grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xds: use env variable and a boolean to enable xds security code (#7165)

This commit is contained in:
sanjaypujare 2020-06-26 18:22:09 -07:00 committed by GitHub
parent 2e1cd05d54
commit d782f4689f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
xds/src/main/java/io/grpc/xds/CdsLoadBalancer.java
View File

@ -57,6 +57,9 @@ public final class CdsLoadBalancer extends LoadBalancer {
private final LoadBalancerRegistry lbRegistry; private final LoadBalancerRegistry lbRegistry;
private final GracefulSwitchLoadBalancer switchingLoadBalancer; private final GracefulSwitchLoadBalancer switchingLoadBalancer;
private final TlsContextManager tlsContextManager; private final TlsContextManager tlsContextManager;
// TODO(sanjaypujare): remove once xds security is released
private boolean enableXdsSecurity;
private static final String XDS_SECURITY_ENV_VAR = "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT";
// The following fields become non-null once handleResolvedAddresses() successfully. // The following fields become non-null once handleResolvedAddresses() successfully.
@ -128,6 +131,17 @@ public final class CdsLoadBalancer extends LoadBalancer {
} }
} }
// TODO(sanjaypujare): remove once xDS security is released
private boolean isXdsSecurityEnabled() {
return enableXdsSecurity || Boolean.valueOf(System.getenv(XDS_SECURITY_ENV_VAR));
}
// TODO(sanjaypujare): remove once xDS security is released
@VisibleForTesting
void setXdsSecurity(boolean enable) {
enableXdsSecurity = enable;
}
/** /**
* A load balancer factory that provides a load balancer for a given cluster. * A load balancer factory that provides a load balancer for a given cluster.
*/ */
@ -290,7 +304,7 @@ public final class CdsLoadBalancer extends LoadBalancer {
/* edsServiceName = */ newUpdate.getEdsServiceName(), /* edsServiceName = */ newUpdate.getEdsServiceName(),
/* lrsServerName = */ newUpdate.getLrsServerName(), /* lrsServerName = */ newUpdate.getLrsServerName(),
new PolicySelection(lbProvider, ImmutableMap.<String, Object>of(), lbConfig)); new PolicySelection(lbProvider, ImmutableMap.<String, Object>of(), lbConfig));
if (false) { if (isXdsSecurityEnabled()) {
updateSslContextProvider(newUpdate.getUpstreamTlsContext()); updateSslContextProvider(newUpdate.getUpstreamTlsContext());
} }
if (edsBalancer == null) { if (edsBalancer == null) {

4
xds/src/test/java/io/grpc/xds/CdsLoadBalancerTest.java
View File

@ -76,7 +76,6 @@ import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.junit.Before; import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.junit.runners.JUnit4; import org.junit.runners.JUnit4;
@ -339,9 +338,10 @@ public class CdsLoadBalancerTest {
assertThat(xdsClientPool.xdsClient).isNull(); assertThat(xdsClientPool.xdsClient).isNull();
} }
@Ignore
@Test @Test
public void handleCdsConfigUpdate_withUpstreamTlsContext() { public void handleCdsConfigUpdate_withUpstreamTlsContext() {
assertThat(cdsLoadBalancer).isInstanceOf(CdsLoadBalancer.class);
((CdsLoadBalancer)cdsLoadBalancer).setXdsSecurity(true);
assertThat(xdsClient).isNull(); assertThat(xdsClient).isNull();
ResolvedAddresses resolvedAddresses1 = ResolvedAddresses resolvedAddresses1 =
ResolvedAddresses.newBuilder() ResolvedAddresses.newBuilder()