a 100644 --- a/docs/root/configuration/http/http_filters/ext_proc_filter.rst +++ b/docs/root/configuration/http/http_filters/ext_proc_filter.rst @@ -11,9 +11,9 @@ the filter to make decisions in real time about what parts of the HTTP request / are sent to the filter for processing. The protocol itself is based on a bidirectional gRPC stream. Envoy will send the -server +server :ref:`ProcessingRequest ` -messages, and the server must reply with +messages, and the server must reply with :ref:`ProcessingResponse `. This filter is a work in progress. In its current state, it actually does nothing. diff --git a/docs/root/configuration/http/http_filters/header_to_metadata_filter.rst b/docs/root/configuration/http/http_filters/header_to_metadata_filter.rst index bdf2cecc63fe..fb98f97c21ac 100644 --- a/docs/root/configuration/http/http_filters/header_to_metadata_filter.rst +++ b/docs/root/configuration/http/http_filters/header_to_metadata_filter.rst @@ -79,11 +79,11 @@ A corresponding upstream cluster configuration could be: lb_policy: ROUND_ROBIN lb_subset_config: fallback_policy: ANY_ENDPOINT - subset_selectors: - - keys: - - default + subset_selectors: - keys: - - version + - default + - keys: + - version This would then allow requests with the `x-version` header set to be matched against endpoints with the corresponding version. Whereas requests with that header missing diff --git a/docs/root/configuration/http/http_filters/oauth2_filter.rst b/docs/root/configuration/http/http_filters/oauth2_filter.rst index 111845ceedf3..11d79c038666 100644 --- a/docs/root/configuration/http/http_filters/oauth2_filter.rst +++ b/docs/root/configuration/http/http_filters/oauth2_filter.rst @@ -32,7 +32,7 @@ The OAuth filter's flow involves: When the authn server validates the client and returns an authorization token back to the OAuth filter, no matter what format that token is, if :ref:`forward_bearer_token ` -is set to true the filter will send over a +is set to true the filter will send over a cookie named `BearerToken` to the upstream. Additionally, the `Authorization` header will be populated with the same value. diff --git a/docs/root/configuration/http/http_filters/on_demand_updates_filter.rst b/docs/root/configuration/http/http_filters/on_demand_updates_filter.rst index 256fd634da1b..b4f84be40174 100644 --- a/docs/root/configuration/http/http_filters/on_demand_updates_filter.rst +++ b/docs/root/configuration/http/http_filters/on_demand_updates_filter.rst @@ -11,9 +11,9 @@ contents of the *Host* or *:authority* header is used to create the on-demand re request to be created, :ref:`VHDS ` must be enabled and either *Host* or *:authority* header be present. -The on-demand update filter can also be used to request a *Route Configuration* data if RouteConfiguration is specified to be -loaded on demand in the :ref:`Scoped RouteConfiguration `. -The contents of the HTTP header is used to find the scope and create the on-demand request. +The on-demand update filter can also be used to request a *Route Configuration* data if RouteConfiguration is specified to be +loaded on demand in the :ref:`Scoped RouteConfiguration `. +The contents of the HTTP header is used to find the scope and create the on-demand request. On-demand VHDS and on-demand S/RDS can not be used at the same time at this point. diff --git a/docs/root/configuration/http/http_filters/rate_limit_filter.rst b/docs/root/configuration/http/http_filters/rate_limit_filter.rst index b1f27c63c1ec..1c321fbaf6c6 100644 --- a/docs/root/configuration/http/http_filters/rate_limit_filter.rst +++ b/docs/root/configuration/http/http_filters/rate_limit_filter.rst @@ -18,7 +18,7 @@ If the rate limit service is called, and the response for any of the descriptors unless :ref:`disable_x_envoy_ratelimited_header ` is set to true. -If there is an error in calling rate limit service or rate limit service returns an error and :ref:`failure_mode_deny ` is +If there is an error in calling rate limit service or rate limit service returns an error and :ref:`failure_mode_deny ` is set to true, a 500 response is returned. .. _config_http_filters_rate_limit_composing_actions: diff --git a/docs/root/configuration/http/http_filters/wasm_filter.rst b/docs/root/configuration/http/http_filters/wasm_filter.rst index d08b82d3c1cd..e0d683e83af8 100644 --- a/docs/root/configuration/http/http_filters/wasm_filter.rst +++ b/docs/root/configuration/http/http_filters/wasm_filter.rst @@ -35,6 +35,6 @@ Example filter configuration: local: filename: "/etc/envoy_filter_http_wasm_example.wasm" allow_precompiled: true - + The preceding snippet configures a filter from a Wasm binary on local disk. diff --git a/docs/root/configuration/listeners/listener_filters/http_inspector.rst b/docs/root/configuration/listeners/listener_filters/http_inspector.rst index 0c744531c914..a7a6b83180a9 100644 --- a/docs/root/configuration/listeners/listener_filters/http_inspector.rst +++ b/docs/root/configuration/listeners/listener_filters/http_inspector.rst @@ -3,7 +3,7 @@ HTTP Inspector ============== -HTTP Inspector listener filter allows detecting whether the application protocol appears to be HTTP, +HTTP Inspector listener filter allows detecting whether the application protocol appears to be HTTP, and if it is HTTP, it detects the HTTP protocol (HTTP/1.x or HTTP/2) further. This can be used to select a :ref:`FilterChain ` via the :ref:`application_protocols ` of a :ref:`FilterChainMatch `. @@ -25,7 +25,7 @@ A sample filter configuration could be: Statistics ---------- -This filter has a statistics tree rooted at *http_inspector* with the following statistics: +This filter has a statistics tree rooted at *http_inspector* with the following statistics: .. csv-table:: :header: Name, Type, Description diff --git a/docs/root/configuration/listeners/listener_filters/proxy_protocol.rst b/docs/root/configuration/listeners/listener_filters/proxy_protocol.rst index 4848c364308f..e9a8132ed0bb 100644 --- a/docs/root/configuration/listeners/listener_filters/proxy_protocol.rst +++ b/docs/root/configuration/listeners/listener_filters/proxy_protocol.rst @@ -29,10 +29,10 @@ If there is a protocol error or an unsupported address family Statistics ---------- -This filter emits the following statistics: +This filter emits the following statistics: .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 - downstream_cx_proxy_proto_error, Counter, Total proxy protocol errors \ No newline at end of file + downstream_cx_proxy_proto_error, Counter, Total proxy protocol errors diff --git a/docs/root/configuration/listeners/network_filters/echo_filter.rst b/docs/root/configuration/listeners/network_filters/echo_filter.rst index 7d9dc21e5fe7..6aead9c4bb5f 100644 --- a/docs/root/configuration/listeners/network_filters/echo_filter.rst +++ b/docs/root/configuration/listeners/network_filters/echo_filter.rst @@ -4,7 +4,7 @@ Echo ==== The echo is a trivial network filter mainly meant to demonstrate the network filter API. If -installed it will echo (write) all received data back to the connected downstream client. +installed it will echo (write) all received data back to the connected downstream client. This filter should be configured with the name *envoy.filters.network.echo*. * :ref:`v3 API reference ` diff --git a/docs/root/configuration/listeners/network_filters/mysql_proxy_filter.rst b/docs/root/configuration/listeners/network_filters/mysql_proxy_filter.rst index d6800efe25c8..7da651bc0c7e 100644 --- a/docs/root/configuration/listeners/network_filters/mysql_proxy_filter.rst +++ b/docs/root/configuration/listeners/network_filters/mysql_proxy_filter.rst @@ -7,7 +7,7 @@ The MySQL proxy filter decodes the wire protocol between the MySQL client and server. It decodes the SQL queries in the payload (SQL99 format only). The decoded info is emitted as dynamic metadata that can be combined with access log filters to get detailed information on tables accessed as well -as operations performed on each table. It's a transparent filter, so it +as operations performed on each table. It's a transparent filter, so it won't affect the normal progress of client and server. .. attention:: @@ -19,7 +19,7 @@ won't affect the normal progress of client and server. .. warning:: The mysql_proxy filter was tested with MySQL v5.7. The filter may not work - with other versions of MySQL due to differences in the protocol implementation. + with other versions of MySQL due to differences in the protocol implementation. The filter won't work when client turns on ssl communication. .. _config_network_filters_mysql_proxy_config: diff --git a/docs/root/configuration/listeners/network_filters/postgres_proxy_filter.rst b/docs/root/configuration/listeners/network_filters/postgres_proxy_filter.rst index 5ba819dc0e20..c0623c5894d4 100644 --- a/docs/root/configuration/listeners/network_filters/postgres_proxy_filter.rst +++ b/docs/root/configuration/listeners/network_filters/postgres_proxy_filter.rst @@ -6,7 +6,7 @@ Postgres proxy The Postgres proxy filter decodes the wire protocol between a Postgres client (downstream) and a Postgres server (upstream). The decoded information is used to produce Postgres level statistics like sessions, statements or transactions executed, among others. The Postgres proxy filter parses SQL queries carried in ``Query`` and ``Parse`` messages. -When SQL query has been parsed successfully, the :ref:`metadata ` is created, +When SQL query has been parsed successfully, the :ref:`metadata ` is created, which may be used by other filters like :ref:`RBAC `. When the Postgres filter detects that a session is encrypted, the messages are ignored and no decoding takes place. More information: diff --git a/docs/root/configuration/listeners/network_filters/rate_limit_filter.rst b/docs/root/configuration/listeners/network_filters/rate_limit_filter.rst index 38d8683c7a47..2b69b5c58692 100644 --- a/docs/root/configuration/listeners/network_filters/rate_limit_filter.rst +++ b/docs/root/configuration/listeners/network_filters/rate_limit_filter.rst @@ -51,4 +51,4 @@ Dynamic Metadata The ratelimit filter emits dynamic metadata as an opaque ``google.protobuf.Struct`` *only* when the gRPC ratelimit service returns a :ref:`CheckResponse ` with a filled :ref:`dynamic_metadata -` field. \ No newline at end of file +` field. diff --git a/docs/root/configuration/listeners/network_filters/redis_proxy_filter.rst b/docs/root/configuration/listeners/network_filters/redis_proxy_filter.rst index 6adf7c8ffb27..d02ec4774609 100644 --- a/docs/root/configuration/listeners/network_filters/redis_proxy_filter.rst +++ b/docs/root/configuration/listeners/network_filters/redis_proxy_filter.rst @@ -61,7 +61,7 @@ changed to microseconds by setting the configuration parameter :ref:`latency_in_ latency, Histogram, Command execution time in milliseconds (including delay faults) error_fault, Counter, Number of commands that had an error fault injected delay_fault, Counter, Number of commands that had a delay fault injected - + .. _config_network_filters_redis_proxy_per_command_stats: Runtime @@ -84,14 +84,14 @@ Delay faults delay a request, and Error faults respond with an error. Moreover, Note that the Redis filter does not check for correctness in your configuration - it is the user's responsibility to make sure both the default and runtime percentages are correct! This is because percentages can be changed during runtime, and validating correctness at request time is expensive. -If multiple faults are specified, the fault injection percentage should not exceed 100% for a given +If multiple faults are specified, the fault injection percentage should not exceed 100% for a given fault and Redis command combination. For example, if two faults are specified; one applying to GET at 60 %, and one applying to all commands at 50%, that is a bad configuration as GET now has 110% chance of applying a fault. This means that every request will have a fault. If a delay is injected, the delay is additive - if the request took 400ms and a delay of 100ms is injected, then the total request latency is 500ms. Also, due to implementation of the redis protocol, -a delayed request will delay everything that comes in after it, due to the proxy's need to respect the +a delayed request will delay everything that comes in after it, due to the proxy's need to respect the order of commands it receives. Note that faults must have a `fault_enabled` field, and are not enabled by default (if no default value diff --git a/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst b/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst index 50033efc899c..111a56446cf7 100644 --- a/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst +++ b/docs/root/configuration/listeners/network_filters/rocketmq_proxy_filter.rst @@ -73,4 +73,4 @@ following statistics: pop_message_pending, Gauge, Total pending poping message requests get_topic_route_pending, Gauge, Total pending geting topic route requests total_pending, Gauge, Total pending requests - request_time_ms, Histogram, Request time in milliseconds \ No newline at end of file + request_time_ms, Histogram, Request time in milliseconds diff --git a/docs/root/configuration/listeners/network_filters/sni_cluster_filter.rst b/docs/root/configuration/listeners/network_filters/sni_cluster_filter.rst index 207b5932b7d5..32d2c38a2cd3 100644 --- a/docs/root/configuration/listeners/network_filters/sni_cluster_filter.rst +++ b/docs/root/configuration/listeners/network_filters/sni_cluster_filter.rst @@ -5,7 +5,7 @@ Upstream Cluster from SNI The `sni_cluster` is a network filter that uses the SNI value in a TLS connection as the upstream cluster name. The filter will not modify the -upstream cluster for non-TLS connections. This filter should be configured +upstream cluster for non-TLS connections. This filter should be configured with the name *envoy.filters.network.sni_cluster*. This filter has no configuration. It must be installed before the diff --git a/docs/root/configuration/listeners/network_filters/wasm_filter.rst b/docs/root/configuration/listeners/network_filters/wasm_filter.rst index c35627f00c4a..de8baaaf4e6e 100644 --- a/docs/root/configuration/listeners/network_filters/wasm_filter.rst +++ b/docs/root/configuration/listeners/network_filters/wasm_filter.rst @@ -1,7 +1,7 @@ .. _config_network_filters_wasm: Wasm Network Filter -=============================================== +=================== * :ref:`v3 API reference ` @@ -10,7 +10,7 @@ Wasm Network Filter The Wasm filter is experimental and is currently under active development. Capabilities will be expanded over time and the configuration structures are likely to change. -The Wasm network filter is used to implement a network filter with a Wasm plugin. +The Wasm network filter is used to implement a network filter with a Wasm plugin. Example configuration diff --git a/docs/root/configuration/observability/application_logging.rst b/docs/root/configuration/observability/application_logging.rst index 6d569fc6442e..7a18fb210e92 100644 --- a/docs/root/configuration/observability/application_logging.rst +++ b/docs/root/configuration/observability/application_logging.rst @@ -22,4 +22,4 @@ with the following :ref:`command line options `: * The ``--log-path`` flag **does not** need to be set, since Stackdriver can read logs from STDERR. * The ``--log-level`` flag can be set to control the log severity logged to Stackdriver. -`Reference documentation `_ for Stackdriver on GKE. \ No newline at end of file +`Reference documentation `_ for Stackdriver on GKE. diff --git a/docs/root/configuration/observability/statistics.rst b/docs/root/configuration/observability/statistics.rst index 05ec1f10fb94..0c2b51d565fd 100644 --- a/docs/root/configuration/observability/statistics.rst +++ b/docs/root/configuration/observability/statistics.rst @@ -45,4 +45,4 @@ Server Compilation Settings related statistics are rooted at *server.compilation :header: Name, Type, Description :widths: 1, 1, 2 - fips_mode, Gauge, Integer representing whether the envoy build is FIPS compliant or not \ No newline at end of file + fips_mode, Gauge, Integer representing whether the envoy build is FIPS compliant or not diff --git a/docs/root/configuration/operations/tools/router_check.rst b/docs/root/configuration/operations/tools/router_check.rst index b69d02b1627c..41bfb4d66f49 100644 --- a/docs/root/configuration/operations/tools/router_check.rst +++ b/docs/root/configuration/operations/tools/router_check.rst @@ -100,7 +100,7 @@ input random_value *(optional, integer)* An integer used to identify the target for weighted cluster selection and as a factor for the routing engine to decide whether a runtime based route takes effect. - The default value of random_value is 0. For routes with runtime fraction numerators of 0, + The default value of random_value is 0. For routes with runtime fraction numerators of 0, the route checker tool changes the numerators to 1 so they can be tested with random_value set to 0 to simulate the route being enabled and random_value set to any int >= 1 to simulate the route being disabled. diff --git a/docs/root/configuration/other_protocols/thrift_filters/rate_limit_filter.rst b/docs/root/configuration/other_protocols/thrift_filters/rate_limit_filter.rst index 9bc4189a51f2..86b461c885b8 100644 --- a/docs/root/configuration/other_protocols/thrift_filters/rate_limit_filter.rst +++ b/docs/root/configuration/other_protocols/thrift_filters/rate_limit_filter.rst @@ -47,4 +47,4 @@ Dynamic Metadata The ratelimit filter emits dynamic metadata as an opaque ``google.protobuf.Struct`` *only* when the gRPC ratelimit service returns a :ref:`CheckResponse ` with a filled :ref:`dynamic_metadata -` field. \ No newline at end of file +` field. diff --git a/docs/root/configuration/upstream/health_checkers/health_checkers.rst b/docs/root/configuration/upstream/health_checkers/health_checkers.rst index 51d18c5c0777..521675e1ef34 100644 --- a/docs/root/configuration/upstream/health_checkers/health_checkers.rst +++ b/docs/root/configuration/upstream/health_checkers/health_checkers.rst @@ -6,4 +6,4 @@ Health checkers .. toctree:: :maxdepth: 2 - redis \ No newline at end of file + redis diff --git a/docs/root/faq/configuration/timeouts.rst b/docs/root/faq/configuration/timeouts.rst index ae6c7607803a..33640d6bcdcd 100644 --- a/docs/root/faq/configuration/timeouts.rst +++ b/docs/root/faq/configuration/timeouts.rst @@ -62,10 +62,10 @@ context request/stream is interchangeable. recommended for all requests (not just streaming requests/responses) as it additionally defends against an HTTP/2 peer that does not open stream window once an entire response has been buffered to be sent to a downstream client. -* The HTTP protocol :ref:`max_stream_duration ` - is defined in a generic message used by the HTTP connection manager. The max stream duration is the - maximum time that a stream's lifetime will span. You can use this functionality when you want to reset - HTTP request/response streams periodically. You can't use :ref:`request_timeout +* The HTTP protocol :ref:`max_stream_duration ` + is defined in a generic message used by the HTTP connection manager. The max stream duration is the + maximum time that a stream's lifetime will span. You can use this functionality when you want to reset + HTTP request/response streams periodically. You can't use :ref:`request_timeout ` in this situation because this timer will be disarmed if a response header is received on the request/response streams. This timeout is available on both upstream and downstream connections. diff --git a/docs/root/faq/debugging/why_is_envoy_sending_http2_resets.rst b/docs/root/faq/debugging/why_is_envoy_sending_http2_resets.rst index 8427ed9ba761..8bc05dc87adb 100644 --- a/docs/root/faq/debugging/why_is_envoy_sending_http2_resets.rst +++ b/docs/root/faq/debugging/why_is_envoy_sending_http2_resets.rst @@ -5,7 +5,7 @@ Why is Envoy sending HTTP/2 resets? The HTTP/2 reset path is mostly governed by the codec Envoy uses to frame HTTP/2, nghttp2. nghttp2 has extremely good adherence to the HTTP/2 spec, but as many clients are not exactly as compliant, this -mismatch can cause unexpected resets. Unfortunately, unlike the debugging the +mismatch can cause unexpected resets. Unfortunately, unlike the debugging the :ref:`internal response path `, Envoy has limited visibility into the specific reason nghttp2 reset a given stream. @@ -20,5 +20,3 @@ for example: You can also check :ref:`HTTP/2 stats``: in many cases where Envoy resets streams, for example if there are more headers than allowed by configuration or flood detection kicks in, http2 counters will be incremented as the streams are reset. - - diff --git a/docs/root/intro/arch_overview/advanced/matching/matching_api.rst b/docs/root/intro/arch_overview/advanced/matching/matching_api.rst index fd74643d23dd..5165439598ae 100644 --- a/docs/root/intro/arch_overview/advanced/matching/matching_api.rst +++ b/docs/root/intro/arch_overview/advanced/matching/matching_api.rst @@ -52,7 +52,7 @@ HTTP Filter Iteration Impact The above example only demonstrates matching on request headers, which ends up being the simplest case due to it happening before the associated filter receives any data. Matching on other HTTP input sources is supported (e.g. response headers), but some discussion is warranted on how this -works at a filter level. +works at a filter level. Currently the match evaluation for HTTP filters does not impact control flow at all: if insufficient data is available to perform the match, callbacks will be sent to the associated @@ -71,4 +71,4 @@ skipping the filter based on response headers, the forward transformation will h receives a gRPC request), but the response is never converted back to gRPC-Web. As a result, the client will receive an invalid response back from Envoy. If the skip action was instead resolved on trailers, the same gRPC-Web filter would consume all the data but never write it back out (as this -happens when it sees the trailers), resulting in a gRPC-Web response with an empty body. \ No newline at end of file +happens when it sees the trailers), resulting in a gRPC-Web response with an empty body. diff --git a/docs/root/intro/arch_overview/http/http_connection_management.rst b/docs/root/intro/arch_overview/http/http_connection_management.rst index 74e8d90b99e8..2cc332d2f814 100644 --- a/docs/root/intro/arch_overview/http/http_connection_management.rst +++ b/docs/root/intro/arch_overview/http/http_connection_management.rst @@ -64,7 +64,7 @@ can be used to modify this behavior, and they fall into two categories: Hosts are marked by setting ``canary: true`` for the ``envoy.lb`` filter in the endpoint's filter metadata. See :ref:`LbEndpoint ` for more details. - * *envoy.retry_host_predicates.omit_host_metadata*: This will reject any host based on predefined metadata match criteria. + * *envoy.retry_host_predicates.omit_host_metadata*: This will reject any host based on predefined metadata match criteria. See the configuration example below for more details. * :ref:`Priority Predicates`: These predicates can @@ -201,7 +201,7 @@ Specifically, the *allow listed routes* predicate defines edges of individual no and the *previous routes* predicate defines "visited" state of the edges, so that loop can be avoided if so desired. -A third predicate :ref:`safe_cross_scheme +A third predicate :ref:`safe_cross_scheme ` can be used to prevent HTTP -> HTTPS redirect. diff --git a/docs/root/intro/arch_overview/listeners/network_filter_chain.rst b/docs/root/intro/arch_overview/listeners/network_filter_chain.rst index d920deaf303d..468fc16ea1e1 100644 --- a/docs/root/intro/arch_overview/listeners/network_filter_chain.rst +++ b/docs/root/intro/arch_overview/listeners/network_filter_chain.rst @@ -6,7 +6,7 @@ Network Filter Chain As discussed in the :ref:`listener ` section, network level (L3/L4) filters form the core of Envoy connection handling. -The network filters are chained in a ordered list known as :ref:`filter chain `. +The network filters are chained in a ordered list known as :ref:`filter chain `. Each listener has multiple filter chains and an optional :ref:`default filter chain `. associated with each filter chain. If the best match filter chain cannot be found, the default filter chain will be chosen to serve the request. If the default filter chain is not supplied, the connection will be closed. diff --git a/docs/root/intro/arch_overview/operations/draining.rst b/docs/root/intro/arch_overview/operations/draining.rst index 18003197c844..307f0b3556e3 100644 --- a/docs/root/intro/arch_overview/operations/draining.rst +++ b/docs/root/intro/arch_overview/operations/draining.rst @@ -26,7 +26,7 @@ and cease accepting new connections immediately. To add a graceful drain period prior to listeners being closed, use the query parameter :ref:`drain_listeners?graceful `. By default, Envoy -will discourage requests for some period of time (as determined by :option:`--drain-time-s`). +will discourage requests for some period of time (as determined by :option:`--drain-time-s`). The behaviour of request discouraging is determined by the drain manager. Note that although draining is a per-listener concept, it must be supported at the network filter diff --git a/docs/root/intro/arch_overview/operations/dynamic_configuration.rst b/docs/root/intro/arch_overview/operations/dynamic_configuration.rst index 4b0fe43f5140..4e9a35ab4b04 100644 --- a/docs/root/intro/arch_overview/operations/dynamic_configuration.rst +++ b/docs/root/intro/arch_overview/operations/dynamic_configuration.rst @@ -143,4 +143,4 @@ xDS TTL ------- Certain xDS updates might want to set a TTL to guard against control plane unavailability, read more -:ref:`here `. \ No newline at end of file +:ref:`here `. diff --git a/docs/root/intro/arch_overview/operations/init.rst b/docs/root/intro/arch_overview/operations/init.rst index 51effe697b3a..686ea79b4f74 100644 --- a/docs/root/intro/arch_overview/operations/init.rst +++ b/docs/root/intro/arch_overview/operations/init.rst @@ -10,16 +10,16 @@ accepting new connections. * During startup, the :ref:`cluster manager ` goes through a multi-phase initialization where it first initializes static/DNS clusters, then predefined :ref:`EDS ` clusters. Then it initializes - :ref:`CDS ` if applicable, waits for one response (or failure) + :ref:`CDS ` if applicable, waits for one response (or failure) for a :ref:`bounded period of time `, and does the same primary/secondary initialization of CDS provided clusters. * If clusters use :ref:`active health checking `, Envoy also does a single active health check round. * Once cluster manager initialization is done, :ref:`RDS ` and :ref:`LDS ` initialize (if applicable). The server waits - for a :ref:`bounded period of time ` + for a :ref:`bounded period of time ` for at least one response (or failure) for LDS/RDS requests. After which, it starts accepting connections. -* If LDS itself returns a listener that needs an RDS response, Envoy further waits for +* If LDS itself returns a listener that needs an RDS response, Envoy further waits for a :ref:`bounded period of time ` until an RDS response (or failure) is received. Note that this process takes place on every future listener addition via LDS and is known as :ref:`listener warming `. @@ -27,7 +27,7 @@ accepting new connections. This flow ensures that during hot restart the new process is fully capable of accepting and processing new connections before the draining of the old process begins. -A key design principle of initialization is that an Envoy is always guaranteed to initialize within -:ref:`initial_fetch_timeout `, -with a best effort made to obtain the complete set of xDS configuration within that subject to the +A key design principle of initialization is that an Envoy is always guaranteed to initialize within +:ref:`initial_fetch_timeout `, +with a best effort made to obtain the complete set of xDS configuration within that subject to the management server availability. diff --git a/docs/root/intro/arch_overview/operations/overload_manager.rst b/docs/root/intro/arch_overview/operations/overload_manager.rst index 256052bde184..1639bcd3ade7 100644 --- a/docs/root/intro/arch_overview/operations/overload_manager.rst +++ b/docs/root/intro/arch_overview/operations/overload_manager.rst @@ -52,4 +52,4 @@ Actions When a trigger changes state, the value is sent to registered actions, which can then affect how connections and requests are processed. Each action interprets the input states differently, and -some may ignore the *scaling* state altogether, taking effect only when *saturated*. \ No newline at end of file +some may ignore the *scaling* state altogether, taking effect only when *saturated*. diff --git a/docs/root/intro/arch_overview/security/threat_model.rst b/docs/root/intro/arch_overview/security/threat_model.rst index 553550023f05..e01ef69d3c84 100644 --- a/docs/root/intro/arch_overview/security/threat_model.rst +++ b/docs/root/intro/arch_overview/security/threat_model.rst @@ -20,20 +20,20 @@ We will activate the security release process for disclosures that meet the foll * All issues that lead to loss of data confidentiality or integrity trigger the security release process. * An availability issue, such as Query-of-Death (QoD) or resource exhaustion needs to meet all of the following criteria to trigger the security release process: - + - A component tagged as hardened is affected (see `Core and extensions`_ for the list of hardened components). - + - The type of traffic (upstream or downstream) that exhibits the issue matches the component's hardening tag. I.e. component tagged as “hardened to untrusted downstream” is affected by downstream request. - + - A resource exhaustion issue needs to meet these additional criteria: - + + Not covered by an existing timeout or where applying short timeout values is impractical and either - + + Memory exhaustion, including out of memory conditions, where per-request memory use 100x or more above - the configured header or high watermark limit. I.e. 10 KiB client request leading to 1 MiB bytes of - memory consumed by Envoy; - + the configured header or high watermark limit. I.e. 10 KiB client request leading to 1 MiB bytes of + memory consumed by Envoy; + + Highly asymmetric CPU utilization where Envoy uses 100x or more CPU compared to client. diff --git a/docs/root/intro/arch_overview/upstream/aggregate_cluster.rst b/docs/root/intro/arch_overview/upstream/aggregate_cluster.rst index e51ea4a1a829..37abd92bd41c 100644 --- a/docs/root/intro/arch_overview/upstream/aggregate_cluster.rst +++ b/docs/root/intro/arch_overview/upstream/aggregate_cluster.rst @@ -4,24 +4,24 @@ Aggregate Cluster ================= Aggregate cluster is used for failover between clusters with different configuration, e.g., from EDS -upstream cluster to STRICT_DNS upstream cluster, from cluster using ROUND_ROBIN load balancing -policy to cluster using MAGLEV, from cluster with 0.1s connection timeout to cluster with 1s -connection timeout, etc. Aggregate cluster loosely couples multiple clusters by referencing their +upstream cluster to STRICT_DNS upstream cluster, from cluster using ROUND_ROBIN load balancing +policy to cluster using MAGLEV, from cluster with 0.1s connection timeout to cluster with 1s +connection timeout, etc. Aggregate cluster loosely couples multiple clusters by referencing their name in the :ref:`configuration `. The fallback priority is defined implicitly by the ordering in the :ref:`clusters list `. -Aggregate cluster uses tiered load balancing. The load balancer chooses cluster and priority first -and then delegates the load balancing to the load balancer of the selected cluster. The top level -load balancer reuses the existing load balancing algorithm by linearizing the priority set of -multiple clusters into one. +Aggregate cluster uses tiered load balancing. The load balancer chooses cluster and priority first +and then delegates the load balancing to the load balancer of the selected cluster. The top level +load balancer reuses the existing load balancing algorithm by linearizing the priority set of +multiple clusters into one. Linearize Priority Set ---------------------- -Upstream hosts are divided into multiple :ref:`priority levels ` -and each priority level contains a list of healthy, degraded and unhealthy hosts. Linearization is -used to simplify the host selection during load balancing by merging priority levels from multiple +Upstream hosts are divided into multiple :ref:`priority levels ` +and each priority level contains a list of healthy, degraded and unhealthy hosts. Linearization is +used to simplify the host selection during load balancing by merging priority levels from multiple clusters. For example, primary cluster has 3 priority levels, secondary has 2 and tertiary has 2 and -the failover ordering is primary, secondary, tertiary. +the failover ordering is primary, secondary, tertiary. +-----------+----------------+-------------------------------------+ | Cluster | Priority Level | Priority Level after Linearization | @@ -61,21 +61,21 @@ A sample aggregate cluster configuration could be: - secondary - tertiary -Note: :ref:`PriorityLoad retry plugins ` won't -work for aggregate cluster because the aggregate load balancer will override the *PriorityLoad* +Note: :ref:`PriorityLoad retry plugins ` won't +work for aggregate cluster because the aggregate load balancer will override the *PriorityLoad* during load balancing. Load Balancing Example ---------------------- -Aggregate cluster uses tiered load balancing algorithm and the top tier is distributing traffic to -different clusters according to the health score across all :ref:`priorities ` +Aggregate cluster uses tiered load balancing algorithm and the top tier is distributing traffic to +different clusters according to the health score across all :ref:`priorities ` in each cluster. The aggregate cluster in this section includes two clusters which is different from what the above configuration describes. - + +-----------------------------------------------------------------------------------------------------------------------+--------------------+----------------------+ -| Cluster | Traffic to Primary | Traffic to Secondary | +| Cluster | Traffic to Primary | Traffic to Secondary | +=======================================================================+===============================================+====================+======================+ | Primary | Secondary | | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+ + @@ -100,46 +100,46 @@ what the above configuration describes. | 0% | 0% | 0% | 72% | 0% | 0% | 100% | +-----------------------+-----------------------+-----------------------+-----------------------+-----------------------+--------------------+----------------------+ -Note: The above load balancing uses default :ref:`overprovisioning factor ` -which is 1.4 which means if 80% of the endpoints in a priority level are healthy, that level is +Note: The above load balancing uses default :ref:`overprovisioning factor ` +which is 1.4 which means if 80% of the endpoints in a priority level are healthy, that level is still considered fully healthy because 80 * 1.4 > 100. -The example shows how the aggregate cluster level load balancer selects the cluster. E.g., healths -of {{20, 20, 10}, {25, 25}} would result in a priority load of {{28%, 28%, 14%}, {30%, 0%}} of -traffic. When normalized total health drops below 100, traffic is distributed after normalizing the -levels' health scores to that sub-100 total. E.g. healths of {{20, 0, 0}, {20, 0}} (yielding a +The example shows how the aggregate cluster level load balancer selects the cluster. E.g., healths +of {{20, 20, 10}, {25, 25}} would result in a priority load of {{28%, 28%, 14%}, {30%, 0%}} of +traffic. When normalized total health drops below 100, traffic is distributed after normalizing the +levels' health scores to that sub-100 total. E.g. healths of {{20, 0, 0}, {20, 0}} (yielding a normalized total health of 56) would be normalized and each cluster will receive 20 * 1.4 / 56 = 50% of the traffic which results in a priority load of {{50%, 0%, 0%}, {50%, 0%, 0%}} of traffic. The load balancer reuses priority level logic to help with the cluster selection. The priority level -logic works with integer health scores. The health score of a level is (percent of healthy hosts in -the level) * (overprovisioning factor), capped at 100%. P=0 endpoints receive level 0's health -score percent of the traffic, with the rest flowing to P=1 (assuming P=1 is 100% healthy - more on -that later). The integer percents of traffic that each cluster receives are collectively called the -system's "cluster priority load". For instance, for primary cluster, when 20% of P=0 endpoints are +logic works with integer health scores. The health score of a level is (percent of healthy hosts in +the level) * (overprovisioning factor), capped at 100%. P=0 endpoints receive level 0's health +score percent of the traffic, with the rest flowing to P=1 (assuming P=1 is 100% healthy - more on +that later). The integer percents of traffic that each cluster receives are collectively called the +system's "cluster priority load". For instance, for primary cluster, when 20% of P=0 endpoints are healthy, 20% of P=1 endpoints are healthy, and 10% of P=2 endpoints are healthy; for secondary, when -25% of P=0 endpoints are healthy and 25% of P=1 endpoints are healthy. The primary cluster will -receive 20% * 1.4 + 20% * 1.4 + 10% * 1.4 = 70% of the traffic. The secondary cluster will receive -min(100 - 70, 25% * 1.4 + 25% * 1.4) = 30% of the traffic. The traffic to all clusters sum up to -100. The normalized health score and priority load are pre-computed before selecting the cluster and -priority. +25% of P=0 endpoints are healthy and 25% of P=1 endpoints are healthy. The primary cluster will +receive 20% * 1.4 + 20% * 1.4 + 10% * 1.4 = 70% of the traffic. The secondary cluster will receive +min(100 - 70, 25% * 1.4 + 25% * 1.4) = 30% of the traffic. The traffic to all clusters sum up to +100. The normalized health score and priority load are pre-computed before selecting the cluster and +priority. To sum this up in pseudo algorithms: :: - health(P_X) = min(100, 1.4 * 100 * healthy_P_X_backends / total_P_X_backends), where + health(P_X) = min(100, 1.4 * 100 * healthy_P_X_backends / total_P_X_backends), where total_P_X_backends is the number of backends for priority P_X after linearization normalized_total_health = min(100, Σ(health(P_0)...health(P_X))) - cluster_priority_load(C_0) = min(100, Σ(health(P_0)...health(P_k)) * 100 / normalized_total_health), + cluster_priority_load(C_0) = min(100, Σ(health(P_0)...health(P_k)) * 100 / normalized_total_health), where P_0...P_k belong to C_0 cluster_priority_load(C_X) = min(100 - Σ(priority_load(C_0)..priority_load(C_X-1)), - Σ(health(P_x)...health(P_X)) * 100 / normalized_total_health), + Σ(health(P_x)...health(P_X)) * 100 / normalized_total_health), where P_x...P_X belong to C_X map from priorities to clusters: P_0 ... P_k ... ...P_x ... P_X ^ ^ ^ ^ cluster C_0 cluster C_X -The second tier is delegating the load balancing to the cluster selected in the first step and the +The second tier is delegating the load balancing to the cluster selected in the first step and the cluster could use any load balancing algorithms specified by :ref:`load balancer type `. diff --git a/docs/root/intro/arch_overview/upstream/dns_resolution.rst b/docs/root/intro/arch_overview/upstream/dns_resolution.rst index def8b33841ea..b48d24071b07 100644 --- a/docs/root/intro/arch_overview/upstream/dns_resolution.rst +++ b/docs/root/intro/arch_overview/upstream/dns_resolution.rst @@ -21,4 +21,4 @@ The Apple-based DNS Resolver emits the following stats rooted in the ``dns.apple connection_failure, Counter, Number of failed attempts to connect to the DNS server socket_failure, Counter, Number of failed attempts to obtain a file descriptor to the socket to the DNS server - processing_failure, Counter, Number of failures when processing data from the DNS server \ No newline at end of file + processing_failure, Counter, Number of failures when processing data from the DNS server diff --git a/docs/root/intro/arch_overview/upstream/load_balancing/excluded.rst b/docs/root/intro/arch_overview/upstream/load_balancing/excluded.rst index 6147c8dbc35b..11c7531d0505 100644 --- a/docs/root/intro/arch_overview/upstream/load_balancing/excluded.rst +++ b/docs/root/intro/arch_overview/upstream/load_balancing/excluded.rst @@ -26,4 +26,4 @@ health checking: * Receiving the :ref:`x-envoy-immediate-health-check-fail ` header in a normal routed response or in response to an :ref:`HTTP active health check - `. \ No newline at end of file + `. diff --git a/docs/root/intro/arch_overview/upstream/load_balancing/load_balancers.rst b/docs/root/intro/arch_overview/upstream/load_balancing/load_balancers.rst index 6108579727ff..ad256fa64413 100644 --- a/docs/root/intro/arch_overview/upstream/load_balancing/load_balancers.rst +++ b/docs/root/intro/arch_overview/upstream/load_balancing/load_balancers.rst @@ -72,8 +72,8 @@ hashing some property of the request, and finding the nearest corresponding host the ring. This technique is also commonly known as `"Ketama" `_ hashing, and like all hash-based load balancers, it is only effective when protocol routing is used that specifies a value to hash on. If you want something other than the host's address to be used -as the hash key (e.g. the semantic name of your host in a Kubernetes StatefulSet), then you can specify it -in the ``"envoy.lb"`` :ref:`LbEndpoint.Metadata ` e.g.: +as the hash key (e.g. the semantic name of your host in a Kubernetes StatefulSet), then you can specify it +in the ``"envoy.lb"`` :ref:`LbEndpoint.Metadata ` e.g.: .. validated-code-block:: yaml :type-name: envoy.config.core.v3.Metadata @@ -112,9 +112,9 @@ with a fixed table size of 65537 (see section 5.3 of the same paper). Maglev can in replacement for the :ref:`ring hash load balancer ` any place in which consistent hashing is desired. Like the ring hash load balancer, a consistent hashing load balancer is only effective when protocol routing is used that specifies a value to -hash on. If you want something other than the host's address to be used as the hash key (e.g. the +hash on. If you want something other than the host's address to be used as the hash key (e.g. the semantic name of your host in a Kubernetes StatefulSet), then you can specify it in the ``"envoy.lb"`` -:ref:`LbEndpoint.Metadata ` e.g.: +:ref:`LbEndpoint.Metadata ` e.g.: .. validated-code-block:: yaml :type-name: envoy.config.core.v3.Metadata @@ -153,4 +153,3 @@ Random The random load balancer selects a random available host. The random load balancer generally performs better than round robin if no health checking policy is configured. Random selection avoids bias towards the host in the set that comes after a failed host. - diff --git a/docs/root/intro/arch_overview/upstream/load_balancing/locality_weight.rst b/docs/root/intro/arch_overview/upstream/load_balancing/locality_weight.rst index d5abaa4c82ed..9718f159f95d 100644 --- a/docs/root/intro/arch_overview/upstream/load_balancing/locality_weight.rst +++ b/docs/root/intro/arch_overview/upstream/load_balancing/locality_weight.rst @@ -6,7 +6,7 @@ Locality weighted load balancing One approach to determining how to weight assignments across different zones and geographical locations is by using explicit weights supplied via EDS in the :ref:`LocalityLbEndpoints ` message. -This approach is mutually exclusive with +This approach is mutually exclusive with :ref:`zone aware routing `, since in the case of locality aware LB, we rely on the management server to provide the locality weighting, rather than the Envoy-side heuristics used in zone aware @@ -69,4 +69,3 @@ identifying the location of the upstream hosts via :ref:`locality This feature is not compatible with :ref:`load balancer subsetting `, since it is not straightforward to reconcile locality level weighting with sensible weights for individual subsets. - diff --git a/docs/root/intro/arch_overview/upstream/load_balancing/panic_threshold.rst b/docs/root/intro/arch_overview/upstream/load_balancing/panic_threshold.rst index 86996cfb891a..7c004411fcdf 100644 --- a/docs/root/intro/arch_overview/upstream/load_balancing/panic_threshold.rst +++ b/docs/root/intro/arch_overview/upstream/load_balancing/panic_threshold.rst @@ -83,9 +83,9 @@ Load distribution is calculated as described above as long as there are priority When all priority levels enter the panic mode, load calculation algorithm changes. In this case each priority level receives traffic relative to the number of hosts in that priority level in relation to the number of hosts in all priority levels. -For example, if there are 2 priorities P=0 and P=1 and each of them consists of 5 hosts, each level will +For example, if there are 2 priorities P=0 and P=1 and each of them consists of 5 hosts, each level will receive 50% of the traffic. -If there are 2 hosts in priority P=0 and 8 hosts in priority P=1, priority P=0 will receive 20% of the +If there are 2 hosts in priority P=0 and 8 hosts in priority P=1, priority P=0 will receive 20% of the traffic and priority P=1 will receive 80% of the traffic. However, if the panic threshold is 0% for any priority, that priority will never enter panic mode. diff --git a/docs/root/intro/arch_overview/upstream/outlier.rst b/docs/root/intro/arch_overview/upstream/outlier.rst index bbc8e960c675..7b8505f67d34 100644 --- a/docs/root/intro/arch_overview/upstream/outlier.rst +++ b/docs/root/intro/arch_overview/upstream/outlier.rst @@ -12,7 +12,7 @@ form of *passive* health checking. Envoy also supports :ref:`active health check independently, and form the basis for an overall upstream health checking solution. Outlier detection is part of the :ref:`cluster configuration ` and it needs filters to report errors, timeouts, and resets. Currently, the following filters support -outlier detection: :ref:`http router `, +outlier detection: :ref:`http router `, :ref:`tcp proxy ` and :ref:`redis proxy `. Detected errors fall into two categories: externally and locally originated errors. Externally generated errors @@ -20,7 +20,7 @@ are transaction specific and occur on the upstream server in response to the rec Locally originated errors are generated by Envoy in response to an event which interrupted or prevented communication with the upstream host. Examples of locally originated errors are timeout, TCP reset, inability to connect to a specified port, etc. The type of detected errors depends on the filter type. The :ref:`http router ` filter, for example, -detects locally originated errors (timeouts, resets - errors related to connection to upstream host) and because it +detects locally originated errors (timeouts, resets - errors related to connection to upstream host) and because it also understands the HTTP protocol it reports errors returned by the HTTP server (externally generated errors). In such a scenario, even when the connection to the upstream HTTP server is successful, the transaction with the server may fail. @@ -32,16 +32,16 @@ locally originated errors are not distinguished from externally generated (trans in the same bucket, and are compared against the :ref:`outlier_detection.consecutive_5xx`, :ref:`outlier_detection.consecutive_gateway_failure` and -:ref:`outlier_detection.success_rate_stdev_factor` -configuration items. For example, if connection to an upstream HTTP server fails twice because of timeout and +:ref:`outlier_detection.success_rate_stdev_factor` +configuration items. For example, if connection to an upstream HTTP server fails twice because of timeout and then, after successful connection establishment, the server returns error code 500 then the total error count will be 3. -Outlier detection may also be configured to distinguish locally originated errors from externally originated (transaction) errors. +Outlier detection may also be configured to distinguish locally originated errors from externally originated (transaction) errors. It is done via the :ref:`outlier_detection.split_external_local_origin_errors` configuration item. -In that mode locally originated errors are tracked by separate counters than externally originated -(transaction) errors and -the outlier detector may be configured to react to locally originated errors and ignore externally originated errors +In that mode locally originated errors are tracked by separate counters than externally originated +(transaction) errors and +the outlier detector may be configured to react to locally originated errors and ignore externally originated errors or vice-versa. It is important to understand that a cluster may be shared among several filter chains. If one filter chain @@ -68,15 +68,15 @@ ejection algorithm works as follows: is equal to the :ref:`outlier_detection.base_ejection_time ` value multiplied by the number of times the host has been ejected in a row. This causes hosts to get ejected - for longer and longer periods if they continue to fail. When ejection time reaches + for longer and longer periods if they continue to fail. When ejection time reaches :ref:`outlier_detection.max_ejection_time` it does not increase any more. - When the host becomes healthy, the ejection time - multiplier decreases with time. The host's health is checked at intervals equal to - :ref:`outlier_detection.interval`. - If the host is healthy during that check, the ejection time multiplier is decremented. Assuming that the host stays healthy - it would take approximately :ref:`outlier_detection.max_ejection_time` / - :ref:`outlier_detection.base_ejection_time` * - :ref:`outlier_detection.interval` seconds to bring down the ejection time to the minimum + When the host becomes healthy, the ejection time + multiplier decreases with time. The host's health is checked at intervals equal to + :ref:`outlier_detection.interval`. + If the host is healthy during that check, the ejection time multiplier is decremented. Assuming that the host stays healthy + it would take approximately :ref:`outlier_detection.max_ejection_time` / + :ref:`outlier_detection.base_ejection_time` * + :ref:`outlier_detection.interval` seconds to bring down the ejection time to the minimum value :ref:`outlier_detection.base_ejection_time`. #. An ejected host will automatically be brought back into service after the ejection time has been satisfied. Generally, outlier detection is used alongside :ref:`active health checking @@ -92,17 +92,17 @@ Consecutive 5xx In the default mode (:ref:`outlier_detection.split_external_local_origin_errors` is *false*) this detection type takes into account all generated errors: locally originated and externally originated (transaction) errors. -Errors generated by non-HTTP filters, like :ref:`tcp proxy ` or +Errors generated by non-HTTP filters, like :ref:`tcp proxy ` or :ref:`redis proxy ` are internally mapped to HTTP 5xx codes and treated as such. In split mode (:ref:`outlier_detection.split_external_local_origin_errors` is *true*) this detection type takes into account only externally originated (transaction) errors, ignoring locally originated errors. If an upstream host is an HTTP-server, only 5xx types of error are taken into account (see :ref:`Consecutive Gateway Failure` for exceptions). -For redis servers, served via -:ref:`redis proxy ` only malformed responses from the server are taken into account. +For redis servers, served via +:ref:`redis proxy ` only malformed responses from the server are taken into account. Properly formatted responses, even when they carry an operational error (like index not found, access denied) are not taken into account. -If an upstream host returns some number of errors which are treated as consecutive 5xx type errors, it will be ejected. -The number of consecutive 5xx required for ejection is controlled by +If an upstream host returns some number of errors which are treated as consecutive 5xx type errors, it will be ejected. +The number of consecutive 5xx required for ejection is controlled by the :ref:`outlier_detection.consecutive_5xx` value. .. _consecutive_gateway_failure: @@ -123,13 +123,13 @@ the :ref:`outlier_detection.consecutive_gateway_failure Consecutive Local Origin Failure ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -This detection type is enabled only when :ref:`outlier_detection.split_external_local_origin_errors` is *true* and takes into account only locally originated errors (timeout, reset, etc). +This detection type is enabled only when :ref:`outlier_detection.split_external_local_origin_errors` is *true* and takes into account only locally originated errors (timeout, reset, etc). If Envoy repeatedly cannot connect to an upstream host or communication with the upstream host is repeatedly interrupted, it will be ejected. Various locally originated problems are detected: timeout, TCP reset, ICMP errors, etc. The number of consecutive -locally originated failures required for ejection is controlled -by the :ref:`outlier_detection.consecutive_local_origin_failure +locally originated failures required for ejection is controlled +by the :ref:`outlier_detection.consecutive_local_origin_failure ` value. -This detection type is supported by :ref:`http router `, +This detection type is supported by :ref:`http router `, :ref:`tcp proxy ` and :ref:`redis proxy `. Success Rate @@ -142,14 +142,14 @@ calculated for a host if its request volume over the aggregation interval is les value. Moreover, detection will not be performed for a cluster if the number of hosts with the minimum required request volume in an interval is less than the :ref:`outlier_detection.success_rate_minimum_hosts` -value. +value. In the default configuration mode (:ref:`outlier_detection.split_external_local_origin_errors` is *false*) this detection type takes into account all types of errors: locally and externally originated. The :ref:`outlier_detection.enforcing_local_origin_success` config item is ignored. -In split mode (:ref:`outlier_detection.split_external_local_origin_errors` is *true*), -locally originated errors and externally originated (transaction) errors are counted and treated separately. +In split mode (:ref:`outlier_detection.split_external_local_origin_errors` is *true*), +locally originated errors and externally originated (transaction) errors are counted and treated separately. Most configuration items, namely :ref:`outlier_detection.success_rate_minimum_hosts`, :ref:`outlier_detection.success_rate_request_volume`, diff --git a/docs/root/operations/tools/route_table_check_tool.rst b/docs/root/operations/tools/route_table_check_tool.rst index da80bd87fb93..2d07c3831527 100644 --- a/docs/root/operations/tools/route_table_check_tool.rst +++ b/docs/root/operations/tools/route_table_check_tool.rst @@ -14,7 +14,7 @@ Usage :ref:`config `. The tool config input file specifies urls (composed of authorities and paths) and expected route parameter values. Additional parameters such as additional headers are optional. - + Schema: All internal schemas in the tool are based on :repo:`proto3 `. -c , --config-path @@ -45,8 +45,8 @@ Output The program exits with status EXIT_FAILURE if any test case does not match the expected route parameter value. - If a test fails, details of the failed test cases are printed if ``--details`` flag is provided. - The first field is the expected route parameter value. The second field is the actual route parameter value. + If a test fails, details of the failed test cases are printed if ``--details`` flag is provided. + The first field is the expected route parameter value. The second field is the actual route parameter value. The third field indicates the parameter that is compared. In the following example, Test_2 and Test_5 failed while the other tests passed. In the failed test cases, conflict details are printed. :: diff --git a/docs/root/start/install.rst b/docs/root/start/install.rst index b00f8f35ad2e..86cb235336d7 100644 --- a/docs/root/start/install.rst +++ b/docs/root/start/install.rst @@ -119,14 +119,14 @@ You can install Envoy on Mac OSX using the official brew repositories, or from .. code-block:: console - $ brew tap tetratelabs/getenvoy - $ brew install envoy + $ brew tap tetratelabs/getenvoy + $ brew install envoy .. tip:: - You can install the ``nightly`` version from - `Get Envoy `__ by adding the ``--HEAD`` flag to - the install command. + You can install the ``nightly`` version from + `Get Envoy `__ by adding the ``--HEAD`` flag to + the install command. .. _start_install_docker: @@ -144,20 +144,20 @@ The following commands will pull and show the Envoy version of current images. .. substitution-code-block:: console - $ docker pull envoyproxy/|envoy_docker_image| - $ docker run --rm envoyproxy/|envoy_docker_image| --version + $ docker pull envoyproxy/|envoy_docker_image| + $ docker run --rm envoyproxy/|envoy_docker_image| --version .. tab:: Get Envoy .. code-block:: console - $ docker pull getenvoy/envoy:stable - $ docker run --rm getenvoy/envoy:stable --version + $ docker pull getenvoy/envoy:stable + $ docker run --rm getenvoy/envoy:stable --version .. tip:: - To use the ``nightly`` version from `Get Envoy `__ - replace the word ``stable`` with ``nightly`` in the above commands. + To use the ``nightly`` version from `Get Envoy `__ + replace the word ``stable`` with ``nightly`` in the above commands. .. _install_binaries: diff --git a/docs/root/start/quick-start/run-envoy.rst b/docs/root/start/quick-start/run-envoy.rst index 54617016d56a..10a3161c67e2 100644 --- a/docs/root/start/quick-start/run-envoy.rst +++ b/docs/root/start/quick-start/run-envoy.rst @@ -110,11 +110,11 @@ The ``-c`` or ``--config-path`` flag tells Envoy the path to its initial configu This feature is still in Experimental state. - You can start Envoy as Windows Service that is managed under `Windows Service Control Manager `_. + You can start Envoy as Windows Service that is managed under `Windows Service Control Manager `_. First, you need to create the service. Assuming you have a custom configuration in the current directory named ``envoy-custom.yaml``. After you create the service you can start it. - + From an **administrator** prompt run the following commands (note that you need replace C:\EnvoyProxy\ with the path to the envoy.exe binary and the config file): .. substitution-code-block:: console @@ -144,7 +144,7 @@ The ``-c`` or ``--config-path`` flag tells Envoy the path to its initial configu ... Use `sc.exe `_ to configure the service startup and error handling. - + .. tip:: The output of ``sc query envoyproxy`` contains the exit code of Envoy Proxy. In case the arguments are invalid we set it to ``E_INVALIDARG``. diff --git a/docs/root/start/sandboxes/cache.rst b/docs/root/start/sandboxes/cache.rst index d58eb7d41dfe..181b36c65744 100644 --- a/docs/root/start/sandboxes/cache.rst +++ b/docs/root/start/sandboxes/cache.rst @@ -9,7 +9,7 @@ Cache filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. In this example, we demonstrate how HTTP caching can be utilized in Envoy by using the Cache Filter. The setup of this sandbox is based on the setup of the :ref:`Front Proxy sandbox `. diff --git a/docs/root/start/sandboxes/double-proxy.rst b/docs/root/start/sandboxes/double-proxy.rst index fa7674e79ff4..643cb898eb68 100644 --- a/docs/root/start/sandboxes/double-proxy.rst +++ b/docs/root/start/sandboxes/double-proxy.rst @@ -8,10 +8,10 @@ Double proxy (with ``mTLS`` encryption) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`openssl ` - Generate ``SSL`` keys and certificates. + Generate ``SSL`` keys and certificates. This sandbox demonstrates a basic "double proxy" configuration, in which a simple Flask app connects to a PostgreSQL database, with two Envoy proxies in between. diff --git a/docs/root/start/sandboxes/dynamic-configuration-control-plane.rst b/docs/root/start/sandboxes/dynamic-configuration-control-plane.rst index c6b9319b099e..0aa6afd1420f 100644 --- a/docs/root/start/sandboxes/dynamic-configuration-control-plane.rst +++ b/docs/root/start/sandboxes/dynamic-configuration-control-plane.rst @@ -8,10 +8,10 @@ Dynamic configuration (control plane) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`jq ` - Parse ``json`` output from the upstream echo servers. + Parse ``json`` output from the upstream echo servers. This example walks through configuring Envoy using the `Go Control Plane `_ reference implementation. diff --git a/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst b/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst index 12c2b4acc0c0..f3ab8d01051f 100644 --- a/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst +++ b/docs/root/start/sandboxes/dynamic-configuration-filesystem.rst @@ -8,10 +8,10 @@ Dynamic configuration (filesystem) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`jq ` - Parse ``json`` output from the upstream echo servers. + Parse ``json`` output from the upstream echo servers. This example walks through configuring Envoy using filesystem-based dynamic configuration. diff --git a/docs/root/start/sandboxes/ext_authz.rst b/docs/root/start/sandboxes/ext_authz.rst index 27bcd4310b2d..28bd4fdf2c4a 100644 --- a/docs/root/start/sandboxes/ext_authz.rst +++ b/docs/root/start/sandboxes/ext_authz.rst @@ -8,7 +8,7 @@ External authorization (``ext_authz``) filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. The External Authorization sandbox demonstrates Envoy's :ref:`ext_authz filter ` capability to delegate authorization of incoming requests through Envoy to an external services. diff --git a/docs/root/start/sandboxes/front_proxy.rst b/docs/root/start/sandboxes/front_proxy.rst index cbf8301fb99f..d64e147a3dcc 100644 --- a/docs/root/start/sandboxes/front_proxy.rst +++ b/docs/root/start/sandboxes/front_proxy.rst @@ -8,7 +8,7 @@ Front proxy .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. To get a flavor of what Envoy has to offer as a front proxy, we are releasing a `docker compose `_ sandbox that deploys a front Envoy and a diff --git a/docs/root/start/sandboxes/jaeger_native_tracing.rst b/docs/root/start/sandboxes/jaeger_native_tracing.rst index 6853380704dc..cfb1bbea16d4 100644 --- a/docs/root/start/sandboxes/jaeger_native_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_native_tracing.rst @@ -8,7 +8,7 @@ Jaeger native tracing .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. .. sidebar:: Compatibility diff --git a/docs/root/start/sandboxes/jaeger_tracing.rst b/docs/root/start/sandboxes/jaeger_tracing.rst index 63fd1e77f6ea..4d13496a7620 100644 --- a/docs/root/start/sandboxes/jaeger_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_tracing.rst @@ -8,7 +8,7 @@ Jaeger tracing .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. The Jaeger tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `Jaeger `_ as the tracing provider. This sandbox diff --git a/docs/root/start/sandboxes/lua.rst b/docs/root/start/sandboxes/lua.rst index b8538f2f5872..78dfa13d6f5e 100644 --- a/docs/root/start/sandboxes/lua.rst +++ b/docs/root/start/sandboxes/lua.rst @@ -8,7 +8,7 @@ Lua filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. In this example, we show how a `Lua `_ filter can be used with the Envoy proxy. diff --git a/docs/root/start/sandboxes/mysql.rst b/docs/root/start/sandboxes/mysql.rst index 2e2def268460..7da078e45cbf 100644 --- a/docs/root/start/sandboxes/mysql.rst +++ b/docs/root/start/sandboxes/mysql.rst @@ -8,7 +8,7 @@ MySQL filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. In this example, we show how the :ref:`MySQL filter ` can be used with the Envoy proxy. diff --git a/docs/root/start/sandboxes/postgres.rst b/docs/root/start/sandboxes/postgres.rst index 0e11ecb1e502..fd88671704b2 100644 --- a/docs/root/start/sandboxes/postgres.rst +++ b/docs/root/start/sandboxes/postgres.rst @@ -8,7 +8,7 @@ PostgreSQL filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. In this example, we show how the :ref:`PostgreSQL filter ` can be used with the Envoy proxy. diff --git a/docs/root/start/sandboxes/redis.rst b/docs/root/start/sandboxes/redis.rst index 5d304337ec63..104c6a53c62f 100644 --- a/docs/root/start/sandboxes/redis.rst +++ b/docs/root/start/sandboxes/redis.rst @@ -8,7 +8,7 @@ Redis filter .. include:: _include/docker-env-setup-link.rst :ref:`redis ` - Redis client to query the server. + Redis client to query the server. In this example, we show how a :ref:`Redis filter ` can be used with the Envoy proxy. diff --git a/docs/root/start/sandboxes/skywalking_tracing.rst b/docs/root/start/sandboxes/skywalking_tracing.rst index fa8c31ff46a9..e371da641ae7 100644 --- a/docs/root/start/sandboxes/skywalking_tracing.rst +++ b/docs/root/start/sandboxes/skywalking_tracing.rst @@ -8,7 +8,7 @@ SkyWalking tracing .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. The SkyWalking tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `SkyWalking `_ as the tracing provider. This sandbox diff --git a/docs/root/start/sandboxes/tls-sni.rst b/docs/root/start/sandboxes/tls-sni.rst index f61817027b5a..8e9876acb417 100644 --- a/docs/root/start/sandboxes/tls-sni.rst +++ b/docs/root/start/sandboxes/tls-sni.rst @@ -8,10 +8,10 @@ TLS Server name indication (``SNI``) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`jq ` - Parse ``json`` output from the upstream echo servers. + Parse ``json`` output from the upstream echo servers. This example demonstrates an Envoy proxy that listens on three ``TLS`` domains on the same ``IP`` address. @@ -43,9 +43,9 @@ Create self-signed certificates for these endpoints as follows: $ mkdir -p certs $ openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 \ - -subj "/C=US/ST=CA/O=MyExample, Inc./CN=domain1.example.com" \ - -keyout certs/domain1.key.pem \ - -out certs/domain1.crt.pem + -subj "/C=US/ST=CA/O=MyExample, Inc./CN=domain1.example.com" \ + -keyout certs/domain1.key.pem \ + -out certs/domain1.crt.pem Generating a RSA private key .............+++++ ...................+++++ @@ -53,9 +53,9 @@ Create self-signed certificates for these endpoints as follows: ----- $ openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 \ - -subj "/C=US/ST=CA/O=MyExample, Inc./CN=domain2.example.com" \ - -keyout certs/domain2.key.pem \ - -out certs/domain2.crt.pem + -subj "/C=US/ST=CA/O=MyExample, Inc./CN=domain2.example.com" \ + -keyout certs/domain2.key.pem \ + -out certs/domain2.crt.pem Generating a RSA private key .............+++++ ...................+++++ @@ -125,18 +125,18 @@ Each endpoint should proxy to the respective ``http-upstream`` or ``https-upstre .. code-block:: console $ curl -sk --resolve domain1.example.com:10000:127.0.0.1 \ - https://domain1.example.com:10000 \ - | jq -r '.os.hostname' + https://domain1.example.com:10000 \ + | jq -r '.os.hostname' http-upstream1 $ curl -sk --resolve domain2.example.com:10000:127.0.0.1 \ - https://domain2.example.com:10000 \ - | jq -r '.os.hostname' + https://domain2.example.com:10000 \ + | jq -r '.os.hostname' http-upstream2 $ curl -sk --resolve domain3.example.com:10000:127.0.0.1 \ - https://domain3.example.com:10000 \ - | jq -r '.os.hostname' + https://domain3.example.com:10000 \ + | jq -r '.os.hostname' https-upstream3 Step 3: Query the ``SNI`` endpoints via an Envoy proxy client diff --git a/docs/root/start/sandboxes/tls.rst b/docs/root/start/sandboxes/tls.rst index ecfbcaf4e3cb..f55161fead25 100644 --- a/docs/root/start/sandboxes/tls.rst +++ b/docs/root/start/sandboxes/tls.rst @@ -8,10 +8,10 @@ Transport layer security (``TLS``) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`jq ` - Parse ``json`` output from the upstream echo servers. + Parse ``json`` output from the upstream echo servers. This example walks through some of the ways that Envoy can be configured to make use of encrypted connections using ``HTTP`` over ``TLS``. diff --git a/docs/root/start/sandboxes/udp.rst b/docs/root/start/sandboxes/udp.rst index cbcb712c97e2..5eb039824573 100644 --- a/docs/root/start/sandboxes/udp.rst +++ b/docs/root/start/sandboxes/udp.rst @@ -8,10 +8,10 @@ User Datagram Protocol (``UDP``) .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. :ref:`netcat ` - Used to send ``UDP`` packets. + Used to send ``UDP`` packets. This sandbox provides a very simple example of Envoy proxying ``UDP``. diff --git a/docs/root/start/sandboxes/wasm-cc.rst b/docs/root/start/sandboxes/wasm-cc.rst index 8a0c9517bb14..83ab7d7eac6b 100644 --- a/docs/root/start/sandboxes/wasm-cc.rst +++ b/docs/root/start/sandboxes/wasm-cc.rst @@ -8,7 +8,7 @@ Wasm C++ filter .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. .. sidebar:: Compatibility @@ -36,7 +36,7 @@ Change to the ``examples/wasm-cc`` folder in the Envoy repo, and start the compo $ docker-compose up -d $ docker-compose ps - Name Command State Ports + Name Command State Ports ----------------------------------------------------------------------------------------------- wasm_proxy_1 /docker-entrypoint.sh /usr ... Up 10000/tcp, 0.0.0.0:8000->8000/tcp wasm_web_service_1 node ./index.js Up diff --git a/docs/root/start/sandboxes/websocket.rst b/docs/root/start/sandboxes/websocket.rst index 7f28770c7eae..37de57ea793f 100644 --- a/docs/root/start/sandboxes/websocket.rst +++ b/docs/root/start/sandboxes/websocket.rst @@ -8,7 +8,7 @@ WebSockets .. include:: _include/docker-env-setup-link.rst :ref:`openssl ` - Generate ``SSL`` keys and certificates. + Generate ``SSL`` keys and certificates. This example walks through some of the ways that Envoy can be configured to proxy WebSockets. diff --git a/docs/root/start/sandboxes/zipkin_tracing.rst b/docs/root/start/sandboxes/zipkin_tracing.rst index e2f9a10412a2..ce871a9ee278 100644 --- a/docs/root/start/sandboxes/zipkin_tracing.rst +++ b/docs/root/start/sandboxes/zipkin_tracing.rst @@ -8,7 +8,7 @@ Zipkin tracing .. include:: _include/docker-env-setup-link.rst :ref:`curl ` - Used to make ``HTTP`` requests. + Used to make ``HTTP`` requests. The Zipkin tracing sandbox demonstrates Envoy's :ref:`request tracing ` capabilities using `Zipkin `_ as the tracing provider. This sandbox diff --git a/docs/root/version_history/v1.12.6.rst b/docs/root/version_history/v1.12.6.rst index f40a65e1076c..b4abcd6ee8da 100644 --- a/docs/root/version_history/v1.12.6.rst +++ b/docs/root/version_history/v1.12.6.rst @@ -1,3 +1,3 @@ 1.12.6 (July 7, 2020) ===================== -* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. \ No newline at end of file +* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. diff --git a/docs/root/version_history/v1.12.7.rst b/docs/root/version_history/v1.12.7.rst index 875e2d683d1c..d8eb12782a0d 100644 --- a/docs/root/version_history/v1.12.7.rst +++ b/docs/root/version_history/v1.12.7.rst @@ -17,4 +17,4 @@ Changes 4. The Lua filter. Like primary header matching used in routing, RBAC, etc. this behavior can be disabled by setting - the runtime value "envoy.reloadable_features.http_match_on_all_headers" to false. \ No newline at end of file + the runtime value "envoy.reloadable_features.http_match_on_all_headers" to false. diff --git a/docs/root/version_history/v1.13.4.rst b/docs/root/version_history/v1.13.4.rst index bd29b7cc0bec..60ca6acece27 100644 --- a/docs/root/version_history/v1.13.4.rst +++ b/docs/root/version_history/v1.13.4.rst @@ -1,3 +1,3 @@ 1.13.4 (July 7, 2020) ===================== -* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. \ No newline at end of file +* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. diff --git a/docs/root/version_history/v1.13.5.rst b/docs/root/version_history/v1.13.5.rst index 370d9b4f376c..f7dd1bc7e0d4 100644 --- a/docs/root/version_history/v1.13.5.rst +++ b/docs/root/version_history/v1.13.5.rst @@ -22,4 +22,4 @@ Changes non-inline headers. setCopy() now behaves similarly to the other set*() APIs and replaces all found headers with a single value. This may have had security implications in the extauth filter which uses this API. This behavior can be disabled by setting the runtime value - "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. \ No newline at end of file + "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. diff --git a/docs/root/version_history/v1.13.6.rst b/docs/root/version_history/v1.13.6.rst index d7d7fea91c37..c758f5d615d3 100644 --- a/docs/root/version_history/v1.13.6.rst +++ b/docs/root/version_history/v1.13.6.rst @@ -2,4 +2,4 @@ =========================== Changes ------- -* test: fix flaky test. \ No newline at end of file +* test: fix flaky test. diff --git a/docs/root/version_history/v1.14.4.rst b/docs/root/version_history/v1.14.4.rst index fa366227c607..bc105781c135 100644 --- a/docs/root/version_history/v1.14.4.rst +++ b/docs/root/version_history/v1.14.4.rst @@ -1,3 +1,3 @@ 1.14.4 (July 7, 2020) ===================== -* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. \ No newline at end of file +* tls: fixed a bug where wilcard matching for "\*.foo.com" also matched domains of the form "a.b.foo.com". This behavior can be temporarily reverted by setting runtime feature `envoy.reloadable_features.fix_wildcard_matching` to false. diff --git a/docs/root/version_history/v1.14.5.rst b/docs/root/version_history/v1.14.5.rst index b252c2ac235f..e70614bc9347 100644 --- a/docs/root/version_history/v1.14.5.rst +++ b/docs/root/version_history/v1.14.5.rst @@ -22,4 +22,4 @@ Changes non-inline headers. setCopy() now behaves similarly to the other set*() APIs and replaces all found headers with a single value. This may have had security implications in the extauth filter which uses this API. This behavior can be disabled by setting the runtime value - "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. \ No newline at end of file + "envoy.reloadable_features.http_set_copy_replace_all_headers" to false. diff --git a/docs/root/version_history/v1.15.2.rst b/docs/root/version_history/v1.15.2.rst index 2f093be2f5f0..19150c303646 100644 --- a/docs/root/version_history/v1.15.2.rst +++ b/docs/root/version_history/v1.15.2.rst @@ -3,4 +3,4 @@ Changes ------- -* docs: fix docs for v1.15.1. \ No newline at end of file +* docs: fix docs for v1.15.1. diff --git a/examples/cache/verify.sh b/examples/cache/verify.sh index 15cb42bbc0e4..38d9f2c909ae 100755 --- a/examples/cache/verify.sh +++ b/examples/cache/verify.sh @@ -10,7 +10,7 @@ check_validated() { local _dates dates _dates=$(grep -oP '\d\d:\d\d:\d\d' <<< "$1") while read -r line; do dates+=("$line"); done \ - <<< "$_dates" + <<< "$_dates" # Make sure they are different if [[ ${dates[0]} == "${dates[1]}" ]]; then echo "ERROR: validated responses should have a date AFTER the generation timestamp" >&2 @@ -36,7 +36,7 @@ check_from_origin() { local _dates dates _dates=$(grep -oP '\d\d:\d\d:\d\d' <<< "$1") while read -r line; do dates+=("$line"); done \ - <<< "$_dates" + <<< "$_dates" # Make sure they are equal if [[ ${dates[0]} != "${dates[1]}" ]]; then echo "ERROR: responses from origin should have a date equal to the generation timestamp" >&2 @@ -69,8 +69,7 @@ response=$(curl -si localhost:8000/service/1/valid-for-minute) check_validated "$response" run_log "Private: Make 4 requests make sure they are all served by the origin" -for _ in {0..3} -do +for _ in {0..3}; do response=$(curl -si localhost:8000/service/1/private) check_from_origin "$response" done @@ -80,8 +79,7 @@ response=$(curl -si localhost:8000/service/1/no-cache) check_from_origin "$response" run_log "No-cache: Make 4 more requests and make sure they are all validated before being served from cache" -for _ in {0..3} -do +for _ in {0..3}; do sleep 1 response=$(curl -si localhost:8000/service/1/no-cache) check_validated "$response" diff --git a/examples/double-proxy/verify.sh b/examples/double-proxy/verify.sh index 4f1b84a712b1..d8bacd68d71b 100755 --- a/examples/double-proxy/verify.sh +++ b/examples/double-proxy/verify.sh @@ -22,33 +22,33 @@ openssl genrsa -out certs/example.com.key 2048 run_log "Generate signing requests for each proxy" openssl req -new -sha256 \ - -key certs/example.com.key \ - -subj "/C=US/ST=CA/O=MyExample, Inc./CN=proxy-postgres-frontend.example.com" \ - -out certs/proxy-postgres-frontend.example.com.csr + -key certs/example.com.key \ + -subj "/C=US/ST=CA/O=MyExample, Inc./CN=proxy-postgres-frontend.example.com" \ + -out certs/proxy-postgres-frontend.example.com.csr openssl req -new -sha256 \ - -key certs/example.com.key \ - -subj "/C=US/ST=CA/O=MyExample, Inc./CN=proxy-postgres-backend.example.com" \ - -out certs/proxy-postgres-backend.example.com.csr + -key certs/example.com.key \ + -subj "/C=US/ST=CA/O=MyExample, Inc./CN=proxy-postgres-backend.example.com" \ + -out certs/proxy-postgres-backend.example.com.csr run_log "Generate certificates for each proxy" openssl x509 -req \ - -in certs/proxy-postgres-frontend.example.com.csr \ - -CA certs/ca.crt \ - -CAkey certs/ca.key \ - -CAcreateserial \ - -extfile <(printf "subjectAltName=DNS:proxy-postgres-frontend.example.com") \ - -out certs/postgres-frontend.example.com.crt \ - -days 500 \ - -sha256 + -in certs/proxy-postgres-frontend.example.com.csr \ + -CA certs/ca.crt \ + -CAkey certs/ca.key \ + -CAcreateserial \ + -extfile <(printf "subjectAltName=DNS:proxy-postgres-frontend.example.com") \ + -out certs/postgres-frontend.example.com.crt \ + -days 500 \ + -sha256 openssl x509 -req \ - -in certs/proxy-postgres-backend.example.com.csr \ - -CA certs/ca.crt \ - -CAkey certs/ca.key \ - -CAcreateserial \ - -extfile <(printf "subjectAltName=DNS:proxy-postgres-backend.example.com") \ - -out certs/postgres-backend.example.com.crt \ - -days 500 \ - -sha256 + -in certs/proxy-postgres-backend.example.com.csr \ + -CA certs/ca.crt \ + -CAkey certs/ca.key \ + -CAcreateserial \ + -extfile <(printf "subjectAltName=DNS:proxy-postgres-backend.example.com") \ + -out certs/postgres-backend.example.com.crt \ + -days 500 \ + -sha256 bring_up_example diff --git a/examples/grpc-bridge/README.md b/examples/grpc-bridge/README.md index 5d28b5d48569..e3d746fa0264 100644 --- a/examples/grpc-bridge/README.md +++ b/examples/grpc-bridge/README.md @@ -3,8 +3,8 @@ to the [envoy docs](https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/ # gRPC HTTP/1.1 to HTTP/2 bridge -This is an example of a key-value store where a client CLI, written in Python, updates a remote store, written in Go, using the stubs generated for both languages. - +This is an example of a key-value store where a client CLI, written in Python, updates a remote store, written in Go, using the stubs generated for both languages. + Running clients that uses gRPC stubs and sends messages through a proxy that upgrades the HTTP requests from http/1.1 to http/2. This is a more detailed implementation of the Envoy documentation at https://www.envoyproxy.io/docs/envoy/latest/start/sandboxes/grpc_bridge diff --git a/examples/grpc-bridge/server/Dockerfile b/examples/grpc-bridge/server/Dockerfile index 2c13ec006a12..14e169cf4a9f 100644 --- a/examples/grpc-bridge/server/Dockerfile +++ b/examples/grpc-bridge/server/Dockerfile @@ -16,7 +16,7 @@ COPY kv/ /build/kv # Build for linux ENV GOOS=linux ENV GOARCH=amd64 -ENV CGO_ENABLED=0 +ENV CGO_ENABLED=0 RUN go build -o server # Build the main container (Linux Runtime) diff --git a/examples/grpc-bridge/server/service.go b/examples/grpc-bridge/server/service.go index 7c4e5b8cbef5..51cc22687c4c 100644 --- a/examples/grpc-bridge/server/service.go +++ b/examples/grpc-bridge/server/service.go @@ -1,64 +1,64 @@ package main import ( - "flag" - "fmt" - "log" - "net" + "flag" + "fmt" + "log" + "net" - "sync" + "sync" "github.com/envoyproxy/envoy/examples/grpc-bridge/server/kv" - "golang.org/x/net/context" - "google.golang.org/grpc" + "golang.org/x/net/context" + "google.golang.org/grpc" ) type KV struct { - sync.Mutex - store map[string]string + sync.Mutex + store map[string]string } func (k *KV) Get(ctx context.Context, in *kv.GetRequest) (*kv.GetResponse, error) { - log.Printf("get: %s", in.Key) - resp := new(kv.GetResponse) - if val, ok := k.store[in.Key]; ok { - resp.Value = val - } + log.Printf("get: %s", in.Key) + resp := new(kv.GetResponse) + if val, ok := k.store[in.Key]; ok { + resp.Value = val + } - return resp, nil + return resp, nil } func (k *KV) Set(ctx context.Context, in *kv.SetRequest) (*kv.SetResponse, error) { - log.Printf("set: %s = %s", in.Key, in.Value) - k.Lock() - defer k.Unlock() + log.Printf("set: %s = %s", in.Key, in.Value) + k.Lock() + defer k.Unlock() - k.store[in.Key] = in.Value + k.store[in.Key] = in.Value - return &kv.SetResponse{Ok: true}, nil + return &kv.SetResponse{Ok: true}, nil } func NewKVStore() (kv *KV) { - kv = &KV{ - store: make(map[string]string), - } + kv = &KV{ + store: make(map[string]string), + } - return + return } func main() { - port := flag.Int("port", 8081, "grpc port") + port := flag.Int("port", 8081, "grpc port") - flag.Parse() + flag.Parse() - lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) - if err != nil { - log.Fatalf("failed to listen: %v", err) - } - gs := grpc.NewServer() - kv.RegisterKVServer(gs, NewKVStore()) + lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) + if err != nil { + log.Fatalf("failed to listen: %v", err) + } + gs := grpc.NewServer() + kv.RegisterKVServer(gs, NewKVStore()) - log.Printf("starting grpc on :%d\n", *port) + log.Printf("starting grpc on :%d\n", *port) - gs.Serve(lis) + gs.Serve(lis) } diff --git a/examples/jaeger-native-tracing/Dockerfile-frontenvoy b/examples/jaeger-native-tracing/Dockerfile-frontenvoy index f7f1c893e065..d92faf3834eb 100644 --- a/examples/jaeger-native-tracing/Dockerfile-frontenvoy +++ b/examples/jaeger-native-tracing/Dockerfile-frontenvoy @@ -13,5 +13,5 @@ RUN echo "4a7d17d4724ee890490bcd6cfdedb12a02316a3d33214348d30979abd201f1ca /usr/ && mv /usr/local/lib/libjaegertracing.so.0.4.2 /usr/local/lib/libjaegertracing_plugin.so \ && sha256sum -c /tmp/checksum \ && rm /tmp/checksum \ - && chmod go+r /etc/front-envoy.yaml + && chmod go+r /etc/front-envoy.yaml CMD ["/usr/local/bin/envoy", "-c", "/etc/front-envoy.yaml", "--service-cluster", "front-proxy"] diff --git a/examples/tls-sni/verify.sh b/examples/tls-sni/verify.sh index 88dd9560d34c..375f764b4beb 100755 --- a/examples/tls-sni/verify.sh +++ b/examples/tls-sni/verify.sh @@ -13,9 +13,9 @@ touch ~/.rnd create_self_signed_certs () { local domain="$1" openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 \ - -subj "/C=US/ST=CA/O=MyExample, Inc./CN=${domain}.example.com" \ - -keyout "certs/${domain}.key.pem" \ - -out "certs/${domain}.crt.pem" + -subj "/C=US/ST=CA/O=MyExample, Inc./CN=${domain}.example.com" \ + -keyout "certs/${domain}.key.pem" \ + -out "certs/${domain}.crt.pem" } mkdir -p certs diff --git a/examples/verify-common.sh b/examples/verify-common.sh index 277336170f82..4908b2bcc4ea 100644 --- a/examples/verify-common.sh +++ b/examples/verify-common.sh @@ -18,9 +18,9 @@ bring_up_example_stack () { path="$1" read -ra up_args <<< "up --build -d ${args[*]}" if [[ -z "$DOCKER_NO_PULL" ]]; then - run_log "Pull the images ($path)" - docker-compose pull - echo + run_log "Pull the images ($path)" + docker-compose pull + echo fi run_log "Bring up services ($path)" docker-compose "${up_args[@]}" || return 1 @@ -129,13 +129,13 @@ wait_for () { local i=1 returns=1 seconds="$1" shift while ((i<=seconds)); do - if "$@"; then - returns=0 - break - else - sleep 1 - ((i++)) - fi + if "$@"; then + returns=0 + break + else + sleep 1 + ((i++)) + fi done return "$returns" } diff --git a/examples/websocket/verify.sh b/examples/websocket/verify.sh index 22bb03cc48df..952b01179a01 100755 --- a/examples/websocket/verify.sh +++ b/examples/websocket/verify.sh @@ -15,11 +15,11 @@ touch ~/.rnd interact_ws () { local port="$1" \ - protocol="$2" \ - backend="$3" \ - insecure="" + protocol="$2" \ + backend="$3" \ + insecure="" if [ "$protocol" == "wss" ]; then - insecure="--insecure" + insecure="--insecure" fi expect <; } // namespace Decompressor } // namespace Compression -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/include/envoy/http/header_formatter.h b/include/envoy/http/header_formatter.h index c30f4c459ee4..8615cd7a7a5d 100644 --- a/include/envoy/http/header_formatter.h +++ b/include/envoy/http/header_formatter.h @@ -67,4 +67,4 @@ class StatefulHeaderKeyFormatterFactoryConfig : public Config::TypedFactory { }; } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/include/envoy/matcher/matcher.h b/include/envoy/matcher/matcher.h index 4c65305f5416..fc6e335d7b07 100644 --- a/include/envoy/matcher/matcher.h +++ b/include/envoy/matcher/matcher.h @@ -237,4 +237,4 @@ template class DataInputFactory : public Config::TypedFactory { }; } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/include/envoy/network/exception.h b/include/envoy/network/exception.h index 54ba28bca290..45fef6b2a332 100644 --- a/include/envoy/network/exception.h +++ b/include/envoy/network/exception.h @@ -29,4 +29,4 @@ class SocketBindException : public CreateListenerException { }; } // namespace Network -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/include/envoy/server/api_listener.h b/include/envoy/server/api_listener.h index d07dd2ec8fd2..b14fb7068abd 100644 --- a/include/envoy/server/api_listener.h +++ b/include/envoy/server/api_listener.h @@ -43,4 +43,4 @@ using ApiListenerPtr = std::unique_ptr; using ApiListenerOptRef = absl::optional>; } // namespace Server -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/include/envoy/tracing/trace_reason.h b/include/envoy/tracing/trace_reason.h index 3ad8217f321c..6db64d4caed0 100644 --- a/include/envoy/tracing/trace_reason.h +++ b/include/envoy/tracing/trace_reason.h @@ -28,4 +28,4 @@ struct Decision { }; } // namespace Tracing -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/config/ttl.cc b/source/common/config/ttl.cc index 3b54a788ae28..07dfec5fe33c 100644 --- a/source/common/config/ttl.cc +++ b/source/common/config/ttl.cc @@ -70,4 +70,4 @@ void TtlManager::refreshTimer() { timer_->enableTimer(timer_duration, nullptr); } } // namespace Config -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/config/ttl.h b/source/common/config/ttl.h index aa7091c63765..880fe42a60f8 100644 --- a/source/common/config/ttl.h +++ b/source/common/config/ttl.h @@ -66,4 +66,4 @@ class TtlManager { TimeSource& time_source_; }; } // namespace Config -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/event/deferred_task.h b/source/common/event/deferred_task.h index 66ea7b929cc3..914e9aa54f0c 100644 --- a/source/common/event/deferred_task.h +++ b/source/common/event/deferred_task.h @@ -32,4 +32,4 @@ class DeferredTaskUtil { }; } // namespace Event -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/header_list_view.cc b/source/common/http/header_list_view.cc index adfb3f0657fa..dab359253b10 100644 --- a/source/common/http/header_list_view.cc +++ b/source/common/http/header_list_view.cc @@ -12,4 +12,4 @@ HeaderListView::HeaderListView(const HeaderMap& header_map) { } } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/http1/settings.cc b/source/common/http/http1/settings.cc index c9a33381a68f..18a4dd0dadf0 100644 --- a/source/common/http/http1/settings.cc +++ b/source/common/http/http1/settings.cc @@ -55,4 +55,4 @@ Http1Settings parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOpt } // namespace Http1 } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/http1/settings.h b/source/common/http/http1/settings.h index 8dfebf177cc3..da7b192e5004 100644 --- a/source/common/http/http1/settings.h +++ b/source/common/http/http1/settings.h @@ -21,4 +21,4 @@ Http1Settings parseHttp1Settings(const envoy::config::core::v3::Http1ProtocolOpt } // namespace Http1 } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/matching/data_impl.h b/source/common/http/matching/data_impl.h index d417993bf8f3..136ded312610 100644 --- a/source/common/http/matching/data_impl.h +++ b/source/common/http/matching/data_impl.h @@ -57,4 +57,4 @@ using HttpMatchingDataImplSharedPtr = std::shared_ptr; } // namespace Matching } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/matching/inputs.cc b/source/common/http/matching/inputs.cc index ab5eeda0b34f..a7874d440456 100644 --- a/source/common/http/matching/inputs.cc +++ b/source/common/http/matching/inputs.cc @@ -11,4 +11,4 @@ REGISTER_FACTORY(HttpRequestTrailersDataInputFactory, Matcher::DataInputFactory< REGISTER_FACTORY(HttpResponseTrailersDataInputFactory, Matcher::DataInputFactory); } // namespace Matching } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/http/matching/inputs.h b/source/common/http/matching/inputs.h index fc68c043ee67..bb69aa26b306 100644 --- a/source/common/http/matching/inputs.h +++ b/source/common/http/matching/inputs.h @@ -146,4 +146,4 @@ class HttpResponseTrailersDataInputFactory }; } // namespace Matching } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/matcher/exact_map_matcher.h b/source/common/matcher/exact_map_matcher.h index 3c7a2f947f43..61de9e626913 100644 --- a/source/common/matcher/exact_map_matcher.h +++ b/source/common/matcher/exact_map_matcher.h @@ -57,4 +57,4 @@ class ExactMapMatcher : public MatchTree, Logger::Loggable> on_no_match_; }; } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/matcher/field_matcher.h b/source/common/matcher/field_matcher.h index a5a4d1754814..a4eec335e3f6 100644 --- a/source/common/matcher/field_matcher.h +++ b/source/common/matcher/field_matcher.h @@ -154,4 +154,4 @@ class SingleFieldMatcher : public FieldMatcher, Logger::Loggable using SingleFieldMatcherPtr = std::unique_ptr>; } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/matcher/list_matcher.h b/source/common/matcher/list_matcher.h index 6ec2b5cba285..94b9b9274f77 100644 --- a/source/common/matcher/list_matcher.h +++ b/source/common/matcher/list_matcher.h @@ -42,4 +42,4 @@ template class ListMatcher : public MatchTree { }; } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/matcher/matcher.cc b/source/common/matcher/matcher.cc index fad11860067f..e784c8f02496 100644 --- a/source/common/matcher/matcher.cc +++ b/source/common/matcher/matcher.cc @@ -3,4 +3,4 @@ #include "common/common/assert.h" #include "common/config/utility.h" -namespace Envoy {} \ No newline at end of file +namespace Envoy {} diff --git a/source/common/matcher/value_input_matcher.h b/source/common/matcher/value_input_matcher.h index c165963c7b37..acbfded9cd7e 100644 --- a/source/common/matcher/value_input_matcher.h +++ b/source/common/matcher/value_input_matcher.h @@ -25,4 +25,4 @@ class StringInputMatcher : public InputMatcher { }; } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/network/filter_matcher.h b/source/common/network/filter_matcher.h index be2114bdabe4..d1178a330163 100644 --- a/source/common/network/filter_matcher.h +++ b/source/common/network/filter_matcher.h @@ -92,4 +92,4 @@ class ListenerFilterOrMatcher final : public ListenerFilterSetLogicMatcher { }; } // namespace Network -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/common/stats/tag_utility.h b/source/common/stats/tag_utility.h index edecaca7956a..0aeacbaf53ae 100644 --- a/source/common/stats/tag_utility.h +++ b/source/common/stats/tag_utility.h @@ -56,4 +56,4 @@ class TagStatNameJoiner { }; } // namespace TagUtility } // namespace Stats -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/docs/coverage.md b/source/docs/coverage.md index af03e27fec13..b00357c1f639 100644 --- a/source/docs/coverage.md +++ b/source/docs/coverage.md @@ -30,7 +30,7 @@ Scroll down on the left, and click on “Upload coverage reports” This will provide a link on the right, telling you where the coverage upload went, in this case a link to “https://storage.googleapis.com/envoy-pr/269d783/coverage/index.html” (which -will only be valid for some number of days). +will only be valid for some number of days). ![coverage upload](upload.png) @@ -44,6 +44,3 @@ tested switch statements are considered uncovered lines. Generally this will instead provide a branch of code which simply needs unit tests. ![coverage file](file.png) - - - diff --git a/source/docs/fancy_logger.md b/source/docs/fancy_logger.md index 2a8c2e665f51..da4e5f2dc12f 100644 --- a/source/docs/fancy_logger.md +++ b/source/docs/fancy_logger.md @@ -1,7 +1,7 @@ ## Fancy Logger: Flexible Granularity Log Control in Envoy ### Overview -Fancy Logger is a logger with finer grained log level control and runtime logger update using administration interface. Compared to the existing logger in Envoy, Fancy Logger provides file level control which can be easily extended to finer grained logger with function or line level control, and it is completely automatic and never requires developers to explicitly specify the logging component. Besides, it has a comparable speed as Envoy's logger. +Fancy Logger is a logger with finer grained log level control and runtime logger update using administration interface. Compared to the existing logger in Envoy, Fancy Logger provides file level control which can be easily extended to finer grained logger with function or line level control, and it is completely automatic and never requires developers to explicitly specify the logging component. Besides, it has a comparable speed as Envoy's logger. ### Basic Usage The basic usage of Fancy Logger is to explicitly call its macros: @@ -20,14 +20,14 @@ More macros with connection and stream information: FANCY_CONN_LOG(warn, "Fake info {} of connection", connection_, 1); FANCY_STREAM_LOG(warn, "Fake warning {} of stream", stream_, 1); ``` -To flush a logger, `FANCY_FLUSH_LOG()` can be used. +To flush a logger, `FANCY_FLUSH_LOG()` can be used. ### Enable Fancy Logger using Command Line Option -A command line option is provided to enable Fancy Logger: `--enable-fine-grain-logging`. It enables Fancy Logger for Envoy, i.e. replaces most Envoy's log macros (`ENVOY_LOG, ENVOY_FLUSH_LOG, ENVOY_CONN_LOG, ENVOY_STREAM_LOG`) with corresponding Fancy Logger's macros. +A command line option is provided to enable Fancy Logger: `--enable-fine-grain-logging`. It enables Fancy Logger for Envoy, i.e. replaces most Envoy's log macros (`ENVOY_LOG, ENVOY_FLUSH_LOG, ENVOY_CONN_LOG, ENVOY_STREAM_LOG`) with corresponding Fancy Logger's macros. If Fancy Logger is enabled, the default log format is `"[%Y-%m-%d %T.%e][%t][%l] [%g:%#] %v"`, where the logger name is omitted compared to Envoy's default as it's the same as file name. The default log level is info, if not specidfied by user of any logging context. -Note that Envoy's logger can still be used in Fancy mode. These macros are not replaced: `GET_MISC_LOGGER, ENVOY_LOG_MISC, ENVOY_LOGGER, ENVOY_LOG_TO_LOGGER, ENVOY_CONN_LOG_TO_LOGGER, ENVOY_STREAM_LOG_TO_LOGGER`. For example, `ENVOY_LOG_LOGGER(ENVOY_LOGGER(), LEVEL, ...)` is equivalent to `ENVOY_LOG` in Envoy mode. +Note that Envoy's logger can still be used in Fancy mode. These macros are not replaced: `GET_MISC_LOGGER, ENVOY_LOG_MISC, ENVOY_LOGGER, ENVOY_LOG_TO_LOGGER, ENVOY_CONN_LOG_TO_LOGGER, ENVOY_STREAM_LOG_TO_LOGGER`. For example, `ENVOY_LOG_LOGGER(ENVOY_LOGGER(), LEVEL, ...)` is equivalent to `ENVOY_LOG` in Envoy mode. If Fancy Logger is not enabled, existing Envoy's logger is used. In this mode, basic macros like `FANCY_LOG` can be used but the main part of `ENVOY_LOG` will keep the same. One limitation is that logger update in admin page is not supported by default as it detects Envoy mode. The reason is: Envoy mode is designed only to be back compatible. To address it, developers can use `Logger::Context::enableFancyLogger()` to manually enable Fancy Logger. @@ -41,21 +41,20 @@ Runtime update of Fancy Logger is supported with administration interface, i.e. Users can view and change the log level in a granularity of file in runtime through admin page. Note that `file_path` is determined by `__FILE__` macro, which is the path seen by preprocessor. ### Implementation Details -Fancy Logger can be divided into two parts: +Fancy Logger can be divided into two parts: 1. Core part: file level logger without explicit inheriting `Envoy::Logger::Loggable`; -2. Hook part: control interfaces, such as command line and admin page. +2. Hook part: control interfaces, such as command line and admin page. #### Core Part The core of Fancy Logger is implemented in `class FancyContext`, which is a singleton class. Filenames (i.e. keys) and logger pointers are stored in `FancyContext::fancy_log_map_`. There are several code paths when `FANCY_LOG` is called. -1. Slow path: if `FANCY_LOG` is first called in a file, `FancyContext::initFancyLogger(key, local_logger_ptr)` is called to create a new logger globally and store the `` pair in `fancy_log_map_`. Then local logger pointer is updated and will never be changed. +1. Slow path: if `FANCY_LOG` is first called in a file, `FancyContext::initFancyLogger(key, local_logger_ptr)` is called to create a new logger globally and store the `` pair in `fancy_log_map_`. Then local logger pointer is updated and will never be changed. 2. Medium path: if `FANCY_LOG` is first called at the call site but not in the file, `FancyContext::initFancyLogger(key, local_logger_ptr)` is still called but local logger pointer is quickly set to the global logger, as there is already global record of the given filename. 3. Fast path: if `FANCY_LOG` is called after first call at the site, the log is directly printed using local logger pointer. #### Hook Part -Fancy Logger provides control interfaces through command line and admin page. +Fancy Logger provides control interfaces through command line and admin page. -To pass the arguments such as log format and default log level to Fancy Logger, `fancy_log_format` and `fancy_default_level` are added in `class Context` and they are updated when a new logging context is activated. `getFancyContext().setDefaultFancyLevelFormat(level, format)` is called in `Context::activate()` to set log format and update loggers' previous default level to the new level. +To pass the arguments such as log format and default log level to Fancy Logger, `fancy_log_format` and `fancy_default_level` are added in `class Context` and they are updated when a new logging context is activated. `getFancyContext().setDefaultFancyLevelFormat(level, format)` is called in `Context::activate()` to set log format and update loggers' previous default level to the new level. To support the runtime update in admin page, log handler in admin page uses `getFancyContext().listFancyLoggers()` to show all Fancy Loggers, `getFancyContext().setFancyLogger(name, level)` to set a specific logger and `getFancyContext().setAllFancyLoggers(level)` to set all loggers. - diff --git a/source/docs/filters/http/cache/cache_filter_plugins.md b/source/docs/filters/http/cache/cache_filter_plugins.md index 51798ccccd0d..94a89cd3c065 100644 --- a/source/docs/filters/http/cache/cache_filter_plugins.md +++ b/source/docs/filters/http/cache/cache_filter_plugins.md @@ -25,11 +25,11 @@ You need to write implementations of four small interfaces: ## LookupContext * Example Implementation: `SimpleLookupContext` - * `LookupContext` represents a single lookup operation; this is a good place to store whatever per-lookup state you may need during the lookup process. + * `LookupContext` represents a single lookup operation; this is a good place to store whatever per-lookup state you may need during the lookup process. ## InsertContext * Example Implementation: `SimpleInsertContext` - * `LookupContext` represents a single insert operation; this is a good place to store whatever per-insert state you may need during the lookup process. + * `LookupContext` represents a single insert operation; this is a good place to store whatever per-insert state you may need during the lookup process. ### Flow diff --git a/source/docs/header_map.md b/source/docs/header_map.md index 59ae9db78621..de2a52fe27ea 100644 --- a/source/docs/header_map.md +++ b/source/docs/header_map.md @@ -19,7 +19,7 @@ The Envoy header map implementation (`HeaderMapImpl`) has the following properti * O(1) registered headers are tracked during static initialization via the `CustomInlineHeaderBase` class. -* The first time a header map is constructed (in practice this is after bootstrap load and the +* The first time a header map is constructed (in practice this is after bootstrap load and the Envoy header prefix is finalized when `getAllHeaderMapImplInfo` is called), the `StaticLookupTable` is finalized for each header map type. No further changes are possible after this point. The `StaticLookupTable` defines the amount of variable pointer table space that is @@ -27,4 +27,4 @@ The Envoy header map implementation (`HeaderMapImpl`) has the following properti * Each concrete header map type derives from `InlineStorage` with a variable length member at the end of the definition. * Each concrete header map type uses a factory function and a provide constructor. The required - size is determined via the `inlineHeadersSize` function. \ No newline at end of file + size is determined via the `inlineHeadersSize` function. diff --git a/source/extensions/access_loggers/common/stream_access_log_common_impl.h b/source/extensions/access_loggers/common/stream_access_log_common_impl.h index 15165ed2b5ab..feec726dc834 100644 --- a/source/extensions/access_loggers/common/stream_access_log_common_impl.h +++ b/source/extensions/access_loggers/common/stream_access_log_common_impl.h @@ -32,4 +32,4 @@ createStreamAccessLogInstance(const Protobuf::Message& config, AccessLog::Filter } // namespace AccessLoggers } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h b/source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h index 0d4762ede616..34a6004f6e36 100644 --- a/source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h +++ b/source/extensions/common/dynamic_forward_proxy/dns_cache_resource_manager.h @@ -41,4 +41,4 @@ class DnsCacheResourceManagerImpl : public DnsCacheResourceManager { } // namespace DynamicForwardProxy } // namespace Common } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/decompressor/config.cc b/source/extensions/filters/http/decompressor/config.cc index fb52ae85c216..988f76c75859 100644 --- a/source/extensions/filters/http/decompressor/config.cc +++ b/source/extensions/filters/http/decompressor/config.cc @@ -45,4 +45,4 @@ REGISTER_FACTORY(DecompressorFilterFactory, Server::Configuration::NamedHttpFilt } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/decompressor/config.h b/source/extensions/filters/http/decompressor/config.h index 4e04abe3c6df..cdcef94a180e 100644 --- a/source/extensions/filters/http/decompressor/config.h +++ b/source/extensions/filters/http/decompressor/config.h @@ -30,4 +30,4 @@ DECLARE_FACTORY(DecompressorFilterFactory); } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/decompressor/decompressor_filter.cc b/source/extensions/filters/http/decompressor/decompressor_filter.cc index e4ef982714e5..c30c5b1a9360 100644 --- a/source/extensions/filters/http/decompressor/decompressor_filter.cc +++ b/source/extensions/filters/http/decompressor/decompressor_filter.cc @@ -191,4 +191,4 @@ DecompressorFilter::getContentEncodingHandle() { } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/decompressor/decompressor_filter.h b/source/extensions/filters/http/decompressor/decompressor_filter.h index 83ad541ce76e..601d170fe136 100644 --- a/source/extensions/filters/http/decompressor/decompressor_filter.h +++ b/source/extensions/filters/http/decompressor/decompressor_filter.h @@ -242,4 +242,4 @@ class DecompressorFilter : public Http::PassThroughFilter, } // namespace Decompressor } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/config.cc b/source/extensions/filters/http/ext_proc/config.cc index 895fe4e73f69..117f8f6eca6e 100644 --- a/source/extensions/filters/http/ext_proc/config.cc +++ b/source/extensions/filters/http/ext_proc/config.cc @@ -34,4 +34,4 @@ REGISTER_FACTORY(ExternalProcessingFilterConfig, } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/config.h b/source/extensions/filters/http/ext_proc/config.h index 1adad88e1859..a3626a249e7a 100644 --- a/source/extensions/filters/http/ext_proc/config.h +++ b/source/extensions/filters/http/ext_proc/config.h @@ -31,4 +31,4 @@ class ExternalProcessingFilterConfig } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/ext_proc.cc b/source/extensions/filters/http/ext_proc/ext_proc.cc index b7f710876323..5b64b0f391e2 100644 --- a/source/extensions/filters/http/ext_proc/ext_proc.cc +++ b/source/extensions/filters/http/ext_proc/ext_proc.cc @@ -433,4 +433,4 @@ void Filter::sendImmediateResponse(const ImmediateResponse& response) { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/ext_proc.h b/source/extensions/filters/http/ext_proc/ext_proc.h index b2edbf22262f..35f99e5fe205 100644 --- a/source/extensions/filters/http/ext_proc/ext_proc.h +++ b/source/extensions/filters/http/ext_proc/ext_proc.h @@ -187,4 +187,4 @@ class Filter : public Logger::Loggable, } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/mutation_utils.cc b/source/extensions/filters/http/ext_proc/mutation_utils.cc index a283c05a2c58..ca88df8842e0 100644 --- a/source/extensions/filters/http/ext_proc/mutation_utils.cc +++ b/source/extensions/filters/http/ext_proc/mutation_utils.cc @@ -106,4 +106,4 @@ bool MutationUtils::isSettableHeader(absl::string_view key) { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/ext_proc/mutation_utils.h b/source/extensions/filters/http/ext_proc/mutation_utils.h index dfa28be167e1..6b8f03c2a29a 100644 --- a/source/extensions/filters/http/ext_proc/mutation_utils.h +++ b/source/extensions/filters/http/ext_proc/mutation_utils.h @@ -40,4 +40,4 @@ class MutationUtils { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc index 5e55b57482c8..e4a89ef2b89d 100644 --- a/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc +++ b/source/extensions/filters/http/grpc_json_transcoder/http_body_utils.cc @@ -117,4 +117,4 @@ void HttpBodyUtils::appendHttpBodyEnvelope( } // namespace GrpcJsonTranscoder } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/http/oauth2/oauth_response.proto b/source/extensions/filters/http/oauth2/oauth_response.proto index ce180fcb7dac..09d305dcbef4 100644 --- a/source/extensions/filters/http/oauth2/oauth_response.proto +++ b/source/extensions/filters/http/oauth2/oauth_response.proto @@ -7,4 +7,4 @@ import "google/protobuf/wrappers.proto"; message OAuthResponse { google.protobuf.StringValue access_token = 1; google.protobuf.UInt64Value expires_in = 2; -} \ No newline at end of file +} diff --git a/source/extensions/filters/network/common/redis/fault.h b/source/extensions/filters/network/common/redis/fault.h index 8ab4886f9357..bd265e404110 100644 --- a/source/extensions/filters/network/common/redis/fault.h +++ b/source/extensions/filters/network/common/redis/fault.h @@ -51,4 +51,4 @@ using FaultManagerSharedPtr = std::shared_ptr; } // namespace Common } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/common/redis/fault_impl.cc b/source/extensions/filters/network/common/redis/fault_impl.cc index ce1174968513..02b4c5aba52e 100644 --- a/source/extensions/filters/network/common/redis/fault_impl.cc +++ b/source/extensions/filters/network/common/redis/fault_impl.cc @@ -145,4 +145,4 @@ const Fault* FaultManagerImpl::getFaultForCommand(const std::string& command) co } // namespace Common } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/common/redis/fault_impl.h b/source/extensions/filters/network/common/redis/fault_impl.h index 3850a8a4b4c9..2774c2798eb2 100644 --- a/source/extensions/filters/network/common/redis/fault_impl.h +++ b/source/extensions/filters/network/common/redis/fault_impl.h @@ -105,4 +105,4 @@ class FaultManagerImpl : public FaultManager { } // namespace Common } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/kafka/protocol/request_parser.j2 b/source/extensions/filters/network/kafka/protocol/request_parser.j2 index db14f9e2a55c..712f0d4294f2 100644 --- a/source/extensions/filters/network/kafka/protocol/request_parser.j2 +++ b/source/extensions/filters/network/kafka/protocol/request_parser.j2 @@ -17,4 +17,4 @@ public: RequestDataParser{ctx} {}; }; -{% endfor %} \ No newline at end of file +{% endfor %} diff --git a/source/extensions/filters/network/kafka/protocol/response_parser.j2 b/source/extensions/filters/network/kafka/protocol/response_parser.j2 index f0bb932c612e..2c388b1906aa 100644 --- a/source/extensions/filters/network/kafka/protocol/response_parser.j2 +++ b/source/extensions/filters/network/kafka/protocol/response_parser.j2 @@ -17,4 +17,4 @@ public: ResponseDataParser{context} {}; }; -{% endfor %} \ No newline at end of file +{% endfor %} diff --git a/source/extensions/filters/network/rocketmq_proxy/active_message.h b/source/extensions/filters/network/rocketmq_proxy/active_message.h index 566907d40dd6..1cb83453755c 100644 --- a/source/extensions/filters/network/rocketmq_proxy/active_message.h +++ b/source/extensions/filters/network/rocketmq_proxy/active_message.h @@ -102,4 +102,4 @@ using ActiveMessagePtr = std::unique_ptr; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/codec.cc b/source/extensions/filters/network/rocketmq_proxy/codec.cc index 99201e04f5c9..eabf762cdf19 100644 --- a/source/extensions/filters/network/rocketmq_proxy/codec.cc +++ b/source/extensions/filters/network/rocketmq_proxy/codec.cc @@ -411,4 +411,4 @@ void Encoder::encode(const RemotingCommandPtr& command, Buffer::Instance& data) } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/codec.h b/source/extensions/filters/network/rocketmq_proxy/codec.h index e22502f48b34..3f307b8500bb 100644 --- a/source/extensions/filters/network/rocketmq_proxy/codec.h +++ b/source/extensions/filters/network/rocketmq_proxy/codec.h @@ -78,4 +78,4 @@ class Encoder { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/config.cc b/source/extensions/filters/network/rocketmq_proxy/config.cc index 02f8da69c41f..f4fdbfbaf65a 100644 --- a/source/extensions/filters/network/rocketmq_proxy/config.cc +++ b/source/extensions/filters/network/rocketmq_proxy/config.cc @@ -62,4 +62,4 @@ Router::RouteConstSharedPtr ConfigImpl::route(const MessageMetadata& metadata) c } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/config.h b/source/extensions/filters/network/rocketmq_proxy/config.h index df5cbe7c9711..5597a27c0801 100644 --- a/source/extensions/filters/network/rocketmq_proxy/config.h +++ b/source/extensions/filters/network/rocketmq_proxy/config.h @@ -69,4 +69,4 @@ class ConfigImpl : public Config, public Router::Config, Logger::Loggable; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/protocol.cc b/source/extensions/filters/network/rocketmq_proxy/protocol.cc index e16481cc453f..d3bb8a48d598 100644 --- a/source/extensions/filters/network/rocketmq_proxy/protocol.cc +++ b/source/extensions/filters/network/rocketmq_proxy/protocol.cc @@ -746,4 +746,4 @@ void MetadataHelper::parseRequest(RemotingCommandPtr& request, MessageMetadataSh } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/protocol.h b/source/extensions/filters/network/rocketmq_proxy/protocol.h index fee961767e0e..151785193546 100644 --- a/source/extensions/filters/network/rocketmq_proxy/protocol.h +++ b/source/extensions/filters/network/rocketmq_proxy/protocol.h @@ -669,4 +669,4 @@ struct AckMessageDirective { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc index e99d6c249ebb..91c66e5887c7 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc +++ b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.cc @@ -70,4 +70,4 @@ RouteConstSharedPtr RouteMatcher::route(const MessageMetadata& metadata) const { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h index 8cd4c533a541..6c98427f5a12 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/route_matcher.h @@ -68,4 +68,4 @@ using RouteMatcherPtr = std::unique_ptr; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router.h b/source/extensions/filters/network/rocketmq_proxy/router/router.h index 6067a7295fc6..7ab07d310a97 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/router.h @@ -82,4 +82,4 @@ using RouterPtr = std::unique_ptr; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc index 531fadc9e0d4..8cfb40a7cdfa 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc +++ b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.cc @@ -215,4 +215,4 @@ void RouterImpl::reset() { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h index b3eca29e1e67..b56960266b28 100644 --- a/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h +++ b/source/extensions/filters/network/rocketmq_proxy/router/router_impl.h @@ -72,4 +72,4 @@ class RouterImpl : public Router, public Logger::Loggable } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/topic_route.cc b/source/extensions/filters/network/rocketmq_proxy/topic_route.cc index 8c445ab1c6f0..17a00e3879e9 100644 --- a/source/extensions/filters/network/rocketmq_proxy/topic_route.cc +++ b/source/extensions/filters/network/rocketmq_proxy/topic_route.cc @@ -73,4 +73,4 @@ void TopicRouteData::encode(ProtobufWkt::Struct& data_struct) { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/topic_route.h b/source/extensions/filters/network/rocketmq_proxy/topic_route.h index f6c1bc9eba19..01958aef9a51 100644 --- a/source/extensions/filters/network/rocketmq_proxy/topic_route.h +++ b/source/extensions/filters/network/rocketmq_proxy/topic_route.h @@ -76,4 +76,4 @@ class TopicRouteData { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/filters/network/rocketmq_proxy/well_known_names.h b/source/extensions/filters/network/rocketmq_proxy/well_known_names.h index 659b387db28b..7a02dda1a50d 100644 --- a/source/extensions/filters/network/rocketmq_proxy/well_known_names.h +++ b/source/extensions/filters/network/rocketmq_proxy/well_known_names.h @@ -26,4 +26,4 @@ using RocketmqConstants = ConstSingleton; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc index 11b1f8ed84e2..38d72824a983 100644 --- a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc +++ b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.cc @@ -64,4 +64,4 @@ REGISTER_FACTORY(PreserveCaseFormatterFactoryConfig, } // namespace HeaderFormatters } // namespace Http } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h index a9fa89df6426..ca78e0a5e260 100644 --- a/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h +++ b/source/extensions/http/header_formatters/preserve_case/preserve_case_formatter.h @@ -24,4 +24,4 @@ class PreserveCaseHeaderFormatter : public Envoy::Http::StatefulHeaderKeyFormatt } // namespace HeaderFormatters } // namespace Http } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/io_socket/user_space/config.h b/source/extensions/io_socket/user_space/config.h index c83a0e4bddb8..7bf078e43c19 100644 --- a/source/extensions/io_socket/user_space/config.h +++ b/source/extensions/io_socket/user_space/config.h @@ -11,4 +11,4 @@ namespace UserSpace { } } // namespace IoSocket } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/io_socket/user_space/file_event_impl.cc b/source/extensions/io_socket/user_space/file_event_impl.cc index 877726545453..6f116d809bcb 100644 --- a/source/extensions/io_socket/user_space/file_event_impl.cc +++ b/source/extensions/io_socket/user_space/file_event_impl.cc @@ -75,4 +75,4 @@ void FileEventImpl::activateIfEnabled(uint32_t events) { } // namespace UserSpace } // namespace IoSocket } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/io_socket/user_space/io_handle_impl.cc b/source/extensions/io_socket/user_space/io_handle_impl.cc index d4f30e6566ee..4c487cf5fa9e 100644 --- a/source/extensions/io_socket/user_space/io_handle_impl.cc +++ b/source/extensions/io_socket/user_space/io_handle_impl.cc @@ -353,4 +353,4 @@ Api::SysCallIntResult IoHandleImpl::shutdown(int how) { } // namespace UserSpace } // namespace IoSocket } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/io_socket/user_space/io_handle_impl.h b/source/extensions/io_socket/user_space/io_handle_impl.h index 6a95b3887509..d0ceab1d5cf8 100644 --- a/source/extensions/io_socket/user_space/io_handle_impl.h +++ b/source/extensions/io_socket/user_space/io_handle_impl.h @@ -187,4 +187,4 @@ class IoHandleFactory { } // namespace UserSpace } // namespace IoSocket } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/matching/input_matchers/consistent_hashing/config.cc b/source/extensions/matching/input_matchers/consistent_hashing/config.cc index 4f0580442f49..6b9e2e7f7aca 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/config.cc +++ b/source/extensions/matching/input_matchers/consistent_hashing/config.cc @@ -32,4 +32,4 @@ REGISTER_FACTORY(ConsistentHashingConfig, Envoy::Matcher::InputMatcherFactory); } // namespace InputMatchers } // namespace Matching } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/matching/input_matchers/consistent_hashing/config.h b/source/extensions/matching/input_matchers/consistent_hashing/config.h index 29a1eba73916..ec0f66649190 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/config.h +++ b/source/extensions/matching/input_matchers/consistent_hashing/config.h @@ -32,4 +32,4 @@ class ConsistentHashingConfig : public Envoy::Matcher::InputMatcherFactory { } // namespace InputMatchers } // namespace Matching } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/matching/input_matchers/consistent_hashing/matcher.h b/source/extensions/matching/input_matchers/consistent_hashing/matcher.h index 32b430b7038f..d55e795f3b65 100644 --- a/source/extensions/matching/input_matchers/consistent_hashing/matcher.h +++ b/source/extensions/matching/input_matchers/consistent_hashing/matcher.h @@ -33,4 +33,4 @@ class Matcher : public Envoy::Matcher::InputMatcher { } // namespace InputMatchers } // namespace Matching } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc index ff428b1e832e..3302d3de9214 100644 --- a/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc +++ b/source/extensions/transport_sockets/proxy_protocol/proxy_protocol.cc @@ -126,4 +126,4 @@ bool UpstreamProxyProtocolSocketFactory::implementsSecureTransport() const { } // namespace ProxyProtocol } // namespace TransportSockets } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/transport_sockets/tls/io_handle_bio.cc b/source/extensions/transport_sockets/tls/io_handle_bio.cc index 48d8b7c8cdd7..e4867e95c623 100644 --- a/source/extensions/transport_sockets/tls/io_handle_bio.cc +++ b/source/extensions/transport_sockets/tls/io_handle_bio.cc @@ -140,4 +140,4 @@ BIO* BIO_new_io_handle(Envoy::Network::IoHandle* io_handle) { } // namespace Tls } // namespace TransportSockets } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/extensions/transport_sockets/tls/io_handle_bio.h b/source/extensions/transport_sockets/tls/io_handle_bio.h index 0b99b91cf93b..03c1c9636566 100644 --- a/source/extensions/transport_sockets/tls/io_handle_bio.h +++ b/source/extensions/transport_sockets/tls/io_handle_bio.h @@ -19,4 +19,4 @@ BIO* BIO_new_io_handle(Envoy::Network::IoHandle* io_handle); } // namespace Tls } // namespace TransportSockets } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/server/active_tcp_listener.cc b/source/server/active_tcp_listener.cc index e5af541135eb..c522aa0e0110 100644 --- a/source/server/active_tcp_listener.cc +++ b/source/server/active_tcp_listener.cc @@ -432,4 +432,4 @@ ActiveTcpConnection::~ActiveTcpConnection() { } } // namespace Server -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/source/server/active_tcp_listener.h b/source/server/active_tcp_listener.h index ebac7edbc6ac..fd4a17160aab 100644 --- a/source/server/active_tcp_listener.h +++ b/source/server/active_tcp_listener.h @@ -256,4 +256,4 @@ struct ActiveTcpSocket : public Network::ListenerFilterManager, using ActiveTcpListenerOptRef = absl::optional>; } // namespace Server -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/config/ttl_test.cc b/test/common/config/ttl_test.cc index 094c800ccba3..14e6edd6023a 100644 --- a/test/common/config/ttl_test.cc +++ b/test/common/config/ttl_test.cc @@ -81,4 +81,4 @@ TEST_F(TtlManagerTest, ScopedUpdate) { } } // namespace } // namespace Config -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/crypto/verify_signature_fuzz.proto b/test/common/crypto/verify_signature_fuzz.proto index 3d22351e9834..1c0f345bc25e 100644 --- a/test/common/crypto/verify_signature_fuzz.proto +++ b/test/common/crypto/verify_signature_fuzz.proto @@ -7,4 +7,4 @@ message VerifySignatureFuzzTestCase { string hash_func = 2; string signature = 3; string data = 4; -} \ No newline at end of file +} diff --git a/test/common/http/http2/hpack_fuzz.proto b/test/common/http/http2/hpack_fuzz.proto index 1e91c39ea596..1cfcb957d9f9 100644 --- a/test/common/http/http2/hpack_fuzz.proto +++ b/test/common/http/http2/hpack_fuzz.proto @@ -11,4 +11,4 @@ import "validate/validate.proto"; message HpackTestCase { test.fuzz.Headers headers = 1 [(validate.rules).message.required = true]; bool end_headers = 2; -} \ No newline at end of file +} diff --git a/test/common/http/match_wrapper/config_test.cc b/test/common/http/match_wrapper/config_test.cc index d29207ff3c6e..4abe0e9f96b4 100644 --- a/test/common/http/match_wrapper/config_test.cc +++ b/test/common/http/match_wrapper/config_test.cc @@ -88,4 +88,4 @@ TEST(MatchWrapper, WithMatcher) { } // namespace MatchWrapper } // namespace Http } // namespace Common -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/http/matching/inputs_test.cc b/test/common/http/matching/inputs_test.cc index 055ba1acbb48..e7697d2e83bc 100644 --- a/test/common/http/matching/inputs_test.cc +++ b/test/common/http/matching/inputs_test.cc @@ -22,4 +22,4 @@ TEST(HttpHeadersDataInputBase, Idempotence) { } } // namespace Matching } // namespace Http -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/exact_map_matcher_test.cc b/test/common/matcher/exact_map_matcher_test.cc index ff7667bcea1b..0d7745a4cb95 100644 --- a/test/common/matcher/exact_map_matcher_test.cc +++ b/test/common/matcher/exact_map_matcher_test.cc @@ -121,4 +121,4 @@ TEST_F(ExactMapMatcherTest, MoreDataMightBeAvailableMatch) { verifyImmediateMatch(result, "match"); } } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/field_matcher_test.cc b/test/common/matcher/field_matcher_test.cc index fac491b355ae..f75e895f4db5 100644 --- a/test/common/matcher/field_matcher_test.cc +++ b/test/common/matcher/field_matcher_test.cc @@ -107,4 +107,4 @@ TEST_F(FieldMatcherTest, AllMatcher) { } } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/list_matcher_test.cc b/test/common/matcher/list_matcher_test.cc index ed8858bb08d0..f9f4f3a89f6b 100644 --- a/test/common/matcher/list_matcher_test.cc +++ b/test/common/matcher/list_matcher_test.cc @@ -33,4 +33,4 @@ TEST(ListMatcherTest, MissingData) { } } // namespace } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/matcher_test.cc b/test/common/matcher/matcher_test.cc index aa08a54812de..d9ccf93ada19 100644 --- a/test/common/matcher/matcher_test.cc +++ b/test/common/matcher/matcher_test.cc @@ -303,4 +303,4 @@ TEST_F(MatcherTest, RecursiveMatcherCannotMatch) { EXPECT_EQ(recursive_result.result_, nullptr); } } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/test_utility.h b/test/common/matcher/test_utility.h index e919ce7ed0f2..9aa0acec2482 100644 --- a/test/common/matcher/test_utility.h +++ b/test/common/matcher/test_utility.h @@ -144,4 +144,4 @@ template OnMatch stringOnMatch(absl::string_view value) { } } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/matcher/value_input_matcher_test.cc b/test/common/matcher/value_input_matcher_test.cc index 0852f9f8708b..ebad39332489 100644 --- a/test/common/matcher/value_input_matcher_test.cc +++ b/test/common/matcher/value_input_matcher_test.cc @@ -17,4 +17,4 @@ TEST(ValueInputMatcher, TestMatch) { } } // namespace Matcher -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/protobuf/type_util_test.cc b/test/common/protobuf/type_util_test.cc index d78395163637..2732d8221fdb 100644 --- a/test/common/protobuf/type_util_test.cc +++ b/test/common/protobuf/type_util_test.cc @@ -15,4 +15,4 @@ TEST(TypeUtilTest, TypeUrlHelperFunction) { } } // namespace } // namespace Config -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/runtime/test_data/root/envoy/file13 b/test/common/runtime/test_data/root/envoy/file13 index 8180953eec62..4b77b1001edb 100644 --- a/test/common/runtime/test_data/root/envoy/file13 +++ b/test/common/runtime/test_data/root/envoy/file13 @@ -1,2 +1 @@ - true - + true diff --git a/test/common/runtime/test_data/root/envoy/file3 b/test/common/runtime/test_data/root/envoy/file3 index d8263ee98605..0cfbf08886fc 100644 --- a/test/common/runtime/test_data/root/envoy/file3 +++ b/test/common/runtime/test_data/root/envoy/file3 @@ -1 +1 @@ -2 \ No newline at end of file +2 diff --git a/test/common/tcp_proxy/config_test.cc b/test/common/tcp_proxy/config_test.cc index 7365a5749668..98f29fdbfb86 100644 --- a/test/common/tcp_proxy/config_test.cc +++ b/test/common/tcp_proxy/config_test.cc @@ -1053,4 +1053,4 @@ TEST_F(TcpProxyHashingTest, HashWithSourceIp) { } // namespace } // namespace TcpProxy -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/common/watchdog/abort_action_config_test.cc b/test/common/watchdog/abort_action_config_test.cc index 6c3f729fe1a4..9bec9ec8133a 100644 --- a/test/common/watchdog/abort_action_config_test.cc +++ b/test/common/watchdog/abort_action_config_test.cc @@ -28,11 +28,11 @@ TEST(AbortActionFactoryTest, CanCreateAction) { "config": { "name": "envoy.watchdog.abort_action", "typed_config": { - "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", - "type_url": "type.googleapis.com/envoy.watchdog.abort_action.v3alpha.AbortActionConfig", - "value": { - "wait_duration": "2s", - } + "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", + "type_url": "type.googleapis.com/envoy.watchdog.abort_action.v3alpha.AbortActionConfig", + "value": { + "wait_duration": "2s", + } } }, } diff --git a/test/config/integration/certs/upstreamcert.cfg b/test/config/integration/certs/upstreamcert.cfg index 4e2e760a861c..8d10db12dbdd 100644 --- a/test/config/integration/certs/upstreamcert.cfg +++ b/test/config/integration/certs/upstreamcert.cfg @@ -35,4 +35,4 @@ authorityKeyIdentifier = keyid:always [alt_names] DNS.1 = *.lyft.com IP.1 = 127.0.0.1 -IP.2 = ::1 \ No newline at end of file +IP.2 = ::1 diff --git a/test/config_test/config_test.cc b/test/config_test/config_test.cc index 4600d97935a0..f0c722229875 100644 --- a/test/config_test/config_test.cc +++ b/test/config_test/config_test.cc @@ -174,7 +174,7 @@ void testMerge() { } } }, - static_resources: { + static_resources: { clusters: [ { name: 'foo' diff --git a/test/exe/envoy_static_test.sh b/test/exe/envoy_static_test.sh index c18849e8d948..b2a60aa98e67 100755 --- a/test/exe/envoy_static_test.sh +++ b/test/exe/envoy_static_test.sh @@ -3,24 +3,24 @@ ENVOY_BIN=${TEST_SRCDIR}/envoy/source/exe/envoy-static if [[ $(uname) == "Darwin" ]]; then - echo "macOS doesn't support statically linked binaries, skipping." - exit 0 + echo "macOS doesn't support statically linked binaries, skipping." + exit 0 fi # We can't rely on the exit code alone, since ldd fails for statically linked binaries. DYNLIBS=$(ldd "${ENVOY_BIN}" 2>&1) || { if [[ ! "${DYNLIBS}" =~ 'not a dynamic executable' ]]; then - echo "${DYNLIBS}" - exit 1 + echo "${DYNLIBS}" + exit 1 fi } if [[ "${DYNLIBS}" =~ libc\+\+ ]]; then - echo "libc++ is dynamically linked:" - echo "${DYNLIBS}" - exit 1 + echo "libc++ is dynamically linked:" + echo "${DYNLIBS}" + exit 1 elif [[ "${DYNLIBS}" =~ libstdc\+\+ || "${DYNLIBS}" =~ libgcc ]]; then - echo "libstdc++ and/or libgcc are dynamically linked:" - echo "${DYNLIBS}" - exit 1 + echo "libstdc++ and/or libgcc are dynamically linked:" + echo "${DYNLIBS}" + exit 1 fi diff --git a/test/exe/win32_outofproc_main_test.cc b/test/exe/win32_outofproc_main_test.cc index 529d77fa758b..c154fa7a86e0 100644 --- a/test/exe/win32_outofproc_main_test.cc +++ b/test/exe/win32_outofproc_main_test.cc @@ -89,4 +89,4 @@ TEST_P(MainCommonTest, EnvoyHandlesCtrlBreakEvent) { } #endif -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/bootstrap/wasm/wasm_integration_test.cc b/test/extensions/bootstrap/wasm/wasm_integration_test.cc index eb481ac53f01..197a45c24ca3 100644 --- a/test/extensions/bootstrap/wasm/wasm_integration_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_integration_test.cc @@ -49,7 +49,7 @@ name: envoy.filters.http.wasm value: "" vm_config: vm_id: "my_vm_id" - environment_variables: + environment_variables: host_env_keys: ["NON_EXIST"] key_values: KEY: VALUE diff --git a/test/extensions/common/wasm/test_data/test_restriction_cpp.cc b/test/extensions/common/wasm/test_data/test_restriction_cpp.cc index 29037b9a9eb5..75f425ca1e71 100644 --- a/test/extensions/common/wasm/test_data/test_restriction_cpp.cc +++ b/test/extensions/common/wasm/test_data/test_restriction_cpp.cc @@ -30,4 +30,4 @@ WASM_EXPORT(void, proxy_on_context_create, (uint32_t context_id, uint32_t parent return; } -END_WASM_PLUGIN \ No newline at end of file +END_WASM_PLUGIN diff --git a/test/extensions/filters/common/expr/evaluator_fuzz.proto b/test/extensions/filters/common/expr/evaluator_fuzz.proto index 7b149e73eeb2..6d278f05584e 100644 --- a/test/extensions/filters/common/expr/evaluator_fuzz.proto +++ b/test/extensions/filters/common/expr/evaluator_fuzz.proto @@ -14,4 +14,4 @@ message EvaluatorTestCase { test.fuzz.Headers response_headers = 3; test.fuzz.Headers trailers = 4; test.fuzz.StreamInfo stream_info = 5; -} \ No newline at end of file +} diff --git a/test/extensions/filters/http/cache/common.h b/test/extensions/filters/http/cache/common.h index 34de5f4cb8c1..d5c9c2bdd40e 100644 --- a/test/extensions/filters/http/cache/common.h +++ b/test/extensions/filters/http/cache/common.h @@ -83,4 +83,4 @@ std::ostream& operator<<(std::ostream& os, const AdjustedByteRange& range) { } // namespace Cache } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/compressor/mock_compressor_library.proto b/test/extensions/filters/http/compressor/mock_compressor_library.proto index b6d5ea18d1c0..789f50aa33fe 100644 --- a/test/extensions/filters/http/compressor/mock_compressor_library.proto +++ b/test/extensions/filters/http/compressor/mock_compressor_library.proto @@ -3,4 +3,4 @@ syntax = "proto3"; package test.mock_compressor_library; message Unregistered { -} \ No newline at end of file +} diff --git a/test/extensions/filters/http/ext_proc/config_test.cc b/test/extensions/filters/http/ext_proc/config_test.cc index 34e38c8df433..df07f8b25c78 100644 --- a/test/extensions/filters/http/ext_proc/config_test.cc +++ b/test/extensions/filters/http/ext_proc/config_test.cc @@ -48,4 +48,4 @@ TEST(HttpExtProcConfigTest, CorrectConfig) { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc b/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc index e6899524e602..d5a7b3d89330 100644 --- a/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc +++ b/test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc @@ -715,4 +715,4 @@ TEST_P(ExtProcIntegrationTest, ResponseMessageTimeoutIgnoreError) { verifyDownstreamResponse(*response, 200); } -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/filter_test.cc b/test/extensions/filters/http/ext_proc/filter_test.cc index 2cc1d01179c5..94cf2c2bbabb 100644 --- a/test/extensions/filters/http/ext_proc/filter_test.cc +++ b/test/extensions/filters/http/ext_proc/filter_test.cc @@ -1186,4 +1186,4 @@ TEST_F(HttpFilterTest, OutOfOrder) { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/mock_server.cc b/test/extensions/filters/http/ext_proc/mock_server.cc index 888144e38518..25286be792c3 100644 --- a/test/extensions/filters/http/ext_proc/mock_server.cc +++ b/test/extensions/filters/http/ext_proc/mock_server.cc @@ -14,4 +14,4 @@ MockStream::~MockStream() = default; } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/mock_server.h b/test/extensions/filters/http/ext_proc/mock_server.h index 5c4826546d67..07d0b1aeb259 100644 --- a/test/extensions/filters/http/ext_proc/mock_server.h +++ b/test/extensions/filters/http/ext_proc/mock_server.h @@ -27,4 +27,4 @@ class MockStream : public ExternalProcessorStream { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/mutation_utils_test.cc b/test/extensions/filters/http/ext_proc/mutation_utils_test.cc index c72c82923c7f..6eb0da487c4b 100644 --- a/test/extensions/filters/http/ext_proc/mutation_utils_test.cc +++ b/test/extensions/filters/http/ext_proc/mutation_utils_test.cc @@ -180,4 +180,4 @@ TEST(MutationUtils, TestBodyMutationNothing) { } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/ext_proc/utils.cc b/test/extensions/filters/http/ext_proc/utils.cc index 1bc4464b1de8..c9bb93b4738d 100644 --- a/test/extensions/filters/http/ext_proc/utils.cc +++ b/test/extensions/filters/http/ext_proc/utils.cc @@ -21,4 +21,4 @@ bool ExtProcTestUtility::headerProtosEqualIgnoreOrder( } // namespace ExternalProcessing } // namespace HttpFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/http/lua/lua_integration_test.cc b/test/extensions/filters/http/lua/lua_integration_test.cc index c203579a05d4..8fd011467390 100644 --- a/test/extensions/filters/http/lua/lua_integration_test.cc +++ b/test/extensions/filters/http/lua/lua_integration_test.cc @@ -287,9 +287,9 @@ name: lua end request_handle:headers():add("request_protocol", request_handle:streamInfo():protocol()) request_handle:headers():add("request_dynamic_metadata_value", dynamic_metadata_value) - request_handle:headers():add("request_downstream_local_address_value", + request_handle:headers():add("request_downstream_local_address_value", request_handle:streamInfo():downstreamLocalAddress()) - request_handle:headers():add("request_downstream_directremote_address_value", + request_handle:headers():add("request_downstream_directremote_address_value", request_handle:streamInfo():downstreamDirectRemoteAddress()) request_handle:headers():add("request_requested_server_name", request_handle:streamInfo():requestedServerName()) diff --git a/test/extensions/filters/http/oauth2/config_test.cc b/test/extensions/filters/http/oauth2/config_test.cc index f1fb1a3b9521..bbe7860802c3 100644 --- a/test/extensions/filters/http/oauth2/config_test.cc +++ b/test/extensions/filters/http/oauth2/config_test.cc @@ -47,7 +47,7 @@ void expectInvalidSecretConfig(const std::string& failed_secret_name, signout_path: path: exact: /signout - auth_scopes: + auth_scopes: - user - openid - email @@ -95,7 +95,7 @@ TEST(ConfigTest, CreateFilter) { signout_path: path: exact: /signout - auth_scopes: + auth_scopes: - user - openid - email diff --git a/test/extensions/filters/http/oauth2/oauth_integration_test.cc b/test/extensions/filters/http/oauth2/oauth_integration_test.cc index 72424649234a..95ce47c1b9bb 100644 --- a/test/extensions/filters/http/oauth2/oauth_integration_test.cc +++ b/test/extensions/filters/http/oauth2/oauth_integration_test.cc @@ -46,10 +46,10 @@ name: oauth timeout: 3s authorization_endpoint: https://oauth.com/oauth/authorize/ redirect_uri: "%REQ(:x-forwarded-proto)%://%REQ(:authority)%/callback" - redirect_path_matcher: + redirect_path_matcher: path: exact: /callback - signout_path: + signout_path: path: exact: /signout credentials: diff --git a/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc b/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc index 02d5635bb072..454932b9f556 100644 --- a/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc +++ b/test/extensions/filters/http/wasm/test_data/test_shared_queue_cpp.cc @@ -28,7 +28,7 @@ class SharedQueueContext : public Context { FilterHeadersStatus onRequestHeaders(uint32_t, bool) override; -private: +private: SharedQueueRootContext* root() { return static_cast(Context::root()); } }; diff --git a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.proto b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.proto index 0f7bf2e5369e..11c0fa54250b 100644 --- a/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.proto +++ b/test/extensions/filters/listener/common/fuzz/listener_filter_fuzzer.proto @@ -10,4 +10,4 @@ message Socket { message FilterFuzzTestCase { Socket sock = 1; repeated bytes data = 2; -} \ No newline at end of file +} diff --git a/test/extensions/filters/listener/original_src/original_src_fuzz_test.proto b/test/extensions/filters/listener/original_src/original_src_fuzz_test.proto index 00f0806a6a62..03e21c7a492d 100644 --- a/test/extensions/filters/listener/original_src/original_src_fuzz_test.proto +++ b/test/extensions/filters/listener/original_src/original_src_fuzz_test.proto @@ -11,4 +11,4 @@ message OriginalSrcTestCase { [(validate.rules).message.required = true]; test.extensions.filters.listener.FilterFuzzTestCase fuzzed = 2 [(validate.rules).message.required = true]; -} \ No newline at end of file +} diff --git a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.proto b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.proto index 1a37065fc1fe..bab715e0e34f 100644 --- a/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.proto +++ b/test/extensions/filters/listener/proxy_protocol/proxy_protocol_fuzz_test.proto @@ -11,4 +11,4 @@ message ProxyProtocolTestCase { [(validate.rules).message.required = true]; test.extensions.filters.listener.FilterFuzzTestCase fuzzed = 2 [(validate.rules).message.required = true]; -} \ No newline at end of file +} diff --git a/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.proto b/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.proto index ca37bbc9ed41..a48b71bd77b6 100644 --- a/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.proto +++ b/test/extensions/filters/listener/tls_inspector/tls_inspector_fuzz_test.proto @@ -9,4 +9,4 @@ message TlsInspectorTestCase { uint32 max_size = 1 [(validate.rules).uint32.lte = 65536]; test.extensions.filters.listener.FilterFuzzTestCase fuzzed = 2 [(validate.rules).message.required = true]; -} \ No newline at end of file +} diff --git a/test/extensions/filters/network/client_ssl_auth/test_data/vpn_response_1.json b/test/extensions/filters/network/client_ssl_auth/test_data/vpn_response_1.json index 10e02d39c909..c52edc799012 100644 --- a/test/extensions/filters/network/client_ssl_auth/test_data/vpn_response_1.json +++ b/test/extensions/filters/network/client_ssl_auth/test_data/vpn_response_1.json @@ -1,15 +1,15 @@ { "certificates": [ { - "device": "chrome-os", - "email": "vho@lyft.com", - "fingerprint_sha1": "4c5beecd0b516d9ab53029ae646c4628bc7a1980", - "fingerprint_sha256": "1b7d42ef0025ad89c1c911d6c10d7e86a4cb7c5863b2980abcbad1895f8b5314", - "first_name": "Vivian", - "group": null, - "pem_encoded": "-----BEGIN CERTIFICATE-----\nMIIFHDCCBASgAwIBAgIRAKOl7/eNakU3mgSOijyzmv0wDQYJKoZIhvcNAQELBQAw\nggFBMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\nU2FuIEZyYW5jaXNjbzENMAsGA1UECgwETHlmdDFHMEUGA1UECww+REFOR0VSOiBU\nSElTIFBLSSBIQVMgQSBDVVNUT00gVFJVU1QgUFJPVE9DT0wuIFRIRVJFIElTIE5P\nIENSTC4xRjBEBgNVBAsMPURBTkdFUjogUkVMWUlORyBQQVJUSUVTIE1VU1QgTk9U\nIFRSVVNUIENFUlQgVkFMSURBVElPTiBBTE9ORS4xPjA8BgNVBAMMNUx5ZnQgVlBO\nIEludGVybmFsIENlcnRpZmljYXRlIEF1dGhvcml0eSAoREVWRUxPUE1FTlQpMSUw\nIwYJKoZIhvcNAQkBFhZzZWN1cml0eS10ZWFtQGx5ZnQuY29tMB4XDTE2MDQwNDE3\nNDUwMloXDTE3MDQwNTE3NDUwMlowggEUMRUwEwYDVQQDDAx2aG9AbHlmdC5jb20x\nGzAZBgkqhkiG9w0BCQEWDHZob0BseWZ0LmNvbTELMAkGA1UEBAwCSG8xDzANBgNV\nBCoMBlZpdmlhbjENMAsGA1UECgwETHlmdDELMAkGA1UEBhMCVVMxEzARBgNVBAgM\nCkNhbGlmb3JuaWExRzBFBgNVBAsMPkRBTkdFUjogVEhJUyBQS0kgSEFTIEEgQ1VT\nVE9NIFRSVVNUIFBST1RPQ09MLiBUSEVSRSBJUyBOTyBDUkwuMUYwRAYDVQQLDD1E\nQU5HRVI6IFJFTFlJTkcgUEFSVElFUyBNVVNUIE5PVCBUUlVTVCBDRVJUIFZBTElE\nQVRJT04gQUxPTkUuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSDo\nncWmuzSzSSqQLHOkY0DmThagTzep/KTduHVQyePLMLtNRDDak+/aQaCbXTlQSrYo\n4IOsC3fwGp1ds70l7odFYry9r0yTt8P7sTRnXD59mxLs6XTmzdwqr42R6K5LpHJQ\nfTBFocHJ9Gzk/Ejn11BtzvQe6iX+X3ZPf5IF36sJIdktaHCWFG6Sts2IE5UWBX7K\nOUzAKJ/PlVkiMa4d0nhEBBE2qmZpHBl3g2HGBFHlGoPhmlHqzBeB2IWzn18FN3sL\nYJs3+Ucmr31ZSo6F3r5PzPzOiUxDTXPLDG1DruMEK6Tq5VSGVWkKB/lnObi6REYA\n8YFJYEJuZUoOZNjxywIDAQABozgwNjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE\nAwIFoDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEA\nOrD/CxKdqN+fCI3mQGVTFz9xgKqx+ka30nMlxBYx0ACD189MmXW1EdjCW6RUIcvP\nxDnt+zV10XnqlzMMh6VIlPp/y9m4758TxkDk4Z8Mni3eCHh4NPYo0V54rxYZL9hJ\nsX8P32Cu6bKcOXb4WIuXcXuKrt/6PVKFACbaYdTYrlvalJz4m0O426o5jcPx8FtI\naqDTXO42ZUwU04C5c1rWh6kh3oqTPVMXPsAKUklwvVQC4jS/QTfAaZE2hdAFIw9l\nu0uMferJP4zHP9gzCmHcv4+ZBzJ0wKz2IVeR45Iyq1QvrMN4pz/bZhQO91VMwHHC\nSPB1iqKP4Ly3rOpmRXWgTg==\n-----END CERTIFICATE-----\n", - "status": "approved", + "device": "chrome-os", + "email": "vho@lyft.com", + "fingerprint_sha1": "4c5beecd0b516d9ab53029ae646c4628bc7a1980", + "fingerprint_sha256": "1b7d42ef0025ad89c1c911d6c10d7e86a4cb7c5863b2980abcbad1895f8b5314", + "first_name": "Vivian", + "group": null, + "pem_encoded": "-----BEGIN CERTIFICATE-----\nMIIFHDCCBASgAwIBAgIRAKOl7/eNakU3mgSOijyzmv0wDQYJKoZIhvcNAQELBQAw\nggFBMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\nU2FuIEZyYW5jaXNjbzENMAsGA1UECgwETHlmdDFHMEUGA1UECww+REFOR0VSOiBU\nSElTIFBLSSBIQVMgQSBDVVNUT00gVFJVU1QgUFJPVE9DT0wuIFRIRVJFIElTIE5P\nIENSTC4xRjBEBgNVBAsMPURBTkdFUjogUkVMWUlORyBQQVJUSUVTIE1VU1QgTk9U\nIFRSVVNUIENFUlQgVkFMSURBVElPTiBBTE9ORS4xPjA8BgNVBAMMNUx5ZnQgVlBO\nIEludGVybmFsIENlcnRpZmljYXRlIEF1dGhvcml0eSAoREVWRUxPUE1FTlQpMSUw\nIwYJKoZIhvcNAQkBFhZzZWN1cml0eS10ZWFtQGx5ZnQuY29tMB4XDTE2MDQwNDE3\nNDUwMloXDTE3MDQwNTE3NDUwMlowggEUMRUwEwYDVQQDDAx2aG9AbHlmdC5jb20x\nGzAZBgkqhkiG9w0BCQEWDHZob0BseWZ0LmNvbTELMAkGA1UEBAwCSG8xDzANBgNV\nBCoMBlZpdmlhbjENMAsGA1UECgwETHlmdDELMAkGA1UEBhMCVVMxEzARBgNVBAgM\nCkNhbGlmb3JuaWExRzBFBgNVBAsMPkRBTkdFUjogVEhJUyBQS0kgSEFTIEEgQ1VT\nVE9NIFRSVVNUIFBST1RPQ09MLiBUSEVSRSBJUyBOTyBDUkwuMUYwRAYDVQQLDD1E\nQU5HRVI6IFJFTFlJTkcgUEFSVElFUyBNVVNUIE5PVCBUUlVTVCBDRVJUIFZBTElE\nQVRJT04gQUxPTkUuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSDo\nncWmuzSzSSqQLHOkY0DmThagTzep/KTduHVQyePLMLtNRDDak+/aQaCbXTlQSrYo\n4IOsC3fwGp1ds70l7odFYry9r0yTt8P7sTRnXD59mxLs6XTmzdwqr42R6K5LpHJQ\nfTBFocHJ9Gzk/Ejn11BtzvQe6iX+X3ZPf5IF36sJIdktaHCWFG6Sts2IE5UWBX7K\nOUzAKJ/PlVkiMa4d0nhEBBE2qmZpHBl3g2HGBFHlGoPhmlHqzBeB2IWzn18FN3sL\nYJs3+Ucmr31ZSo6F3r5PzPzOiUxDTXPLDG1DruMEK6Tq5VSGVWkKB/lnObi6REYA\n8YFJYEJuZUoOZNjxywIDAQABozgwNjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE\nAwIFoDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEA\nOrD/CxKdqN+fCI3mQGVTFz9xgKqx+ka30nMlxBYx0ACD189MmXW1EdjCW6RUIcvP\nxDnt+zV10XnqlzMMh6VIlPp/y9m4758TxkDk4Z8Mni3eCHh4NPYo0V54rxYZL9hJ\nsX8P32Cu6bKcOXb4WIuXcXuKrt/6PVKFACbaYdTYrlvalJz4m0O426o5jcPx8FtI\naqDTXO42ZUwU04C5c1rWh6kh3oqTPVMXPsAKUklwvVQC4jS/QTfAaZE2hdAFIw9l\nu0uMferJP4zHP9gzCmHcv4+ZBzJ0wKz2IVeR45Iyq1QvrMN4pz/bZhQO91VMwHHC\nSPB1iqKP4Ly3rOpmRXWgTg==\n-----END CERTIFICATE-----\n", + "status": "approved", "surname": "Ho" } ] -} \ No newline at end of file +} diff --git a/test/extensions/filters/network/common/fuzz/README.md b/test/extensions/filters/network/common/fuzz/README.md index d35fb5d92dbc..a1d90068ba8e 100644 --- a/test/extensions/filters/network/common/fuzz/README.md +++ b/test/extensions/filters/network/common/fuzz/README.md @@ -1,2 +1,2 @@ Network filters need to be fuzzed. Filters come in two flavors, each with their own fuzzer. Read filters should be added into the [Generic ReadFilter Fuzzer](https://github.com/envoyproxy/envoy/blob/main/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.cc). Write Filters should added into the [Generic WriteFilter Fuzzer](https://github.com/envoyproxy/envoy/blob/main/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc). Some filters are both raed and write filters: They should be added into both fuzzers. -To add a new filter into generic network level filter fuzzers, see the [doc](https://github.com/envoyproxy/envoy/blob/main/source/docs/network_filter_fuzzing.md). \ No newline at end of file +To add a new filter into generic network level filter fuzzers, see the [doc](https://github.com/envoyproxy/envoy/blob/main/source/docs/network_filter_fuzzing.md). diff --git a/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.dict b/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.dict index 41d6703efd99..3c4fc6cf10e5 100644 --- a/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.dict +++ b/test/extensions/filters/network/common/fuzz/network_readfilter_fuzz_test.dict @@ -1,3 +1,3 @@ -# The names of supported thrift_filters in ThriftProxy +# The names of supported thrift_filters in ThriftProxy "envoy.filters.thrift.router" "envoy.filters.thrift.rate_limit" diff --git a/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc b/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc index 702cb4078db4..c2f203091707 100644 --- a/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc +++ b/test/extensions/filters/network/common/fuzz/network_writefilter_fuzz_test.cc @@ -55,4 +55,4 @@ DEFINE_PROTO_FUZZER(const test::extensions::filters::network::FilterFuzzTestCase } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc b/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc index 37982575ecca..de8a274608a8 100644 --- a/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc +++ b/test/extensions/filters/network/ext_authz/ext_authz_fuzz_test.cc @@ -117,4 +117,4 @@ DEFINE_PROTO_FUZZER(const envoy::extensions::filters::network::ext_authz::ExtAut } // namespace ExtAuthz } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/http_connection_manager/config.proto b/test/extensions/filters/network/http_connection_manager/config.proto index 7b75b77076f4..c04622285dec 100644 --- a/test/extensions/filters/network/http_connection_manager/config.proto +++ b/test/extensions/filters/network/http_connection_manager/config.proto @@ -7,4 +7,4 @@ message CustomRequestIDExtension { } message UnknownRequestIDExtension { -} \ No newline at end of file +} diff --git a/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc b/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc index 02edcf002741..b2b1c8d68cf5 100644 --- a/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc +++ b/test/extensions/filters/network/mysql_proxy/mysql_auth_switch_resp_test.cc @@ -32,4 +32,4 @@ TEST(MySQLAuthSwithRespTest, AuthSwithRespErrLengthResp) { } // namespace MySQLProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc b/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc index 1eefaf5d368d..965f0c849f7e 100644 --- a/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc +++ b/test/extensions/filters/network/redis_proxy/redis_proxy_integration_test.cc @@ -81,8 +81,8 @@ const std::string CONFIG_WITH_REDIRECTION = CONFIG + R"EOF( // This is a configuration with batching enabled. const std::string CONFIG_WITH_BATCHING = CONFIG + R"EOF( - max_buffer_size_before_flush: 1024 - buffer_flush_timeout: 0.003s + max_buffer_size_before_flush: 1024 + buffer_flush_timeout: 0.003s )EOF"; const std::string CONFIG_WITH_ROUTES_BASE = fmt::format(R"EOF( diff --git a/test/extensions/filters/network/rocketmq_proxy/mocks.cc b/test/extensions/filters/network/rocketmq_proxy/mocks.cc index d346364491d7..80d4fe73291c 100644 --- a/test/extensions/filters/network/rocketmq_proxy/mocks.cc +++ b/test/extensions/filters/network/rocketmq_proxy/mocks.cc @@ -54,4 +54,4 @@ MockRoute::~MockRoute() = default; } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc b/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc index ac2aa63a0d81..d22099f24fc6 100644 --- a/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/protocol_test.cc @@ -924,4 +924,4 @@ TEST_F(RemotingCommandTest, Remark) { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/rocketmq_proxy/router_test.cc b/test/extensions/filters/network/rocketmq_proxy/router_test.cc index a5665d5a8580..4041fb54fe2a 100644 --- a/test/extensions/filters/network/rocketmq_proxy/router_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/router_test.cc @@ -469,4 +469,4 @@ TEST_F(RocketmqRouterTest, StartRequestWithExistingConnection) { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc b/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc index f6e2f82c985f..5cc9af4b845b 100644 --- a/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc +++ b/test/extensions/filters/network/rocketmq_proxy/topic_route_test.cc @@ -70,4 +70,4 @@ TEST(TopicRouteDataTest, Serialization) { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/rocketmq_proxy/utility.cc b/test/extensions/filters/network/rocketmq_proxy/utility.cc index a44f0cd0acb3..16d89d148c0a 100644 --- a/test/extensions/filters/network/rocketmq_proxy/utility.cc +++ b/test/extensions/filters/network/rocketmq_proxy/utility.cc @@ -237,4 +237,4 @@ void BufferUtility::fillResponseBuffer(Buffer::OwnedImpl& buffer, RequestCode re } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/filters/network/rocketmq_proxy/utility.h b/test/extensions/filters/network/rocketmq_proxy/utility.h index ad3809fd07cc..df702e09aadc 100644 --- a/test/extensions/filters/network/rocketmq_proxy/utility.h +++ b/test/extensions/filters/network/rocketmq_proxy/utility.h @@ -28,4 +28,4 @@ class BufferUtility { } // namespace RocketmqProxy } // namespace NetworkFilters } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc index 4eb7b077795e..8e285da69488 100644 --- a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc +++ b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_integration_test.cc @@ -104,4 +104,4 @@ TEST_P(PreserveCaseIntegrationTest, EndToEnd) { } } // namespace -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_test.cc b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_test.cc index 997feb43ecb8..ca7ba4c5a894 100644 --- a/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_test.cc +++ b/test/extensions/http/header_formatters/preserve_case/preserve_case_formatter_test.cc @@ -26,4 +26,4 @@ TEST(PreserveCaseFormatterTest, All) { } // namespace HeaderFormatters } // namespace Http } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/io_socket/user_space/file_event_impl_test.cc b/test/extensions/io_socket/user_space/file_event_impl_test.cc index fdcee0ed5f68..5d136b2bb026 100644 --- a/test/extensions/io_socket/user_space/file_event_impl_test.cc +++ b/test/extensions/io_socket/user_space/file_event_impl_test.cc @@ -427,4 +427,4 @@ TEST_F(FileEventImplTest, NotImplementedEmulatedEdge) { } // namespace UserSpace } // namespace IoSocket } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc b/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc index 10e80cd05312..21722bed990f 100644 --- a/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc +++ b/test/extensions/matching/input_matchers/consistent_hashing/config_test.cc @@ -55,4 +55,4 @@ TEST(ConfigTest, InvalidConfig) { } // namespace InputMatchers } // namespace Matching } // namespace Extensions -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/extensions/transport_sockets/tls/ocsp/test_data/good_ocsp_resp_details.txt b/test/extensions/transport_sockets/tls/ocsp/test_data/good_ocsp_resp_details.txt index 312a01481fd5..ecf8355ace5b 100644 --- a/test/extensions/transport_sockets/tls/ocsp/test_data/good_ocsp_resp_details.txt +++ b/test/extensions/transport_sockets/tls/ocsp/test_data/good_ocsp_resp_details.txt @@ -15,7 +15,7 @@ OCSP Response Data: Next Update: Oct 22 02:57:52 2022 GMT Response Extensions: - OCSP Nonce: + OCSP Nonce: 04109C5C7305A9C99B599CAD3612F1A32885 Signature Algorithm: sha256WithRSAEncryption b6:2f:7e:dd:b5:eb:5b:e6:e6:1f:d4:fb:7f:59:35:de:b2:31: @@ -68,9 +68,9 @@ Certificate: ea:95 Exponent: 65537 (0x10001) X509v3 extensions: - X509v3 Subject Key Identifier: + X509v3 Subject Key Identifier: 18:78:43:E4:9E:A4:51:E6:6B:46:3A:47:5A:2D:7A:59:6E:78:84:16 - X509v3 Authority Key Identifier: + X509v3 Authority Key Identifier: keyid:18:78:43:E4:9E:A4:51:E6:6B:46:3A:47:5A:2D:7A:59:6E:78:84:16 X509v3 Basic Constraints: critical diff --git a/test/extensions/transport_sockets/tls/test_data/certs.sh b/test/extensions/transport_sockets/tls/test_data/certs.sh index ced51ce56933..4afb702255f7 100755 --- a/test/extensions/transport_sockets/tls/test_data/certs.sh +++ b/test/extensions/transport_sockets/tls/test_data/certs.sh @@ -19,14 +19,14 @@ cleanup() { generate_ca() { local extra_args=() if [[ -n "$2" ]]; then - extra_args=(-CA "${2}_cert.pem" -CAkey "${2}_key.pem" -CAcreateserial); + extra_args=(-CA "${2}_cert.pem" -CAkey "${2}_key.pem" -CAcreateserial); else - extra_args=(-signkey "${1}_key.pem"); + extra_args=(-signkey "${1}_key.pem"); fi openssl genrsa -out "${1}_key.pem" 2048 openssl req -new -key "${1}_key.pem" -out "${1}_cert.csr" -config "${1}_cert.cfg" -batch -sha256 openssl x509 -req -days "${DEFAULT_VALIDITY_DAYS}" -in "${1}_cert.csr" -out "${1}_cert.pem" \ - -extensions v3_ca -extfile "${1}_cert.cfg" "${extra_args[@]}" + -extensions v3_ca -extfile "${1}_cert.cfg" "${extra_args[@]}" generate_info_header "$1" } @@ -35,8 +35,8 @@ generate_rsa_key() { local keysize extra_args=() keysize="${2:-2048}" if [[ -n "$3" ]]; then - echo -n "$3" > "${1}_password.txt" - extra_args=(-aes128 -passout "file:${1}_password.txt") + echo -n "$3" > "${1}_password.txt" + extra_args=(-aes128 -passout "file:${1}_password.txt") fi openssl genrsa -out "${1}_key.pem" "${extra_args[@]}" "$keysize" } @@ -53,14 +53,14 @@ generate_info_header() { local prefix prefix="TEST_$(echo "$1" | tr '[:lower:]' '[:upper:]')" { - echo "// NOLINT(namespace-envoy)" - echo "constexpr char ${prefix}_CERT_256_HASH[] =" - echo " \"$(openssl x509 -in "${1}_cert.pem" -outform DER | openssl dgst -sha256 | cut -d" " -f2)\";" - echo "constexpr char ${prefix}_CERT_1_HASH[] = \"$(openssl x509 -in "${1}_cert.pem" -outform DER | openssl dgst -sha1 | cut -d" " -f2)\";" - echo "constexpr char ${prefix}_CERT_SPKI[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | openssl enc -base64)\";" - echo "constexpr char ${prefix}_CERT_SERIAL[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -serial | cut -d"=" -f2 | awk '{print tolower($0)}')\";" - echo "constexpr char ${prefix}_CERT_NOT_BEFORE[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -startdate | cut -d"=" -f2)\";" - echo "constexpr char ${prefix}_CERT_NOT_AFTER[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -enddate | cut -d"=" -f2)\";" + echo "// NOLINT(namespace-envoy)" + echo "constexpr char ${prefix}_CERT_256_HASH[] =" + echo " \"$(openssl x509 -in "${1}_cert.pem" -outform DER | openssl dgst -sha256 | cut -d" " -f2)\";" + echo "constexpr char ${prefix}_CERT_1_HASH[] = \"$(openssl x509 -in "${1}_cert.pem" -outform DER | openssl dgst -sha1 | cut -d" " -f2)\";" + echo "constexpr char ${prefix}_CERT_SPKI[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -binary | openssl enc -base64)\";" + echo "constexpr char ${prefix}_CERT_SERIAL[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -serial | cut -d"=" -f2 | awk '{print tolower($0)}')\";" + echo "constexpr char ${prefix}_CERT_NOT_BEFORE[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -startdate | cut -d"=" -f2)\";" + echo "constexpr char ${prefix}_CERT_NOT_AFTER[] = \"$(openssl x509 -in "${1}_cert.pem" -noout -enddate | cut -d"=" -f2)\";" } > "${1}_cert_info.h" } @@ -69,11 +69,11 @@ generate_x509_cert() { local days extra_args=() days="${3:-${DEFAULT_VALIDITY_DAYS}}" if [[ -f "${1}_password.txt" ]]; then - extra_args=(-passin "file:${1}_password.txt") + extra_args=(-passin "file:${1}_password.txt") fi openssl req -new -key "${1}_key.pem" -out "${1}_cert.csr" -config "${1}_cert.cfg" -batch -sha256 "${extra_args[@]}" openssl x509 -req -days "$days" -in "${1}_cert.csr" -sha256 -CA "${2}_cert.pem" -CAkey \ - "${2}_key.pem" -CAcreateserial -out "${1}_cert.pem" -extensions v3_ca -extfile "${1}_cert.cfg" "${extra_args[@]}" + "${2}_key.pem" -CAcreateserial -out "${1}_cert.pem" -extensions v3_ca -extfile "${1}_cert.cfg" "${extra_args[@]}" generate_info_header "$1" } @@ -86,7 +86,7 @@ generate_x509_cert_nosubject() { days="${3:-${DEFAULT_VALIDITY_DAYS}}" openssl req -new -key "${1}_key.pem" -out "${1}_cert.csr" -config "${1}_cert.cfg" -subj / -batch -sha256 openssl x509 -req -days "$days" -in "${1}_cert.csr" -sha256 -CA "${2}_cert.pem" -CAkey \ - "${2}_key.pem" -CAcreateserial -out "${1}_cert.pem" -extensions v3_ca -extfile "${1}_cert.cfg" + "${2}_key.pem" -CAcreateserial -out "${1}_cert.pem" -extensions v3_ca -extfile "${1}_cert.cfg" generate_info_header "$1" } diff --git a/test/extensions/transport_sockets/tls/test_data/extensions_cert.cfg b/test/extensions/transport_sockets/tls/test_data/extensions_cert.cfg index 53889ff58871..c510c69b1841 100644 --- a/test/extensions/transport_sockets/tls/test_data/extensions_cert.cfg +++ b/test/extensions/transport_sockets/tls/test_data/extensions_cert.cfg @@ -32,4 +32,4 @@ extendedKeyUsage = clientAuth, serverAuth subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always 1.2.3.4.5.6.7.8 = ASN1:UTF8String:Something -1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF \ No newline at end of file +1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF diff --git a/test/extensions/transport_sockets/tls/test_data/keyusage_cert_sign_cert.cfg b/test/extensions/transport_sockets/tls/test_data/keyusage_cert_sign_cert.cfg index b5daa7d2ca7d..340984404ad8 100644 --- a/test/extensions/transport_sockets/tls/test_data/keyusage_cert_sign_cert.cfg +++ b/test/extensions/transport_sockets/tls/test_data/keyusage_cert_sign_cert.cfg @@ -32,4 +32,4 @@ extendedKeyUsage = clientAuth, serverAuth subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always 1.2.3.4.5.6.7.8 = ASN1:UTF8String:Something -1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF \ No newline at end of file +1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF diff --git a/test/extensions/transport_sockets/tls/test_data/keyusage_crl_sign_cert.cfg b/test/extensions/transport_sockets/tls/test_data/keyusage_crl_sign_cert.cfg index 3a3e3d04cbd8..6ce138413a3b 100644 --- a/test/extensions/transport_sockets/tls/test_data/keyusage_crl_sign_cert.cfg +++ b/test/extensions/transport_sockets/tls/test_data/keyusage_crl_sign_cert.cfg @@ -32,4 +32,4 @@ extendedKeyUsage = clientAuth, serverAuth subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always 1.2.3.4.5.6.7.8 = ASN1:UTF8String:Something -1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF \ No newline at end of file +1.2.3.4.5.6.7.9 = DER:30:03:01:01:FF diff --git a/test/extensions/transport_sockets/tls/test_data/san_ip_cert.cfg b/test/extensions/transport_sockets/tls/test_data/san_ip_cert.cfg index 7c28705ad680..e2ae26ee8b9c 100644 --- a/test/extensions/transport_sockets/tls/test_data/san_ip_cert.cfg +++ b/test/extensions/transport_sockets/tls/test_data/san_ip_cert.cfg @@ -33,4 +33,4 @@ subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always [alt_names] -IP.1 = 1.1.1.1 \ No newline at end of file +IP.1 = 1.1.1.1 diff --git a/test/extensions/watchdog/profile_action/config_test.cc b/test/extensions/watchdog/profile_action/config_test.cc index c5ab318c1d3d..2603eeec2f57 100644 --- a/test/extensions/watchdog/profile_action/config_test.cc +++ b/test/extensions/watchdog/profile_action/config_test.cc @@ -30,13 +30,13 @@ TEST(ProfileActionFactoryTest, CanCreateAction) { "config": { "name": "envoy.watchdog.profile_action", "typed_config": { - "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", - "type_url": "type.googleapis.com/envoy.extensions.watchdog.profile_action.v3alpha.ProfileActionConfig", - "value": { - "profile_duration": "2s", - "profile_path": "/tmp/envoy/", - "max_profiles": "20" - } + "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", + "type_url": "type.googleapis.com/envoy.extensions.watchdog.profile_action.v3alpha.ProfileActionConfig", + "value": { + "profile_duration": "2s", + "profile_path": "/tmp/envoy/", + "max_profiles": "20" + } } }, } diff --git a/test/integration/clusters/cluster_factory_config.proto b/test/integration/clusters/cluster_factory_config.proto index ccf74e1d2c78..160e4ae5eb7d 100644 --- a/test/integration/clusters/cluster_factory_config.proto +++ b/test/integration/clusters/cluster_factory_config.proto @@ -6,4 +6,4 @@ message CustomStaticConfig { uint32 priority = 1; string address = 2; uint32 port_value = 3; -} \ No newline at end of file +} diff --git a/test/integration/hotrestart_test.sh b/test/integration/hotrestart_test.sh index f53dde86700d..d1e5764a3803 100755 --- a/test/integration/hotrestart_test.sh +++ b/test/integration/hotrestart_test.sh @@ -139,7 +139,7 @@ function run_testsuite() { echo "The Envoy's hot restart version is ${CLI_HOT_RESTART_VERSION}" echo "Now checking that the above version is what we expected." check [ "${CLI_HOT_RESTART_VERSION}" = "${EXPECTED_CLI_HOT_RESTART_VERSION}" ] - + start_test "Checking for match of --hot-restart-version and admin /hot_restart_version" ADMIN_ADDRESS_0=$(cat "${ADMIN_ADDRESS_PATH_0}") echo "fetching hot restart version from http://${ADMIN_ADDRESS_0}/hot_restart_version ..." diff --git a/test/integration/http_typed_per_filter_config_test.cc b/test/integration/http_typed_per_filter_config_test.cc index 39ec061f3e4d..251da64f64e0 100644 --- a/test/integration/http_typed_per_filter_config_test.cc +++ b/test/integration/http_typed_per_filter_config_test.cc @@ -42,4 +42,4 @@ TEST_F(HTTPTypedPerFilterConfigTest, RejectUnsupportedTypedPerFilterConfig) { } } // namespace -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/integration/test_utility.sh b/test/integration/test_utility.sh index ece50f5f3d31..d0ab63d9152c 100644 --- a/test/integration/test_utility.sh +++ b/test/integration/test_utility.sh @@ -10,22 +10,22 @@ CURRENT_TEST="NONE" function start_test() { - CURRENT_TEST="$1" - echo "TEST: $CURRENT_TEST" + CURRENT_TEST="$1" + echo "TEST: $CURRENT_TEST" } check() { - echo " check" "$@" ... - # see https://github.com/koalaman/shellcheck/issues/1679 - # shellcheck disable=SC2119 - "$@" || handle_failure + echo " check" "$@" ... + # see https://github.com/koalaman/shellcheck/issues/1679 + # shellcheck disable=SC2119 + "$@" || handle_failure } export BACKGROUND_PID="?" run_in_background_saving_pid() { - echo " backgrounding:" "$@" ... - "$@" & - export BACKGROUND_PID="$!" + echo " backgrounding:" "$@" ... + "$@" & + export BACKGROUND_PID="$!" } # By default, print a message like: @@ -41,81 +41,81 @@ run_in_background_saving_pid() { # weren't for this, fail and handle_failure could be the same. # shellcheck disable=SC2120 handle_failure() { - if [ $# -eq 1 ]; then - echo FAILed Input: "$1" - fi + if [ $# -eq 1 ]; then + echo FAILed Input: "$1" + fi - # From http://stackoverflow.com/questions/685435/bash-stacktrace - # to avoid printing 'handle_failure' we start with 1 to skip get_stack caller - local i - local stack_size=${#FUNCNAME[@]} - for (( i=1; i /dev/null 2>&1 ; then - # "caller 1" is our caller's caller. - echo " failure at line $(caller 1 | sed 's/ .*//')" 1>&2 - fi - echo "in '$CURRENT_TEST'" - echo FAIL. - exit 1 + # Note: we print line number after "failed input" so that it doesn't get + # knocked out of the terminal buffer. + if type caller > /dev/null 2>&1 ; then + # "caller 1" is our caller's caller. + echo " failure at line $(caller 1 | sed 's/ .*//')" 1>&2 + fi + echo "in '$CURRENT_TEST'" + echo FAIL. + exit 1 } # The heapchecker outputs some data to stderr on every execution. This gets intermingled # with the output from --hot-restart-version, so disable the heap-checker for these runs. disableHeapCheck () { - SAVED_HEAPCHECK=${HEAPCHECK} - unset HEAPCHECK + SAVED_HEAPCHECK=${HEAPCHECK} + unset HEAPCHECK } enableHeapCheck () { - HEAPCHECK=${SAVED_HEAPCHECK} + HEAPCHECK=${SAVED_HEAPCHECK} } # Scrapes a stat value from an an admin port. scrape_stat() { - local ADMIN_ADDRESS="$1" - local STAT_NAME="$2" - curl -sg "$ADMIN_ADDRESS"/stats | grep "^${STAT_NAME}: " | cut -f2 -d" " + local ADMIN_ADDRESS="$1" + local STAT_NAME="$2" + curl -sg "$ADMIN_ADDRESS"/stats | grep "^${STAT_NAME}: " | cut -f2 -d" " } milliseconds() { - local nanos seconds - nanos=$(date +%N | sed 's/^0*//') - seconds=$(date +%s) - echo $((1000*seconds + nanos/1000000)) + local nanos seconds + nanos=$(date +%N | sed 's/^0*//') + seconds=$(date +%s) + echo $((1000*seconds + nanos/1000000)) } wait_for_stat() { - local ADMIN_ADDRESS="$1" \ - STAT_NAME="$2" \ - OP="$3" \ - VALUE="$4" \ - TIMEOUT_SEC="$5" \ - ret="" \ - end_time end_time_ms start_time_ms stat - start_time_ms=$(milliseconds) - end_time=$((SECONDS + TIMEOUT_SEC)) - while [ "$ret" = "" ]; do - stat=$(scrape_stat "$ADMIN_ADDRESS" "$STAT_NAME") - if test "$stat" "$OP" "$VALUE"; then - end_time_ms=$(milliseconds) - ret="success: $STAT_NAME reached $stat after $((end_time_ms - start_time_ms)) ms" - elif [ "$SECONDS" -gt "$end_time" ]; then - ret="timeout: waiting $TIMEOUT_SEC seconds for $STAT_NAME=$stat to reach $VALUE" - else - sleep 0.1 - fi - done - echo "$ret" + local ADMIN_ADDRESS="$1" \ + STAT_NAME="$2" \ + OP="$3" \ + VALUE="$4" \ + TIMEOUT_SEC="$5" \ + ret="" \ + end_time end_time_ms start_time_ms stat + start_time_ms=$(milliseconds) + end_time=$((SECONDS + TIMEOUT_SEC)) + while [ "$ret" = "" ]; do + stat=$(scrape_stat "$ADMIN_ADDRESS" "$STAT_NAME") + if test "$stat" "$OP" "$VALUE"; then + end_time_ms=$(milliseconds) + ret="success: $STAT_NAME reached $stat after $((end_time_ms - start_time_ms)) ms" + elif [ "$SECONDS" -gt "$end_time" ]; then + ret="timeout: waiting $TIMEOUT_SEC seconds for $STAT_NAME=$stat to reach $VALUE" + else + sleep 0.1 + fi + done + echo "$ret" } [[ -z "${ENVOY_BIN}" ]] && ENVOY_BIN="${TEST_SRCDIR}/envoy/source/exe/envoy-static" diff --git a/test/integration/xfcc_integration_test.cc b/test/integration/xfcc_integration_test.cc index 3b299de13c51..7fa5dee96696 100644 --- a/test/integration/xfcc_integration_test.cc +++ b/test/integration/xfcc_integration_test.cc @@ -46,7 +46,7 @@ Network::TransportSocketFactoryPtr XfccIntegrationTest::createClientSslContext(b validation_context: trusted_ca: filename: {{ test_rundir }}/test/config/integration/certs/cacert.pem - match_subject_alt_names: + match_subject_alt_names: exact: "spiffe://lyft.com/backend-team" exact: "lyft.com" exact: "www.lyft.com" @@ -57,7 +57,7 @@ Network::TransportSocketFactoryPtr XfccIntegrationTest::createClientSslContext(b validation_context: trusted_ca: filename: {{ test_rundir }}/test/config/integration/certs/cacert.pem - match_subject_alt_names: + match_subject_alt_names: exact: "spiffe://lyft.com/backend-team" exact: "lyft.com" exact: "www.lyft.com" diff --git a/test/mocks/local_reply/mocks.cc b/test/mocks/local_reply/mocks.cc index f6219934def1..fbbd157dadfd 100644 --- a/test/mocks/local_reply/mocks.cc +++ b/test/mocks/local_reply/mocks.cc @@ -5,4 +5,4 @@ namespace LocalReply { MockLocalReply::MockLocalReply() = default; MockLocalReply::~MockLocalReply() = default; } // namespace LocalReply -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/test/server/configuration_impl_test.cc b/test/server/configuration_impl_test.cc index a3b4596dee3f..6db1c12849db 100644 --- a/test/server/configuration_impl_test.cc +++ b/test/server/configuration_impl_test.cc @@ -99,7 +99,7 @@ TEST_F(ConfigurationImplTest, CustomStatsFlushInterval) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -133,7 +133,7 @@ TEST_F(ConfigurationImplTest, StatsOnAdmin) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -166,7 +166,7 @@ TEST_F(ConfigurationImplTest, NegativeStatsOnAdmin) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -197,7 +197,7 @@ TEST_F(ConfigurationImplTest, IntervalAndAdminFlush) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -257,7 +257,7 @@ TEST_F(ConfigurationImplTest, SetUpstreamClusterPerConnectionBufferLimit) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -309,7 +309,7 @@ TEST_F(ConfigurationImplTest, NullTracerSetWhenTracingConfigurationAbsent) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -357,7 +357,7 @@ TEST_F(ConfigurationImplTest, NullTracerSetWhenHttpKeyAbsentFromTracerConfigurat "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -417,7 +417,7 @@ TEST_F(ConfigurationImplTest, ConfigurationFailsWhenInvalidTracerSpecified) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -451,7 +451,7 @@ TEST_F(ConfigurationImplTest, ProtoSpecifiedStatsSink) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -491,7 +491,7 @@ TEST_F(ConfigurationImplTest, StatsSinkWithInvalidName) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -529,7 +529,7 @@ TEST_F(ConfigurationImplTest, StatsSinkWithNoName) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -566,7 +566,7 @@ TEST_F(ConfigurationImplTest, StatsSinkWithNoType) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -726,7 +726,7 @@ TEST_F(ConfigurationImplTest, AdminSocketOptions) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -780,7 +780,7 @@ TEST_F(ConfigurationImplTest, FileAccessLogOutput) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -868,7 +868,7 @@ TEST_F(ConfigurationImplTest, ExceedLoadBalancerHostWeightsLimit) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -982,7 +982,7 @@ TEST_F(ConfigurationImplTest, ExceedLoadBalancerLocalityWeightsLimit) { "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } @@ -1102,7 +1102,7 @@ TEST_F(ConfigurationImplTest, DEPRECATED_FEATURE_TEST(DeprecatedAccessLogPathWit "access_log": [ { "name": "envoy.access_loggers.file", - "typed_config": { + "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/null" } diff --git a/test/tools/router_check/test/config/TestRoutes.golden.proto.json b/test/tools/router_check/test/config/TestRoutes.golden.proto.json index 4210d242b061..25c2ed007523 100644 --- a/test/tools/router_check/test/config/TestRoutes.golden.proto.json +++ b/test/tools/router_check/test/config/TestRoutes.golden.proto.json @@ -346,7 +346,7 @@ }, { "name": "content-length", - "range_match": + "range_match": { "start": 0, "end": 100 diff --git a/test/tools/router_check/test/config/TestRoutesFailures.golden.proto.json b/test/tools/router_check/test/config/TestRoutesFailures.golden.proto.json index c2509e0387da..498f155a4d5c 100644 --- a/test/tools/router_check/test/config/TestRoutesFailures.golden.proto.json +++ b/test/tools/router_check/test/config/TestRoutesFailures.golden.proto.json @@ -22,7 +22,7 @@ }, { "name": "content-length", - "range_match": + "range_match": { "start": 100, "end": 1000 diff --git a/test/tools/router_check/test/config/Weighted.golden.proto.pb_text b/test/tools/router_check/test/config/Weighted.golden.proto.pb_text index 9a9d0d8f7a8f..a0980f8a7dcd 100644 --- a/test/tools/router_check/test/config/Weighted.golden.proto.pb_text +++ b/test/tools/router_check/test/config/Weighted.golden.proto.pb_text @@ -24,4 +24,4 @@ tests { cluster_name: { value: "cluster1"} virtual_cluster_name: { value: "test_virtual_cluster" } } -} \ No newline at end of file +} diff --git a/tools/code_format/check_shellcheck_format.sh b/tools/code_format/check_shellcheck_format.sh index 1cc031ea0623..6b3f4cd70ea6 100755 --- a/tools/code_format/check_shellcheck_format.sh +++ b/tools/code_format/check_shellcheck_format.sh @@ -11,7 +11,7 @@ find_shell_files () { shellfiles+=("$(git ls-files|grep '\.sh$')") shellfiles=("$(echo "${shellfiles[@]}" | tr ' ' '\n' | sort | uniq)") for file in "${shellfiles[@]}"; do - echo "$file" + echo "$file" done } @@ -20,39 +20,39 @@ run_shellcheck_on () { op="$1" file="$2" if [ "$op" != "fix" ]; then - echo "Shellcheck: ${file}" + echo "Shellcheck: ${file}" fi shellcheck -x "$file" } run_shellchecks () { local all_shellfiles=() failed=() failure \ - filtered_shellfiles=() found_shellfiles \ - line skipped_count success_count + filtered_shellfiles=() found_shellfiles \ + line skipped_count success_count found_shellfiles=$(find_shell_files) while read -r line; do all_shellfiles+=("$line"); done \ - <<< "$found_shellfiles" + <<< "$found_shellfiles" while read -r line; do filtered_shellfiles+=("$line"); done \ - <<< "$(echo -e "$found_shellfiles" | grep -vE "${EXCLUDED_SHELLFILES}")" + <<< "$(echo -e "$found_shellfiles" | grep -vE "${EXCLUDED_SHELLFILES}")" for file in "${filtered_shellfiles[@]}"; do - run_shellcheck_on "$1" "$file" || { - failed+=("$file") - } + run_shellcheck_on "$1" "$file" || { + failed+=("$file") + } done if [[ "${#failed[@]}" -ne 0 ]]; then - echo -e "\nShellcheck failures:" >&2 - for failure in "${failed[@]}"; do - echo "$failure" >&2 - done + echo -e "\nShellcheck failures:" >&2 + for failure in "${failed[@]}"; do + echo "$failure" >&2 + done fi skipped_count=$((${#all_shellfiles[@]} - ${#filtered_shellfiles[@]})) success_count=$((${#filtered_shellfiles[@]} - ${#failed[@]})) echo -e "\nShellcheck totals (skipped/failed/success): ${skipped_count}/${#failed[@]}/${success_count}" if [[ "${#failed[@]}" -ne 0 ]]; then - return 1 + return 1 fi } diff --git a/tools/code_format/glint.sh b/tools/code_format/glint.sh new file mode 100755 index 000000000000..aa0a5e93afa7 --- /dev/null +++ b/tools/code_format/glint.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# This script checks all files in the repo for basic format "hygiene", specifically +# +# - must have ending line +# - no trailing whitespace +# - no lines indented with a mixture of tabs and spaces +# + +NOLINT_RE="\.patch$|^test/.*_corpus/|^tools/.*_corpus/|password_protected_password.txt" +ERRORS= +MISSING_NEWLINE=0 +MIXED_TABS_AND_SPACES=0 +TRAILING_WHITESPACE=0 + + +# Checks whether a file has a mixture of indents starting with tabs and spaces +check_mixed_tabs_spaces () { + local spaced tabbed + tabbed=$(grep -cP "^\t" "$1") + spaced=$(grep -cP "^ " "$1") + if [[ $tabbed -gt 0 ]] && [[ $spaced -gt 0 ]]; then + echo "mixed tabs and spaces: ${1}" >&2 + ERRORS=yes + ((MIXED_TABS_AND_SPACES=MIXED_TABS_AND_SPACES+1)) + fi +} + +# Checks whether a file has a terminating newline +check_new_line () { + test "$(tail -c 1 "$1" | wc -l)" -eq 0 && { + echo "no newline at eof: ${1}" >&2 + ERRORS=yes + ((MISSING_NEWLINE=MISSING_NEWLINE+1)) + } +} + +# Checks whether a file contains lines ending in whitespace +check_trailing_whitespace () { + if grep -r '[[:blank:]]$' "$1" > /dev/null; then + echo "trailing whitespace: ${1}" >&2 + ERRORS=yes + ((TRAILING_WHITESPACE=TRAILING_WHITESPACE+1)) + fi +} + +# Uses git grep to search for non-"binary" files from git's pov +# +# TODO(phlax): add hash/diff only filter for faster change linting +# this would also make it feasible to add as a commit/push hook +find_text_files () { + git grep --cached -Il '' | grep -vE "$NOLINT_RE" +} + +# Recurse text files linting language-independent checks +# +# note: we may want to use python if this grows in complexity +# +for file in $(find_text_files); do + check_new_line "$file" + check_mixed_tabs_spaces "$file" + check_trailing_whitespace "$file" +done + +if [[ -n "$ERRORS" ]]; then + echo >&2 + echo "ERRORS found" >&2 + echo "${MISSING_NEWLINE} files with missing newline" >&2 + echo "${MIXED_TABS_AND_SPACES} files with mixed tabs and spaces" >&2 + echo "${TRAILING_WHITESPACE} files with trailing whitespace" >&2 + echo >&2 + exit 1 +fi diff --git a/tools/proto_format/proto_format.sh b/tools/proto_format/proto_format.sh index b922a37d71e5..43ad645367e8 100755 --- a/tools/proto_format/proto_format.sh +++ b/tools/proto_format/proto_format.sh @@ -7,20 +7,23 @@ set -e read -ra BAZEL_BUILD_OPTIONS <<< "${BAZEL_BUILD_OPTIONS:-}" -[[ "$1" == "check" || "$1" == "fix" || "$1" == "freeze" ]] || \ - (echo "Usage: $0 "; exit 1) +[[ "$1" == "check" || "$1" == "fix" || "$1" == "freeze" ]] || { + echo "Usage: $0 " + exit 1 +} # Developers working on protoxform and other proto format tooling changes will need to override the # following check by setting FORCE_PROTO_FORMAT=yes in the environment. ./tools/git/modified_since_last_github_commit.sh ./api/envoy proto || \ - [[ "${FORCE_PROTO_FORMAT}" == "yes" ]] || \ - { echo "Skipping proto_format.sh due to no API change"; exit 0; } - -if [[ "$2" == "--test" ]] -then - echo "protoxform_test..." - ./tools/protoxform/protoxform_test.sh - bazel test "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:merge_active_shadow_test + [[ "${FORCE_PROTO_FORMAT}" == "yes" ]] || { + echo "Skipping proto_format.sh due to no API change" + exit 0 + } + +if [[ "$2" == "--test" ]]; then + echo "protoxform_test..." + ./tools/protoxform/protoxform_test.sh + bazel test "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:merge_active_shadow_test fi # Generate //versioning:active_protos. @@ -32,10 +35,9 @@ BAZEL_BUILD_OPTIONS+=("--remote_download_outputs=all") # If the specified command is 'freeze', we tell protoxform to adjust package version status to # reflect a major version freeze and then do a regular 'fix'. PROTO_SYNC_CMD="$1" -if [[ "$1" == "freeze" ]] -then - declare -r FREEZE_ARG="--//tools/api_proto_plugin:extra_args=freeze" - PROTO_SYNC_CMD="fix" +if [[ "$1" == "freeze" ]]; then + declare -r FREEZE_ARG="--//tools/api_proto_plugin:extra_args=freeze" + PROTO_SYNC_CMD="fix" fi # Invoke protoxform aspect. @@ -47,7 +49,7 @@ PROTO_TARGETS=() for proto_type in active frozen; do protos=$(bazel query "labels(srcs, labels(deps, @envoy_api_canonical//versioning:${proto_type}_protos))") while read -r line; do PROTO_TARGETS+=("$line"); done \ - <<< "$protos" + <<< "$protos" done # Setup for proto_sync.py. @@ -63,9 +65,8 @@ bazel build "${BAZEL_BUILD_OPTIONS[@]}" //tools/protoxform:protoprint //tools/pr ./tools/proto_format/proto_sync.py "--mode=${PROTO_SYNC_CMD}" "${PROTO_TARGETS[@]}" # Need to regenerate //versioning:active_protos before building type DB below if freezing. -if [[ "$1" == "freeze" ]] -then - ./tools/proto_format/active_protos_gen.py ./api > ./api/versioning/BUILD +if [[ "$1" == "freeze" ]]; then + ./tools/proto_format/active_protos_gen.py ./api > ./api/versioning/BUILD fi # Generate api/BUILD file based on updated type database. diff --git a/tools/testdata/check_format/attribute_packed.cc b/tools/testdata/check_format/attribute_packed.cc index 222c1133f67b..4af2b373b3b0 100644 --- a/tools/testdata/check_format/attribute_packed.cc +++ b/tools/testdata/check_format/attribute_packed.cc @@ -4,4 +4,4 @@ typedef struct { int a; int b; } __attribute__((packed)) s; -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/tools/testdata/check_format/designated_initializers.cc b/tools/testdata/check_format/designated_initializers.cc index 9d094a5991f0..4cc97a0205b1 100644 --- a/tools/testdata/check_format/designated_initializers.cc +++ b/tools/testdata/check_format/designated_initializers.cc @@ -7,4 +7,4 @@ typedef struct { s my_struct = {.a = 1, .b = 2}; -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/tools/testdata/check_format/elvis_operator.cc b/tools/testdata/check_format/elvis_operator.cc index 7cca6592e692..a7905a79e1cc 100644 --- a/tools/testdata/check_format/elvis_operator.cc +++ b/tools/testdata/check_format/elvis_operator.cc @@ -2,4 +2,4 @@ namespace Envoy { int val = 0 ?: 1; -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/tools/testdata/check_format/source/raw_try.cc b/tools/testdata/check_format/source/raw_try.cc index 29232bebe0cc..e85fdc0eff85 100644 --- a/tools/testdata/check_format/source/raw_try.cc +++ b/tools/testdata/check_format/source/raw_try.cc @@ -12,4 +12,4 @@ struct Try { } }; -} // namespace Envoy \ No newline at end of file +} // namespace Envoy diff --git a/tools/testdata/check_format/test_naming.cc b/tools/testdata/check_format/test_naming.cc index 45da6bf2d61b..64c21c06e7b7 100644 --- a/tools/testdata/check_format/test_naming.cc +++ b/tools/testdata/check_format/test_naming.cc @@ -1,7 +1,7 @@ namespace Envoy { TEST_F(FooBar, testSomething) { - + } } // namespace Envoy