Merged
Conversation
Signed-off-by: Alex Xu <hejie.xu@intel.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
ci: disable non-RBE cache for release branches Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Previously `/var/run/docker.sock` is readable/writable inside docker run because group ID of `envoygroup` coincidentally matches host docker group, while it is no longer true during rolling out new image. Fixing that by forcing `envoygroup` has host docker group ID. Risk Level: Low Testing: CI Docs Changes: Release Notes: Platform Specific Features: Signed-off-by: Lizan Zhou <lizan@tetrate.io> Signed-off-by: Dario Cillerai <dcillera@redhat.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Xie Zhihao <zhihao.xie@intel.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: wbpcode <wangbaiping@corp.netease.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
As noted in #21060, building with gcc in "opt" mode results in a compilation error:
```
ERROR: /workspaces/envoy/source/common/config/BUILD:414:17: Compiling source/common/config/watch_map.cc failed: (Exit 1): gcc failed: error executing command /usr/bin/gcc -U_FORTIFY_SOURCE -fstack-protector -Wall -Wunused-but-set-parameter -Wno-free-nonheap-object -fno-omit-frame-pointer -g0 -O2 '-D_FORTIFY_SOURCE=1' -DNDEBUG -ffunction-sections ... (remaining 154 arguments skipped)
Use --sandbox_debug to see verbose messages from the sandbox
source/common/config/watch_map.cc: In member function 'virtual void Envoy::Config::WatchMap::onConfigUpdate(const google::protobuf::RepeatedPtrField<envoy::service::discovery::v3::Resource>&, const google::protobuf::RepeatedPtrField<std::__cxx11::basic_string<char> >&, const string&)':
source/common/config/watch_map.cc:215:69: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
215 | type_url_, reinterpret_cast<std::vector<DecodedResourcePtr>&>(decoded_resources),
| ^~~~~~~~~~~~~~~~~
cc1plus: all warnings being treated as errors
```
This PR changes the type of the original vector to be the base class type.
Risk Level: Low-Medium (no features changes, but updates config-plane code).
Testing: N/A
Docs Changes: N/A
Release Notes: N/A
Platform Specific Features: N/A
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
…(#20843) Signed-off-by: johnlanni ztywto@qq.com Commit Message: Handle null plugins handle when skipping config canarying for duplicate filters and also when the remote code fetch is in progress or fails. Risk Level: low Testing: ok Signed-off-by: 澄潭 <ztywto@qq.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ingwon Song <igsong@google.com> Signed-off-by: Ingwon Song <102102227+ingwonsong@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
…2117) Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
…izer for 12 fields) (#21414) Signed-off-by: Adam Kotwasinski <adam.kotwasinski@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Adam Kotwasinski <adam.kotwasinski@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Adam Kotwasinski <adam.kotwasinski@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: He Jie Xu <hejie.xu@intel.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Fix #23685 Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: phlax <phlax@users.noreply.github.com>
The HeaderEvaluatorConfigUpdate test needs to wait for a listener to be replaced. Its previous attempt to achieve that did not account for the intermediate warming state of new listeners, which could lead to the test continuing prematurely and failing. Signed-off-by: Benjamin Peterson <benjamin@engflow.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Ryan Northey <ryan@synca.io>
…24089) * deps: bump `com_github_wasmtime` -> 1.0.0 (#23232) Signed-off-by: river phillips <riverphillips1@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io> * wasm: update WAVM to nightly/2022-05-14. (#22491) Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io> * wasm: update Proxy-Wasm C++ Host to latest. (#22575) Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io> * deps: Bump `com_github_wasmtime` -> 1.0.2 (#24086) Fix: - CVE-2022-39392 - CVE-2022-39393 - CVE-2022-39394 Signed-off-by: Ryan Northey <ryan@synca.io> * bazel: update rules_rust This gets us on rust 1.60 Signed-off-by: Keith Smiley <keithbsmiley@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io> * deps: Bump `rules_rust` -> 0.8.1 (#22253) Fix #22073 Signed-off-by: Ryan Northey <ryan@synca.io> * wasm: fix V8 build on older versions of Linux. (#22228) wasm: fix build on older versions of Linux. Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Ryan Northey <ryan@synca.io> * backport: macOS: Allow to load .wasm on Apple silicon (#23299) backport: macOS: Enable wasm and allow to load .wasm on Apple silicon This applies https://chromium-review.googlesource.com/c/v8/v8/+/3700352 as a fix for MemoryAllocator::PartialFreeMemory() which shouldn't try to change permissions of RWX pages. This mainly affects macOS > 11.2 due to mprotect behavior changes (#23243) on Apple silicon. This is cherry-picked from: envoyproxy/envoy@63f27a6 Signed-off-by: Dhi Aurrahman <dio@rockybars.com> Signed-off-by: Dhi Aurrahman <dio@rockybars.com> Signed-off-by: Ryan Northey <ryan@synca.io> * deps: Bump `v8` to 10.7.193.13 and `proxy_wasm_cpp_host` to b0a0594 (#23434) Signed-off-by: Dhi Aurrahman <dio@rockybars.com> * ci: Disable wasm coverage tests (#24169) and adjust-coverage-total Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: phlax <phlax@users.noreply.github.com> * deps: Bump `com_github_wasmtime` -> 2.0.2 (+related) (#24150) deps: Bump `com_github_wasmtime` -> 2.0.2 - `proxy_wasm_cpp_host` - `proxy_wasm_rust_sdk` Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: river phillips <riverphillips1@gmail.com> Signed-off-by: Ryan Northey <ryan@synca.io> Signed-off-by: Piotr Sikora <piotrsikora@google.com> Signed-off-by: Dhi Aurrahman <dio@rockybars.com> Signed-off-by: phlax <phlax@users.noreply.github.com> Co-authored-by: River <6375745+RiverPhillips@users.noreply.github.com> Co-authored-by: Piotr Sikora <piotrsikora@google.com> Co-authored-by: Keith Smiley <keithbsmiley@gmail.com> Co-authored-by: Dhi Aurrahman <dio@rockybars.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
Signed-off-by: Ryan Northey <ryan@synca.io>
…ian11:nonroot) (#24647) Signed-off-by: Michael Kaufmann <michael.kaufmann@ergon.ch> Signed-off-by: Michael Kaufmann <mkauf@users.noreply.github.com>
…0562a7` in /ci (#24736) build(deps): bump distroless/base-nossl-debian11 in /ci Bumps distroless/base-nossl-debian11 from `036581b` to `50562a7`. --- updated-dependencies: - dependency-name: distroless/base-nossl-debian11 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io>
…ee458a` in /ci (#24830) build(deps): bump distroless/base-nossl-debian11 in /ci Bumps distroless/base-nossl-debian11 from `6f20a31` to `3ee458a`. --- updated-dependencies: - dependency-name: distroless/base-nossl-debian11 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…d7fe70` in /ci (#25153) build(deps): bump distroless/base-nossl-debian11 in /ci Bumps distroless/base-nossl-debian11 from `3ee458a` to `cd7fe70`. --- updated-dependencies: - dependency-name: distroless/base-nossl-debian11 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io>
…f61596` in /ci (#25291) build(deps): bump distroless/base-nossl-debian11 in /ci Bumps distroless/base-nossl-debian11 from `cd7fe70` to `bf61596`. --- updated-dependencies: - dependency-name: distroless/base-nossl-debian11 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Ryan Northey <ryan@synca.io>
Recently CI saw errors like this:
```
bazel-out/k8-fastbuild/bin/external/org_llvm_releases_compiler_rt/_virtual_includes/fuzzed_data_provider/fuzzer/FuzzedDataProvider.h:194:38: error: no member named 'numeric_limits' in namespace 'std'
return ConsumeIntegralInRange(std::numeric_limits<T>::min(),
~~~~~^
```
Apparently this is due to a incompatibility between the `compiler-rt`
dependency and the clang version we use (14.0).
This is fixed by updating `compiler-rt` to match clang 14. Actually This commit
cherry-picks the relevant changes done in upstream a while ago: envoyproxy/envoy#21135
Upstream PR proxy-wasm/proxy-wasm-cpp-host#282 has been merged and maistra-2.4 branch includes these changes Signed-off-by: Konstantin Maksimov <konstantin.maksimov@ibm.com>
It's always failing in our environment. Upstream bug: envoyproxy/envoy#24330
|
@twghu: The following test failed, say
DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Contributor
Author
|
/retest |
jwendell
reviewed
Feb 28, 2023
Member
|
@twghu It looks like there are newer commits on Envoy 1.22 (1.22.8 tag). Do you want to bring them too? |
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
18 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Update on PR 225 to address use of cherry-picks.