From 93b99d4175e9a5ead0ae17ff5e35df9776a3aade Mon Sep 17 00:00:00 2001 From: Shriram Rajagopalan Date: Wed, 14 Nov 2018 11:06:06 -0500 Subject: [PATCH 01/16] [Cherry-pick]Adding weights to service entry endpoints (#704) (#706) * Adding weights to service entry endpoints (#704) * add dynamic state to attribute list Signed-off-by: Shriram Rajagopalan * Adding weights to service entry endpoints Signed-off-by: Shriram Rajagopalan * undo * update protolock Signed-off-by: Shriram Rajagopalan --- networking/v1alpha3/gateway.pb.go | 3 +- networking/v1alpha3/gateway.proto | 3 +- .../istio.networking.v1alpha3.pb.html | 16 ++- networking/v1alpha3/service_entry.pb.go | 104 ++++++++++++------ networking/v1alpha3/service_entry.proto | 8 +- proto.lock | 5 + .../networking/v1alpha3/service_entry_pb2.py | 29 +++-- 7 files changed, 117 insertions(+), 51 deletions(-) diff --git a/networking/v1alpha3/gateway.pb.go b/networking/v1alpha3/gateway.pb.go index a6ac4ed08c..cbab67e68e 100644 --- a/networking/v1alpha3/gateway.pb.go +++ b/networking/v1alpha3/gateway.pb.go @@ -475,7 +475,8 @@ type Port struct { Number uint32 `protobuf:"varint,1,opt,name=number,proto3" json:"number,omitempty"` // REQUIRED: The protocol exposed on the port. // MUST BE one of HTTP|HTTPS|GRPC|HTTP2|MONGO|TCP|TLS. - // TLS is used to indicate secure connections to non HTTP services. + // TLS implies the connection will be routed based on the SNI header to + // the destination without terminating the TLS connection. Protocol string `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` // Label assigned to the port. Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` diff --git a/networking/v1alpha3/gateway.proto b/networking/v1alpha3/gateway.proto index ba85ad93dd..e7a54a41af 100644 --- a/networking/v1alpha3/gateway.proto +++ b/networking/v1alpha3/gateway.proto @@ -339,7 +339,8 @@ message Port { // REQUIRED: The protocol exposed on the port. // MUST BE one of HTTP|HTTPS|GRPC|HTTP2|MONGO|TCP|TLS. - // TLS is used to indicate secure connections to non HTTP services. + // TLS implies the connection will be routed based on the SNI header to + // the destination without terminating the TLS connection. string protocol = 2; // Label assigned to the port. diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index f6301c1778..69a40b7a19 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -2360,7 +2360,8 @@

Port

REQUIRED: The protocol exposed on the port. MUST BE one of HTTP|HTTPS|GRPC|HTTP2|MONGO|TCP|TLS. -TLS is used to indicate secure connections to non HTTP services.

+TLS implies the connection will be routed based on the SNI header to +the destination without terminating the TLS connection.

@@ -3020,7 +3021,7 @@

ServiceEntry

REQUIRED. The hosts associated with the ServiceEntry. Could be a DNS name with wildcard prefix (external services only). DNS names in hosts will be ignored if the application accesses the service over non-HTTP -protocols such as mongo/opaque TCP/even HTTPS. In such scenarios, the +protocols such as mongo/opaque TCP/HTTPS. In such scenarios, the IP addresses specified in the Addresses field or the port will be used to uniquely identify the destination.

@@ -3033,7 +3034,7 @@

ServiceEntry

The virtual IP addresses associated with the service. Could be CIDR prefix. For HTTP services, the addresses field will be ignored and the destination will be identified based on the HTTP Host/Authority -header. For non-HTTP protocols such as mongo/opaque TCP/even HTTPS, +header. For non-HTTP protocols such as mongo/opaque TCP/HTTPS, the hosts will be ignored. If one or more IP addresses are specified, the incoming traffic will be identified as belonging to this service if the destination IP matches the IP/CIDRs specified in the addresses @@ -3168,6 +3169,15 @@

ServiceEntry.Endpoint

(that bridges networks n1 and n2), or the IP associated with a standard service endpoint.

+ + + +weight +uint32 + +

The load balancing weight associated with the endpoint. Endpoints +with higher weights will receive proportionally higher traffic.

+ diff --git a/networking/v1alpha3/service_entry.pb.go b/networking/v1alpha3/service_entry.pb.go index d8f9b809e0..faa5471fde 100644 --- a/networking/v1alpha3/service_entry.pb.go +++ b/networking/v1alpha3/service_entry.pb.go @@ -367,14 +367,14 @@ type ServiceEntry struct { // REQUIRED. The hosts associated with the ServiceEntry. Could be a DNS // name with wildcard prefix (external services only). DNS names in hosts // will be ignored if the application accesses the service over non-HTTP - // protocols such as mongo/opaque TCP/even HTTPS. In such scenarios, the + // protocols such as mongo/opaque TCP/HTTPS. In such scenarios, the // IP addresses specified in the Addresses field or the port will be used // to uniquely identify the destination. Hosts []string `protobuf:"bytes,1,rep,name=hosts" json:"hosts,omitempty"` // The virtual IP addresses associated with the service. Could be CIDR // prefix. For HTTP services, the addresses field will be ignored and // the destination will be identified based on the HTTP Host/Authority - // header. For non-HTTP protocols such as mongo/opaque TCP/even HTTPS, + // header. For non-HTTP protocols such as mongo/opaque TCP/HTTPS, // the hosts will be ignored. If one or more IP addresses are specified, // the incoming traffic will be identified as belonging to this service // if the destination IP matches the IP/CIDRs specified in the addresses @@ -490,6 +490,9 @@ type ServiceEntry_Endpoint struct { // (that bridges networks n1 and n2), or the IP associated with a // standard service endpoint. Locality string `protobuf:"bytes,5,opt,name=locality,proto3" json:"locality,omitempty"` + // The load balancing weight associated with the endpoint. Endpoints + // with higher weights will receive proportionally higher traffic. + Weight uint32 `protobuf:"varint,6,opt,name=weight,proto3" json:"weight,omitempty"` } func (m *ServiceEntry_Endpoint) Reset() { *m = ServiceEntry_Endpoint{} } @@ -534,6 +537,13 @@ func (m *ServiceEntry_Endpoint) GetLocality() string { return "" } +func (m *ServiceEntry_Endpoint) GetWeight() uint32 { + if m != nil { + return m.Weight + } + return 0 +} + func init() { proto.RegisterType((*ServiceEntry)(nil), "istio.networking.v1alpha3.ServiceEntry") proto.RegisterType((*ServiceEntry_Endpoint)(nil), "istio.networking.v1alpha3.ServiceEntry.Endpoint") @@ -688,6 +698,11 @@ func (m *ServiceEntry_Endpoint) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintServiceEntry(dAtA, i, uint64(len(m.Locality))) i += copy(dAtA[i:], m.Locality) } + if m.Weight != 0 { + dAtA[i] = 0x30 + i++ + i = encodeVarintServiceEntry(dAtA, i, uint64(m.Weight)) + } return i, nil } @@ -767,6 +782,9 @@ func (m *ServiceEntry_Endpoint) Size() (n int) { if l > 0 { n += 1 + l + sovServiceEntry(uint64(l)) } + if m.Weight != 0 { + n += 1 + sovServiceEntry(uint64(m.Weight)) + } return n } @@ -1332,6 +1350,25 @@ func (m *ServiceEntry_Endpoint) Unmarshal(dAtA []byte) error { } m.Locality = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 6: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Weight", wireType) + } + m.Weight = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowServiceEntry + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Weight |= (uint32(b) & 0x7F) << shift + if b < 0x80 { + break + } + } default: iNdEx = preIndex skippy, err := skipServiceEntry(dAtA[iNdEx:]) @@ -1461,35 +1498,36 @@ var ( func init() { proto.RegisterFile("networking/v1alpha3/service_entry.proto", fileDescriptorServiceEntry) } var fileDescriptorServiceEntry = []byte{ - // 469 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x93, 0xcf, 0x6f, 0xd3, 0x30, - 0x14, 0xc7, 0xe7, 0x64, 0xcd, 0x9a, 0x37, 0x86, 0x82, 0xc5, 0x21, 0x44, 0xa8, 0x84, 0x5e, 0x88, - 0x84, 0x94, 0x8e, 0x4e, 0x48, 0xe3, 0xc7, 0x65, 0x40, 0x24, 0x26, 0x95, 0x00, 0x6e, 0x0f, 0x88, - 0xcb, 0xe4, 0xad, 0xd6, 0x66, 0x2d, 0x8a, 0xa3, 0xd8, 0xeb, 0xd4, 0x3f, 0x10, 0x89, 0x23, 0x7f, - 0x02, 0xea, 0x5f, 0xc1, 0x11, 0xd5, 0xb1, 0x9b, 0x1e, 0x06, 0x5b, 0x6f, 0x79, 0x2f, 0xef, 0xfb, - 0xf1, 0xf3, 0xf7, 0x3d, 0xc3, 0xb3, 0x92, 0xa9, 0x6b, 0x51, 0x5f, 0xf2, 0xf2, 0x7c, 0x30, 0x7b, - 0x41, 0x8b, 0xea, 0x82, 0x1e, 0x0c, 0x24, 0xab, 0x67, 0xfc, 0x8c, 0x9d, 0xb0, 0x52, 0xd5, 0xf3, - 0xb4, 0xaa, 0x85, 0x12, 0xf8, 0x11, 0x97, 0x8a, 0x8b, 0xb4, 0x2d, 0x4f, 0x6d, 0x79, 0xf4, 0xf4, - 0x26, 0xc6, 0x39, 0x55, 0xec, 0x9a, 0x1a, 0x75, 0xff, 0x87, 0x07, 0xf7, 0xc6, 0x0d, 0x35, 0x5b, - 0x42, 0xf1, 0x43, 0xe8, 0x5c, 0x08, 0xa9, 0x64, 0x88, 0x62, 0x37, 0xf1, 0x49, 0x13, 0xe0, 0xc7, - 0xe0, 0xd3, 0xe9, 0xb4, 0x66, 0x52, 0x32, 0x19, 0x3a, 0xfa, 0x4f, 0x9b, 0xc0, 0x2f, 0xa1, 0x53, - 0x89, 0x5a, 0xc9, 0xd0, 0x8d, 0xdd, 0x64, 0x77, 0xf8, 0x24, 0xfd, 0x67, 0x4b, 0xe9, 0x17, 0x51, - 0x2b, 0xd2, 0x54, 0xe3, 0x11, 0x74, 0x0b, 0x71, 0x46, 0x15, 0x17, 0x65, 0xb8, 0x1d, 0xa3, 0xe4, - 0xfe, 0x70, 0xff, 0x3f, 0xca, 0xf5, 0x2e, 0xd3, 0x91, 0xd1, 0x91, 0x15, 0x01, 0x13, 0x80, 0x9a, - 0x49, 0x51, 0x5c, 0x69, 0x5e, 0x47, 0xf3, 0x86, 0x77, 0xe5, 0x91, 0x95, 0x92, 0xac, 0x51, 0x70, - 0x0e, 0x3e, 0x2b, 0xa7, 0x95, 0xe0, 0xa5, 0x92, 0xa1, 0xa7, 0x2f, 0x77, 0xe7, 0x16, 0x33, 0x23, - 0x24, 0x2d, 0x22, 0xfa, 0xe3, 0x40, 0xd7, 0xe6, 0x71, 0x08, 0x3b, 0xc6, 0xc2, 0x10, 0xc5, 0x28, - 0xf1, 0x89, 0x0d, 0xf1, 0x57, 0xeb, 0xa7, 0xa3, 0x8f, 0x7c, 0xb3, 0xe9, 0x91, 0xda, 0x65, 0xa9, - 0x73, 0xd6, 0xeb, 0x09, 0x78, 0x05, 0x3d, 0x65, 0x85, 0x9d, 0xd1, 0xdb, 0x8d, 0x99, 0x23, 0x2d, - 0x6f, 0xa0, 0x86, 0xb5, 0xbc, 0x82, 0x01, 0xe8, 0x01, 0xfa, 0xc4, 0x86, 0x38, 0x6a, 0x66, 0x5b, - 0x70, 0x35, 0xd7, 0xb3, 0xf0, 0xc9, 0x2a, 0x8e, 0x0e, 0x01, 0xda, 0x06, 0x71, 0x00, 0xee, 0x25, - 0x9b, 0x1b, 0x0b, 0x96, 0x9f, 0xcb, 0x15, 0x9c, 0xd1, 0xe2, 0x8a, 0x85, 0x4e, 0x8c, 0x92, 0x3d, - 0xd2, 0x04, 0xaf, 0x9d, 0x43, 0x14, 0xbd, 0x82, 0xdd, 0xb5, 0x36, 0x6e, 0x93, 0xfa, 0x6b, 0xd2, - 0xfe, 0x3e, 0x74, 0xed, 0xd2, 0xe0, 0x07, 0xb0, 0xf7, 0x29, 0x1b, 0x7f, 0x3c, 0xc9, 0xbe, 0x4d, - 0x32, 0x92, 0x1f, 0x8d, 0x82, 0xad, 0x55, 0xea, 0x38, 0x37, 0x29, 0xd4, 0x7f, 0x0e, 0xd0, 0xae, - 0x05, 0xee, 0xc2, 0x76, 0xfe, 0x39, 0xcf, 0x82, 0x2d, 0x0c, 0xe0, 0x8d, 0x27, 0x47, 0x93, 0xe3, - 0xf7, 0x01, 0xc2, 0x3b, 0xe0, 0x7e, 0xc8, 0xc7, 0x81, 0xf3, 0x2e, 0xfd, 0xb9, 0xe8, 0xa1, 0x5f, - 0x8b, 0x1e, 0xfa, 0xbd, 0xe8, 0xa1, 0xef, 0x71, 0x63, 0x2e, 0x17, 0x03, 0x5a, 0xf1, 0xc1, 0x0d, - 0xaf, 0xf0, 0xd4, 0xd3, 0xcf, 0xef, 0xe0, 0x6f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x61, 0xa8, 0x99, - 0x48, 0xe7, 0x03, 0x00, 0x00, + // 481 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x93, 0xdf, 0x6e, 0xd3, 0x30, + 0x14, 0xc6, 0xe7, 0x66, 0xcd, 0x9a, 0x33, 0x86, 0x82, 0x85, 0x90, 0x89, 0x50, 0x09, 0xbd, 0x21, + 0x12, 0x52, 0x3a, 0x3a, 0x21, 0x8d, 0x3f, 0x37, 0x03, 0x22, 0x31, 0xa9, 0x04, 0x70, 0x7b, 0x81, + 0xb8, 0x99, 0xbc, 0xd5, 0x6a, 0xad, 0x45, 0x71, 0x14, 0x7b, 0xad, 0xfa, 0x16, 0x3c, 0x16, 0x97, + 0xbc, 0x00, 0x12, 0xea, 0x93, 0xa0, 0x3a, 0x4e, 0xd3, 0x8b, 0x01, 0xdb, 0x5d, 0xbe, 0x13, 0x7f, + 0x3f, 0x1f, 0x7f, 0xc7, 0x86, 0xa7, 0x39, 0xd7, 0x0b, 0x59, 0x5e, 0x8a, 0x7c, 0xda, 0x9f, 0x3f, + 0x67, 0x59, 0x31, 0x63, 0x47, 0x7d, 0xc5, 0xcb, 0xb9, 0xb8, 0xe0, 0x67, 0x3c, 0xd7, 0xe5, 0x32, + 0x2e, 0x4a, 0xa9, 0x25, 0x7e, 0x28, 0x94, 0x16, 0x32, 0x6e, 0x96, 0xc7, 0xf5, 0xf2, 0xe0, 0xc9, + 0x75, 0x8c, 0x29, 0xd3, 0x7c, 0xc1, 0xac, 0xbb, 0xf7, 0xcb, 0x85, 0x3b, 0xa3, 0x8a, 0x9a, 0xac, + 0xa1, 0xf8, 0x3e, 0xb4, 0x67, 0x52, 0x69, 0x45, 0x50, 0xe8, 0x44, 0x1e, 0xad, 0x04, 0x7e, 0x04, + 0x1e, 0x9b, 0x4c, 0x4a, 0xae, 0x14, 0x57, 0xa4, 0x65, 0xfe, 0x34, 0x05, 0xfc, 0x02, 0xda, 0x85, + 0x2c, 0xb5, 0x22, 0x4e, 0xe8, 0x44, 0xfb, 0x83, 0xc7, 0xf1, 0x5f, 0x5b, 0x8a, 0x3f, 0xcb, 0x52, + 0xd3, 0x6a, 0x35, 0x1e, 0x42, 0x27, 0x93, 0x17, 0x4c, 0x0b, 0x99, 0x93, 0xdd, 0x10, 0x45, 0x77, + 0x07, 0x87, 0xff, 0x70, 0x6e, 0x77, 0x19, 0x0f, 0xad, 0x8f, 0x6e, 0x08, 0x98, 0x02, 0x94, 0x5c, + 0xc9, 0xec, 0xca, 0xf0, 0xda, 0x86, 0x37, 0xb8, 0x29, 0x8f, 0x6e, 0x9c, 0x74, 0x8b, 0x82, 0x53, + 0xf0, 0x78, 0x3e, 0x29, 0xa4, 0xc8, 0xb5, 0x22, 0xae, 0x39, 0xdc, 0x8d, 0x5b, 0x4c, 0xac, 0x91, + 0x36, 0x88, 0xe0, 0xbb, 0x03, 0x9d, 0xba, 0x8e, 0x09, 0xec, 0xd9, 0x08, 0x09, 0x0a, 0x51, 0xe4, + 0xd1, 0x5a, 0xe2, 0x2f, 0x75, 0x9e, 0x2d, 0xb3, 0xe5, 0xeb, 0xdb, 0x6e, 0x69, 0x52, 0x56, 0xa6, + 0x56, 0x67, 0x3d, 0x06, 0x37, 0x63, 0xe7, 0x3c, 0xab, 0x67, 0xf4, 0xe6, 0xd6, 0xcc, 0xa1, 0xb1, + 0x57, 0x50, 0xcb, 0x5a, 0x1f, 0xc1, 0x02, 0xcc, 0x00, 0x3d, 0x5a, 0x4b, 0x1c, 0x54, 0xb3, 0xcd, + 0x84, 0x5e, 0x9a, 0x59, 0x78, 0x74, 0xa3, 0xf1, 0x03, 0x70, 0x17, 0x5c, 0x4c, 0x67, 0x9a, 0xb8, + 0x21, 0x8a, 0x0e, 0xa8, 0x55, 0xc1, 0x31, 0x40, 0xd3, 0x38, 0xf6, 0xc1, 0xb9, 0xe4, 0x4b, 0x1b, + 0xcd, 0xfa, 0x73, 0x7d, 0x35, 0xe7, 0x2c, 0xbb, 0xe2, 0xa4, 0x65, 0x6c, 0x95, 0x78, 0xd5, 0x3a, + 0x46, 0xc1, 0x4b, 0xd8, 0xdf, 0x6a, 0xef, 0x7f, 0x56, 0x6f, 0xcb, 0xda, 0x3b, 0x84, 0x4e, 0x7d, + 0x99, 0xf0, 0x3d, 0x38, 0xf8, 0x98, 0x8c, 0x3e, 0x9c, 0x25, 0x5f, 0xc7, 0x09, 0x4d, 0x4f, 0x86, + 0xfe, 0xce, 0xa6, 0x74, 0x9a, 0xda, 0x12, 0xea, 0x3d, 0x03, 0x68, 0xae, 0x0b, 0xee, 0xc0, 0x6e, + 0xfa, 0x29, 0x4d, 0xfc, 0x1d, 0x0c, 0xe0, 0x8e, 0xc6, 0x27, 0xe3, 0xd3, 0x77, 0x3e, 0xc2, 0x7b, + 0xe0, 0xbc, 0x4f, 0x47, 0x7e, 0xeb, 0x6d, 0xfc, 0x63, 0xd5, 0x45, 0x3f, 0x57, 0x5d, 0xf4, 0x7b, + 0xd5, 0x45, 0xdf, 0xc2, 0x2a, 0x74, 0x21, 0xfb, 0xac, 0x10, 0xfd, 0x6b, 0x5e, 0xe7, 0xb9, 0x6b, + 0x9e, 0xe5, 0xd1, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xe5, 0xb0, 0x1f, 0xc6, 0xff, 0x03, 0x00, + 0x00, } diff --git a/networking/v1alpha3/service_entry.proto b/networking/v1alpha3/service_entry.proto index 62ec661ad9..69bc993da0 100644 --- a/networking/v1alpha3/service_entry.proto +++ b/networking/v1alpha3/service_entry.proto @@ -288,7 +288,7 @@ message ServiceEntry { // REQUIRED. The hosts associated with the ServiceEntry. Could be a DNS // name with wildcard prefix (external services only). DNS names in hosts // will be ignored if the application accesses the service over non-HTTP - // protocols such as mongo/opaque TCP/even HTTPS. In such scenarios, the + // protocols such as mongo/opaque TCP/HTTPS. In such scenarios, the // IP addresses specified in the Addresses field or the port will be used // to uniquely identify the destination. repeated string hosts = 1; @@ -296,7 +296,7 @@ message ServiceEntry { // The virtual IP addresses associated with the service. Could be CIDR // prefix. For HTTP services, the addresses field will be ignored and // the destination will be identified based on the HTTP Host/Authority - // header. For non-HTTP protocols such as mongo/opaque TCP/even HTTPS, + // header. For non-HTTP protocols such as mongo/opaque TCP/HTTPS, // the hosts will be ignored. If one or more IP addresses are specified, // the incoming traffic will be identified as belonging to this service // if the destination IP matches the IP/CIDRs specified in the addresses @@ -419,6 +419,10 @@ message ServiceEntry { // (that bridges networks n1 and n2), or the IP associated with a // standard service endpoint. string locality = 5; + + // The load balancing weight associated with the endpoint. Endpoints + // with higher weights will receive proportionally higher traffic. + uint32 weight = 6; }; // One or more endpoints associated with the service. diff --git a/proto.lock b/proto.lock index 62cee6126c..17752c00c6 100644 --- a/proto.lock +++ b/proto.lock @@ -3152,6 +3152,11 @@ "id": 5, "name": "locality", "type": "string" + }, + { + "id": 6, + "name": "weight", + "type": "uint32" } ], "maps": [ diff --git a/python/istio_api/networking/v1alpha3/service_entry_pb2.py b/python/istio_api/networking/v1alpha3/service_entry_pb2.py index b5bbefa34c..09d81c603a 100644 --- a/python/istio_api/networking/v1alpha3/service_entry_pb2.py +++ b/python/istio_api/networking/v1alpha3/service_entry_pb2.py @@ -20,7 +20,7 @@ name='networking/v1alpha3/service_entry.proto', package='istio.networking.v1alpha3', syntax='proto3', - serialized_pb=_b('\n\'networking/v1alpha3/service_entry.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xc8\x05\n\x0cServiceEntry\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x11\n\taddresses\x18\x02 \x03(\t\x12.\n\x05ports\x18\x03 \x03(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x42\n\x08location\x18\x04 \x01(\x0e\x32\x30.istio.networking.v1alpha3.ServiceEntry.Location\x12\x46\n\nresolution\x18\x05 \x01(\x0e\x32\x32.istio.networking.v1alpha3.ServiceEntry.Resolution\x12\x43\n\tendpoints\x18\x06 \x03(\x0b\x32\x30.istio.networking.v1alpha3.ServiceEntry.Endpoint\x1a\xb5\x02\n\x08\x45ndpoint\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12J\n\x05ports\x18\x02 \x03(\x0b\x32;.istio.networking.v1alpha3.ServiceEntry.Endpoint.PortsEntry\x12L\n\x06labels\x18\x03 \x03(\x0b\x32<.istio.networking.v1alpha3.ServiceEntry.Endpoint.LabelsEntry\x12\x0f\n\x07network\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x1a,\n\nPortsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"0\n\x08Location\x12\x11\n\rMESH_EXTERNAL\x10\x00\x12\x11\n\rMESH_INTERNAL\x10\x01\"+\n\nResolution\x12\x08\n\x04NONE\x10\x00\x12\n\n\x06STATIC\x10\x01\x12\x07\n\x03\x44NS\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n\'networking/v1alpha3/service_entry.proto\x12\x19istio.networking.v1alpha3\x1a!networking/v1alpha3/gateway.proto\"\xd8\x05\n\x0cServiceEntry\x12\r\n\x05hosts\x18\x01 \x03(\t\x12\x11\n\taddresses\x18\x02 \x03(\t\x12.\n\x05ports\x18\x03 \x03(\x0b\x32\x1f.istio.networking.v1alpha3.Port\x12\x42\n\x08location\x18\x04 \x01(\x0e\x32\x30.istio.networking.v1alpha3.ServiceEntry.Location\x12\x46\n\nresolution\x18\x05 \x01(\x0e\x32\x32.istio.networking.v1alpha3.ServiceEntry.Resolution\x12\x43\n\tendpoints\x18\x06 \x03(\x0b\x32\x30.istio.networking.v1alpha3.ServiceEntry.Endpoint\x1a\xc5\x02\n\x08\x45ndpoint\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12J\n\x05ports\x18\x02 \x03(\x0b\x32;.istio.networking.v1alpha3.ServiceEntry.Endpoint.PortsEntry\x12L\n\x06labels\x18\x03 \x03(\x0b\x32<.istio.networking.v1alpha3.ServiceEntry.Endpoint.LabelsEntry\x12\x0f\n\x07network\x18\x04 \x01(\t\x12\x10\n\x08locality\x18\x05 \x01(\t\x12\x0e\n\x06weight\x18\x06 \x01(\r\x1a,\n\nPortsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"0\n\x08Location\x12\x11\n\rMESH_EXTERNAL\x10\x00\x12\x11\n\rMESH_INTERNAL\x10\x01\"+\n\nResolution\x12\x08\n\x04NONE\x10\x00\x12\n\n\x06STATIC\x10\x01\x12\x07\n\x03\x44NS\x10\x02\x42\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[networking_dot_v1alpha3_dot_gateway__pb2.DESCRIPTOR,]) @@ -43,8 +43,8 @@ ], containing_type=None, options=None, - serialized_start=725, - serialized_end=773, + serialized_start=741, + serialized_end=789, ) _sym_db.RegisterEnumDescriptor(_SERVICEENTRY_LOCATION) @@ -69,8 +69,8 @@ ], containing_type=None, options=None, - serialized_start=775, - serialized_end=818, + serialized_start=791, + serialized_end=834, ) _sym_db.RegisterEnumDescriptor(_SERVICEENTRY_RESOLUTION) @@ -108,8 +108,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=632, - serialized_end=676, + serialized_start=648, + serialized_end=692, ) _SERVICEENTRY_ENDPOINT_LABELSENTRY = _descriptor.Descriptor( @@ -145,8 +145,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=678, - serialized_end=723, + serialized_start=694, + serialized_end=739, ) _SERVICEENTRY_ENDPOINT = _descriptor.Descriptor( @@ -191,6 +191,13 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='weight', full_name='istio.networking.v1alpha3.ServiceEntry.Endpoint.weight', index=5, + number=6, type=13, cpp_type=3, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -204,7 +211,7 @@ oneofs=[ ], serialized_start=414, - serialized_end=723, + serialized_end=739, ) _SERVICEENTRY = _descriptor.Descriptor( @@ -271,7 +278,7 @@ oneofs=[ ], serialized_start=106, - serialized_end=818, + serialized_end=834, ) _SERVICEENTRY_ENDPOINT_PORTSENTRY.containing_type = _SERVICEENTRY_ENDPOINT From 4eeb69c9ebf4844d6a379f89abfb2869e2f04bde Mon Sep 17 00:00:00 2001 From: Michal Rostecki Date: Wed, 14 Nov 2018 17:17:04 +0100 Subject: [PATCH 02/16] bazel: Allow to distdir all dependencies (#702) To use --distdir option of Bazel (which allows to use previously fetched tarballs instead of downloading dependencies during build), all dependencies should use http instead of git and need to have sha256 sums specified. Signed-off-by: Michal Rostecki --- WORKSPACE | 14 ++++++++----- scripts/check-repositories | 40 ++++++++++++++++++++++++++++++++++++++ scripts/pre-commit | 3 +++ 3 files changed, 52 insertions(+), 5 deletions(-) create mode 100755 scripts/check-repositories diff --git a/WORKSPACE b/WORKSPACE index 03955cdaed..cd40256861 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -3,13 +3,17 @@ workspace(name = "io_istio_api") load("//:check_bazel_version.bzl", "check_version") check_version() -git_repository( +# Oct 12, 2017 (Add `build_external` option to `go_repository`) +RULES_GO_SHA = "9cf23e2aab101f86e4f51d8c5e0f14c012c2161c" +RULES_GO_SHA256 = "76133849005134eceba9080ee28cef03316fd29f64a0a8a3ae09cd8862531d15" + +load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") +http_archive( name = "io_bazel_rules_go", - commit = "9cf23e2aab101f86e4f51d8c5e0f14c012c2161c", # Oct 12, 2017 (Add `build_external` option to `go_repository`) - remote = "https://github.com/bazelbuild/rules_go.git", + strip_prefix = "rules_go-" + RULES_GO_SHA, + url = "https://github.com/bazelbuild/rules_go/archive/" + RULES_GO_SHA + ".tar.gz", + sha256 = RULES_GO_SHA256, ) load("//:api_dependencies.bzl", "mixer_api_dependencies") mixer_api_dependencies() - - diff --git a/scripts/check-repositories b/scripts/check-repositories new file mode 100755 index 0000000000..18da167752 --- /dev/null +++ b/scripts/check-repositories @@ -0,0 +1,40 @@ +#!/bin/bash +# +# Copyright 2018 Istio Authors. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +set -eu + +# Check whether any git repositories are defined. +# Git repository definition contains `commit` and `remote` fields. +if git --no-pager grep -E "commit =|remote =" -- 'WORKSPACE' '*.bzl'; then + echo "Using git repositories is not allowed." + echo "To ensure that all dependencies can be stored offline in distdir, only HTTP repositories are allowed." + exit 1 +fi + +# Check whether number of defined `url =` and `sha256 =` kwargs in repository +# definitions is equal. +urls_count=$(git --no-pager grep -E "url =" -- 'WORKSPACE' '*.bzl' | wc -l) +sha256sums_count=$(git --no-pager grep -E "sha256 =" -- 'WORKSPACE' '*.bzl' | wc -l) + +if [[ $urls_count != $sha256sums_count ]]; then + echo "Found more defined repository URLs than SHA256 sums, which means that there are some repositories without sums." + echo "Dependencies without SHA256 sums cannot be stored in distdir." + echo "Please ensure that every repository has a SHA256 sum." + echo "Repositories are defined in the WORKSPACE file." + exit 1 +fi diff --git a/scripts/pre-commit b/scripts/pre-commit index 7a9d2a96da..065fb6e564 100755 --- a/scripts/pre-commit +++ b/scripts/pre-commit @@ -38,4 +38,7 @@ if [ $BRANCH_NAME != '(no branch)' ]; then echo "Checking lint" make lint + + echo "Checking repositories definitions" + scripts/check-repositories fi From 62032e035e4815144b8eac7a1137b13308c7e66b Mon Sep 17 00:00:00 2001 From: Gregory Hanson Date: Mon, 19 Nov 2018 17:58:01 -0600 Subject: [PATCH 03/16] add access log encoding (#710) --- mesh/v1alpha1/config.pb.go | 200 ++++++++++++------- mesh/v1alpha1/config.proto | 15 +- mesh/v1alpha1/istio.mesh.v1alpha1.pb.html | 36 +++- proto.lock | 18 ++ python/istio_api/mesh/v1alpha1/config_pb2.py | 74 +++++-- 5 files changed, 250 insertions(+), 93 deletions(-) diff --git a/mesh/v1alpha1/config.pb.go b/mesh/v1alpha1/config.pb.go index 98218b7feb..2e3ffac974 100644 --- a/mesh/v1alpha1/config.pb.go +++ b/mesh/v1alpha1/config.pb.go @@ -99,6 +99,29 @@ func (MeshConfig_AuthPolicy) EnumDescriptor() ([]byte, []int) { return fileDescriptorConfig, []int{0, 1} } +type MeshConfig_AccessLogEncoding int32 + +const ( + MeshConfig_TEXT MeshConfig_AccessLogEncoding = 0 + MeshConfig_JSON MeshConfig_AccessLogEncoding = 1 +) + +var MeshConfig_AccessLogEncoding_name = map[int32]string{ + 0: "TEXT", + 1: "JSON", +} +var MeshConfig_AccessLogEncoding_value = map[string]int32{ + "TEXT": 0, + "JSON": 1, +} + +func (x MeshConfig_AccessLogEncoding) String() string { + return proto.EnumName(MeshConfig_AccessLogEncoding_name, int32(x)) +} +func (MeshConfig_AccessLogEncoding) EnumDescriptor() ([]byte, []int) { + return fileDescriptorConfig, []int{0, 2} +} + type MeshConfig_OutboundTrafficPolicy_Mode int32 const ( @@ -183,9 +206,12 @@ type MeshConfig struct { // File address for the proxy access log (e.g. /dev/stdout). // Empty value disables access logging. AccessLogFile string `protobuf:"bytes,13,opt,name=access_log_file,json=accessLogFile,proto3" json:"access_log_file,omitempty"` - // Format for the proxy access log (text or json). - // Default value is text. + // Format for the proxy access log + // Empty value results in proxy's default access log format AccessLogFormat string `protobuf:"bytes,24,opt,name=access_log_format,json=accessLogFormat,proto3" json:"access_log_format,omitempty"` + // Encoding for the proxy access log (text or json). + // Default value is text. + AccessLogEncoding MeshConfig_AccessLogEncoding `protobuf:"varint,27,opt,name=access_log_encoding,json=accessLogEncoding,proto3,enum=istio.mesh.v1alpha1.MeshConfig_AccessLogEncoding" json:"access_log_encoding,omitempty"` // Default proxy config used by the proxy injection mechanism operating in the mesh // (e.g. Kubernetes admission controller) // In case of Kubernetes, the proxy config is applied once during the injection process, @@ -334,6 +360,13 @@ func (m *MeshConfig) GetAccessLogFormat() string { return "" } +func (m *MeshConfig) GetAccessLogEncoding() MeshConfig_AccessLogEncoding { + if m != nil { + return m.AccessLogEncoding + } + return MeshConfig_TEXT +} + func (m *MeshConfig) GetDefaultConfig() *ProxyConfig { if m != nil { return m.DefaultConfig @@ -454,6 +487,7 @@ func init() { proto.RegisterType((*ConfigSource)(nil), "istio.mesh.v1alpha1.ConfigSource") proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_IngressControllerMode", MeshConfig_IngressControllerMode_name, MeshConfig_IngressControllerMode_value) proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_AuthPolicy", MeshConfig_AuthPolicy_name, MeshConfig_AuthPolicy_value) + proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_AccessLogEncoding", MeshConfig_AccessLogEncoding_name, MeshConfig_AccessLogEncoding_value) proto.RegisterEnum("istio.mesh.v1alpha1.MeshConfig_OutboundTrafficPolicy_Mode", MeshConfig_OutboundTrafficPolicy_Mode_name, MeshConfig_OutboundTrafficPolicy_Mode_value) } func (m *MeshConfig) Marshal() (dAtA []byte, err error) { @@ -677,6 +711,13 @@ func (m *MeshConfig) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintConfig(dAtA, i, uint64(len(m.TrustDomain))) i += copy(dAtA[i:], m.TrustDomain) } + if m.AccessLogEncoding != 0 { + dAtA[i] = 0xd8 + i++ + dAtA[i] = 0x1 + i++ + i = encodeVarintConfig(dAtA, i, uint64(m.AccessLogEncoding)) + } return i, nil } @@ -838,6 +879,9 @@ func (m *MeshConfig) Size() (n int) { if l > 0 { n += 2 + l + sovConfig(uint64(l)) } + if m.AccessLogEncoding != 0 { + n += 2 + sovConfig(uint64(m.AccessLogEncoding)) + } return n } @@ -1539,6 +1583,25 @@ func (m *MeshConfig) Unmarshal(dAtA []byte) error { } m.TrustDomain = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 27: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field AccessLogEncoding", wireType) + } + m.AccessLogEncoding = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowConfig + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.AccessLogEncoding |= (MeshConfig_AccessLogEncoding(b) & 0x7F) << shift + if b < 0x80 { + break + } + } default: iNdEx = preIndex skippy, err := skipConfig(dAtA[iNdEx:]) @@ -1849,69 +1912,72 @@ var ( func init() { proto.RegisterFile("mesh/v1alpha1/config.proto", fileDescriptorConfig) } var fileDescriptorConfig = []byte{ - // 1022 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x55, 0xdd, 0x4e, 0x23, 0x47, - 0x13, 0xdd, 0x01, 0x2f, 0x98, 0xf2, 0xdf, 0xd0, 0xac, 0x97, 0xc6, 0xdf, 0x27, 0xe2, 0x25, 0x0a, - 0x6b, 0xa1, 0x68, 0xac, 0x05, 0xe5, 0x22, 0xb9, 0x33, 0x06, 0x76, 0xbd, 0x32, 0x18, 0x8d, 0xcd, - 0x46, 0xe4, 0xa6, 0x35, 0xcc, 0xb4, 0xed, 0x16, 0xe3, 0xe9, 0xc9, 0x74, 0xcf, 0x66, 0x79, 0xa1, - 0xbc, 0x44, 0x5e, 0x20, 0x97, 0x79, 0x84, 0x88, 0x27, 0x89, 0xa6, 0x7a, 0x0c, 0x26, 0xb1, 0x44, - 0x94, 0xcb, 0x3e, 0x75, 0xaa, 0xaa, 0xeb, 0x54, 0x55, 0x37, 0x34, 0x66, 0x5c, 0x4d, 0xdb, 0x9f, - 0xdf, 0x79, 0x61, 0x3c, 0xf5, 0xde, 0xb5, 0x7d, 0x19, 0x8d, 0xc5, 0xc4, 0x89, 0x13, 0xa9, 0x25, - 0xd9, 0x12, 0x4a, 0x0b, 0xe9, 0x64, 0x0c, 0x67, 0xce, 0x68, 0xec, 0x4e, 0xa4, 0x9c, 0x84, 0xbc, - 0x8d, 0x94, 0x9b, 0x74, 0xdc, 0x0e, 0xd2, 0xc4, 0xd3, 0x42, 0x46, 0xc6, 0xa9, 0xb1, 0xf3, 0x34, - 0x60, 0x9c, 0xc8, 0x2f, 0x77, 0xb9, 0xe9, 0x20, 0xe2, 0xfa, 0x17, 0x99, 0xdc, 0x8a, 0x68, 0x32, - 0x27, 0x1c, 0xb5, 0x03, 0xae, 0xb4, 0x88, 0x30, 0x02, 0x4b, 0xd2, 0x90, 0x1b, 0xee, 0xde, 0xaf, - 0x15, 0x80, 0x73, 0xae, 0xa6, 0x5d, 0xbc, 0x10, 0xf9, 0x16, 0xc8, 0x4c, 0x7c, 0xe1, 0x09, 0xf3, - 0xa7, 0xdc, 0xbf, 0x65, 0x8a, 0x27, 0x9f, 0x79, 0x42, 0xad, 0xa6, 0xd5, 0xda, 0x70, 0x6d, 0xb4, - 0x74, 0x33, 0xc3, 0x10, 0x71, 0xe2, 0xc0, 0x96, 0x61, 0x27, 0x3c, 0x96, 0x89, 0x9e, 0xd3, 0x57, - 0x90, 0xbe, 0x89, 0x26, 0x17, 0x2d, 0x39, 0xff, 0x10, 0xea, 0x81, 0x50, 0xde, 0x4d, 0xc8, 0x59, - 0x2c, 0x43, 0xe1, 0xdf, 0x99, 0x34, 0x8a, 0xae, 0x36, 0xad, 0x56, 0xd1, 0xdd, 0xca, 0x8d, 0x97, - 0x68, 0xc3, 0x44, 0x8a, 0x1c, 0xc0, 0x26, 0xd6, 0xc6, 0x42, 0xa1, 0x34, 0x8f, 0x58, 0x16, 0x8e, - 0x16, 0x9a, 0x56, 0xeb, 0xa5, 0x5b, 0x43, 0x43, 0x1f, 0xf1, 0x4b, 0x99, 0x68, 0xb2, 0x0f, 0x06, - 0x62, 0x53, 0xad, 0x63, 0xc3, 0x7c, 0x89, 0xcc, 0x0a, 0xc2, 0x1f, 0xb4, 0x8e, 0x91, 0x77, 0x0c, - 0x35, 0x5f, 0x46, 0x11, 0xf7, 0x35, 0xd3, 0x62, 0xc6, 0x65, 0xaa, 0xe9, 0x5a, 0xd3, 0x6a, 0x95, - 0x0e, 0x77, 0x1c, 0xa3, 0xba, 0x33, 0x57, 0xdd, 0x39, 0xc9, 0x55, 0x77, 0xab, 0xb9, 0xc7, 0xc8, - 0x38, 0x90, 0xaf, 0xa1, 0x22, 0xa2, 0x49, 0xc2, 0x95, 0x62, 0x7e, 0xe8, 0x29, 0x45, 0xd7, 0xb1, - 0xea, 0x72, 0x0e, 0x76, 0x33, 0x8c, 0xbc, 0x85, 0xda, 0x9c, 0x94, 0x69, 0x23, 0x7c, 0x4e, 0x8b, - 0x48, 0xab, 0xe6, 0xf0, 0xd0, 0xa0, 0x64, 0x06, 0xdb, 0x0f, 0xd1, 0x64, 0xa4, 0x13, 0x19, 0x86, - 0x3c, 0x61, 0x33, 0x19, 0x70, 0xba, 0xd1, 0xb4, 0x5a, 0xd5, 0xc3, 0xef, 0x9c, 0x25, 0x43, 0xe2, - 0x3c, 0x76, 0xce, 0xe9, 0xe5, 0x79, 0x1f, 0xbc, 0xcf, 0x65, 0xc0, 0xdd, 0xba, 0x58, 0x06, 0x93, - 0x01, 0x94, 0xbc, 0x54, 0x4f, 0xf3, 0x2e, 0x50, 0xc0, 0x14, 0x07, 0xcf, 0xa5, 0xe8, 0xa4, 0x7a, - 0x6a, 0x7a, 0x73, 0xbc, 0x42, 0x2d, 0x17, 0xbc, 0x87, 0x33, 0xe9, 0xc1, 0x66, 0x12, 0x28, 0x96, - 0xf0, 0x71, 0xc2, 0xd5, 0x94, 0x05, 0x3c, 0xf4, 0xee, 0x68, 0xe9, 0x19, 0x4d, 0x31, 0x4a, 0x2d, - 0x09, 0x94, 0x6b, 0xdc, 0x4e, 0x32, 0x2f, 0xf2, 0x0d, 0x54, 0x79, 0x84, 0x33, 0xa2, 0x13, 0xcf, - 0x17, 0xd1, 0x84, 0x96, 0x71, 0x3a, 0x2a, 0x06, 0x1d, 0x19, 0x30, 0xeb, 0xb5, 0xe7, 0xfb, 0x99, - 0x60, 0xa1, 0x9c, 0xb0, 0xb1, 0x08, 0x39, 0xad, 0xa0, 0xb4, 0x15, 0x03, 0xf7, 0xe5, 0xe4, 0x4c, - 0x84, 0x9c, 0xbc, 0x87, 0x6a, 0xc0, 0xc7, 0x5e, 0x1a, 0x6a, 0x66, 0x96, 0x8e, 0x56, 0xf1, 0x5a, - 0xcd, 0xa5, 0xd5, 0x5e, 0x66, 0x73, 0x62, 0xca, 0x75, 0x2b, 0xb9, 0x5f, 0xbe, 0x1a, 0x6f, 0xa1, - 0x62, 0x86, 0xdd, 0x0b, 0x82, 0x4c, 0x52, 0x6a, 0x67, 0xe9, 0xb0, 0x86, 0x32, 0x1a, 0x3a, 0x06, - 0x27, 0x3f, 0xc3, 0xb6, 0x4c, 0xf5, 0x8d, 0x4c, 0xa3, 0x20, 0x2b, 0x61, 0x3c, 0x16, 0xfe, 0x5c, - 0xe8, 0x4d, 0x4c, 0xfd, 0x6c, 0x2f, 0x07, 0xb9, 0xfb, 0xc8, 0x78, 0x2f, 0x68, 0x5e, 0x97, 0xcb, - 0x4c, 0xe4, 0x04, 0xbe, 0xca, 0x35, 0xf3, 0x43, 0xc1, 0x23, 0xcd, 0x94, 0x08, 0x9e, 0xee, 0x18, - 0xdd, 0x42, 0x11, 0xff, 0x67, 0x68, 0x5d, 0x64, 0x0d, 0x45, 0xb0, 0xb8, 0x6b, 0xa4, 0x09, 0x65, - 0x15, 0x28, 0x96, 0x06, 0x8a, 0xc5, 0x9e, 0x9e, 0xd2, 0x57, 0xa8, 0x27, 0xa8, 0x40, 0x5d, 0x05, - 0xea, 0xd2, 0xd3, 0xd3, 0xac, 0xcd, 0xea, 0x1f, 0x6d, 0xae, 0xff, 0xab, 0x36, 0xab, 0xbf, 0xb5, - 0xf9, 0x03, 0x54, 0x4d, 0x3f, 0x98, 0x92, 0x69, 0xe2, 0x73, 0x45, 0x5f, 0x37, 0x57, 0x5b, 0xa5, - 0xc3, 0x37, 0x4b, 0xc5, 0x31, 0xc2, 0x0c, 0x91, 0xe9, 0x56, 0xfc, 0x85, 0x93, 0x22, 0x47, 0xf0, - 0x3a, 0x2f, 0x3e, 0xbb, 0x9b, 0x96, 0xb7, 0x3c, 0x62, 0x33, 0x99, 0x46, 0x9a, 0x6e, 0x9b, 0x67, - 0xc5, 0x58, 0x87, 0x81, 0x1a, 0x65, 0xb6, 0xf3, 0xcc, 0x94, 0x3d, 0x2b, 0x8b, 0xe3, 0x23, 0x93, - 0x99, 0xa7, 0x29, 0xc5, 0x82, 0x6b, 0x8f, 0x03, 0x84, 0x70, 0x96, 0x60, 0x51, 0x4a, 0x36, 0xf6, - 0x44, 0xc8, 0x64, 0xcc, 0x23, 0xba, 0x63, 0x12, 0xc4, 0x8f, 0x22, 0x9e, 0x79, 0x22, 0x1c, 0xc4, - 0x3c, 0x22, 0x6f, 0xa0, 0xac, 0x93, 0x54, 0x69, 0x16, 0xc8, 0x99, 0x27, 0x22, 0xda, 0xc0, 0xd8, - 0x25, 0xc4, 0x4e, 0x10, 0x6a, 0xfc, 0x66, 0x41, 0x7d, 0x69, 0xab, 0x89, 0x0b, 0x05, 0xdc, 0x7d, - 0x0b, 0x17, 0xf3, 0x87, 0xff, 0x34, 0x2f, 0x4e, 0xb6, 0xe9, 0xa8, 0x3d, 0xc6, 0xda, 0xbb, 0x80, - 0x02, 0xee, 0x7e, 0x1d, 0x2a, 0xee, 0xe9, 0xfb, 0xde, 0x70, 0xe4, 0x5e, 0xb3, 0xc1, 0x45, 0xff, - 0xda, 0x7e, 0xd1, 0x58, 0x29, 0x5a, 0x64, 0x13, 0x36, 0x3a, 0xfd, 0xfe, 0xe0, 0x47, 0xd6, 0xb9, - 0xb8, 0xb6, 0x2d, 0x84, 0xfe, 0x0f, 0xaf, 0x3e, 0xf5, 0xdc, 0xd1, 0x55, 0xa7, 0xcf, 0x86, 0xa7, - 0xee, 0xa7, 0x5e, 0xf7, 0xd4, 0x38, 0xac, 0x64, 0xd6, 0xbd, 0xef, 0xa1, 0xbe, 0xf4, 0xcd, 0x21, - 0xeb, 0xb0, 0x3a, 0x38, 0x3b, 0xb3, 0x5f, 0x90, 0x12, 0xac, 0x9f, 0x9c, 0x9e, 0x75, 0xae, 0xfa, - 0x23, 0xdb, 0x22, 0x00, 0x6b, 0xc3, 0x91, 0xdb, 0xeb, 0x8e, 0xec, 0x95, 0xbd, 0x7d, 0x80, 0xc7, - 0xb7, 0x84, 0x14, 0xa1, 0x70, 0x31, 0xb8, 0x38, 0xb5, 0x5f, 0x90, 0x2a, 0xc0, 0xf9, 0x15, 0xe6, - 0x1b, 0xf5, 0x87, 0xb6, 0xf5, 0xb1, 0x50, 0xac, 0xd9, 0xf6, 0xc7, 0x42, 0x91, 0xd8, 0x5b, 0x7b, - 0x0a, 0xca, 0x8b, 0x43, 0x40, 0x28, 0xac, 0xcf, 0x17, 0xd1, 0x7c, 0x4f, 0xf3, 0x23, 0xe9, 0x41, - 0x59, 0x87, 0xd9, 0x83, 0xab, 0xb5, 0x88, 0x26, 0x0a, 0xbf, 0xa3, 0xd2, 0xe1, 0x7e, 0x2e, 0xe2, - 0xe3, 0xdf, 0x38, 0x97, 0xf2, 0xc8, 0x19, 0xf5, 0x87, 0xc3, 0x9c, 0xed, 0x96, 0x74, 0xa8, 0xe6, - 0x87, 0xe3, 0xd6, 0xef, 0xf7, 0xbb, 0xd6, 0x1f, 0xf7, 0xbb, 0xd6, 0x9f, 0xf7, 0xbb, 0xd6, 0x4f, - 0x0d, 0x13, 0x41, 0xc8, 0xb6, 0x17, 0x8b, 0xf6, 0x93, 0xff, 0xf7, 0x66, 0x0d, 0xc7, 0xfe, 0xe8, - 0xaf, 0x00, 0x00, 0x00, 0xff, 0xff, 0xc5, 0x33, 0xb9, 0xa7, 0xe8, 0x07, 0x00, 0x00, + // 1071 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdf, 0x4e, 0xe3, 0xc6, + 0x17, 0xc6, 0x90, 0x85, 0x30, 0xf9, 0xe7, 0x4c, 0x36, 0xcb, 0x90, 0xfd, 0x89, 0x5f, 0x36, 0x55, + 0x21, 0x42, 0x95, 0x23, 0x40, 0xbd, 0x68, 0xef, 0x42, 0x08, 0xbb, 0x41, 0x21, 0x41, 0xb6, 0xd9, + 0x96, 0xde, 0x8c, 0x8c, 0x3d, 0x49, 0x46, 0x38, 0x1e, 0xd7, 0x33, 0xde, 0x2e, 0xaf, 0xd5, 0xdb, + 0xbe, 0x40, 0x2f, 0xfb, 0x08, 0x15, 0x4f, 0x52, 0xcd, 0x8c, 0x03, 0x61, 0x37, 0x12, 0x55, 0xef, + 0xe2, 0xef, 0x7c, 0xe7, 0x9c, 0x39, 0xdf, 0x39, 0x73, 0x26, 0xa0, 0x31, 0x27, 0x7c, 0xd6, 0xf9, + 0x74, 0xe4, 0x85, 0xf1, 0xcc, 0x3b, 0xea, 0xf8, 0x2c, 0x9a, 0xd0, 0xa9, 0x15, 0x27, 0x4c, 0x30, + 0x58, 0xa3, 0x5c, 0x50, 0x66, 0x49, 0x86, 0xb5, 0x60, 0x34, 0xf6, 0xa6, 0x8c, 0x4d, 0x43, 0xd2, + 0x51, 0x94, 0xdb, 0x74, 0xd2, 0x09, 0xd2, 0xc4, 0x13, 0x94, 0x45, 0xda, 0xa9, 0xb1, 0xfb, 0x3c, + 0x60, 0x9c, 0xb0, 0xcf, 0xf7, 0x99, 0xe9, 0x30, 0x22, 0xe2, 0x37, 0x96, 0xdc, 0xd1, 0x68, 0xba, + 0x20, 0x9c, 0x74, 0x02, 0xc2, 0x05, 0x8d, 0x54, 0x04, 0x9c, 0xa4, 0x21, 0xd1, 0xdc, 0xd6, 0xef, + 0x65, 0x00, 0x2e, 0x09, 0x9f, 0xf5, 0xd4, 0x81, 0xe0, 0x77, 0x00, 0xce, 0xe9, 0x67, 0x92, 0x60, + 0x7f, 0x46, 0xfc, 0x3b, 0xcc, 0x49, 0xf2, 0x89, 0x24, 0xc8, 0x68, 0x1a, 0xed, 0x6d, 0xdb, 0x54, + 0x96, 0x9e, 0x34, 0x38, 0x0a, 0x87, 0x16, 0xa8, 0x69, 0x76, 0x42, 0x62, 0x96, 0x88, 0x05, 0x7d, + 0x5d, 0xd1, 0xab, 0xca, 0x64, 0x2b, 0x4b, 0xc6, 0x3f, 0x06, 0xf5, 0x80, 0x72, 0xef, 0x36, 0x24, + 0x38, 0x66, 0x21, 0xf5, 0xef, 0x75, 0x1a, 0x8e, 0x36, 0x9a, 0x46, 0x3b, 0x6f, 0xd7, 0x32, 0xe3, + 0x95, 0xb2, 0xa9, 0x44, 0x1c, 0x1e, 0x82, 0xaa, 0xaa, 0x0d, 0x87, 0x94, 0x0b, 0x12, 0x61, 0x19, + 0x0e, 0xe5, 0x9a, 0x46, 0xfb, 0x95, 0x5d, 0x51, 0x86, 0xa1, 0xc2, 0xaf, 0x58, 0x22, 0xe0, 0x3e, + 0xd0, 0x10, 0x9e, 0x09, 0x11, 0x6b, 0xe6, 0x2b, 0xc5, 0x2c, 0x29, 0xf8, 0x83, 0x10, 0xb1, 0xe2, + 0x9d, 0x82, 0x8a, 0xcf, 0xa2, 0x88, 0xf8, 0x02, 0x0b, 0x3a, 0x27, 0x2c, 0x15, 0x68, 0xb3, 0x69, + 0xb4, 0x0b, 0xc7, 0xbb, 0x96, 0x56, 0xdd, 0x5a, 0xa8, 0x6e, 0x9d, 0x65, 0xaa, 0xdb, 0xe5, 0xcc, + 0xc3, 0xd5, 0x0e, 0xf0, 0x1b, 0x50, 0xa2, 0xd1, 0x34, 0x21, 0x9c, 0x63, 0x3f, 0xf4, 0x38, 0x47, + 0x5b, 0xaa, 0xea, 0x62, 0x06, 0xf6, 0x24, 0x06, 0x0f, 0x40, 0x65, 0x41, 0x92, 0xda, 0x50, 0x9f, + 0xa0, 0xbc, 0xa2, 0x95, 0x33, 0xd8, 0xd1, 0x28, 0x9c, 0x83, 0x9d, 0xc7, 0x68, 0x2c, 0x12, 0x09, + 0x0b, 0x43, 0x92, 0xe0, 0x39, 0x0b, 0x08, 0xda, 0x6e, 0x1a, 0xed, 0xf2, 0xf1, 0xf7, 0xd6, 0x8a, + 0x21, 0xb1, 0x9e, 0x3a, 0x67, 0x0d, 0xb2, 0xbc, 0x8f, 0xde, 0x97, 0x2c, 0x20, 0x76, 0x9d, 0xae, + 0x82, 0xe1, 0x18, 0x14, 0xbc, 0x54, 0xcc, 0xb2, 0x2e, 0x20, 0xa0, 0x52, 0x1c, 0xbe, 0x94, 0xa2, + 0x9b, 0x8a, 0x99, 0xee, 0xcd, 0xe9, 0x3a, 0x32, 0x6c, 0xe0, 0x3d, 0x7e, 0xc3, 0x01, 0xa8, 0x26, + 0x01, 0xc7, 0x09, 0x99, 0x24, 0x84, 0xcf, 0x70, 0x40, 0x42, 0xef, 0x1e, 0x15, 0x5e, 0xd0, 0x54, + 0x45, 0xa9, 0x24, 0x01, 0xb7, 0xb5, 0xdb, 0x99, 0xf4, 0x82, 0xdf, 0x82, 0x32, 0x89, 0xd4, 0x8c, + 0x88, 0xc4, 0xf3, 0x69, 0x34, 0x45, 0x45, 0x35, 0x1d, 0x25, 0x8d, 0xba, 0x1a, 0x94, 0xbd, 0xf6, + 0x7c, 0x5f, 0x0a, 0x16, 0xb2, 0x29, 0x9e, 0xd0, 0x90, 0xa0, 0x92, 0x92, 0xb6, 0xa4, 0xe1, 0x21, + 0x9b, 0x9e, 0xd3, 0x90, 0xc0, 0xf7, 0xa0, 0x1c, 0x90, 0x89, 0x97, 0x86, 0x02, 0xeb, 0x4b, 0x87, + 0xca, 0xea, 0x58, 0xcd, 0x95, 0xd5, 0x5e, 0xc9, 0x39, 0xd1, 0xe5, 0xda, 0xa5, 0xcc, 0x2f, 0xbb, + 0x1a, 0x07, 0xa0, 0xa4, 0x87, 0xdd, 0x0b, 0x02, 0x29, 0x29, 0x32, 0x65, 0x3a, 0x55, 0x43, 0x51, + 0x19, 0xba, 0x1a, 0x87, 0xbf, 0x82, 0x1d, 0x96, 0x8a, 0x5b, 0x96, 0x46, 0x81, 0x2c, 0x61, 0x32, + 0xa1, 0xfe, 0x42, 0xe8, 0xaa, 0x4a, 0xfd, 0x62, 0x2f, 0xc7, 0x99, 0xbb, 0xab, 0xbd, 0x97, 0x34, + 0xaf, 0xb3, 0x55, 0x26, 0x78, 0x06, 0xfe, 0x9f, 0x69, 0xe6, 0x87, 0x94, 0x44, 0x02, 0x73, 0x1a, + 0x3c, 0xbf, 0x63, 0xa8, 0xa6, 0x44, 0x7c, 0xab, 0x69, 0x3d, 0xc5, 0x72, 0x68, 0xb0, 0x7c, 0xd7, + 0x60, 0x13, 0x14, 0x79, 0xc0, 0x71, 0x1a, 0x70, 0x1c, 0x7b, 0x62, 0x86, 0x5e, 0x2b, 0x3d, 0x01, + 0x0f, 0xf8, 0x75, 0xc0, 0xaf, 0x3c, 0x31, 0x93, 0x6d, 0xe6, 0x5f, 0xb5, 0xb9, 0xfe, 0xaf, 0xda, + 0xcc, 0xbf, 0x68, 0xf3, 0x07, 0x50, 0xd6, 0xfd, 0xc0, 0x9c, 0xa5, 0x89, 0x4f, 0x38, 0x7a, 0xd3, + 0xdc, 0x68, 0x17, 0x8e, 0xdf, 0xad, 0x14, 0x47, 0x0b, 0xe3, 0x28, 0xa6, 0x5d, 0xf2, 0x97, 0xbe, + 0x38, 0x3c, 0x01, 0x6f, 0xb2, 0xe2, 0xe5, 0xd9, 0x04, 0xbb, 0x23, 0x11, 0x9e, 0xb3, 0x34, 0x12, + 0x68, 0x47, 0xaf, 0x15, 0x6d, 0x75, 0x02, 0xee, 0x4a, 0xdb, 0xa5, 0x34, 0xc9, 0xb5, 0xb2, 0x3c, + 0x3e, 0x2c, 0x99, 0x7b, 0x02, 0x21, 0x55, 0x70, 0xe5, 0x69, 0x80, 0x14, 0x2c, 0x13, 0x2c, 0x4b, + 0x89, 0x27, 0x1e, 0x0d, 0x31, 0x8b, 0x49, 0x84, 0x76, 0x75, 0x82, 0xf8, 0x49, 0xc4, 0x73, 0x8f, + 0x86, 0xe3, 0x98, 0x44, 0xf0, 0x1d, 0x28, 0x8a, 0x24, 0xe5, 0x02, 0x07, 0x6c, 0xee, 0xd1, 0x08, + 0x35, 0x54, 0xec, 0x82, 0xc2, 0xce, 0x14, 0x04, 0x3d, 0x50, 0x5b, 0x3a, 0x03, 0x89, 0x7c, 0x16, + 0xc8, 0x71, 0x7f, 0xab, 0x6e, 0xe3, 0xd1, 0x8b, 0xb7, 0x71, 0x71, 0xca, 0x7e, 0xe6, 0x68, 0x57, + 0xbd, 0x2f, 0xa1, 0xc6, 0x1f, 0x06, 0xa8, 0xaf, 0x9c, 0x26, 0x68, 0x83, 0x9c, 0x5a, 0x2f, 0x86, + 0xca, 0xf6, 0xe3, 0x7f, 0x1a, 0x49, 0x4b, 0x2e, 0x13, 0xd5, 0x5e, 0x15, 0xab, 0x35, 0x02, 0x39, + 0xb5, 0x5e, 0xea, 0xa0, 0x64, 0xf7, 0xdf, 0x0f, 0x1c, 0xd7, 0xbe, 0xc1, 0xe3, 0xd1, 0xf0, 0xc6, + 0x5c, 0x6b, 0xac, 0xe7, 0x0d, 0x58, 0x05, 0xdb, 0xdd, 0xe1, 0x70, 0xfc, 0x13, 0xee, 0x8e, 0x6e, + 0x4c, 0x43, 0x41, 0xff, 0x03, 0xaf, 0x3f, 0x0e, 0x6c, 0xf7, 0xba, 0x3b, 0xc4, 0x4e, 0xdf, 0xfe, + 0x38, 0xe8, 0xf5, 0xb5, 0xc3, 0xba, 0xb4, 0xb6, 0x7e, 0x00, 0xf5, 0x95, 0x6b, 0x0d, 0x6e, 0x81, + 0x8d, 0xf1, 0xf9, 0xb9, 0xb9, 0x06, 0x0b, 0x60, 0xeb, 0xac, 0x7f, 0xde, 0xbd, 0x1e, 0xba, 0xa6, + 0x01, 0x01, 0xd8, 0x74, 0x5c, 0x7b, 0xd0, 0x73, 0xcd, 0xf5, 0xd6, 0x3e, 0x00, 0x4f, 0xeb, 0x0a, + 0xe6, 0x41, 0x6e, 0x34, 0x1e, 0xf5, 0xcd, 0x35, 0x28, 0x9f, 0xbb, 0x6b, 0x95, 0xcf, 0x1d, 0x3a, + 0xa6, 0xd1, 0x3a, 0x00, 0xd5, 0xaf, 0x84, 0x94, 0x74, 0xb7, 0xff, 0xb3, 0x6b, 0xae, 0xc9, 0x5f, + 0x17, 0xce, 0x78, 0x64, 0x1a, 0x17, 0xb9, 0x7c, 0xc5, 0x34, 0x2f, 0x72, 0x79, 0x68, 0xd6, 0x5a, + 0x1c, 0x14, 0x97, 0x07, 0x12, 0x22, 0xb0, 0xb5, 0x58, 0x0a, 0xfa, 0xa9, 0x5c, 0x7c, 0xc2, 0x01, + 0x28, 0x8a, 0x50, 0x2e, 0x7f, 0x21, 0x68, 0x34, 0xe5, 0xea, 0x69, 0x2c, 0x1c, 0xef, 0x67, 0x6a, + 0x3f, 0xbd, 0xd3, 0x0b, 0xcd, 0x4f, 0x2c, 0x77, 0xe8, 0x38, 0x19, 0xdb, 0x2e, 0x88, 0x90, 0x2f, + 0x3e, 0x4e, 0xdb, 0x7f, 0x3e, 0xec, 0x19, 0x7f, 0x3d, 0xec, 0x19, 0x7f, 0x3f, 0xec, 0x19, 0xbf, + 0x34, 0x74, 0x04, 0xca, 0x3a, 0x5e, 0x4c, 0x3b, 0xcf, 0xfe, 0x0b, 0xdc, 0x6e, 0xaa, 0x2b, 0x78, + 0xf2, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x0a, 0x38, 0x8b, 0x61, 0x74, 0x08, 0x00, 0x00, } diff --git a/mesh/v1alpha1/config.proto b/mesh/v1alpha1/config.proto index 38b2b2faec..952501f6d5 100644 --- a/mesh/v1alpha1/config.proto +++ b/mesh/v1alpha1/config.proto @@ -121,10 +121,19 @@ message MeshConfig { // Empty value disables access logging. string access_log_file = 13; - // Format for the proxy access log (text or json). - // Default value is text. + // Format for the proxy access log + // Empty value results in proxy's default access log format string access_log_format = 24; + enum AccessLogEncoding { + TEXT = 0; + JSON = 1; + } + + // Encoding for the proxy access log (text or json). + // Default value is text. + AccessLogEncoding access_log_encoding = 27; + // Default proxy config used by the proxy injection mechanism operating in the mesh // (e.g. Kubernetes admission controller) // In case of Kubernetes, the proxy config is applied once during the injection process, @@ -188,7 +197,7 @@ message MeshConfig { string trust_domain = 26; // $hide_from_docs - // Next available field number: 27 + // Next available field number: 28 } // ConfigSource describes information about a configuration store inside a diff --git a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html index e5ade7fc3e..2e6b034417 100644 --- a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html +++ b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html @@ -4,7 +4,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/service-mesh.html -number_of_entries: 15 +number_of_entries: 16 ---

AuthenticationPolicy

@@ -221,7 +221,16 @@

MeshConfig

accessLogFormat string -

Format for the proxy access log (text or json). +

Format for the proxy access log +Empty value results in proxy’s default access log format

+ + + + +accessLogEncoding +MeshConfig.AccessLogEncoding + +

Encoding for the proxy access log (text or json). Default value is text.

@@ -286,6 +295,29 @@

MeshConfig

Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain Fallback to old identity format(without trust domain) if not set.

+ + + + +
+

MeshConfig.AccessLogEncoding

+
+ + + + + + + + + + + + + + + diff --git a/proto.lock b/proto.lock index 17752c00c6..3e8c8b2154 100644 --- a/proto.lock +++ b/proto.lock @@ -661,6 +661,19 @@ } ] }, + { + "name": "MeshConfig.AccessLogEncoding", + "enum_fields": [ + { + "name": "TEXT", + "integer": 0 + }, + { + "name": "JSON", + "integer": 1 + } + ] + }, { "name": "OutboundTrafficPolicy.Mode", "enum_fields": [ @@ -758,6 +771,11 @@ "name": "access_log_format", "type": "string" }, + { + "id": 27, + "name": "access_log_encoding", + "type": "AccessLogEncoding" + }, { "id": 14, "name": "default_config", diff --git a/python/istio_api/mesh/v1alpha1/config_pb2.py b/python/istio_api/mesh/v1alpha1/config_pb2.py index e6fc3b9567..28143969be 100644 --- a/python/istio_api/mesh/v1alpha1/config_pb2.py +++ b/python/istio_api/mesh/v1alpha1/config_pb2.py @@ -22,7 +22,7 @@ name='mesh/v1alpha1/config.proto', package='istio.mesh.v1alpha1', syntax='proto3', - serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\x81\n\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') + serialized_pb=_b('\n\x1amesh/v1alpha1/config.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\x1a\x19mesh/v1alpha1/proxy.proto\x1a*networking/v1alpha3/destination_rule.proto\"\xfa\n\n\nMeshConfig\x12\x1a\n\x12mixer_check_server\x18\x01 \x01(\t\x12\x1b\n\x13mixer_report_server\x18\x02 \x01(\t\x12\x1d\n\x15\x64isable_policy_checks\x18\x03 \x01(\x08\x12\x1e\n\x16policy_check_fail_open\x18\x19 \x01(\x08\x12\x19\n\x11proxy_listen_port\x18\x04 \x01(\x05\x12\x17\n\x0fproxy_http_port\x18\x05 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x06 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x15\n\ringress_class\x18\x07 \x01(\t\x12\x17\n\x0fingress_service\x18\x08 \x01(\t\x12V\n\x17ingress_controller_mode\x18\t \x01(\x0e\x32\x35.istio.mesh.v1alpha1.MeshConfig.IngressControllerMode\x12\x43\n\x0b\x61uth_policy\x18\n \x01(\x0e\x32*.istio.mesh.v1alpha1.MeshConfig.AuthPolicyB\x02\x18\x01\x12\x38\n\x11rds_refresh_delay\x18\x0b \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x16\n\x0e\x65nable_tracing\x18\x0c \x01(\x08\x12\x17\n\x0f\x61\x63\x63\x65ss_log_file\x18\r \x01(\t\x12\x19\n\x11\x61\x63\x63\x65ss_log_format\x18\x18 \x01(\t\x12N\n\x13\x61\x63\x63\x65ss_log_encoding\x18\x1b \x01(\x0e\x32\x31.istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding\x12\x38\n\x0e\x64\x65\x66\x61ult_config\x18\x0e \x01(\x0b\x32 .istio.mesh.v1alpha1.ProxyConfig\x12\x19\n\rmixer_address\x18\x10 \x01(\tB\x02\x18\x01\x12Z\n\x17outbound_traffic_policy\x18\x11 \x01(\x0b\x32\x35.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicyB\x02\x18\x01\x12\'\n\x1f\x65nable_client_side_policy_check\x18\x13 \x01(\x08\x12\x14\n\x0csds_uds_path\x18\x14 \x01(\t\x12\x38\n\x11sds_refresh_delay\x18\x15 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x39\n\x0e\x63onfig_sources\x18\x16 \x03(\x0b\x32!.istio.mesh.v1alpha1.ConfigSource\x12\x1e\n\x16\x65nable_sds_token_mount\x18\x17 \x01(\x08\x12\x14\n\x0ctrust_domain\x18\x1a \x01(\t\x1a\xb5\x01\n\x15OutboundTrafficPolicy\x12L\n\x04mode\x18\x01 \x01(\x0e\x32:.istio.mesh.v1alpha1.MeshConfig.OutboundTrafficPolicy.ModeB\x02\x18\x01\"N\n\x04Mode\x12\x15\n\rREGISTRY_ONLY\x10\x00\x1a\x02\x08\x01\x12\x11\n\tALLOW_ANY\x10\x01\x1a\x02\x08\x01\x12\x1c\n\x14VIRTUAL_SERVICE_ONLY\x10\x02\x1a\x02\x08\x01\"9\n\x15IngressControllerMode\x12\x07\n\x03OFF\x10\x00\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x01\x12\n\n\x06STRICT\x10\x02\"&\n\nAuthPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\"\'\n\x11\x41\x63\x63\x65ssLogEncoding\x12\x08\n\x04TEXT\x10\x00\x12\x08\n\x04JSON\x10\x01J\x04\x08\x0f\x10\x10J\x04\x08\x12\x10\x13\"]\n\x0c\x43onfigSource\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12<\n\x0ctls_settings\x18\x02 \x01(\x0b\x32&.istio.networking.v1alpha3.TLSSettingsB\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') , dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,mesh_dot_v1alpha1_dot_proxy__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_destination__rule__pb2.DESCRIPTOR,]) @@ -49,8 +49,8 @@ ], containing_type=None, options=None, - serialized_start=1247, - serialized_end=1325, + serialized_start=1327, + serialized_end=1405, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE) @@ -75,8 +75,8 @@ ], containing_type=None, options=None, - serialized_start=1327, - serialized_end=1384, + serialized_start=1407, + serialized_end=1464, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_INGRESSCONTROLLERMODE) @@ -97,11 +97,33 @@ ], containing_type=None, options=None, - serialized_start=1386, - serialized_end=1424, + serialized_start=1466, + serialized_end=1504, ) _sym_db.RegisterEnumDescriptor(_MESHCONFIG_AUTHPOLICY) +_MESHCONFIG_ACCESSLOGENCODING = _descriptor.EnumDescriptor( + name='AccessLogEncoding', + full_name='istio.mesh.v1alpha1.MeshConfig.AccessLogEncoding', + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name='TEXT', index=0, number=0, + options=None, + type=None), + _descriptor.EnumValueDescriptor( + name='JSON', index=1, number=1, + options=None, + type=None), + ], + containing_type=None, + options=None, + serialized_start=1506, + serialized_end=1545, +) +_sym_db.RegisterEnumDescriptor(_MESHCONFIG_ACCESSLOGENCODING) + _MESHCONFIG_OUTBOUNDTRAFFICPOLICY = _descriptor.Descriptor( name='OutboundTrafficPolicy', @@ -130,8 +152,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1144, - serialized_end=1325, + serialized_start=1224, + serialized_end=1405, ) _MESHCONFIG = _descriptor.Descriptor( @@ -247,63 +269,70 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='default_config', full_name='istio.mesh.v1alpha1.MeshConfig.default_config', index=15, + name='access_log_encoding', full_name='istio.mesh.v1alpha1.MeshConfig.access_log_encoding', index=15, + number=27, type=14, cpp_type=8, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='default_config', full_name='istio.mesh.v1alpha1.MeshConfig.default_config', index=16, number=14, type=11, cpp_type=10, label=1, has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='mixer_address', full_name='istio.mesh.v1alpha1.MeshConfig.mixer_address', index=16, + name='mixer_address', full_name='istio.mesh.v1alpha1.MeshConfig.mixer_address', index=17, number=16, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=_descriptor._ParseOptions(descriptor_pb2.FieldOptions(), _b('\030\001')), file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='outbound_traffic_policy', full_name='istio.mesh.v1alpha1.MeshConfig.outbound_traffic_policy', index=17, + name='outbound_traffic_policy', full_name='istio.mesh.v1alpha1.MeshConfig.outbound_traffic_policy', index=18, number=17, type=11, cpp_type=10, label=1, has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=_descriptor._ParseOptions(descriptor_pb2.FieldOptions(), _b('\030\001')), file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='enable_client_side_policy_check', full_name='istio.mesh.v1alpha1.MeshConfig.enable_client_side_policy_check', index=18, + name='enable_client_side_policy_check', full_name='istio.mesh.v1alpha1.MeshConfig.enable_client_side_policy_check', index=19, number=19, type=8, cpp_type=7, label=1, has_default_value=False, default_value=False, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='sds_uds_path', full_name='istio.mesh.v1alpha1.MeshConfig.sds_uds_path', index=19, + name='sds_uds_path', full_name='istio.mesh.v1alpha1.MeshConfig.sds_uds_path', index=20, number=20, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='sds_refresh_delay', full_name='istio.mesh.v1alpha1.MeshConfig.sds_refresh_delay', index=20, + name='sds_refresh_delay', full_name='istio.mesh.v1alpha1.MeshConfig.sds_refresh_delay', index=21, number=21, type=11, cpp_type=10, label=1, has_default_value=False, default_value=None, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=_descriptor._ParseOptions(descriptor_pb2.FieldOptions(), _b('\030\001')), file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='config_sources', full_name='istio.mesh.v1alpha1.MeshConfig.config_sources', index=21, + name='config_sources', full_name='istio.mesh.v1alpha1.MeshConfig.config_sources', index=22, number=22, type=11, cpp_type=10, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='enable_sds_token_mount', full_name='istio.mesh.v1alpha1.MeshConfig.enable_sds_token_mount', index=22, + name='enable_sds_token_mount', full_name='istio.mesh.v1alpha1.MeshConfig.enable_sds_token_mount', index=23, number=23, type=8, cpp_type=7, label=1, has_default_value=False, default_value=False, message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='trust_domain', full_name='istio.mesh.v1alpha1.MeshConfig.trust_domain', index=23, + name='trust_domain', full_name='istio.mesh.v1alpha1.MeshConfig.trust_domain', index=24, number=26, type=9, cpp_type=9, label=1, has_default_value=False, default_value=_b("").decode('utf-8'), message_type=None, enum_type=None, containing_type=None, @@ -316,6 +345,7 @@ enum_types=[ _MESHCONFIG_INGRESSCONTROLLERMODE, _MESHCONFIG_AUTHPOLICY, + _MESHCONFIG_ACCESSLOGENCODING, ], options=None, is_extendable=False, @@ -324,7 +354,7 @@ oneofs=[ ], serialized_start=155, - serialized_end=1436, + serialized_end=1557, ) @@ -361,8 +391,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1438, - serialized_end=1531, + serialized_start=1559, + serialized_end=1652, ) _MESHCONFIG_OUTBOUNDTRAFFICPOLICY.fields_by_name['mode'].enum_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY_MODE @@ -372,12 +402,14 @@ _MESHCONFIG.fields_by_name['ingress_controller_mode'].enum_type = _MESHCONFIG_INGRESSCONTROLLERMODE _MESHCONFIG.fields_by_name['auth_policy'].enum_type = _MESHCONFIG_AUTHPOLICY _MESHCONFIG.fields_by_name['rds_refresh_delay'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_MESHCONFIG.fields_by_name['access_log_encoding'].enum_type = _MESHCONFIG_ACCESSLOGENCODING _MESHCONFIG.fields_by_name['default_config'].message_type = mesh_dot_v1alpha1_dot_proxy__pb2._PROXYCONFIG _MESHCONFIG.fields_by_name['outbound_traffic_policy'].message_type = _MESHCONFIG_OUTBOUNDTRAFFICPOLICY _MESHCONFIG.fields_by_name['sds_refresh_delay'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION _MESHCONFIG.fields_by_name['config_sources'].message_type = _CONFIGSOURCE _MESHCONFIG_INGRESSCONTROLLERMODE.containing_type = _MESHCONFIG _MESHCONFIG_AUTHPOLICY.containing_type = _MESHCONFIG +_MESHCONFIG_ACCESSLOGENCODING.containing_type = _MESHCONFIG _CONFIGSOURCE.fields_by_name['tls_settings'].message_type = networking_dot_v1alpha3_dot_destination__rule__pb2._TLSSETTINGS DESCRIPTOR.message_types_by_name['MeshConfig'] = _MESHCONFIG DESCRIPTOR.message_types_by_name['ConfigSource'] = _CONFIGSOURCE From b917615b0e895a0681aa2d70181a4441ae15da79 Mon Sep 17 00:00:00 2001 From: "Heiko W. Rupp" Date: Wed, 5 Dec 2018 16:40:40 +0100 Subject: [PATCH 04/16] target -> targets (#725) --- authentication/v1alpha1/istio.authentication.v1alpha1.pb.html | 2 +- authentication/v1alpha1/policy.pb.go | 2 +- authentication/v1alpha1/policy.proto | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/authentication/v1alpha1/istio.authentication.v1alpha1.pb.html b/authentication/v1alpha1/istio.authentication.v1alpha1.pb.html index c310c37acc..7decc1c666 100644 --- a/authentication/v1alpha1/istio.authentication.v1alpha1.pb.html +++ b/authentication/v1alpha1/istio.authentication.v1alpha1.pb.html @@ -368,7 +368,7 @@

Policy

name: mTLS_enable namespace: frod spec: - target: + targets: - name: productpage ports: - number: 9000 diff --git a/authentication/v1alpha1/policy.pb.go b/authentication/v1alpha1/policy.pb.go index c5a8a66419..ea0dc950ae 100644 --- a/authentication/v1alpha1/policy.pb.go +++ b/authentication/v1alpha1/policy.pb.go @@ -674,7 +674,7 @@ func (m *OriginAuthenticationMethod) GetJwt() *Jwt { // name: mTLS_enable // namespace: frod // spec: -// target: +// targets: // - name: productpage // ports: // - number: 9000 diff --git a/authentication/v1alpha1/policy.proto b/authentication/v1alpha1/policy.proto index 32a56ac0f5..14c0f4294e 100644 --- a/authentication/v1alpha1/policy.proto +++ b/authentication/v1alpha1/policy.proto @@ -289,7 +289,7 @@ enum PrincipalBinding { // name: mTLS_enable // namespace: frod // spec: -// target: +// targets: // - name: productpage // ports: // - number: 9000 From 6a495cfb10307edfae827ee172034b8f9188859d Mon Sep 17 00:00:00 2001 From: Jeff Mendoza Date: Fri, 14 Dec 2018 14:30:05 -0800 Subject: [PATCH 05/16] Add note to readme about backwards incompatible changes (#700) --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 7e014a9c5e..4ff8107096 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,13 @@ changes. If releasing a new tagged version, please update python/istio-api/setup.py version to reflect. + +## Backwards Incompatible Changes + +If a PR tries to make backwards incompatible changes, it will be +blocked by protolock. To force these changes in, install +[protolock](https://github.com/nilslice/protolock) and run +`protolock commit --force`. + +You must include a note in your PR that you had to force the +protolock and why. From c85aada9bdc9f27471c3ef1ad2d43a499bfe0534 Mon Sep 17 00:00:00 2001 From: Martin Taillefer Date: Mon, 17 Dec 2018 08:51:04 -0800 Subject: [PATCH 06/16] Fix a comment. (#739) --- networking/v1alpha3/destination_rule.pb.go | 2 +- networking/v1alpha3/destination_rule.proto | 2 +- networking/v1alpha3/istio.networking.v1alpha3.pb.html | 4 ++-- networking/v1alpha3/virtual_service.pb.go | 2 +- networking/v1alpha3/virtual_service.proto | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/networking/v1alpha3/destination_rule.pb.go b/networking/v1alpha3/destination_rule.pb.go index 434926b92d..db6e5630de 100644 --- a/networking/v1alpha3/destination_rule.pb.go +++ b/networking/v1alpha3/destination_rule.pb.go @@ -486,7 +486,7 @@ func (m *Subset) GetTrafficPolicy() *TrafficPolicy { // Load balancing policies to apply for a specific destination. See Envoy's // load balancing -// [documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing.html) +// [documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing/load_balancing) // for more details. // // For example, the following rule uses a round robin load balancing policy diff --git a/networking/v1alpha3/destination_rule.proto b/networking/v1alpha3/destination_rule.proto index e48b93c055..9e85b5223b 100644 --- a/networking/v1alpha3/destination_rule.proto +++ b/networking/v1alpha3/destination_rule.proto @@ -227,7 +227,7 @@ message Subset { // Load balancing policies to apply for a specific destination. See Envoy's // load balancing -// [documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing.html) +// [documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing/load_balancing) // for more details. // // For example, the following rule uses a round robin load balancing policy diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 1ec29f1a01..ed2c7f1e6f 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -347,7 +347,7 @@

CorsPolicy

 @@ -2198,7 +2198,7 @@

LoadBalancerSettings

Load balancing policies to apply for a specific destination. See Envoy’s load balancing -documentation +documentation for more details.

For example, the following rule uses a round robin load balancing policy diff --git a/networking/v1alpha3/virtual_service.pb.go b/networking/v1alpha3/virtual_service.pb.go index 6d51ac6049..e8c15ccbe8 100644 --- a/networking/v1alpha3/virtual_service.pb.go +++ b/networking/v1alpha3/virtual_service.pb.go @@ -1564,7 +1564,7 @@ type CorsPolicy struct { // A white list of HTTP headers that the browsers are allowed to // access. Serialized into Access-Control-Expose-Headers header. ExposeHeaders []string `protobuf:"bytes,4,rep,name=expose_headers,json=exposeHeaders" json:"expose_headers,omitempty"` - // Specifies how long the the results of a preflight request can be + // Specifies how long the results of a preflight request can be // cached. Translates to the Access-Control-Max-Age header. MaxAge *google_protobuf.Duration `protobuf:"bytes,5,opt,name=max_age,json=maxAge" json:"max_age,omitempty"` // Indicates whether the caller is allowed to send the actual request diff --git a/networking/v1alpha3/virtual_service.proto b/networking/v1alpha3/virtual_service.proto index c97b67b3e8..1536e4c6b5 100644 --- a/networking/v1alpha3/virtual_service.proto +++ b/networking/v1alpha3/virtual_service.proto @@ -965,7 +965,7 @@ message CorsPolicy { // access. Serialized into Access-Control-Expose-Headers header. repeated string expose_headers = 4; - // Specifies how long the the results of a preflight request can be + // Specifies how long the results of a preflight request can be // cached. Translates to the Access-Control-Max-Age header. google.protobuf.Duration max_age = 5; From 73238e149e64663df5651833d16715c3b43caea2 Mon Sep 17 00:00:00 2001 From: mtail Date: Thu, 20 Dec 2018 07:21:35 -0800 Subject: [PATCH 07/16] Comment typo fixes. --- networking/v1alpha3/istio.networking.v1alpha3.pb.html | 8 ++++---- networking/v1alpha3/service_dependency.pb.go | 4 ++-- networking/v1alpha3/service_dependency.proto | 6 +++--- networking/v1alpha3/virtual_service.pb.go | 4 ++-- networking/v1alpha3/virtual_service.proto | 6 +++--- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index ed2c7f1e6f..7a8ed362e7 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -2121,8 +2121,8 @@

Headers.HeaderOperations

@@ -2976,7 +2976,7 @@

ServiceDependency

same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE in the mesh global config map (in values.yaml).

-

NOTE 2: To facilitate incremental pruning of the the sidecar +

NOTE 2: To facilitate incremental pruning of the sidecar configuration, the default import mode for the mesh is set to ALL_NAMESPACES. In other words, every workload will be able to reach every other workload. Adding a ServiceDependency resource in a namespace will @@ -2985,7 +2985,7 @@

ServiceDependency

The following examples illustrate a few specific use cases of ServiceDependency.

-

The example below delcares a ServiceDependency resource in the prod-us1 +

The example below declares a ServiceDependency resource in the prod-us1 namespace that specifies that workloads in the namespace will be able to reach the services in the prod-apis namespace only.

diff --git a/networking/v1alpha3/service_dependency.pb.go b/networking/v1alpha3/service_dependency.pb.go index ff233c696c..045f2435b9 100644 --- a/networking/v1alpha3/service_dependency.pb.go +++ b/networking/v1alpha3/service_dependency.pb.go @@ -69,7 +69,7 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorServi // same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE // in the mesh global config map (in values.yaml). // -// NOTE 2: To facilitate incremental pruning of the the sidecar +// NOTE 2: To facilitate incremental pruning of the sidecar // configuration, the default import mode for the mesh is set to // ALL_NAMESPACES. In other words, every workload will be able to reach // every other workload. Adding a ServiceDependency resource in a namespace will @@ -78,7 +78,7 @@ func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorServi // // The following examples illustrate a few specific use cases of ServiceDependency. // -// The example below delcares a ServiceDependency resource in the prod-us1 +// The example below declares a ServiceDependency resource in the prod-us1 // namespace that specifies that workloads in the namespace will be able to // reach the services in the prod-apis namespace only. // diff --git a/networking/v1alpha3/service_dependency.proto b/networking/v1alpha3/service_dependency.proto index f6c54c71a3..ff1bf5c27e 100644 --- a/networking/v1alpha3/service_dependency.proto +++ b/networking/v1alpha3/service_dependency.proto @@ -44,7 +44,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // same namespace, set defaultServiceDependency.importMode to SAME_NAMESPACE // in the mesh global config map (in values.yaml). // -// NOTE 2: To facilitate incremental pruning of the the sidecar +// NOTE 2: To facilitate incremental pruning of the sidecar // configuration, the default import mode for the mesh is set to // ALL_NAMESPACES. In other words, every workload will be able to reach // every other workload. Adding a ServiceDependency resource in a namespace will @@ -53,7 +53,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // // The following examples illustrate a few specific use cases of ServiceDependency. // -// The example below delcares a ServiceDependency resource in the prod-us1 +// The example below declares a ServiceDependency resource in the prod-us1 // namespace that specifies that workloads in the namespace will be able to // reach the services in the prod-apis namespace only. // @@ -143,7 +143,7 @@ message ServiceDependency { // explicitly specified namespaces, namespaces specified in the global // mesh config (through defaultServiceDependency.importNamespaces) will also be // imported. - repeated Import imports = 2; + repeated Import imports = 2; }; // REQUIRED. The set of services that workloads in this namespace are diff --git a/networking/v1alpha3/virtual_service.pb.go b/networking/v1alpha3/virtual_service.pb.go index e8c15ccbe8..9335145531 100644 --- a/networking/v1alpha3/virtual_service.pb.go +++ b/networking/v1alpha3/virtual_service.pb.go @@ -579,8 +579,8 @@ func (m *Headers) GetResponse() *Headers_HeaderOperations { type Headers_HeaderOperations struct { // Overwrite the headers specified by key with the given values Set map[string]string `protobuf:"bytes,1,rep,name=set" json:"set,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // Apppend the given values to the the headers specified by keys - // (will create a comma seperated list of values) + // Append the given values to the headers specified by keys + // (will create a comma separated list of values) Add map[string]string `protobuf:"bytes,2,rep,name=add" json:"add,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` // Remove a the specified headers Remove []string `protobuf:"bytes,3,rep,name=remove" json:"remove,omitempty"` diff --git a/networking/v1alpha3/virtual_service.proto b/networking/v1alpha3/virtual_service.proto index 1536e4c6b5..7675ec1802 100644 --- a/networking/v1alpha3/virtual_service.proto +++ b/networking/v1alpha3/virtual_service.proto @@ -418,7 +418,7 @@ message HTTPRoute { // Header manipulation rules message Headers { - // Header manipulation rules to apply before forwarding a request + // Header manipulation rules to apply before forwarding a request // to the destination service HeaderOperations request = 1; // Header manipulation rules to apply before returning a response @@ -429,8 +429,8 @@ message Headers { message HeaderOperations { // Overwrite the headers specified by key with the given values map set = 1; - // Apppend the given values to the the headers specified by keys - // (will create a comma seperated list of values) + // Append the given values to the headers specified by keys + // (will create a comma separated list of values) map add = 2; // Remove a the specified headers repeated string remove = 3; From 056eb85d96f09441775d79283c149d93fcbd0982 Mon Sep 17 00:00:00 2001 From: Martin Taillefer Date: Wed, 9 Jan 2019 06:30:08 -0800 Subject: [PATCH 08/16] Comment fixes. (#751) --- .../istio.networking.v1alpha3.pb.html | 24 +++++++++---------- networking/v1alpha3/service_entry.pb.go | 10 ++++---- networking/v1alpha3/service_entry.proto | 12 +++++----- networking/v1alpha3/virtual_service.pb.go | 14 +++++------ networking/v1alpha3/virtual_service.proto | 14 +++++------ 5 files changed, 37 insertions(+), 37 deletions(-) diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index a035e74a5c..1face7462e 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -266,12 +266,12 @@

CorsPolicy

Describes the Cross-Origin Resource Sharing (CORS) policy, for a given service. Refer to -https://developer.mozilla.org/en-US/docs/Web/HTTP/AccesscontrolCORS +https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS for further details about cross origin resource sharing. For example, the following rule restricts cross origin requests to those originating from example.com domain using HTTP POST/GET, and sets the -Access-Control-Allow-Credentials header to false. In addition, it only -exposes X-Foo-bar header and sets an expiry period of 1 day.

+Access-Control-Allow-Credentials header to false. In addition, it only +exposes X-Foo-bar header and sets an expiry period of 1 day.

apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
@@ -348,7 +348,7 @@ 
CorsPolicy
@@ -358,7 +358,7 @@

CorsPolicy

 @@ -1694,8 +1694,8 @@

HTTPRetry

Specifies the conditions under which retry takes place. One or more policies can be specified using a ‘,’ delimited list. The supported policies can be found in -“https://www.envoyproxy.io/docs/envoy/latest/configuration/httpfilters/routerfilter#x-envoy-retry-on” -and “https://www.envoyproxy.io/docs/envoy/latest/configuration/httpfilters/routerfilter#x-envoy-retry-grpc-on”

+https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-on +and https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-grpc-on

@@ -3300,7 +3300,7 @@

ServiceEntry

- address: unix:///var/run/example/socket -

For HTTP based services, it is possible to create a VirtualService +

For HTTP-based services, it is possible to create a VirtualService backed by multiple DNS addressable endpoints. In such a scenario, the application can use the HTTP_PROXY environment variable to transparently reroute API calls for the VirtualService to a chosen backend. For @@ -3333,10 +3333,10 @@

ServiceEntry

https: 7080 -

With HTTP_PROXY=http://localhost/, calls from the application to -http://foo.bar.com will be load balanced across the three domains -specified above. In other words, a call to http://foo.bar.com/baz would -be translated to http://uk.foo.bar.com/baz.

+

With HTTP_PROXY=http://localhost/, calls from the application to +http://foo.bar.com will be load balanced across the three domains +specified above. In other words, a call to http://foo.bar.com/baz would +be translated to http://uk.foo.bar.com/baz.

NameDescription
TEXT +
JSON
maxAge google.protobuf.Duration -

Specifies how long the the results of a preflight request can be +

Specifies how long the results of a preflight request can be cached. Translates to the Access-Control-Max-Age header.

 add map<string, string> -

Apppend the given values to the the headers specified by keys -(will create a comma seperated list of values)

+

Append the given values to the headers specified by keys +(will create a comma separated list of values)
google.protobuf.Duration

Specifies how long the results of a preflight request can be -cached. Translates to the Access-Control-Max-Age header.

+cached. Translates to the Access-Control-Max-Age header.

Indicates whether the caller is allowed to send the actual request (not the preflight) using credentials. Translates to -Access-Control-Allow-Credentials header.

+Access-Control-Allow-Credentials header.
diff --git a/networking/v1alpha3/service_entry.pb.go b/networking/v1alpha3/service_entry.pb.go index 2642cde348..47f0813a73 100644 --- a/networking/v1alpha3/service_entry.pb.go +++ b/networking/v1alpha3/service_entry.pb.go @@ -324,7 +324,7 @@ func (ServiceEntry_Resolution) EnumDescriptor() ([]byte, []int) { // - address: unix:///var/run/example/socket // ``` // -// For HTTP based services, it is possible to create a VirtualService +// For HTTP-based services, it is possible to create a VirtualService // backed by multiple DNS addressable endpoints. In such a scenario, the // application can use the HTTP_PROXY environment variable to transparently // reroute API calls for the VirtualService to a chosen backend. For @@ -358,10 +358,10 @@ func (ServiceEntry_Resolution) EnumDescriptor() ([]byte, []int) { // https: 7080 // ``` // -// With HTTP_PROXY=http://localhost/, calls from the application to -// http://foo.bar.com will be load balanced across the three domains -// specified above. In other words, a call to http://foo.bar.com/baz would -// be translated to http://uk.foo.bar.com/baz. +// With `HTTP_PROXY=http://localhost/`, calls from the application to +// `http://foo.bar.com` will be load balanced across the three domains +// specified above. In other words, a call to `http://foo.bar.com/baz` would +// be translated to `http://uk.foo.bar.com/baz`. // type ServiceEntry struct { // REQUIRED. The hosts associated with the ServiceEntry. Could be a DNS diff --git a/networking/v1alpha3/service_entry.proto b/networking/v1alpha3/service_entry.proto index b4f16f8b34..7c200a59aa 100644 --- a/networking/v1alpha3/service_entry.proto +++ b/networking/v1alpha3/service_entry.proto @@ -246,7 +246,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // - address: unix:///var/run/example/socket // ``` // -// For HTTP based services, it is possible to create a VirtualService +// For HTTP-based services, it is possible to create a VirtualService // backed by multiple DNS addressable endpoints. In such a scenario, the // application can use the HTTP_PROXY environment variable to transparently // reroute API calls for the VirtualService to a chosen backend. For @@ -280,10 +280,10 @@ option go_package = "istio.io/api/networking/v1alpha3"; // https: 7080 // ``` // -// With HTTP_PROXY=http://localhost/, calls from the application to -// http://foo.bar.com will be load balanced across the three domains -// specified above. In other words, a call to http://foo.bar.com/baz would -// be translated to http://uk.foo.bar.com/baz. +// With `HTTP_PROXY=http://localhost/`, calls from the application to +// `http://foo.bar.com` will be load balanced across the three domains +// specified above. In other words, a call to `http://foo.bar.com/baz` would +// be translated to `http://uk.foo.bar.com/baz`. // message ServiceEntry { // REQUIRED. The hosts associated with the ServiceEntry. Could be a DNS @@ -371,7 +371,7 @@ message ServiceEntry { // REQUIRED: Service discovery mode for the hosts. Care must be taken // when setting the resolution mode to NONE for a TCP port without - // accompanying IP addresses. In such cases, traffic to any IP on + // accompanying IP addresses. In such cases, traffic to any IP on // said port will be allowed (i.e. 0.0.0.0:). Resolution resolution = 5; diff --git a/networking/v1alpha3/virtual_service.pb.go b/networking/v1alpha3/virtual_service.pb.go index 0e2c10eb3c..f5ddde8588 100644 --- a/networking/v1alpha3/virtual_service.pb.go +++ b/networking/v1alpha3/virtual_service.pb.go @@ -1485,8 +1485,8 @@ type HTTPRetry struct { // Specifies the conditions under which retry takes place. // One or more policies can be specified using a ‘,’ delimited list. // The supported policies can be found in - // "https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-on" - // and "https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-grpc-on" + // + // and RetryOn string `protobuf:"bytes,3,opt,name=retry_on,json=retryOn,proto3" json:"retry_on,omitempty"` } @@ -1518,12 +1518,12 @@ func (m *HTTPRetry) GetRetryOn() string { // Describes the Cross-Origin Resource Sharing (CORS) policy, for a given // service. Refer to -// https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS +// // for further details about cross origin resource sharing. For example, // the following rule restricts cross origin requests to those originating // from example.com domain using HTTP POST/GET, and sets the -// Access-Control-Allow-Credentials header to false. In addition, it only -// exposes X-Foo-bar header and sets an expiry period of 1 day. +// `Access-Control-Allow-Credentials` header to false. In addition, it only +// exposes `X-Foo-bar` header and sets an expiry period of 1 day. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -1565,11 +1565,11 @@ type CorsPolicy struct { // access. Serialized into Access-Control-Expose-Headers header. ExposeHeaders []string `protobuf:"bytes,4,rep,name=expose_headers,json=exposeHeaders" json:"expose_headers,omitempty"` // Specifies how long the results of a preflight request can be - // cached. Translates to the Access-Control-Max-Age header. + // cached. Translates to the `Access-Control-Max-Age` header. MaxAge *google_protobuf.Duration `protobuf:"bytes,5,opt,name=max_age,json=maxAge" json:"max_age,omitempty"` // Indicates whether the caller is allowed to send the actual request // (not the preflight) using credentials. Translates to - // Access-Control-Allow-Credentials header. + // `Access-Control-Allow-Credentials` header. AllowCredentials *google_protobuf1.BoolValue `protobuf:"bytes,6,opt,name=allow_credentials,json=allowCredentials" json:"allow_credentials,omitempty"` } diff --git a/networking/v1alpha3/virtual_service.proto b/networking/v1alpha3/virtual_service.proto index 860c614246..9efd014cea 100644 --- a/networking/v1alpha3/virtual_service.proto +++ b/networking/v1alpha3/virtual_service.proto @@ -908,19 +908,19 @@ message HTTPRetry { // Specifies the conditions under which retry takes place. // One or more policies can be specified using a ‘,’ delimited list. // The supported policies can be found in - // "https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-on" - // and "https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/router_filter#x-envoy-retry-grpc-on" + // + // and string retry_on = 3; } // Describes the Cross-Origin Resource Sharing (CORS) policy, for a given // service. Refer to -// https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS +// // for further details about cross origin resource sharing. For example, // the following rule restricts cross origin requests to those originating // from example.com domain using HTTP POST/GET, and sets the -// Access-Control-Allow-Credentials header to false. In addition, it only -// exposes X-Foo-bar header and sets an expiry period of 1 day. +// `Access-Control-Allow-Credentials` header to false. In addition, it only +// exposes `X-Foo-bar` header and sets an expiry period of 1 day. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -966,12 +966,12 @@ message CorsPolicy { repeated string expose_headers = 4; // Specifies how long the results of a preflight request can be - // cached. Translates to the Access-Control-Max-Age header. + // cached. Translates to the `Access-Control-Max-Age` header. google.protobuf.Duration max_age = 5; // Indicates whether the caller is allowed to send the actual request // (not the preflight) using credentials. Translates to - // Access-Control-Allow-Credentials header. + // `Access-Control-Allow-Credentials` header. google.protobuf.BoolValue allow_credentials = 6; } From a222b707a5b82f01a6082d88fc44b1892f33dd34 Mon Sep 17 00:00:00 2001 From: Andy Lai <31747472+hklai@users.noreply.github.com> Date: Fri, 18 Jan 2019 20:55:05 -0800 Subject: [PATCH 09/16] Merge release-1.1 into master (#766) * assorted doc updates (#757) Signed-off-by: Shriram Rajagopalan * add optional incremental flag to ResponseSink and ResourceSource services (#762) * Add option to select worload using lables for authn policy. (#755) * Add option to select workload using labels for authn policy * Make proto-commit --- authentication/v1alpha1/policy.pb.go | 259 ++++++++++++++---- authentication/v1alpha1/policy.proto | 6 + mcp/v1alpha1/istio.mcp.v1alpha1.pb.html | 31 +++ mcp/v1alpha1/mcp.pb.go | 204 ++++++++++---- mcp/v1alpha1/mcp.proto | 21 ++ .../istio.networking.v1alpha3.pb.html | 207 +++++++++++++- networking/v1alpha3/sidecar.pb.go | 77 ++++-- networking/v1alpha3/sidecar.proto | 110 ++++---- proto.lock | 20 ++ .../authentication/v1alpha1/policy_pb2.py | 74 ++++- python/istio_api/mcp/v1alpha1/mcp_pb2.py | 34 ++- 11 files changed, 834 insertions(+), 209 deletions(-) diff --git a/authentication/v1alpha1/policy.pb.go b/authentication/v1alpha1/policy.pb.go index ea0dc950ae..847416b536 100644 --- a/authentication/v1alpha1/policy.pb.go +++ b/authentication/v1alpha1/policy.pb.go @@ -786,6 +786,11 @@ type TargetSelector struct { // REQUIRED. The name must be a short name from the service registry. The // fully qualified domain name will be resolved in a platform specific manner. Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // $hide_from_docs + // $not-implemented-hide + // Select workload by labels. + // Once implemented, this is a prefer way over using service name. + Labels map[string]string `protobuf:"bytes,3,rep,name=labels" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` // Specifies the ports. Note that this is the port(s) exposed by the service, not workload ports. // For example, if a service is defined as below, then `8000` should be used, not `9000`. // ``` @@ -816,6 +821,13 @@ func (m *TargetSelector) GetName() string { return "" } +func (m *TargetSelector) GetLabels() map[string]string { + if m != nil { + return m.Labels + } + return nil +} + func (m *TargetSelector) GetPorts() []*PortSelector { if m != nil { return m.Ports @@ -1365,6 +1377,23 @@ func (m *TargetSelector) MarshalTo(dAtA []byte) (int, error) { i += n } } + if len(m.Labels) > 0 { + for k, _ := range m.Labels { + dAtA[i] = 0x1a + i++ + v := m.Labels[k] + mapSize := 1 + len(k) + sovPolicy(uint64(len(k))) + 1 + len(v) + sovPolicy(uint64(len(v))) + i = encodeVarintPolicy(dAtA, i, uint64(mapSize)) + dAtA[i] = 0xa + i++ + i = encodeVarintPolicy(dAtA, i, uint64(len(k))) + i += copy(dAtA[i:], k) + dAtA[i] = 0x12 + i++ + i = encodeVarintPolicy(dAtA, i, uint64(len(v))) + i += copy(dAtA[i:], v) + } + } return i, nil } @@ -1605,6 +1634,14 @@ func (m *TargetSelector) Size() (n int) { n += 1 + l + sovPolicy(uint64(l)) } } + if len(m.Labels) > 0 { + for k, v := range m.Labels { + _ = k + _ = v + mapEntrySize := 1 + len(k) + sovPolicy(uint64(len(k))) + 1 + len(v) + sovPolicy(uint64(len(v))) + n += mapEntrySize + 1 + sovPolicy(uint64(mapEntrySize)) + } + } return n } @@ -2725,6 +2762,124 @@ func (m *TargetSelector) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Labels", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPolicy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthPolicy + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Labels == nil { + m.Labels = make(map[string]string) + } + var mapkey string + var mapvalue string + for iNdEx < postIndex { + entryPreIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPolicy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + if fieldNum == 1 { + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPolicy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapkey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthPolicy + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + } else if fieldNum == 2 { + var stringLenmapvalue uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowPolicy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapvalue |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapvalue := int(stringLenmapvalue) + if intStringLenmapvalue < 0 { + return ErrInvalidLengthPolicy + } + postStringIndexmapvalue := iNdEx + intStringLenmapvalue + if postStringIndexmapvalue > l { + return io.ErrUnexpectedEOF + } + mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) + iNdEx = postStringIndexmapvalue + } else { + iNdEx = entryPreIndex + skippy, err := skipPolicy(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthPolicy + } + if (iNdEx + skippy) > postIndex { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + m.Labels[mapkey] = mapvalue + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipPolicy(dAtA[iNdEx:]) @@ -2953,54 +3108,58 @@ var ( func init() { proto.RegisterFile("authentication/v1alpha1/policy.proto", fileDescriptorPolicy) } var fileDescriptorPolicy = []byte{ - // 779 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0x41, 0x8f, 0xe3, 0x34, - 0x14, 0x6e, 0xa6, 0x6d, 0xda, 0xbe, 0x76, 0xaa, 0x62, 0xa1, 0x55, 0x58, 0xd8, 0x61, 0x14, 0xed, - 0xa1, 0x5a, 0x20, 0x65, 0x0b, 0x02, 0x71, 0x41, 0x9a, 0xa2, 0xb2, 0xed, 0x4a, 0x65, 0x8a, 0xd3, - 0xe5, 0x80, 0x90, 0x22, 0x4f, 0xe2, 0x4d, 0x5d, 0xd2, 0x24, 0x72, 0x1c, 0xd2, 0x39, 0xf1, 0x13, - 0xf8, 0x03, 0x5c, 0x38, 0x73, 0xe4, 0x4f, 0x70, 0xe4, 0x27, 0xa0, 0xf9, 0x25, 0xc8, 0x76, 0xc3, - 0xb4, 0x23, 0x86, 0xcc, 0xde, 0xfc, 0xbd, 0xe7, 0xef, 0x7b, 0x2f, 0x9f, 0xed, 0x17, 0x78, 0x4a, - 0x72, 0xb1, 0xa6, 0xb1, 0x60, 0x3e, 0x11, 0x2c, 0x89, 0x47, 0x3f, 0x3d, 0x27, 0x51, 0xba, 0x26, - 0xcf, 0x47, 0x69, 0x12, 0x31, 0xff, 0xda, 0x49, 0x79, 0x22, 0x12, 0xf4, 0x84, 0x65, 0x82, 0x25, - 0xce, 0xf1, 0x5e, 0xa7, 0xdc, 0x6b, 0xff, 0x0c, 0x5d, 0x57, 0x70, 0x16, 0x87, 0x0b, 0x22, 0xfc, - 0x35, 0x7a, 0x04, 0x4d, 0xba, 0x23, 0xbe, 0xb0, 0x8c, 0x73, 0x63, 0xd8, 0x99, 0xd5, 0xb0, 0x86, - 0xc8, 0x02, 0x33, 0xe5, 0xf4, 0x35, 0xdb, 0x59, 0x27, 0xfb, 0xc4, 0x1e, 0xcb, 0x4c, 0x96, 0xbf, - 0x96, 0x99, 0x7a, 0x99, 0xd1, 0x58, 0x6a, 0x71, 0x1a, 0xd2, 0x9d, 0xd5, 0x28, 0xb5, 0x14, 0x9c, - 0xf4, 0x00, 0xb6, 0xb2, 0x98, 0x27, 0xae, 0x53, 0x6a, 0xff, 0x62, 0x40, 0x67, 0x91, 0x8b, 0x9c, - 0x44, 0xab, 0x28, 0x43, 0xef, 0x42, 0x87, 0x44, 0x51, 0x52, 0x78, 0x22, 0xca, 0x54, 0x0f, 0x6d, - 0xdc, 0x56, 0x01, 0x99, 0xbc, 0x80, 0xc6, 0x36, 0x09, 0xa8, 0x6a, 0xa1, 0x3f, 0xfe, 0xc8, 0xf9, - 0xdf, 0x2f, 0x73, 0xfe, 0x15, 0x75, 0x16, 0x49, 0x40, 0xb1, 0xa2, 0xda, 0x36, 0x34, 0x24, 0x42, - 0x00, 0xa6, 0xbb, 0xc2, 0xf3, 0xaf, 0x56, 0x83, 0x1a, 0xea, 0x03, 0x2c, 0xa7, 0x78, 0x31, 0x77, - 0xdd, 0xf9, 0x77, 0xd3, 0x81, 0x61, 0xff, 0x56, 0x87, 0xfa, 0xcb, 0x42, 0xa0, 0x47, 0x60, 0xb2, - 0x2c, 0xcb, 0x29, 0xd7, 0x66, 0xe0, 0x3d, 0x42, 0xef, 0x41, 0x87, 0xe4, 0x01, 0xa3, 0xb1, 0x4f, - 0x33, 0xeb, 0xe4, 0xbc, 0x3e, 0xec, 0xe0, 0xdb, 0x00, 0x7a, 0x07, 0xda, 0x9b, 0xe2, 0xc7, 0xcc, - 0xcb, 0x39, 0xd3, 0x8e, 0xe0, 0x96, 0xc4, 0xaf, 0x38, 0x43, 0xef, 0x43, 0x77, 0x53, 0x08, 0x6f, - 0x4d, 0x49, 0x40, 0x79, 0x66, 0x99, 0x8a, 0x0a, 0x9b, 0x42, 0xcc, 0x74, 0x04, 0x3d, 0x01, 0x89, - 0xbc, 0x94, 0x70, 0xb2, 0xcd, 0xac, 0x96, 0x96, 0xde, 0x14, 0x62, 0xa9, 0x02, 0xc8, 0x85, 0x53, - 0xc1, 0x59, 0x18, 0x52, 0xee, 0xf1, 0x3c, 0xa2, 0x99, 0xd5, 0x39, 0xaf, 0x0f, 0xbb, 0x63, 0xa7, - 0xc2, 0x88, 0x97, 0x85, 0x70, 0x56, 0x9a, 0x87, 0xf3, 0x88, 0xe2, 0x9e, 0xb8, 0x05, 0xd9, 0xe3, - 0x3f, 0x0c, 0xe8, 0x1e, 0x64, 0xd1, 0xb7, 0xd0, 0xa7, 0x3b, 0x3f, 0xca, 0x03, 0x1a, 0x78, 0x29, - 0x11, 0x6b, 0x79, 0x0c, 0xb2, 0xca, 0xb3, 0x8a, 0x2a, 0x07, 0xb7, 0x08, 0x9f, 0x96, 0x0a, 0x4b, - 0x29, 0x20, 0x25, 0x59, 0x7c, 0x24, 0x79, 0xf2, 0xe6, 0x92, 0xa5, 0x82, 0x92, 0xb4, 0x7f, 0x35, - 0xc0, 0x5a, 0x52, 0xca, 0x2f, 0x8e, 0xa8, 0x0b, 0x2a, 0xd6, 0x49, 0x80, 0xbe, 0x84, 0xc6, 0xb6, - 0xbc, 0x3f, 0xdd, 0xf1, 0xf0, 0xa1, 0xf7, 0x64, 0x56, 0xc3, 0x8a, 0x87, 0x3e, 0x83, 0xfa, 0xa6, - 0x10, 0xea, 0x9a, 0x75, 0xc7, 0x76, 0xb5, 0xbb, 0xb3, 0x1a, 0x96, 0x84, 0x49, 0x1b, 0x4c, 0x7d, - 0x74, 0x36, 0x86, 0xc7, 0x97, 0x9c, 0x85, 0x2c, 0xfe, 0xcf, 0xfe, 0x3e, 0xd5, 0xfa, 0xc6, 0x43, - 0xf5, 0x95, 0xba, 0xfd, 0x7b, 0x1d, 0xcc, 0xa5, 0x7a, 0xd9, 0xe8, 0x05, 0xb4, 0x04, 0xe1, 0x21, - 0x15, 0xe5, 0xe1, 0x54, 0xbd, 0x85, 0x95, 0xda, 0xed, 0xd2, 0x88, 0xfa, 0x22, 0xe1, 0xb8, 0x64, - 0xa3, 0x05, 0x34, 0x53, 0x2a, 0xef, 0xa2, 0x3e, 0x90, 0xcf, 0x2b, 0x64, 0xee, 0x73, 0x1c, 0x6b, - 0x15, 0x34, 0x84, 0x81, 0x5c, 0x78, 0x2c, 0xf3, 0x92, 0x54, 0xa6, 0x49, 0xa4, 0xde, 0x40, 0x1b, - 0xf7, 0x65, 0x7c, 0x9e, 0x5d, 0xee, 0xa3, 0xc8, 0x85, 0x56, 0xa2, 0x0c, 0xca, 0xac, 0x86, 0x2a, - 0xfd, 0x45, 0x45, 0xe9, 0xfb, 0xed, 0xc4, 0xa5, 0x12, 0xfa, 0x10, 0x90, 0x5e, 0x1e, 0x35, 0xd0, - 0x54, 0x0d, 0x0c, 0x74, 0xe6, 0xa0, 0x85, 0x1f, 0xe0, 0xad, 0x94, 0xb3, 0xd8, 0x67, 0x29, 0x89, - 0xbc, 0x2b, 0x16, 0x07, 0x2c, 0x0e, 0x2d, 0x53, 0x8d, 0x96, 0x51, 0x95, 0x0f, 0x25, 0x6f, 0xa2, - 0x69, 0x78, 0x90, 0xde, 0x89, 0xd8, 0x21, 0xf4, 0x8f, 0x4d, 0x47, 0x08, 0x1a, 0x31, 0xd9, 0xd2, - 0xfd, 0x30, 0x51, 0x6b, 0x74, 0x01, 0xcd, 0x34, 0xe1, 0xa2, 0xf4, 0xff, 0x83, 0xaa, 0xba, 0x09, - 0xbf, 0x3d, 0x44, 0xcd, 0xb4, 0xbf, 0x86, 0xde, 0x61, 0x58, 0xce, 0xe3, 0x38, 0xdf, 0x5e, 0xed, - 0xa7, 0xd6, 0xa9, 0x9c, 0xc7, 0x1a, 0xa3, 0xb7, 0xf7, 0x0d, 0x94, 0x13, 0x5c, 0xa1, 0x89, 0x09, - 0x0d, 0x29, 0xf4, 0xec, 0x63, 0x18, 0xdc, 0xfd, 0x2c, 0xd4, 0x83, 0xf6, 0x2b, 0x77, 0xea, 0x2d, - 0xa7, 0x53, 0xac, 0xe7, 0xa4, 0x44, 0x97, 0x78, 0xfe, 0x62, 0xfe, 0xcd, 0xc0, 0x98, 0x8c, 0xff, - 0xbc, 0x39, 0x33, 0xfe, 0xba, 0x39, 0x33, 0xfe, 0xbe, 0x39, 0x33, 0xbe, 0x7f, 0xaa, 0x5b, 0x67, - 0xc9, 0x88, 0xa4, 0x6c, 0x74, 0xcf, 0xaf, 0xe9, 0xca, 0x54, 0x3f, 0xa5, 0x4f, 0xfe, 0x09, 0x00, - 0x00, 0xff, 0xff, 0x9e, 0x76, 0x95, 0xa9, 0xbc, 0x06, 0x00, 0x00, + // 839 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0x4f, 0x6f, 0xe3, 0x44, + 0x14, 0xaf, 0xeb, 0xc4, 0x4d, 0x5e, 0xda, 0x28, 0x8c, 0x56, 0x2b, 0x53, 0xd8, 0x52, 0x59, 0x7b, + 0x88, 0x16, 0x70, 0xd8, 0x80, 0x80, 0xe5, 0x80, 0xd4, 0xa0, 0xb0, 0xcd, 0x8a, 0xd0, 0xec, 0x24, + 0xcb, 0x01, 0x21, 0x59, 0xd3, 0x64, 0x36, 0x99, 0xec, 0xc4, 0xb6, 0x66, 0xc6, 0x9b, 0xe6, 0xc4, + 0x47, 0xe0, 0x0b, 0x70, 0xe1, 0xcc, 0x91, 0x2f, 0xc1, 0x91, 0x8f, 0x80, 0xfa, 0x1d, 0xb8, 0xa3, + 0x99, 0xb1, 0x69, 0xb2, 0xa2, 0xb8, 0xdc, 0xe6, 0xf7, 0x9e, 0x7f, 0xbf, 0xf7, 0xfc, 0x7b, 0xf3, + 0x07, 0x1e, 0x92, 0x4c, 0x2d, 0x68, 0xac, 0xd8, 0x94, 0x28, 0x96, 0xc4, 0x9d, 0xd7, 0x8f, 0x09, + 0x4f, 0x17, 0xe4, 0x71, 0x27, 0x4d, 0x38, 0x9b, 0x6e, 0xc2, 0x54, 0x24, 0x2a, 0x41, 0x0f, 0x98, + 0x54, 0x2c, 0x09, 0x77, 0xbf, 0x0d, 0x8b, 0x6f, 0x83, 0x1f, 0xa1, 0x31, 0x56, 0x82, 0xc5, 0xf3, + 0x21, 0x51, 0xd3, 0x05, 0xba, 0x0f, 0x55, 0x7a, 0x45, 0xa6, 0xca, 0x77, 0x4e, 0x9d, 0x76, 0xfd, + 0x7c, 0x0f, 0x5b, 0x88, 0x7c, 0xf0, 0x52, 0x41, 0x5f, 0xb2, 0x2b, 0x7f, 0x3f, 0x4f, 0xe4, 0x58, + 0x67, 0x64, 0xf6, 0x52, 0x67, 0xdc, 0x22, 0x63, 0xb1, 0xd6, 0x12, 0x74, 0x4e, 0xaf, 0xfc, 0x4a, + 0xa1, 0x65, 0x60, 0xef, 0x10, 0x60, 0xa5, 0x8b, 0x45, 0x6a, 0x93, 0xd2, 0xe0, 0x27, 0x07, 0xea, + 0xc3, 0x4c, 0x65, 0x84, 0x4f, 0xb8, 0x44, 0xef, 0x40, 0x9d, 0x70, 0x9e, 0xac, 0x23, 0xc5, 0xa5, + 0xe9, 0xa1, 0x86, 0x6b, 0x26, 0xa0, 0x93, 0x67, 0x50, 0x59, 0x25, 0x33, 0x6a, 0x5a, 0x68, 0x76, + 0x3f, 0x0c, 0xff, 0xf3, 0xcf, 0xc2, 0x7f, 0x44, 0xc3, 0x61, 0x32, 0xa3, 0xd8, 0x50, 0x83, 0x00, + 0x2a, 0x1a, 0x21, 0x00, 0x6f, 0x3c, 0xc1, 0x83, 0xaf, 0x26, 0xad, 0x3d, 0xd4, 0x04, 0x18, 0xf5, + 0xf1, 0x70, 0x30, 0x1e, 0x0f, 0xbe, 0xeb, 0xb7, 0x9c, 0xe0, 0x17, 0x17, 0xdc, 0x67, 0x6b, 0x85, + 0xee, 0x83, 0xc7, 0xa4, 0xcc, 0xa8, 0xb0, 0x66, 0xe0, 0x1c, 0xa1, 0x77, 0xa1, 0x4e, 0xb2, 0x19, + 0xa3, 0xf1, 0x94, 0x4a, 0x7f, 0xff, 0xd4, 0x6d, 0xd7, 0xf1, 0x4d, 0x00, 0xbd, 0x0d, 0xb5, 0xe5, + 0xfa, 0x95, 0x8c, 0x32, 0xc1, 0xac, 0x23, 0xf8, 0x40, 0xe3, 0x17, 0x82, 0xa1, 0xf7, 0xa0, 0xb1, + 0x5c, 0xab, 0x68, 0x41, 0xc9, 0x8c, 0x0a, 0xe9, 0x7b, 0x86, 0x0a, 0xcb, 0xb5, 0x3a, 0xb7, 0x11, + 0xf4, 0x00, 0x34, 0x8a, 0x52, 0x22, 0xc8, 0x4a, 0xfa, 0x07, 0x56, 0x7a, 0xb9, 0x56, 0x23, 0x13, + 0x40, 0x63, 0x38, 0x52, 0x82, 0xcd, 0xe7, 0x54, 0x44, 0x22, 0xe3, 0x54, 0xfa, 0xf5, 0x53, 0xb7, + 0xdd, 0xe8, 0x86, 0x25, 0x46, 0x3c, 0x5b, 0xab, 0x70, 0x62, 0x79, 0x38, 0xe3, 0x14, 0x1f, 0xaa, + 0x1b, 0x20, 0x8f, 0x7f, 0x73, 0xa0, 0xb1, 0x95, 0x45, 0xcf, 0xa1, 0x49, 0xaf, 0xa6, 0x3c, 0x9b, + 0xd1, 0x59, 0x94, 0x12, 0xb5, 0xd0, 0x63, 0xd0, 0x55, 0x1e, 0x95, 0x54, 0xd9, 0xda, 0x45, 0xf8, + 0xa8, 0x50, 0x18, 0x69, 0x01, 0x2d, 0xc9, 0xe2, 0x1d, 0xc9, 0xfd, 0xff, 0x2f, 0x59, 0x28, 0x18, + 0xc9, 0xe0, 0x67, 0x07, 0xfc, 0x11, 0xa5, 0xe2, 0x6c, 0x87, 0x3a, 0xa4, 0x6a, 0x91, 0xcc, 0xd0, + 0x97, 0x50, 0x59, 0x15, 0xfb, 0xa7, 0xd1, 0x6d, 0xdf, 0x75, 0x9f, 0x9c, 0xef, 0x61, 0xc3, 0x43, + 0x9f, 0x82, 0xbb, 0x5c, 0x2b, 0xb3, 0xcd, 0x1a, 0xdd, 0xa0, 0xdc, 0xdd, 0xf3, 0x3d, 0xac, 0x09, + 0xbd, 0x1a, 0x78, 0x76, 0x74, 0x01, 0x86, 0xe3, 0x0b, 0xc1, 0xe6, 0x2c, 0xfe, 0xd7, 0xfe, 0x3e, + 0xb1, 0xfa, 0xce, 0x5d, 0xf5, 0x8d, 0x7a, 0xf0, 0xab, 0x0b, 0xde, 0xc8, 0x9c, 0x6c, 0xf4, 0x14, + 0x0e, 0x14, 0x11, 0x73, 0xaa, 0x8a, 0xe1, 0x94, 0x9d, 0x85, 0x89, 0xf9, 0x7a, 0x4c, 0x39, 0x9d, + 0xaa, 0x44, 0xe0, 0x82, 0x8d, 0x86, 0x50, 0x4d, 0xa9, 0xde, 0x8b, 0x76, 0x20, 0x9f, 0x95, 0xc8, + 0xdc, 0xe6, 0x38, 0xb6, 0x2a, 0xa8, 0x0d, 0x2d, 0xbd, 0x88, 0x98, 0x8c, 0x92, 0x54, 0xa7, 0x09, + 0x37, 0x67, 0xa0, 0x86, 0x9b, 0x3a, 0x3e, 0x90, 0x17, 0x79, 0x14, 0x8d, 0xe1, 0x20, 0x31, 0x06, + 0x49, 0xbf, 0x62, 0x4a, 0x3f, 0x29, 0x29, 0x7d, 0xbb, 0x9d, 0xb8, 0x50, 0x42, 0x1f, 0x00, 0xb2, + 0xcb, 0x9d, 0x06, 0xaa, 0xa6, 0x81, 0x96, 0xcd, 0x6c, 0xb5, 0xf0, 0x03, 0xbc, 0x95, 0x0a, 0x16, + 0x4f, 0x59, 0x4a, 0x78, 0x74, 0xc9, 0xe2, 0x19, 0x8b, 0xe7, 0xbe, 0x67, 0xae, 0x96, 0x4e, 0x99, + 0x0f, 0x05, 0xaf, 0x67, 0x69, 0xb8, 0x95, 0xbe, 0x11, 0x09, 0xfe, 0x72, 0xa0, 0xb9, 0xeb, 0x3a, + 0x42, 0x50, 0x89, 0xc9, 0x8a, 0xe6, 0xb7, 0x89, 0x59, 0xa3, 0x33, 0xa8, 0xa6, 0x89, 0x50, 0xc5, + 0x00, 0xde, 0x2f, 0x2b, 0x9c, 0x88, 0x9b, 0x29, 0x5a, 0x26, 0x7a, 0x0e, 0x1e, 0x27, 0x97, 0x94, + 0x4b, 0xdf, 0xbd, 0x93, 0x93, 0xbb, 0x5d, 0x85, 0xdf, 0x18, 0x6e, 0x3f, 0x56, 0x62, 0x83, 0x73, + 0xa1, 0xe3, 0x27, 0xd0, 0xd8, 0x0a, 0xa3, 0x16, 0xb8, 0xaf, 0xe8, 0x26, 0xef, 0x5b, 0x2f, 0xd1, + 0x3d, 0xa8, 0xbe, 0x26, 0x3c, 0xb3, 0x57, 0x71, 0x1d, 0x5b, 0xf0, 0xc5, 0xfe, 0xe7, 0x4e, 0xf0, + 0x35, 0x1c, 0x6e, 0x37, 0xa9, 0x9f, 0x87, 0x38, 0x5b, 0x5d, 0xe6, 0x97, 0xe8, 0x91, 0x7e, 0x1e, + 0x2c, 0x46, 0xf7, 0x72, 0x3b, 0x8a, 0x07, 0xc5, 0xa0, 0x9e, 0x07, 0x15, 0xfd, 0x5b, 0x8f, 0x3e, + 0x82, 0xd6, 0x9b, 0x2e, 0xa3, 0x43, 0xa8, 0xbd, 0x18, 0xf7, 0xa3, 0x51, 0xbf, 0x8f, 0xed, 0xb5, + 0xad, 0xd1, 0x05, 0x1e, 0x3c, 0x1d, 0x7c, 0xdb, 0x72, 0x7a, 0xdd, 0xdf, 0xaf, 0x4f, 0x9c, 0x3f, + 0xae, 0x4f, 0x9c, 0x3f, 0xaf, 0x4f, 0x9c, 0xef, 0x1f, 0x5a, 0x13, 0x58, 0xd2, 0x21, 0x29, 0xeb, + 0xdc, 0xf2, 0x52, 0x5e, 0x7a, 0xe6, 0x8d, 0xfc, 0xf8, 0xef, 0x00, 0x00, 0x00, 0xff, 0xff, 0x46, + 0xc2, 0xaa, 0x6f, 0x4b, 0x07, 0x00, 0x00, } diff --git a/authentication/v1alpha1/policy.proto b/authentication/v1alpha1/policy.proto index 14c0f4294e..c75181b739 100644 --- a/authentication/v1alpha1/policy.proto +++ b/authentication/v1alpha1/policy.proto @@ -360,6 +360,12 @@ message TargetSelector { // fully qualified domain name will be resolved in a platform specific manner. string name = 1; + // $hide_from_docs + // $not-implemented-hide + // Select workload by labels. + // Once implemented, this is a prefer way over using service name. + map labels = 3; + // Specifies the ports. Note that this is the port(s) exposed by the service, not workload ports. // For example, if a service is defined as below, then `8000` should be used, not `9000`. // ``` diff --git a/mcp/v1alpha1/istio.mcp.v1alpha1.pb.html b/mcp/v1alpha1/istio.mcp.v1alpha1.pb.html index bcee77a76a..cfc253afdf 100644 --- a/mcp/v1alpha1/istio.mcp.v1alpha1.pb.html +++ b/mcp/v1alpha1/istio.mcp.v1alpha1.pb.html @@ -486,6 +486,16 @@

RequestResources

The message field in error_details provides the source internal error related to the failure.

+ + + + + + @@ -573,6 +583,12 @@

Resources

These are typed resources that match the type url in the RequestResources message.

+

When incremental is true, this contains an array of resources to add/update +for the specified collection. This modifies the existing collection at the sink

+ +

When incremental is false, this contains the full set of resources for the +specified collection. This replaces any previously delivered resources.

+ @@ -583,6 +599,12 @@

Resources

removed from the MCP sink node. Removed resources for missing resources can be ignored.

+

When incremental is true, this contains an array of resource names to remove +for the specified collection. This modifies the existing resource collection at +the sink.

+ +

When incremental is false, this field should be ignored.

+ @@ -592,6 +614,15 @@

Resources

Required. The nonce provides a way for RequestChange to uniquely reference a RequestResources.

+ + + + + + diff --git a/mcp/v1alpha1/mcp.pb.go b/mcp/v1alpha1/mcp.pb.go index 764783c4da..c38f7e36a0 100644 --- a/mcp/v1alpha1/mcp.pb.go +++ b/mcp/v1alpha1/mcp.pb.go @@ -367,6 +367,10 @@ type RequestResources struct { // The *message* field in *error_details* provides the source internal error // related to the failure. ErrorDetail *google_rpc.Status `protobuf:"bytes,5,opt,name=error_detail,json=errorDetail" json:"error_detail,omitempty"` + // Request an incremental update for the specified collection. The source may choose to + // honor this request or ignore and and provide a full-state update in the corresponding + // `Resource` response. + Incremental bool `protobuf:"varint,6,opt,name=incremental,proto3" json:"incremental,omitempty"` } func (m *RequestResources) Reset() { *m = RequestResources{} } @@ -409,6 +413,13 @@ func (m *RequestResources) GetErrorDetail() *google_rpc.Status { return nil } +func (m *RequestResources) GetIncremental() bool { + if m != nil { + return m.Incremental + } + return false +} + // Resources do not need to include a full snapshot of the tracked // resources. Instead they are a diff to the state of a MCP client. // Per resource versions allow sources and sinks to track state at @@ -430,14 +441,29 @@ type Resources struct { // The response resources wrapped in the common MCP *Resource* message. // These are typed resources that match the type url in the // RequestResources message. + // + // When `incremental` is true, this contains an array of resources to add/update + // for the specified collection. This modifies the existing collection at the sink + // + // When `incremental` is false, this contains the full set of resources for the + // specified collection. This replaces any previously delivered resources. Resources []Resource `protobuf:"bytes,3,rep,name=resources" json:"resources"` // Names of resources that have been deleted and to be // removed from the MCP sink node. Removed resources for missing // resources can be ignored. + // + // When `incremental` is true, this contains an array of resource names to remove + // for the specified collection. This modifies the existing resource collection at + // the sink. + // + // When `incremental` is false, this field should be ignored. RemovedResources []string `protobuf:"bytes,4,rep,name=removed_resources,json=removedResources" json:"removed_resources,omitempty"` // Required. The nonce provides a way for RequestChange to uniquely // reference a RequestResources. Nonce string `protobuf:"bytes,5,opt,name=nonce,proto3" json:"nonce,omitempty"` + // This resource response is an incremental update. The source should only send + // incremental updates if the sink requested them. + Incremental bool `protobuf:"varint,6,opt,name=incremental,proto3" json:"incremental,omitempty"` } func (m *Resources) Reset() { *m = Resources{} } @@ -480,6 +506,13 @@ func (m *Resources) GetNonce() string { return "" } +func (m *Resources) GetIncremental() bool { + if m != nil { + return m.Incremental + } + return false +} + func init() { proto.RegisterType((*SinkNode)(nil), "istio.mcp.v1alpha1.SinkNode") proto.RegisterType((*MeshConfigRequest)(nil), "istio.mcp.v1alpha1.MeshConfigRequest") @@ -718,6 +751,9 @@ func (this *RequestResources) Equal(that interface{}) bool { if !this.ErrorDetail.Equal(that1.ErrorDetail) { return false } + if this.Incremental != that1.Incremental { + return false + } return true } func (this *Resources) Equal(that interface{}) bool { @@ -764,6 +800,9 @@ func (this *Resources) Equal(that interface{}) bool { if this.Nonce != that1.Nonce { return false } + if this.Incremental != that1.Incremental { + return false + } return true } @@ -1487,6 +1526,16 @@ func (m *RequestResources) MarshalTo(dAtA []byte) (int, error) { } i += n6 } + if m.Incremental { + dAtA[i] = 0x30 + i++ + if m.Incremental { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i++ + } return i, nil } @@ -1550,6 +1599,16 @@ func (m *Resources) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintMcp(dAtA, i, uint64(len(m.Nonce))) i += copy(dAtA[i:], m.Nonce) } + if m.Incremental { + dAtA[i] = 0x30 + i++ + if m.Incremental { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i++ + } return i, nil } @@ -1713,6 +1772,9 @@ func (m *RequestResources) Size() (n int) { l = m.ErrorDetail.Size() n += 1 + l + sovMcp(uint64(l)) } + if m.Incremental { + n += 2 + } return n } @@ -1743,6 +1805,9 @@ func (m *Resources) Size() (n int) { if l > 0 { n += 1 + l + sovMcp(uint64(l)) } + if m.Incremental { + n += 2 + } return n } @@ -3058,6 +3123,26 @@ func (m *RequestResources) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 6: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Incremental", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowMcp + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.Incremental = bool(v != 0) default: iNdEx = preIndex skippy, err := skipMcp(dAtA[iNdEx:]) @@ -3255,6 +3340,26 @@ func (m *Resources) Unmarshal(dAtA []byte) error { } m.Nonce = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 6: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Incremental", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowMcp + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + m.Incremental = bool(v != 0) default: iNdEx = preIndex skippy, err := skipMcp(dAtA[iNdEx:]) @@ -3384,53 +3489,54 @@ var ( func init() { proto.RegisterFile("mcp/v1alpha1/mcp.proto", fileDescriptorMcp) } var fileDescriptorMcp = []byte{ - // 755 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x56, 0x4f, 0x4f, 0x1b, 0x47, - 0x14, 0x67, 0x6c, 0xdc, 0xe2, 0x67, 0x8a, 0xcc, 0x14, 0x15, 0x7b, 0x01, 0x97, 0x5a, 0xa5, 0x42, - 0x42, 0x5d, 0x83, 0xab, 0x4a, 0x6d, 0x0f, 0x55, 0xa1, 0xe5, 0x40, 0x25, 0xa8, 0xb4, 0x56, 0x39, - 0xe4, 0xb2, 0x5a, 0x76, 0x87, 0x65, 0xe4, 0xf5, 0xcc, 0x66, 0x66, 0x6c, 0xc9, 0x87, 0x7c, 0x80, - 0x28, 0xf7, 0xdc, 0x72, 0x8f, 0xc8, 0x17, 0xe1, 0x98, 0x43, 0xce, 0x11, 0xf2, 0x31, 0x9f, 0x22, - 0xda, 0x7f, 0xec, 0x3a, 0x2c, 0x36, 0x4e, 0xc8, 0x25, 0x97, 0xd5, 0xcc, 0x7b, 0x6f, 0x7e, 0xef, - 0xcf, 0xef, 0x37, 0xa3, 0x85, 0xef, 0x7a, 0xb6, 0xdf, 0x1a, 0xec, 0x59, 0x9e, 0x7f, 0x61, 0xed, - 0xb5, 0x7a, 0xb6, 0xaf, 0xfb, 0x82, 0x2b, 0x8e, 0x31, 0x95, 0x8a, 0x72, 0x3d, 0x30, 0x24, 0x5e, - 0x6d, 0xd5, 0xe5, 0xdc, 0xf5, 0x48, 0x4b, 0xf8, 0x76, 0x4b, 0x2a, 0x4b, 0xf5, 0x65, 0x14, 0xac, - 0xad, 0xb8, 0xdc, 0xe5, 0xe1, 0xb2, 0x15, 0xac, 0x62, 0xeb, 0xda, 0x18, 0xb4, 0x20, 0x92, 0xf7, - 0x85, 0x4d, 0x22, 0x67, 0xf3, 0x15, 0x82, 0x85, 0x0e, 0x65, 0xdd, 0x13, 0xee, 0x10, 0xbc, 0x04, - 0x05, 0xea, 0xd4, 0xd0, 0x26, 0xda, 0x2e, 0x1b, 0x05, 0xea, 0xe0, 0xff, 0xa0, 0x62, 0x31, 0xc6, - 0x95, 0xa5, 0x28, 0x67, 0xb2, 0x56, 0xd8, 0x2c, 0x6e, 0x57, 0xda, 0x3f, 0xeb, 0xb7, 0x4b, 0xd2, - 0x13, 0x08, 0x7d, 0x3f, 0x8d, 0x3f, 0x64, 0x4a, 0x0c, 0x8d, 0x2c, 0x82, 0xf6, 0x27, 0x54, 0x3f, - 0x0c, 0xc0, 0x55, 0x28, 0x76, 0xc9, 0x30, 0xce, 0x1a, 0x2c, 0xf1, 0x0a, 0x94, 0x06, 0x96, 0xd7, - 0x27, 0xb5, 0x42, 0x68, 0x8b, 0x36, 0x7f, 0x14, 0x7e, 0x43, 0xcd, 0x77, 0x08, 0x96, 0x8f, 0x89, - 0xbc, 0xf8, 0x9b, 0xb3, 0x73, 0xea, 0x1a, 0xe4, 0x71, 0x9f, 0x48, 0x85, 0x7f, 0x80, 0xc5, 0x01, - 0x11, 0x92, 0x72, 0x66, 0x52, 0x76, 0xce, 0x63, 0xa8, 0x4a, 0x6c, 0x3b, 0x62, 0xe7, 0x1c, 0xff, - 0x0e, 0x65, 0x49, 0x59, 0xd7, 0x64, 0xdc, 0x89, 0x60, 0x2b, 0xed, 0xf5, 0x49, 0x7d, 0x18, 0x0b, - 0x32, 0x19, 0x4a, 0x1d, 0x16, 0xd4, 0xd0, 0x27, 0x66, 0x5f, 0x78, 0xb5, 0x62, 0x88, 0xfc, 0x75, - 0xb0, 0xff, 0x5f, 0x78, 0x78, 0x0b, 0x96, 0x04, 0x91, 0x3e, 0x67, 0x92, 0x98, 0x8c, 0x33, 0x9b, - 0xd4, 0xe6, 0xc3, 0x80, 0x6f, 0x12, 0xeb, 0x49, 0x60, 0xc4, 0xbf, 0xc2, 0x22, 0x11, 0x82, 0x0b, - 0xd3, 0x21, 0xca, 0xa2, 0x5e, 0xad, 0x14, 0xe6, 0xc7, 0x7a, 0x44, 0xa3, 0x2e, 0x7c, 0x5b, 0xef, - 0x84, 0x34, 0x1a, 0x95, 0x30, 0xee, 0x9f, 0x30, 0xac, 0x79, 0x89, 0x00, 0x67, 0x9b, 0x8d, 0x20, - 0xef, 0xd3, 0xed, 0x5f, 0x50, 0x4e, 0x68, 0x4e, 0x58, 0xcb, 0xed, 0xd6, 0x88, 0x83, 0x0e, 0xe6, - 0xaf, 0xde, 0x7e, 0x3f, 0x67, 0xa4, 0x87, 0x26, 0x35, 0xbd, 0x02, 0xa5, 0x6c, 0xaf, 0xd1, 0xa6, - 0x79, 0x59, 0x84, 0xf5, 0x23, 0x66, 0x0b, 0xd2, 0x23, 0x4c, 0x59, 0xde, 0x6d, 0x92, 0xc6, 0x18, - 0x40, 0x1f, 0xcd, 0x40, 0x61, 0xbc, 0x98, 0xa7, 0x08, 0xea, 0x94, 0x51, 0x45, 0x2d, 0xcf, 0x4c, - 0xaa, 0x37, 0xe3, 0x51, 0xc8, 0x5a, 0x31, 0x6c, 0xfd, 0x38, 0x2f, 0xcd, 0xa4, 0x5a, 0xf5, 0xa3, - 0x08, 0x31, 0x19, 0xcf, 0x69, 0x8c, 0x17, 0x09, 0x7a, 0x95, 0xe6, 0x7b, 0x3f, 0xaf, 0x1a, 0xb4, - 0x7f, 0x83, 0xf9, 0xde, 0x5d, 0xd6, 0x4c, 0xd7, 0xe8, 0x0d, 0x82, 0x8d, 0x3b, 0x06, 0x10, 0x8b, - 0x4c, 0x87, 0x6f, 0xe5, 0x50, 0x2a, 0xd2, 0x33, 0x73, 0xb4, 0xb6, 0x1c, 0xb9, 0x4e, 0x1f, 0x54, - 0x71, 0x3b, 0xb0, 0x2c, 0x48, 0x8f, 0x0f, 0x88, 0x63, 0xa6, 0x48, 0x01, 0x81, 0x65, 0xa3, 0x1a, - 0x3b, 0x8c, 0x9b, 0xe0, 0x7c, 0x0d, 0x3e, 0x2f, 0x42, 0x35, 0xa6, 0x30, 0x0d, 0xfd, 0x04, 0xdd, - 0x35, 0x00, 0x6c, 0xee, 0x79, 0xc4, 0x0e, 0x5e, 0xab, 0x78, 0x8a, 0x19, 0x0b, 0x7e, 0x32, 0x5d, - 0x7b, 0xfb, 0xf9, 0x43, 0x18, 0xaf, 0xf1, 0x8b, 0xd7, 0xdb, 0x35, 0x82, 0x72, 0xca, 0xc8, 0xac, - 0xda, 0x9a, 0x46, 0xc3, 0x98, 0xf6, 0x8a, 0x0f, 0xa6, 0xbd, 0xf9, 0x69, 0xda, 0x2b, 0x65, 0xb4, - 0xd7, 0x7e, 0x51, 0x80, 0xb5, 0x7d, 0xd7, 0x15, 0xc4, 0xb5, 0x14, 0x71, 0xd2, 0x1b, 0xd5, 0x21, - 0x62, 0x40, 0x6d, 0x82, 0x7d, 0xa8, 0x77, 0x94, 0x20, 0x56, 0x2f, 0x0d, 0x4a, 0x21, 0xb7, 0xf2, - 0xca, 0xbd, 0xf5, 0x2c, 0x69, 0x3f, 0x4d, 0x0b, 0x8b, 0x68, 0x6f, 0xce, 0x6d, 0xa3, 0x5d, 0x84, - 0x9f, 0x21, 0x68, 0x64, 0x2e, 0x79, 0x5e, 0xde, 0xdd, 0x59, 0x5f, 0x46, 0x6d, 0x6f, 0x86, 0x13, - 0xd9, 0x6a, 0xda, 0x03, 0x58, 0x4a, 0xf2, 0x76, 0xc2, 0x2f, 0x76, 0x60, 0xf5, 0x50, 0x2a, 0xeb, - 0xcc, 0xa3, 0xf2, 0xe2, 0xc6, 0x15, 0x8e, 0x08, 0xff, 0x78, 0x9f, 0x5b, 0xa3, 0x6d, 0x4c, 0x22, - 0x59, 0xc6, 0x79, 0x15, 0x2c, 0xde, 0x80, 0x53, 0xd6, 0x9d, 0x94, 0x75, 0x32, 0x9e, 0x76, 0xaf, - 0xa2, 0xa2, 0xac, 0x07, 0x3b, 0x2f, 0x47, 0x0d, 0x74, 0x35, 0x6a, 0xa0, 0xd7, 0xa3, 0x06, 0xba, - 0x1e, 0x35, 0xd0, 0xa3, 0x7a, 0x74, 0x98, 0xf2, 0x96, 0xe5, 0xd3, 0x56, 0xf6, 0x8f, 0xec, 0xec, - 0xab, 0xf0, 0x4f, 0xec, 0x97, 0xf7, 0x01, 0x00, 0x00, 0xff, 0xff, 0xa7, 0xf2, 0x04, 0xf7, 0x03, - 0x0a, 0x00, 0x00, + // 774 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x56, 0xcd, 0x6e, 0xeb, 0x44, + 0x14, 0xbe, 0xe3, 0x34, 0x97, 0xe4, 0xa4, 0x54, 0xe9, 0x50, 0x51, 0xc7, 0xf7, 0xde, 0x10, 0x22, + 0x8a, 0x22, 0x55, 0x38, 0x6d, 0x10, 0x12, 0xb0, 0x40, 0xb4, 0xd0, 0x45, 0x91, 0x5a, 0x24, 0x47, + 0x74, 0xc1, 0xc6, 0x72, 0xed, 0xa9, 0x3b, 0x8a, 0x33, 0x63, 0x66, 0x26, 0x91, 0xb2, 0x60, 0xc3, + 0x0e, 0xf1, 0x0c, 0xec, 0x51, 0x79, 0x01, 0x1e, 0xa1, 0x4b, 0x16, 0xac, 0x11, 0xca, 0x92, 0xa7, + 0x40, 0xfe, 0xab, 0x1d, 0xea, 0x26, 0x0d, 0x14, 0x89, 0x8d, 0x35, 0x73, 0xce, 0x99, 0xef, 0xfc, + 0x7c, 0xdf, 0x8c, 0x0c, 0x6f, 0x8e, 0xdd, 0xb0, 0x3f, 0x3d, 0x74, 0x82, 0xf0, 0xda, 0x39, 0xec, + 0x8f, 0xdd, 0xd0, 0x0c, 0x05, 0x57, 0x1c, 0x63, 0x2a, 0x15, 0xe5, 0x66, 0x64, 0xc8, 0xbc, 0xc6, + 0xae, 0xcf, 0xb9, 0x1f, 0x90, 0xbe, 0x08, 0xdd, 0xbe, 0x54, 0x8e, 0x9a, 0xc8, 0x24, 0xd8, 0xd8, + 0xf1, 0xb9, 0xcf, 0xe3, 0x65, 0x3f, 0x5a, 0xa5, 0xd6, 0x17, 0x0b, 0xd0, 0x82, 0x48, 0x3e, 0x11, + 0x2e, 0x49, 0x9c, 0xdd, 0x9f, 0x11, 0xd4, 0x86, 0x94, 0x8d, 0xce, 0xb9, 0x47, 0xf0, 0x16, 0x68, + 0xd4, 0xd3, 0x51, 0x07, 0xf5, 0xea, 0x96, 0x46, 0x3d, 0xfc, 0x25, 0x34, 0x1c, 0xc6, 0xb8, 0x72, + 0x14, 0xe5, 0x4c, 0xea, 0x5a, 0xa7, 0xd2, 0x6b, 0x0c, 0xde, 0x33, 0xef, 0x97, 0x64, 0x66, 0x10, + 0xe6, 0x51, 0x1e, 0x7f, 0xc2, 0x94, 0x98, 0x59, 0x45, 0x04, 0xe3, 0x13, 0x68, 0xfe, 0x3d, 0x00, + 0x37, 0xa1, 0x32, 0x22, 0xb3, 0x34, 0x6b, 0xb4, 0xc4, 0x3b, 0x50, 0x9d, 0x3a, 0xc1, 0x84, 0xe8, + 0x5a, 0x6c, 0x4b, 0x36, 0x1f, 0x6b, 0x1f, 0xa2, 0xee, 0x9f, 0x08, 0xb6, 0xcf, 0x88, 0xbc, 0xfe, + 0x8c, 0xb3, 0x2b, 0xea, 0x5b, 0xe4, 0x9b, 0x09, 0x91, 0x0a, 0xbf, 0x0d, 0x9b, 0x53, 0x22, 0x24, + 0xe5, 0xcc, 0xa6, 0xec, 0x8a, 0xa7, 0x50, 0x8d, 0xd4, 0x76, 0xca, 0xae, 0x38, 0xfe, 0x08, 0xea, + 0x92, 0xb2, 0x91, 0xcd, 0xb8, 0x97, 0xc0, 0x36, 0x06, 0x2f, 0x97, 0xf5, 0x61, 0xd5, 0x64, 0x36, + 0x94, 0x16, 0xd4, 0xd4, 0x2c, 0x24, 0xf6, 0x44, 0x04, 0x7a, 0x25, 0x46, 0x7e, 0x2d, 0xda, 0x7f, + 0x25, 0x02, 0xbc, 0x07, 0x5b, 0x82, 0xc8, 0x90, 0x33, 0x49, 0x6c, 0xc6, 0x99, 0x4b, 0xf4, 0x8d, + 0x38, 0xe0, 0xf5, 0xcc, 0x7a, 0x1e, 0x19, 0xf1, 0x07, 0xb0, 0x49, 0x84, 0xe0, 0xc2, 0xf6, 0x88, + 0x72, 0x68, 0xa0, 0x57, 0xe3, 0xfc, 0xd8, 0x4c, 0x68, 0x34, 0x45, 0xe8, 0x9a, 0xc3, 0x98, 0x46, + 0xab, 0x11, 0xc7, 0x7d, 0x1e, 0x87, 0x75, 0x6f, 0x10, 0xe0, 0x62, 0xb3, 0x09, 0xe4, 0x63, 0xba, + 0xfd, 0x14, 0xea, 0x19, 0xcd, 0x19, 0x6b, 0xa5, 0xdd, 0x5a, 0x69, 0xd0, 0xf1, 0xc6, 0xed, 0xef, + 0x6f, 0x3d, 0xb3, 0xf2, 0x43, 0xcb, 0x9a, 0xde, 0x81, 0x6a, 0xb1, 0xd7, 0x64, 0xd3, 0xbd, 0xa9, + 0xc0, 0xcb, 0x53, 0xe6, 0x0a, 0x32, 0x26, 0x4c, 0x39, 0xc1, 0x7d, 0x92, 0x16, 0x18, 0x40, 0xff, + 0x98, 0x01, 0x6d, 0xb1, 0x98, 0xef, 0x11, 0xb4, 0x28, 0xa3, 0x8a, 0x3a, 0x81, 0x9d, 0x55, 0x6f, + 0xa7, 0xa3, 0x90, 0x7a, 0x25, 0x6e, 0xfd, 0xac, 0x2c, 0xcd, 0xb2, 0x5a, 0xcd, 0xd3, 0x04, 0x31, + 0x1b, 0xcf, 0x45, 0x8a, 0x97, 0x08, 0x7a, 0x97, 0x96, 0x7b, 0xff, 0x5b, 0x35, 0x18, 0x5f, 0x44, + 0xf3, 0x7d, 0xb8, 0xac, 0xb5, 0xae, 0xd1, 0x6f, 0x08, 0x5e, 0x3d, 0x30, 0x80, 0x54, 0x64, 0x26, + 0xbc, 0x21, 0x67, 0x52, 0x91, 0xb1, 0x5d, 0xa2, 0xb5, 0xed, 0xc4, 0x75, 0xf1, 0xa4, 0x8a, 0xdb, + 0x87, 0x6d, 0x41, 0xc6, 0x7c, 0x4a, 0x3c, 0x3b, 0x47, 0x8a, 0x08, 0xac, 0x5b, 0xcd, 0xd4, 0x61, + 0xdd, 0x05, 0x97, 0x6b, 0xf0, 0x97, 0x0a, 0x34, 0x53, 0x0a, 0xf3, 0xd0, 0x7f, 0xa1, 0xbb, 0x36, + 0x80, 0xcb, 0x83, 0x80, 0xb8, 0xd1, 0x6b, 0x95, 0x4e, 0xb1, 0x60, 0xc1, 0xdf, 0xae, 0xd6, 0xde, + 0x51, 0xf9, 0x10, 0x16, 0x6b, 0xfc, 0x3f, 0xea, 0x0d, 0x77, 0xa0, 0x41, 0x73, 0x89, 0xe8, 0xcf, + 0x3b, 0xa8, 0x57, 0xb3, 0x8a, 0xa6, 0x27, 0x55, 0xe4, 0x77, 0x1a, 0xd4, 0x73, 0xce, 0xd6, 0x55, + 0xdf, 0x2a, 0xa2, 0x16, 0xd4, 0x59, 0x79, 0x32, 0x75, 0x6e, 0xac, 0x52, 0x67, 0xb5, 0xa0, 0xce, + 0xd5, 0x03, 0x1d, 0xfc, 0xa8, 0xc1, 0x8b, 0x23, 0xdf, 0x17, 0xc4, 0x77, 0x14, 0xf1, 0xf2, 0x5b, + 0x39, 0x24, 0x62, 0x4a, 0x5d, 0x82, 0x43, 0x68, 0x0d, 0x95, 0x20, 0xce, 0x38, 0x0f, 0xca, 0x93, + 0xee, 0x95, 0x35, 0x74, 0xef, 0x69, 0x33, 0xde, 0x5d, 0x15, 0x96, 0x48, 0xa7, 0xfb, 0xac, 0x87, + 0x0e, 0x10, 0xfe, 0x01, 0x41, 0xbb, 0xf0, 0x50, 0x94, 0xe5, 0x3d, 0x58, 0xf7, 0x75, 0x35, 0x0e, + 0xd7, 0x38, 0x51, 0xac, 0x66, 0x30, 0x85, 0xad, 0x2c, 0xef, 0x30, 0xfe, 0x62, 0x0f, 0x76, 0x4f, + 0xa4, 0x72, 0x2e, 0x03, 0x2a, 0xaf, 0xef, 0x5c, 0xf1, 0x88, 0xf0, 0x3b, 0x8f, 0xb9, 0x79, 0xc6, + 0xab, 0x65, 0x32, 0x90, 0x69, 0x5e, 0x05, 0x9b, 0x77, 0xe0, 0x94, 0x8d, 0x96, 0x65, 0x5d, 0x8e, + 0x67, 0x3c, 0xaa, 0xa8, 0x24, 0xeb, 0xf1, 0xfe, 0x4f, 0xf3, 0x36, 0xba, 0x9d, 0xb7, 0xd1, 0xaf, + 0xf3, 0x36, 0xfa, 0x63, 0xde, 0x46, 0x5f, 0xb7, 0x92, 0xc3, 0x94, 0xf7, 0x9d, 0x90, 0xf6, 0x8b, + 0x7f, 0x75, 0x97, 0xcf, 0xe3, 0xbf, 0xb9, 0xf7, 0xff, 0x0a, 0x00, 0x00, 0xff, 0xff, 0x4e, 0x31, + 0xdd, 0xdb, 0x47, 0x0a, 0x00, 0x00, } diff --git a/mcp/v1alpha1/mcp.proto b/mcp/v1alpha1/mcp.proto index 777f6ae0c6..3071452694 100644 --- a/mcp/v1alpha1/mcp.proto +++ b/mcp/v1alpha1/mcp.proto @@ -221,6 +221,11 @@ message RequestResources { // The *message* field in *error_details* provides the source internal error // related to the failure. google.rpc.Status error_detail = 5; + + // Request an incremental update for the specified collection. The source may choose to + // honor this request or ignore and and provide a full-state update in the corresponding + // `Resource` response. + bool incremental = 6; } // Resources do not need to include a full snapshot of the tracked @@ -246,16 +251,32 @@ message Resources { // The response resources wrapped in the common MCP *Resource* message. // These are typed resources that match the type url in the // RequestResources message. + // + // When `incremental` is true, this contains an array of resources to add/update + // for the specified collection. This modifies the existing collection at the sink + // + // When `incremental` is false, this contains the full set of resources for the + // specified collection. This replaces any previously delivered resources. repeated Resource resources = 3 [(gogoproto.nullable) = false]; // Names of resources that have been deleted and to be // removed from the MCP sink node. Removed resources for missing // resources can be ignored. + // + // When `incremental` is true, this contains an array of resource names to remove + // for the specified collection. This modifies the existing resource collection at + // the sink. + // + // When `incremental` is false, this field should be ignored. repeated string removed_resources = 4; // Required. The nonce provides a way for RequestChange to uniquely // reference a RequestResources. string nonce = 5; + + // This resource response is an incremental update. The source should only send + // incremental updates if the sink requested them. + bool incremental = 6; } // ResourceSource and ResourceSink services are semantically diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 1face7462e..18540c5d6d 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -6,7 +6,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/istio.routing.v1alpha1/ -number_of_entries: 60 +number_of_entries: 62 ---

Configuration affecting traffic routing. Here are a few terms useful to define in the context of traffic routing.

@@ -37,6 +37,47 @@ application code to decouple itself from the evolution of dependent services.

+

CaptureMode

+
+

CaptureMode describes how traffic to a listener is expected to be +captured. Applicable only when the listener is bound to an IP.

+ +
incrementalbool +

Request an incremental update for the specified collection. The source may choose to +honor this request or ignore and and provide a full-state update in the corresponding +Resource response.

+
incrementalbool +

This resource response is an incremental update. The source should only send +incremental updates if the sink requested them.

+
+ + + + + + + + + + + + + + + + + + + + +
NameDescription
DEFAULT +

The default capture mode defined by the environment

+ +
IPTABLES +

Capture traffic using IPtables redirection

+ +
NONE +

No traffic capture. When used in egress listener, the application is +expected to explicitly communicate with the listener port/unix +domain socket. When used in ingress listener, care needs to be taken +to ensure that the listener port is not in use by other processes on +the host.

+ +
+

ConfigScope

ConfigScope defines the visibility of an Istio configuration artifact in @@ -2151,12 +2192,43 @@

IstioEgressListener

+ +port +Port + +

The port associated with the listener. If using unix domain socket, +use 0 as the port number, with a valid protocol. The port if +specified, will be used as the default destination port associated +with the imported hosts. If the port is omitted, Istio will infer the +listener ports based on the imported hosts. Note that when multiple +egress listeners are specified, where one or more listeners have +specific ports while others have no port, the hosts exposed on a +listener port will be based on the listener with the most specific +port.

+ + + + +bind +string + +

The ip or the unix domain socket to which the listener should be bound +to. Port MUST be specified if bind is not empty. Format: x.x.x.x or +unix:///path/to/uds or unix://@foobar (Linux abstract namespace). If +omitted, Istio will autoconfigure the defaults based on imported +services, the workload to which this configuration is applied to and +the captureMode. If captureMode is NONE, bind will default to +127.0.0.1.

+ + + captureMode CaptureMode

When the bind address is an IP, the captureMode option dictates -how traffic to the listener is expected to be captured (or not).

+how traffic to the listener is expected to be captured (or not). +captureMode must be DEFAULT or NONE for unix domain socket binds.

@@ -2164,8 +2236,8 @@

IstioEgressListener

hosts string[] -

One or more services/virtualServices exposed by the listener in -namespace/dnsName format. Publicly scoped services and +

REQUIRED: One or more services/virtualServices exposed by the listener +in namespace/dnsName format. Publicly scoped services and VirtualServices from remote namespaces corresponding to the specified hosts will be imported. The service in a namespace can be a service in the service registry (e.g., a kubernetes or cloud foundry service) or @@ -2183,6 +2255,67 @@

IstioEgressListener

imported. Refer to the scope setting associated with VirtualService, DestinationRule, ServiceEntry, etc. for details.

+ + + + +
+

IstioIngressListener

+
+

IstioIngressListener specifies the properties of an inbound +traffic listener on the sidecar proxy attached to a workload.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -3652,8 +3785,9 @@

Sidecar

with a workload selector select the same workload.

The example below delcares a Sidecar resource in the prod-us1 namespace -that configures the sidecar to allow egress traffic to public services -in the prod-us1, prod-apis, and the istio-system namespaces.

+that configures the sidecars in the namespace to allow egress traffic to +public services in the prod-us1, prod-apis, and the istio-system +namespaces.

apiVersion: networking.istio.io/v1alpha3
 kind: Sidecar
@@ -3668,6 +3802,36 @@ 
Sidecar

     - "istio-system/*"
+

The example below delcares a Sidecar resource in the prod-us1 namespace +that accepts inbound HTTP traffic on port 9080 and forwards +it to the attached workload listening on a unix domain socket. In the +egress direction, in addition to the istio-system namespace, the sidecar +proxies only HTTP traffic bound for port 9080 for services in the +prod-us1 namespace.

+ +
apiVersion: networking.istio.io/v1alpha3
+kind: Sidecar
+metadata:
+  name: default
+  namespace: prod-us1
+spec:
+  ingress:
+  - port:
+      number: 9080
+      protocol: HTTP
+      name: somename
+    defaultEndpoint: unix:///var/run/someuds.sock
+  egress:
+  - hosts:
+    - "istio-system/*"
+  - port:
+      number: 9080
+      protocol: HTTP
+      name: egresshttp
+    hosts:
+    - "prod-us1/*"
+
+
FieldTypeDescription
portPort +

REQUIRED. The port associated with the listener. If using +unix domain socket, use 0 as the port number, with a valid +protocol.

+ +
bindstring +

The ip or the unix domain socket to which the listener should be bound +to. Format: x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux +abstract namespace). If omitted, Istio will autoconfigure the defaults +based on imported services and the workload to which this +configuration is applied to.

+ +
captureModeCaptureMode +

When the bind address is an IP, the captureMode option dictates +how traffic to the listener is expected to be captured (or not). +captureMode must be DEFAULT or NONE for unix domain socket binds.

+ +
defaultEndpointstring +

REQUIRED: The loopback IP endpoint or unix domain socket to which +traffic should be forwarded to. This configuration can be used to +redirect traffic arriving at the bind point on the sidecar to a port +or unix domain socket where the application workload is listening for +connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket

+
@@ -3677,6 +3841,29 @@

Sidecar

+ + + + + + + + + + @@ -4479,10 +4666,10 @@

WorkloadSelector

diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index 6c4e074c0f..0c2afe181a 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -43,7 +43,6 @@ func (x ConfigScope) String() string { } func (ConfigScope) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidecar, []int{0} } -// $hide_from_docs // CaptureMode describes how traffic to a listener is expected to be // captured. Applicable only when the listener is bound to an IP. type CaptureMode int32 @@ -105,8 +104,9 @@ func (CaptureMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // with a workload selector select the same workload. // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that configures the sidecar to allow egress traffic to public services -// in the prod-us1, prod-apis, and the istio-system namespaces. +// that configures the sidecars in the namespace to allow egress traffic to +// public services in the prod-us1, prod-apis, and the istio-system +// namespaces. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -122,14 +122,43 @@ func (CaptureMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // - "istio-system/*" // ``` // +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that accepts inbound HTTP traffic on port 9080 and forwards +// it to the attached workload listening on a unix domain socket. In the +// egress direction, in addition to the istio-system namespace, the sidecar +// proxies only HTTP traffic bound for port 9080 for services in the +// prod-us1 namespace. +// +// ```yaml +// apiVersion: networking.istio.io/v1alpha3 +// kind: Sidecar +// metadata: +// name: default +// namespace: prod-us1 +// spec: +// ingress: +// - port: +// number: 9080 +// protocol: HTTP +// name: somename +// defaultEndpoint: unix:///var/run/someuds.sock +// egress: +// - hosts: +// - "istio-system/*" +// - port: +// number: 9080 +// protocol: HTTP +// name: egresshttp +// hosts: +// - "prod-us1/*" +// ``` +// type Sidecar struct { - // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this // sidecar configuration should be applied. If omitted, the sidecar - // configuration will be applied to all workloads in the current config + // configuration will be applied to all workloads in the same config // namespace. WorkloadSelector *WorkloadSelector `protobuf:"bytes,1,opt,name=workload_selector,json=workloadSelector" json:"workload_selector,omitempty"` - // $hide_from_docs // Ingress specifies the configuration of the sidecar for processing // inbound traffic to the attached workload. If omitted, Istio will // autoconfigure the sidecar based on the information about the workload @@ -169,7 +198,6 @@ func (m *Sidecar) GetEgress() []*IstioEgressListener { return nil } -// $hide_from_docs // IstioIngressListener specifies the properties of an inbound // traffic listener on the sidecar proxy attached to a workload. type IstioIngressListener struct { @@ -185,11 +213,12 @@ type IstioIngressListener struct { Bind string `protobuf:"bytes,2,opt,name=bind,proto3" json:"bind,omitempty"` // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). + // captureMode must be DEFAULT or NONE for unix domain socket binds. CaptureMode CaptureMode `protobuf:"varint,3,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.CaptureMode" json:"capture_mode,omitempty"` - // The loopback IP endpoint or unix domain socket to which traffic should - // be forwarded to by default. This configuration can be used to redirect - // traffic arriving at the bind point on the sidecar to a port or unix - // domain socket where the application workload is listening for + // REQUIRED: The loopback IP endpoint or unix domain socket to which + // traffic should be forwarded to. This configuration can be used to + // redirect traffic arriving at the bind point on the sidecar to a port + // or unix domain socket where the application workload is listening for // connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket DefaultEndpoint string `protobuf:"bytes,4,opt,name=default_endpoint,json=defaultEndpoint,proto3" json:"default_endpoint,omitempty"` } @@ -230,7 +259,6 @@ func (m *IstioIngressListener) GetDefaultEndpoint() string { // IstioEgressListener specifies the properties of an outbound traffic // listener on the sidecar proxy attached to a workload. type IstioEgressListener struct { - // $hide_from_docs // The port associated with the listener. If using unix domain socket, // use 0 as the port number, with a valid protocol. The port if // specified, will be used as the default destination port associated @@ -241,19 +269,20 @@ type IstioEgressListener struct { // listener port will be based on the listener with the most specific // port. Port *Port `protobuf:"bytes,1,opt,name=port" json:"port,omitempty"` - // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound - // to. Port MUST be specified if bind is not empty. Format: - // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract - // namespace). If omitted, Istio will autoconfigure the defaults based on - // imported services and the workload to which this configuration is - // applied to. + // to. Port MUST be specified if bind is not empty. Format: x.x.x.x or + // unix:///path/to/uds or unix://@foobar (Linux abstract namespace). If + // omitted, Istio will autoconfigure the defaults based on imported + // services, the workload to which this configuration is applied to and + // the captureMode. If captureMode is NONE, bind will default to + // 127.0.0.1. Bind string `protobuf:"bytes,2,opt,name=bind,proto3" json:"bind,omitempty"` // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). + // captureMode must be DEFAULT or NONE for unix domain socket binds. CaptureMode CaptureMode `protobuf:"varint,3,opt,name=capture_mode,json=captureMode,proto3,enum=istio.networking.v1alpha3.CaptureMode" json:"capture_mode,omitempty"` - // One or more services/virtualServices exposed by the listener in - // namespace/dnsName format. Publicly scoped services and + // REQUIRED: One or more services/virtualServices exposed by the listener + // in namespace/dnsName format. Publicly scoped services and // VirtualServices from remote namespaces corresponding to the specified // hosts will be imported. The service in a namespace can be a service in // the service registry (e.g., a kubernetes or cloud foundry service) or @@ -314,10 +343,10 @@ func (m *IstioEgressListener) GetHosts() []string { // specified, all conditions need to match in order for the workload to be // selected. Currently, only label based selection mechanism is supported. type WorkloadSelector struct { - // One or more labels that indicate a specific set of pods/VMs on which - // this sidecar configuration should be applied. The scope of label - // search is restricted to the configuration namespace in which the the - // resource is present. + // REQUIRED: One or more labels that indicate a specific set of pods/VMs + // on which this sidecar configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // the resource is present. Labels map[string]string `protobuf:"bytes,1,rep,name=labels" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` } diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index 369b6be38c..f927fe919c 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -48,8 +48,9 @@ option go_package = "istio.io/api/networking/v1alpha3"; // with a workload selector select the same workload. // // The example below delcares a Sidecar resource in the prod-us1 namespace -// that configures the sidecar to allow egress traffic to public services -// in the prod-us1, prod-apis, and the istio-system namespaces. +// that configures the sidecars in the namespace to allow egress traffic to +// public services in the prod-us1, prod-apis, and the istio-system +// namespaces. // // ```yaml // apiVersion: networking.istio.io/v1alpha3 @@ -65,15 +66,44 @@ option go_package = "istio.io/api/networking/v1alpha3"; // - "istio-system/*" // ``` // +// The example below delcares a Sidecar resource in the prod-us1 namespace +// that accepts inbound HTTP traffic on port 9080 and forwards +// it to the attached workload listening on a unix domain socket. In the +// egress direction, in addition to the istio-system namespace, the sidecar +// proxies only HTTP traffic bound for port 9080 for services in the +// prod-us1 namespace. +// +// ```yaml +// apiVersion: networking.istio.io/v1alpha3 +// kind: Sidecar +// metadata: +// name: default +// namespace: prod-us1 +// spec: +// ingress: +// - port: +// number: 9080 +// protocol: HTTP +// name: somename +// defaultEndpoint: unix:///var/run/someuds.sock +// egress: +// - hosts: +// - "istio-system/*" +// - port: +// number: 9080 +// protocol: HTTP +// name: egresshttp +// hosts: +// - "prod-us1/*" +// ``` +// message Sidecar { - // $hide_from_docs // Criteria used to select the specific set of pods/VMs on which this // sidecar configuration should be applied. If omitted, the sidecar - // configuration will be applied to all workloads in the current config + // configuration will be applied to all workloads in the same config // namespace. WorkloadSelector workload_selector = 1; - // $hide_from_docs // Ingress specifies the configuration of the sidecar for processing // inbound traffic to the attached workload. If omitted, Istio will // autoconfigure the sidecar based on the information about the workload @@ -88,7 +118,6 @@ message Sidecar { repeated IstioEgressListener egress = 3; } -// $hide_from_docs // IstioIngressListener specifies the properties of an inbound // traffic listener on the sidecar proxy attached to a workload. message IstioIngressListener { @@ -106,12 +135,13 @@ message IstioIngressListener { // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). + // captureMode must be DEFAULT or NONE for unix domain socket binds. CaptureMode capture_mode = 3; - // The loopback IP endpoint or unix domain socket to which traffic should - // be forwarded to by default. This configuration can be used to redirect - // traffic arriving at the bind point on the sidecar to a port or unix - // domain socket where the application workload is listening for + // REQUIRED: The loopback IP endpoint or unix domain socket to which + // traffic should be forwarded to. This configuration can be used to + // redirect traffic arriving at the bind point on the sidecar to a port + // or unix domain socket where the application workload is listening for // connections. Format should be 127.0.0.1:PORT or unix:///path/to/socket string default_endpoint = 4; } @@ -119,7 +149,6 @@ message IstioIngressListener { // IstioEgressListener specifies the properties of an outbound traffic // listener on the sidecar proxy attached to a workload. message IstioEgressListener { - // $hide_from_docs // The port associated with the listener. If using unix domain socket, // use 0 as the port number, with a valid protocol. The port if // specified, will be used as the default destination port associated @@ -131,21 +160,22 @@ message IstioEgressListener { // port. Port port = 1; - // $hide_from_docs // The ip or the unix domain socket to which the listener should be bound - // to. Port MUST be specified if bind is not empty. Format: - // x.x.x.x or unix:///path/to/uds or unix://@foobar (Linux abstract - // namespace). If omitted, Istio will autoconfigure the defaults based on - // imported services and the workload to which this configuration is - // applied to. + // to. Port MUST be specified if bind is not empty. Format: x.x.x.x or + // unix:///path/to/uds or unix://@foobar (Linux abstract namespace). If + // omitted, Istio will autoconfigure the defaults based on imported + // services, the workload to which this configuration is applied to and + // the captureMode. If captureMode is NONE, bind will default to + // 127.0.0.1. string bind = 2; // When the bind address is an IP, the captureMode option dictates // how traffic to the listener is expected to be captured (or not). + // captureMode must be DEFAULT or NONE for unix domain socket binds. CaptureMode capture_mode = 3; - // One or more services/virtualServices exposed by the listener in - // namespace/dnsName format. Publicly scoped services and + // REQUIRED: One or more services/virtualServices exposed by the listener + // in namespace/dnsName format. Publicly scoped services and // VirtualServices from remote namespaces corresponding to the specified // hosts will be imported. The service in a namespace can be a service in // the service registry (e.g., a kubernetes or cloud foundry service) or @@ -187,10 +217,10 @@ enum ConfigScope { // specified, all conditions need to match in order for the workload to be // selected. Currently, only label based selection mechanism is supported. message WorkloadSelector { - // One or more labels that indicate a specific set of pods/VMs on which - // this sidecar configuration should be applied. The scope of label - // search is restricted to the configuration namespace in which the the - // resource is present. + // REQUIRED: One or more labels that indicate a specific set of pods/VMs + // on which this sidecar configuration should be applied. The scope of + // label search is restricted to the configuration namespace in which the + // the resource is present. map labels = 1; // $hide_from_docs @@ -199,7 +229,6 @@ message WorkloadSelector { // etc. This has nothing to do with the request level authN etc. } -// $hide_from_docs // CaptureMode describes how traffic to a listener is expected to be // captured. Applicable only when the listener is bound to an IP. enum CaptureMode { @@ -216,36 +245,3 @@ enum CaptureMode { // the host. NONE = 2; } - -// $hide_from_docs -// The example below delcares a Sidecar resource in the prod-us1 namespace -// that accepts inbound HTTP traffic on port 9080 and forwards -// it to the attached workload listening on a unix domain socket. In the -// egress direction, in addition to the istio-system namespace, the sidecar -// proxies only HTTP traffic bound for port 9080 for services in the -// prod-us1 namespace. -// -// ```yaml -// apiVersion: networking.istio.io/v1alpha3 -// kind: Sidecar -// metadata: -// name: default -// namespace: prod-us1 -// spec: -// ingress: -// - port: -// number: 9080 -// protocol: HTTP -// name: somename -// defaultEndpoint: unix:///var/run/someuds.sock -// egress: -// - hosts: -// - "istio-system/*" -// - port: -// number: 9080 -// protocol: HTTP -// name: egresshttp -// hosts: -// - "prod-us1/*" -// ``` -// diff --git a/proto.lock b/proto.lock index 36b370e7cd..67af790a4d 100644 --- a/proto.lock +++ b/proto.lock @@ -207,6 +207,16 @@ "type": "PortSelector", "is_repeated": true } + ], + "maps": [ + { + "key_type": "string", + "field": { + "id": 3, + "name": "labels", + "type": "string" + } + } ] }, { @@ -581,6 +591,11 @@ "id": 5, "name": "error_detail", "type": "google.rpc.Status" + }, + { + "id": 6, + "name": "incremental", + "type": "bool" } ], "maps": [ @@ -623,6 +638,11 @@ "id": 5, "name": "nonce", "type": "string" + }, + { + "id": 6, + "name": "incremental", + "type": "bool" } ] } diff --git a/python/istio_api/authentication/v1alpha1/policy_pb2.py b/python/istio_api/authentication/v1alpha1/policy_pb2.py index 2ba26d5697..070cf8c75c 100644 --- a/python/istio_api/authentication/v1alpha1/policy_pb2.py +++ b/python/istio_api/authentication/v1alpha1/policy_pb2.py @@ -20,7 +20,7 @@ name='authentication/v1alpha1/policy.proto', package='istio.authentication.v1alpha1', syntax='proto3', - serialized_pb=_b('\n$authentication/v1alpha1/policy.proto\x12\x1distio.authentication.v1alpha1\"a\n\x0bStringMatch\x12\x0f\n\x05\x65xact\x18\x01 \x01(\tH\x00\x12\x10\n\x06prefix\x18\x02 \x01(\tH\x00\x12\x10\n\x06suffix\x18\x03 \x01(\tH\x00\x12\x0f\n\x05regex\x18\x04 \x01(\tH\x00\x42\x0c\n\nmatch_type\"\x7f\n\tMutualTls\x12\x11\n\tallow_tls\x18\x01 \x01(\x08\x12;\n\x04mode\x18\x02 \x01(\x0e\x32-.istio.authentication.v1alpha1.MutualTls.Mode\"\"\n\x04Mode\x12\n\n\x06STRICT\x10\x00\x12\x0e\n\nPERMISSIVE\x10\x01\"\xc2\x02\n\x03Jwt\x12\x0e\n\x06issuer\x18\x01 \x01(\t\x12\x11\n\taudiences\x18\x02 \x03(\t\x12\x10\n\x08jwks_uri\x18\x03 \x01(\t\x12\x13\n\x0bjwt_headers\x18\x06 \x03(\t\x12\x12\n\njwt_params\x18\x07 \x03(\t\x12\x45\n\rtrigger_rules\x18\t \x03(\x0b\x32..istio.authentication.v1alpha1.Jwt.TriggerRule\x1a\x95\x01\n\x0bTriggerRule\x12\x42\n\x0e\x65xcluded_paths\x18\x01 \x03(\x0b\x32*.istio.authentication.v1alpha1.StringMatch\x12\x42\n\x0eincluded_paths\x18\x02 \x03(\x0b\x32*.istio.authentication.v1alpha1.StringMatch\"\x91\x01\n\x18PeerAuthenticationMethod\x12\x38\n\x04mtls\x18\x01 \x01(\x0b\x32(.istio.authentication.v1alpha1.MutualTlsH\x00\x12\x31\n\x03jwt\x18\x02 \x01(\x0b\x32\".istio.authentication.v1alpha1.JwtH\x00\x42\x08\n\x06params\"M\n\x1aOriginAuthenticationMethod\x12/\n\x03jwt\x18\x01 \x01(\x0b\x32\".istio.authentication.v1alpha1.Jwt\"\xde\x02\n\x06Policy\x12>\n\x07targets\x18\x01 \x03(\x0b\x32-.istio.authentication.v1alpha1.TargetSelector\x12\x46\n\x05peers\x18\x02 \x03(\x0b\x32\x37.istio.authentication.v1alpha1.PeerAuthenticationMethod\x12\x18\n\x10peer_is_optional\x18\x03 \x01(\x08\x12J\n\x07origins\x18\x04 \x03(\x0b\x32\x39.istio.authentication.v1alpha1.OriginAuthenticationMethod\x12\x1a\n\x12origin_is_optional\x18\x05 \x01(\x08\x12J\n\x11principal_binding\x18\x06 \x01(\x0e\x32/.istio.authentication.v1alpha1.PrincipalBinding\"Z\n\x0eTargetSelector\x12\x0c\n\x04name\x18\x01 \x01(\t\x12:\n\x05ports\x18\x02 \x03(\x0b\x32+.istio.authentication.v1alpha1.PortSelector\"8\n\x0cPortSelector\x12\x10\n\x06number\x18\x01 \x01(\rH\x00\x12\x0e\n\x04name\x18\x02 \x01(\tH\x00\x42\x06\n\x04port*0\n\x10PrincipalBinding\x12\x0c\n\x08USE_PEER\x10\x00\x12\x0e\n\nUSE_ORIGIN\x10\x01\x42&Z$istio.io/api/authentication/v1alpha1b\x06proto3') + serialized_pb=_b('\n$authentication/v1alpha1/policy.proto\x12\x1distio.authentication.v1alpha1\"a\n\x0bStringMatch\x12\x0f\n\x05\x65xact\x18\x01 \x01(\tH\x00\x12\x10\n\x06prefix\x18\x02 \x01(\tH\x00\x12\x10\n\x06suffix\x18\x03 \x01(\tH\x00\x12\x0f\n\x05regex\x18\x04 \x01(\tH\x00\x42\x0c\n\nmatch_type\"\x7f\n\tMutualTls\x12\x11\n\tallow_tls\x18\x01 \x01(\x08\x12;\n\x04mode\x18\x02 \x01(\x0e\x32-.istio.authentication.v1alpha1.MutualTls.Mode\"\"\n\x04Mode\x12\n\n\x06STRICT\x10\x00\x12\x0e\n\nPERMISSIVE\x10\x01\"\xc2\x02\n\x03Jwt\x12\x0e\n\x06issuer\x18\x01 \x01(\t\x12\x11\n\taudiences\x18\x02 \x03(\t\x12\x10\n\x08jwks_uri\x18\x03 \x01(\t\x12\x13\n\x0bjwt_headers\x18\x06 \x03(\t\x12\x12\n\njwt_params\x18\x07 \x03(\t\x12\x45\n\rtrigger_rules\x18\t \x03(\x0b\x32..istio.authentication.v1alpha1.Jwt.TriggerRule\x1a\x95\x01\n\x0bTriggerRule\x12\x42\n\x0e\x65xcluded_paths\x18\x01 \x03(\x0b\x32*.istio.authentication.v1alpha1.StringMatch\x12\x42\n\x0eincluded_paths\x18\x02 \x03(\x0b\x32*.istio.authentication.v1alpha1.StringMatch\"\x91\x01\n\x18PeerAuthenticationMethod\x12\x38\n\x04mtls\x18\x01 \x01(\x0b\x32(.istio.authentication.v1alpha1.MutualTlsH\x00\x12\x31\n\x03jwt\x18\x02 \x01(\x0b\x32\".istio.authentication.v1alpha1.JwtH\x00\x42\x08\n\x06params\"M\n\x1aOriginAuthenticationMethod\x12/\n\x03jwt\x18\x01 \x01(\x0b\x32\".istio.authentication.v1alpha1.Jwt\"\xde\x02\n\x06Policy\x12>\n\x07targets\x18\x01 \x03(\x0b\x32-.istio.authentication.v1alpha1.TargetSelector\x12\x46\n\x05peers\x18\x02 \x03(\x0b\x32\x37.istio.authentication.v1alpha1.PeerAuthenticationMethod\x12\x18\n\x10peer_is_optional\x18\x03 \x01(\x08\x12J\n\x07origins\x18\x04 \x03(\x0b\x32\x39.istio.authentication.v1alpha1.OriginAuthenticationMethod\x12\x1a\n\x12origin_is_optional\x18\x05 \x01(\x08\x12J\n\x11principal_binding\x18\x06 \x01(\x0e\x32/.istio.authentication.v1alpha1.PrincipalBinding\"\xd4\x01\n\x0eTargetSelector\x12\x0c\n\x04name\x18\x01 \x01(\t\x12I\n\x06labels\x18\x03 \x03(\x0b\x32\x39.istio.authentication.v1alpha1.TargetSelector.LabelsEntry\x12:\n\x05ports\x18\x02 \x03(\x0b\x32+.istio.authentication.v1alpha1.PortSelector\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"8\n\x0cPortSelector\x12\x10\n\x06number\x18\x01 \x01(\rH\x00\x12\x0e\n\x04name\x18\x02 \x01(\tH\x00\x42\x06\n\x04port*0\n\x10PrincipalBinding\x12\x0c\n\x08USE_PEER\x10\x00\x12\x0e\n\nUSE_ORIGIN\x10\x01\x42&Z$istio.io/api/authentication/v1alpha1b\x06proto3') ) _PRINCIPALBINDING = _descriptor.EnumDescriptor( @@ -40,8 +40,8 @@ ], containing_type=None, options=None, - serialized_start=1354, - serialized_end=1402, + serialized_start=1477, + serialized_end=1525, ) _sym_db.RegisterEnumDescriptor(_PRINCIPALBINDING) @@ -408,6 +408,43 @@ ) +_TARGETSELECTOR_LABELSENTRY = _descriptor.Descriptor( + name='LabelsEntry', + full_name='istio.authentication.v1alpha1.TargetSelector.LabelsEntry', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name='key', full_name='istio.authentication.v1alpha1.TargetSelector.LabelsEntry.key', index=0, + number=1, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='value', full_name='istio.authentication.v1alpha1.TargetSelector.LabelsEntry.value', index=1, + number=2, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=_descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')), + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=1372, + serialized_end=1417, +) + _TARGETSELECTOR = _descriptor.Descriptor( name='TargetSelector', full_name='istio.authentication.v1alpha1.TargetSelector', @@ -423,7 +460,14 @@ is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), _descriptor.FieldDescriptor( - name='ports', full_name='istio.authentication.v1alpha1.TargetSelector.ports', index=1, + name='labels', full_name='istio.authentication.v1alpha1.TargetSelector.labels', index=1, + number=3, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='ports', full_name='istio.authentication.v1alpha1.TargetSelector.ports', index=2, number=2, type=11, cpp_type=10, label=3, has_default_value=False, default_value=[], message_type=None, enum_type=None, containing_type=None, @@ -432,7 +476,7 @@ ], extensions=[ ], - nested_types=[], + nested_types=[_TARGETSELECTOR_LABELSENTRY, ], enum_types=[ ], options=None, @@ -441,8 +485,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1204, - serialized_end=1294, + serialized_start=1205, + serialized_end=1417, ) @@ -482,8 +526,8 @@ name='port', full_name='istio.authentication.v1alpha1.PortSelector.port', index=0, containing_type=None, fields=[]), ], - serialized_start=1296, - serialized_end=1352, + serialized_start=1419, + serialized_end=1475, ) _STRINGMATCH.oneofs_by_name['match_type'].fields.append( @@ -517,6 +561,8 @@ _POLICY.fields_by_name['peers'].message_type = _PEERAUTHENTICATIONMETHOD _POLICY.fields_by_name['origins'].message_type = _ORIGINAUTHENTICATIONMETHOD _POLICY.fields_by_name['principal_binding'].enum_type = _PRINCIPALBINDING +_TARGETSELECTOR_LABELSENTRY.containing_type = _TARGETSELECTOR +_TARGETSELECTOR.fields_by_name['labels'].message_type = _TARGETSELECTOR_LABELSENTRY _TARGETSELECTOR.fields_by_name['ports'].message_type = _PORTSELECTOR _PORTSELECTOR.oneofs_by_name['port'].fields.append( _PORTSELECTOR.fields_by_name['number']) @@ -586,11 +632,19 @@ _sym_db.RegisterMessage(Policy) TargetSelector = _reflection.GeneratedProtocolMessageType('TargetSelector', (_message.Message,), dict( + + LabelsEntry = _reflection.GeneratedProtocolMessageType('LabelsEntry', (_message.Message,), dict( + DESCRIPTOR = _TARGETSELECTOR_LABELSENTRY, + __module__ = 'authentication.v1alpha1.policy_pb2' + # @@protoc_insertion_point(class_scope:istio.authentication.v1alpha1.TargetSelector.LabelsEntry) + )) + , DESCRIPTOR = _TARGETSELECTOR, __module__ = 'authentication.v1alpha1.policy_pb2' # @@protoc_insertion_point(class_scope:istio.authentication.v1alpha1.TargetSelector) )) _sym_db.RegisterMessage(TargetSelector) +_sym_db.RegisterMessage(TargetSelector.LabelsEntry) PortSelector = _reflection.GeneratedProtocolMessageType('PortSelector', (_message.Message,), dict( DESCRIPTOR = _PORTSELECTOR, @@ -602,4 +656,6 @@ DESCRIPTOR.has_options = True DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('Z$istio.io/api/authentication/v1alpha1')) +_TARGETSELECTOR_LABELSENTRY.has_options = True +_TARGETSELECTOR_LABELSENTRY._options = _descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')) # @@protoc_insertion_point(module_scope) diff --git a/python/istio_api/mcp/v1alpha1/mcp_pb2.py b/python/istio_api/mcp/v1alpha1/mcp_pb2.py index c380d4d828..5607d90f33 100644 --- a/python/istio_api/mcp/v1alpha1/mcp_pb2.py +++ b/python/istio_api/mcp/v1alpha1/mcp_pb2.py @@ -22,7 +22,7 @@ name='mcp/v1alpha1/mcp.proto', package='istio.mcp.v1alpha1', syntax='proto3', - serialized_pb=_b('\n\x16mcp/v1alpha1/mcp.proto\x12\x12istio.mcp.v1alpha1\x1a\x17google/rpc/status.proto\x1a\x14gogoproto/gogo.proto\x1a\x1bmcp/v1alpha1/resource.proto\"\x8e\x01\n\x08SinkNode\x12\n\n\x02id\x18\x01 \x01(\t\x12\x42\n\x0b\x61nnotations\x18\x02 \x03(\x0b\x32-.istio.mcp.v1alpha1.SinkNode.AnnotationsEntry\x1a\x32\n\x10\x41nnotationsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xae\x01\n\x11MeshConfigRequest\x12\x14\n\x0cversion_info\x18\x01 \x01(\t\x12/\n\tsink_node\x18\x02 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x10\n\x08type_url\x18\x03 \x01(\t\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\"\x82\x01\n\x12MeshConfigResponse\x12\x14\n\x0cversion_info\x18\x01 \x01(\t\x12\x35\n\tresources\x18\x02 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x10\n\x08type_url\x18\x03 \x01(\t\x12\r\n\x05nonce\x18\x04 \x01(\t\"\xd5\x02\n\x1cIncrementalMeshConfigRequest\x12/\n\tsink_node\x18\x01 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x10\n\x08type_url\x18\x02 \x01(\t\x12p\n\x19initial_resource_versions\x18\x03 \x03(\x0b\x32M.istio.mcp.v1alpha1.IncrementalMeshConfigRequest.InitialResourceVersionsEntry\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\x1a>\n\x1cInitialResourceVersionsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x9d\x01\n\x1dIncrementalMeshConfigResponse\x12\x1b\n\x13system_version_info\x18\x01 \x01(\t\x12\x35\n\tresources\x18\x02 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x19\n\x11removed_resources\x18\x03 \x03(\t\x12\r\n\x05nonce\x18\x04 \x01(\t\"\xbf\x02\n\x10RequestResources\x12/\n\tsink_node\x18\x01 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x12\n\ncollection\x18\x02 \x01(\t\x12\x64\n\x19initial_resource_versions\x18\x03 \x03(\x0b\x32\x41.istio.mcp.v1alpha1.RequestResources.InitialResourceVersionsEntry\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\x1a>\n\x1cInitialResourceVersionsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x9d\x01\n\tResources\x12\x1b\n\x13system_version_info\x18\x01 \x01(\t\x12\x12\n\ncollection\x18\x02 \x01(\t\x12\x35\n\tresources\x18\x03 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x19\n\x11removed_resources\x18\x04 \x03(\t\x12\r\n\x05nonce\x18\x05 \x01(\t2\x9d\x02\n\x1b\x41ggregatedMeshConfigService\x12p\n\x19StreamAggregatedResources\x12%.istio.mcp.v1alpha1.MeshConfigRequest\x1a&.istio.mcp.v1alpha1.MeshConfigResponse\"\x00(\x01\x30\x01\x12\x8b\x01\n\x1eIncrementalAggregatedResources\x12\x30.istio.mcp.v1alpha1.IncrementalMeshConfigRequest\x1a\x31.istio.mcp.v1alpha1.IncrementalMeshConfigResponse\"\x00(\x01\x30\x01\x32v\n\x0eResourceSource\x12\x64\n\x17\x45stablishResourceStream\x12$.istio.mcp.v1alpha1.RequestResources\x1a\x1d.istio.mcp.v1alpha1.Resources\"\x00(\x01\x30\x01\x32t\n\x0cResourceSink\x12\x64\n\x17\x45stablishResourceStream\x12\x1d.istio.mcp.v1alpha1.Resources\x1a$.istio.mcp.v1alpha1.RequestResources\"\x00(\x01\x30\x01\x42\x1fZ\x19istio.io/api/mcp/v1alpha1\xa8\xe2\x1e\x01\x62\x06proto3') + serialized_pb=_b('\n\x16mcp/v1alpha1/mcp.proto\x12\x12istio.mcp.v1alpha1\x1a\x17google/rpc/status.proto\x1a\x14gogoproto/gogo.proto\x1a\x1bmcp/v1alpha1/resource.proto\"\x8e\x01\n\x08SinkNode\x12\n\n\x02id\x18\x01 \x01(\t\x12\x42\n\x0b\x61nnotations\x18\x02 \x03(\x0b\x32-.istio.mcp.v1alpha1.SinkNode.AnnotationsEntry\x1a\x32\n\x10\x41nnotationsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xae\x01\n\x11MeshConfigRequest\x12\x14\n\x0cversion_info\x18\x01 \x01(\t\x12/\n\tsink_node\x18\x02 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x10\n\x08type_url\x18\x03 \x01(\t\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\"\x82\x01\n\x12MeshConfigResponse\x12\x14\n\x0cversion_info\x18\x01 \x01(\t\x12\x35\n\tresources\x18\x02 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x10\n\x08type_url\x18\x03 \x01(\t\x12\r\n\x05nonce\x18\x04 \x01(\t\"\xd5\x02\n\x1cIncrementalMeshConfigRequest\x12/\n\tsink_node\x18\x01 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x10\n\x08type_url\x18\x02 \x01(\t\x12p\n\x19initial_resource_versions\x18\x03 \x03(\x0b\x32M.istio.mcp.v1alpha1.IncrementalMeshConfigRequest.InitialResourceVersionsEntry\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\x1a>\n\x1cInitialResourceVersionsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\x9d\x01\n\x1dIncrementalMeshConfigResponse\x12\x1b\n\x13system_version_info\x18\x01 \x01(\t\x12\x35\n\tresources\x18\x02 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x19\n\x11removed_resources\x18\x03 \x03(\t\x12\r\n\x05nonce\x18\x04 \x01(\t\"\xd4\x02\n\x10RequestResources\x12/\n\tsink_node\x18\x01 \x01(\x0b\x32\x1c.istio.mcp.v1alpha1.SinkNode\x12\x12\n\ncollection\x18\x02 \x01(\t\x12\x64\n\x19initial_resource_versions\x18\x03 \x03(\x0b\x32\x41.istio.mcp.v1alpha1.RequestResources.InitialResourceVersionsEntry\x12\x16\n\x0eresponse_nonce\x18\x04 \x01(\t\x12(\n\x0c\x65rror_detail\x18\x05 \x01(\x0b\x32\x12.google.rpc.Status\x12\x13\n\x0bincremental\x18\x06 \x01(\x08\x1a>\n\x1cInitialResourceVersionsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xb2\x01\n\tResources\x12\x1b\n\x13system_version_info\x18\x01 \x01(\t\x12\x12\n\ncollection\x18\x02 \x01(\t\x12\x35\n\tresources\x18\x03 \x03(\x0b\x32\x1c.istio.mcp.v1alpha1.ResourceB\x04\xc8\xde\x1f\x00\x12\x19\n\x11removed_resources\x18\x04 \x03(\t\x12\r\n\x05nonce\x18\x05 \x01(\t\x12\x13\n\x0bincremental\x18\x06 \x01(\x08\x32\x9d\x02\n\x1b\x41ggregatedMeshConfigService\x12p\n\x19StreamAggregatedResources\x12%.istio.mcp.v1alpha1.MeshConfigRequest\x1a&.istio.mcp.v1alpha1.MeshConfigResponse\"\x00(\x01\x30\x01\x12\x8b\x01\n\x1eIncrementalAggregatedResources\x12\x30.istio.mcp.v1alpha1.IncrementalMeshConfigRequest\x1a\x31.istio.mcp.v1alpha1.IncrementalMeshConfigResponse\"\x00(\x01\x30\x01\x32v\n\x0eResourceSource\x12\x64\n\x17\x45stablishResourceStream\x12$.istio.mcp.v1alpha1.RequestResources\x1a\x1d.istio.mcp.v1alpha1.Resources\"\x00(\x01\x30\x01\x32t\n\x0cResourceSink\x12\x64\n\x17\x45stablishResourceStream\x12\x1d.istio.mcp.v1alpha1.Resources\x1a$.istio.mcp.v1alpha1.RequestResources\"\x00(\x01\x30\x01\x42\x1fZ\x19istio.io/api/mcp/v1alpha1\xa8\xe2\x1e\x01\x62\x06proto3') , dependencies=[google_dot_rpc_dot_status__pb2.DESCRIPTOR,gogoproto_dot_gogo__pb2.DESCRIPTOR,mcp_dot_v1alpha1_dot_resource__pb2.DESCRIPTOR,]) @@ -442,6 +442,13 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='incremental', full_name='istio.mcp.v1alpha1.RequestResources.incremental', index=5, + number=6, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -455,7 +462,7 @@ oneofs=[ ], serialized_start=1082, - serialized_end=1401, + serialized_end=1422, ) @@ -501,6 +508,13 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='incremental', full_name='istio.mcp.v1alpha1.Resources.incremental', index=5, + number=6, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -513,8 +527,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=1404, - serialized_end=1561, + serialized_start=1425, + serialized_end=1603, ) _SINKNODE_ANNOTATIONSENTRY.containing_type = _SINKNODE @@ -636,8 +650,8 @@ file=DESCRIPTOR, index=0, options=None, - serialized_start=1564, - serialized_end=1849, + serialized_start=1606, + serialized_end=1891, methods=[ _descriptor.MethodDescriptor( name='StreamAggregatedResources', @@ -669,8 +683,8 @@ file=DESCRIPTOR, index=1, options=None, - serialized_start=1851, - serialized_end=1969, + serialized_start=1893, + serialized_end=2011, methods=[ _descriptor.MethodDescriptor( name='EstablishResourceStream', @@ -693,8 +707,8 @@ file=DESCRIPTOR, index=2, options=None, - serialized_start=1971, - serialized_end=2087, + serialized_start=2013, + serialized_end=2129, methods=[ _descriptor.MethodDescriptor( name='EstablishResourceStream', From d0444f6849c3e442b5b1e818b29bd2c9dec8ca27 Mon Sep 17 00:00:00 2001 From: Andy Lai <31747472+hklai@users.noreply.github.com> Date: Wed, 23 Jan 2019 11:32:46 -0800 Subject: [PATCH 10/16] add response headers (#769) (#771) Signed-off-by: Kuat Yessenov --- policy/v1beta1/cfg.pb.go | 4 +- policy/v1beta1/cfg.proto | 4 +- policy/v1beta1/http_response.pb.go | 315 ++++++++++++++---- policy/v1beta1/http_response.proto | 3 + policy/v1beta1/istio.policy.v1beta1.pb.html | 12 +- proto.lock | 10 + .../policy/v1beta1/http_response_pb2.py | 68 +++- 7 files changed, 341 insertions(+), 75 deletions(-) diff --git a/policy/v1beta1/cfg.pb.go b/policy/v1beta1/cfg.pb.go index 9107e53be9..e4ff2d1b4e 100644 --- a/policy/v1beta1/cfg.pb.go +++ b/policy/v1beta1/cfg.pb.go @@ -291,10 +291,10 @@ type Rule struct { // Optional. The actions that will be executed when match evaluates to `true`. Actions []*Action `protobuf:"bytes,2,rep,name=actions" json:"actions,omitempty"` // Optional. Templatized operations on the request headers using values produced by the - // rule actions. + // rule actions. Require the check action result to be OK. RequestHeaderOperations []*Rule_HeaderOperationTemplate `protobuf:"bytes,3,rep,name=request_header_operations,json=requestHeaderOperations" json:"request_header_operations,omitempty"` // Optional. Templatized operations on the response headers using values produced by the - // rule actions. + // rule actions. Require the check action result to be OK. ResponseHeaderOperations []*Rule_HeaderOperationTemplate `protobuf:"bytes,4,rep,name=response_header_operations,json=responseHeaderOperations" json:"response_header_operations,omitempty"` // $hide_from_docs // Optional. Provides the ability to add a sampling configuration for Mixer rules. This sampling diff --git a/policy/v1beta1/cfg.proto b/policy/v1beta1/cfg.proto index 248ebad308..e346755bea 100644 --- a/policy/v1beta1/cfg.proto +++ b/policy/v1beta1/cfg.proto @@ -167,11 +167,11 @@ message Rule { } // Optional. Templatized operations on the request headers using values produced by the - // rule actions. + // rule actions. Require the check action result to be OK. repeated HeaderOperationTemplate request_header_operations = 3; // Optional. Templatized operations on the response headers using values produced by the - // rule actions. + // rule actions. Require the check action result to be OK. repeated HeaderOperationTemplate response_header_operations = 4; // $hide_from_docs diff --git a/policy/v1beta1/http_response.pb.go b/policy/v1beta1/http_response.pb.go index fccb5b5b05..ec3d55e25f 100644 --- a/policy/v1beta1/http_response.pb.go +++ b/policy/v1beta1/http_response.pb.go @@ -11,6 +11,7 @@ import strconv "strconv" import strings "strings" import reflect "reflect" +import sortkeys "github.com/gogo/protobuf/sortkeys" import io "io" @@ -213,6 +214,8 @@ type DirectHttpResponse struct { Code HttpStatusCode `protobuf:"varint,1,opt,name=code,proto3,enum=istio.policy.v1beta1.HttpStatusCode" json:"code,omitempty"` // HTTP response body. Body string `protobuf:"bytes,2,opt,name=body,proto3" json:"body,omitempty"` + // Optional HTTP response headers. + Headers map[string]string `protobuf:"bytes,3,rep,name=headers" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` } func (m *DirectHttpResponse) Reset() { *m = DirectHttpResponse{} } @@ -233,6 +236,13 @@ func (m *DirectHttpResponse) GetBody() string { return "" } +func (m *DirectHttpResponse) GetHeaders() map[string]string { + if m != nil { + return m.Headers + } + return nil +} + func init() { proto.RegisterType((*DirectHttpResponse)(nil), "istio.policy.v1beta1.DirectHttpResponse") proto.RegisterEnum("istio.policy.v1beta1.HttpStatusCode", HttpStatusCode_name, HttpStatusCode_value) @@ -269,16 +279,37 @@ func (this *DirectHttpResponse) Equal(that interface{}) bool { if this.Body != that1.Body { return false } + if len(this.Headers) != len(that1.Headers) { + return false + } + for i := range this.Headers { + if this.Headers[i] != that1.Headers[i] { + return false + } + } return true } func (this *DirectHttpResponse) GoString() string { if this == nil { return "nil" } - s := make([]string, 0, 6) + s := make([]string, 0, 7) s = append(s, "&v1beta1.DirectHttpResponse{") s = append(s, "Code: "+fmt.Sprintf("%#v", this.Code)+",\n") s = append(s, "Body: "+fmt.Sprintf("%#v", this.Body)+",\n") + keysForHeaders := make([]string, 0, len(this.Headers)) + for k, _ := range this.Headers { + keysForHeaders = append(keysForHeaders, k) + } + sortkeys.Strings(keysForHeaders) + mapStringForHeaders := "map[string]string{" + for _, k := range keysForHeaders { + mapStringForHeaders += fmt.Sprintf("%#v: %#v,", k, this.Headers[k]) + } + mapStringForHeaders += "}" + if this.Headers != nil { + s = append(s, "Headers: "+mapStringForHeaders+",\n") + } s = append(s, "}") return strings.Join(s, "") } @@ -316,6 +347,23 @@ func (m *DirectHttpResponse) MarshalTo(dAtA []byte) (int, error) { i = encodeVarintHttpResponse(dAtA, i, uint64(len(m.Body))) i += copy(dAtA[i:], m.Body) } + if len(m.Headers) > 0 { + for k, _ := range m.Headers { + dAtA[i] = 0x1a + i++ + v := m.Headers[k] + mapSize := 1 + len(k) + sovHttpResponse(uint64(len(k))) + 1 + len(v) + sovHttpResponse(uint64(len(v))) + i = encodeVarintHttpResponse(dAtA, i, uint64(mapSize)) + dAtA[i] = 0xa + i++ + i = encodeVarintHttpResponse(dAtA, i, uint64(len(k))) + i += copy(dAtA[i:], k) + dAtA[i] = 0x12 + i++ + i = encodeVarintHttpResponse(dAtA, i, uint64(len(v))) + i += copy(dAtA[i:], v) + } + } return i, nil } @@ -338,6 +386,14 @@ func (m *DirectHttpResponse) Size() (n int) { if l > 0 { n += 1 + l + sovHttpResponse(uint64(l)) } + if len(m.Headers) > 0 { + for k, v := range m.Headers { + _ = k + _ = v + mapEntrySize := 1 + len(k) + sovHttpResponse(uint64(len(k))) + 1 + len(v) + sovHttpResponse(uint64(len(v))) + n += mapEntrySize + 1 + sovHttpResponse(uint64(mapEntrySize)) + } + } return n } @@ -358,9 +414,20 @@ func (this *DirectHttpResponse) String() string { if this == nil { return "nil" } + keysForHeaders := make([]string, 0, len(this.Headers)) + for k, _ := range this.Headers { + keysForHeaders = append(keysForHeaders, k) + } + sortkeys.Strings(keysForHeaders) + mapStringForHeaders := "map[string]string{" + for _, k := range keysForHeaders { + mapStringForHeaders += fmt.Sprintf("%v: %v,", k, this.Headers[k]) + } + mapStringForHeaders += "}" s := strings.Join([]string{`&DirectHttpResponse{`, `Code:` + fmt.Sprintf("%v", this.Code) + `,`, `Body:` + fmt.Sprintf("%v", this.Body) + `,`, + `Headers:` + mapStringForHeaders + `,`, `}`, }, "") return s @@ -450,6 +517,124 @@ func (m *DirectHttpResponse) Unmarshal(dAtA []byte) error { } m.Body = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Headers", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowHttpResponse + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthHttpResponse + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.Headers == nil { + m.Headers = make(map[string]string) + } + var mapkey string + var mapvalue string + for iNdEx < postIndex { + entryPreIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowHttpResponse + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + if fieldNum == 1 { + var stringLenmapkey uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowHttpResponse + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapkey |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapkey := int(stringLenmapkey) + if intStringLenmapkey < 0 { + return ErrInvalidLengthHttpResponse + } + postStringIndexmapkey := iNdEx + intStringLenmapkey + if postStringIndexmapkey > l { + return io.ErrUnexpectedEOF + } + mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) + iNdEx = postStringIndexmapkey + } else if fieldNum == 2 { + var stringLenmapvalue uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowHttpResponse + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLenmapvalue |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLenmapvalue := int(stringLenmapvalue) + if intStringLenmapvalue < 0 { + return ErrInvalidLengthHttpResponse + } + postStringIndexmapvalue := iNdEx + intStringLenmapvalue + if postStringIndexmapvalue > l { + return io.ErrUnexpectedEOF + } + mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) + iNdEx = postStringIndexmapvalue + } else { + iNdEx = entryPreIndex + skippy, err := skipHttpResponse(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthHttpResponse + } + if (iNdEx + skippy) > postIndex { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + m.Headers[mapkey] = mapvalue + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipHttpResponse(dAtA[iNdEx:]) @@ -579,66 +764,70 @@ var ( func init() { proto.RegisterFile("policy/v1beta1/http_response.proto", fileDescriptorHttpResponse) } var fileDescriptorHttpResponse = []byte{ - // 967 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x54, 0x4b, 0x6f, 0x5b, 0xc5, - 0x17, 0xcf, 0xf5, 0xa4, 0x8f, 0x4c, 0xd3, 0x74, 0x3a, 0x4d, 0xff, 0xcd, 0x9f, 0xc2, 0x55, 0x14, - 0xb1, 0xa8, 0x58, 0x24, 0x2a, 0x6c, 0xd8, 0xa6, 0x79, 0x34, 0x16, 0xb1, 0x6b, 0x39, 0x76, 0x17, - 0x6c, 0xd0, 0xf8, 0xce, 0xb1, 0x3d, 0xea, 0xf5, 0x9c, 0xdb, 0xb9, 0xc7, 0x49, 0x2e, 0x2b, 0x3e, - 0x42, 0x79, 0xbf, 0x5f, 0x0b, 0xa0, 0x42, 0x2d, 0x05, 0xc1, 0x86, 0x6f, 0x50, 0xde, 0x59, 0xb2, - 0x24, 0x66, 0xc3, 0xb2, 0x0b, 0xde, 0x20, 0x40, 0x33, 0x76, 0xac, 0x56, 0x82, 0x5d, 0xee, 0xc9, - 0xf9, 0x9d, 0xf3, 0x7b, 0x1c, 0x0f, 0x5f, 0xc8, 0x30, 0x35, 0x49, 0xb1, 0xb4, 0x7d, 0xbe, 0x05, - 0xa4, 0xce, 0x2f, 0x75, 0x89, 0xb2, 0x27, 0x1c, 0xe4, 0x19, 0xda, 0x1c, 0x16, 0x33, 0x87, 0x84, - 0x72, 0xd6, 0xe4, 0x64, 0x70, 0x71, 0xd8, 0xb9, 0x38, 0xea, 0x5c, 0x68, 0x71, 0xb9, 0x6a, 0x1c, - 0x24, 0xb4, 0x41, 0x94, 0xd5, 0x47, 0x08, 0xf9, 0x28, 0x9f, 0x4c, 0x50, 0xc3, 0x5c, 0x34, 0x1f, - 0x9d, 0x9b, 0x79, 0xf8, 0xc1, 0xc5, 0x7f, 0x83, 0x2e, 0x7a, 0xc4, 0x16, 0x29, 0xea, 0xe7, 0x2b, - 0xa8, 0xa1, 0x1e, 0x10, 0x52, 0xf2, 0xc9, 0x16, 0xea, 0x62, 0xae, 0x34, 0x1f, 0x9d, 0x9b, 0xaa, - 0x87, 0xbf, 0x1f, 0xfa, 0x74, 0x8a, 0xcf, 0xdc, 0xdb, 0x2c, 0xa7, 0xf8, 0xa1, 0xb5, 0x5e, 0x46, - 0x85, 0x98, 0x90, 0xd3, 0xfc, 0xe8, 0x0a, 0x5a, 0x32, 0xb6, 0x0f, 0x42, 0xcb, 0x23, 0xbc, 0x74, - 0xe9, 0x31, 0x71, 0x3b, 0x92, 0xd3, 0xfc, 0xc8, 0x8a, 0x03, 0x45, 0xa0, 0xc5, 0x67, 0x91, 0x3c, - 0xce, 0x8f, 0x2e, 0x27, 0x09, 0x64, 0xfe, 0xf3, 0xf3, 0x48, 0xce, 0xf3, 0xb3, 0x55, 0xb4, 0xcb, - 0x7d, 0xea, 0xa2, 0x33, 0xa4, 0xc8, 0x6c, 0x43, 0xd9, 0xb6, 0xd1, 0xf5, 0x14, 0x19, 0xb4, 0xe2, - 0x8b, 0x48, 0xce, 0xf0, 0xa9, 0x2a, 0xfa, 0xb9, 0x60, 0x49, 0x7c, 0x19, 0xc9, 0x93, 0x7c, 0xba, - 0x0e, 0x39, 0xd0, 0x41, 0xe9, 0xab, 0x48, 0x9e, 0xe2, 0x33, 0x35, 0xe5, 0xc8, 0xa8, 0xf4, 0xa0, - 0xf8, 0x75, 0x24, 0x05, 0x3f, 0x56, 0xe9, 0xa7, 0x64, 0x86, 0x5c, 0xc5, 0x37, 0x91, 0x9c, 0xe5, - 0x27, 0x96, 0x53, 0x07, 0x4a, 0x17, 0x75, 0xc8, 0xd0, 0x79, 0x06, 0x7b, 0x91, 0x3c, 0xc6, 0x0f, - 0x97, 0x2b, 0xcd, 0x1c, 0xb4, 0x18, 0x84, 0x96, 0x00, 0xca, 0x52, 0x58, 0xe9, 0xa2, 0x49, 0x20, - 0x17, 0x37, 0x4a, 0xf2, 0x34, 0x17, 0x15, 0xdc, 0x06, 0x5d, 0x03, 0xd7, 0x53, 0x16, 0x2c, 0xa5, - 0x85, 0xb8, 0x59, 0x92, 0x9c, 0x1f, 0x5a, 0xc7, 0xbe, 0xd5, 0xe2, 0x83, 0x92, 0x97, 0xb5, 0x05, - 0x70, 0x89, 0xba, 0xe0, 0xc4, 0xad, 0x92, 0x5f, 0x5e, 0x45, 0xaa, 0xa0, 0x36, 0x6d, 0x03, 0x5a, - 0x7c, 0x18, 0x1a, 0x9a, 0x39, 0xd4, 0x1c, 0xee, 0x16, 0xe2, 0xa3, 0x92, 0xfc, 0x1f, 0x3f, 0xd9, - 0x80, 0x5e, 0x86, 0x4e, 0xb9, 0xa2, 0x0e, 0x3a, 0x04, 0x27, 0x3e, 0x0e, 0xf5, 0xf1, 0x96, 0x71, - 0xfd, 0x93, 0x92, 0x3c, 0xc1, 0xf9, 0x05, 0xa5, 0xeb, 0x70, 0xb5, 0x0f, 0x39, 0x89, 0x6b, 0xcc, - 0xdb, 0xd0, 0xb4, 0x6a, 0xe8, 0xdb, 0x93, 0xa0, 0xc5, 0xd3, 0xcc, 0x93, 0xaf, 0xa9, 0xa2, 0x17, - 0x90, 0x57, 0xfb, 0xc6, 0x81, 0x16, 0xcf, 0x30, 0xef, 0xdf, 0x3a, 0xba, 0x96, 0xd1, 0x1a, 0xac, - 0x78, 0x96, 0x79, 0x22, 0x55, 0xa4, 0x21, 0xf1, 0xe7, 0x58, 0xd0, 0x06, 0xd4, 0x45, 0x5d, 0x45, - 0x5a, 0x4e, 0x53, 0xdc, 0x01, 0x2d, 0x9e, 0x67, 0x52, 0xf2, 0xe3, 0xbe, 0x10, 0x92, 0x52, 0xad, - 0x14, 0xc4, 0x0b, 0xcc, 0x67, 0x15, 0xf8, 0xfb, 0xb4, 0xc0, 0x92, 0x49, 0x42, 0x46, 0xe3, 0x5d, - 0x2f, 0x32, 0x1f, 0xc4, 0x88, 0x62, 0xc3, 0xf4, 0x00, 0xfb, 0x24, 0x5e, 0x0a, 0x0b, 0x57, 0xd0, - 0xb6, 0x53, 0x93, 0x90, 0x78, 0x99, 0xc9, 0x29, 0x3e, 0x79, 0x11, 0x2d, 0x88, 0x57, 0x42, 0xfb, - 0x26, 0xd8, 0x0e, 0x75, 0xc7, 0x33, 0x5e, 0x65, 0xf2, 0x0c, 0x97, 0x35, 0x07, 0x09, 0x5a, 0x6d, - 0xfc, 0xf8, 0x75, 0x65, 0x52, 0xd0, 0xe2, 0xb5, 0x03, 0x79, 0x29, 0x2a, 0xdd, 0x40, 0xdc, 0x54, - 0xae, 0x03, 0xe2, 0x75, 0xe6, 0x8d, 0x69, 0xd6, 0xcb, 0xbe, 0x82, 0xb6, 0x23, 0xde, 0x60, 0xf2, - 0xff, 0x7c, 0xb6, 0x69, 0xf3, 0x7e, 0x36, 0x4c, 0xb8, 0x02, 0xda, 0xa8, 0x46, 0x91, 0x81, 0x78, - 0x93, 0xc9, 0x39, 0x7e, 0xaa, 0xae, 0x6c, 0x07, 0xaa, 0x48, 0x5b, 0x8a, 0x4c, 0xde, 0x36, 0x41, - 0xda, 0x5b, 0xcc, 0xdb, 0xbe, 0xb6, 0x9b, 0x41, 0x42, 0xea, 0xae, 0x9d, 0x6f, 0x07, 0x32, 0x15, - 0x93, 0x0f, 0x63, 0x80, 0xb1, 0xfd, 0xef, 0x84, 0x51, 0x4d, 0x9b, 0x39, 0x4c, 0x20, 0xcf, 0xfd, - 0x90, 0x35, 0x4b, 0x86, 0x0a, 0xf1, 0x2e, 0xf3, 0xf7, 0xb4, 0x89, 0xc9, 0x15, 0xd0, 0xe2, 0xbd, - 0xe0, 0xee, 0x70, 0xd8, 0x2a, 0x64, 0x60, 0x35, 0xd8, 0xa4, 0x10, 0xd7, 0x83, 0x94, 0x66, 0xd6, - 0x71, 0x4a, 0xc3, 0x58, 0xf9, 0xfb, 0x81, 0xf9, 0xdd, 0xca, 0xc7, 0xff, 0xba, 0x11, 0x00, 0x0d, - 0xc4, 0x8a, 0xb2, 0xc5, 0x88, 0x43, 0x2e, 0x6e, 0x86, 0x40, 0x46, 0x9f, 0x1b, 0xa0, 0x34, 0xb8, - 0x75, 0x03, 0xa9, 0xce, 0xc7, 0xee, 0xdc, 0x0a, 0x34, 0xcb, 0x96, 0xc0, 0x59, 0x95, 0x6e, 0x81, - 0xdb, 0x06, 0xb7, 0xe6, 0x1c, 0x3a, 0xf1, 0x63, 0xf0, 0xbe, 0x8a, 0x54, 0xee, 0x65, 0x29, 0xf8, - 0x8b, 0x01, 0x2d, 0x7e, 0x62, 0xa3, 0x2b, 0xbb, 0xa8, 0x08, 0x76, 0x54, 0x21, 0x7e, 0x0e, 0xfa, - 0x3d, 0xce, 0x24, 0xd0, 0xb4, 0x6a, 0x5b, 0x99, 0x34, 0x18, 0xf6, 0x4b, 0x80, 0x8f, 0xda, 0x0e, - 0x92, 0xfe, 0x95, 0xc9, 0xfb, 0xf9, 0x99, 0x8d, 0x46, 0xa3, 0x76, 0x19, 0x5c, 0x6e, 0xd0, 0x7a, - 0x97, 0x0f, 0x62, 0x10, 0xbf, 0x31, 0x79, 0x1f, 0x3f, 0x7d, 0x59, 0x39, 0xa3, 0x2c, 0x2d, 0xa7, - 0x39, 0x56, 0xa1, 0x83, 0x64, 0x14, 0x41, 0x2e, 0x7e, 0x1f, 0xf1, 0xcc, 0xfb, 0xed, 0xb6, 0x49, - 0x0c, 0x58, 0xda, 0x22, 0x74, 0xaa, 0x03, 0xe2, 0x8f, 0x70, 0xe7, 0x9b, 0x88, 0xd9, 0x2a, 0x50, - 0x88, 0x40, 0xfc, 0xc9, 0x46, 0x3f, 0xae, 0xb5, 0x5d, 0xf2, 0x8e, 0x6a, 0xf1, 0x17, 0x93, 0x0b, - 0xfc, 0x81, 0x2a, 0xd0, 0x0e, 0xba, 0x2b, 0xff, 0x71, 0x9b, 0x7f, 0xb3, 0x0b, 0xe5, 0xbd, 0xfd, - 0x78, 0xe2, 0xdb, 0xfd, 0x78, 0xe2, 0xce, 0x7e, 0x1c, 0x3d, 0x35, 0x88, 0xa3, 0xeb, 0x83, 0x38, - 0xba, 0x3d, 0x88, 0xa3, 0xbd, 0x41, 0x1c, 0x7d, 0x37, 0x88, 0xa3, 0x1f, 0x06, 0xf1, 0xc4, 0x9d, - 0x41, 0x1c, 0x5d, 0xfb, 0x3e, 0x9e, 0x78, 0xfc, 0xec, 0xf0, 0xa1, 0x34, 0xb8, 0xa4, 0x32, 0xb3, - 0x74, 0xef, 0xa3, 0xdc, 0x3a, 0x1c, 0xde, 0xe1, 0x47, 0xfe, 0x09, 0x00, 0x00, 0xff, 0xff, 0xf1, - 0x71, 0x26, 0xea, 0xad, 0x05, 0x00, 0x00, + // 1032 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x74, 0x55, 0x4b, 0x8f, 0x1b, 0x45, + 0x10, 0xde, 0x71, 0xe7, 0xb5, 0x9d, 0xcd, 0xa6, 0xd3, 0xd9, 0x90, 0x25, 0x01, 0x6b, 0x15, 0x71, + 0x88, 0x38, 0x78, 0x95, 0x20, 0xa4, 0x28, 0xb7, 0xcd, 0xc6, 0x9b, 0x58, 0xac, 0x1d, 0xcb, 0x6b, + 0xe7, 0xc0, 0x05, 0xf5, 0x4e, 0x97, 0xed, 0x56, 0xc6, 0x5d, 0x93, 0x9e, 0xb2, 0x93, 0xe1, 0xc4, + 0x4f, 0x08, 0xef, 0xf7, 0xeb, 0x00, 0x44, 0x28, 0x21, 0x20, 0xb8, 0xf0, 0x0f, 0xc2, 0x3b, 0x47, + 0x8e, 0xc4, 0x5c, 0xb8, 0x91, 0x03, 0x6f, 0x10, 0xa0, 0x6e, 0x3f, 0xb4, 0x11, 0xe1, 0x36, 0x5d, + 0x53, 0x5f, 0xd5, 0x57, 0xdf, 0x57, 0x33, 0xcd, 0x8f, 0xa4, 0x98, 0x98, 0x38, 0x5f, 0x1e, 0x1c, + 0xdb, 0x04, 0x52, 0xc7, 0x96, 0xbb, 0x44, 0xe9, 0x13, 0x0e, 0xb2, 0x14, 0x6d, 0x06, 0xa5, 0xd4, + 0x21, 0xa1, 0x5c, 0x30, 0x19, 0x19, 0x2c, 0x8d, 0x32, 0x4b, 0xe3, 0xcc, 0x23, 0x3f, 0x46, 0x5c, + 0x9e, 0x36, 0x0e, 0x62, 0x3a, 0x4b, 0x94, 0x36, 0xc6, 0x10, 0x79, 0x82, 0x6f, 0x8b, 0x51, 0xc3, + 0x62, 0xb4, 0x14, 0x1d, 0x9d, 0x3f, 0xfe, 0x50, 0xe9, 0x5e, 0xd8, 0x92, 0x47, 0x6c, 0x90, 0xa2, + 0x7e, 0xb6, 0x8a, 0x1a, 0x1a, 0x01, 0x21, 0x25, 0xdf, 0xb6, 0x89, 0x3a, 0x5f, 0x2c, 0x2c, 0x45, + 0x47, 0x67, 0x1b, 0xe1, 0x59, 0x9e, 0xe3, 0x3b, 0xbb, 0xa0, 0x34, 0xb8, 0x6c, 0x91, 0x2d, 0xb1, + 0xa3, 0xbb, 0x8f, 0x3f, 0x7a, 0xef, 0x82, 0xff, 0x25, 0x52, 0x3a, 0x3b, 0xc2, 0x95, 0x2d, 0xb9, + 0xbc, 0x31, 0xa9, 0x72, 0xe8, 0x24, 0x9f, 0xdb, 0xfa, 0x42, 0x0a, 0xce, 0x2e, 0x40, 0x1e, 0xd8, + 0xce, 0x36, 0xfc, 0xa3, 0x5c, 0xe0, 0xdb, 0x07, 0x2a, 0xe9, 0xc3, 0x98, 0xc7, 0xe8, 0x70, 0xb2, + 0x70, 0x22, 0x7a, 0xf8, 0xd3, 0x59, 0x3e, 0x7f, 0x37, 0x73, 0x39, 0xcb, 0xb7, 0x97, 0x7b, 0x29, + 0xe5, 0x62, 0x46, 0xce, 0xf1, 0x5d, 0xab, 0x68, 0xc9, 0xd8, 0x3e, 0x08, 0x2d, 0x77, 0xf2, 0xc2, + 0xb9, 0xc7, 0xc4, 0xcd, 0x48, 0xce, 0xf1, 0x9d, 0xab, 0x0e, 0x14, 0x81, 0x16, 0x9f, 0x45, 0x72, + 0x0f, 0xdf, 0xb5, 0x12, 0xc7, 0x90, 0xfa, 0xe3, 0xe7, 0x91, 0x5c, 0xe2, 0x87, 0x6b, 0x68, 0x57, + 0xfa, 0xd4, 0x45, 0x67, 0x48, 0x91, 0x19, 0x40, 0xc5, 0xb6, 0xd1, 0xf5, 0x14, 0x19, 0xb4, 0xe2, + 0x8b, 0x48, 0xce, 0xf3, 0xd9, 0x1a, 0xfa, 0xba, 0x60, 0x49, 0x7c, 0x19, 0xc9, 0x7d, 0x7c, 0xae, + 0x01, 0x19, 0xd0, 0x24, 0xf4, 0x55, 0x24, 0xf7, 0xf3, 0xf9, 0xba, 0x72, 0x64, 0x54, 0x32, 0x09, + 0x7e, 0x1d, 0x49, 0xc1, 0x77, 0x57, 0xfb, 0x09, 0x99, 0x11, 0x57, 0xf1, 0x4d, 0x24, 0x17, 0xf8, + 0xde, 0x95, 0xc4, 0x81, 0xd2, 0x79, 0x03, 0x52, 0x74, 0x9e, 0xc1, 0xad, 0x48, 0xee, 0xe6, 0x3b, + 0x2a, 0xd5, 0x56, 0x06, 0x5a, 0x0c, 0x43, 0x4a, 0x00, 0xa5, 0x09, 0xac, 0x76, 0xd1, 0xc4, 0x90, + 0x89, 0x6b, 0x05, 0x79, 0x80, 0x8b, 0x2a, 0x0e, 0x40, 0xd7, 0xc1, 0xf5, 0x94, 0x05, 0x4b, 0x49, + 0x2e, 0xae, 0x17, 0x24, 0xe7, 0xdb, 0xd7, 0xb0, 0x6f, 0xb5, 0xf8, 0xa0, 0xe0, 0xc7, 0xda, 0x00, + 0x38, 0x47, 0x5d, 0x70, 0xe2, 0x46, 0xc1, 0x37, 0xaf, 0x21, 0x55, 0x51, 0x9b, 0xb6, 0x01, 0x2d, + 0x3e, 0x0c, 0x09, 0xad, 0x0c, 0xea, 0x0e, 0x2f, 0xe7, 0xe2, 0xa3, 0x82, 0xbc, 0x8f, 0xef, 0x6b, + 0x42, 0x2f, 0x45, 0xa7, 0x5c, 0xde, 0x00, 0x1d, 0xcc, 0x13, 0x1f, 0x87, 0xf8, 0xb4, 0xcb, 0x34, + 0xfe, 0x49, 0x41, 0xee, 0xe5, 0xfc, 0x94, 0xd2, 0x0d, 0xb8, 0xd8, 0x87, 0x8c, 0xc4, 0x15, 0xe6, + 0x65, 0x68, 0x59, 0x35, 0xd2, 0xed, 0x49, 0xd0, 0xe2, 0x69, 0xe6, 0xc9, 0xd7, 0x55, 0xde, 0x0b, + 0xc8, 0x8b, 0x7d, 0xe3, 0x40, 0x8b, 0x67, 0x98, 0xd7, 0x6f, 0x0d, 0xdd, 0xa6, 0xd1, 0x1a, 0xac, + 0x78, 0x96, 0x79, 0x22, 0x35, 0xa4, 0x11, 0xf1, 0xe7, 0x58, 0x98, 0x0d, 0xa8, 0x8b, 0xba, 0x86, + 0xb4, 0x92, 0x24, 0x78, 0x09, 0xb4, 0x78, 0x9e, 0x49, 0xc9, 0xf7, 0xf8, 0x40, 0x70, 0x4a, 0x6d, + 0x26, 0x20, 0x5e, 0x60, 0xde, 0xab, 0xc0, 0xdf, 0xbb, 0x05, 0x96, 0x4c, 0x1c, 0x3c, 0x9a, 0xf6, + 0x7a, 0x91, 0x79, 0x23, 0xc6, 0x14, 0x9b, 0xa6, 0x07, 0xd8, 0x27, 0xf1, 0x52, 0x68, 0xb8, 0x8a, + 0xb6, 0x9d, 0x98, 0x98, 0xc4, 0xcb, 0x4c, 0xce, 0xf2, 0x6d, 0x67, 0xd0, 0x82, 0x78, 0x25, 0xa4, + 0xaf, 0x83, 0xed, 0x50, 0x77, 0x5a, 0xe3, 0x55, 0x26, 0x0f, 0x72, 0x59, 0x77, 0x10, 0xa3, 0xd5, + 0xc6, 0x97, 0x5f, 0x53, 0x26, 0x01, 0x2d, 0x5e, 0x9b, 0x8c, 0x97, 0xa0, 0xd2, 0x4d, 0xc4, 0x75, + 0xe5, 0x3a, 0x20, 0x5e, 0x67, 0x5e, 0x98, 0x56, 0xa3, 0xe2, 0x23, 0x68, 0x3b, 0xe2, 0x0d, 0x26, + 0xef, 0xe7, 0x0b, 0x2d, 0x9b, 0xf5, 0xd3, 0x91, 0xc3, 0x55, 0xd0, 0x46, 0x35, 0xf3, 0x14, 0xc4, + 0x9b, 0x4c, 0x2e, 0xf2, 0xfd, 0x0d, 0x65, 0x3b, 0x50, 0x43, 0xda, 0x50, 0x64, 0xb2, 0xb6, 0x09, + 0xa3, 0xbd, 0xc5, 0xbc, 0xec, 0xe5, 0xcb, 0x29, 0xc4, 0xa4, 0xb6, 0xf4, 0x7c, 0x3b, 0x90, 0xa9, + 0x9a, 0x6c, 0x64, 0x03, 0x4c, 0xe5, 0x7f, 0x27, 0x94, 0x6a, 0xd9, 0xd4, 0x61, 0x0c, 0x59, 0xe6, + 0x8b, 0x94, 0x2d, 0x19, 0xca, 0xc5, 0xbb, 0xcc, 0xef, 0xd3, 0x3a, 0xc6, 0x17, 0x40, 0x8b, 0xf7, + 0x82, 0xba, 0xa3, 0x62, 0xa7, 0x21, 0x05, 0xab, 0xc1, 0xc6, 0xb9, 0xb8, 0x1a, 0x46, 0x69, 0xa5, + 0x1d, 0xa7, 0x34, 0x4c, 0x27, 0x7f, 0x3f, 0x30, 0xdf, 0x3a, 0xf9, 0xf4, 0xd5, 0xb5, 0x00, 0x68, + 0x22, 0x56, 0x95, 0xcd, 0xc7, 0x1c, 0x32, 0x71, 0x3d, 0x18, 0x32, 0x3e, 0x8e, 0xbe, 0xe8, 0x35, + 0x03, 0x89, 0xce, 0xa6, 0xea, 0xdc, 0x08, 0x34, 0x2b, 0x96, 0xc0, 0x59, 0x95, 0x6c, 0x80, 0x1b, + 0x80, 0x2b, 0x3b, 0x87, 0x4e, 0xfc, 0x14, 0xb4, 0xaf, 0x21, 0x55, 0x7a, 0x69, 0x02, 0x7e, 0x63, + 0x40, 0x8b, 0x9f, 0xd9, 0x78, 0xcb, 0xce, 0x28, 0x82, 0x4b, 0x2a, 0x17, 0xbf, 0x84, 0xf9, 0x3d, + 0xce, 0xc4, 0xd0, 0xb2, 0x6a, 0xa0, 0x4c, 0x12, 0x04, 0xfb, 0x35, 0xc0, 0xc7, 0x69, 0x13, 0xa7, + 0x7f, 0x63, 0xf2, 0x01, 0x7e, 0xf0, 0x6c, 0xb3, 0x59, 0x3f, 0x0f, 0x2e, 0x33, 0x68, 0xbd, 0xca, + 0x13, 0x1b, 0xc4, 0xef, 0x4c, 0x1e, 0xe2, 0x07, 0xce, 0x2b, 0x67, 0x94, 0xa5, 0x95, 0x24, 0xc3, + 0x1a, 0x74, 0x90, 0x8c, 0x22, 0xc8, 0xc4, 0x1f, 0x63, 0x9e, 0x59, 0xbf, 0xdd, 0x36, 0xb1, 0x01, + 0x4b, 0x1b, 0x84, 0x4e, 0x75, 0x40, 0xfc, 0x19, 0xf6, 0x7c, 0x1d, 0x31, 0x3d, 0x0d, 0x14, 0x2c, + 0x10, 0x7f, 0xb1, 0xf1, 0xc7, 0x55, 0xbe, 0x4c, 0x5e, 0x51, 0x2d, 0xfe, 0x66, 0xf2, 0x08, 0x7f, + 0xb0, 0x06, 0x74, 0x09, 0xdd, 0x85, 0xff, 0xd9, 0xcd, 0x7f, 0xd8, 0xa9, 0xca, 0xad, 0xdb, 0xc5, + 0x99, 0x6f, 0x6f, 0x17, 0x67, 0xee, 0xdc, 0x2e, 0x46, 0x4f, 0x0d, 0x8b, 0xd1, 0xd5, 0x61, 0x31, + 0xba, 0x39, 0x2c, 0x46, 0xb7, 0x86, 0xc5, 0xe8, 0xbb, 0x61, 0x31, 0xfa, 0x61, 0x58, 0x9c, 0xb9, + 0x33, 0x2c, 0x46, 0x57, 0xbe, 0x2f, 0xce, 0x3c, 0x7e, 0x78, 0xf4, 0x93, 0x35, 0xb8, 0xac, 0x52, + 0xb3, 0x7c, 0xf7, 0x15, 0xb1, 0xb9, 0x23, 0xdc, 0x0a, 0x8f, 0xfc, 0x1b, 0x00, 0x00, 0xff, 0xff, + 0xd9, 0x97, 0x1d, 0x7f, 0x3b, 0x06, 0x00, 0x00, } diff --git a/policy/v1beta1/http_response.proto b/policy/v1beta1/http_response.proto index 845aa24e66..5da35120a8 100644 --- a/policy/v1beta1/http_response.proto +++ b/policy/v1beta1/http_response.proto @@ -26,6 +26,9 @@ message DirectHttpResponse { // HTTP response body. string body = 2; + + // Optional HTTP response headers. + map headers = 3; } // HTTP response codes. diff --git a/policy/v1beta1/istio.policy.v1beta1.pb.html b/policy/v1beta1/istio.policy.v1beta1.pb.html index 2c74519d4f..8f0e37473f 100644 --- a/policy/v1beta1/istio.policy.v1beta1.pb.html +++ b/policy/v1beta1/istio.policy.v1beta1.pb.html @@ -321,6 +321,14 @@

DirectHttpResponse

 + + + + + @@ -1117,7 +1125,7 @@

Rule

@@ -1126,7 +1134,7 @@

Rule

diff --git a/proto.lock b/proto.lock index c337e4e00d..0f0232352c 100644 --- a/proto.lock +++ b/proto.lock @@ -4914,6 +4914,16 @@ "name": "body", "type": "string" } + ], + "maps": [ + { + "key_type": "string", + "field": { + "id": 3, + "name": "headers", + "type": "string" + } + } ] } ] diff --git a/python/istio_api/policy/v1beta1/http_response_pb2.py b/python/istio_api/policy/v1beta1/http_response_pb2.py index 99c8f309ea..7a788c4862 100644 --- a/python/istio_api/policy/v1beta1/http_response_pb2.py +++ b/python/istio_api/policy/v1beta1/http_response_pb2.py @@ -20,7 +20,7 @@ name='policy/v1beta1/http_response.proto', package='istio.policy.v1beta1', syntax='proto3', - serialized_pb=_b('\n\"policy/v1beta1/http_response.proto\x12\x14istio.policy.v1beta1\"V\n\x12\x44irectHttpResponse\x12\x32\n\x04\x63ode\x18\x01 \x01(\x0e\x32$.istio.policy.v1beta1.HttpStatusCode\x12\x0c\n\x04\x62ody\x18\x02 \x01(\t*\xb9\t\n\x0eHttpStatusCode\x12\t\n\x05\x45mpty\x10\x00\x12\x0c\n\x08\x43ontinue\x10\x64\x12\x07\n\x02OK\x10\xc8\x01\x12\x0c\n\x07\x43reated\x10\xc9\x01\x12\r\n\x08\x41\x63\x63\x65pted\x10\xca\x01\x12 \n\x1bNonAuthoritativeInformation\x10\xcb\x01\x12\x0e\n\tNoContent\x10\xcc\x01\x12\x11\n\x0cResetContent\x10\xcd\x01\x12\x13\n\x0ePartialContent\x10\xce\x01\x12\x10\n\x0bMultiStatus\x10\xcf\x01\x12\x14\n\x0f\x41lreadyReported\x10\xd0\x01\x12\x0b\n\x06IMUsed\x10\xe2\x01\x12\x14\n\x0fMultipleChoices\x10\xac\x02\x12\x15\n\x10MovedPermanently\x10\xad\x02\x12\n\n\x05\x46ound\x10\xae\x02\x12\r\n\x08SeeOther\x10\xaf\x02\x12\x10\n\x0bNotModified\x10\xb0\x02\x12\r\n\x08UseProxy\x10\xb1\x02\x12\x16\n\x11TemporaryRedirect\x10\xb3\x02\x12\x16\n\x11PermanentRedirect\x10\xb4\x02\x12\x0f\n\nBadRequest\x10\x90\x03\x12\x11\n\x0cUnauthorized\x10\x91\x03\x12\x14\n\x0fPaymentRequired\x10\x92\x03\x12\x0e\n\tForbidden\x10\x93\x03\x12\r\n\x08NotFound\x10\x94\x03\x12\x15\n\x10MethodNotAllowed\x10\x95\x03\x12\x12\n\rNotAcceptable\x10\x96\x03\x12 \n\x1bProxyAuthenticationRequired\x10\x97\x03\x12\x13\n\x0eRequestTimeout\x10\x98\x03\x12\r\n\x08\x43onflict\x10\x99\x03\x12\t\n\x04Gone\x10\x9a\x03\x12\x13\n\x0eLengthRequired\x10\x9b\x03\x12\x17\n\x12PreconditionFailed\x10\x9c\x03\x12\x14\n\x0fPayloadTooLarge\x10\x9d\x03\x12\x0f\n\nURITooLong\x10\x9e\x03\x12\x19\n\x14UnsupportedMediaType\x10\x9f\x03\x12\x18\n\x13RangeNotSatisfiable\x10\xa0\x03\x12\x16\n\x11\x45xpectationFailed\x10\xa1\x03\x12\x17\n\x12MisdirectedRequest\x10\xa5\x03\x12\x18\n\x13UnprocessableEntity\x10\xa6\x03\x12\x0b\n\x06Locked\x10\xa7\x03\x12\x15\n\x10\x46\x61iledDependency\x10\xa8\x03\x12\x14\n\x0fUpgradeRequired\x10\xaa\x03\x12\x19\n\x14PreconditionRequired\x10\xac\x03\x12\x14\n\x0fTooManyRequests\x10\xad\x03\x12 \n\x1bRequestHeaderFieldsTooLarge\x10\xaf\x03\x12\x18\n\x13InternalServerError\x10\xf4\x03\x12\x13\n\x0eNotImplemented\x10\xf5\x03\x12\x0f\n\nBadGateway\x10\xf6\x03\x12\x17\n\x12ServiceUnavailable\x10\xf7\x03\x12\x13\n\x0eGatewayTimeout\x10\xf8\x03\x12\x1c\n\x17HTTPVersionNotSupported\x10\xf9\x03\x12\x1a\n\x15VariantAlsoNegotiates\x10\xfa\x03\x12\x18\n\x13InsufficientStorage\x10\xfb\x03\x12\x11\n\x0cLoopDetected\x10\xfc\x03\x12\x10\n\x0bNotExtended\x10\xfe\x03\x12\"\n\x1dNetworkAuthenticationRequired\x10\xff\x03\x42\x1dZ\x1bistio.io/api/policy/v1beta1b\x06proto3') + serialized_pb=_b('\n\"policy/v1beta1/http_response.proto\x12\x14istio.policy.v1beta1\"\xce\x01\n\x12\x44irectHttpResponse\x12\x32\n\x04\x63ode\x18\x01 \x01(\x0e\x32$.istio.policy.v1beta1.HttpStatusCode\x12\x0c\n\x04\x62ody\x18\x02 \x01(\t\x12\x46\n\x07headers\x18\x03 \x03(\x0b\x32\x35.istio.policy.v1beta1.DirectHttpResponse.HeadersEntry\x1a.\n\x0cHeadersEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01*\xb9\t\n\x0eHttpStatusCode\x12\t\n\x05\x45mpty\x10\x00\x12\x0c\n\x08\x43ontinue\x10\x64\x12\x07\n\x02OK\x10\xc8\x01\x12\x0c\n\x07\x43reated\x10\xc9\x01\x12\r\n\x08\x41\x63\x63\x65pted\x10\xca\x01\x12 \n\x1bNonAuthoritativeInformation\x10\xcb\x01\x12\x0e\n\tNoContent\x10\xcc\x01\x12\x11\n\x0cResetContent\x10\xcd\x01\x12\x13\n\x0ePartialContent\x10\xce\x01\x12\x10\n\x0bMultiStatus\x10\xcf\x01\x12\x14\n\x0f\x41lreadyReported\x10\xd0\x01\x12\x0b\n\x06IMUsed\x10\xe2\x01\x12\x14\n\x0fMultipleChoices\x10\xac\x02\x12\x15\n\x10MovedPermanently\x10\xad\x02\x12\n\n\x05\x46ound\x10\xae\x02\x12\r\n\x08SeeOther\x10\xaf\x02\x12\x10\n\x0bNotModified\x10\xb0\x02\x12\r\n\x08UseProxy\x10\xb1\x02\x12\x16\n\x11TemporaryRedirect\x10\xb3\x02\x12\x16\n\x11PermanentRedirect\x10\xb4\x02\x12\x0f\n\nBadRequest\x10\x90\x03\x12\x11\n\x0cUnauthorized\x10\x91\x03\x12\x14\n\x0fPaymentRequired\x10\x92\x03\x12\x0e\n\tForbidden\x10\x93\x03\x12\r\n\x08NotFound\x10\x94\x03\x12\x15\n\x10MethodNotAllowed\x10\x95\x03\x12\x12\n\rNotAcceptable\x10\x96\x03\x12 \n\x1bProxyAuthenticationRequired\x10\x97\x03\x12\x13\n\x0eRequestTimeout\x10\x98\x03\x12\r\n\x08\x43onflict\x10\x99\x03\x12\t\n\x04Gone\x10\x9a\x03\x12\x13\n\x0eLengthRequired\x10\x9b\x03\x12\x17\n\x12PreconditionFailed\x10\x9c\x03\x12\x14\n\x0fPayloadTooLarge\x10\x9d\x03\x12\x0f\n\nURITooLong\x10\x9e\x03\x12\x19\n\x14UnsupportedMediaType\x10\x9f\x03\x12\x18\n\x13RangeNotSatisfiable\x10\xa0\x03\x12\x16\n\x11\x45xpectationFailed\x10\xa1\x03\x12\x17\n\x12MisdirectedRequest\x10\xa5\x03\x12\x18\n\x13UnprocessableEntity\x10\xa6\x03\x12\x0b\n\x06Locked\x10\xa7\x03\x12\x15\n\x10\x46\x61iledDependency\x10\xa8\x03\x12\x14\n\x0fUpgradeRequired\x10\xaa\x03\x12\x19\n\x14PreconditionRequired\x10\xac\x03\x12\x14\n\x0fTooManyRequests\x10\xad\x03\x12 \n\x1bRequestHeaderFieldsTooLarge\x10\xaf\x03\x12\x18\n\x13InternalServerError\x10\xf4\x03\x12\x13\n\x0eNotImplemented\x10\xf5\x03\x12\x0f\n\nBadGateway\x10\xf6\x03\x12\x17\n\x12ServiceUnavailable\x10\xf7\x03\x12\x13\n\x0eGatewayTimeout\x10\xf8\x03\x12\x1c\n\x17HTTPVersionNotSupported\x10\xf9\x03\x12\x1a\n\x15VariantAlsoNegotiates\x10\xfa\x03\x12\x18\n\x13InsufficientStorage\x10\xfb\x03\x12\x11\n\x0cLoopDetected\x10\xfc\x03\x12\x10\n\x0bNotExtended\x10\xfe\x03\x12\"\n\x1dNetworkAuthenticationRequired\x10\xff\x03\x42\x1dZ\x1bistio.io/api/policy/v1beta1b\x06proto3') ) _HTTPSTATUSCODE = _descriptor.EnumDescriptor( @@ -260,8 +260,8 @@ ], containing_type=None, options=None, - serialized_start=149, - serialized_end=1358, + serialized_start=270, + serialized_end=1479, ) _sym_db.RegisterEnumDescriptor(_HTTPSTATUSCODE) @@ -326,6 +326,43 @@ +_DIRECTHTTPRESPONSE_HEADERSENTRY = _descriptor.Descriptor( + name='HeadersEntry', + full_name='istio.policy.v1beta1.DirectHttpResponse.HeadersEntry', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name='key', full_name='istio.policy.v1beta1.DirectHttpResponse.HeadersEntry.key', index=0, + number=1, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='value', full_name='istio.policy.v1beta1.DirectHttpResponse.HeadersEntry.value', index=1, + number=2, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=_descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')), + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=221, + serialized_end=267, +) + _DIRECTHTTPRESPONSE = _descriptor.Descriptor( name='DirectHttpResponse', full_name='istio.policy.v1beta1.DirectHttpResponse', @@ -347,10 +384,17 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='headers', full_name='istio.policy.v1beta1.DirectHttpResponse.headers', index=2, + number=3, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], - nested_types=[], + nested_types=[_DIRECTHTTPRESPONSE_HEADERSENTRY, ], enum_types=[ ], options=None, @@ -359,23 +403,35 @@ extension_ranges=[], oneofs=[ ], - serialized_start=60, - serialized_end=146, + serialized_start=61, + serialized_end=267, ) +_DIRECTHTTPRESPONSE_HEADERSENTRY.containing_type = _DIRECTHTTPRESPONSE _DIRECTHTTPRESPONSE.fields_by_name['code'].enum_type = _HTTPSTATUSCODE +_DIRECTHTTPRESPONSE.fields_by_name['headers'].message_type = _DIRECTHTTPRESPONSE_HEADERSENTRY DESCRIPTOR.message_types_by_name['DirectHttpResponse'] = _DIRECTHTTPRESPONSE DESCRIPTOR.enum_types_by_name['HttpStatusCode'] = _HTTPSTATUSCODE _sym_db.RegisterFileDescriptor(DESCRIPTOR) DirectHttpResponse = _reflection.GeneratedProtocolMessageType('DirectHttpResponse', (_message.Message,), dict( + + HeadersEntry = _reflection.GeneratedProtocolMessageType('HeadersEntry', (_message.Message,), dict( + DESCRIPTOR = _DIRECTHTTPRESPONSE_HEADERSENTRY, + __module__ = 'policy.v1beta1.http_response_pb2' + # @@protoc_insertion_point(class_scope:istio.policy.v1beta1.DirectHttpResponse.HeadersEntry) + )) + , DESCRIPTOR = _DIRECTHTTPRESPONSE, __module__ = 'policy.v1beta1.http_response_pb2' # @@protoc_insertion_point(class_scope:istio.policy.v1beta1.DirectHttpResponse) )) _sym_db.RegisterMessage(DirectHttpResponse) +_sym_db.RegisterMessage(DirectHttpResponse.HeadersEntry) DESCRIPTOR.has_options = True DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('Z\033istio.io/api/policy/v1beta1')) +_DIRECTHTTPRESPONSE_HEADERSENTRY.has_options = True +_DIRECTHTTPRESPONSE_HEADERSENTRY._options = _descriptor._ParseOptions(descriptor_pb2.MessageOptions(), _b('8\001')) # @@protoc_insertion_point(module_scope) From 01a2afd81a4abcea3f06765f515293c9b05b8a3c Mon Sep 17 00:00:00 2001 From: John Howard Date: Wed, 13 Feb 2019 10:42:53 -0800 Subject: [PATCH 11/16] Fix typos in sidecar.proto (#795) --- networking/v1alpha3/istio.networking.v1alpha3.pb.html | 4 ++-- networking/v1alpha3/sidecar.pb.go | 4 ++-- networking/v1alpha3/sidecar.proto | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/networking/v1alpha3/istio.networking.v1alpha3.pb.html b/networking/v1alpha3/istio.networking.v1alpha3.pb.html index 3076ae350c..8f4714ae95 100644 --- a/networking/v1alpha3/istio.networking.v1alpha3.pb.html +++ b/networking/v1alpha3/istio.networking.v1alpha3.pb.html @@ -3724,7 +3724,7 @@

Sidecar

behavior of the system is undefined if two or more Sidecar resources with a workload selector select the same workload.

-

The example below delcares a Sidecar resource in the prod-us1 namespace +

The example below declares a Sidecar resource in the prod-us1 namespace that configures the sidecars in the namespace to allow egress traffic to public services in the prod-us1, prod-apis, and the istio-system namespaces.

@@ -3742,7 +3742,7 @@

Sidecar

- "istio-system/*" -

The example below delcares a Sidecar resource in the prod-us1 namespace +

The example below declares a Sidecar resource in the prod-us1 namespace that accepts inbound HTTP traffic on port 9080 and forwards it to the attached workload listening on a unix domain socket. In the egress direction, in addition to the istio-system namespace, the sidecar diff --git a/networking/v1alpha3/sidecar.pb.go b/networking/v1alpha3/sidecar.pb.go index 0c2afe181a..42766a971a 100644 --- a/networking/v1alpha3/sidecar.pb.go +++ b/networking/v1alpha3/sidecar.pb.go @@ -103,7 +103,7 @@ func (CaptureMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // behavior of the system is undefined if two or more Sidecar resources // with a workload selector select the same workload. // -// The example below delcares a Sidecar resource in the prod-us1 namespace +// The example below declares a Sidecar resource in the prod-us1 namespace // that configures the sidecars in the namespace to allow egress traffic to // public services in the prod-us1, prod-apis, and the istio-system // namespaces. @@ -122,7 +122,7 @@ func (CaptureMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorSidec // - "istio-system/*" // ``` // -// The example below delcares a Sidecar resource in the prod-us1 namespace +// The example below declares a Sidecar resource in the prod-us1 namespace // that accepts inbound HTTP traffic on port 9080 and forwards // it to the attached workload listening on a unix domain socket. In the // egress direction, in addition to the istio-system namespace, the sidecar diff --git a/networking/v1alpha3/sidecar.proto b/networking/v1alpha3/sidecar.proto index f927fe919c..5f139c1ccf 100644 --- a/networking/v1alpha3/sidecar.proto +++ b/networking/v1alpha3/sidecar.proto @@ -47,7 +47,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // behavior of the system is undefined if two or more Sidecar resources // with a workload selector select the same workload. // -// The example below delcares a Sidecar resource in the prod-us1 namespace +// The example below declares a Sidecar resource in the prod-us1 namespace // that configures the sidecars in the namespace to allow egress traffic to // public services in the prod-us1, prod-apis, and the istio-system // namespaces. @@ -66,7 +66,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // - "istio-system/*" // ``` // -// The example below delcares a Sidecar resource in the prod-us1 namespace +// The example below declares a Sidecar resource in the prod-us1 namespace // that accepts inbound HTTP traffic on port 9080 and forwards // it to the attached workload listening on a unix domain socket. In the // egress direction, in addition to the istio-system namespace, the sidecar From 2b2fabd451530ae28003830c52f0ca43ca63be14 Mon Sep 17 00:00:00 2001 From: Caleb Gilmour Date: Sat, 16 Feb 2019 07:17:34 +1300 Subject: [PATCH 12/16] Generate files with correct owner. (#798) Signed-off-by: Caleb Gilmour --- Makefile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 5d804e31ac..4c9536a5f7 100644 --- a/Makefile +++ b/Makefile @@ -20,10 +20,11 @@ pwd := $(shell pwd) mount_dir := /src repo_dir := istio.io/api repo_mount := $(mount_dir)/istio.io/api -docker_gen := docker run --rm -v $(pwd):$(repo_mount) -w $(mount_dir) $(gen_img) -I$(repo_dir) +uid := $(shell id -u) +docker_gen := docker run --rm --user $(uid) -v /etc/passwd:/etc/passwd:ro -v $(pwd):$(repo_mount) -w $(mount_dir) $(gen_img) -I$(repo_dir) out_path = . -docker_lock = docker run --rm -v $(pwd):$(repo_mount) -w $(repo_mount) $(lock_img) -docker_tool = docker run --rm -v $(pwd):$(repo_mount) -w $(repo_mount) $(all_img) prototool +docker_lock = docker run --rm --user $(uid) -v /etc/passwd:/etc/passwd:ro -v $(pwd):$(repo_mount) -w $(repo_mount) $(lock_img) +docker_tool = docker run --rm --user $(uid) -v /etc/passwd:/etc/passwd:ro -v $(pwd):$(repo_mount) -w $(repo_mount) $(all_img) prototool endif ######################## From f6b6c4168da150dc23073c9f0ec55fc2b1924690 Mon Sep 17 00:00:00 2001 From: Caleb Gilmour Date: Tue, 19 Feb 2019 10:47:25 +1300 Subject: [PATCH 13/16] Add Datadog tracing to proxy config (#797) Signed-off-by: Caleb Gilmour --- mesh/v1alpha1/istio.mesh.v1alpha1.pb.html | 34 +- mesh/v1alpha1/proxy.pb.go | 350 ++++++++++++++++---- mesh/v1alpha1/proxy.proto | 8 + proto.lock | 15 + python/istio_api/mesh/v1alpha1/proxy_pb2.py | 76 ++++- 5 files changed, 404 insertions(+), 79 deletions(-) diff --git a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html index b2d788735e..28d3fe2d02 100644 --- a/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html +++ b/mesh/v1alpha1/istio.mesh.v1alpha1.pb.html @@ -4,7 +4,7 @@ generator: protoc-gen-docs aliases: - /docs/reference/config/service-mesh.html -number_of_entries: 19 +number_of_entries: 20 ---

AuthenticationPolicy

@@ -1001,6 +1001,38 @@

Tracing

 + + + + + + + +
workloadSelectorWorkloadSelector +

Criteria used to select the specific set of pods/VMs on which this +sidecar configuration should be applied. If omitted, the sidecar +configuration will be applied to all workloads in the same config +namespace.

+ +
ingressIstioIngressListener[] +

Ingress specifies the configuration of the sidecar for processing +inbound traffic to the attached workload. If omitted, Istio will +autoconfigure the sidecar based on the information about the workload +obtained from the orchestration platform (e.g., exposed ports, services, +etc.).

+ +
egress IstioEgressListener[] labels map<string, string> -

One or more labels that indicate a specific set of pods/VMs on which -this sidecar configuration should be applied. The scope of label -search is restricted to the configuration namespace in which the the -resource is present.

+

REQUIRED: One or more labels that indicate a specific set of pods/VMs +on which this sidecar configuration should be applied. The scope of +label search is restricted to the configuration namespace in which the +the resource is present.

HTTP response body.

+
headersmap<string, string> +

Optional HTTP response headers.

+
Rule.HeaderOperationTemplate[]

Optional. Templatized operations on the request headers using values produced by the -rule actions.

+rule actions. Require the check action result to be OK.
Rule.HeaderOperationTemplate[]

Optional. Templatized operations on the response headers using values produced by the -rule actions.

+rule actions. Require the check action result to be OK.

Use a LightStep tracer.

+
datadogTracing.Datadog (oneof) +

Use a Datadog tracer.

+ +
+
+

Tracing.Datadog

+
+

Datadog defines configuration for a Datadog tracer.

+ + + + + + + + + + + + + + diff --git a/mesh/v1alpha1/proxy.pb.go b/mesh/v1alpha1/proxy.pb.go index e5689b9b77..e14c1bafb5 100644 --- a/mesh/v1alpha1/proxy.pb.go +++ b/mesh/v1alpha1/proxy.pb.go @@ -86,6 +86,7 @@ type Tracing struct { // Types that are valid to be assigned to Tracer: // *Tracing_Zipkin_ // *Tracing_Lightstep_ + // *Tracing_Datadog_ Tracer isTracing_Tracer `protobuf_oneof:"tracer"` } @@ -106,9 +107,13 @@ type Tracing_Zipkin_ struct { type Tracing_Lightstep_ struct { Lightstep *Tracing_Lightstep `protobuf:"bytes,2,opt,name=lightstep,oneof"` } +type Tracing_Datadog_ struct { + Datadog *Tracing_Datadog `protobuf:"bytes,3,opt,name=datadog,oneof"` +} func (*Tracing_Zipkin_) isTracing_Tracer() {} func (*Tracing_Lightstep_) isTracing_Tracer() {} +func (*Tracing_Datadog_) isTracing_Tracer() {} func (m *Tracing) GetTracer() isTracing_Tracer { if m != nil { @@ -131,11 +136,19 @@ func (m *Tracing) GetLightstep() *Tracing_Lightstep { return nil } +func (m *Tracing) GetDatadog() *Tracing_Datadog { + if x, ok := m.GetTracer().(*Tracing_Datadog_); ok { + return x.Datadog + } + return nil +} + // XXX_OneofFuncs is for the internal use of the proto package. func (*Tracing) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{}) { return _Tracing_OneofMarshaler, _Tracing_OneofUnmarshaler, _Tracing_OneofSizer, []interface{}{ (*Tracing_Zipkin_)(nil), (*Tracing_Lightstep_)(nil), + (*Tracing_Datadog_)(nil), } } @@ -153,6 +166,11 @@ func _Tracing_OneofMarshaler(msg proto.Message, b *proto.Buffer) error { if err := b.EncodeMessage(x.Lightstep); err != nil { return err } + case *Tracing_Datadog_: + _ = b.EncodeVarint(3<<3 | proto.WireBytes) + if err := b.EncodeMessage(x.Datadog); err != nil { + return err + } case nil: default: return fmt.Errorf("Tracing.Tracer has unexpected type %T", x) @@ -179,6 +197,14 @@ func _Tracing_OneofUnmarshaler(msg proto.Message, tag, wire int, b *proto.Buffer err := b.DecodeMessage(msg) m.Tracer = &Tracing_Lightstep_{msg} return true, err + case 3: // tracer.datadog + if wire != proto.WireBytes { + return true, proto.ErrInternalBadWireType + } + msg := new(Tracing_Datadog) + err := b.DecodeMessage(msg) + m.Tracer = &Tracing_Datadog_{msg} + return true, err default: return false, nil } @@ -198,6 +224,11 @@ func _Tracing_OneofSizer(msg proto.Message) (n int) { n += proto.SizeVarint(2<<3 | proto.WireBytes) n += proto.SizeVarint(uint64(s)) n += s + case *Tracing_Datadog_: + s := proto.Size(x.Datadog) + n += proto.SizeVarint(3<<3 | proto.WireBytes) + n += proto.SizeVarint(uint64(s)) + n += s case nil: default: panic(fmt.Sprintf("proto: unexpected type %T in oneof", x)) @@ -268,6 +299,24 @@ func (m *Tracing_Lightstep) GetCacertPath() string { return "" } +// Datadog defines configuration for a Datadog tracer. +type Tracing_Datadog struct { + // Address of the Datadog Agent. + Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` +} + +func (m *Tracing_Datadog) Reset() { *m = Tracing_Datadog{} } +func (m *Tracing_Datadog) String() string { return proto.CompactTextString(m) } +func (*Tracing_Datadog) ProtoMessage() {} +func (*Tracing_Datadog) Descriptor() ([]byte, []int) { return fileDescriptorProxy, []int{0, 2} } + +func (m *Tracing_Datadog) GetAddress() string { + if m != nil { + return m.Address + } + return "" +} + // ProxyConfig defines variables for individual Envoy instances. type ProxyConfig struct { // Path to the generated configuration file directory. @@ -475,6 +524,7 @@ func init() { proto.RegisterType((*Tracing)(nil), "istio.mesh.v1alpha1.Tracing") proto.RegisterType((*Tracing_Zipkin)(nil), "istio.mesh.v1alpha1.Tracing.Zipkin") proto.RegisterType((*Tracing_Lightstep)(nil), "istio.mesh.v1alpha1.Tracing.Lightstep") + proto.RegisterType((*Tracing_Datadog)(nil), "istio.mesh.v1alpha1.Tracing.Datadog") proto.RegisterType((*ProxyConfig)(nil), "istio.mesh.v1alpha1.ProxyConfig") proto.RegisterEnum("istio.mesh.v1alpha1.AuthenticationPolicy", AuthenticationPolicy_name, AuthenticationPolicy_value) proto.RegisterEnum("istio.mesh.v1alpha1.ProxyConfig_InboundInterceptionMode", ProxyConfig_InboundInterceptionMode_name, ProxyConfig_InboundInterceptionMode_value) @@ -532,6 +582,20 @@ func (m *Tracing_Lightstep_) MarshalTo(dAtA []byte) (int, error) { } return i, nil } +func (m *Tracing_Datadog_) MarshalTo(dAtA []byte) (int, error) { + i := 0 + if m.Datadog != nil { + dAtA[i] = 0x1a + i++ + i = encodeVarintProxy(dAtA, i, uint64(m.Datadog.Size())) + n4, err := m.Datadog.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n4 + } + return i, nil +} func (m *Tracing_Zipkin) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -602,6 +666,30 @@ func (m *Tracing_Lightstep) MarshalTo(dAtA []byte) (int, error) { return i, nil } +func (m *Tracing_Datadog) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *Tracing_Datadog) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if len(m.Address) > 0 { + dAtA[i] = 0xa + i++ + i = encodeVarintProxy(dAtA, i, uint64(len(m.Address))) + i += copy(dAtA[i:], m.Address) + } + return i, nil +} + func (m *ProxyConfig) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -639,21 +727,21 @@ func (m *ProxyConfig) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x22 i++ i = encodeVarintProxy(dAtA, i, uint64(m.DrainDuration.Size())) - n4, err := m.DrainDuration.MarshalTo(dAtA[i:]) + n5, err := m.DrainDuration.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n4 + i += n5 } if m.ParentShutdownDuration != nil { dAtA[i] = 0x2a i++ i = encodeVarintProxy(dAtA, i, uint64(m.ParentShutdownDuration.Size())) - n5, err := m.ParentShutdownDuration.MarshalTo(dAtA[i:]) + n6, err := m.ParentShutdownDuration.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n5 + i += n6 } if len(m.DiscoveryAddress) > 0 { dAtA[i] = 0x32 @@ -665,11 +753,11 @@ func (m *ProxyConfig) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x3a i++ i = encodeVarintProxy(dAtA, i, uint64(m.DiscoveryRefreshDelay.Size())) - n6, err := m.DiscoveryRefreshDelay.MarshalTo(dAtA[i:]) + n7, err := m.DiscoveryRefreshDelay.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n6 + i += n7 } if len(m.ZipkinAddress) > 0 { dAtA[i] = 0x42 @@ -681,11 +769,11 @@ func (m *ProxyConfig) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x4a i++ i = encodeVarintProxy(dAtA, i, uint64(m.ConnectTimeout.Size())) - n7, err := m.ConnectTimeout.MarshalTo(dAtA[i:]) + n8, err := m.ConnectTimeout.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n7 + i += n8 } if len(m.StatsdUdpAddress) > 0 { dAtA[i] = 0x52 @@ -748,11 +836,11 @@ func (m *ProxyConfig) MarshalTo(dAtA []byte) (int, error) { dAtA[i] = 0x1 i++ i = encodeVarintProxy(dAtA, i, uint64(m.Tracing.Size())) - n8, err := m.Tracing.MarshalTo(dAtA[i:]) + n9, err := m.Tracing.MarshalTo(dAtA[i:]) if err != nil { return 0, err } - i += n8 + i += n9 } return i, nil } @@ -793,6 +881,15 @@ func (m *Tracing_Lightstep_) Size() (n int) { } return n } +func (m *Tracing_Datadog_) Size() (n int) { + var l int + _ = l + if m.Datadog != nil { + l = m.Datadog.Size() + n += 1 + l + sovProxy(uint64(l)) + } + return n +} func (m *Tracing_Zipkin) Size() (n int) { var l int _ = l @@ -824,6 +921,16 @@ func (m *Tracing_Lightstep) Size() (n int) { return n } +func (m *Tracing_Datadog) Size() (n int) { + var l int + _ = l + l = len(m.Address) + if l > 0 { + n += 1 + l + sovProxy(uint64(l)) + } + return n +} + func (m *ProxyConfig) Size() (n int) { var l int _ = l @@ -1007,6 +1114,38 @@ func (m *Tracing) Unmarshal(dAtA []byte) error { } m.Tracer = &Tracing_Lightstep_{v} iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Datadog", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowProxy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthProxy + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + v := &Tracing_Datadog{} + if err := v.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + m.Tracer = &Tracing_Datadog_{v} + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipProxy(dAtA[iNdEx:]) @@ -1264,6 +1403,85 @@ func (m *Tracing_Lightstep) Unmarshal(dAtA []byte) error { } return nil } +func (m *Tracing_Datadog) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowProxy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: Datadog: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: Datadog: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Address", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowProxy + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthProxy + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Address = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipProxy(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthProxy + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func (m *ProxyConfig) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -1943,59 +2161,61 @@ var ( func init() { proto.RegisterFile("mesh/v1alpha1/proxy.proto", fileDescriptorProxy) } var fileDescriptorProxy = []byte{ - // 862 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x55, 0x5d, 0x6f, 0xe3, 0x44, - 0x14, 0xad, 0x97, 0xdd, 0x7c, 0xdc, 0xb4, 0xa9, 0x3b, 0x0b, 0x5d, 0x37, 0x82, 0x12, 0x8a, 0x04, - 0x59, 0x40, 0x8e, 0xb6, 0x2b, 0x21, 0x5e, 0x40, 0x24, 0x6d, 0x57, 0x8d, 0xd4, 0xed, 0x46, 0xae, - 0x2b, 0x41, 0x5f, 0x46, 0x13, 0xfb, 0x36, 0x1e, 0xad, 0x33, 0x63, 0x8d, 0xc7, 0x85, 0xec, 0x1b, - 0xfc, 0x34, 0x9e, 0x78, 0xe4, 0x27, 0xa0, 0x3e, 0xf1, 0x33, 0x90, 0x67, 0xec, 0x6c, 0x40, 0xdd, - 0xed, 0x5b, 0xe6, 0xcc, 0x39, 0x77, 0xce, 0x99, 0x3b, 0xd7, 0x81, 0xbd, 0x05, 0xe6, 0xc9, 0xf0, - 0xe6, 0x19, 0x4b, 0xb3, 0x84, 0x3d, 0x1b, 0x66, 0x4a, 0xfe, 0xba, 0xf4, 0x33, 0x25, 0xb5, 0x24, - 0x8f, 0x79, 0xae, 0xb9, 0xf4, 0x4b, 0x82, 0x5f, 0x13, 0x7a, 0xfb, 0x73, 0x29, 0xe7, 0x29, 0x0e, - 0x0d, 0x65, 0x56, 0x5c, 0x0f, 0xe3, 0x42, 0x31, 0xcd, 0xa5, 0xb0, 0xa2, 0x83, 0x3f, 0x1e, 0x40, - 0x33, 0x54, 0x2c, 0xe2, 0x62, 0x4e, 0xbe, 0x87, 0xc6, 0x1b, 0x9e, 0xbd, 0xe6, 0xc2, 0x73, 0xfa, - 0xce, 0xa0, 0x73, 0xf8, 0xb9, 0x7f, 0x47, 0x45, 0xbf, 0x62, 0xfb, 0x57, 0x86, 0x7a, 0xba, 0x11, - 0x54, 0x22, 0xf2, 0x02, 0xda, 0x29, 0x9f, 0x27, 0x3a, 0xd7, 0x98, 0x79, 0x0f, 0x4c, 0x85, 0x2f, - 0xde, 0x5b, 0xe1, 0xac, 0x66, 0x9f, 0x6e, 0x04, 0x6f, 0xa5, 0xbd, 0x03, 0x68, 0xd8, 0xda, 0xc4, - 0x83, 0x26, 0x8b, 0x63, 0x85, 0x79, 0x6e, 0x1c, 0xb5, 0x83, 0x7a, 0xd9, 0xfb, 0xcd, 0x81, 0xf6, - 0x4a, 0xfe, 0x6e, 0x1e, 0xf9, 0x0c, 0x36, 0x59, 0x14, 0x61, 0x9e, 0x53, 0x2d, 0x5f, 0xa3, 0x30, - 0xb6, 0xda, 0x41, 0xc7, 0x62, 0x61, 0x09, 0x91, 0x5d, 0x68, 0xe4, 0x18, 0x15, 0x0a, 0xbd, 0x0f, - 0xfa, 0xce, 0xa0, 0x15, 0x54, 0x2b, 0xf2, 0x29, 0x74, 0x22, 0x16, 0xa1, 0xd2, 0x34, 0x63, 0x3a, - 0xf1, 0x1e, 0x1a, 0x25, 0x58, 0x68, 0xca, 0x74, 0x32, 0x6e, 0x41, 0x43, 0xab, 0x72, 0x79, 0xf0, - 0x7b, 0x1b, 0x3a, 0xd3, 0xb2, 0x13, 0x47, 0x52, 0x5c, 0xf3, 0xb9, 0x91, 0x9a, 0x5f, 0x56, 0xea, - 0x54, 0x52, 0x03, 0x95, 0xd2, 0x92, 0x30, 0xe3, 0x82, 0xa9, 0xa5, 0x25, 0x58, 0x57, 0x60, 0x21, - 0x43, 0xf8, 0x12, 0xb6, 0x73, 0x54, 0x37, 0x3c, 0x42, 0x1a, 0xa5, 0x45, 0xae, 0x51, 0x19, 0x77, - 0xed, 0xa0, 0x5b, 0xc1, 0x47, 0x16, 0x25, 0x3f, 0x42, 0x37, 0x56, 0x8c, 0x0b, 0x5a, 0xf7, 0xd5, - 0x18, 0xed, 0x1c, 0xee, 0xf9, 0xb6, 0xf1, 0x7e, 0xdd, 0x78, 0xff, 0xb8, 0x22, 0x04, 0x5b, 0x46, - 0x50, 0x2f, 0xc9, 0x05, 0x78, 0x19, 0x53, 0x28, 0x34, 0xcd, 0x93, 0x42, 0xc7, 0xf2, 0x97, 0xb5, - 0x5a, 0x8f, 0xee, 0xab, 0xb5, 0x6b, 0xa5, 0x17, 0x95, 0x72, 0x55, 0xf4, 0x6b, 0xd8, 0x89, 0x79, - 0x1e, 0xc9, 0x1b, 0x54, 0x4b, 0x5a, 0xf7, 0xa6, 0x61, 0x12, 0xb8, 0xab, 0x8d, 0x51, 0xd5, 0xa4, - 0x4b, 0x78, 0xf2, 0x96, 0xac, 0xf0, 0x5a, 0x61, 0x9e, 0xd0, 0x18, 0x53, 0xb6, 0xf4, 0x9a, 0xf7, - 0x18, 0x18, 0x3f, 0xf0, 0x9c, 0xe0, 0xa3, 0x95, 0x3a, 0xb0, 0xe2, 0xe3, 0x52, 0x4b, 0x9e, 0x42, - 0xd7, 0xbe, 0xcc, 0x95, 0x81, 0x56, 0x69, 0xc0, 0x48, 0xb6, 0xec, 0x4e, 0xed, 0x60, 0x0c, 0xdb, - 0x91, 0x14, 0x02, 0x23, 0x4d, 0x35, 0x5f, 0xa0, 0x2c, 0xb4, 0xd7, 0xbe, 0x2f, 0x7a, 0xb7, 0x52, - 0x84, 0x56, 0x40, 0xbe, 0x01, 0x92, 0x6b, 0xa6, 0xf3, 0x98, 0x16, 0x71, 0xb6, 0x3a, 0x12, 0x6c, - 0x66, 0xbb, 0x73, 0x19, 0x67, 0xf5, 0x89, 0x03, 0x70, 0xcd, 0xec, 0x52, 0x16, 0x2f, 0xb8, 0xa0, - 0x99, 0x54, 0xda, 0xeb, 0xf4, 0x9d, 0xc1, 0xa3, 0xa0, 0x6b, 0xf0, 0x51, 0x09, 0x4f, 0xa5, 0xd2, - 0x64, 0x08, 0x3b, 0xec, 0x86, 0xf1, 0x94, 0xcd, 0x78, 0xca, 0xf5, 0x92, 0xbe, 0x91, 0x02, 0xbd, - 0xcd, 0x55, 0x12, 0x77, 0x7d, 0xf3, 0x4a, 0x0a, 0x24, 0x31, 0xec, 0x45, 0x52, 0x68, 0x25, 0x53, - 0x9a, 0xa5, 0x4c, 0x20, 0x65, 0x85, 0x4e, 0x68, 0x26, 0x53, 0x1e, 0x2d, 0xbd, 0xad, 0xbe, 0x33, - 0xe8, 0x1e, 0x3e, 0xbd, 0x73, 0x2e, 0x47, 0x85, 0x4e, 0x50, 0x68, 0x1e, 0x99, 0x80, 0x53, 0x23, - 0x08, 0x76, 0xab, 0x5a, 0xd3, 0xb2, 0x54, 0xc9, 0xb0, 0x78, 0x19, 0x37, 0x2a, 0x72, 0x2d, 0x17, - 0xb4, 0x7a, 0xea, 0xd7, 0x3c, 0x45, 0xaf, 0x6b, 0xe3, 0xda, 0x1d, 0x3b, 0x0d, 0x2f, 0x78, 0x8a, - 0x65, 0xdc, 0xf2, 0x0a, 0xa8, 0x60, 0x0b, 0xa4, 0x29, 0x8a, 0xb9, 0x4e, 0xbc, 0x6d, 0x1b, 0xb7, - 0xc4, 0xcf, 0xd9, 0x02, 0xcf, 0x0c, 0x4a, 0xfa, 0x66, 0x76, 0xa2, 0x42, 0x29, 0x14, 0xd1, 0xd2, - 0x73, 0x0d, 0x69, 0x1d, 0x22, 0x23, 0xf8, 0xc4, 0x5e, 0xdd, 0x4c, 0x4a, 0x9d, 0x6b, 0xc5, 0x32, - 0xaa, 0x71, 0x91, 0xa5, 0x4c, 0xa3, 0x1d, 0xa7, 0x1d, 0x63, 0xa2, 0x67, 0x48, 0xe3, 0x9a, 0x13, - 0x56, 0x14, 0x33, 0x5e, 0x08, 0x3b, 0x5c, 0x68, 0x54, 0x11, 0x66, 0x65, 0x54, 0xba, 0x90, 0x31, - 0x7a, 0xc4, 0x5c, 0xcd, 0x77, 0x77, 0x5e, 0xcd, 0xda, 0x74, 0xfb, 0x13, 0x31, 0x93, 0x85, 0x88, - 0x27, 0x6b, 0x05, 0x5e, 0xca, 0x18, 0x03, 0x97, 0xff, 0x0f, 0x21, 0xdf, 0x42, 0x53, 0xdb, 0x6f, - 0x9d, 0xf7, 0xd8, 0x3c, 0xa7, 0x8f, 0xdf, 0xf7, 0x3d, 0x0c, 0x6a, 0xf2, 0xc1, 0x73, 0x78, 0xf2, - 0x8e, 0x43, 0xc8, 0x26, 0xb4, 0x82, 0x93, 0xe3, 0x49, 0x70, 0x72, 0x14, 0xba, 0x1b, 0x04, 0xa0, - 0x11, 0x4e, 0x83, 0x57, 0x3f, 0xfd, 0xec, 0x3a, 0x5f, 0xfd, 0x00, 0x1f, 0xde, 0xd5, 0x40, 0xd2, - 0x82, 0x87, 0xe7, 0xaf, 0xce, 0x4f, 0xdc, 0x0d, 0xd2, 0x05, 0x78, 0x79, 0x19, 0x5e, 0x8e, 0xce, - 0x68, 0x78, 0x76, 0xe1, 0x3a, 0x64, 0x13, 0x9a, 0x93, 0xf3, 0xd3, 0x93, 0x60, 0x12, 0xba, 0xff, - 0x34, 0xc7, 0x83, 0x3f, 0x6f, 0xf7, 0x9d, 0xbf, 0x6e, 0xf7, 0x9d, 0xbf, 0x6f, 0xf7, 0x9d, 0xab, - 0x9e, 0x35, 0xca, 0xe5, 0x90, 0x65, 0x7c, 0xf8, 0x9f, 0x3f, 0x9d, 0x59, 0xc3, 0x0c, 0xc3, 0xf3, - 0x7f, 0x03, 0x00, 0x00, 0xff, 0xff, 0x65, 0xf7, 0xfe, 0xe0, 0x8c, 0x06, 0x00, 0x00, + // 891 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x55, 0xdd, 0x6e, 0xe3, 0x44, + 0x18, 0x8d, 0xf7, 0x27, 0x3f, 0x5f, 0xda, 0xd4, 0x9d, 0x85, 0xae, 0x1b, 0x41, 0x29, 0x5d, 0x04, + 0x59, 0x40, 0x8e, 0xb6, 0x2b, 0x21, 0x6e, 0x40, 0x9b, 0xb4, 0x5d, 0x35, 0x52, 0xb7, 0x1b, 0xb9, + 0xa9, 0x04, 0xbd, 0x19, 0x4d, 0xec, 0xaf, 0xf1, 0x68, 0x9d, 0x19, 0x6b, 0x3c, 0x2e, 0x64, 0xef, + 0xe0, 0x6d, 0x78, 0x13, 0x2e, 0x79, 0x04, 0xd4, 0x2b, 0x1e, 0x03, 0x79, 0xc6, 0xce, 0x06, 0xd4, + 0x9f, 0xbb, 0xf8, 0xcc, 0x39, 0xc7, 0xe7, 0x8c, 0xe7, 0x9b, 0xc0, 0xf6, 0x1c, 0xb3, 0xb8, 0x7f, + 0xf5, 0x82, 0x25, 0x69, 0xcc, 0x5e, 0xf4, 0x53, 0x25, 0x7f, 0x5d, 0xf8, 0xa9, 0x92, 0x5a, 0x92, + 0x27, 0x3c, 0xd3, 0x5c, 0xfa, 0x05, 0xc1, 0xaf, 0x08, 0xdd, 0x9d, 0x99, 0x94, 0xb3, 0x04, 0xfb, + 0x86, 0x32, 0xcd, 0x2f, 0xfb, 0x51, 0xae, 0x98, 0xe6, 0x52, 0x58, 0xd1, 0xde, 0x1f, 0x0f, 0xa1, + 0x31, 0x51, 0x2c, 0xe4, 0x62, 0x46, 0x7e, 0x80, 0xfa, 0x7b, 0x9e, 0xbe, 0xe3, 0xc2, 0x73, 0x76, + 0x9d, 0x5e, 0x7b, 0xff, 0x99, 0x7f, 0x83, 0xa3, 0x5f, 0xb2, 0xfd, 0x0b, 0x43, 0x3d, 0xae, 0x05, + 0xa5, 0x88, 0xbc, 0x86, 0x56, 0xc2, 0x67, 0xb1, 0xce, 0x34, 0xa6, 0xde, 0x03, 0xe3, 0xf0, 0xe5, + 0x9d, 0x0e, 0x27, 0x15, 0xfb, 0xb8, 0x16, 0x7c, 0x90, 0x92, 0x57, 0xd0, 0x88, 0x98, 0x66, 0x91, + 0x9c, 0x79, 0x0f, 0x8d, 0xcb, 0x17, 0x77, 0xba, 0x1c, 0x5a, 0xee, 0x71, 0x2d, 0xa8, 0x64, 0xdd, + 0x3d, 0xa8, 0xdb, 0x74, 0xc4, 0x83, 0x06, 0x8b, 0x22, 0x85, 0x59, 0x66, 0x3a, 0xb5, 0x82, 0xea, + 0xb1, 0xfb, 0x9b, 0x03, 0xad, 0x65, 0x80, 0xdb, 0x79, 0xe4, 0x73, 0x58, 0x63, 0x61, 0x88, 0x59, + 0x46, 0xb5, 0x7c, 0x87, 0xc2, 0x14, 0x6b, 0x05, 0x6d, 0x8b, 0x4d, 0x0a, 0x88, 0x6c, 0x41, 0x3d, + 0xc3, 0x30, 0x57, 0x68, 0xf2, 0x36, 0x83, 0xf2, 0x89, 0x7c, 0x06, 0xed, 0x90, 0x85, 0xa8, 0x34, + 0x4d, 0x99, 0x8e, 0xbd, 0x47, 0x46, 0x09, 0x16, 0x1a, 0x33, 0x1d, 0x77, 0x9f, 0x41, 0xa3, 0x4c, + 0x7f, 0x7b, 0x80, 0x61, 0x13, 0xea, 0x5a, 0x15, 0x9a, 0xbd, 0xdf, 0x5b, 0xd0, 0x1e, 0x17, 0x1f, + 0xfc, 0x40, 0x8a, 0x4b, 0x3e, 0x33, 0xfe, 0xe6, 0x97, 0xf5, 0x77, 0x4a, 0x7f, 0x03, 0x15, 0xfe, + 0x05, 0x61, 0xca, 0x05, 0x53, 0x0b, 0x4b, 0xb0, 0xd1, 0xc1, 0x42, 0x86, 0xf0, 0x15, 0x6c, 0x64, + 0xa8, 0xae, 0x78, 0x88, 0x34, 0x4c, 0xf2, 0x4c, 0xa3, 0x32, 0x15, 0x5a, 0x41, 0xa7, 0x84, 0x0f, + 0x2c, 0x4a, 0x5e, 0x41, 0x27, 0x52, 0x8c, 0x0b, 0x5a, 0x1d, 0x1f, 0xd3, 0xa6, 0xbd, 0xbf, 0xed, + 0xdb, 0xf3, 0xe5, 0x57, 0xe7, 0xcb, 0x3f, 0x2c, 0x09, 0xc1, 0xba, 0x11, 0x54, 0x8f, 0xe4, 0x0c, + 0xbc, 0x94, 0x29, 0x14, 0x9a, 0x66, 0x71, 0xae, 0x23, 0xf9, 0xcb, 0x8a, 0xd7, 0xe3, 0xfb, 0xbc, + 0xb6, 0xac, 0xf4, 0xac, 0x54, 0x2e, 0x4d, 0xbf, 0x81, 0xcd, 0x88, 0x67, 0xa1, 0xbc, 0x42, 0xb5, + 0xa0, 0xd5, 0xfe, 0xd5, 0x4d, 0x03, 0x77, 0xb9, 0x30, 0x28, 0xbf, 0xe4, 0x39, 0x3c, 0xfd, 0x40, + 0x56, 0x78, 0xa9, 0x30, 0x8b, 0x69, 0x84, 0x09, 0x5b, 0x78, 0x8d, 0x7b, 0x02, 0x0c, 0x1f, 0x78, + 0x4e, 0xf0, 0xf1, 0x52, 0x1d, 0x58, 0xf1, 0x61, 0xa1, 0x25, 0xcf, 0xa1, 0x63, 0x07, 0x60, 0x19, + 0xa0, 0x59, 0x04, 0x30, 0x92, 0x75, 0xbb, 0x52, 0x25, 0x18, 0xc2, 0x46, 0x28, 0x85, 0xc0, 0x50, + 0x53, 0xcd, 0xe7, 0x28, 0x73, 0xed, 0xb5, 0xee, 0xab, 0xde, 0x29, 0x15, 0x13, 0x2b, 0x20, 0xdf, + 0x02, 0xc9, 0x34, 0xd3, 0x59, 0x44, 0xf3, 0x28, 0x5d, 0xbe, 0x12, 0x6c, 0x67, 0xbb, 0x72, 0x1e, + 0xa5, 0xd5, 0x1b, 0x7b, 0xe0, 0x9a, 0x2b, 0x82, 0xb2, 0x68, 0xce, 0x05, 0x4d, 0xa5, 0xd2, 0x5e, + 0x7b, 0xd7, 0xe9, 0x3d, 0x0e, 0x3a, 0x06, 0x1f, 0x14, 0xf0, 0x58, 0x2a, 0x4d, 0xfa, 0xb0, 0xc9, + 0xae, 0x18, 0x4f, 0xd8, 0x94, 0x27, 0x5c, 0x2f, 0xe8, 0x7b, 0x29, 0xd0, 0x5b, 0x5b, 0x36, 0x71, + 0x57, 0x17, 0x2f, 0xa4, 0x40, 0x12, 0xc1, 0x76, 0x28, 0x85, 0x56, 0x32, 0xa1, 0x69, 0xc2, 0x04, + 0x52, 0x96, 0xeb, 0x98, 0xa6, 0x32, 0xe1, 0xe1, 0xc2, 0x5b, 0xdf, 0x75, 0x7a, 0x9d, 0xfd, 0xe7, + 0x37, 0x0e, 0xee, 0x20, 0xd7, 0x31, 0x0a, 0xcd, 0x43, 0x53, 0x70, 0x6c, 0x04, 0xc1, 0x56, 0xe9, + 0x35, 0x2e, 0xac, 0x0a, 0x86, 0xc5, 0x8b, 0xba, 0x61, 0x9e, 0x69, 0x39, 0xa7, 0xe5, 0x51, 0xbf, + 0xe4, 0x09, 0x7a, 0x1d, 0x5b, 0xd7, 0xae, 0xd8, 0x69, 0x78, 0xcd, 0x13, 0x2c, 0xea, 0x16, 0x5b, + 0x40, 0x05, 0x9b, 0x23, 0x4d, 0x50, 0xcc, 0x74, 0xec, 0x6d, 0xd8, 0xba, 0x05, 0x7e, 0xca, 0xe6, + 0x78, 0x62, 0x50, 0xb2, 0x6b, 0x66, 0x27, 0xcc, 0x95, 0x42, 0x11, 0x2e, 0x3c, 0xd7, 0x90, 0x56, + 0x21, 0x32, 0x80, 0x4f, 0xed, 0xd6, 0x4d, 0xa5, 0xd4, 0x99, 0x56, 0x2c, 0xa5, 0x1a, 0xe7, 0x69, + 0xc2, 0x34, 0xda, 0x71, 0xda, 0x34, 0x21, 0xba, 0x86, 0x34, 0xac, 0x38, 0x93, 0x92, 0x62, 0xc6, + 0x0b, 0x61, 0x93, 0x0b, 0x8d, 0x2a, 0xc4, 0xb4, 0xa8, 0x4a, 0xe7, 0x32, 0x42, 0x8f, 0x98, 0xad, + 0xf9, 0xfe, 0xc6, 0xad, 0x59, 0x99, 0x6e, 0x7f, 0x24, 0xa6, 0x32, 0x17, 0xd1, 0x68, 0xc5, 0xe0, + 0x8d, 0x8c, 0x30, 0x70, 0xf9, 0xff, 0x10, 0xf2, 0x1d, 0x34, 0xb4, 0xbd, 0x0c, 0xbd, 0x27, 0xe6, + 0x38, 0x7d, 0x72, 0xd7, 0x85, 0x19, 0x54, 0xe4, 0xbd, 0x97, 0xf0, 0xf4, 0x96, 0x97, 0x90, 0x35, + 0x68, 0x06, 0x47, 0x87, 0xa3, 0xe0, 0xe8, 0x60, 0xe2, 0xd6, 0x08, 0x40, 0x7d, 0x32, 0x0e, 0xde, + 0xfe, 0xf4, 0xb3, 0xeb, 0x7c, 0xfd, 0x23, 0x7c, 0x74, 0xd3, 0x07, 0x24, 0x4d, 0x78, 0x74, 0xfa, + 0xf6, 0xf4, 0xc8, 0xad, 0x91, 0x0e, 0xc0, 0x9b, 0xf3, 0xc9, 0xf9, 0xe0, 0x84, 0x4e, 0x4e, 0xce, + 0x5c, 0x87, 0xac, 0x41, 0x63, 0x74, 0x7a, 0x7c, 0x14, 0x8c, 0x26, 0xee, 0x3f, 0x8d, 0x61, 0xef, + 0xcf, 0xeb, 0x1d, 0xe7, 0xaf, 0xeb, 0x1d, 0xe7, 0xef, 0xeb, 0x1d, 0xe7, 0xa2, 0x6b, 0x83, 0x72, + 0xd9, 0x67, 0x29, 0xef, 0xff, 0xe7, 0xbf, 0x6d, 0x5a, 0x37, 0xc3, 0xf0, 0xf2, 0xdf, 0x00, 0x00, + 0x00, 0xff, 0xff, 0xff, 0x17, 0x86, 0x5a, 0xf3, 0x06, 0x00, 0x00, } diff --git a/mesh/v1alpha1/proxy.proto b/mesh/v1alpha1/proxy.proto index fcdd14defc..91566b6e20 100644 --- a/mesh/v1alpha1/proxy.proto +++ b/mesh/v1alpha1/proxy.proto @@ -60,12 +60,20 @@ message Tracing { string cacert_path = 4; } + // Datadog defines configuration for a Datadog tracer. + message Datadog { + // Address of the Datadog Agent. + string address = 1; + } + // The tracer implementation to be used by Envoy. oneof tracer { // Use a Zipkin tracer. Zipkin zipkin = 1; // Use a LightStep tracer. Lightstep lightstep = 2; + // Use a Datadog tracer. + Datadog datadog = 3; } } diff --git a/proto.lock b/proto.lock index 8ec68701a8..570fba3dfa 100644 --- a/proto.lock +++ b/proto.lock @@ -1195,6 +1195,11 @@ "id": 2, "name": "lightstep", "type": "Lightstep" + }, + { + "id": 3, + "name": "datadog", + "type": "Datadog" } ], "messages": [ @@ -1232,6 +1237,16 @@ "type": "string" } ] + }, + { + "name": "Datadog", + "fields": [ + { + "id": 1, + "name": "address", + "type": "string" + } + ] } ] }, diff --git a/python/istio_api/mesh/v1alpha1/proxy_pb2.py b/python/istio_api/mesh/v1alpha1/proxy_pb2.py index faff41274d..da72bf832b 100644 --- a/python/istio_api/mesh/v1alpha1/proxy_pb2.py +++ b/python/istio_api/mesh/v1alpha1/proxy_pb2.py @@ -21,7 +21,7 @@ name='mesh/v1alpha1/proxy.proto', package='istio.mesh.v1alpha1', syntax='proto3', - serialized_pb=_b('\n\x19mesh/v1alpha1/proxy.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\"\xfb\x01\n\x07Tracing\x12\x35\n\x06zipkin\x18\x01 \x01(\x0b\x32#.istio.mesh.v1alpha1.Tracing.ZipkinH\x00\x12;\n\tlightstep\x18\x02 \x01(\x0b\x32&.istio.mesh.v1alpha1.Tracing.LightstepH\x00\x1a\x19\n\x06Zipkin\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x1aW\n\tLightstep\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12\x14\n\x0c\x61\x63\x63\x65ss_token\x18\x02 \x01(\t\x12\x0e\n\x06secure\x18\x03 \x01(\x08\x12\x13\n\x0b\x63\x61\x63\x65rt_path\x18\x04 \x01(\tB\x08\n\x06tracer\"\xb9\x06\n\x0bProxyConfig\x12\x13\n\x0b\x63onfig_path\x18\x01 \x01(\t\x12\x13\n\x0b\x62inary_path\x18\x02 \x01(\t\x12\x17\n\x0fservice_cluster\x18\x03 \x01(\t\x12\x31\n\x0e\x64rain_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12;\n\x18parent_shutdown_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x19\n\x11\x64iscovery_address\x18\x06 \x01(\t\x12>\n\x17\x64iscovery_refresh_delay\x18\x07 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x1a\n\x0ezipkin_address\x18\x08 \x01(\tB\x02\x18\x01\x12\x32\n\x0f\x63onnect_timeout\x18\t \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1a\n\x12statsd_udp_address\x18\n \x01(\t\x12\x18\n\x10proxy_admin_port\x18\x0b \x01(\x05\x12\x1d\n\x11\x61vailability_zone\x18\x0c \x01(\tB\x02\x18\x01\x12L\n\x19\x63ontrol_plane_auth_policy\x18\r \x01(\x0e\x32).istio.mesh.v1alpha1.AuthenticationPolicy\x12\x1a\n\x12\x63ustom_config_file\x18\x0e \x01(\t\x12\x18\n\x10stat_name_length\x18\x0f \x01(\x05\x12\x13\n\x0b\x63oncurrency\x18\x10 \x01(\x05\x12%\n\x1dproxy_bootstrap_template_path\x18\x11 \x01(\t\x12S\n\x11interception_mode\x18\x12 \x01(\x0e\x32\x38.istio.mesh.v1alpha1.ProxyConfig.InboundInterceptionMode\x12-\n\x07tracing\x18\x13 \x01(\x0b\x32\x1c.istio.mesh.v1alpha1.Tracing\"3\n\x17InboundInterceptionMode\x12\x0c\n\x08REDIRECT\x10\x00\x12\n\n\x06TPROXY\x10\x01*>\n\x14\x41uthenticationPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\x12\x0c\n\x07INHERIT\x10\xe8\x07\x42\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') + serialized_pb=_b('\n\x19mesh/v1alpha1/proxy.proto\x12\x13istio.mesh.v1alpha1\x1a\x1egoogle/protobuf/duration.proto\"\xd0\x02\n\x07Tracing\x12\x35\n\x06zipkin\x18\x01 \x01(\x0b\x32#.istio.mesh.v1alpha1.Tracing.ZipkinH\x00\x12;\n\tlightstep\x18\x02 \x01(\x0b\x32&.istio.mesh.v1alpha1.Tracing.LightstepH\x00\x12\x37\n\x07\x64\x61tadog\x18\x03 \x01(\x0b\x32$.istio.mesh.v1alpha1.Tracing.DatadogH\x00\x1a\x19\n\x06Zipkin\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x1aW\n\tLightstep\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\t\x12\x14\n\x0c\x61\x63\x63\x65ss_token\x18\x02 \x01(\t\x12\x0e\n\x06secure\x18\x03 \x01(\x08\x12\x13\n\x0b\x63\x61\x63\x65rt_path\x18\x04 \x01(\t\x1a\x1a\n\x07\x44\x61tadog\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x01(\tB\x08\n\x06tracer\"\xb9\x06\n\x0bProxyConfig\x12\x13\n\x0b\x63onfig_path\x18\x01 \x01(\t\x12\x13\n\x0b\x62inary_path\x18\x02 \x01(\t\x12\x17\n\x0fservice_cluster\x18\x03 \x01(\t\x12\x31\n\x0e\x64rain_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12;\n\x18parent_shutdown_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x19\n\x11\x64iscovery_address\x18\x06 \x01(\t\x12>\n\x17\x64iscovery_refresh_delay\x18\x07 \x01(\x0b\x32\x19.google.protobuf.DurationB\x02\x18\x01\x12\x1a\n\x0ezipkin_address\x18\x08 \x01(\tB\x02\x18\x01\x12\x32\n\x0f\x63onnect_timeout\x18\t \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1a\n\x12statsd_udp_address\x18\n \x01(\t\x12\x18\n\x10proxy_admin_port\x18\x0b \x01(\x05\x12\x1d\n\x11\x61vailability_zone\x18\x0c \x01(\tB\x02\x18\x01\x12L\n\x19\x63ontrol_plane_auth_policy\x18\r \x01(\x0e\x32).istio.mesh.v1alpha1.AuthenticationPolicy\x12\x1a\n\x12\x63ustom_config_file\x18\x0e \x01(\t\x12\x18\n\x10stat_name_length\x18\x0f \x01(\x05\x12\x13\n\x0b\x63oncurrency\x18\x10 \x01(\x05\x12%\n\x1dproxy_bootstrap_template_path\x18\x11 \x01(\t\x12S\n\x11interception_mode\x18\x12 \x01(\x0e\x32\x38.istio.mesh.v1alpha1.ProxyConfig.InboundInterceptionMode\x12-\n\x07tracing\x18\x13 \x01(\x0b\x32\x1c.istio.mesh.v1alpha1.Tracing\"3\n\x17InboundInterceptionMode\x12\x0c\n\x08REDIRECT\x10\x00\x12\n\n\x06TPROXY\x10\x01*>\n\x14\x41uthenticationPolicy\x12\x08\n\x04NONE\x10\x00\x12\x0e\n\nMUTUAL_TLS\x10\x01\x12\x0c\n\x07INHERIT\x10\xe8\x07\x42\x1cZ\x1aistio.io/api/mesh/v1alpha1b\x06proto3') , dependencies=[google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,]) @@ -46,8 +46,8 @@ ], containing_type=None, options=None, - serialized_start=1164, - serialized_end=1226, + serialized_start=1249, + serialized_end=1311, ) _sym_db.RegisterEnumDescriptor(_AUTHENTICATIONPOLICY) @@ -74,8 +74,8 @@ ], containing_type=None, options=None, - serialized_start=1111, - serialized_end=1162, + serialized_start=1196, + serialized_end=1247, ) _sym_db.RegisterEnumDescriptor(_PROXYCONFIG_INBOUNDINTERCEPTIONMODE) @@ -106,8 +106,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=210, - serialized_end=235, + serialized_start=267, + serialized_end=292, ) _TRACING_LIGHTSTEP = _descriptor.Descriptor( @@ -157,8 +157,38 @@ extension_ranges=[], oneofs=[ ], - serialized_start=237, - serialized_end=324, + serialized_start=294, + serialized_end=381, +) + +_TRACING_DATADOG = _descriptor.Descriptor( + name='Datadog', + full_name='istio.mesh.v1alpha1.Tracing.Datadog', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name='address', full_name='istio.mesh.v1alpha1.Tracing.Datadog.address', index=0, + number=1, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=_b("").decode('utf-8'), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + syntax='proto3', + extension_ranges=[], + oneofs=[ + ], + serialized_start=383, + serialized_end=409, ) _TRACING = _descriptor.Descriptor( @@ -182,10 +212,17 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='datadog', full_name='istio.mesh.v1alpha1.Tracing.datadog', index=2, + number=3, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None, file=DESCRIPTOR), ], extensions=[ ], - nested_types=[_TRACING_ZIPKIN, _TRACING_LIGHTSTEP, ], + nested_types=[_TRACING_ZIPKIN, _TRACING_LIGHTSTEP, _TRACING_DATADOG, ], enum_types=[ ], options=None, @@ -198,7 +235,7 @@ index=0, containing_type=None, fields=[]), ], serialized_start=83, - serialized_end=334, + serialized_end=419, ) @@ -355,20 +392,25 @@ extension_ranges=[], oneofs=[ ], - serialized_start=337, - serialized_end=1162, + serialized_start=422, + serialized_end=1247, ) _TRACING_ZIPKIN.containing_type = _TRACING _TRACING_LIGHTSTEP.containing_type = _TRACING +_TRACING_DATADOG.containing_type = _TRACING _TRACING.fields_by_name['zipkin'].message_type = _TRACING_ZIPKIN _TRACING.fields_by_name['lightstep'].message_type = _TRACING_LIGHTSTEP +_TRACING.fields_by_name['datadog'].message_type = _TRACING_DATADOG _TRACING.oneofs_by_name['tracer'].fields.append( _TRACING.fields_by_name['zipkin']) _TRACING.fields_by_name['zipkin'].containing_oneof = _TRACING.oneofs_by_name['tracer'] _TRACING.oneofs_by_name['tracer'].fields.append( _TRACING.fields_by_name['lightstep']) _TRACING.fields_by_name['lightstep'].containing_oneof = _TRACING.oneofs_by_name['tracer'] +_TRACING.oneofs_by_name['tracer'].fields.append( + _TRACING.fields_by_name['datadog']) +_TRACING.fields_by_name['datadog'].containing_oneof = _TRACING.oneofs_by_name['tracer'] _PROXYCONFIG.fields_by_name['drain_duration'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION _PROXYCONFIG.fields_by_name['parent_shutdown_duration'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION _PROXYCONFIG.fields_by_name['discovery_refresh_delay'].message_type = google_dot_protobuf_dot_duration__pb2._DURATION @@ -397,6 +439,13 @@ # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.Tracing.Lightstep) )) , + + Datadog = _reflection.GeneratedProtocolMessageType('Datadog', (_message.Message,), dict( + DESCRIPTOR = _TRACING_DATADOG, + __module__ = 'mesh.v1alpha1.proxy_pb2' + # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.Tracing.Datadog) + )) + , DESCRIPTOR = _TRACING, __module__ = 'mesh.v1alpha1.proxy_pb2' # @@protoc_insertion_point(class_scope:istio.mesh.v1alpha1.Tracing) @@ -404,6 +453,7 @@ _sym_db.RegisterMessage(Tracing) _sym_db.RegisterMessage(Tracing.Zipkin) _sym_db.RegisterMessage(Tracing.Lightstep) +_sym_db.RegisterMessage(Tracing.Datadog) ProxyConfig = _reflection.GeneratedProtocolMessageType('ProxyConfig', (_message.Message,), dict( DESCRIPTOR = _PROXYCONFIG, From f0270aec284b4b5faaea4322023c249949d5a277 Mon Sep 17 00:00:00 2001 From: Sebastien Vas Date: Mon, 25 Feb 2019 11:41:35 -0800 Subject: [PATCH 14/16] Remove myself from owners add utka instead (#814) --- OWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OWNERS b/OWNERS index 019052cac5..33e348e1ab 100644 --- a/OWNERS +++ b/OWNERS @@ -11,7 +11,7 @@ reviewers: - ozevren - qiwzhang - rshriram - - sebastienvas + - utka - wattli approvers: - andraxylia @@ -25,5 +25,5 @@ approvers: - ozevren - qiwzhang - rshriram - - sebastienvas + - utka - wattli From 3dd0d12029a7858abf245343fac3a87bb1b6f63e Mon Sep 17 00:00:00 2001 From: Frank Budinsky Date: Mon, 25 Feb 2019 16:11:18 -0500 Subject: [PATCH 15/16] Document exportTo restrictions --- networking/v1alpha3/destination_rule.proto | 20 +++++++++++++++++--- networking/v1alpha3/service_entry.proto | 13 ++++++++----- networking/v1alpha3/virtual_service.proto | 7 +++++-- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/networking/v1alpha3/destination_rule.proto b/networking/v1alpha3/destination_rule.proto index 1c340f8bbf..868be064bc 100644 --- a/networking/v1alpha3/destination_rule.proto +++ b/networking/v1alpha3/destination_rule.proto @@ -118,9 +118,23 @@ message DestinationRule { // service. Traffic policies can be overridden at subset level. repeated Subset subsets = 3; - // The resolution of a DestinationRule to apply to a service occurs in the - // context of a hierarchy of namespaces. This rule controls whether those - // namespaces are allowed to select this rule. + // A list of namespaces to which this destination rule is exported. + // The resolution of a destination rule to apply to a service occurs in the + // context of a hierarchy of namespaces. Exporting a desintation rule allows + // it to be included in the resolution hierarchy for services in + // other namespaces. This feature provides a mechanism for service owners + // and mesh administrators to control the visibility of destination rules + // across namespace boundaries. + // + // If no namespaces are specified then the destination rule is exported to all + // namespaces by default. + // + // The value "." is reserved and defines an export to the same namespace that + // the destination rule is declared in. Similarly, the value "*" is reserved and + // defines an export to all namespaces. + // + // NOTE: in the current release, the `exportTo` value is restricted to + // "." or "*" (i.e., the current namespace or all namespaces). repeated string export_to = 4; } diff --git a/networking/v1alpha3/service_entry.proto b/networking/v1alpha3/service_entry.proto index 1527586f47..9d9151244d 100644 --- a/networking/v1alpha3/service_entry.proto +++ b/networking/v1alpha3/service_entry.proto @@ -135,7 +135,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // The following example demonstrates the use of a dedicated egress gateway // through which all external service traffic is forwarded. // The 'exportTo' field allows for control over the visibility of a service -// declaration to other namespaces in the mesh. By default a service is exported +// declaration to other namespaces in the mesh. By default, a service is exported // to all namespaces. The following example restricts the visibility to the // current namespace, represented by ".", so that it cannot be used by other // namespaces. @@ -196,7 +196,7 @@ option go_package = "istio.io/api/networking/v1alpha3"; // hosts: // - httpbin.com // exportTo: -// - * +// - "*" // gateways: // - mesh // - istio-egressgateway @@ -471,7 +471,7 @@ message ServiceEntry { repeated Endpoint endpoints = 6; // A list of namespaces to which this service is exported. Exporting a service - // allows it to used by sidecars, gateways and virtual services defined in + // allows it to be used by sidecars, gateways and virtual services defined in // other namespaces. This feature provides a mechanism for service owners // and mesh administrators to control the visibility of services across // namespace boundaries. @@ -480,12 +480,15 @@ message ServiceEntry { // namespaces by default. // // The value "." is reserved and defines an export to the same namespace that - // the service is declared in, similarly the value "*" is reserved and + // the service is declared in. Similarly, the value "*" is reserved and // defines an export to all namespaces. // - // For a Kubernetes Service the equivalent effect can be achieved by setting + // For a Kubernetes Service, the equivalent effect can be achieved by setting // the annotation "networking.istio.io/exportTo" to a comma-separated list // of namespace names. + // + // NOTE: in the current release, the `exportTo` value is restricted to + // "." or "*" (i.e., the current namespace or all namespaces). repeated string export_to = 7; // The list of subject alternate names allowed for workloads that diff --git a/networking/v1alpha3/virtual_service.proto b/networking/v1alpha3/virtual_service.proto index f9465aeaaa..43dbbada28 100644 --- a/networking/v1alpha3/virtual_service.proto +++ b/networking/v1alpha3/virtual_service.proto @@ -177,7 +177,7 @@ message VirtualService { repeated TCPRoute tcp = 4; // A list of namespaces to which this virtual service is exported. Exporting a - // virtual service allows it to used by sidecars and gateways defined in + // virtual service allows it to be used by sidecars and gateways defined in // other namespaces. This feature provides a mechanism for service owners // and mesh administrators to control the visibility of virtual services // across namespace boundaries. @@ -186,8 +186,11 @@ message VirtualService { // namespaces by default. // // The value "." is reserved and defines an export to the same namespace that - // the virtual service is declared in, similarly the value "*" is reserved and + // the virtual service is declared in. Similarly, the value "*" is reserved and // defines an export to all namespaces. + // + // NOTE: in the current release, the `exportTo` value is restricted to + // "." or "*" (i.e., the current namespace or all namespaces). repeated string export_to = 6; } From 805601fb719b4e5fda33e7de8319ca1eda37fdb0 Mon Sep 17 00:00:00 2001 From: Andra Cismaru Date: Mon, 25 Feb 2019 20:18:55 -0500 Subject: [PATCH 16/16] Update networking/v1alpha3/destination_rule.proto Co-Authored-By: frankbu --- networking/v1alpha3/destination_rule.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/networking/v1alpha3/destination_rule.proto b/networking/v1alpha3/destination_rule.proto index 868be064bc..0bc860b571 100644 --- a/networking/v1alpha3/destination_rule.proto +++ b/networking/v1alpha3/destination_rule.proto @@ -120,7 +120,7 @@ message DestinationRule { // A list of namespaces to which this destination rule is exported. // The resolution of a destination rule to apply to a service occurs in the - // context of a hierarchy of namespaces. Exporting a desintation rule allows + // context of a hierarchy of namespaces. Exporting a destination rule allows // it to be included in the resolution hierarchy for services in // other namespaces. This feature provides a mechanism for service owners // and mesh administrators to control the visibility of destination rules
FieldTypeDescription
addressstring +

Address of the Datadog Agent.

+