diff --git a/source/common/protobuf/utility.h b/source/common/protobuf/utility.h index d2871f3bafb05..4eb9073e2ec9d 100644 --- a/source/common/protobuf/utility.h +++ b/source/common/protobuf/utility.h @@ -329,6 +329,26 @@ class MessageUtil { */ static void unpackTo(const ProtobufWkt::Any& any_message, Protobuf::Message& message); + /** + * Convert from google.protobuf.Any to bytes as std::string + * @param message source google.protobuf.Any message. + * + * @return std::string consists of bytes in the input message. + */ + static std::string anyToBytes(const ProtobufWkt::Any& any) { + if (any.Is()) { + ProtobufWkt::StringValue s; + MessageUtil::unpackTo(any, s); + return s.value(); + } + if (any.Is()) { + Protobuf::BytesValue b; + MessageUtil::unpackTo(any, b); + return b.value(); + } + return any.value(); + }; + /** * Convert from google.protobuf.Any to a typed message. * @param message source google.protobuf.Any message. diff --git a/source/extensions/access_loggers/wasm/config.cc b/source/extensions/access_loggers/wasm/config.cc index 61f1263650939..49dadbdb03ec1 100644 --- a/source/extensions/access_loggers/wasm/config.cc +++ b/source/extensions/access_loggers/wasm/config.cc @@ -24,13 +24,8 @@ WasmAccessLogFactory::createAccessLogInstance(const Protobuf::Message& proto_con const envoy::extensions::access_loggers::wasm::v3::WasmAccessLog&>( proto_config, context.messageValidationVisitor()); - // Create a base WASM to verify that the code loads before setting/cloning the for the - // individual threads. auto plugin = std::make_shared( - config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), - config.config().vm_config().runtime(), - Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), + config.config(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr /* listener_metadata */); auto access_log = std::make_shared(plugin, nullptr, std::move(filter)); @@ -45,11 +40,10 @@ WasmAccessLogFactory::createAccessLogInstance(const Protobuf::Message& proto_con access_log->setTlsSlot(std::move(tls_slot)); }; - if (!Common::Wasm::createWasm( - config.config().vm_config(), config.config().capability_restriction_config(), plugin, - context.scope().createScope(""), context.clusterManager(), context.initManager(), - context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, - std::move(callback))) { + if (!Common::Wasm::createWasm(plugin, context.scope().createScope(""), context.clusterManager(), + context.initManager(), context.dispatcher(), context.api(), + context.lifecycleNotifier(), remote_data_provider_, + std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm access log {}", plugin->name_)); } diff --git a/source/extensions/bootstrap/wasm/config.cc b/source/extensions/bootstrap/wasm/config.cc index 08f871e192630..3a2b0d488601d 100644 --- a/source/extensions/bootstrap/wasm/config.cc +++ b/source/extensions/bootstrap/wasm/config.cc @@ -18,10 +18,8 @@ void WasmServiceExtension::onServerInitialized() { createWasm(context_); } void WasmServiceExtension::createWasm(Server::Configuration::ServerFactoryContext& context) { auto plugin = std::make_shared( - config_.config().name(), config_.config().root_id(), config_.config().vm_config().vm_id(), - config_.config().vm_config().runtime(), - Common::Wasm::anyToBytes(config_.config().configuration()), config_.config().fail_open(), - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr); + config_.config(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), + nullptr); auto callback = [this, &context, plugin](Common::Wasm::WasmHandleSharedPtr base_wasm) { if (!base_wasm) { @@ -49,11 +47,10 @@ void WasmServiceExtension::createWasm(Server::Configuration::ServerFactoryContex wasm_service_ = std::make_unique(plugin, std::move(tls_slot)); }; - if (!Common::Wasm::createWasm( - config_.config().vm_config(), config_.config().capability_restriction_config(), plugin, - context.scope().createScope(""), context.clusterManager(), context.initManager(), - context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, - std::move(callback))) { + if (!Common::Wasm::createWasm(plugin, context.scope().createScope(""), context.clusterManager(), + context.initManager(), context.dispatcher(), context.api(), + context.lifecycleNotifier(), remote_data_provider_, + std::move(callback))) { // NB: throw if we get a synchronous configuration failures as this is how such failures are // reported to xDS. throw Common::Wasm::WasmException( diff --git a/source/extensions/common/wasm/BUILD b/source/extensions/common/wasm/BUILD index b3431edb083d5..7d005bf051a28 100644 --- a/source/extensions/common/wasm/BUILD +++ b/source/extensions/common/wasm/BUILD @@ -31,6 +31,7 @@ envoy_cc_library( name = "wasm_hdr", hdrs = [ "context.h", + "plugin.h", "wasm.h", "wasm_extension.h", "wasm_vm.h", @@ -62,6 +63,7 @@ envoy_cc_library( srcs = [ "context.cc", "foreign.cc", + "plugin.cc", "wasm.cc", "wasm_extension.cc", "wasm_vm.cc", diff --git a/source/extensions/common/wasm/context.cc b/source/extensions/common/wasm/context.cc index aab2d7a7d76a4..aec514d349960 100644 --- a/source/extensions/common/wasm/context.cc +++ b/source/extensions/common/wasm/context.cc @@ -25,6 +25,7 @@ #include "common/http/utility.h" #include "common/tracing/http_tracer_impl.h" +#include "extensions/common/wasm/plugin.h" #include "extensions/common/wasm/wasm.h" #include "extensions/common/wasm/well_known_names.h" #include "extensions/filters/common/expr/context.h" @@ -148,7 +149,7 @@ WasmResult Buffer::copyFrom(size_t start, size_t length, absl::string_view data) Context::Context() = default; Context::Context(Wasm* wasm) : ContextBase(wasm) {} Context::Context(Wasm* wasm, const PluginSharedPtr& plugin) : ContextBase(wasm, plugin) { - root_local_info_ = &std::static_pointer_cast(plugin)->local_info_; + root_local_info_ = &std::static_pointer_cast(plugin)->localInfo(); } Context::Context(Wasm* wasm, uint32_t root_context_id, const PluginSharedPtr& plugin) : ContextBase(wasm, root_context_id, plugin) {} @@ -493,7 +494,7 @@ Context::findValue(absl::string_view name, Protobuf::Arena* arena, bool last) co if (root_local_info_) { return CelProtoWrapper::CreateMessage(&root_local_info_->node(), arena); } else if (plugin_) { - return CelProtoWrapper::CreateMessage(&plugin()->local_info_.node(), arena); + return CelProtoWrapper::CreateMessage(&plugin()->localInfo().node(), arena); } break; case PropertyToken::SOURCE: @@ -510,12 +511,12 @@ Context::findValue(absl::string_view name, Protobuf::Arena* arena, bool last) co break; case PropertyToken::LISTENER_DIRECTION: if (plugin_) { - return CelValue::CreateInt64(plugin()->direction_); + return CelValue::CreateInt64(plugin()->direction()); } break; case PropertyToken::LISTENER_METADATA: if (plugin_) { - return CelProtoWrapper::CreateMessage(plugin()->listener_metadata_, arena); + return CelProtoWrapper::CreateMessage(plugin()->listenerMetadata(), arena); } break; case PropertyToken::CLUSTER_NAME: diff --git a/source/extensions/common/wasm/context.h b/source/extensions/common/wasm/context.h index f6ef9384bb3b7..45386f9dc1b69 100644 --- a/source/extensions/common/wasm/context.h +++ b/source/extensions/common/wasm/context.h @@ -14,6 +14,7 @@ #include "common/common/assert.h" #include "common/common/logger.h" +#include "extensions/common/wasm/plugin.h" #include "extensions/filters/common/expr/cel_state.h" #include "extensions/filters/common/expr/evaluator.h" @@ -99,22 +100,6 @@ class Buffer : public proxy_wasm::BufferBase { ::Envoy::Buffer::Instance* buffer_instance_{}; }; -// Plugin contains the information for a filter/service. -struct Plugin : public PluginBase { - Plugin(absl::string_view name, absl::string_view root_id, absl::string_view vm_id, - absl::string_view runtime, absl::string_view plugin_configuration, bool fail_open, - envoy::config::core::v3::TrafficDirection direction, - const LocalInfo::LocalInfo& local_info, - const envoy::config::core::v3::Metadata* listener_metadata) - : PluginBase(name, root_id, vm_id, runtime, plugin_configuration, fail_open), - direction_(direction), local_info_(local_info), listener_metadata_(listener_metadata) {} - - envoy::config::core::v3::TrafficDirection direction_; - const LocalInfo::LocalInfo& local_info_; - const envoy::config::core::v3::Metadata* listener_metadata_; -}; -using PluginSharedPtr = std::shared_ptr; - // A context which will be the target of callbacks for a particular session // e.g. a handler of a stream. class Context : public proxy_wasm::ContextBase, diff --git a/source/extensions/common/wasm/plugin.cc b/source/extensions/common/wasm/plugin.cc new file mode 100644 index 0000000000000..fa2ef38b3aca3 --- /dev/null +++ b/source/extensions/common/wasm/plugin.cc @@ -0,0 +1,28 @@ +#include "extensions/common/wasm/plugin.h" + +#include + +#include "envoy/extensions/wasm/v3/wasm.pb.validate.h" +#include "envoy/local_info/local_info.h" + +#include "common/protobuf/protobuf.h" +#include "common/protobuf/utility.h" + +#include "include/proxy-wasm/wasm.h" + +namespace Envoy { +namespace Extensions { +namespace Common { +namespace Wasm { + +WasmConfig::WasmConfig(const envoy::extensions::wasm::v3::PluginConfig& config) : config_(config) { + for (auto& capability : config_.capability_restriction_config().allowed_capabilities()) { + // TODO(rapilado): Set the SanitizationConfig fields once sanitization is implemented. + allowed_capabilities_[capability.first] = proxy_wasm::SanitizationConfig(); + } +} + +} // namespace Wasm +} // namespace Common +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/common/wasm/plugin.h b/source/extensions/common/wasm/plugin.h new file mode 100644 index 0000000000000..aa1670dc5949f --- /dev/null +++ b/source/extensions/common/wasm/plugin.h @@ -0,0 +1,61 @@ +#pragma once + +#include + +#include "envoy/extensions/wasm/v3/wasm.pb.validate.h" +#include "envoy/local_info/local_info.h" + +#include "common/protobuf/protobuf.h" +#include "common/protobuf/utility.h" + +#include "include/proxy-wasm/wasm.h" + +namespace Envoy { +namespace Extensions { +namespace Common { +namespace Wasm { + +class WasmConfig { +public: + WasmConfig(const envoy::extensions::wasm::v3::PluginConfig& config); + const envoy::extensions::wasm::v3::PluginConfig& config() { return config_; } + proxy_wasm::AllowedCapabilitiesMap& allowedCapabilities() { return allowed_capabilities_; } + +private: + const envoy::extensions::wasm::v3::PluginConfig& config_; + proxy_wasm::AllowedCapabilitiesMap allowed_capabilities_{}; +}; + +using WasmConfigPtr = std::unique_ptr; + +// Plugin contains the information for a filter/service. +class Plugin : public proxy_wasm::PluginBase { +public: + Plugin(const envoy::extensions::wasm::v3::PluginConfig& config, + envoy::config::core::v3::TrafficDirection direction, + const LocalInfo::LocalInfo& local_info, + const envoy::config::core::v3::Metadata* listener_metadata) + : PluginBase(config.name(), config.root_id(), config.vm_config().vm_id(), + config.vm_config().runtime(), MessageUtil::anyToBytes(config.configuration()), + config.fail_open()), + direction_(direction), local_info_(local_info), listener_metadata_(listener_metadata), + wasm_config_(std::make_unique(config)) {} + + envoy::config::core::v3::TrafficDirection& direction() { return direction_; } + const LocalInfo::LocalInfo& localInfo() { return local_info_; } + const envoy::config::core::v3::Metadata* listenerMetadata() { return listener_metadata_; } + WasmConfig& wasmConfig() { return *wasm_config_; } + +private: + envoy::config::core::v3::TrafficDirection direction_; + const LocalInfo::LocalInfo& local_info_; + const envoy::config::core::v3::Metadata* listener_metadata_; + WasmConfigPtr wasm_config_; +}; + +using PluginSharedPtr = std::shared_ptr; + +} // namespace Wasm +} // namespace Common +} // namespace Extensions +} // namespace Envoy diff --git a/source/extensions/common/wasm/wasm.cc b/source/extensions/common/wasm/wasm.cc index 0e2827722c21f..b4e6233d82910 100644 --- a/source/extensions/common/wasm/wasm.cc +++ b/source/extensions/common/wasm/wasm.cc @@ -7,6 +7,7 @@ #include "common/common/logger.h" +#include "extensions/common/wasm/plugin.h" #include "extensions/common/wasm/wasm_extension.h" #include "absl/strings/str_cat.h" @@ -68,20 +69,6 @@ inline Wasm* getWasm(WasmHandleSharedPtr& base_wasm_handle) { } // namespace -std::string anyToBytes(const ProtobufWkt::Any& any) { - if (any.Is()) { - ProtobufWkt::StringValue s; - MessageUtil::unpackTo(any, s); - return s.value(); - } - if (any.Is()) { - Protobuf::BytesValue b; - MessageUtil::unpackTo(any, b); - return b.value(); - } - return any.value(); -} - void Wasm::initializeStats() { active_wasms++; wasm_stats_.active_.set(active_wasms); @@ -99,16 +86,19 @@ void Wasm::initializeLifecycle(Server::ServerLifecycleNotifier& lifecycle_notifi }); } -Wasm::Wasm(absl::string_view runtime, absl::string_view vm_id, absl::string_view vm_configuration, - absl::string_view vm_key, proxy_wasm::AllowedCapabilitiesMap allowed_capabilities, - const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, - Event::Dispatcher& dispatcher) - : WasmBase(createWasmVm(runtime), vm_id, vm_configuration, vm_key, allowed_capabilities), +Wasm::Wasm(WasmConfig& config, absl::string_view vm_key, const Stats::ScopeSharedPtr& scope, + Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher) + : WasmBase(createWasmVm(config.config().vm_config().runtime()), + config.config().vm_config().vm_id(), + MessageUtil::anyToBytes(config.config().vm_config().configuration()), vm_key, + config.allowedCapabilities()), scope_(scope), cluster_manager_(cluster_manager), dispatcher_(dispatcher), time_source_(dispatcher.timeSource()), - wasm_stats_(WasmStats{ - ALL_WASM_STATS(POOL_COUNTER_PREFIX(*scope_, absl::StrCat("wasm.", runtime, ".")), - POOL_GAUGE_PREFIX(*scope_, absl::StrCat("wasm.", runtime, ".")))}) { + wasm_stats_(WasmStats{ALL_WASM_STATS( + POOL_COUNTER_PREFIX(*scope_, + absl::StrCat("wasm.", config.config().vm_config().runtime(), ".")), + POOL_GAUGE_PREFIX(*scope_, + absl::StrCat("wasm.", config.config().vm_config().runtime(), ".")))}) { initializeStats(); ENVOY_LOG(debug, "Base Wasm created {} now active", active_wasms); } @@ -315,17 +305,16 @@ WasmEvent toWasmEvent(const std::shared_ptr& wasm) { NOT_IMPLEMENTED_GCOVR_EXCL_LINE; } -static bool createWasmInternal(const VmConfig& vm_config, - const CapabilityRestrictionConfig& capability_restriction_config, - const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, - Upstream::ClusterManager& cluster_manager, - Init::Manager& init_manager, Event::Dispatcher& dispatcher, - Api::Api& api, Server::ServerLifecycleNotifier& lifecycle_notifier, - Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, - CreateWasmCallback&& cb, - CreateContextFn create_root_context_for_testing = nullptr) { +bool createWasm(const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, + Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, + Event::Dispatcher& dispatcher, Api::Api& api, + Server::ServerLifecycleNotifier& lifecycle_notifier, + Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, + CreateWasmCallback&& cb, CreateContextFn create_root_context_for_testing) { auto wasm_extension = getWasmExtension(); std::string source, code; + auto config = plugin->wasmConfig(); + auto vm_config = config.config().vm_config(); bool fetch = false; if (vm_config.code().has_remote()) { auto now = dispatcher.timeSource().monotonicTime() + cache_time_offset_for_testing; @@ -384,26 +373,26 @@ static bool createWasmInternal(const VmConfig& vm_config, .value_or(code.empty() ? EMPTY_STRING : INLINE_STRING); } - auto complete_cb = [cb, vm_config, capability_restriction_config, plugin, scope, &cluster_manager, - &dispatcher, &lifecycle_notifier, create_root_context_for_testing, - wasm_extension](std::string code) -> bool { + auto vm_key = proxy_wasm::makeVmKey(vm_config.vm_id(), + MessageUtil::anyToBytes(vm_config.configuration()), code); + auto complete_cb = [cb, vm_key, plugin, scope, &cluster_manager, &dispatcher, &lifecycle_notifier, + create_root_context_for_testing, wasm_extension](std::string code) -> bool { if (code.empty()) { cb(nullptr); return false; } - auto vm_key = - proxy_wasm::makeVmKey(vm_config.vm_id(), anyToBytes(vm_config.configuration()), code); + auto wasm_factory = wasm_extension->wasmFactory(); + auto config = plugin->wasmConfig(); proxy_wasm::WasmHandleFactory proxy_wasm_factory = - [&vm_config, &capability_restriction_config, scope, &cluster_manager, &dispatcher, - &lifecycle_notifier, wasm_factory](absl::string_view vm_key) -> WasmHandleBaseSharedPtr { - return wasm_factory(vm_config, capability_restriction_config, scope, cluster_manager, - dispatcher, lifecycle_notifier, vm_key); + [&config, scope, &cluster_manager, &dispatcher, &lifecycle_notifier, + wasm_factory](absl::string_view vm_key) -> WasmHandleBaseSharedPtr { + return wasm_factory(config, scope, cluster_manager, dispatcher, lifecycle_notifier, vm_key); }; auto wasm = proxy_wasm::createWasm( vm_key, code, plugin, proxy_wasm_factory, getCloneFactory(wasm_extension, dispatcher, create_root_context_for_testing), - vm_config.allow_precompiled()); + config.config().vm_config().allow_precompiled()); Stats::ScopeSharedPtr create_wasm_stats_scope = wasm_extension->lockAndCreateStats(scope, plugin); wasm_extension->onEvent(toWasmEvent(wasm), plugin); @@ -473,19 +462,6 @@ static bool createWasmInternal(const VmConfig& vm_config, return true; } -bool createWasm(const VmConfig& vm_config, - const CapabilityRestrictionConfig& capability_restriction_config, - const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, - Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, - Event::Dispatcher& dispatcher, Api::Api& api, - Envoy::Server::ServerLifecycleNotifier& lifecycle_notifier, - Config::DataSource::RemoteAsyncDataProviderPtr& remote_data_provider, - CreateWasmCallback&& cb, CreateContextFn create_root_context_for_testing) { - return createWasmInternal(vm_config, capability_restriction_config, plugin, scope, - cluster_manager, init_manager, dispatcher, api, lifecycle_notifier, - remote_data_provider, std::move(cb), create_root_context_for_testing); -} - PluginHandleSharedPtr getOrCreateThreadLocalPlugin(const WasmHandleSharedPtr& base_wasm, const PluginSharedPtr& plugin, Event::Dispatcher& dispatcher, diff --git a/source/extensions/common/wasm/wasm.h b/source/extensions/common/wasm/wasm.h index e87b645e6174c..a02c1b4c627c2 100644 --- a/source/extensions/common/wasm/wasm.h +++ b/source/extensions/common/wasm/wasm.h @@ -21,6 +21,7 @@ #include "common/version/version.h" #include "extensions/common/wasm/context.h" +#include "extensions/common/wasm/plugin.h" #include "extensions/common/wasm/wasm_extension.h" #include "extensions/common/wasm/wasm_vm.h" #include "extensions/common/wasm/well_known_names.h" @@ -46,10 +47,8 @@ struct WasmStats { // Wasm execution instance. Manages the Envoy side of the Wasm interface. class Wasm : public WasmBase, Logger::Loggable { public: - Wasm(absl::string_view runtime, absl::string_view vm_id, absl::string_view vm_configuration, - absl::string_view vm_key, proxy_wasm::AllowedCapabilitiesMap allowed_capabilities, - const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, - Event::Dispatcher& dispatcher); + Wasm(WasmConfig& config, absl::string_view vm_key, const Stats::ScopeSharedPtr& scope, + Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher); Wasm(std::shared_ptr other, Event::Dispatcher& dispatcher); ~Wasm() override; @@ -165,9 +164,7 @@ using CreateWasmCallback = std::function; // all failures synchronously as it has no facility to report configuration update failures // asynchronously. Callers should throw an exception if they are part of a synchronous xDS update // because that is the mechanism for reporting configuration errors. -bool createWasm(const VmConfig& vm_config, - const CapabilityRestrictionConfig& capability_restriction_config, - const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, +bool createWasm(const PluginSharedPtr& plugin, const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, Init::Manager& init_manager, Event::Dispatcher& dispatcher, Api::Api& api, Envoy::Server::ServerLifecycleNotifier& lifecycle_notifier, @@ -181,7 +178,6 @@ getOrCreateThreadLocalPlugin(const WasmHandleSharedPtr& base_wasm, const PluginS CreateContextFn create_root_context_for_testing = nullptr); void clearCodeCacheForTesting(); -std::string anyToBytes(const ProtobufWkt::Any& any); void setTimeOffsetForCodeCacheForTesting(MonotonicTime::duration d); EnvoyWasm::WasmEvent toWasmEvent(const std::shared_ptr& wasm); diff --git a/source/extensions/common/wasm/wasm_extension.cc b/source/extensions/common/wasm/wasm_extension.cc index f0335649ab131..44b3b0776cd4d 100644 --- a/source/extensions/common/wasm/wasm_extension.cc +++ b/source/extensions/common/wasm/wasm_extension.cc @@ -48,19 +48,11 @@ PluginHandleExtensionFactory EnvoyWasm::pluginFactory() { } WasmHandleExtensionFactory EnvoyWasm::wasmFactory() { - return [](const VmConfig vm_config, - const CapabilityRestrictionConfig capability_restriction_config, - const Stats::ScopeSharedPtr& scope, Upstream::ClusterManager& cluster_manager, - Event::Dispatcher& dispatcher, Server::ServerLifecycleNotifier& lifecycle_notifier, + return [](WasmConfig& config, const Stats::ScopeSharedPtr& scope, + Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher, + Server::ServerLifecycleNotifier& lifecycle_notifier, absl::string_view vm_key) -> WasmHandleBaseSharedPtr { - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - for (auto& capability : capability_restriction_config.allowed_capabilities()) { - // TODO(rapilado): Set the SanitizationConfig fields once sanitization is implemented. - allowed_capabilities[capability.first] = proxy_wasm::SanitizationConfig(); - } - auto wasm = std::make_shared(vm_config.runtime(), vm_config.vm_id(), - anyToBytes(vm_config.configuration()), vm_key, - allowed_capabilities, scope, cluster_manager, dispatcher); + auto wasm = std::make_shared(config, vm_key, scope, cluster_manager, dispatcher); wasm->initializeLifecycle(lifecycle_notifier); return std::static_pointer_cast(std::make_shared(std::move(wasm))); }; diff --git a/source/extensions/common/wasm/wasm_extension.h b/source/extensions/common/wasm/wasm_extension.h index 2571df61eda99..706eb4f78c029 100644 --- a/source/extensions/common/wasm/wasm_extension.h +++ b/source/extensions/common/wasm/wasm_extension.h @@ -11,6 +11,7 @@ #include "common/stats/symbol_table_impl.h" #include "extensions/common/wasm/context.h" +#include "extensions/common/wasm/plugin.h" namespace Envoy { namespace Extensions { @@ -34,10 +35,9 @@ using CreateContextFn = using PluginHandleExtensionFactory = std::function; using WasmHandleExtensionFactory = std::function; + WasmConfig& config, const Stats::ScopeSharedPtr& scope, + Upstream::ClusterManager& cluster_manager, Event::Dispatcher& dispatcher, + Server::ServerLifecycleNotifier& lifecycle_notifier, absl::string_view vm_key)>; using WasmHandleExtensionCloneFactory = std::function; diff --git a/source/extensions/filters/http/wasm/wasm_filter.cc b/source/extensions/filters/http/wasm/wasm_filter.cc index c3d95f0237ff7..a8921975fe483 100644 --- a/source/extensions/filters/http/wasm/wasm_filter.cc +++ b/source/extensions/filters/http/wasm/wasm_filter.cc @@ -10,10 +10,7 @@ FilterConfig::FilterConfig(const envoy::extensions::filters::http::wasm::v3::Was : tls_slot_( ThreadLocal::TypedSlot::makeUnique(context.threadLocal())) { plugin_ = std::make_shared( - config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), - config.config().vm_config().runtime(), - Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), - context.direction(), context.localInfo(), &context.listenerMetadata()); + config.config(), context.direction(), context.localInfo(), &context.listenerMetadata()); auto plugin = plugin_; auto callback = [plugin, this](const Common::Wasm::WasmHandleSharedPtr& base_wasm) { @@ -23,11 +20,10 @@ FilterConfig::FilterConfig(const envoy::extensions::filters::http::wasm::v3::Was }); }; - if (!Common::Wasm::createWasm( - config.config().vm_config(), config.config().capability_restriction_config(), plugin_, - context.scope().createScope(""), context.clusterManager(), context.initManager(), - context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, - std::move(callback))) { + if (!Common::Wasm::createWasm(plugin_, context.scope().createScope(""), context.clusterManager(), + context.initManager(), context.dispatcher(), context.api(), + context.lifecycleNotifier(), remote_data_provider_, + std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm HTTP filter {}", plugin->name_)); } diff --git a/source/extensions/filters/http/wasm/wasm_filter.h b/source/extensions/filters/http/wasm/wasm_filter.h index 3018c701cabb5..cd633e505f7d4 100644 --- a/source/extensions/filters/http/wasm/wasm_filter.h +++ b/source/extensions/filters/http/wasm/wasm_filter.h @@ -7,6 +7,7 @@ #include "envoy/server/filter_config.h" #include "envoy/upstream/cluster_manager.h" +#include "extensions/common/wasm/plugin.h" #include "extensions/common/wasm/wasm.h" #include "extensions/filters/http/well_known_names.h" @@ -22,7 +23,7 @@ using Envoy::Extensions::Common::Wasm::Wasm; class FilterConfig : Logger::Loggable { public: - FilterConfig(const envoy::extensions::filters::http::wasm::v3::Wasm& proto_config, + FilterConfig(const envoy::extensions::filters::http::wasm::v3::Wasm& config, Server::Configuration::FactoryContext& context); std::shared_ptr createFilter() { @@ -49,7 +50,7 @@ class FilterConfig : Logger::Loggable { Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider_; }; -typedef std::shared_ptr FilterConfigSharedPtr; +using FilterConfigSharedPtr = std::shared_ptr; } // namespace Wasm } // namespace HttpFilters diff --git a/source/extensions/filters/network/wasm/wasm_filter.cc b/source/extensions/filters/network/wasm/wasm_filter.cc index 24c60caca34ca..4aa922071c4a4 100644 --- a/source/extensions/filters/network/wasm/wasm_filter.cc +++ b/source/extensions/filters/network/wasm/wasm_filter.cc @@ -10,10 +10,7 @@ FilterConfig::FilterConfig(const envoy::extensions::filters::network::wasm::v3:: : tls_slot_( ThreadLocal::TypedSlot::makeUnique(context.threadLocal())) { plugin_ = std::make_shared( - config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), - config.config().vm_config().runtime(), - Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), - context.direction(), context.localInfo(), &context.listenerMetadata()); + config.config(), context.direction(), context.localInfo(), &context.listenerMetadata()); auto plugin = plugin_; auto callback = [plugin, this](Common::Wasm::WasmHandleSharedPtr base_wasm) { @@ -23,11 +20,10 @@ FilterConfig::FilterConfig(const envoy::extensions::filters::network::wasm::v3:: }); }; - if (!Common::Wasm::createWasm( - config.config().vm_config(), config.config().capability_restriction_config(), plugin_, - context.scope().createScope(""), context.clusterManager(), context.initManager(), - context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, - std::move(callback))) { + if (!Common::Wasm::createWasm(plugin_, context.scope().createScope(""), context.clusterManager(), + context.initManager(), context.dispatcher(), context.api(), + context.lifecycleNotifier(), remote_data_provider_, + std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm network filter {}", plugin->name_)); } diff --git a/source/extensions/stat_sinks/wasm/BUILD b/source/extensions/stat_sinks/wasm/BUILD index dbbdb81e891a6..6c6b6523bb801 100644 --- a/source/extensions/stat_sinks/wasm/BUILD +++ b/source/extensions/stat_sinks/wasm/BUILD @@ -36,5 +36,6 @@ envoy_cc_library( deps = [ "//include/envoy/stats:stats_interface", "//source/extensions/common/wasm:wasm_lib", + "@envoy_api//envoy/extensions/filters/network/wasm/v3:pkg_cc_proto", ], ) diff --git a/source/extensions/stat_sinks/wasm/config.cc b/source/extensions/stat_sinks/wasm/config.cc index f60fcd702e6ba..edc89aa62a685 100644 --- a/source/extensions/stat_sinks/wasm/config.cc +++ b/source/extensions/stat_sinks/wasm/config.cc @@ -23,10 +23,8 @@ WasmSinkFactory::createStatsSink(const Protobuf::Message& proto_config, proto_config, context.messageValidationContext().staticValidationVisitor()); auto plugin = std::make_shared( - config.config().name(), config.config().root_id(), config.config().vm_config().vm_id(), - config.config().vm_config().runtime(), - Common::Wasm::anyToBytes(config.config().configuration()), config.config().fail_open(), - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), nullptr); + config.config(), envoy::config::core::v3::TrafficDirection::UNSPECIFIED, context.localInfo(), + nullptr); auto wasm_sink = std::make_unique(plugin, nullptr); @@ -43,11 +41,10 @@ WasmSinkFactory::createStatsSink(const Protobuf::Message& proto_config, Common::Wasm::getOrCreateThreadLocalPlugin(base_wasm, plugin, context.dispatcher())); }; - if (!Common::Wasm::createWasm( - config.config().vm_config(), config.config().capability_restriction_config(), plugin, - context.scope().createScope(""), context.clusterManager(), context.initManager(), - context.dispatcher(), context.api(), context.lifecycleNotifier(), remote_data_provider_, - std::move(callback))) { + if (!Common::Wasm::createWasm(plugin, context.scope().createScope(""), context.clusterManager(), + context.initManager(), context.dispatcher(), context.api(), + context.lifecycleNotifier(), remote_data_provider_, + std::move(callback))) { throw Common::Wasm::WasmException( fmt::format("Unable to create Wasm Stat Sink {}", plugin->name_)); } diff --git a/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h b/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h index 5b339a6c80e98..ce3eea40dcd6d 100644 --- a/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h +++ b/source/extensions/stat_sinks/wasm/wasm_stat_sink_impl.h @@ -1,5 +1,8 @@ #pragma once +#include + +#include "envoy/extensions/filters/network/wasm/v3/wasm.pb.validate.h" #include "envoy/stats/sink.h" #include "extensions/common/wasm/wasm.h" diff --git a/test/extensions/bootstrap/wasm/wasm_speed_test.cc b/test/extensions/bootstrap/wasm/wasm_speed_test.cc index 7727cfc1e0363..d23e8c3f5e830 100644 --- a/test/extensions/bootstrap/wasm/wasm_speed_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_speed_test.cc @@ -49,19 +49,14 @@ static void bmWasmSimpleCallSpeedTest(benchmark::State& state, std::string test, Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = "some_long_root_id"; - auto vm_id = ""; - auto vm_configuration = test; - auto vm_key = ""; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_root_id() = "some_long_root_id"; + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(test); auto plugin = std::make_shared( - name, root_id, vm_id, runtime, plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", runtime), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto wasm = std::make_unique(plugin->wasmConfig(), "vm_key", + scope, cluster_manager, *dispatcher); std::string code; if (runtime == "null") { code = "WasmSpeedCpp"; diff --git a/test/extensions/bootstrap/wasm/wasm_test.cc b/test/extensions/bootstrap/wasm/wasm_test.cc index 8d404f6fdd1a4..8aeca8bc87c1f 100644 --- a/test/extensions/bootstrap/wasm/wasm_test.cc +++ b/test/extensions/bootstrap/wasm/wasm_test.cc @@ -43,12 +43,21 @@ class WasmTestBase { base_scope_(stats_store_.createScope("")), scope_(base_scope_->createScope("")) {} void createWasm(absl::string_view runtime) { + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_name() = name_; + *plugin_config.mutable_root_id() = root_id_; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", runtime); + *plugin_config.mutable_vm_config()->mutable_vm_id() = vm_id_; + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration_); + plugin_config.mutable_configuration()->set_value(plugin_configuration_); plugin_ = std::make_shared( - name_, root_id_, vm_id_, runtime, plugin_configuration_, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info_, nullptr); - wasm_ = std::make_shared( - absl::StrCat("envoy.wasm.runtime.", runtime), vm_id_, vm_configuration_, vm_key_, - allowed_capabilities, scope_, cluster_manager, *dispatcher_); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info_, + nullptr); + auto config = plugin_->wasmConfig(); + config.allowedCapabilities() = allowed_capabilities_; + wasm_ = std::make_shared(config, vm_key_, scope_, + cluster_manager, *dispatcher_); EXPECT_NE(wasm_, nullptr); wasm_->setCreateContextForTesting( nullptr, @@ -69,7 +78,7 @@ class WasmTestBase { std::string vm_id_; std::string vm_configuration_; std::string vm_key_; - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; + proxy_wasm::AllowedCapabilitiesMap allowed_capabilities_; std::string plugin_configuration_; std::shared_ptr plugin_; std::shared_ptr wasm_; diff --git a/test/extensions/common/wasm/wasm_speed_test.cc b/test/extensions/common/wasm/wasm_speed_test.cc index 692f473b84cfc..a71102453f954 100644 --- a/test/extensions/common/wasm/wasm_speed_test.cc +++ b/test/extensions/common/wasm/wasm_speed_test.cc @@ -31,9 +31,12 @@ void bmWasmSpeedTest(benchmark::State& state) { Envoy::Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Envoy::Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - "envoy.wasm.runtime.null", "", "", "", allowed_capabilities, scope, cluster_manager, - *dispatcher); + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = "envoy.wasm.runtime.null"; + auto config = Envoy::Extensions::Common::Wasm::WasmConfig(plugin_config); + auto wasm = std::make_unique(config, "", scope, + cluster_manager, *dispatcher); auto context = std::make_shared(wasm.get()); Envoy::Thread::ThreadFactory& thread_factory{Envoy::Thread::threadFactoryForTest()}; diff --git a/test/extensions/common/wasm/wasm_test.cc b/test/extensions/common/wasm/wasm_test.cc index 869519afd2aa5..2ae0b5d4fedfa 100644 --- a/test/extensions/common/wasm/wasm_test.cc +++ b/test/extensions/common/wasm/wasm_test.cc @@ -101,13 +101,13 @@ TEST_P(WasmCommonTest, EnvoyWasm) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; auto plugin = std::make_shared( - "", "", "", GetParam(), "", false, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, - local_info, nullptr); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_shared(std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), "", "vm_configuration", "", - allowed_capabilities, scope, cluster_manager, *dispatcher)); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + + auto wasm = std::make_shared( + std::make_unique(plugin->wasmConfig(), "", scope, cluster_manager, *dispatcher)); auto wasm_base = std::dynamic_pointer_cast(wasm); wasm->wasm()->setFailStateForTesting(proxy_wasm::FailState::UnableToCreateVM); EXPECT_EQ(toWasmEvent(wasm_base), EnvoyWasm::WasmEvent::UnableToCreateVM); @@ -166,11 +166,15 @@ TEST_P(WasmCommonTest, Logging) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "logging"; auto plugin_configuration = "configure-test"; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + plugin_config.mutable_configuration()->set_value(plugin_configuration); + std::string code; if (GetParam() != "null") { code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( @@ -181,13 +185,11 @@ TEST_P(WasmCommonTest, Logging) { } EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_shared( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_shared(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); EXPECT_NE(wasm->buildVersion(), ""); EXPECT_NE(std::unique_ptr(wasm->createContext(plugin)), nullptr); @@ -244,22 +246,19 @@ TEST_P(WasmCommonTest, BadSignature) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; - auto vm_configuration = ""; - auto plugin_configuration = ""; const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/bad_signature_cpp.wasm")); EXPECT_FALSE(code.empty()); + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", "", code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); + EXPECT_FALSE(wasm->initialize(code, false)); EXPECT_TRUE(wasm->isFailed()); } @@ -274,22 +273,20 @@ TEST_P(WasmCommonTest, Segv) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "segv"; - auto plugin_configuration = ""; const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm")); EXPECT_FALSE(code.empty()); + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); EXPECT_TRUE(wasm->initialize(code, false)); TestContext* root_context = nullptr; wasm->setCreateContextForTesting( @@ -318,22 +315,21 @@ TEST_P(WasmCommonTest, DivByZero) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "divbyzero"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); auto context = std::make_unique(wasm.get()); EXPECT_TRUE(wasm->initialize(code, false)); @@ -353,11 +349,13 @@ TEST_P(WasmCommonTest, IntrinsicGlobals) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "globals"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + std::string code; if (GetParam() != "null") { code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( @@ -368,13 +366,11 @@ TEST_P(WasmCommonTest, IntrinsicGlobals) { } EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); + EXPECT_NE(wasm, nullptr); EXPECT_TRUE(wasm->initialize(code, false)); wasm->setCreateContextForTesting( @@ -394,11 +390,13 @@ TEST_P(WasmCommonTest, Utilities) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; + auto vm_configuration = "utilities"; - auto plugin_configuration = ""; + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + std::string code; if (GetParam() != "null") { code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( @@ -409,13 +407,11 @@ TEST_P(WasmCommonTest, Utilities) { } EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); + EXPECT_NE(wasm, nullptr); EXPECT_TRUE(wasm->initialize(code, false)); wasm->setCreateContextForTesting( @@ -463,11 +459,13 @@ TEST_P(WasmCommonTest, Stats) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "stats"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + std::string code; if (GetParam() != "null") { code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( @@ -478,13 +476,11 @@ TEST_P(WasmCommonTest, Stats) { } EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); + EXPECT_NE(wasm, nullptr); EXPECT_TRUE(wasm->initialize(code, false)); wasm->setCreateContextForTesting( @@ -509,19 +505,17 @@ TEST_P(WasmCommonTest, Foreign) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "foreign"; - auto vm_key = ""; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto wasm = std::make_unique(plugin->wasmConfig(), "", scope, + cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); std::string code; if (GetParam() != "null") { @@ -555,19 +549,18 @@ TEST_P(WasmCommonTest, OnForeign) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "on_foreign"; - auto vm_key = ""; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + auto wasm = std::make_unique(plugin->wasmConfig(), "", scope, + cluster_manager, *dispatcher); EXPECT_NE(wasm, nullptr); std::string code; if (GetParam() != "null") { @@ -603,19 +596,18 @@ TEST_P(WasmCommonTest, WASI) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "WASI"; - auto vm_key = ""; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - proxy_wasm::AllowedCapabilitiesMap allowed_capabilities; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto wasm = std::make_unique(plugin->wasmConfig(), "", scope, + cluster_manager, *dispatcher); + EXPECT_NE(wasm, nullptr); std::string code; if (GetParam() != "null") { @@ -647,14 +639,16 @@ TEST_P(WasmCommonTest, VmCache) { Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider; auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "vm_cache"; auto plugin_configuration = "done"; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + plugin_config.mutable_configuration()->set_value(plugin_configuration); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); ServerLifecycleNotifier::StageCallbackWithCompletion lifecycle_callback; EXPECT_CALL(lifecycle_notifier, registerCallback2(_, _)) @@ -665,12 +659,12 @@ TEST_P(WasmCommonTest, VmCache) { return nullptr; })); - VmConfig vm_config; + auto vm_config = plugin_config.mutable_vm_config(); CapabilityRestrictionConfig cr_config; - vm_config.set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); + vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); ProtobufWkt::StringValue vm_configuration_string; vm_configuration_string.set_value(vm_configuration); - vm_config.mutable_configuration()->PackFrom(vm_configuration_string); + vm_config->mutable_configuration()->PackFrom(vm_configuration_string); std::string code; if (GetParam() != "null") { code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( @@ -680,18 +674,18 @@ TEST_P(WasmCommonTest, VmCache) { code = "CommonWasmTestCpp"; } EXPECT_FALSE(code.empty()); - vm_config.mutable_code()->mutable_local()->set_inline_bytes(code); + vm_config->mutable_code()->mutable_local()->set_inline_bytes(code); WasmHandleSharedPtr wasm_handle; - createWasm(vm_config, cr_config, plugin, scope, cluster_manager, init_manager, *dispatcher, *api, - lifecycle_notifier, remote_data_provider, + createWasm(plugin, scope, cluster_manager, init_manager, *dispatcher, *api, lifecycle_notifier, + remote_data_provider, [&wasm_handle](const WasmHandleSharedPtr& w) { wasm_handle = w; }); EXPECT_NE(wasm_handle, nullptr); Event::PostCb post_cb = [] {}; lifecycle_callback(post_cb); WasmHandleSharedPtr wasm_handle2; - createWasm(vm_config, cr_config, plugin, scope, cluster_manager, init_manager, *dispatcher, *api, - lifecycle_notifier, remote_data_provider, + createWasm(plugin, scope, cluster_manager, init_manager, *dispatcher, *api, lifecycle_notifier, + remote_data_provider, [&wasm_handle2](const WasmHandleSharedPtr& w) { wasm_handle2 = w; }); EXPECT_NE(wasm_handle2, nullptr); EXPECT_EQ(wasm_handle, wasm_handle2); @@ -745,32 +739,35 @@ TEST_P(WasmCommonTest, RemoteCode) { Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider; auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "vm_cache"; auto plugin_configuration = "done"; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + plugin_config.mutable_configuration()->set_value(plugin_configuration); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); std::string code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( absl::StrCat("{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm"))); - VmConfig vm_config; + auto vm_config = plugin_config.mutable_vm_config(); CapabilityRestrictionConfig cr_config; - vm_config.set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); + vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); ProtobufWkt::BytesValue vm_configuration_bytes; vm_configuration_bytes.set_value(vm_configuration); - vm_config.mutable_configuration()->PackFrom(vm_configuration_bytes); + vm_config->mutable_configuration()->PackFrom(vm_configuration_bytes); std::string sha256 = Extensions::Common::Wasm::sha256(code); std::string sha256Hex = Hex::encode(reinterpret_cast(&*sha256.begin()), sha256.size()); - vm_config.mutable_code()->mutable_remote()->set_sha256(sha256Hex); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( + vm_config->mutable_code()->mutable_remote()->set_sha256(sha256Hex); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( "http://example.com/test.wasm"); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds(5); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds( + 5); WasmHandleSharedPtr wasm_handle; NiceMock client; NiceMock request(&client); @@ -794,7 +791,8 @@ TEST_P(WasmCommonTest, RemoteCode) { EXPECT_CALL(init_manager, add(_)).WillOnce(Invoke([&](const Init::Target& target) { init_target_handle = target.createHandle("test"); })); - createWasm(vm_config, cr_config, plugin, scope, cluster_manager, init_manager, *dispatcher, *api, + createWasm(plugin, scope, cluster_manager, init_manager, *dispatcher, *api, + lifecycle_notifier, remote_data_provider, [&wasm_handle](const WasmHandleSharedPtr& w) { wasm_handle = w; }); @@ -849,34 +847,37 @@ TEST_P(WasmCommonTest, RemoteCodeMultipleRetry) { Config::DataSource::RemoteAsyncDataProviderPtr remote_data_provider; auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "vm_cache"; auto plugin_configuration = "done"; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + plugin_config.mutable_configuration()->set_value(plugin_configuration); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); std::string code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( absl::StrCat("{{ test_rundir }}/test/extensions/common/wasm/test_data/test_cpp.wasm"))); - VmConfig vm_config; + auto vm_config = plugin_config.mutable_vm_config(); CapabilityRestrictionConfig cr_config; - vm_config.set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); + vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", GetParam())); ProtobufWkt::StringValue vm_configuration_string; vm_configuration_string.set_value(vm_configuration); - vm_config.mutable_configuration()->PackFrom(vm_configuration_string); + vm_config->mutable_configuration()->PackFrom(vm_configuration_string); std::string sha256 = Extensions::Common::Wasm::sha256(code); std::string sha256Hex = Hex::encode(reinterpret_cast(&*sha256.begin()), sha256.size()); int num_retries = 3; - vm_config.mutable_code()->mutable_remote()->set_sha256(sha256Hex); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( + vm_config->mutable_code()->mutable_remote()->set_sha256(sha256Hex); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_uri( "http://example.com/test.wasm"); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); - vm_config.mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds(5); - vm_config.mutable_code() + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->set_cluster("example_com"); + vm_config->mutable_code()->mutable_remote()->mutable_http_uri()->mutable_timeout()->set_seconds( + 5); + vm_config->mutable_code() ->mutable_remote() ->mutable_retry_policy() ->mutable_num_retries() @@ -911,8 +912,8 @@ TEST_P(WasmCommonTest, RemoteCodeMultipleRetry) { EXPECT_CALL(init_manager, add(_)).WillOnce(Invoke([&](const Init::Target& target) { init_target_handle = target.createHandle("test"); })); - createWasm(vm_config, cr_config, plugin, scope, cluster_manager, init_manager, *dispatcher, *api, - lifecycle_notifier, remote_data_provider, + createWasm(plugin, scope, cluster_manager, init_manager, *dispatcher, *api, lifecycle_notifier, + remote_data_provider, [&wasm_handle](const WasmHandleSharedPtr& w) { wasm_handle = w; }); EXPECT_CALL(init_watcher, ready()); @@ -964,25 +965,26 @@ TEST_P(WasmCommonTest, RestrictCapabilities) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "restrict_all"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); // restriction enforced if allowed_capabilities is non-empty proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"foo", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); EXPECT_FALSE(wasm->capabilityAllowed("proxy_on_vm_start")); EXPECT_FALSE(wasm->capabilityAllowed("proxy_log")); @@ -1016,23 +1018,24 @@ TEST_P(WasmCommonTest, AllowOnVmStart) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "allow_on_vm_start"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"proxy_on_vm_start", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); EXPECT_TRUE(wasm->capabilityAllowed("proxy_on_vm_start")); EXPECT_FALSE(wasm->capabilityAllowed("proxy_log")); @@ -1070,24 +1073,25 @@ TEST_P(WasmCommonTest, AllowLog) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "allow_log"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"proxy_on_vm_start", proxy_wasm::SanitizationConfig()}, {"proxy_log", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); // Restrict capabilities, but allow proxy_log EXPECT_TRUE(wasm->capabilityAllowed("proxy_on_vm_start")); @@ -1121,24 +1125,25 @@ TEST_P(WasmCommonTest, AllowWASI) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "allow_wasi"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"proxy_on_vm_start", proxy_wasm::SanitizationConfig()}, {"fd_write", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); // Restrict capabilities, but allow fd_write EXPECT_TRUE(wasm->capabilityAllowed("proxy_on_vm_start")); @@ -1172,25 +1177,26 @@ TEST_P(WasmCommonTest, AllowOnContextCreate) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "allow_on_context_create"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"proxy_on_vm_start", proxy_wasm::SanitizationConfig()}, {"proxy_on_context_create", proxy_wasm::SanitizationConfig()}, {"proxy_log", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); // Restrict capabilities, but allow proxy_log EXPECT_TRUE(wasm->capabilityAllowed("proxy_on_vm_start")); @@ -1225,24 +1231,25 @@ TEST_P(WasmCommonTest, ThreadLocalCopyRetainsEnforcement) { Event::DispatcherPtr dispatcher(api->allocateDispatcher("wasm_test")); auto scope = Stats::ScopeSharedPtr(stats_store.createScope("wasm.")); NiceMock local_info; - auto name = ""; - auto root_id = ""; - auto vm_id = ""; auto vm_configuration = "thread_local_copy"; - auto plugin_configuration = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_vm_config()->mutable_runtime() = + absl::StrCat("envoy.wasm.runtime.", GetParam()); + plugin_config.mutable_vm_config()->mutable_configuration()->set_value(vm_configuration); + const auto code = TestEnvironment::readFileToStringForTest(TestEnvironment::substitute( "{{ test_rundir }}/test/extensions/common/wasm/test_data/test_restriction_cpp.wasm")); EXPECT_FALSE(code.empty()); auto plugin = std::make_shared( - name, root_id, vm_id, GetParam(), plugin_configuration, false, - envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); - auto vm_key = proxy_wasm::makeVmKey(vm_id, vm_configuration, code); + plugin_config, envoy::config::core::v3::TrafficDirection::UNSPECIFIED, local_info, nullptr); + auto vm_key = proxy_wasm::makeVmKey("", vm_configuration, code); proxy_wasm::AllowedCapabilitiesMap allowed_capabilities{ {"proxy_on_vm_start", proxy_wasm::SanitizationConfig()}, {"fd_write", proxy_wasm::SanitizationConfig()}}; - auto wasm = std::make_unique( - absl::StrCat("envoy.wasm.runtime.", GetParam()), vm_id, vm_configuration, vm_key, - allowed_capabilities, scope, cluster_manager, *dispatcher); + plugin->wasmConfig().allowedCapabilities() = allowed_capabilities; + auto wasm = std::make_unique(plugin->wasmConfig(), vm_key, scope, + cluster_manager, *dispatcher); // Restrict capabilities EXPECT_TRUE(wasm->capabilityAllowed("proxy_on_vm_start")); diff --git a/test/extensions/filters/network/wasm/wasm_filter_test.cc b/test/extensions/filters/network/wasm/wasm_filter_test.cc index 86a933097cc6f..5df8937da99ad 100644 --- a/test/extensions/filters/network/wasm/wasm_filter_test.cc +++ b/test/extensions/filters/network/wasm/wasm_filter_test.cc @@ -47,7 +47,7 @@ class WasmNetworkFilterTest : public Extensions::Common::Wasm::WasmNetworkFilter ~WasmNetworkFilterTest() override = default; void setupConfig(const std::string& code, std::string vm_configuration, bool fail_open = false, - AllowedCapabilitiesMap allowed_capabilities = {}) { + proxy_wasm::AllowedCapabilitiesMap allowed_capabilities = {}) { if (code.empty()) { setupWasmCode(vm_configuration); } else { diff --git a/test/test_common/wasm_base.h b/test/test_common/wasm_base.h index 1655e59ca2968..98ccc601bfb92 100644 --- a/test/test_common/wasm_base.h +++ b/test/test_common/wasm_base.h @@ -60,32 +60,31 @@ template class WasmTestBase : public Base { std::string root_id = "", std::string vm_configuration = "", bool fail_open = false, std::string plugin_configuration = "", proxy_wasm::AllowedCapabilitiesMap allowed_capabilities = {}) { - envoy::extensions::wasm::v3::VmConfig vm_config; - vm_config.set_vm_id("vm_id"); - vm_config.set_runtime(absl::StrCat("envoy.wasm.runtime.", runtime)); - ProtobufWkt::StringValue vm_configuration_string; - vm_configuration_string.set_value(vm_configuration); - vm_config.mutable_configuration()->PackFrom(vm_configuration_string); - vm_config.mutable_code()->mutable_local()->set_inline_bytes(code); - envoy::extensions::wasm::v3::CapabilityRestrictionConfig cr_config; - Protobuf::Map allowed_capabilities_; - for (auto& capability : allowed_capabilities) { - // TODO(rapilado): Set the SanitizationConfig fields once sanitization is implemented. - allowed_capabilities_[capability.first] = SanitizationConfig(); - } - *cr_config.mutable_allowed_capabilities() = allowed_capabilities_; Api::ApiPtr api = Api::createApiForTest(stats_store_); scope_ = Stats::ScopeSharedPtr(stats_store_.createScope("wasm.")); - auto name = "plugin_name"; - auto vm_id = ""; + + envoy::extensions::wasm::v3::PluginConfig plugin_config; + *plugin_config.mutable_root_id() = root_id; + *plugin_config.mutable_name() = "plugin_name"; + plugin_config.set_fail_open(fail_open); + plugin_config.mutable_configuration()->set_value(plugin_configuration); + + auto vm_config = plugin_config.mutable_vm_config(); + vm_config->set_vm_id("vm_id"); + vm_config->set_runtime(absl::StrCat("envoy.wasm.runtime.", runtime)); + ProtobufWkt::StringValue vm_configuration_string; + vm_configuration_string.set_value(vm_configuration); + vm_config->mutable_configuration()->PackFrom(vm_configuration_string); + vm_config->mutable_code()->mutable_local()->set_inline_bytes(code); + plugin_ = std::make_shared( - name, root_id, vm_id, runtime, plugin_configuration, fail_open, - envoy::config::core::v3::TrafficDirection::INBOUND, local_info_, &listener_metadata_); + plugin_config, envoy::config::core::v3::TrafficDirection::INBOUND, local_info_, + &listener_metadata_); // Passes ownership of root_context_. + plugin_->wasmConfig().allowedCapabilities() = allowed_capabilities; Extensions::Common::Wasm::createWasm( - vm_config, cr_config, plugin_, scope_, cluster_manager_, init_manager_, dispatcher_, *api, - lifecycle_notifier_, remote_data_provider_, - [this](WasmHandleSharedPtr wasm) { wasm_ = wasm; }, create_root); + plugin_, scope_, cluster_manager_, init_manager_, dispatcher_, *api, lifecycle_notifier_, + remote_data_provider_, [this](WasmHandleSharedPtr wasm) { wasm_ = wasm; }, create_root); if (wasm_) { plugin_handle_ = getOrCreateThreadLocalPlugin( wasm_, plugin_, dispatcher_,