Move envoy.api.v2 core protos to envoy.api.v2.core and organize filters#452
Move envoy.api.v2 core protos to envoy.api.v2.core and organize filters#452htuch merged 26 commits intoenvoyproxy:masterfrom
Conversation
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
|
cc @htuch |
htuch
left a comment
htuch
left a comment
There was a problem hiding this comment.
This seems reasonable (although a bit more verbose). What guarantee do we have that this will fix all our dependency cycle problems for good? Churn == bad :)
|
We need to enforce that only the following dependencies are allowed:
|
|
Do you know if it there's a cheap way to write a shell script test using Bazel query to validate this (or something like that)? Or even a simple Go equivalent of https://github.com/envoyproxy/data-plane-api/blob/master/test/build/build_test.cc? |
|
I've tried to add |
|
cc @lizan @douglas-reid for bazel expertise. Maybe you have some ideas? |
|
Use |
|
@htuch for visibility to work, we would need to change |
|
@kyessenov Seems fair enough. I would still think a Go litmus test would be nice, but not if it's too much overhead. |
|
I think we should improve the current go rules (cc @misterwilliam). If only we place protos into packages with these rules, we can automatically enforce package boundaries. |
Signed-off-by: Kuat Yessenov <kuat@google.com>
htuch
left a comment
htuch
left a comment
There was a problem hiding this comment.
A couple of comments (And thanks for taking this on and keeping it moving; the APIs will be much better positioned as a result).
| // Headers can be specified using *response_headers_to_add* in | ||
| // :ref:`envoy_api_msg_RouteConfiguration`. | ||
| DataSource body = 2; | ||
| core.DataSource body = 2; |
There was a problem hiding this comment.
Should we fully qualify everywhere to avoid breakage if there is future movement (which hopefully won't happen, but ¯\_(ツ)_/¯).
There was a problem hiding this comment.
My heuristic was to qualify names outside of core packages and subpackages. I'm thinking that if we create "v3" then we might want to copy over all subpackages of "v2" to start from, and the relative names there would help. Filters I'm still planning to move away, and I tried to use fully qualified names to enable that.
| deps = [ | ||
| ":base", | ||
| ":grpc_service", | ||
| ], |
There was a problem hiding this comment.
Are you still planning on adding visibility restrictions? I'd like us to do something to reduce the likelihood of future churn happening again; it can be visibility, a Go build test or even some good local build validation that we can add to the PR that can assure us we won't churn further.
There was a problem hiding this comment.
I can add visibility, but that requires that dependencies must be proto packages, not individual protos. Go rules is harder to achieve, that amounts to writing all go rules again, and that was hard before and is still (given that @misterwilliam did only partial subset of protos).
There was a problem hiding this comment.
PTAL, added "friends" package groups for visibility constraints.
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
| name = "friends", | ||
| packages = [ | ||
| "-//envoy/api/v2/core", | ||
| "//envoy/...", |
There was a problem hiding this comment.
Does it need to be this wide? Would prefer narrower scoping.
There was a problem hiding this comment.
Restricted it to //docs as much as possible.
| api_proto_library( | ||
| name = "circuit_breaker", | ||
| srcs = ["circuit_breaker.proto"], | ||
| visibility = ["//envoy/api/v2:friends"], |
There was a problem hiding this comment.
I wonder if we can make some of these scopes narrowed.
There was a problem hiding this comment.
These two got further restricted to just //envoy/api/v2
|
|
| Metadata metadata = 5; | ||
| core.Metadata metadata = 5; | ||
|
|
||
| // [#not-implemented-hide:] See base.TransportSocket description. |
There was a problem hiding this comment.
Can you update the doc to match what Cluster has? Also remove not-implement-hide. Thanks!
There was a problem hiding this comment.
Oh, I thought you are referring to Metadata.
There was a problem hiding this comment.
Can you give more details what needs to go here?
There was a problem hiding this comment.
Just like clusters
See :ref:`base.TransportSocket<envoy_api_msg_core.TransportSocket>` description.
Is good, no longer need [#not-implemented-hide:]
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
|
@htuch I tried to restrict visibility further. Let me know if this is OK. The main idea is to prevent cycles within core, as well as prevent dependencies of core on other things. Both are accomplished with visibility. I also took a stab at organizing filters into their own packages together with versions. |
kyessenov
changed the title
| # TODO(htuch): Automatically generate go_proto_library and go_grpc_library | ||
| # from api_proto_library. | ||
| def api_proto_library(name, srcs = [], deps = [], has_services = 0, require_py = 1): | ||
| def api_proto_library(name, visibility, srcs = [], deps = [], has_services = 0, require_py = 1): |
There was a problem hiding this comment.
Should this default to "//visibility:public" for backward-compatibility?
There was a problem hiding this comment.
No strong opinion. I found it useful for myself to make sure I didn't miss any.
Signed-off-by: Kuat Yessenov <kuat@google.com>
htuch
left a comment
htuch
left a comment
There was a problem hiding this comment.
The new approach and layout looks good. Can you update the README.mds across the tree to express the visibility rules in plain English for readers? I'll need to take another pass after reading those and patching this into a local client so I can grep out the visibility rules.
@wora can you take another look?
| # TODO(htuch): Automatically generate go_proto_library and go_grpc_library | ||
| # from api_proto_library. | ||
| def api_proto_library(name, srcs = [], deps = [], has_services = 0, require_py = 1): | ||
| def api_proto_library(name, visibility, srcs = [], deps = [], has_services = 0, require_py = 1): |
There was a problem hiding this comment.
@PiotrSikora as long as this works on the main Envoy repo I think it's OK. We clobber this during import, so it's not an issue inside Google.
| api_proto_library( | ||
| name = "mongo_proxy", | ||
| srcs = ["mongo_proxy.proto"], | ||
| visibility = ["//envoy:friends"], |
There was a problem hiding this comment.
Why does a network filter require such wide visibility?
There was a problem hiding this comment.
I changed it just //docs in the last update.
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
LGTM. Big +1 for adding an "overview" section to STYLE.md on the overall layout, what goes where, the friend stuff, etc. Would love to try to land this today as I would like to play around with some further doc cleanups to make the v2 docs a bit easier to consume.
| test: | ||
| docker: | ||
| - image: envoyproxy/envoy-build:52f6880ffbf761c9b809fc3ac208900956ff16b4 | ||
| - image: envoyproxy/envoy-build:61b38528d7e46ced9d749d278ba185332310ca95 |
There was a problem hiding this comment.
nit: Can you fix the Circle config to use the same ref semantics for the image as is done here: https://github.com/envoyproxy/envoy/blob/master/.circleci/config.yml#L1
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
|
I added a brief explanation to STYLE about layering and visibility. |
|
@wora do you mind taking a look at this? |
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
LGTM, thanks @kyessenov! @htuch can approve/merge from here.
htuch
left a comment
htuch
left a comment
There was a problem hiding this comment.
LGTM modulo some very minor remaining comments. I've given this a full review, so when they are fixed, it's good to go. +1000 thanks.
| `//envoy/api/v2:friends`. | ||
|
|
||
| Additionally, packages envoy.api.v2.core and envoy.api.v2.auth are also | ||
| consumed throughout the remaining core API packages, but not by each other. |
There was a problem hiding this comment.
Nit: "core" here is a bit misleading given "envoy.api.v2.core".
There was a problem hiding this comment.
changed to "shared"
| api_proto_library( | ||
| name = "rate_limit", | ||
| srcs = ["rate_limit.proto"], | ||
| visibility = ["//docs"], |
There was a problem hiding this comment.
I think we can make this less verbose by just always adding //doc in api_proto_library (it can't ever hurt), and making visibility optional and by default private.
There was a problem hiding this comment.
Cool idea! I made it private by default, and add //docs always (thereby switching from private to ["//docs"] since private is not combinable).
| @@ -1 +1,9 @@ | |||
| Protocol buffer definitions for core API messages. | |||
There was a problem hiding this comment.
Yeah, I think we need to rename this use of "core" as well.
There was a problem hiding this comment.
It's basically a placeholder for old legacy stuff we can't move and acts just as a parent node otherwise.
There was a problem hiding this comment.
made it clear this is just old xDS + top-level resources
Signed-off-by: Kuat Yessenov <kuat@google.com>
Risk Level: Low Testing: bazel test. Docs Changes: envoyproxy/data-plane-api#452 Signed-off-by: Kuat Yessenov <kuat@google.com>
6 participants
There are several main changes in this PR:
envoy.api.v2.corepackages to break circular dependencies from xDS on to subpackages on to base protos.gogoprotoannotations to improve go code generation.After moving xDS service definitions and top-level resource protos back to envoy.core.api.v2, cycles were created, since the second-level definitions depend on base protobuf definitions, and are in turn included from xDS; however xDS and base definitions are in the same package.
The solution is to split the base protos into another package,
envoy.api.v2.core. That eliminates dependency cycles (validated using go-control-plane).Added a few gogoproto annotations to improve golang code generation.