grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

all: fix lint

This commit is contained in:
ZHANG Dapeng 2020-08-28 13:00:44 -07:00 committed by GitHub
parent eb6c3415d2
commit 09367030ae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
23 changed files with 144 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
compiler/src/java_plugin/cpp/java_generator.h
View File

@ -38,13 +38,13 @@ class LogHelper {
} }
}; };
// Abort the program after logging the mesage if the given condition is not // Abort the program after logging the message if the given condition is not
// true. Otherwise, do nothing. // true. Otherwise, do nothing.
#define GRPC_CODEGEN_CHECK(x) !(x) && LogHelper(&std::cerr).get_os() \ #define GRPC_CODEGEN_CHECK(x) !(x) && LogHelper(&std::cerr).get_os() \
<< "CHECK FAILED: " << __FILE__ << ":" \ << "CHECK FAILED: " << __FILE__ << ":" \
<< __LINE__ << ": " << __LINE__ << ": "
// Abort the program after logging the mesage. // Abort the program after logging the message.
#define GRPC_CODEGEN_FAIL GRPC_CODEGEN_CHECK(false) #define GRPC_CODEGEN_FAIL GRPC_CODEGEN_CHECK(false)
namespace java_grpc_generator { namespace java_grpc_generator {

2
core/src/test/java/io/grpc/internal/ServiceConfigErrorHandlingTest.java
View File

@ -61,7 +61,6 @@ import org.junit.After;
import org.junit.Before; import org.junit.Before;
import org.junit.Rule; import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.junit.runners.JUnit4; import org.junit.runners.JUnit4;
import org.mockito.ArgumentCaptor; import org.mockito.ArgumentCaptor;
@ -103,7 +102,6 @@ public class ServiceConfigErrorHandlingTest {
private final InternalChannelz channelz = new InternalChannelz(); private final InternalChannelz channelz = new InternalChannelz();
@Rule public final ExpectedException thrown = ExpectedException.none();
@Rule public final MockitoRule mocks = MockitoJUnit.rule(); @Rule public final MockitoRule mocks = MockitoJUnit.rule();
private ManagedChannelImpl channel; private ManagedChannelImpl channel;

1
examples/example-tls/src/main/java/io/grpc/examples/helloworldtls/HelloWorldServerTls.java
View File

@ -25,7 +25,6 @@ import io.grpc.netty.NettyServerBuilder;
import io.grpc.stub.StreamObserver; import io.grpc.stub.StreamObserver;
import io.netty.handler.ssl.ClientAuth; import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContextBuilder; import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;

2
netty/src/main/java/io/grpc/netty/InternalProtocolNegotiationEvent.java
View File

@ -17,12 +17,14 @@
package io.grpc.netty; package io.grpc.netty;
import io.grpc.Attributes; import io.grpc.Attributes;
import io.grpc.Internal;
import io.grpc.InternalChannelz.Security; import io.grpc.InternalChannelz.Security;
import javax.annotation.Nullable; import javax.annotation.Nullable;
/** /**
* Internal accessor for {@link ProtocolNegotiationEvent}. * Internal accessor for {@link ProtocolNegotiationEvent}.
*/ */
@Internal
public final class InternalProtocolNegotiationEvent { public final class InternalProtocolNegotiationEvent {
private InternalProtocolNegotiationEvent() {} private InternalProtocolNegotiationEvent() {}

28
xds/src/main/java/io/grpc/xds/EnvoyProtoData.java
View File

@ -1292,8 +1292,8 @@ final class EnvoyProtoData {
io.envoyproxy.envoy.config.endpoint.v3.ClusterStats toEnvoyProtoClusterStats() { io.envoyproxy.envoy.config.endpoint.v3.ClusterStats toEnvoyProtoClusterStats() {
io.envoyproxy.envoy.config.endpoint.v3.ClusterStats.Builder builder = io.envoyproxy.envoy.config.endpoint.v3.ClusterStats.Builder builder =
io.envoyproxy.envoy.config.endpoint.v3.ClusterStats.newBuilder(); io.envoyproxy.envoy.config.endpoint.v3.ClusterStats.newBuilder()
builder.setClusterName(clusterName); .setClusterName(clusterName);
if (clusterServiceName != null) { if (clusterServiceName != null) {
builder.setClusterServiceName(clusterServiceName); builder.setClusterServiceName(clusterServiceName);
} }
@ -1303,15 +1303,16 @@ final class EnvoyProtoData {
for (DroppedRequests droppedRequests : droppedRequestsList) { for (DroppedRequests droppedRequests : droppedRequestsList) {
builder.addDroppedRequests(droppedRequests.toEnvoyProtoDroppedRequests()); builder.addDroppedRequests(droppedRequests.toEnvoyProtoDroppedRequests());
} }
builder.setTotalDroppedRequests(totalDroppedRequests); return builder
builder.setLoadReportInterval(Durations.fromNanos(loadReportIntervalNanos)); .setTotalDroppedRequests(totalDroppedRequests)
return builder.build(); .setLoadReportInterval(Durations.fromNanos(loadReportIntervalNanos))
.build();
} }
io.envoyproxy.envoy.api.v2.endpoint.ClusterStats toEnvoyProtoClusterStatsV2() { io.envoyproxy.envoy.api.v2.endpoint.ClusterStats toEnvoyProtoClusterStatsV2() {
io.envoyproxy.envoy.api.v2.endpoint.ClusterStats.Builder builder = io.envoyproxy.envoy.api.v2.endpoint.ClusterStats.Builder builder =
io.envoyproxy.envoy.api.v2.endpoint.ClusterStats.newBuilder(); io.envoyproxy.envoy.api.v2.endpoint.ClusterStats.newBuilder()
builder.setClusterName(clusterName); .setClusterName(clusterName);
for (UpstreamLocalityStats upstreamLocalityStats : upstreamLocalityStatsList) { for (UpstreamLocalityStats upstreamLocalityStats : upstreamLocalityStatsList) {
builder.addUpstreamLocalityStats( builder.addUpstreamLocalityStats(
upstreamLocalityStats.toEnvoyProtoUpstreamLocalityStatsV2()); upstreamLocalityStats.toEnvoyProtoUpstreamLocalityStatsV2());
@ -1319,9 +1320,10 @@ final class EnvoyProtoData {
for (DroppedRequests droppedRequests : droppedRequestsList) { for (DroppedRequests droppedRequests : droppedRequestsList) {
builder.addDroppedRequests(droppedRequests.toEnvoyProtoDroppedRequestsV2()); builder.addDroppedRequests(droppedRequests.toEnvoyProtoDroppedRequestsV2());
} }
builder.setTotalDroppedRequests(totalDroppedRequests); return builder
builder.setLoadReportInterval(Durations.fromNanos(loadReportIntervalNanos)); .setTotalDroppedRequests(totalDroppedRequests)
return builder.build(); .setLoadReportInterval(Durations.fromNanos(loadReportIntervalNanos))
.build();
} }
@VisibleForTesting @VisibleForTesting
@ -1534,8 +1536,7 @@ final class EnvoyProtoData {
private io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats private io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats
toEnvoyProtoUpstreamLocalityStats() { toEnvoyProtoUpstreamLocalityStats() {
io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats.Builder builder io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats.Builder builder
= io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats.newBuilder(); = io.envoyproxy.envoy.config.endpoint.v3.UpstreamLocalityStats.newBuilder()
builder
.setLocality(locality.toEnvoyProtoLocality()) .setLocality(locality.toEnvoyProtoLocality())
.setTotalSuccessfulRequests(totalSuccessfulRequests) .setTotalSuccessfulRequests(totalSuccessfulRequests)
.setTotalErrorRequests(totalErrorRequests) .setTotalErrorRequests(totalErrorRequests)
@ -1550,8 +1551,7 @@ final class EnvoyProtoData {
private io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats private io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats
toEnvoyProtoUpstreamLocalityStatsV2() { toEnvoyProtoUpstreamLocalityStatsV2() {
io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats.Builder builder io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats.Builder builder
= io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats.newBuilder(); = io.envoyproxy.envoy.api.v2.endpoint.UpstreamLocalityStats.newBuilder()
builder
.setLocality(locality.toEnvoyProtoLocalityV2()) .setLocality(locality.toEnvoyProtoLocalityV2())
.setTotalSuccessfulRequests(totalSuccessfulRequests) .setTotalSuccessfulRequests(totalSuccessfulRequests)
.setTotalErrorRequests(totalErrorRequests) .setTotalErrorRequests(totalErrorRequests)

8
xds/src/main/java/io/grpc/xds/LoadReportClient.java
View File

@ -416,8 +416,8 @@ final class LoadReportClient {
io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest toEnvoyProtoV2() { io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest toEnvoyProtoV2() {
io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest.Builder builder io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest.Builder builder
= io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest.newBuilder(); = io.envoyproxy.envoy.service.load_stats.v2.LoadStatsRequest.newBuilder()
builder.setNode(node.toEnvoyProtoNodeV2()); .setNode(node.toEnvoyProtoNodeV2());
if (clusterStatsList != null) { if (clusterStatsList != null) {
for (ClusterStats stats : clusterStatsList) { for (ClusterStats stats : clusterStatsList) {
builder.addClusterStats(stats.toEnvoyProtoClusterStatsV2()); builder.addClusterStats(stats.toEnvoyProtoClusterStatsV2());
@ -427,8 +427,8 @@ final class LoadReportClient {
} }
LoadStatsRequest toEnvoyProtoV3() { LoadStatsRequest toEnvoyProtoV3() {
LoadStatsRequest.Builder builder = LoadStatsRequest.newBuilder(); LoadStatsRequest.Builder builder = LoadStatsRequest.newBuilder()
builder.setNode(node.toEnvoyProtoNode()); .setNode(node.toEnvoyProtoNode());
if (clusterStatsList != null) { if (clusterStatsList != null) {
for (ClusterStats stats : clusterStatsList) { for (ClusterStats stats : clusterStatsList) {
builder.addClusterStats(stats.toEnvoyProtoClusterStats()); builder.addClusterStats(stats.toEnvoyProtoClusterStats());

4
xds/src/main/java/io/grpc/xds/LoadStatsStoreImpl.java
View File

@ -17,6 +17,7 @@
package io.grpc.xds; package io.grpc.xds;
import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Preconditions.checkNotNull;
import static java.util.concurrent.TimeUnit.NANOSECONDS;
import com.google.common.annotations.VisibleForTesting; import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Stopwatch; import com.google.common.base.Stopwatch;
@ -33,7 +34,6 @@ import io.grpc.xds.LoadStatsManager.LoadStatsStoreFactory;
import java.util.Map; import java.util.Map;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap; import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicLong; import java.util.concurrent.atomic.AtomicLong;
import javax.annotation.Nullable; import javax.annotation.Nullable;
import javax.annotation.concurrent.NotThreadSafe; import javax.annotation.concurrent.NotThreadSafe;
@ -113,7 +113,7 @@ final class LoadStatsStoreImpl implements LoadStatsStore {
statsBuilder.addDroppedRequests(new DroppedRequests(entry.getKey(),drops)); statsBuilder.addDroppedRequests(new DroppedRequests(entry.getKey(),drops));
} }
statsBuilder.setTotalDroppedRequests(totalDrops); statsBuilder.setTotalDroppedRequests(totalDrops);
statsBuilder.setLoadReportIntervalNanos(stopwatch.elapsed(TimeUnit.NANOSECONDS)); statsBuilder.setLoadReportIntervalNanos(stopwatch.elapsed(NANOSECONDS));
stopwatch.reset().start(); stopwatch.reset().start();
return statsBuilder.build(); return statsBuilder.build();
} }

1
xds/src/main/java/io/grpc/xds/PriorityLoadBalancer.java
View File

@ -260,7 +260,6 @@ final class PriorityLoadBalancer extends LoadBalancer {
policy = newPolicy; policy = newPolicy;
lb.switchTo(lbProvider); lb.switchTo(lbProvider);
} }
// TODO(zdapeng): Implement address filtering.
lb.handleResolvedAddresses( lb.handleResolvedAddresses(
addresses addresses
.toBuilder() .toBuilder()

2
xds/src/main/java/io/grpc/xds/internal/certprovider/CertProviderSslContextProvider.java
View File

@ -83,7 +83,7 @@ abstract class CertProviderSslContextProvider extends DynamicSslContextProvider
} }
} }
private CertificateProviderInfo getCertProviderConfig( private static CertificateProviderInfo getCertProviderConfig(
Map<String, CertificateProviderInfo> certProviders, String pluginInstanceName) { Map<String, CertificateProviderInfo> certProviders, String pluginInstanceName) {
return certProviders.get(pluginInstanceName); return certProviders.get(pluginInstanceName);
} }

2
xds/src/main/java/io/grpc/xds/internal/rbac/engine/AuthorizationDecision.java
View File

@ -84,7 +84,7 @@ public class AuthorizationDecision {
break; break;
} }
for (String policyName : this.policyNames) { for (String policyName : this.policyNames) {
authzStr.append(policyName + "; \n"); authzStr.append(policyName).append("; \n");
} }
return authzStr.toString(); return authzStr.toString();
} }

8
xds/src/main/java/io/grpc/xds/internal/rbac/engine/AuthorizationEngine.java
View File

@ -102,7 +102,7 @@ public class AuthorizationEngine {
* @param allowPolicy input Envoy RBAC policy with ALLOW action. * @param allowPolicy input Envoy RBAC policy with ALLOW action.
* @throws IllegalArgumentException if the user inputs an invalid RBAC list. * @throws IllegalArgumentException if the user inputs an invalid RBAC list.
*/ */
public AuthorizationEngine(RBAC denyPolicy, RBAC allowPolicy) throws IllegalArgumentException { public AuthorizationEngine(RBAC denyPolicy, RBAC allowPolicy) {
checkArgument( checkArgument(
denyPolicy.getAction() == Action.DENY && allowPolicy.getAction() == Action.ALLOW, denyPolicy.getAction() == Action.DENY && allowPolicy.getAction() == Action.ALLOW,
"Invalid RBAC list, " "Invalid RBAC list, "
@ -140,7 +140,7 @@ public class AuthorizationEngine {
if (authzDecision != null) { if (authzDecision != null) {
return authzDecision; return authzDecision;
} }
if (unknownPolicyNames.size() > 0) { if (!unknownPolicyNames.isEmpty()) {
return new AuthorizationDecision( return new AuthorizationDecision(
AuthorizationDecision.Output.UNKNOWN, unknownPolicyNames); AuthorizationDecision.Output.UNKNOWN, unknownPolicyNames);
} }
@ -154,7 +154,7 @@ public class AuthorizationEngine {
if (authzDecision != null) { if (authzDecision != null) {
return authzDecision; return authzDecision;
} }
if (unknownPolicyNames.size() > 0) { if (!unknownPolicyNames.isEmpty()) {
return new AuthorizationDecision( return new AuthorizationDecision(
AuthorizationDecision.Output.UNKNOWN, unknownPolicyNames); AuthorizationDecision.Output.UNKNOWN, unknownPolicyNames);
} }
@ -198,7 +198,7 @@ public class AuthorizationEngine {
try { try {
Object result = interpretable.eval(activation); Object result = interpretable.eval(activation);
if (result instanceof Boolean) { if (result instanceof Boolean) {
return Boolean.valueOf(result.toString()); return Boolean.parseBoolean(result.toString());
} }
// Throw an InterpreterException if there are missing Envoy Attributes. // Throw an InterpreterException if there are missing Envoy Attributes.
if (result instanceof IncompleteData) { if (result instanceof IncompleteData) {

4
xds/src/main/java/io/grpc/xds/internal/rbac/engine/EvaluateArgs.java
View File

@ -23,8 +23,8 @@ import io.grpc.ServerCall;
/** The EvaluateArgs class holds evaluate arguments used in CEL-based Authorization Engine. */ /** The EvaluateArgs class holds evaluate arguments used in CEL-based Authorization Engine. */
public class EvaluateArgs { public class EvaluateArgs {
private Metadata headers; private final Metadata headers;
private ServerCall<?, ?> call; private final ServerCall<?, ?> call;
/** /**
* Creates a new EvaluateArgs using the input {@code headers} for resolving headers * Creates a new EvaluateArgs using the input {@code headers} for resolving headers

4
xds/src/main/java/io/grpc/xds/internal/sds/DynamicSslContextProvider.java
View File

@ -75,8 +75,8 @@ public abstract class DynamicSslContextProvider extends SslContextProvider {
alpnList); alpnList);
sslContextBuilder.applicationProtocolConfig(apn); sslContextBuilder.applicationProtocolConfig(apn);
} }
List<Callback> pendingCallbacksCopy = null; List<Callback> pendingCallbacksCopy;
SslContext sslContextCopy = null; SslContext sslContextCopy;
synchronized (pendingCallbacks) { synchronized (pendingCallbacks) {
sslContext = sslContextBuilder.build(); sslContext = sslContextBuilder.build();
sslContextCopy = sslContext; sslContextCopy = sslContext;

8
xds/src/test/java/io/grpc/xds/XdsClientImplTest.java
View File

@ -749,7 +749,7 @@ public class XdsClientImplTest {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// path match with cluster route // path match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ null,/* pathExactMatch= */ "/service1/method1"), /* pathPrefixMatch= */ null, /* pathExactMatch= */ "/service1/method1"),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null)));
assertThat(routes.get(1)) assertThat(routes.get(1))
@ -757,7 +757,7 @@ public class XdsClientImplTest {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// path match with weighted cluster route // path match with weighted cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ null,/* pathExactMatch= */ "/service2/method2"), /* pathPrefixMatch= */ null, /* pathExactMatch= */ "/service2/method2"),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), TimeUnit.SECONDS.toNanos(15L),
null, null,
@ -769,7 +769,7 @@ public class XdsClientImplTest {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// prefix match with cluster route // prefix match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ "/service1/",/* pathExactMatch= */ null), /* pathPrefixMatch= */ "/service1/", /* pathExactMatch= */ null),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null)));
assertThat(routes.get(3)) assertThat(routes.get(3))
@ -777,7 +777,7 @@ public class XdsClientImplTest {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// default match with cluster route // default match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ "",/* pathExactMatch= */ null), /* pathPrefixMatch= */ "", /* pathExactMatch= */ null),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cluster.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cluster.googleapis.com", null)));
} }

8
xds/src/test/java/io/grpc/xds/XdsClientImplTestV2.java
View File

@ -751,7 +751,7 @@ public class XdsClientImplTestV2 {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// path match with cluster route // path match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ null,/* pathExactMatch= */ "/service1/method1"), /* pathPrefixMatch= */ null, /* pathExactMatch= */ "/service1/method1"),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null)));
assertThat(routes.get(1)) assertThat(routes.get(1))
@ -759,7 +759,7 @@ public class XdsClientImplTestV2 {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// path match with weighted cluster route // path match with weighted cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ null,/* pathExactMatch= */ "/service2/method2"), /* pathPrefixMatch= */ null, /* pathExactMatch= */ "/service2/method2"),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), TimeUnit.SECONDS.toNanos(15L),
null, null,
@ -771,7 +771,7 @@ public class XdsClientImplTestV2 {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// prefix match with cluster route // prefix match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ "/service1/",/* pathExactMatch= */ null), /* pathPrefixMatch= */ "/service1/", /* pathExactMatch= */ null),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cl1.googleapis.com", null)));
assertThat(routes.get(3)) assertThat(routes.get(3))
@ -779,7 +779,7 @@ public class XdsClientImplTestV2 {
new EnvoyProtoData.Route( new EnvoyProtoData.Route(
// default match with cluster route // default match with cluster route
new io.grpc.xds.RouteMatch( new io.grpc.xds.RouteMatch(
/* pathPrefixMatch= */ "",/* pathExactMatch= */ null), /* pathPrefixMatch= */ "", /* pathExactMatch= */ null),
new EnvoyProtoData.RouteAction( new EnvoyProtoData.RouteAction(
TimeUnit.SECONDS.toNanos(15L), "cluster.googleapis.com", null))); TimeUnit.SECONDS.toNanos(15L), "cluster.googleapis.com", null)));
} }

38
xds/src/test/java/io/grpc/xds/XdsClientTestHelper.java
View File

@ -22,6 +22,7 @@ import com.google.protobuf.UInt32Value;
import io.envoyproxy.envoy.config.cluster.v3.Cluster; import io.envoyproxy.envoy.config.cluster.v3.Cluster;
import io.envoyproxy.envoy.config.cluster.v3.Cluster.DiscoveryType; import io.envoyproxy.envoy.config.cluster.v3.Cluster.DiscoveryType;
import io.envoyproxy.envoy.config.cluster.v3.Cluster.EdsClusterConfig; import io.envoyproxy.envoy.config.cluster.v3.Cluster.EdsClusterConfig;
import io.envoyproxy.envoy.config.cluster.v3.Cluster.LbPolicy;
import io.envoyproxy.envoy.config.core.v3.Address; import io.envoyproxy.envoy.config.core.v3.Address;
import io.envoyproxy.envoy.config.core.v3.AggregatedConfigSource; import io.envoyproxy.envoy.config.core.v3.AggregatedConfigSource;
import io.envoyproxy.envoy.config.core.v3.ApiConfigSource; import io.envoyproxy.envoy.config.core.v3.ApiConfigSource;
@ -34,6 +35,8 @@ import io.envoyproxy.envoy.config.core.v3.SelfConfigSource;
import io.envoyproxy.envoy.config.core.v3.SocketAddress; import io.envoyproxy.envoy.config.core.v3.SocketAddress;
import io.envoyproxy.envoy.config.core.v3.TransportSocket; import io.envoyproxy.envoy.config.core.v3.TransportSocket;
import io.envoyproxy.envoy.config.endpoint.v3.ClusterLoadAssignment; import io.envoyproxy.envoy.config.endpoint.v3.ClusterLoadAssignment;
import io.envoyproxy.envoy.config.endpoint.v3.ClusterLoadAssignment.Policy;
import io.envoyproxy.envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.DropOverload;
import io.envoyproxy.envoy.config.endpoint.v3.Endpoint; import io.envoyproxy.envoy.config.endpoint.v3.Endpoint;
import io.envoyproxy.envoy.config.endpoint.v3.LbEndpoint; import io.envoyproxy.envoy.config.endpoint.v3.LbEndpoint;
import io.envoyproxy.envoy.config.endpoint.v3.LocalityLbEndpoints; import io.envoyproxy.envoy.config.endpoint.v3.LocalityLbEndpoints;
@ -206,7 +209,7 @@ class XdsClientTestHelper {
edsClusterConfigBuilder.setServiceName(edsServiceName); edsClusterConfigBuilder.setServiceName(edsServiceName);
} }
clusterBuilder.setEdsClusterConfig(edsClusterConfigBuilder); clusterBuilder.setEdsClusterConfig(edsClusterConfigBuilder);
clusterBuilder.setLbPolicy(Cluster.LbPolicy.ROUND_ROBIN); clusterBuilder.setLbPolicy(LbPolicy.ROUND_ROBIN);
if (enableLrs) { if (enableLrs) {
clusterBuilder.setLrsServer( clusterBuilder.setLrsServer(
ConfigSource.newBuilder() ConfigSource.newBuilder()
@ -223,19 +226,20 @@ class XdsClientTestHelper {
String clusterName, @Nullable String edsServiceName, boolean enableLrs, String clusterName, @Nullable String edsServiceName, boolean enableLrs,
@Nullable io.envoyproxy.envoy.api.v2.auth.UpstreamTlsContext upstreamTlsContext) { @Nullable io.envoyproxy.envoy.api.v2.auth.UpstreamTlsContext upstreamTlsContext) {
io.envoyproxy.envoy.api.v2.Cluster.Builder clusterBuilder = io.envoyproxy.envoy.api.v2.Cluster.Builder clusterBuilder =
io.envoyproxy.envoy.api.v2.Cluster.newBuilder(); io.envoyproxy.envoy.api.v2.Cluster.newBuilder()
clusterBuilder.setName(clusterName); .setName(clusterName)
clusterBuilder.setType(io.envoyproxy.envoy.api.v2.Cluster.DiscoveryType.EDS); .setType(io.envoyproxy.envoy.api.v2.Cluster.DiscoveryType.EDS);
io.envoyproxy.envoy.api.v2.Cluster.EdsClusterConfig.Builder edsClusterConfigBuilder = io.envoyproxy.envoy.api.v2.Cluster.EdsClusterConfig.Builder edsClusterConfigBuilder =
io.envoyproxy.envoy.api.v2.Cluster.EdsClusterConfig.newBuilder(); io.envoyproxy.envoy.api.v2.Cluster.EdsClusterConfig.newBuilder()
edsClusterConfigBuilder.setEdsConfig( .setEdsConfig(
io.envoyproxy.envoy.api.v2.core.ConfigSource.newBuilder() io.envoyproxy.envoy.api.v2.core.ConfigSource.newBuilder().setAds(
.setAds(io.envoyproxy.envoy.api.v2.core.AggregatedConfigSource.getDefaultInstance())); io.envoyproxy.envoy.api.v2.core.AggregatedConfigSource.getDefaultInstance()));
if (edsServiceName != null) { if (edsServiceName != null) {
edsClusterConfigBuilder.setServiceName(edsServiceName); edsClusterConfigBuilder.setServiceName(edsServiceName);
} }
clusterBuilder.setEdsClusterConfig(edsClusterConfigBuilder); clusterBuilder
clusterBuilder.setLbPolicy(io.envoyproxy.envoy.api.v2.Cluster.LbPolicy.ROUND_ROBIN); .setEdsClusterConfig(edsClusterConfigBuilder)
.setLbPolicy(io.envoyproxy.envoy.api.v2.Cluster.LbPolicy.ROUND_ROBIN);
if (enableLrs) { if (enableLrs) {
clusterBuilder.setLrsServer( clusterBuilder.setLrsServer(
io.envoyproxy.envoy.api.v2.core.ConfigSource.newBuilder() io.envoyproxy.envoy.api.v2.core.ConfigSource.newBuilder()
@ -250,19 +254,16 @@ class XdsClientTestHelper {
} }
static ClusterLoadAssignment buildClusterLoadAssignment(String clusterName, static ClusterLoadAssignment buildClusterLoadAssignment(String clusterName,
List<LocalityLbEndpoints> localityLbEndpoints, List<LocalityLbEndpoints> localityLbEndpoints, List<DropOverload> dropOverloads) {
List<ClusterLoadAssignment.Policy.DropOverload> dropOverloads) {
return return
ClusterLoadAssignment.newBuilder() ClusterLoadAssignment.newBuilder()
.setClusterName(clusterName) .setClusterName(clusterName)
.addAllEndpoints(localityLbEndpoints) .addAllEndpoints(localityLbEndpoints)
.setPolicy( .setPolicy(Policy.newBuilder().addAllDropOverloads(dropOverloads))
ClusterLoadAssignment.Policy.newBuilder()
.addAllDropOverloads(dropOverloads))
.build(); .build();
} }
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation") // disableOverprovisioning is deprecated by needed for v2
static io.envoyproxy.envoy.api.v2.ClusterLoadAssignment buildClusterLoadAssignmentV2( static io.envoyproxy.envoy.api.v2.ClusterLoadAssignment buildClusterLoadAssignmentV2(
String clusterName, String clusterName,
List<io.envoyproxy.envoy.api.v2.endpoint.LocalityLbEndpoints> localityLbEndpoints, List<io.envoyproxy.envoy.api.v2.endpoint.LocalityLbEndpoints> localityLbEndpoints,
@ -278,10 +279,9 @@ class XdsClientTestHelper {
.build(); .build();
} }
static ClusterLoadAssignment.Policy.DropOverload buildDropOverload( static DropOverload buildDropOverload(String category, int dropPerMillion) {
String category, int dropPerMillion) {
return return
ClusterLoadAssignment.Policy.DropOverload.newBuilder() DropOverload.newBuilder()
.setCategory(category) .setCategory(category)
.setDropPercentage( .setDropPercentage(
FractionalPercent.newBuilder() FractionalPercent.newBuilder()

2
xds/src/test/java/io/grpc/xds/XdsClientWrapperForServerSdsTest.java
View File

@ -109,7 +109,7 @@ public class XdsClientWrapperForServerSdsTest {
"exact IP over IPANY match, expect filter2" "exact IP over IPANY match, expect filter2"
}, },
{ {
PORT,// matches dest port but no address match PORT, // matches dest port but no address match
"168.20.20.2", "168.20.20.2",
"10.1.2.4", "10.1.2.4",
"192.168.10.1", "192.168.10.1",

2
xds/src/test/java/io/grpc/xds/internal/certprovider/CertProviderServerSslContextProviderTest.java
View File

@ -17,7 +17,6 @@
package io.grpc.xds.internal.certprovider; package io.grpc.xds.internal.certprovider;
import static com.google.common.truth.Truth.assertThat; import static com.google.common.truth.Truth.assertThat;
import static io.grpc.xds.internal.certprovider.CertProviderClientSslContextProviderTest.QueuedExecutor;
import static io.grpc.xds.internal.certprovider.CommonCertProviderTestUtils.getCertFromResourceName; import static io.grpc.xds.internal.certprovider.CommonCertProviderTestUtils.getCertFromResourceName;
import static io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.CA_PEM_FILE; import static io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.CA_PEM_FILE;
import static io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.CLIENT_PEM_FILE; import static io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.CLIENT_PEM_FILE;
@ -34,6 +33,7 @@ import io.envoyproxy.envoy.config.core.v3.DataSource;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext;
import io.grpc.xds.Bootstrapper; import io.grpc.xds.Bootstrapper;
import io.grpc.xds.EnvoyServerProtoData; import io.grpc.xds.EnvoyServerProtoData;
import io.grpc.xds.internal.certprovider.CertProviderClientSslContextProviderTest.QueuedExecutor;
import io.grpc.xds.internal.sds.CommonTlsContextTestsUtil; import io.grpc.xds.internal.sds.CommonTlsContextTestsUtil;
import io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.TestCallback; import io.grpc.xds.internal.sds.CommonTlsContextTestsUtil.TestCallback;
import org.junit.Before; import org.junit.Before;

14
xds/src/test/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProviderProviderTest.java
View File

@ -226,32 +226,32 @@ public class MeshCaCertificateProviderProviderTest {
eq(TimeUnit.SECONDS.toMillis(RPC_TIMEOUT_SECONDS))); eq(TimeUnit.SECONDS.toMillis(RPC_TIMEOUT_SECONDS)));
} }
private Map<String, ?> buildFullConfig() throws IOException { private static Map<String, ?> buildFullConfig() throws IOException {
return getCertProviderConfig(CommonCertProviderTestUtils.getNonDefaultTestBootstrapInfo()); return getCertProviderConfig(CommonCertProviderTestUtils.getNonDefaultTestBootstrapInfo());
} }
private Map<String, ?> buildMinimalConfig() throws IOException { private static Map<String, ?> buildMinimalConfig() throws IOException {
return getCertProviderConfig(CommonCertProviderTestUtils.getMinimalBootstrapInfo()); return getCertProviderConfig(CommonCertProviderTestUtils.getMinimalBootstrapInfo());
} }
private Map<String, ?> buildBadClusterUrlConfig() throws IOException { private static Map<String, ?> buildBadClusterUrlConfig() throws IOException {
return getCertProviderConfig( return getCertProviderConfig(
CommonCertProviderTestUtils.getMinimalAndBadClusterUrlBootstrapInfo()); CommonCertProviderTestUtils.getMinimalAndBadClusterUrlBootstrapInfo());
} }
private Map<String, ?> buildMissingSaJwtLocationConfig() throws IOException { private static Map<String, ?> buildMissingSaJwtLocationConfig() throws IOException {
return getCertProviderConfig(CommonCertProviderTestUtils.getMissingSaJwtLocation()); return getCertProviderConfig(CommonCertProviderTestUtils.getMissingSaJwtLocation());
} }
private Map<String, ?> buildMissingGkeClusterUrlConfig() throws IOException { private static Map<String, ?> buildMissingGkeClusterUrlConfig() throws IOException {
return getCertProviderConfig(CommonCertProviderTestUtils.getMissingGkeClusterUrl()); return getCertProviderConfig(CommonCertProviderTestUtils.getMissingGkeClusterUrl());
} }
private Map<String, ?> buildBadChannelCredsConfig() throws IOException { private static Map<String, ?> buildBadChannelCredsConfig() throws IOException {
return getCertProviderConfig(CommonCertProviderTestUtils.getBadChannelCredsConfig()); return getCertProviderConfig(CommonCertProviderTestUtils.getBadChannelCredsConfig());
} }
private Map<String, ?> getCertProviderConfig(Bootstrapper.BootstrapInfo bootstrapInfo) { private static Map<String, ?> getCertProviderConfig(Bootstrapper.BootstrapInfo bootstrapInfo) {
Map<String, Bootstrapper.CertificateProviderInfo> certProviders = Map<String, Bootstrapper.CertificateProviderInfo> certProviders =
bootstrapInfo.getCertProviders(); bootstrapInfo.getCertProviders();
Bootstrapper.CertificateProviderInfo gcpIdInfo = Bootstrapper.CertificateProviderInfo gcpIdInfo =

108
xds/src/test/java/io/grpc/xds/internal/rbac/engine/AuthzEngineEvaluationTest.java
View File

@ -16,8 +16,8 @@
package io.grpc.xds.internal.rbac.engine; package io.grpc.xds.internal.rbac.engine;
import static com.google.common.truth.Truth.assertThat;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.doReturn;
@ -31,7 +31,6 @@ import io.envoyproxy.envoy.config.rbac.v2.RBAC;
import io.envoyproxy.envoy.config.rbac.v2.RBAC.Action; import io.envoyproxy.envoy.config.rbac.v2.RBAC.Action;
import io.grpc.xds.internal.rbac.engine.cel.Activation; import io.grpc.xds.internal.rbac.engine.cel.Activation;
import io.grpc.xds.internal.rbac.engine.cel.InterpreterException; import io.grpc.xds.internal.rbac.engine.cel.InterpreterException;
import java.lang.StringBuilder;
import java.util.Map; import java.util.Map;
import org.junit.Before; import org.junit.Before;
import org.junit.Rule; import org.junit.Rule;
@ -51,14 +50,9 @@ public class AuthzEngineEvaluationTest {
@Mock @Mock
private EvaluateArgs args; private EvaluateArgs args;
@Mock
private Activation activation;
@Mock @Mock
private Map<String, Object> attributes; private Map<String, Object> attributes;
private AuthorizationEngine engine;
private AuthorizationEngine spyEngine; private AuthorizationEngine spyEngine;
private AuthorizationDecision evaluateResult; private AuthorizationDecision evaluateResult;
@ -130,7 +124,7 @@ public class AuthzEngineEvaluationTest {
@Before @Before
public void setupEngineSingleRbacAllow() { public void setupEngineSingleRbacAllow() {
buildRbac(); buildRbac();
engine = new AuthorizationEngine(rbacAllow); AuthorizationEngine engine = new AuthorizationEngine(rbacAllow);
spyEngine = Mockito.spy(engine); spyEngine = Mockito.spy(engine);
doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes(); doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes();
} }
@ -139,7 +133,7 @@ public class AuthzEngineEvaluationTest {
@Before @Before
public void setupEngineSingleRbacDeny() { public void setupEngineSingleRbacDeny() {
buildRbac(); buildRbac();
engine = new AuthorizationEngine(rbacDeny); AuthorizationEngine engine = new AuthorizationEngine(rbacDeny);
spyEngine = Mockito.spy(engine); spyEngine = Mockito.spy(engine);
doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes(); doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes();
} }
@ -148,7 +142,7 @@ public class AuthzEngineEvaluationTest {
@Before @Before
public void setupEngineRbacPair() { public void setupEngineRbacPair() {
buildRbac(); buildRbac();
engine = new AuthorizationEngine(rbacDeny, rbacAllow); AuthorizationEngine engine = new AuthorizationEngine(rbacDeny, rbacAllow);
spyEngine = Mockito.spy(engine); spyEngine = Mockito.spy(engine);
doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes(); doReturn(ImmutableMap.copyOf(attributes)).when(args).generateEnvoyAttributes();
} }
@ -166,9 +160,9 @@ public class AuthzEngineEvaluationTest {
doReturn(true).when(spyEngine).matches(eq(condition2), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition2), any(Activation.class));
doReturn(true).when(spyEngine).matches(eq(condition3), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition3), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.ALLOW); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.ALLOW);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 1")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 1");
} }
/** /**
@ -184,9 +178,9 @@ public class AuthzEngineEvaluationTest {
doReturn(false).when(spyEngine).matches(eq(condition2), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition2), any(Activation.class));
doReturn(false).when(spyEngine).matches(eq(condition3), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition3), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 0); assertThat(evaluateResult.getPolicyNames()).isEmpty();
assertEquals(evaluateResult.toString(), assertThat(evaluateResult.toString()).isEqualTo(
new StringBuilder("Authorization Decision: DENY. \n").toString()); new StringBuilder("Authorization Decision: DENY. \n").toString());
} }
@ -207,7 +201,7 @@ public class AuthzEngineEvaluationTest {
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.ALLOW); assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.ALLOW);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertEquals(evaluateResult.getPolicyNames().size(), 1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 2")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 2");
} }
/** /**
@ -226,11 +220,11 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition3), any(Activation.class)); .when(spyEngine).matches(eq(condition3), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.UNKNOWN); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.UNKNOWN);
assertEquals(evaluateResult.getPolicyNames().size(), 2); assertThat(evaluateResult.getPolicyNames()).hasSize(2);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 2")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 2");
assertTrue(evaluateResult.getPolicyNames().contains("Policy 3")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 3");
assertEquals(evaluateResult.toString(), assertThat(evaluateResult.toString()).isEqualTo(
new StringBuilder("Authorization Decision: UNKNOWN. \n" new StringBuilder("Authorization Decision: UNKNOWN. \n"
+ "Policy 2; \n" + "Policy 3; \n").toString()); + "Policy 2; \n" + "Policy 3; \n").toString());
} }
@ -250,10 +244,10 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition3), any(Activation.class)); .when(spyEngine).matches(eq(condition3), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.ALLOW); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.ALLOW);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 2")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 2");
assertEquals(evaluateResult.toString(), assertThat(evaluateResult.toString()).isEqualTo(
new StringBuilder("Authorization Decision: ALLOW. \n" + "Policy 2; \n").toString()); new StringBuilder("Authorization Decision: ALLOW. \n" + "Policy 2; \n").toString());
} }
@ -270,9 +264,9 @@ public class AuthzEngineEvaluationTest {
doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 4")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 4");
} }
/** /**
@ -288,8 +282,8 @@ public class AuthzEngineEvaluationTest {
doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.ALLOW); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.ALLOW);
assertEquals(evaluateResult.getPolicyNames().size(), 0); assertThat(evaluateResult.getPolicyNames()).isEmpty();
} }
/** /**
@ -307,9 +301,9 @@ public class AuthzEngineEvaluationTest {
doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 5")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 5");
} }
/** /**
@ -328,10 +322,10 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition6), any(Activation.class)); .when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.UNKNOWN); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.UNKNOWN);
assertEquals(evaluateResult.getPolicyNames().size(), 2); assertThat(evaluateResult.getPolicyNames()).hasSize(2);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 5")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 5");
assertTrue(evaluateResult.getPolicyNames().contains("Policy 6")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 6");
} }
/** /**
@ -349,9 +343,9 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition6), any(Activation.class)); .when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 5")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 5");
} }
/** /**
@ -371,9 +365,9 @@ public class AuthzEngineEvaluationTest {
doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(true).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 4")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 4");
} }
/** /**
@ -396,9 +390,9 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition6), any(Activation.class)); .when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 1); assertThat(evaluateResult.getPolicyNames()).hasSize(1);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 5")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 5");
} }
/** /**
@ -419,10 +413,10 @@ public class AuthzEngineEvaluationTest {
doThrow(new InterpreterException.Builder("Unknown result").build()) doThrow(new InterpreterException.Builder("Unknown result").build())
.when(spyEngine).matches(eq(condition6), any(Activation.class)); .when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.UNKNOWN); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.UNKNOWN);
assertEquals(evaluateResult.getPolicyNames().size(), 2); assertThat(evaluateResult.getPolicyNames()).hasSize(2);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 5")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 5");
assertTrue(evaluateResult.getPolicyNames().contains("Policy 6")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 6");
} }
/** /**
@ -446,10 +440,10 @@ public class AuthzEngineEvaluationTest {
doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.UNKNOWN); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.UNKNOWN);
assertEquals(evaluateResult.getPolicyNames().size(), 2); assertThat(evaluateResult.getPolicyNames()).hasSize(2);
assertTrue(evaluateResult.getPolicyNames().contains("Policy 2")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 2");
assertTrue(evaluateResult.getPolicyNames().contains("Policy 3")); assertThat(evaluateResult.getPolicyNames()).contains("Policy 3");
} }
/** /**
@ -469,7 +463,7 @@ public class AuthzEngineEvaluationTest {
doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition5), any(Activation.class));
doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class)); doReturn(false).when(spyEngine).matches(eq(condition6), any(Activation.class));
evaluateResult = spyEngine.evaluate(args); evaluateResult = spyEngine.evaluate(args);
assertEquals(evaluateResult.getDecision(), AuthorizationDecision.Output.DENY); assertThat(evaluateResult.getDecision()).isEqualTo(AuthorizationDecision.Output.DENY);
assertEquals(evaluateResult.getPolicyNames().size(), 0); assertThat(evaluateResult.getPolicyNames()).isEmpty();
} }
} }

3
xds/src/test/java/io/grpc/xds/internal/rbac/engine/AuthzEngineTest.java
View File

@ -68,7 +68,6 @@ public class AuthzEngineTest {
private AuthorizationEngine engine; private AuthorizationEngine engine;
private RBAC rbacDeny; private RBAC rbacDeny;
private RBAC rbacAllow; private RBAC rbacAllow;
private Expr expr;
private Object result; private Object result;
@Before @Before
@ -130,7 +129,7 @@ public class AuthzEngineTest {
public void testCelInterface() throws InterpreterException { public void testCelInterface() throws InterpreterException {
engine = new AuthorizationEngine(rbacAllow); engine = new AuthorizationEngine(rbacAllow);
when(interpretable.eval(any(Activation.class))).thenReturn(true); when(interpretable.eval(any(Activation.class))).thenReturn(true);
expr = Expr.newBuilder().build(); Expr expr = Expr.getDefaultInstance();
result = engine.matches(expr, activation); result = engine.matches(expr, activation);
assertThat(messageProvider).isNotNull(); assertThat(messageProvider).isNotNull();
assertThat(dispatcher).isNotNull(); assertThat(dispatcher).isNotNull();

12
xds/src/test/java/io/grpc/xds/internal/sds/CommonTlsContextTestsUtil.java
View File

@ -33,6 +33,7 @@ import io.envoyproxy.envoy.config.core.v3.DataSource;
import io.envoyproxy.envoy.config.core.v3.GrpcService; import io.envoyproxy.envoy.config.core.v3.GrpcService;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext;
import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig; import io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig;
@ -497,19 +498,20 @@ public class CommonTlsContextTestsUtil {
String rootCertName, String rootCertName,
CertificateValidationContext staticCertValidationContext) { CertificateValidationContext staticCertValidationContext) {
if (rootInstanceName != null) { if (rootInstanceName != null) {
CommonTlsContext.CertificateProviderInstance.Builder providerInstanceBuilder = CertificateProviderInstance providerInstance =
CommonTlsContext.CertificateProviderInstance.newBuilder() CertificateProviderInstance.newBuilder()
.setInstanceName(rootInstanceName) .setInstanceName(rootInstanceName)
.setCertificateName(rootCertName); .setCertificateName(rootCertName)
.build();
if (staticCertValidationContext != null) { if (staticCertValidationContext != null) {
CombinedCertificateValidationContext combined = CombinedCertificateValidationContext combined =
CombinedCertificateValidationContext.newBuilder() CombinedCertificateValidationContext.newBuilder()
.setDefaultValidationContext(staticCertValidationContext) .setDefaultValidationContext(staticCertValidationContext)
.setValidationContextCertificateProviderInstance(providerInstanceBuilder) .setValidationContextCertificateProviderInstance(providerInstance)
.build(); .build();
return builder.setCombinedValidationContext(combined); return builder.setCombinedValidationContext(combined);
} }
builder = builder.setValidationContextCertificateProviderInstance(providerInstanceBuilder); builder = builder.setValidationContextCertificateProviderInstance(providerInstance);
} }
return builder; return builder;
} }