grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xds: accept all forms of gkeClusterUrl and fix the 'x-goog-request-params' value (#7403)

This commit is contained in:
sanjaypujare 2020-09-09 16:22:34 -07:00 committed by GitHub
parent c919594962
commit 7c7c4a7daa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 73 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
xds/src/main/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProvider.java
View File

@ -457,7 +457,7 @@ final class MeshCaCertificateProvider extends CertificateProvider {
@Override @Override
public void start(Listener<RespT> responseListener, Metadata headers) { public void start(Listener<RespT> responseListener, Metadata headers) {
headers.put(KEY_FOR_ZONE_INFO, zone); headers.put(KEY_FOR_ZONE_INFO, "location=locations/" + zone);
super.start(responseListener, headers); super.start(responseListener, headers);
} }
}; };

2
xds/src/main/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProviderProvider.java
View File

@ -69,7 +69,7 @@ final class MeshCaCertificateProviderProvider implements CertificateProviderProv
static final long RPC_TIMEOUT_SECONDS = 10L; static final long RPC_TIMEOUT_SECONDS = 10L;
private static final Pattern CLUSTER_URL_PATTERN = Pattern private static final Pattern CLUSTER_URL_PATTERN = Pattern
.compile(".*/projects/(.*)/locations/(.*)/clusters/.*"); .compile(".*/projects/(.*)/(?:locations|zones)/(.*)/clusters/.*");
private static final String TRUST_DOMAIN_SUFFIX = ".svc.id.goog"; private static final String TRUST_DOMAIN_SUFFIX = ".svc.id.goog";
private static final String AUDIENCE_PREFIX = "identitynamespace:"; private static final String AUDIENCE_PREFIX = "identitynamespace:";

28
xds/src/test/java/io/grpc/xds/internal/certprovider/CommonCertProviderTestUtils.java
View File

@ -163,6 +163,34 @@ public class CommonCertProviderTestUtils {
return Bootstrapper.parseConfig(rawData); return Bootstrapper.parseConfig(rawData);
} }
static Bootstrapper.BootstrapInfo getMinimalBootstrapInfo_v1beta1AndZone() throws IOException {
String rawData =
"{\n"
+ " \"xds_servers\": [],\n"
+ " \"certificate_providers\": {\n"
+ " \"gcp_id\": {\n"
+ " \"plugin_name\": \"testca\",\n"
+ " \"config\": {\n"
+ " \"server\": {\n"
+ " \"api_type\": \"GRPC\",\n"
+ " \"grpc_services\": [{\n"
+ " \"google_grpc\": {\n"
+ " \"call_credentials\": [{\n"
+ " \"sts_service\": {\n"
+ " \"subject_token_path\": \"/tmp/path5\"\n"
+ " }\n"
+ " }]\n" // end call_credentials
+ " }\n" // end google_grpc
+ " }]\n" // end grpc_services
+ " },\n" // end server
+ " \"location\": \"https://container.googleapis.com/v1beta1/projects/test-project1/zones/test-zone2/clusters/test-cluster3\"\n"
+ " }\n" // end config
+ " }\n" // end gcp_id
+ " }\n"
+ "}";
return Bootstrapper.parseConfig(rawData);
}
static Bootstrapper.BootstrapInfo getMinimalAndBadClusterUrlBootstrapInfo() throws IOException { static Bootstrapper.BootstrapInfo getMinimalAndBadClusterUrlBootstrapInfo() throws IOException {
String rawData = String rawData =
"{\n" "{\n"

44
xds/src/test/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProviderProviderTest.java
View File

@ -49,10 +49,10 @@ public class MeshCaCertificateProviderProviderTest {
public static final String EXPECTED_AUDIENCE = public static final String EXPECTED_AUDIENCE =
"identitynamespace:test-project1.svc.id.goog:https://container.googleapis.com/v1/projects/test-project1/locations/test-zone2/clusters/test-cluster3"; "identitynamespace:test-project1.svc.id.goog:https://container.googleapis.com/v1/projects/test-project1/locations/test-zone2/clusters/test-cluster3";
public static final String EXPECTED_AUDIENCE_V1BETA1_ZONE =
"identitynamespace:test-project1.svc.id.goog:https://container.googleapis.com/v1beta1/projects/test-project1/zones/test-zone2/clusters/test-cluster3";
public static final String TMP_PATH_4 = "/tmp/path4"; public static final String TMP_PATH_4 = "/tmp/path4";
public static final String NON_DEFAULT_MESH_CA_URL = "nonDefaultMeshCaUrl"; public static final String NON_DEFAULT_MESH_CA_URL = "nonDefaultMeshCaUrl";
public static final String GKE_CLUSTER_URL =
"https://container.googleapis.com/v1/projects/test-project1/locations/test-zone2/clusters/test-cluster3";
@Mock @Mock
StsCredentials.Factory stsCredentialsFactory; StsCredentials.Factory stsCredentialsFactory;
@ -140,6 +140,41 @@ public class MeshCaCertificateProviderProviderTest {
eq(TimeUnit.SECONDS.toMillis(RPC_TIMEOUT_SECONDS))); eq(TimeUnit.SECONDS.toMillis(RPC_TIMEOUT_SECONDS)));
} }
@Test
public void createProvider_minimalConfig_v1beta1AndZone() throws IOException {
CertificateProvider.DistributorWatcher distWatcher =
new CertificateProvider.DistributorWatcher();
Map<String, ?> map = buildMinimalConfig_v1beta1AndZone();
ScheduledExecutorService mockService = mock(ScheduledExecutorService.class);
when(scheduledExecutorServiceFactory.create(
eq(MeshCaCertificateProviderProvider.MESHCA_URL_DEFAULT)))
.thenReturn(mockService);
provider.createCertificateProvider(map, distWatcher, true);
verify(stsCredentialsFactory, times(1))
.create(
eq(MeshCaCertificateProviderProvider.STS_URL_DEFAULT),
eq(EXPECTED_AUDIENCE_V1BETA1_ZONE),
eq("/tmp/path5"));
verify(meshCaCertificateProviderFactory, times(1))
.create(
eq(distWatcher),
eq(true),
eq(MeshCaCertificateProviderProvider.MESHCA_URL_DEFAULT),
eq("test-zone2"),
eq(MeshCaCertificateProviderProvider.CERT_VALIDITY_SECONDS_DEFAULT),
eq(MeshCaCertificateProviderProvider.KEY_SIZE_DEFAULT),
eq(MeshCaCertificateProviderProvider.KEY_ALGO_DEFAULT),
eq(MeshCaCertificateProviderProvider.SIGNATURE_ALGO_DEFAULT),
eq(meshCaChannelFactory),
eq(backoffPolicyProvider),
eq(MeshCaCertificateProviderProvider.RENEWAL_GRACE_PERIOD_SECONDS_DEFAULT),
eq(MeshCaCertificateProviderProvider.MAX_RETRY_ATTEMPTS_DEFAULT),
(GoogleCredentials) isNull(),
eq(mockService),
eq(timeProvider),
eq(TimeUnit.SECONDS.toMillis(RPC_TIMEOUT_SECONDS)));
}
@Test @Test
public void createProvider_missingGkeUrl_expectException() throws IOException { public void createProvider_missingGkeUrl_expectException() throws IOException {
CertificateProvider.DistributorWatcher distWatcher = CertificateProvider.DistributorWatcher distWatcher =
@ -234,6 +269,11 @@ public class MeshCaCertificateProviderProviderTest {
return getCertProviderConfig(CommonCertProviderTestUtils.getMinimalBootstrapInfo()); return getCertProviderConfig(CommonCertProviderTestUtils.getMinimalBootstrapInfo());
} }
private static Map<String, ?> buildMinimalConfig_v1beta1AndZone() throws IOException {
return getCertProviderConfig(
CommonCertProviderTestUtils.getMinimalBootstrapInfo_v1beta1AndZone());
}
private static Map<String, ?> buildBadClusterUrlConfig() throws IOException { private static Map<String, ?> buildBadClusterUrlConfig() throws IOException {
return getCertProviderConfig( return getCertProviderConfig(
CommonCertProviderTestUtils.getMinimalAndBadClusterUrlBootstrapInfo()); CommonCertProviderTestUtils.getMinimalAndBadClusterUrlBootstrapInfo());

2
xds/src/test/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProviderTest.java
View File

@ -534,7 +534,7 @@ public class MeshCaCertificateProviderTest {
assertThat(receivedZoneValues).hasSize(count); assertThat(receivedZoneValues).hasSize(count);
for (int i = 0; i < count; i++) { for (int i = 0; i < count; i++) {
assertThat(receivedStsCreds.poll()).isEqualTo("Bearer " + TEST_STS_TOKEN + i); assertThat(receivedStsCreds.poll()).isEqualTo("Bearer " + TEST_STS_TOKEN + i);
assertThat(receivedZoneValues.poll()).isEqualTo("us-west2-a"); assertThat(receivedZoneValues.poll()).isEqualTo("location=locations/us-west2-a");
} }
} }