bootstrap: add `String` method to ServerConfigs type (#7537)

internal/testutils/xds/e2e/bootstrap.go

@@ -72,10 +72,10 @@ func DefaultBootstrapContents(t *testing.T, nodeID, serverURI string) []byte {
 
 	// Create the bootstrap configuration.
 	bs, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": "passthrough:///%s",
 			"channel_creds": [{"type": "insecure"}]
-		}`, serverURI))},
+		}]`, serverURI)),
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		CertificateProviders:               cpc,
 		ServerListenerResourceNameTemplate: ServerListenerResourceNameTemplate,

internal/xds/bootstrap/bootstrap.go

@@ -117,6 +117,19 @@ func (scs *ServerConfigs) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// String returns a string representation of the ServerConfigs, by concatenating
+// the string representations of the underlying server configs.
+func (scs *ServerConfigs) String() string {
+	ret := ""
+	for i, sc := range *scs {
+		if i > 0 {
+			ret += ", "
+		}
+		ret += sc.String()
+	}
+	return ret
+}
+
 // Authority contains configuration for an xDS control plane authority.
 //
 // This type does not implement custom JSON marshal/unmarshal logic because it
@@ -237,14 +250,6 @@ func (sc *ServerConfig) Equal(other *ServerConfig) bool {
 }
 
 // String returns the string representation of the ServerConfig.
-//
-// This string representation will be used as map keys in federation
-// (`map[ServerConfig]authority`), so that the xDS ClientConn and stream will be
-// shared by authorities with different names but the same server config.
-//
-// It covers (almost) all the fields so the string can represent the config
-// content. It doesn't cover NodeProto because NodeProto isn't used by
-// federation.
 func (sc *ServerConfig) String() string {
 	if len(sc.serverFeatures) == 0 {
 		return fmt.Sprintf("%s-%s", sc.serverURI, sc.selectedCreds.String())
@@ -361,7 +366,7 @@ type Config struct {
 
 // XDSServers returns the top-level list of management servers to connect to,
 // ordered by priority.
-func (c *Config) XDSServers() []*ServerConfig {
+func (c *Config) XDSServers() ServerConfigs {
 	return c.xDSServers
 }
 
@@ -608,8 +613,9 @@ func newConfigFromContents(data []byte) (*Config, error) {
 //
 // # Testing-Only
 type ConfigOptionsForTesting struct {
-	// Servers is the top-level xDS server configuration
+	// Servers is the top-level xDS server configuration. It contains a list of
-	Servers []json.RawMessage
+	// server configurations.
+	Servers json.RawMessage
 	// CertificateProviders is the certificate providers configuration.
 	CertificateProviders map[string]json.RawMessage
 	// ServerListenerResourceNameTemplate is the listener resource name template
@@ -630,13 +636,9 @@ type ConfigOptionsForTesting struct {
 //
 // # Testing-Only
 func NewContentsForTesting(opts ConfigOptionsForTesting) ([]byte, error) {
-	var servers []*ServerConfig
+	var servers ServerConfigs
-	for _, serverCfgJSON := range opts.Servers {
+	if err := json.Unmarshal(opts.Servers, &servers); err != nil {
-		server := &ServerConfig{}
+		return nil, err
-		if err := server.UnmarshalJSON(serverCfgJSON); err != nil {
-			return nil, err
-		}
-		servers = append(servers, server)
 	}
 	certProviders := make(map[string]certproviderNameAndConfig)
 	for k, v := range opts.CertificateProviders {

test/xds/xds_client_certificate_providers_test.go

@@ -21,7 +21,6 @@ package xds_test
 import (
 	"context"
 	"crypto/tls"
-	"encoding/json"
 	"fmt"
 	"strings"
 	"testing"
@@ -119,10 +118,10 @@ func (s) TestClientSideXDS_WithNoCertificateProvidersInBootstrap_Failure(t *test
 	// with no certificate providers.
 	nodeID := uuid.New().String()
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 	})
 	if err != nil {

test/xds/xds_client_federation_test.go

@@ -65,10 +65,10 @@ func (s) TestClientSideFederation(t *testing.T) {
 	// Create a bootstrap file in a temporary directory.
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, serverDefaultAuth.Address))},
+		}]`, serverDefaultAuth.Address)),
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ServerListenerResourceNameTemplate: e2e.ServerListenerResourceNameTemplate,
 		// Specify the address of the non-default authority.
@@ -159,10 +159,10 @@ func (s) TestClientSideFederationWithOnlyXDSTPStyleLDS(t *testing.T) {
 	// Create a bootstrap file in a temporary directory.
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ClientDefaultListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%%s", authority),
 		// Specify the address of the non-default authority.

test/xds/xds_client_ignore_resource_deletion_test.go

@@ -260,22 +260,22 @@ func testResourceDeletionNotIgnored(t *testing.T, initialResource func(string) e
 // This helper generates a custom bootstrap config for the test.
 func generateBootstrapContents(t *testing.T, serverURI string, ignoreResourceDeletion bool, nodeID string) []byte {
 	t.Helper()
-	var serverCfg json.RawMessage
+	var serverCfgs json.RawMessage
 	if ignoreResourceDeletion {
-		serverCfg = []byte(fmt.Sprintf(`{
+		serverCfgs = []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}],
 			"server_features": ["ignore_resource_deletion"]
-		}`, serverURI))
+		}]`, serverURI))
 	} else {
-		serverCfg = []byte(fmt.Sprintf(`{
+		serverCfgs = []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, serverURI))
+		}]`, serverURI))
 
 	}
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers:                            []json.RawMessage{serverCfg},
+		Servers:                            serverCfgs,
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ServerListenerResourceNameTemplate: e2e.ServerListenerResourceNameTemplate,
 	})

test/xds/xds_server_certificate_providers_test.go

@@ -20,7 +20,6 @@ package xds_test
 
 import (
 	"context"
-	"encoding/json"
 	"fmt"
 	"net"
 	"strconv"
@@ -131,10 +130,10 @@ func (s) TestServerSideXDS_WithNoCertificateProvidersInBootstrap_Failure(t *test
 	// Create bootstrap configuration with no certificate providers.
 	nodeID := uuid.New().String()
 	bs, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ServerListenerResourceNameTemplate: e2e.ServerListenerResourceNameTemplate,
 	})

xds/googledirectpath/googlec2p_test.go

@@ -173,11 +173,11 @@ func (s) TestBuildXDS(t *testing.T) {
 		{
 			desc: "ipv6 false",
 			wantBootstrapConfig: bootstrapConfig(t, bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(`{
+				Servers: []byte(`[{
-						"server_uri": "dns:///directpath-pa.googleapis.com",
+					"server_uri": "dns:///directpath-pa.googleapis.com",
-					    "channel_creds": [{"type": "google_default"}],
+					"channel_creds": [{"type": "google_default"}],
-					    "server_features": ["ignore_resource_deletion"]
+					"server_features": ["ignore_resource_deletion"]
-  					}`)},
+  				}]`),
 				Authorities: map[string]json.RawMessage{
 					"traffic-director-c2p.xds.googleapis.com": []byte(`{
 							"xds_servers": [
@@ -199,11 +199,11 @@ func (s) TestBuildXDS(t *testing.T) {
 			desc:        "ipv6 true",
 			ipv6Capable: true,
 			wantBootstrapConfig: bootstrapConfig(t, bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(`{
+				Servers: []byte(`[{
-						"server_uri": "dns:///directpath-pa.googleapis.com",
+					"server_uri": "dns:///directpath-pa.googleapis.com",
-					    "channel_creds": [{"type": "google_default"}],
+					"channel_creds": [{"type": "google_default"}],
-					    "server_features": ["ignore_resource_deletion"]
+					"server_features": ["ignore_resource_deletion"]
-  					}`)},
+  				}]`),
 				Authorities: map[string]json.RawMessage{
 					"traffic-director-c2p.xds.googleapis.com": []byte(`{
 							"xds_servers": [
@@ -229,11 +229,11 @@ func (s) TestBuildXDS(t *testing.T) {
 			ipv6Capable:   true,
 			tdURIOverride: "test-uri",
 			wantBootstrapConfig: bootstrapConfig(t, bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(`{
+				Servers: []byte(`[{
-						"server_uri": "test-uri",
+					"server_uri": "test-uri",
-					    "channel_creds": [{"type": "google_default"}],
+					"channel_creds": [{"type": "google_default"}],
-					    "server_features": ["ignore_resource_deletion"]
+					"server_features": ["ignore_resource_deletion"]
-  					}`)},
+  				}]`),
 				Authorities: map[string]json.RawMessage{
 					"traffic-director-c2p.xds.googleapis.com": []byte(`{
 							"xds_servers": [

xds/internal/balancer/cdsbalancer/cdsbalancer_security_test.go

@@ -375,10 +375,10 @@ func (s) TestSecurityConfigNotFoundInBootstrap(t *testing.T) {
 	// and one that does not have certificate providers configuration.
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ServerListenerResourceNameTemplate: e2e.ServerListenerResourceNameTemplate,
 	})
@@ -441,10 +441,10 @@ func (s) TestCertproviderStoreError(t *testing.T) {
 		"config": {}
 	}`, errCertProviderName))
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node:                               []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		ServerListenerResourceNameTemplate: e2e.ServerListenerResourceNameTemplate,
 		CertificateProviders:               map[string]json.RawMessage{e2e.ClientSideCertProviderInstance: providerCfg},

xds/internal/resolver/xds_resolver_test.go

@@ -161,10 +161,10 @@ func (s) TestResolverResourceName(t *testing.T) {
 
 			// Create a bootstrap configuration with test options.
 			opts := bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				ClientDefaultListenerResourceNameTemplate: tt.listenerResourceNameTemplate,
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 			}

xds/internal/xdsclient/tests/authority_test.go

@@ -83,10 +83,10 @@ func setupForAuthorityTests(ctx context.Context, t *testing.T, idleTimeout time.
 	// config, which points to the above management server.
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, defaultAuthorityServer.Address))},
+		}]`, defaultAuthorityServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			testAuthority1: []byte(`{}`),

xds/internal/xdsclient/tests/cds_watchers_test.go

@@ -189,10 +189,10 @@ func (s) TestCDSWatch(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -339,10 +339,10 @@ func (s) TestCDSWatch_TwoWatchesForSameResourceName(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -443,10 +443,10 @@ func (s) TestCDSWatch_ThreeWatchesForDifferentResourceNames(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -736,10 +736,10 @@ func (s) TestCDSWatch_ResourceRemoved(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -917,10 +917,10 @@ func (s) TestCDSWatch_PartialValid(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -1009,10 +1009,10 @@ func (s) TestCDSWatch_PartialResponse(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed

xds/internal/xdsclient/tests/dump_test.go

@@ -389,10 +389,10 @@ func (s) TestDumpResources_ManyToMany(t *testing.T) {
 	// server corresponding to the test authority.
 	nodeID := uuid.New().String()
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer1.Address))},
+		}]`, mgmtServer1.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			authority: []byte(fmt.Sprintf(`{

xds/internal/xdsclient/tests/eds_watchers_test.go

@@ -220,10 +220,10 @@ func (s) TestEDSWatch(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -410,10 +410,10 @@ func (s) TestEDSWatch_TwoWatchesForSameResourceName(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -515,10 +515,10 @@ func (s) TestEDSWatch_ThreeWatchesForDifferentResourceNames(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -880,10 +880,10 @@ func (s) TestEDSWatch_PartialValid(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed

xds/internal/xdsclient/tests/federation_watchers_test.go

@@ -52,10 +52,10 @@ func setupForFederationWatchersTest(t *testing.T) (*e2e.ManagementServer, string
 
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, serverDefaultAuthority.Address))},
+		}]`, serverDefaultAuthority.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			testNonDefaultAuthority: []byte(fmt.Sprintf(`{

xds/internal/xdsclient/tests/lds_watchers_test.go

@@ -209,10 +209,10 @@ func (s) TestLDSWatch(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -359,10 +359,10 @@ func (s) TestLDSWatch_TwoWatchesForSameResourceName(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -464,10 +464,10 @@ func (s) TestLDSWatch_ThreeWatchesForDifferentResourceNames(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -754,10 +754,10 @@ func (s) TestLDSWatch_ResourceRemoved(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -932,10 +932,10 @@ func (s) TestLDSWatch_PartialValid(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -1025,10 +1025,10 @@ func (s) TestLDSWatch_PartialResponse(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed

xds/internal/xdsclient/tests/misc_watchers_test.go

@@ -107,10 +107,10 @@ func (s) TestWatchCallAnotherWatch(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed

xds/internal/xdsclient/tests/rds_watchers_test.go

@@ -222,10 +222,10 @@ func (s) TestRDSWatch(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -412,10 +412,10 @@ func (s) TestRDSWatch_TwoWatchesForSameResourceName(t *testing.T) {
 
 			nodeID := uuid.New().String()
 			bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-				Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+				Servers: []byte(fmt.Sprintf(`[{
 					"server_uri": %q,
 					"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+				}]`, mgmtServer.Address)),
 				Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 				Authorities: map[string]json.RawMessage{
 					// Xdstp resource names used in this test do not specify an
@@ -517,10 +517,10 @@ func (s) TestRDSWatch_ThreeWatchesForDifferentResourceNames(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed
@@ -881,10 +881,10 @@ func (s) TestRDSWatch_PartialValid(t *testing.T) {
 	nodeID := uuid.New().String()
 	authority := makeAuthorityName(t.Name())
 	bc, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
-					"server_uri": %q,
+			"server_uri": %q,
-					"channel_creds": [{"type": "insecure"}]
+			"channel_creds": [{"type": "insecure"}]
-				}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		Authorities: map[string]json.RawMessage{
 			// Xdstp style resource names used in this test use a slash removed

xds/server_test.go

@@ -194,10 +194,10 @@ func (s) TestNewServer_Failure(t *testing.T) {
 				grpc.Creds(xdsCreds),
 				func() grpc.ServerOption {
 					bs, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-						Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+						Servers: []byte(fmt.Sprintf(`[{
 							"server_uri": %q,
 							"channel_creds": [{"type": "insecure"}]
-						}`, nonExistentManagementServer))},
+						}]`, nonExistentManagementServer)),
 						Node: []byte(fmt.Sprintf(`{"id": "%s"}`, uuid.New().String())),
 						CertificateProviders: map[string]json.RawMessage{
 							"cert-provider-instance": json.RawMessage("{}"),
@@ -496,10 +496,10 @@ func (s) TestHandleListenerUpdate_NoXDSCreds(t *testing.T) {
 	// providers.
 	nodeID := uuid.NewString()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		CertificateProviders: map[string]json.RawMessage{
 			e2e.ServerSideCertProviderInstance: fakeProvider1Config,
@@ -588,10 +588,10 @@ func (s) TestHandleListenerUpdate_ErrorUpdate(t *testing.T) {
 	// providers.
 	nodeID := uuid.New().String()
 	bootstrapContents, err := bootstrap.NewContentsForTesting(bootstrap.ConfigOptionsForTesting{
-		Servers: []json.RawMessage{[]byte(fmt.Sprintf(`{
+		Servers: []byte(fmt.Sprintf(`[{
 			"server_uri": %q,
 			"channel_creds": [{"type": "insecure"}]
-		}`, mgmtServer.Address))},
+		}]`, mgmtServer.Address)),
 		Node: []byte(fmt.Sprintf(`{"id": "%s"}`, nodeID)),
 		CertificateProviders: map[string]json.RawMessage{
 			e2e.ServerSideCertProviderInstance: fakeProvider1Config,