diff --git a/ci/verify_examples.sh b/ci/verify_examples.sh index 4d65fa2c5bcf9..03a26be026a34 100755 --- a/ci/verify_examples.sh +++ b/ci/verify_examples.sh @@ -1,10 +1,8 @@ #!/bin/bash -E -TESTCOMMAND="${1:-}" -TESTFILTER="${2:-*}" +TESTFILTER="${1:-*}" FAILED=() SRCDIR="${SRCDIR:-$(pwd)}" -EXCLUDED_BUILD_CONFIGS=${EXCLUDED_BUILD_CONFIGS:-"^./cache/responses.yaml|^./jaeger-native-tracing|docker-compose"} trap_errors () { @@ -39,39 +37,7 @@ run_examples () { done } -verify_build_configs () { - local config configs missing - missing=() - cd "${SRCDIR}/examples" || return 1 - configs="$(find . -name "*.yaml" -o -name "*.lua" | grep -vE "${EXCLUDED_BUILD_CONFIGS}" | cut -d/ -f2-)" - for config in $configs; do - grep "\"$config\"" BUILD || missing+=("$config") - done - if [[ -n "${missing[*]}" ]]; then - for config in "${missing[@]}"; do - echo "Missing config: $config" >&2 - done - return 1 - fi -} - -case "$TESTCOMMAND" in - build_config) - echo "Running build_configs test" - verify_build_configs - ;; - sandbox) - echo "Running sandbox test" - run_examples - ;; - ""|all) - echo "Running all tests" - verify_build_configs - run_examples - ;; - *) - echo "Usage: ./ci/verify_examples.sh [build_config|sandbox|all] []" -esac +run_examples if [[ "${#FAILED[@]}" -ne "0" ]]; then echo "TESTS FAILED:" diff --git a/configs/BUILD b/configs/BUILD index 128ec66421184..ca9a109356943 100644 --- a/configs/BUILD +++ b/configs/BUILD @@ -39,11 +39,17 @@ genrule( srcs = [ ":configs", "//examples:configs", + "//docs:configs", "//test/config/integration/certs", ], outs = ["example_configs.tar"], - cmd = "$(location configgen.sh) $(location configgen) $(@D) $(locations :configs) " + - "$(locations //examples:configs) $(locations //test/config/integration/certs)", + cmd = ( + "$(location configgen.sh) $(location configgen) $(@D) " + + "$(locations :configs) " + + "$(locations //examples:configs) " + + "$(locations //docs:configs) " + + "$(locations //test/config/integration/certs)" + ), tools = [ "configgen.sh", ":configgen", diff --git a/docs/BUILD b/docs/BUILD index ead7bddb9a7fa..15db81818225e 100644 --- a/docs/BUILD +++ b/docs/BUILD @@ -1,3 +1,28 @@ +load( + "//bazel:envoy_build_system.bzl", + "envoy_package", +) + licenses(["notice"]) # Apache 2 exports_files(["protodoc_manifest.yaml"]) + +envoy_package() + +# TODO(phlax): fix failing/excluded configs +# the following config only fails on windows: +# dns-cache-circuit-breaker: "Error: unable to read file: /etc/ssl/certs/ca-certificates.crt" + +filegroup( + name = "configs", + srcs = glob( + ["root/**/*.yaml"], + exclude = [ + "root/intro/_include/life-of-a-request.yaml", + "root/intro/arch_overview/security/_include/ssl.yaml", + "root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml", + "root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml", + "root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml", + ], + ), +) diff --git a/docs/root/configuration/best_practices/_include/edge.yaml b/docs/root/configuration/best_practices/_include/edge.yaml index 8c1fad88daa1e..958a231610f95 100644 --- a/docs/root/configuration/best_practices/_include/edge.yaml +++ b/docs/root/configuration/best_practices/_include/edge.yaml @@ -44,8 +44,8 @@ static_resources: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext common_tls_context: tls_certificates: - - certificate_chain: { filename: "example_com_cert.pem" } - private_key: { filename: "example_com_key.pem" } + - certificate_chain: { filename: "certs/servercert.pem" } + private_key: { filename: "certs/serverkey.pem" } # Uncomment if Envoy is behind a load balancer that exposes client IP address using the PROXY protocol. # use_proxy_proto: true filters: diff --git a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml index 7e69e8771fffa..b2791037f7ee9 100644 --- a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml +++ b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml @@ -1,59 +1,59 @@ - admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 0.0.0.0, port_value: 9901 } +admin: + access_log_path: /tmp/admin_access.log + address: + socket_address: { address: 0.0.0.0, port_value: 9901 } - static_resources: - listeners: - - name: listener1 - address: - socket_address: { address: 0.0.0.0, port_value: 51051 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: grpc_json - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path. - # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests - - match: { prefix: "/helloworld.Greeter" } - route: { cluster: grpc, timeout: { seconds: 60 } } - http_filters: - - name: envoy.filters.http.grpc_json_transcoder - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder - proto_descriptor: "/tmp/envoy/proto.pb" - services: ["helloworld.Greeter"] - print_options: - add_whitespace: true - always_print_primitive_fields: true - always_print_enums_as_ints: false - preserve_proto_field_names: false - - name: envoy.filters.http.router +static_resources: + listeners: + - name: listener1 + address: + socket_address: { address: 0.0.0.0, port_value: 51051 } + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: grpc_json + codec_type: AUTO + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path. + # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests + - match: { prefix: "/helloworld.Greeter" } + route: { cluster: grpc, timeout: { seconds: 60 } } + http_filters: + - name: envoy.filters.http.grpc_json_transcoder + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder + proto_descriptor: "/tmp/envoy/proto.pb" + services: ["helloworld.Greeter"] + print_options: + add_whitespace: true + always_print_primitive_fields: true + always_print_enums_as_ints: false + preserve_proto_field_names: false + - name: envoy.filters.http.router - clusters: - - name: grpc - connect_timeout: 1.25s - type: logical_dns - lb_policy: round_robin - dns_lookup_family: V4_ONLY - http2_protocol_options: {} - load_assignment: - cluster_name: grpc - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - # WARNING: "docker.for.mac.localhost" has been deprecated from Docker v18.03.0. - # If you're running an older version of Docker, please use "docker.for.mac.localhost" instead. - # Reference: https://docs.docker.com/docker-for-mac/release-notes/#docker-community-edition-18030-ce-mac59-2018-03-26 - address: host.docker.internal - port_value: 50051 + clusters: + - name: grpc + connect_timeout: 1.25s + type: logical_dns + lb_policy: round_robin + dns_lookup_family: V4_ONLY + http2_protocol_options: {} + load_assignment: + cluster_name: grpc + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + # WARNING: "docker.for.mac.localhost" has been deprecated from Docker v18.03.0. + # If you're running an older version of Docker, please use "docker.for.mac.localhost" instead. + # Reference: https://docs.docker.com/docker-for-mac/release-notes/#docker-community-edition-18030-ce-mac59-2018-03-26 + address: host.docker.internal + port_value: 50051 diff --git a/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml b/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml index 632e8d95602c3..5fde76139391a 100644 --- a/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml +++ b/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml @@ -1,35 +1,35 @@ - admin: - access_log_path: /tmp/admin_access.log +admin: + access_log_path: /tmp/admin_access.log + address: + socket_address: + protocol: TCP + address: 127.0.0.1 + port_value: 9901 +static_resources: + listeners: + - name: listener_0 address: socket_address: - protocol: TCP + protocol: UDP address: 127.0.0.1 - port_value: 9901 - static_resources: - listeners: - - name: listener_0 - address: - socket_address: - protocol: UDP - address: 127.0.0.1 - port_value: 1234 - listener_filters: - name: envoy.filters.udp_listener.udp_proxy - typed_config: - '@type': type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig - stat_prefix: service - cluster: service_udp - clusters: - - name: service_udp - connect_timeout: 0.25s - type: STATIC - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: service_udp - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: 127.0.0.1 - port_value: 1235 + port_value: 1234 + listener_filters: + name: envoy.filters.udp_listener.udp_proxy + typed_config: + '@type': type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig + stat_prefix: service + cluster: service_udp + clusters: + - name: service_udp + connect_timeout: 0.25s + type: STATIC + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: service_udp + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 1235 diff --git a/examples/BUILD b/examples/BUILD index 4dab170bb619e..ce1a99d7df9ff 100644 --- a/examples/BUILD +++ b/examples/BUILD @@ -9,35 +9,15 @@ envoy_package() filegroup( name = "configs", - srcs = [ - "cache/front-envoy.yaml", - "cache/service-envoy.yaml", - "cors/backend/front-envoy.yaml", - "cors/backend/service-envoy.yaml", - "cors/frontend/front-envoy.yaml", - "cors/frontend/service-envoy.yaml", - "csrf/crosssite/front-envoy.yaml", - "csrf/samesite/front-envoy.yaml", - "csrf/service-envoy.yaml", - "ext_authz/config/grpc-service/v2.yaml", - "ext_authz/config/grpc-service/v3.yaml", - "ext_authz/config/http-service.yaml", - "ext_authz/config/opa-service/v2.yaml", - "fault-injection/envoy.yaml", - "front-proxy/front-envoy.yaml", - "front-proxy/service-envoy.yaml", - "grpc-bridge/client/envoy-proxy.yaml", - "grpc-bridge/server/envoy-proxy.yaml", - "jaeger-tracing/front-envoy-jaeger.yaml", - "jaeger-tracing/service1-envoy-jaeger.yaml", - "jaeger-tracing/service2-envoy-jaeger.yaml", - "load-reporting-service/service-envoy-w-lrs.yaml", - "lua/envoy.yaml", - "lua/lib/mylibrary.lua", - "mysql/envoy.yaml", - "redis/envoy.yaml", - "zipkin-tracing/front-envoy-zipkin.yaml", - "zipkin-tracing/service1-envoy-zipkin.yaml", - "zipkin-tracing/service2-envoy-zipkin.yaml", - ], + srcs = glob( + [ + "**/*.yaml", + "**/*.lua", + ], + exclude = [ + "cache/responses.yaml", + "jaeger-native-tracing/*", + "**/*docker-compose*.yaml", + ], + ), )