From 8e91abc90f9e826fc911e75bf95aeab8d7e97b8e Mon Sep 17 00:00:00 2001 From: John Howard Date: Wed, 6 Oct 2021 10:45:48 -0700 Subject: [PATCH] Move istio/proxy protos into istio/api (#2107) * Move istio/proxy protos into istio/api Fixes https://github.com/istio/istio/issues/35210. This does two things: * Move some protos we have in istio/istio that are manually generating the go protos, using an outdated protobuf library and outdated proto. * Move some protos we have in istio/proxy that are not generating any go protos at all. A next step will be to have istio/istio import these go libraries, and istio/proxy to import these as proto_libraries. * add README --- buf.gen-golang.yaml | 8 + envoy/README.md | 8 + .../filter/http/alpn/v2alpha1/config.pb.go | 311 ++++++ .../filter/http/authn/v2alpha1/config.pb.go | 258 +++++ .../http/jwt_auth/v2alpha1/config.pb.go | 901 ++++++++++++++++++ .../metadata_exchange/metadata_exchange.pb.go | 173 ++++ .../metadata_exchange/metadata_exchange.proto | 31 + .../tcp_cluster_rewrite/v2alpha1/config.pb.go | 184 ++++ .../stackdriver/config/v1alpha1/config.pb.go | 572 +++++++++++ .../stackdriver/config/v1alpha1/config.proto | 140 +++ envoy/extensions/stats/config.pb.go | 548 +++++++++++ envoy/extensions/stats/config.proto | 111 +++ gen.sh | 4 + go.mod | 2 + 14 files changed, 3251 insertions(+) create mode 100644 buf.gen-golang.yaml create mode 100644 envoy/README.md create mode 100644 envoy/config/filter/http/alpn/v2alpha1/config.pb.go create mode 100644 envoy/config/filter/http/authn/v2alpha1/config.pb.go create mode 100644 envoy/config/filter/http/jwt_auth/v2alpha1/config.pb.go create mode 100644 envoy/config/filter/network/metadata_exchange/metadata_exchange.pb.go create mode 100644 envoy/config/filter/network/metadata_exchange/metadata_exchange.proto create mode 100644 envoy/config/filter/network/tcp_cluster_rewrite/v2alpha1/config.pb.go create mode 100644 envoy/extensions/stackdriver/config/v1alpha1/config.pb.go create mode 100644 envoy/extensions/stackdriver/config/v1alpha1/config.proto create mode 100644 envoy/extensions/stats/config.pb.go create mode 100644 envoy/extensions/stats/config.proto diff --git a/buf.gen-golang.yaml b/buf.gen-golang.yaml new file mode 100644 index 00000000..e30469fb --- /dev/null +++ b/buf.gen-golang.yaml @@ -0,0 +1,8 @@ +# buf.gen.yaml sets up the generation configuration for all of our plugins. +# Note: buf does not allow multi roots that are within each other; as a result, the common-protos folders are +# symlinked into the top level directory. +version: v1beta1 +plugins: +- name: go + out: . + opt: paths=source_relative \ No newline at end of file diff --git a/envoy/README.md b/envoy/README.md new file mode 100644 index 00000000..7d3cbe54 --- /dev/null +++ b/envoy/README.md @@ -0,0 +1,8 @@ +# Envoy Configuration APIs + +This folder contains API definitions for istio/proxy Envoy extensions. Unlike other +APIs in this repo, these APIs are not subject to the rules in [GUIDELINES.md](../GUIDELINES.md) +and are treated as internal implementation details. + +These API definitions are centralized in this repository to provide a single source of truth +with a small dependency footprint for ease of importing. diff --git a/envoy/config/filter/http/alpn/v2alpha1/config.pb.go b/envoy/config/filter/http/alpn/v2alpha1/config.pb.go new file mode 100644 index 00000000..3c2d68db --- /dev/null +++ b/envoy/config/filter/http/alpn/v2alpha1/config.pb.go @@ -0,0 +1,311 @@ +// Copyright 2018 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/config/filter/http/alpn/v2alpha1/config.proto + +// $title: ALPN filter for overriding ALPN for upstream TLS connections. + +package v2alpha1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Upstream protocols +type FilterConfig_Protocol int32 + +const ( + FilterConfig_HTTP10 FilterConfig_Protocol = 0 + FilterConfig_HTTP11 FilterConfig_Protocol = 1 + FilterConfig_HTTP2 FilterConfig_Protocol = 2 +) + +// Enum value maps for FilterConfig_Protocol. +var ( + FilterConfig_Protocol_name = map[int32]string{ + 0: "HTTP10", + 1: "HTTP11", + 2: "HTTP2", + } + FilterConfig_Protocol_value = map[string]int32{ + "HTTP10": 0, + "HTTP11": 1, + "HTTP2": 2, + } +) + +func (x FilterConfig_Protocol) Enum() *FilterConfig_Protocol { + p := new(FilterConfig_Protocol) + *p = x + return p +} + +func (x FilterConfig_Protocol) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (FilterConfig_Protocol) Descriptor() protoreflect.EnumDescriptor { + return file_envoy_config_filter_http_alpn_v2alpha1_config_proto_enumTypes[0].Descriptor() +} + +func (FilterConfig_Protocol) Type() protoreflect.EnumType { + return &file_envoy_config_filter_http_alpn_v2alpha1_config_proto_enumTypes[0] +} + +func (x FilterConfig_Protocol) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use FilterConfig_Protocol.Descriptor instead. +func (FilterConfig_Protocol) EnumDescriptor() ([]byte, []int) { + return file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescGZIP(), []int{0, 0} +} + +// FilterConfig is the config for Istio-specific filter. +type FilterConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Map from upstream protocol to list of ALPN + AlpnOverride []*FilterConfig_AlpnOverride `protobuf:"bytes,1,rep,name=alpn_override,json=alpnOverride,proto3" json:"alpn_override,omitempty"` +} + +func (x *FilterConfig) Reset() { + *x = FilterConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FilterConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FilterConfig) ProtoMessage() {} + +func (x *FilterConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FilterConfig.ProtoReflect.Descriptor instead. +func (*FilterConfig) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescGZIP(), []int{0} +} + +func (x *FilterConfig) GetAlpnOverride() []*FilterConfig_AlpnOverride { + if x != nil { + return x.AlpnOverride + } + return nil +} + +type FilterConfig_AlpnOverride struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Upstream protocol + UpstreamProtocol FilterConfig_Protocol `protobuf:"varint,1,opt,name=upstream_protocol,json=upstreamProtocol,proto3,enum=istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig_Protocol" json:"upstream_protocol,omitempty"` + // A list of ALPN that will override the ALPN for upstream TLS connections. + AlpnOverride []string `protobuf:"bytes,2,rep,name=alpn_override,json=alpnOverride,proto3" json:"alpn_override,omitempty"` +} + +func (x *FilterConfig_AlpnOverride) Reset() { + *x = FilterConfig_AlpnOverride{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FilterConfig_AlpnOverride) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FilterConfig_AlpnOverride) ProtoMessage() {} + +func (x *FilterConfig_AlpnOverride) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FilterConfig_AlpnOverride.ProtoReflect.Descriptor instead. +func (*FilterConfig_AlpnOverride) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescGZIP(), []int{0, 0} +} + +func (x *FilterConfig_AlpnOverride) GetUpstreamProtocol() FilterConfig_Protocol { + if x != nil { + return x.UpstreamProtocol + } + return FilterConfig_HTTP10 +} + +func (x *FilterConfig_AlpnOverride) GetAlpnOverride() []string { + if x != nil { + return x.AlpnOverride + } + return nil +} + +var File_envoy_config_filter_http_alpn_v2alpha1_config_proto protoreflect.FileDescriptor + +var file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDesc = []byte{ + 0x0a, 0x33, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x61, 0x6c, 0x70, 0x6e, 0x2f, + 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x2c, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, + 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, + 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x61, 0x6c, 0x70, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, + 0x68, 0x61, 0x31, 0x22, 0xd3, 0x02, 0x0a, 0x0c, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x12, 0x6c, 0x0a, 0x0d, 0x61, 0x6c, 0x70, 0x6e, 0x5f, 0x6f, 0x76, 0x65, + 0x72, 0x72, 0x69, 0x64, 0x65, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x47, 0x2e, 0x69, 0x73, + 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x61, 0x6c, 0x70, + 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x41, 0x6c, 0x70, 0x6e, 0x4f, 0x76, 0x65, 0x72, + 0x72, 0x69, 0x64, 0x65, 0x52, 0x0c, 0x61, 0x6c, 0x70, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, + 0x64, 0x65, 0x1a, 0xa5, 0x01, 0x0a, 0x0c, 0x41, 0x6c, 0x70, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, + 0x69, 0x64, 0x65, 0x12, 0x70, 0x0a, 0x11, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x43, + 0x2e, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, + 0x61, 0x6c, 0x70, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x46, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, + 0x63, 0x6f, 0x6c, 0x52, 0x10, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x50, 0x72, 0x6f, + 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x23, 0x0a, 0x0d, 0x61, 0x6c, 0x70, 0x6e, 0x5f, 0x6f, 0x76, + 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x6c, + 0x70, 0x6e, 0x4f, 0x76, 0x65, 0x72, 0x72, 0x69, 0x64, 0x65, 0x22, 0x2d, 0x0a, 0x08, 0x50, 0x72, + 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x0a, 0x0a, 0x06, 0x48, 0x54, 0x54, 0x50, 0x31, 0x30, + 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x48, 0x54, 0x54, 0x50, 0x31, 0x31, 0x10, 0x01, 0x12, 0x09, + 0x0a, 0x05, 0x48, 0x54, 0x54, 0x50, 0x32, 0x10, 0x02, 0x42, 0x35, 0x5a, 0x33, 0x69, 0x73, 0x74, + 0x69, 0x6f, 0x2e, 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, + 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x68, 0x74, + 0x74, 0x70, 0x2f, 0x61, 0x6c, 0x70, 0x6e, 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescOnce sync.Once + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescData = file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDesc +) + +func file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescGZIP() []byte { + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescOnce.Do(func() { + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescData) + }) + return file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDescData +} + +var file_envoy_config_filter_http_alpn_v2alpha1_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_envoy_config_filter_http_alpn_v2alpha1_config_proto_goTypes = []interface{}{ + (FilterConfig_Protocol)(0), // 0: istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.Protocol + (*FilterConfig)(nil), // 1: istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig + (*FilterConfig_AlpnOverride)(nil), // 2: istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.AlpnOverride +} +var file_envoy_config_filter_http_alpn_v2alpha1_config_proto_depIdxs = []int32{ + 2, // 0: istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.alpn_override:type_name -> istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.AlpnOverride + 0, // 1: istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.AlpnOverride.upstream_protocol:type_name -> istio.envoy.config.filter.http.alpn.v2alpha1.FilterConfig.Protocol + 2, // [2:2] is the sub-list for method output_type + 2, // [2:2] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 2, // [2:2] is the sub-list for extension extendee + 0, // [0:2] is the sub-list for field type_name +} + +func init() { file_envoy_config_filter_http_alpn_v2alpha1_config_proto_init() } +func file_envoy_config_filter_http_alpn_v2alpha1_config_proto_init() { + if File_envoy_config_filter_http_alpn_v2alpha1_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FilterConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FilterConfig_AlpnOverride); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDesc, + NumEnums: 1, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_config_filter_http_alpn_v2alpha1_config_proto_goTypes, + DependencyIndexes: file_envoy_config_filter_http_alpn_v2alpha1_config_proto_depIdxs, + EnumInfos: file_envoy_config_filter_http_alpn_v2alpha1_config_proto_enumTypes, + MessageInfos: file_envoy_config_filter_http_alpn_v2alpha1_config_proto_msgTypes, + }.Build() + File_envoy_config_filter_http_alpn_v2alpha1_config_proto = out.File + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_rawDesc = nil + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_goTypes = nil + file_envoy_config_filter_http_alpn_v2alpha1_config_proto_depIdxs = nil +} diff --git a/envoy/config/filter/http/authn/v2alpha1/config.pb.go b/envoy/config/filter/http/authn/v2alpha1/config.pb.go new file mode 100644 index 00000000..92720c82 --- /dev/null +++ b/envoy/config/filter/http/authn/v2alpha1/config.pb.go @@ -0,0 +1,258 @@ +// Copyright 2018 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/config/filter/http/authn/v2alpha1/config.proto + +// $title: Internal API for authentication implementation on Envoy. + +package v2alpha1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + v1alpha1 "istio.io/api/authentication/v1alpha1" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// FilterConfig is the config for Istio-specific filter that is used to enforce +// authentication policy on Envoy. +type FilterConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Policy is the original copy of the policy. + Policy *v1alpha1.Policy `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"` + // Map from issuer to location of the payload that is emitted by Jwt filter. + // This information is added by pilot when construct and add Jwt and + // authN filters. + JwtOutputPayloadLocations map[string]string `protobuf:"bytes,2,rep,name=jwt_output_payload_locations,json=jwtOutputPayloadLocations,proto3" json:"jwt_output_payload_locations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // Skips validating the peer's trust domain. + // By default, the istio authn filter will reject the request if the peer and + // the local service is not in the same trust domain. + // Set this field to true to skip the validation and allows peers from any + // trust domains. + // Note, the istio authn filter only validates the trust domain when mTLS is + // used, In other words, this field has no effect for plaintext traffic. + // TODO(incfly): deprecate this after allowed_trust_domains is shipped. + SkipValidateTrustDomain bool `protobuf:"varint,3,opt,name=skip_validate_trust_domain,json=skipValidateTrustDomain,proto3" json:"skip_validate_trust_domain,omitempty"` + // allowed_trust_domains contains a list of trust domains the authn + // filter should validate against. When configured, only requests with a + // peer from one of the allowed trust domain will be admitted. + // An empty list means all trust domains are allowed. + // When this field is set, the skip_validate_trust_domain field is ignored. + // This field has no effect for plaintext traffic. + AllowedTrustDomains []string `protobuf:"bytes,4,rep,name=allowed_trust_domains,json=allowedTrustDomains,proto3" json:"allowed_trust_domains,omitempty"` + // By default the authn filter will clear the route cache so that the validated + // JWT token claims can be used in routing. + // Advanced users can set this to true to disable the behavior if they do not + // want the authn filter to clear the route cache for any reasons. + // Warning: setting this to true will break the JWT claim based routing. + DisableClearRouteCache bool `protobuf:"varint,5,opt,name=disable_clear_route_cache,json=disableClearRouteCache,proto3" json:"disable_clear_route_cache,omitempty"` +} + +func (x *FilterConfig) Reset() { + *x = FilterConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_authn_v2alpha1_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FilterConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FilterConfig) ProtoMessage() {} + +func (x *FilterConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_authn_v2alpha1_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FilterConfig.ProtoReflect.Descriptor instead. +func (*FilterConfig) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescGZIP(), []int{0} +} + +func (x *FilterConfig) GetPolicy() *v1alpha1.Policy { + if x != nil { + return x.Policy + } + return nil +} + +func (x *FilterConfig) GetJwtOutputPayloadLocations() map[string]string { + if x != nil { + return x.JwtOutputPayloadLocations + } + return nil +} + +func (x *FilterConfig) GetSkipValidateTrustDomain() bool { + if x != nil { + return x.SkipValidateTrustDomain + } + return false +} + +func (x *FilterConfig) GetAllowedTrustDomains() []string { + if x != nil { + return x.AllowedTrustDomains + } + return nil +} + +func (x *FilterConfig) GetDisableClearRouteCache() bool { + if x != nil { + return x.DisableClearRouteCache + } + return false +} + +var File_envoy_config_filter_http_authn_v2alpha1_config_proto protoreflect.FileDescriptor + +var file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDesc = []byte{ + 0x0a, 0x34, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6e, + 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x2d, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, + 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, + 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6e, 0x2e, 0x76, 0x32, 0x61, + 0x6c, 0x70, 0x68, 0x61, 0x31, 0x1a, 0x24, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x70, + 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe5, 0x03, 0x0a, 0x0c, + 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x06, + 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x69, + 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x50, 0x6f, 0x6c, + 0x69, 0x63, 0x79, 0x52, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x9b, 0x01, 0x0a, 0x1c, + 0x6a, 0x77, 0x74, 0x5f, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, + 0x61, 0x64, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x5a, 0x2e, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, + 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, + 0x74, 0x74, 0x70, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6e, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, + 0x61, 0x31, 0x2e, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x4a, 0x77, 0x74, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, + 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x19, + 0x6a, 0x77, 0x74, 0x4f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, + 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3b, 0x0a, 0x1a, 0x73, 0x6b, 0x69, + 0x70, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x72, 0x75, 0x73, 0x74, + 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x73, + 0x6b, 0x69, 0x70, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x54, 0x72, 0x75, 0x73, 0x74, + 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x32, 0x0a, 0x15, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, + 0x64, 0x5f, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18, + 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x13, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x54, 0x72, + 0x75, 0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x39, 0x0a, 0x19, 0x64, 0x69, + 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x63, 0x6c, 0x65, 0x61, 0x72, 0x5f, 0x72, 0x6f, 0x75, 0x74, + 0x65, 0x5f, 0x63, 0x61, 0x63, 0x68, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x64, + 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x43, 0x6c, 0x65, 0x61, 0x72, 0x52, 0x6f, 0x75, 0x74, 0x65, + 0x43, 0x61, 0x63, 0x68, 0x65, 0x1a, 0x4c, 0x0a, 0x1e, 0x4a, 0x77, 0x74, 0x4f, 0x75, 0x74, 0x70, + 0x75, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x42, 0x36, 0x5a, 0x34, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x69, 0x6f, 0x2f, + 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x61, 0x75, 0x74, + 0x68, 0x6e, 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescOnce sync.Once + file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescData = file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDesc +) + +func file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescGZIP() []byte { + file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescOnce.Do(func() { + file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescData) + }) + return file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDescData +} + +var file_envoy_config_filter_http_authn_v2alpha1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_envoy_config_filter_http_authn_v2alpha1_config_proto_goTypes = []interface{}{ + (*FilterConfig)(nil), // 0: istio.envoy.config.filter.http.authn.v2alpha1.FilterConfig + nil, // 1: istio.envoy.config.filter.http.authn.v2alpha1.FilterConfig.JwtOutputPayloadLocationsEntry + (*v1alpha1.Policy)(nil), // 2: istio.authentication.v1alpha1.Policy +} +var file_envoy_config_filter_http_authn_v2alpha1_config_proto_depIdxs = []int32{ + 2, // 0: istio.envoy.config.filter.http.authn.v2alpha1.FilterConfig.policy:type_name -> istio.authentication.v1alpha1.Policy + 1, // 1: istio.envoy.config.filter.http.authn.v2alpha1.FilterConfig.jwt_output_payload_locations:type_name -> istio.envoy.config.filter.http.authn.v2alpha1.FilterConfig.JwtOutputPayloadLocationsEntry + 2, // [2:2] is the sub-list for method output_type + 2, // [2:2] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 2, // [2:2] is the sub-list for extension extendee + 0, // [0:2] is the sub-list for field type_name +} + +func init() { file_envoy_config_filter_http_authn_v2alpha1_config_proto_init() } +func file_envoy_config_filter_http_authn_v2alpha1_config_proto_init() { + if File_envoy_config_filter_http_authn_v2alpha1_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_config_filter_http_authn_v2alpha1_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FilterConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_config_filter_http_authn_v2alpha1_config_proto_goTypes, + DependencyIndexes: file_envoy_config_filter_http_authn_v2alpha1_config_proto_depIdxs, + MessageInfos: file_envoy_config_filter_http_authn_v2alpha1_config_proto_msgTypes, + }.Build() + File_envoy_config_filter_http_authn_v2alpha1_config_proto = out.File + file_envoy_config_filter_http_authn_v2alpha1_config_proto_rawDesc = nil + file_envoy_config_filter_http_authn_v2alpha1_config_proto_goTypes = nil + file_envoy_config_filter_http_authn_v2alpha1_config_proto_depIdxs = nil +} diff --git a/envoy/config/filter/http/jwt_auth/v2alpha1/config.pb.go b/envoy/config/filter/http/jwt_auth/v2alpha1/config.pb.go new file mode 100644 index 00000000..1b53f190 --- /dev/null +++ b/envoy/config/filter/http/jwt_auth/v2alpha1/config.pb.go @@ -0,0 +1,901 @@ +// Copyright 2018 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/config/filter/http/jwt_auth/v2alpha1/config.proto + +package v2alpha1 + +import ( + duration "github.com/golang/protobuf/ptypes/duration" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Copied from @envoy/api/envoy/api/v2/core/http_uri.proto +// Envoy external URI descriptor +type HttpUri struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The HTTP server URI. It should be a full FQDN with protocol, host and path. + // + // Example: + // + // .. code-block:: yaml + // + // uri: https://www.googleapis.com/oauth2/v1/certs + // + Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"` + // Specify how `uri` is to be fetched. Today, this requires an explicit + // cluster, but in the future we may support dynamic cluster creation or + // inline DNS resolution. See `issue + // `_. + // + // Types that are assignable to HttpUpstreamType: + // *HttpUri_Cluster + HttpUpstreamType isHttpUri_HttpUpstreamType `protobuf_oneof:"http_upstream_type"` + // Sets the maximum duration in milliseconds that a response can take to arrive upon request. + Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"` +} + +func (x *HttpUri) Reset() { + *x = HttpUri{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *HttpUri) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*HttpUri) ProtoMessage() {} + +func (x *HttpUri) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use HttpUri.ProtoReflect.Descriptor instead. +func (*HttpUri) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{0} +} + +func (x *HttpUri) GetUri() string { + if x != nil { + return x.Uri + } + return "" +} + +func (m *HttpUri) GetHttpUpstreamType() isHttpUri_HttpUpstreamType { + if m != nil { + return m.HttpUpstreamType + } + return nil +} + +func (x *HttpUri) GetCluster() string { + if x, ok := x.GetHttpUpstreamType().(*HttpUri_Cluster); ok { + return x.Cluster + } + return "" +} + +func (x *HttpUri) GetTimeout() *duration.Duration { + if x != nil { + return x.Timeout + } + return nil +} + +type isHttpUri_HttpUpstreamType interface { + isHttpUri_HttpUpstreamType() +} + +type HttpUri_Cluster struct { + // A cluster is created in the Envoy "cluster_manager" config + // section. This field specifies the cluster name. + // + // Example: + // + // .. code-block:: yaml + // + // cluster: jwks_cluster + // + Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3,oneof"` +} + +func (*HttpUri_Cluster) isHttpUri_HttpUpstreamType() {} + +// Copied from @envoy/api/envoy/api/v2/core/base.proto +// Data source consisting of either a file or an inline value. +type DataSource struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Types that are assignable to Specifier: + // *DataSource_Filename + // *DataSource_InlineBytes + // *DataSource_InlineString + Specifier isDataSource_Specifier `protobuf_oneof:"specifier"` +} + +func (x *DataSource) Reset() { + *x = DataSource{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *DataSource) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DataSource) ProtoMessage() {} + +func (x *DataSource) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DataSource.ProtoReflect.Descriptor instead. +func (*DataSource) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{1} +} + +func (m *DataSource) GetSpecifier() isDataSource_Specifier { + if m != nil { + return m.Specifier + } + return nil +} + +func (x *DataSource) GetFilename() string { + if x, ok := x.GetSpecifier().(*DataSource_Filename); ok { + return x.Filename + } + return "" +} + +func (x *DataSource) GetInlineBytes() []byte { + if x, ok := x.GetSpecifier().(*DataSource_InlineBytes); ok { + return x.InlineBytes + } + return nil +} + +func (x *DataSource) GetInlineString() string { + if x, ok := x.GetSpecifier().(*DataSource_InlineString); ok { + return x.InlineString + } + return "" +} + +type isDataSource_Specifier interface { + isDataSource_Specifier() +} + +type DataSource_Filename struct { + // Local filesystem data source. + Filename string `protobuf:"bytes,1,opt,name=filename,proto3,oneof"` +} + +type DataSource_InlineBytes struct { + // Bytes inlined in the configuration. + InlineBytes []byte `protobuf:"bytes,2,opt,name=inline_bytes,json=inlineBytes,proto3,oneof"` +} + +type DataSource_InlineString struct { + // String inlined in the configuration. + InlineString string `protobuf:"bytes,3,opt,name=inline_string,json=inlineString,proto3,oneof"` +} + +func (*DataSource_Filename) isDataSource_Specifier() {} + +func (*DataSource_InlineBytes) isDataSource_Specifier() {} + +func (*DataSource_InlineString) isDataSource_Specifier() {} + +// This message specifies how a JSON Web Token (JWT) can be verified. See the [JWT format definition](https://tools.ietf.org/html/rfc7519) +// for details. Please see [OAuth2.0](https://tools.ietf.org/html/rfc6749) and +// [OIDC1.0](http://openid.net/connect) for +// the authentication flow. +// +// Example: +// +// ```yaml +// issuer: https://example.com +// audiences: +// - bookstore_android.apps.googleusercontent.com +// bookstore_web.apps.googleusercontent.com +// remote_jwks: +// - http_uri: +// - uri: https://example.com/.well-known/jwks.json +// cluster: example_jwks_cluster +// cache_duration: +// - seconds: 300 +// ``` +type JwtRule struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Identifies the principal that issued the JWT. See `here + // `_. Usually a URL or an email address. + // + // Example: https://securetoken.google.com + // Example: 1234567-compute@developer.gserviceaccount.com + // + Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"` + // The list of JWT `audiences `_. that are + // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, + // will not check audiences in the token. + // + // Example: + // + // .. code-block:: yaml + // + // audiences: + // - bookstore_android.apps.googleusercontent.com + // bookstore_web.apps.googleusercontent.com + // + Audiences []string `protobuf:"bytes,2,rep,name=audiences,proto3" json:"audiences,omitempty"` + // `JSON Web Key Set `_ is needed. to validate + // signature of the JWT. This field specifies where to fetch JWKS. + // + // Types that are assignable to JwksSourceSpecifier: + // *JwtRule_RemoteJwks + // *JwtRule_LocalJwks + JwksSourceSpecifier isJwtRule_JwksSourceSpecifier `protobuf_oneof:"jwks_source_specifier"` + // If false, the JWT is removed in the request after a success verification. If true, the JWT is + // not removed in the request. Default value is false. + Forward bool `protobuf:"varint,5,opt,name=forward,proto3" json:"forward,omitempty"` + // Specify the HTTP headers to extract JWT token. For examples, following config: + // + // .. code-block:: yaml + // + // from_headers: + // - name: x-goog-iap-jwt-assertion + // + // can be used to extract token from header:: + // + // x-goog-iap-jwt-assertion: . + // + FromHeaders []*JwtHeader `protobuf:"bytes,6,rep,name=from_headers,json=fromHeaders,proto3" json:"from_headers,omitempty"` + // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. + // + // For example, if config is: + // + // .. code-block:: yaml + // + // from_params: + // - jwt_token + // + // The JWT format in query parameter is:: + // + // /path?jwt_token= + // + FromParams []string `protobuf:"bytes,7,rep,name=from_params,json=fromParams,proto3" json:"from_params,omitempty"` + // This field specifies the header name to forward a successfully verified JWT payload to the + // backend. The forwarded data is:: + // + // base64_encoded(jwt_payload_in_JSON) + // + // If it is not specified, the payload will not be forwarded. + // Multiple JWTs in a request from different issuers will be supported. Multiple JWTs from the + // same issuer will not be supported. Each issuer can config this `forward_payload_header`. If + // multiple JWTs from different issuers want to forward their payloads, their + // `forward_payload_header` should be different. + ForwardPayloadHeader string `protobuf:"bytes,8,opt,name=forward_payload_header,json=forwardPayloadHeader,proto3" json:"forward_payload_header,omitempty"` +} + +func (x *JwtRule) Reset() { + *x = JwtRule{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JwtRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JwtRule) ProtoMessage() {} + +func (x *JwtRule) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JwtRule.ProtoReflect.Descriptor instead. +func (*JwtRule) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{2} +} + +func (x *JwtRule) GetIssuer() string { + if x != nil { + return x.Issuer + } + return "" +} + +func (x *JwtRule) GetAudiences() []string { + if x != nil { + return x.Audiences + } + return nil +} + +func (m *JwtRule) GetJwksSourceSpecifier() isJwtRule_JwksSourceSpecifier { + if m != nil { + return m.JwksSourceSpecifier + } + return nil +} + +func (x *JwtRule) GetRemoteJwks() *RemoteJwks { + if x, ok := x.GetJwksSourceSpecifier().(*JwtRule_RemoteJwks); ok { + return x.RemoteJwks + } + return nil +} + +func (x *JwtRule) GetLocalJwks() *DataSource { + if x, ok := x.GetJwksSourceSpecifier().(*JwtRule_LocalJwks); ok { + return x.LocalJwks + } + return nil +} + +func (x *JwtRule) GetForward() bool { + if x != nil { + return x.Forward + } + return false +} + +func (x *JwtRule) GetFromHeaders() []*JwtHeader { + if x != nil { + return x.FromHeaders + } + return nil +} + +func (x *JwtRule) GetFromParams() []string { + if x != nil { + return x.FromParams + } + return nil +} + +func (x *JwtRule) GetForwardPayloadHeader() string { + if x != nil { + return x.ForwardPayloadHeader + } + return "" +} + +type isJwtRule_JwksSourceSpecifier interface { + isJwtRule_JwksSourceSpecifier() +} + +type JwtRule_RemoteJwks struct { + // JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP + // URI and how the fetched JWKS should be cached. + // + // Example: + // + // .. code-block:: yaml + // + // remote_jwks: + // - http_uri: + // - uri: https://www.googleapis.com/oauth2/v1/certs + // cluster: jwt.www.googleapis.com|443 + // cache_duration: + // - seconds: 300 + // + RemoteJwks *RemoteJwks `protobuf:"bytes,3,opt,name=remote_jwks,json=remoteJwks,proto3,oneof"` +} + +type JwtRule_LocalJwks struct { + // JWKS is in local data source. It could be either in a local file or embedded in the + // inline_string. + // + // Example: local file + // + // .. code-block:: yaml + // + // local_jwks: + // - filename: /etc/envoy/jwks/jwks1.txt + // + // Example: inline_string + // + // .. code-block:: yaml + // + // local_jwks: + // - inline_string: "ACADADADADA" + // + LocalJwks *DataSource `protobuf:"bytes,4,opt,name=local_jwks,json=localJwks,proto3,oneof"` +} + +func (*JwtRule_RemoteJwks) isJwtRule_JwksSourceSpecifier() {} + +func (*JwtRule_LocalJwks) isJwtRule_JwksSourceSpecifier() {} + +// This message specifies how to fetch JWKS from remote and how to cache it. +type RemoteJwks struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The HTTP URI to fetch the JWKS. For example: + // + // .. code-block:: yaml + // + // http_uri: + // - uri: https://www.googleapis.com/oauth2/v1/certs + // cluster: jwt.www.googleapis.com|443 + // + HttpUri *HttpUri `protobuf:"bytes,1,opt,name=http_uri,json=httpUri,proto3" json:"http_uri,omitempty"` + // Duration after which the cached JWKS should be expired. If not specified, default cache + // duration is 5 minutes. + CacheDuration *duration.Duration `protobuf:"bytes,2,opt,name=cache_duration,json=cacheDuration,proto3" json:"cache_duration,omitempty"` +} + +func (x *RemoteJwks) Reset() { + *x = RemoteJwks{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RemoteJwks) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RemoteJwks) ProtoMessage() {} + +func (x *RemoteJwks) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RemoteJwks.ProtoReflect.Descriptor instead. +func (*RemoteJwks) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{3} +} + +func (x *RemoteJwks) GetHttpUri() *HttpUri { + if x != nil { + return x.HttpUri + } + return nil +} + +func (x *RemoteJwks) GetCacheDuration() *duration.Duration { + if x != nil { + return x.CacheDuration + } + return nil +} + +// This message specifies a header location to extract JWT token. +type JwtHeader struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The HTTP header name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // The value prefix. The value format is "value_prefix" + // For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the + // end. + ValuePrefix string `protobuf:"bytes,2,opt,name=value_prefix,json=valuePrefix,proto3" json:"value_prefix,omitempty"` +} + +func (x *JwtHeader) Reset() { + *x = JwtHeader{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JwtHeader) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JwtHeader) ProtoMessage() {} + +func (x *JwtHeader) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JwtHeader.ProtoReflect.Descriptor instead. +func (*JwtHeader) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{4} +} + +func (x *JwtHeader) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *JwtHeader) GetValuePrefix() string { + if x != nil { + return x.ValuePrefix + } + return "" +} + +// This is the Envoy HTTP filter config for JWT authentication. +// [#not-implemented-hide:] +type JwtAuthentication struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // List of JWT rules to valide. + Rules []*JwtRule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` + // If true, the request is allowed if JWT is missing or JWT verification fails. + // Default is false, a request without JWT or failed JWT verification is not allowed. + AllowMissingOrFailed bool `protobuf:"varint,2,opt,name=allow_missing_or_failed,json=allowMissingOrFailed,proto3" json:"allow_missing_or_failed,omitempty"` +} + +func (x *JwtAuthentication) Reset() { + *x = JwtAuthentication{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *JwtAuthentication) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*JwtAuthentication) ProtoMessage() {} + +func (x *JwtAuthentication) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use JwtAuthentication.ProtoReflect.Descriptor instead. +func (*JwtAuthentication) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP(), []int{5} +} + +func (x *JwtAuthentication) GetRules() []*JwtRule { + if x != nil { + return x.Rules + } + return nil +} + +func (x *JwtAuthentication) GetAllowMissingOrFailed() bool { + if x != nil { + return x.AllowMissingOrFailed + } + return false +} + +var File_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto protoreflect.FileDescriptor + +var file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDesc = []byte{ + 0x0a, 0x37, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x6a, 0x77, 0x74, 0x5f, 0x61, + 0x75, 0x74, 0x68, 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x30, 0x69, 0x73, 0x74, 0x69, 0x6f, + 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, + 0x74, 0x68, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x82, 0x01, 0x0a, 0x07, + 0x48, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x69, 0x12, 0x1a, 0x0a, 0x07, 0x63, 0x6c, 0x75, + 0x73, 0x74, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x07, 0x63, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x42, 0x14, 0x0a, 0x12, 0x68, 0x74, + 0x74, 0x70, 0x5f, 0x75, 0x70, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65, + 0x22, 0x83, 0x01, 0x0a, 0x0a, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, + 0x1c, 0x0a, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x48, 0x00, 0x52, 0x08, 0x66, 0x69, 0x6c, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x23, 0x0a, + 0x0c, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x0c, 0x48, 0x00, 0x52, 0x0b, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x42, 0x79, 0x74, + 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0d, 0x69, 0x6e, 0x6c, 0x69, 0x6e, 0x65, 0x5f, 0x73, 0x74, 0x72, + 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0c, 0x69, 0x6e, 0x6c, + 0x69, 0x6e, 0x65, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x42, 0x0b, 0x0a, 0x09, 0x73, 0x70, 0x65, + 0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x22, 0xe9, 0x03, 0x0a, 0x07, 0x4a, 0x77, 0x74, 0x52, 0x75, + 0x6c, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x06, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x75, + 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x09, 0x61, + 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x12, 0x5f, 0x0a, 0x0b, 0x72, 0x65, 0x6d, 0x6f, + 0x74, 0x65, 0x5f, 0x6a, 0x77, 0x6b, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e, + 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x6a, + 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, + 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x4a, 0x77, 0x6b, 0x73, 0x48, 0x00, 0x52, 0x0a, 0x72, + 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x4a, 0x77, 0x6b, 0x73, 0x12, 0x5d, 0x0a, 0x0a, 0x6c, 0x6f, 0x63, + 0x61, 0x6c, 0x5f, 0x6a, 0x77, 0x6b, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x3c, 0x2e, + 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x6a, + 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, + 0x2e, 0x44, 0x61, 0x74, 0x61, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x48, 0x00, 0x52, 0x09, 0x6c, + 0x6f, 0x63, 0x61, 0x6c, 0x4a, 0x77, 0x6b, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x66, 0x6f, 0x72, 0x77, + 0x61, 0x72, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x66, 0x6f, 0x72, 0x77, 0x61, + 0x72, 0x64, 0x12, 0x5e, 0x0a, 0x0c, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, + 0x72, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x3b, 0x2e, 0x69, 0x73, 0x74, 0x69, 0x6f, + 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, + 0x74, 0x68, 0x2e, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x4a, 0x77, 0x74, 0x48, + 0x65, 0x61, 0x64, 0x65, 0x72, 0x52, 0x0b, 0x66, 0x72, 0x6f, 0x6d, 0x48, 0x65, 0x61, 0x64, 0x65, + 0x72, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, + 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x66, 0x72, 0x6f, 0x6d, 0x50, 0x61, 0x72, + 0x61, 0x6d, 0x73, 0x12, 0x34, 0x0a, 0x16, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x5f, 0x70, + 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x14, 0x66, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x50, 0x61, 0x79, 0x6c, + 0x6f, 0x61, 0x64, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x42, 0x17, 0x0a, 0x15, 0x6a, 0x77, 0x6b, + 0x73, 0x5f, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x69, 0x66, 0x69, + 0x65, 0x72, 0x22, 0xa4, 0x01, 0x0a, 0x0a, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x4a, 0x77, 0x6b, + 0x73, 0x12, 0x54, 0x0a, 0x08, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, + 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, + 0x68, 0x74, 0x74, 0x70, 0x2e, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x76, 0x32, + 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x52, 0x07, + 0x68, 0x74, 0x74, 0x70, 0x55, 0x72, 0x69, 0x12, 0x40, 0x0a, 0x0e, 0x63, 0x61, 0x63, 0x68, 0x65, + 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x63, 0x61, 0x63, 0x68, + 0x65, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x42, 0x0a, 0x09, 0x4a, 0x77, 0x74, + 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0b, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x22, 0x9b, 0x01, + 0x0a, 0x11, 0x4a, 0x77, 0x74, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x4f, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x39, 0x2e, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, + 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2e, 0x68, + 0x74, 0x74, 0x70, 0x2e, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x76, 0x32, 0x61, + 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x4a, 0x77, 0x74, 0x52, 0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, + 0x75, 0x6c, 0x65, 0x73, 0x12, 0x35, 0x0a, 0x17, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x6d, 0x69, + 0x73, 0x73, 0x69, 0x6e, 0x67, 0x5f, 0x6f, 0x72, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x4d, 0x69, 0x73, 0x73, + 0x69, 0x6e, 0x67, 0x4f, 0x72, 0x46, 0x61, 0x69, 0x6c, 0x65, 0x64, 0x42, 0x39, 0x5a, 0x37, 0x69, + 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, + 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, + 0x68, 0x74, 0x74, 0x70, 0x2f, 0x6a, 0x77, 0x74, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x76, 0x32, + 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescOnce sync.Once + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescData = file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDesc +) + +func file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescGZIP() []byte { + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescOnce.Do(func() { + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescData) + }) + return file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDescData +} + +var file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_goTypes = []interface{}{ + (*HttpUri)(nil), // 0: istio.envoy.config.filter.http.jwt_auth.v2alpha1.HttpUri + (*DataSource)(nil), // 1: istio.envoy.config.filter.http.jwt_auth.v2alpha1.DataSource + (*JwtRule)(nil), // 2: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtRule + (*RemoteJwks)(nil), // 3: istio.envoy.config.filter.http.jwt_auth.v2alpha1.RemoteJwks + (*JwtHeader)(nil), // 4: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtHeader + (*JwtAuthentication)(nil), // 5: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtAuthentication + (*duration.Duration)(nil), // 6: google.protobuf.Duration +} +var file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_depIdxs = []int32{ + 6, // 0: istio.envoy.config.filter.http.jwt_auth.v2alpha1.HttpUri.timeout:type_name -> google.protobuf.Duration + 3, // 1: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtRule.remote_jwks:type_name -> istio.envoy.config.filter.http.jwt_auth.v2alpha1.RemoteJwks + 1, // 2: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtRule.local_jwks:type_name -> istio.envoy.config.filter.http.jwt_auth.v2alpha1.DataSource + 4, // 3: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtRule.from_headers:type_name -> istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtHeader + 0, // 4: istio.envoy.config.filter.http.jwt_auth.v2alpha1.RemoteJwks.http_uri:type_name -> istio.envoy.config.filter.http.jwt_auth.v2alpha1.HttpUri + 6, // 5: istio.envoy.config.filter.http.jwt_auth.v2alpha1.RemoteJwks.cache_duration:type_name -> google.protobuf.Duration + 2, // 6: istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtAuthentication.rules:type_name -> istio.envoy.config.filter.http.jwt_auth.v2alpha1.JwtRule + 7, // [7:7] is the sub-list for method output_type + 7, // [7:7] is the sub-list for method input_type + 7, // [7:7] is the sub-list for extension type_name + 7, // [7:7] is the sub-list for extension extendee + 0, // [0:7] is the sub-list for field type_name +} + +func init() { file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_init() } +func file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_init() { + if File_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HttpUri); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*DataSource); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*JwtRule); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RemoteJwks); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*JwtHeader); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*JwtAuthentication); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[0].OneofWrappers = []interface{}{ + (*HttpUri_Cluster)(nil), + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[1].OneofWrappers = []interface{}{ + (*DataSource_Filename)(nil), + (*DataSource_InlineBytes)(nil), + (*DataSource_InlineString)(nil), + } + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes[2].OneofWrappers = []interface{}{ + (*JwtRule_RemoteJwks)(nil), + (*JwtRule_LocalJwks)(nil), + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDesc, + NumEnums: 0, + NumMessages: 6, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_goTypes, + DependencyIndexes: file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_depIdxs, + MessageInfos: file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_msgTypes, + }.Build() + File_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto = out.File + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_rawDesc = nil + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_goTypes = nil + file_envoy_config_filter_http_jwt_auth_v2alpha1_config_proto_depIdxs = nil +} diff --git a/envoy/config/filter/network/metadata_exchange/metadata_exchange.pb.go b/envoy/config/filter/network/metadata_exchange/metadata_exchange.pb.go new file mode 100644 index 00000000..b756c7e9 --- /dev/null +++ b/envoy/config/filter/network/metadata_exchange/metadata_exchange.pb.go @@ -0,0 +1,173 @@ +// Copyright 2019 Istio Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/config/filter/network/metadata_exchange/metadata_exchange.proto + +package metadata_exchange + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// [#protodoc-title: MetadataExchange protocol match and data transfer] +// MetadataExchange protocol match and data transfer +type MetadataExchange struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Protocol that Alpn should support on the server. + // [#comment:TODO(GargNupur): Make it a list.] + Protocol string `protobuf:"bytes,1,opt,name=protocol,proto3" json:"protocol,omitempty"` +} + +func (x *MetadataExchange) Reset() { + *x = MetadataExchange{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *MetadataExchange) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MetadataExchange) ProtoMessage() {} + +func (x *MetadataExchange) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MetadataExchange.ProtoReflect.Descriptor instead. +func (*MetadataExchange) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescGZIP(), []int{0} +} + +func (x *MetadataExchange) GetProtocol() string { + if x != nil { + return x.Protocol + } + return "" +} + +var File_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto protoreflect.FileDescriptor + +var file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDesc = []byte{ + 0x0a, 0x45, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2f, 0x6d, 0x65, + 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x2f, + 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x21, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x74, + 0x63, 0x70, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x65, 0x78, 0x63, 0x68, 0x61, + 0x6e, 0x67, 0x65, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x2e, 0x0a, 0x10, 0x4d, 0x65, + 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x1a, + 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x42, 0x86, 0x01, 0x0a, 0x2f, 0x69, + 0x6f, 0x2e, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x65, 0x6e, 0x76, + 0x6f, 0x79, 0x2e, 0x74, 0x63, 0x70, 0x2e, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x65, + 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x15, + 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, + 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3a, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x69, + 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, + 0x6b, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x65, 0x78, 0x63, 0x68, 0x61, + 0x6e, 0x67, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescOnce sync.Once + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescData = file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDesc +) + +func file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescGZIP() []byte { + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescOnce.Do(func() { + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescData) + }) + return file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDescData +} + +var file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_goTypes = []interface{}{ + (*MetadataExchange)(nil), // 0: envoy.tcp.metadataexchange.config.MetadataExchange +} +var file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_init() } +func file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_init() { + if File_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*MetadataExchange); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_goTypes, + DependencyIndexes: file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_depIdxs, + MessageInfos: file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_msgTypes, + }.Build() + File_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto = out.File + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_rawDesc = nil + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_goTypes = nil + file_envoy_config_filter_network_metadata_exchange_metadata_exchange_proto_depIdxs = nil +} diff --git a/envoy/config/filter/network/metadata_exchange/metadata_exchange.proto b/envoy/config/filter/network/metadata_exchange/metadata_exchange.proto new file mode 100644 index 00000000..2524e788 --- /dev/null +++ b/envoy/config/filter/network/metadata_exchange/metadata_exchange.proto @@ -0,0 +1,31 @@ +/* Copyright 2019 Istio Authors. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +syntax = "proto3"; + +package envoy.tcp.metadataexchange.config; + +option java_outer_classname = "MetadataExchangeProto"; +option java_multiple_files = true; +option java_package = "io.envoyproxy.envoy.tcp.metadataexchange.config"; +option go_package = "istio.io/api/envoy/config/filter/network/metadata_exchange"; + +// [#protodoc-title: MetadataExchange protocol match and data transfer] +// MetadataExchange protocol match and data transfer +message MetadataExchange { + // Protocol that Alpn should support on the server. + // [#comment:TODO(GargNupur): Make it a list.] + string protocol = 1; +} diff --git a/envoy/config/filter/network/tcp_cluster_rewrite/v2alpha1/config.pb.go b/envoy/config/filter/network/tcp_cluster_rewrite/v2alpha1/config.pb.go new file mode 100644 index 00000000..0cb54751 --- /dev/null +++ b/envoy/config/filter/network/tcp_cluster_rewrite/v2alpha1/config.pb.go @@ -0,0 +1,184 @@ +// Copyright 2018 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/config/filter/network/tcp_cluster_rewrite/v2alpha1/config.proto + +// $title: TCP cluster rewrite filter configuration for Envoy. + +package v2alpha1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// TcpClusterRewrite is the config for the TCP cluster rewrite filter. +type TcpClusterRewrite struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Specifies the regex pattern to be matched in the cluster name. + ClusterPattern string `protobuf:"bytes,1,opt,name=cluster_pattern,json=clusterPattern,proto3" json:"cluster_pattern,omitempty"` + // Specifies the replacement for the matched cluster pattern. + ClusterReplacement string `protobuf:"bytes,2,opt,name=cluster_replacement,json=clusterReplacement,proto3" json:"cluster_replacement,omitempty"` +} + +func (x *TcpClusterRewrite) Reset() { + *x = TcpClusterRewrite{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *TcpClusterRewrite) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TcpClusterRewrite) ProtoMessage() {} + +func (x *TcpClusterRewrite) ProtoReflect() protoreflect.Message { + mi := &file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TcpClusterRewrite.ProtoReflect.Descriptor instead. +func (*TcpClusterRewrite) Descriptor() ([]byte, []int) { + return file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescGZIP(), []int{0} +} + +func (x *TcpClusterRewrite) GetClusterPattern() string { + if x != nil { + return x.ClusterPattern + } + return "" +} + +func (x *TcpClusterRewrite) GetClusterReplacement() string { + if x != nil { + return x.ClusterReplacement + } + return "" +} + +var File_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto protoreflect.FileDescriptor + +var file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDesc = []byte{ + 0x0a, 0x45, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x66, + 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2f, 0x74, 0x63, + 0x70, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, + 0x65, 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x3e, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x65, + 0x6e, 0x76, 0x6f, 0x79, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x66, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x2e, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x2e, 0x74, 0x63, 0x70, 0x5f, 0x63, + 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x2e, 0x76, + 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x22, 0x6d, 0x0a, 0x11, 0x54, 0x63, 0x70, 0x43, 0x6c, + 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0x27, 0x0a, 0x0f, + 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x50, 0x61, + 0x74, 0x74, 0x65, 0x72, 0x6e, 0x12, 0x2f, 0x0a, 0x13, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, + 0x5f, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x12, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x52, 0x65, 0x70, 0x6c, 0x61, + 0x63, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x42, 0x47, 0x5a, 0x45, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, + 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2f, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x2f, 0x6e, 0x65, 0x74, 0x77, 0x6f, + 0x72, 0x6b, 0x2f, 0x74, 0x63, 0x70, 0x5f, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x5f, 0x72, + 0x65, 0x77, 0x72, 0x69, 0x74, 0x65, 0x2f, 0x76, 0x32, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescOnce sync.Once + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescData = file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDesc +) + +func file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescGZIP() []byte { + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescOnce.Do(func() { + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescData) + }) + return file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDescData +} + +var file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_goTypes = []interface{}{ + (*TcpClusterRewrite)(nil), // 0: istio.envoy.config.filter.network.tcp_cluster_rewrite.v2alpha1.TcpClusterRewrite +} +var file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_init() } +func file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_init() { + if File_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*TcpClusterRewrite); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_goTypes, + DependencyIndexes: file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_depIdxs, + MessageInfos: file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_msgTypes, + }.Build() + File_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto = out.File + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_rawDesc = nil + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_goTypes = nil + file_envoy_config_filter_network_tcp_cluster_rewrite_v2alpha1_config_proto_depIdxs = nil +} diff --git a/envoy/extensions/stackdriver/config/v1alpha1/config.pb.go b/envoy/extensions/stackdriver/config/v1alpha1/config.pb.go new file mode 100644 index 00000000..288e9e8d --- /dev/null +++ b/envoy/extensions/stackdriver/config/v1alpha1/config.pb.go @@ -0,0 +1,572 @@ +// Copyright 2019 Istio Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/extensions/stackdriver/config/v1alpha1/config.proto + +// clang-format off +// $title: Stackdriver Config +// $description: Configuration for Stackdriver filter. +// $location: https://istio.io/docs/reference/config/proxy_extensions/stackdriver.html +// $weight: 20 +// clang-format on + +package v1alpha1 + +import ( + duration "github.com/golang/protobuf/ptypes/duration" + wrappers "github.com/golang/protobuf/ptypes/wrappers" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// Types of Access logs to export. Does not affect audit logging. +type PluginConfig_AccessLogging int32 + +const ( + // No Logs. + PluginConfig_NONE PluginConfig_AccessLogging = 0 + // All logs including both success and error logs. + PluginConfig_FULL PluginConfig_AccessLogging = 1 + // All error logs. This is currently only available for outbound/client side + // logs. A request is classified as error when `status>=400 or + // response_flag != "-"` + PluginConfig_ERRORS_ONLY PluginConfig_AccessLogging = 2 +) + +// Enum value maps for PluginConfig_AccessLogging. +var ( + PluginConfig_AccessLogging_name = map[int32]string{ + 0: "NONE", + 1: "FULL", + 2: "ERRORS_ONLY", + } + PluginConfig_AccessLogging_value = map[string]int32{ + "NONE": 0, + "FULL": 1, + "ERRORS_ONLY": 2, + } +) + +func (x PluginConfig_AccessLogging) Enum() *PluginConfig_AccessLogging { + p := new(PluginConfig_AccessLogging) + *p = x + return p +} + +func (x PluginConfig_AccessLogging) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (PluginConfig_AccessLogging) Descriptor() protoreflect.EnumDescriptor { + return file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_enumTypes[0].Descriptor() +} + +func (PluginConfig_AccessLogging) Type() protoreflect.EnumType { + return &file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_enumTypes[0] +} + +func (x PluginConfig_AccessLogging) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use PluginConfig_AccessLogging.Descriptor instead. +func (PluginConfig_AccessLogging) EnumDescriptor() ([]byte, []int) { + return file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescGZIP(), []int{1, 0} +} + +// Custom instance configuration overrides. +// Provides a way to customize metrics/logs. +type CustomConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // (Optional) Collection of tag names and tag expressions to include in the + // instance. Conflicts are resolved by the tag name by overriding previously + // supplied values. + Dimensions map[string]string `protobuf:"bytes,1,rep,name=dimensions,proto3" json:"dimensions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // (Optional) A list of tags to remove. + // Not implemented yet. + // $hide_from_docs + TagsToRemove []string `protobuf:"bytes,2,rep,name=tags_to_remove,json=tagsToRemove,proto3" json:"tags_to_remove,omitempty"` +} + +func (x *CustomConfig) Reset() { + *x = CustomConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CustomConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CustomConfig) ProtoMessage() {} + +func (x *CustomConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CustomConfig.ProtoReflect.Descriptor instead. +func (*CustomConfig) Descriptor() ([]byte, []int) { + return file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescGZIP(), []int{0} +} + +func (x *CustomConfig) GetDimensions() map[string]string { + if x != nil { + return x.Dimensions + } + return nil +} + +func (x *CustomConfig) GetTagsToRemove() []string { + if x != nil { + return x.TagsToRemove + } + return nil +} + +// next id: 15 +type PluginConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional. Controls whether to export server access log. + // This is deprecated in favor of AccessLogging enum. + // + // Deprecated: Do not use. + DisableServerAccessLogging bool `protobuf:"varint,1,opt,name=disable_server_access_logging,json=disableServerAccessLogging,proto3" json:"disable_server_access_logging,omitempty"` + // Optional. Allows configuration of the size of the LogWrite request. The + // size is in bytes, so that it allows for better performance. Default is 4MB. + // The size of one log entry within LogWrite request is approx 1Kb. + MaxLogBatchSizeInBytes int32 `protobuf:"varint,12,opt,name=max_log_batch_size_in_bytes,json=maxLogBatchSizeInBytes,proto3" json:"max_log_batch_size_in_bytes,omitempty"` + // Optional. Allows configuration of the time between calls out to the + // stackdriver logging service to report buffered LogWrite request. + // Customers can choose to report more aggressively by keeping shorter report + // interval if needed. Default is 10s. + LogReportDuration *duration.Duration `protobuf:"bytes,13,opt,name=log_report_duration,json=logReportDuration,proto3" json:"log_report_duration,omitempty"` + // Optional. Controls whether to export audit log. + EnableAuditLog bool `protobuf:"varint,11,opt,name=enable_audit_log,json=enableAuditLog,proto3" json:"enable_audit_log,omitempty"` + // Optional. FQDN of destination service that the request routed to, e.g. + // productpage.default.svc.cluster.local. If not provided, request host header + // will be used instead + DestinationServiceName string `protobuf:"bytes,2,opt,name=destination_service_name,json=destinationServiceName,proto3" json:"destination_service_name,omitempty"` + // Optional. Controls whether or not to export mesh edges to a mesh edges + // service. This is disabled by default. + // Deprecated -- Mesh edge reporting is no longer supported and this setting + // is no-op. + // + // Deprecated: Do not use. + EnableMeshEdgesReporting bool `protobuf:"varint,3,opt,name=enable_mesh_edges_reporting,json=enableMeshEdgesReporting,proto3" json:"enable_mesh_edges_reporting,omitempty"` + // Optional. Allows configuration of the time between calls out to the mesh + // edges service to report *NEW* edges. The minimum configurable duration is + // `10s`. NOTE: This option ONLY configures the intermediate reporting of + // novel edges. Once every `10m`, all edges observed in that 10m window are + // reported and the local cache is cleared. + // The default duration is `1m`. Any value greater than `10m` will result in + // reporting every `10m`. + // Deprecated -- Mesh edge reporting is no longer supported and this setting + // is no-op. + // + // Deprecated: Do not use. + MeshEdgesReportingDuration *duration.Duration `protobuf:"bytes,4,opt,name=mesh_edges_reporting_duration,json=meshEdgesReportingDuration,proto3" json:"mesh_edges_reporting_duration,omitempty"` + // maximum size of the peer metadata cache. + // A long lived proxy that connects with many transient peers can build up a + // large cache. To turn off the cache, set this field to a negative value. + MaxPeerCacheSize int32 `protobuf:"varint,5,opt,name=max_peer_cache_size,json=maxPeerCacheSize,proto3" json:"max_peer_cache_size,omitempty"` + // Optional: Disable using host header as a fallback if destination service is + // not available from the controlplane. Disable the fallback if the host + // header originates outsides the mesh, like at ingress. + DisableHostHeaderFallback bool `protobuf:"varint,6,opt,name=disable_host_header_fallback,json=disableHostHeaderFallback,proto3" json:"disable_host_header_fallback,omitempty"` + // Optional. Allows configuration of the number of traffic assertions to batch + // into a single request. Default is 100. Max is 1000. + MaxEdgesBatchSize int32 `protobuf:"varint,7,opt,name=max_edges_batch_size,json=maxEdgesBatchSize,proto3" json:"max_edges_batch_size,omitempty"` + // Optional. Allows disabling of reporting of the request and response size + // metrics for HTTP traffic. Defaults to false (request and response size + // metrics are enabled). + DisableHttpSizeMetrics bool `protobuf:"varint,8,opt,name=disable_http_size_metrics,json=disableHttpSizeMetrics,proto3" json:"disable_http_size_metrics,omitempty"` + // Optional. Allows enabling log compression for stackdriver access logs. + EnableLogCompression *wrappers.BoolValue `protobuf:"bytes,9,opt,name=enable_log_compression,json=enableLogCompression,proto3" json:"enable_log_compression,omitempty"` + // Optional. Controls what type of logs to export.. + AccessLogging PluginConfig_AccessLogging `protobuf:"varint,10,opt,name=access_logging,json=accessLogging,proto3,enum=stackdriver.config.v1alpha1.PluginConfig_AccessLogging" json:"access_logging,omitempty"` + // (Optional) Collection of tag names and tag expressions to include in the + // logs. Conflicts are resolved by the tag name by overriding previously + // supplied values. Does not apply to audit logs. + // See + // https://istio.io/latest/docs/tasks/observability/metrics/customize-metrics/#use-expressions-for-values + // for more details about the expression language. + CustomLogConfig *CustomConfig `protobuf:"bytes,14,opt,name=custom_log_config,json=customLogConfig,proto3" json:"custom_log_config,omitempty"` + // Optional. Controls the metric expiry duration. If a metric time series is + // not updated for the given duration, it will be purged from time series + // cache as well as metric reporting. If this is not set or set to 0, time + // series will never be expired. This option is useful to avoid unbounded + // metric label explodes proxy memory. + MetricExpiryDuration *duration.Duration `protobuf:"bytes,15,opt,name=metric_expiry_duration,json=metricExpiryDuration,proto3" json:"metric_expiry_duration,omitempty"` +} + +func (x *PluginConfig) Reset() { + *x = PluginConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PluginConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PluginConfig) ProtoMessage() {} + +func (x *PluginConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PluginConfig.ProtoReflect.Descriptor instead. +func (*PluginConfig) Descriptor() ([]byte, []int) { + return file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescGZIP(), []int{1} +} + +// Deprecated: Do not use. +func (x *PluginConfig) GetDisableServerAccessLogging() bool { + if x != nil { + return x.DisableServerAccessLogging + } + return false +} + +func (x *PluginConfig) GetMaxLogBatchSizeInBytes() int32 { + if x != nil { + return x.MaxLogBatchSizeInBytes + } + return 0 +} + +func (x *PluginConfig) GetLogReportDuration() *duration.Duration { + if x != nil { + return x.LogReportDuration + } + return nil +} + +func (x *PluginConfig) GetEnableAuditLog() bool { + if x != nil { + return x.EnableAuditLog + } + return false +} + +func (x *PluginConfig) GetDestinationServiceName() string { + if x != nil { + return x.DestinationServiceName + } + return "" +} + +// Deprecated: Do not use. +func (x *PluginConfig) GetEnableMeshEdgesReporting() bool { + if x != nil { + return x.EnableMeshEdgesReporting + } + return false +} + +// Deprecated: Do not use. +func (x *PluginConfig) GetMeshEdgesReportingDuration() *duration.Duration { + if x != nil { + return x.MeshEdgesReportingDuration + } + return nil +} + +func (x *PluginConfig) GetMaxPeerCacheSize() int32 { + if x != nil { + return x.MaxPeerCacheSize + } + return 0 +} + +func (x *PluginConfig) GetDisableHostHeaderFallback() bool { + if x != nil { + return x.DisableHostHeaderFallback + } + return false +} + +func (x *PluginConfig) GetMaxEdgesBatchSize() int32 { + if x != nil { + return x.MaxEdgesBatchSize + } + return 0 +} + +func (x *PluginConfig) GetDisableHttpSizeMetrics() bool { + if x != nil { + return x.DisableHttpSizeMetrics + } + return false +} + +func (x *PluginConfig) GetEnableLogCompression() *wrappers.BoolValue { + if x != nil { + return x.EnableLogCompression + } + return nil +} + +func (x *PluginConfig) GetAccessLogging() PluginConfig_AccessLogging { + if x != nil { + return x.AccessLogging + } + return PluginConfig_NONE +} + +func (x *PluginConfig) GetCustomLogConfig() *CustomConfig { + if x != nil { + return x.CustomLogConfig + } + return nil +} + +func (x *PluginConfig) GetMetricExpiryDuration() *duration.Duration { + if x != nil { + return x.MetricExpiryDuration + } + return nil +} + +var File_envoy_extensions_stackdriver_config_v1alpha1_config_proto protoreflect.FileDescriptor + +var file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDesc = []byte{ + 0x0a, 0x39, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2f, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2f, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x73, 0x74, 0x61, + 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x77, 0x72, 0x61, 0x70, 0x70, 0x65, + 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xce, 0x01, 0x0a, 0x0c, 0x43, 0x75, 0x73, + 0x74, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x59, 0x0a, 0x0a, 0x64, 0x69, 0x6d, + 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x39, 0x2e, + 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2e, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x43, 0x75, 0x73, 0x74, + 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x69, 0x6d, 0x65, 0x6e, 0x73, 0x69, + 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0a, 0x64, 0x69, 0x6d, 0x65, 0x6e, 0x73, + 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0e, 0x74, 0x61, 0x67, 0x73, 0x5f, 0x74, 0x6f, 0x5f, + 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x74, 0x61, + 0x67, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x1a, 0x3d, 0x0a, 0x0f, 0x44, 0x69, + 0x6d, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, + 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, + 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xd2, 0x08, 0x0a, 0x0c, 0x50, 0x6c, + 0x75, 0x67, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x45, 0x0a, 0x1d, 0x64, 0x69, + 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x61, 0x63, 0x63, + 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x67, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x1a, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x53, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x67, 0x69, 0x6e, + 0x67, 0x12, 0x3b, 0x0a, 0x1b, 0x6d, 0x61, 0x78, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x62, 0x61, 0x74, + 0x63, 0x68, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x69, 0x6e, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, + 0x18, 0x0c, 0x20, 0x01, 0x28, 0x05, 0x52, 0x16, 0x6d, 0x61, 0x78, 0x4c, 0x6f, 0x67, 0x42, 0x61, + 0x74, 0x63, 0x68, 0x53, 0x69, 0x7a, 0x65, 0x49, 0x6e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x49, + 0x0a, 0x13, 0x6c, 0x6f, 0x67, 0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x64, 0x75, 0x72, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, + 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x11, 0x6c, 0x6f, 0x67, 0x52, 0x65, 0x70, 0x6f, 0x72, + 0x74, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x28, 0x0a, 0x10, 0x65, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x5f, 0x61, 0x75, 0x64, 0x69, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x0b, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x0e, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x75, 0x64, 0x69, 0x74, + 0x4c, 0x6f, 0x67, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, + 0x1b, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6d, 0x65, 0x73, 0x68, 0x5f, 0x65, 0x64, 0x67, + 0x65, 0x73, 0x5f, 0x72, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x18, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x4d, 0x65, + 0x73, 0x68, 0x45, 0x64, 0x67, 0x65, 0x73, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, + 0x12, 0x60, 0x0a, 0x1d, 0x6d, 0x65, 0x73, 0x68, 0x5f, 0x65, 0x64, 0x67, 0x65, 0x73, 0x5f, 0x72, + 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x42, 0x02, 0x18, 0x01, 0x52, 0x1a, 0x6d, 0x65, 0x73, 0x68, 0x45, 0x64, 0x67, 0x65, + 0x73, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x12, 0x2d, 0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x63, + 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, + 0x10, 0x6d, 0x61, 0x78, 0x50, 0x65, 0x65, 0x72, 0x43, 0x61, 0x63, 0x68, 0x65, 0x53, 0x69, 0x7a, + 0x65, 0x12, 0x3f, 0x0a, 0x1c, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, 0x6f, 0x73, + 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, + 0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, + 0x48, 0x6f, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61, + 0x63, 0x6b, 0x12, 0x2f, 0x0a, 0x14, 0x6d, 0x61, 0x78, 0x5f, 0x65, 0x64, 0x67, 0x65, 0x73, 0x5f, + 0x62, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x05, + 0x52, 0x11, 0x6d, 0x61, 0x78, 0x45, 0x64, 0x67, 0x65, 0x73, 0x42, 0x61, 0x74, 0x63, 0x68, 0x53, + 0x69, 0x7a, 0x65, 0x12, 0x39, 0x0a, 0x19, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, + 0x74, 0x74, 0x70, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, + 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x48, + 0x74, 0x74, 0x70, 0x53, 0x69, 0x7a, 0x65, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x12, 0x50, + 0x0a, 0x16, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x63, 0x6f, 0x6d, + 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x14, 0x65, 0x6e, 0x61, 0x62, + 0x6c, 0x65, 0x4c, 0x6f, 0x67, 0x43, 0x6f, 0x6d, 0x70, 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, + 0x12, 0x5e, 0x0a, 0x0e, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x6f, 0x67, 0x67, 0x69, + 0x6e, 0x67, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x37, 0x2e, 0x73, 0x74, 0x61, 0x63, 0x6b, + 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x76, 0x31, + 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x50, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x43, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x2e, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x67, 0x69, 0x6e, + 0x67, 0x52, 0x0d, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x67, 0x69, 0x6e, 0x67, + 0x12, 0x55, 0x0a, 0x11, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6c, 0x6f, 0x67, 0x5f, 0x63, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x73, 0x74, + 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2e, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x2e, 0x43, 0x75, 0x73, 0x74, 0x6f, 0x6d, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x4c, 0x6f, + 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x4f, 0x0a, 0x16, 0x6d, 0x65, 0x74, 0x72, 0x69, + 0x63, 0x5f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x79, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x52, 0x14, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x45, 0x78, 0x70, 0x69, 0x72, 0x79, + 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x34, 0x0a, 0x0d, 0x41, 0x63, 0x63, 0x65, + 0x73, 0x73, 0x4c, 0x6f, 0x67, 0x67, 0x69, 0x6e, 0x67, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, + 0x45, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x46, 0x55, 0x4c, 0x4c, 0x10, 0x01, 0x12, 0x0f, 0x0a, + 0x0b, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x53, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x02, 0x42, 0x3b, + 0x5a, 0x39, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, + 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, + 0x73, 0x74, 0x61, 0x63, 0x6b, 0x64, 0x72, 0x69, 0x76, 0x65, 0x72, 0x2f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescOnce sync.Once + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescData = file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDesc +) + +func file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescGZIP() []byte { + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescOnce.Do(func() { + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescData) + }) + return file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDescData +} + +var file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_goTypes = []interface{}{ + (PluginConfig_AccessLogging)(0), // 0: stackdriver.config.v1alpha1.PluginConfig.AccessLogging + (*CustomConfig)(nil), // 1: stackdriver.config.v1alpha1.CustomConfig + (*PluginConfig)(nil), // 2: stackdriver.config.v1alpha1.PluginConfig + nil, // 3: stackdriver.config.v1alpha1.CustomConfig.DimensionsEntry + (*duration.Duration)(nil), // 4: google.protobuf.Duration + (*wrappers.BoolValue)(nil), // 5: google.protobuf.BoolValue +} +var file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_depIdxs = []int32{ + 3, // 0: stackdriver.config.v1alpha1.CustomConfig.dimensions:type_name -> stackdriver.config.v1alpha1.CustomConfig.DimensionsEntry + 4, // 1: stackdriver.config.v1alpha1.PluginConfig.log_report_duration:type_name -> google.protobuf.Duration + 4, // 2: stackdriver.config.v1alpha1.PluginConfig.mesh_edges_reporting_duration:type_name -> google.protobuf.Duration + 5, // 3: stackdriver.config.v1alpha1.PluginConfig.enable_log_compression:type_name -> google.protobuf.BoolValue + 0, // 4: stackdriver.config.v1alpha1.PluginConfig.access_logging:type_name -> stackdriver.config.v1alpha1.PluginConfig.AccessLogging + 1, // 5: stackdriver.config.v1alpha1.PluginConfig.custom_log_config:type_name -> stackdriver.config.v1alpha1.CustomConfig + 4, // 6: stackdriver.config.v1alpha1.PluginConfig.metric_expiry_duration:type_name -> google.protobuf.Duration + 7, // [7:7] is the sub-list for method output_type + 7, // [7:7] is the sub-list for method input_type + 7, // [7:7] is the sub-list for extension type_name + 7, // [7:7] is the sub-list for extension extendee + 0, // [0:7] is the sub-list for field type_name +} + +func init() { file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_init() } +func file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_init() { + if File_envoy_extensions_stackdriver_config_v1alpha1_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CustomConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PluginConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDesc, + NumEnums: 1, + NumMessages: 3, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_goTypes, + DependencyIndexes: file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_depIdxs, + EnumInfos: file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_enumTypes, + MessageInfos: file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_msgTypes, + }.Build() + File_envoy_extensions_stackdriver_config_v1alpha1_config_proto = out.File + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_rawDesc = nil + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_goTypes = nil + file_envoy_extensions_stackdriver_config_v1alpha1_config_proto_depIdxs = nil +} diff --git a/envoy/extensions/stackdriver/config/v1alpha1/config.proto b/envoy/extensions/stackdriver/config/v1alpha1/config.proto new file mode 100644 index 00000000..1ab6118f --- /dev/null +++ b/envoy/extensions/stackdriver/config/v1alpha1/config.proto @@ -0,0 +1,140 @@ +/* Copyright 2019 Istio Authors. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +syntax = "proto3"; + +// clang-format off +// $title: Stackdriver Config +// $description: Configuration for Stackdriver filter. +// $location: https://istio.io/docs/reference/config/proxy_extensions/stackdriver.html +// $weight: 20 +// clang-format on + +package stackdriver.config.v1alpha1; + +option go_package = "istio.io/api/envoy/extensions/stackdriver/config/v1alpha1"; + +import "google/protobuf/duration.proto"; +import "google/protobuf/wrappers.proto"; + +// Custom instance configuration overrides. +// Provides a way to customize metrics/logs. +message CustomConfig { + // (Optional) Collection of tag names and tag expressions to include in the + // instance. Conflicts are resolved by the tag name by overriding previously + // supplied values. + map dimensions = 1; + + // (Optional) A list of tags to remove. + // Not implemented yet. + // $hide_from_docs + repeated string tags_to_remove = 2; +} + +// next id: 15 +message PluginConfig { + // Types of Access logs to export. Does not affect audit logging. + enum AccessLogging { + // No Logs. + NONE = 0; + // All logs including both success and error logs. + FULL = 1; + // All error logs. This is currently only available for outbound/client side + // logs. A request is classified as error when `status>=400 or + // response_flag != "-"` + ERRORS_ONLY = 2; + }; + + // Optional. Controls whether to export server access log. + // This is deprecated in favor of AccessLogging enum. + bool disable_server_access_logging = 1 [deprecated = true]; + + // Optional. Allows configuration of the size of the LogWrite request. The + // size is in bytes, so that it allows for better performance. Default is 4MB. + // The size of one log entry within LogWrite request is approx 1Kb. + int32 max_log_batch_size_in_bytes = 12; + + // Optional. Allows configuration of the time between calls out to the + // stackdriver logging service to report buffered LogWrite request. + // Customers can choose to report more aggressively by keeping shorter report + // interval if needed. Default is 10s. + google.protobuf.Duration log_report_duration = 13; + + // Optional. Controls whether to export audit log. + bool enable_audit_log = 11; + + // Optional. FQDN of destination service that the request routed to, e.g. + // productpage.default.svc.cluster.local. If not provided, request host header + // will be used instead + string destination_service_name = 2; + + // Optional. Controls whether or not to export mesh edges to a mesh edges + // service. This is disabled by default. + // Deprecated -- Mesh edge reporting is no longer supported and this setting + // is no-op. + bool enable_mesh_edges_reporting = 3 [deprecated = true]; + + // Optional. Allows configuration of the time between calls out to the mesh + // edges service to report *NEW* edges. The minimum configurable duration is + // `10s`. NOTE: This option ONLY configures the intermediate reporting of + // novel edges. Once every `10m`, all edges observed in that 10m window are + // reported and the local cache is cleared. + // The default duration is `1m`. Any value greater than `10m` will result in + // reporting every `10m`. + // Deprecated -- Mesh edge reporting is no longer supported and this setting + // is no-op. + google.protobuf.Duration mesh_edges_reporting_duration = 4 + [deprecated = true]; + + // maximum size of the peer metadata cache. + // A long lived proxy that connects with many transient peers can build up a + // large cache. To turn off the cache, set this field to a negative value. + int32 max_peer_cache_size = 5; + + // Optional: Disable using host header as a fallback if destination service is + // not available from the controlplane. Disable the fallback if the host + // header originates outsides the mesh, like at ingress. + bool disable_host_header_fallback = 6; + + // Optional. Allows configuration of the number of traffic assertions to batch + // into a single request. Default is 100. Max is 1000. + int32 max_edges_batch_size = 7; + + // Optional. Allows disabling of reporting of the request and response size + // metrics for HTTP traffic. Defaults to false (request and response size + // metrics are enabled). + bool disable_http_size_metrics = 8; + + // Optional. Allows enabling log compression for stackdriver access logs. + google.protobuf.BoolValue enable_log_compression = 9; + + // Optional. Controls what type of logs to export.. + AccessLogging access_logging = 10; + + // (Optional) Collection of tag names and tag expressions to include in the + // logs. Conflicts are resolved by the tag name by overriding previously + // supplied values. Does not apply to audit logs. + // See + // https://istio.io/latest/docs/tasks/observability/metrics/customize-metrics/#use-expressions-for-values + // for more details about the expression language. + CustomConfig custom_log_config = 14; + + // Optional. Controls the metric expiry duration. If a metric time series is + // not updated for the given duration, it will be purged from time series + // cache as well as metric reporting. If this is not set or set to 0, time + // series will never be expired. This option is useful to avoid unbounded + // metric label explodes proxy memory. + google.protobuf.Duration metric_expiry_duration = 15; +} diff --git a/envoy/extensions/stats/config.pb.go b/envoy/extensions/stats/config.pb.go new file mode 100644 index 00000000..cc7fa48f --- /dev/null +++ b/envoy/extensions/stats/config.pb.go @@ -0,0 +1,548 @@ +// Copyright 2019 Istio Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.27.1 +// protoc v3.17.1 +// source: envoy/extensions/stats/config.proto + +// $title: Stats Config +// $description: Configuration for Stats Filter. +// $location: https://istio.io/docs/reference/config/proxy_extensions/stats.html +// $weight: 20 + +package stats + +import ( + duration "github.com/golang/protobuf/ptypes/duration" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type MetricType int32 + +const ( + MetricType_COUNTER MetricType = 0 + MetricType_GAUGE MetricType = 1 + MetricType_HISTOGRAM MetricType = 2 +) + +// Enum value maps for MetricType. +var ( + MetricType_name = map[int32]string{ + 0: "COUNTER", + 1: "GAUGE", + 2: "HISTOGRAM", + } + MetricType_value = map[string]int32{ + "COUNTER": 0, + "GAUGE": 1, + "HISTOGRAM": 2, + } +) + +func (x MetricType) Enum() *MetricType { + p := new(MetricType) + *p = x + return p +} + +func (x MetricType) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (MetricType) Descriptor() protoreflect.EnumDescriptor { + return file_envoy_extensions_stats_config_proto_enumTypes[0].Descriptor() +} + +func (MetricType) Type() protoreflect.EnumType { + return &file_envoy_extensions_stats_config_proto_enumTypes[0] +} + +func (x MetricType) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use MetricType.Descriptor instead. +func (MetricType) EnumDescriptor() ([]byte, []int) { + return file_envoy_extensions_stats_config_proto_rawDescGZIP(), []int{0} +} + +// Metric instance configuration overrides. +// The metric value and the metric type are optional and permit changing the +// reported value for an existing metric. +// The standard metrics are optimized and reported through a "fast-path". +// The customizations allow full configurability, at the cost of a "slower" +// path. +type MetricConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // (Optional) Collection of tag names and tag expressions to include in the + // metric. Conflicts are resolved by the tag name by overriding previously + // supplied values. + Dimensions map[string]string `protobuf:"bytes,1,rep,name=dimensions,proto3" json:"dimensions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + // (Optional) Metric name to restrict the override to a metric. If not + // specified, applies to all. + Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` + // (Optional) A list of tags to remove. + TagsToRemove []string `protobuf:"bytes,3,rep,name=tags_to_remove,json=tagsToRemove,proto3" json:"tags_to_remove,omitempty"` + // NOT IMPLEMENTED. (Optional) Conditional enabling the override. + Match string `protobuf:"bytes,4,opt,name=match,proto3" json:"match,omitempty"` + // (Optional) If this is set to true, the metric(s) selected by this + // configuration will not be generated or reported. + Drop bool `protobuf:"varint,5,opt,name=drop,proto3" json:"drop,omitempty"` +} + +func (x *MetricConfig) Reset() { + *x = MetricConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *MetricConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MetricConfig) ProtoMessage() {} + +func (x *MetricConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MetricConfig.ProtoReflect.Descriptor instead. +func (*MetricConfig) Descriptor() ([]byte, []int) { + return file_envoy_extensions_stats_config_proto_rawDescGZIP(), []int{0} +} + +func (x *MetricConfig) GetDimensions() map[string]string { + if x != nil { + return x.Dimensions + } + return nil +} + +func (x *MetricConfig) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *MetricConfig) GetTagsToRemove() []string { + if x != nil { + return x.TagsToRemove + } + return nil +} + +func (x *MetricConfig) GetMatch() string { + if x != nil { + return x.Match + } + return "" +} + +func (x *MetricConfig) GetDrop() bool { + if x != nil { + return x.Drop + } + return false +} + +type MetricDefinition struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Metric name. + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + // Metric value expression. + Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` + // NOT IMPLEMENTED (Optional) Metric type. + Type MetricType `protobuf:"varint,3,opt,name=type,proto3,enum=stats.MetricType" json:"type,omitempty"` +} + +func (x *MetricDefinition) Reset() { + *x = MetricDefinition{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *MetricDefinition) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MetricDefinition) ProtoMessage() {} + +func (x *MetricDefinition) ProtoReflect() protoreflect.Message { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MetricDefinition.ProtoReflect.Descriptor instead. +func (*MetricDefinition) Descriptor() ([]byte, []int) { + return file_envoy_extensions_stats_config_proto_rawDescGZIP(), []int{1} +} + +func (x *MetricDefinition) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *MetricDefinition) GetValue() string { + if x != nil { + return x.Value + } + return "" +} + +func (x *MetricDefinition) GetType() MetricType { + if x != nil { + return x.Type + } + return MetricType_COUNTER +} + +type PluginConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // next id: 7 + // The following settings should be rarely used. + // Enable debug for this filter. + // DEPRECATED. + Debug bool `protobuf:"varint,1,opt,name=debug,proto3" json:"debug,omitempty"` + // maximum size of the peer metadata cache. + // A long lived proxy that connects with many transient peers can build up a + // large cache. To turn off the cache, set this field to a negative value. + // DEPRECATED. + MaxPeerCacheSize int32 `protobuf:"varint,2,opt,name=max_peer_cache_size,json=maxPeerCacheSize,proto3" json:"max_peer_cache_size,omitempty"` + // prefix to add to stats emitted by the plugin. + // DEPRECATED. + StatPrefix string `protobuf:"bytes,3,opt,name=stat_prefix,json=statPrefix,proto3" json:"stat_prefix,omitempty"` // default: "istio_" + // Stats api squashes dimensions in a single string. + // The squashed string is parsed at prometheus scrape time to recover + // dimensions. The following 2 fields set the field and value separators {key: + // value} --> key{value_separator}value{field_separator} + FieldSeparator string `protobuf:"bytes,4,opt,name=field_separator,json=fieldSeparator,proto3" json:"field_separator,omitempty"` // default: ";;" + ValueSeparator string `protobuf:"bytes,5,opt,name=value_separator,json=valueSeparator,proto3" json:"value_separator,omitempty"` // default: "==" + // Optional: Disable using host header as a fallback if destination service is + // not available from the controlplane. Disable the fallback if the host + // header originates outsides the mesh, like at ingress. + DisableHostHeaderFallback bool `protobuf:"varint,6,opt,name=disable_host_header_fallback,json=disableHostHeaderFallback,proto3" json:"disable_host_header_fallback,omitempty"` + // Optional. Allows configuration of the time between calls out to for TCP + // metrics reporting. The default duration is `15s`. + TcpReportingDuration *duration.Duration `protobuf:"bytes,7,opt,name=tcp_reporting_duration,json=tcpReportingDuration,proto3" json:"tcp_reporting_duration,omitempty"` + // Metric overrides. + Metrics []*MetricConfig `protobuf:"bytes,8,rep,name=metrics,proto3" json:"metrics,omitempty"` + // Metric definitions. + Definitions []*MetricDefinition `protobuf:"bytes,9,rep,name=definitions,proto3" json:"definitions,omitempty"` +} + +func (x *PluginConfig) Reset() { + *x = PluginConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *PluginConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PluginConfig) ProtoMessage() {} + +func (x *PluginConfig) ProtoReflect() protoreflect.Message { + mi := &file_envoy_extensions_stats_config_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PluginConfig.ProtoReflect.Descriptor instead. +func (*PluginConfig) Descriptor() ([]byte, []int) { + return file_envoy_extensions_stats_config_proto_rawDescGZIP(), []int{2} +} + +func (x *PluginConfig) GetDebug() bool { + if x != nil { + return x.Debug + } + return false +} + +func (x *PluginConfig) GetMaxPeerCacheSize() int32 { + if x != nil { + return x.MaxPeerCacheSize + } + return 0 +} + +func (x *PluginConfig) GetStatPrefix() string { + if x != nil { + return x.StatPrefix + } + return "" +} + +func (x *PluginConfig) GetFieldSeparator() string { + if x != nil { + return x.FieldSeparator + } + return "" +} + +func (x *PluginConfig) GetValueSeparator() string { + if x != nil { + return x.ValueSeparator + } + return "" +} + +func (x *PluginConfig) GetDisableHostHeaderFallback() bool { + if x != nil { + return x.DisableHostHeaderFallback + } + return false +} + +func (x *PluginConfig) GetTcpReportingDuration() *duration.Duration { + if x != nil { + return x.TcpReportingDuration + } + return nil +} + +func (x *PluginConfig) GetMetrics() []*MetricConfig { + if x != nil { + return x.Metrics + } + return nil +} + +func (x *PluginConfig) GetDefinitions() []*MetricDefinition { + if x != nil { + return x.Definitions + } + return nil +} + +var File_envoy_extensions_stats_config_proto protoreflect.FileDescriptor + +var file_envoy_extensions_stats_config_proto_rawDesc = []byte{ + 0x0a, 0x23, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x1a, 0x1e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, + 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xf6, 0x01, 0x0a, + 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x43, 0x0a, + 0x0a, 0x64, 0x69, 0x6d, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x23, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x69, 0x6d, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, + 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0a, 0x64, 0x69, 0x6d, 0x65, 0x6e, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x74, 0x61, 0x67, 0x73, 0x5f, 0x74, + 0x6f, 0x5f, 0x72, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, + 0x74, 0x61, 0x67, 0x73, 0x54, 0x6f, 0x52, 0x65, 0x6d, 0x6f, 0x76, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6d, 0x61, 0x74, + 0x63, 0x68, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x04, 0x64, 0x72, 0x6f, 0x70, 0x1a, 0x3d, 0x0a, 0x0f, 0x44, 0x69, 0x6d, 0x65, 0x6e, 0x73, + 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x63, 0x0a, 0x10, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x44, + 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, + 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x12, 0x25, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0e, 0x32, 0x11, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, + 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x22, 0xc2, 0x03, 0x0a, 0x0c, 0x50, + 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x14, 0x0a, 0x05, 0x64, + 0x65, 0x62, 0x75, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x05, 0x64, 0x65, 0x62, 0x75, + 0x67, 0x12, 0x2d, 0x0a, 0x13, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x63, 0x61, + 0x63, 0x68, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x10, + 0x6d, 0x61, 0x78, 0x50, 0x65, 0x65, 0x72, 0x43, 0x61, 0x63, 0x68, 0x65, 0x53, 0x69, 0x7a, 0x65, + 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, + 0x78, 0x12, 0x27, 0x0a, 0x0f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, 0x73, 0x65, 0x70, 0x61, 0x72, + 0x61, 0x74, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x66, 0x69, 0x65, 0x6c, + 0x64, 0x53, 0x65, 0x70, 0x61, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x27, 0x0a, 0x0f, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x5f, 0x73, 0x65, 0x70, 0x61, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0e, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x53, 0x65, 0x70, 0x61, 0x72, 0x61, + 0x74, 0x6f, 0x72, 0x12, 0x3f, 0x0a, 0x1c, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x68, + 0x6f, 0x73, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x66, 0x61, 0x6c, 0x6c, 0x62, + 0x61, 0x63, 0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x64, 0x69, 0x73, 0x61, 0x62, + 0x6c, 0x65, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x46, 0x61, 0x6c, 0x6c, + 0x62, 0x61, 0x63, 0x6b, 0x12, 0x4f, 0x0a, 0x16, 0x74, 0x63, 0x70, 0x5f, 0x72, 0x65, 0x70, 0x6f, + 0x72, 0x74, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x14, 0x74, 0x63, 0x70, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x69, 0x6e, 0x67, 0x44, 0x75, 0x72, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2d, 0x0a, 0x07, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, + 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x4d, + 0x65, 0x74, 0x72, 0x69, 0x63, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x07, 0x6d, 0x65, 0x74, + 0x72, 0x69, 0x63, 0x73, 0x12, 0x39, 0x0a, 0x0b, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x73, 0x74, 0x61, 0x74, + 0x73, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x44, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, + 0x6f, 0x6e, 0x52, 0x0b, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2a, + 0x33, 0x0a, 0x0a, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, + 0x07, 0x43, 0x4f, 0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, + 0x55, 0x47, 0x45, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, + 0x41, 0x4d, 0x10, 0x02, 0x42, 0x25, 0x5a, 0x23, 0x69, 0x73, 0x74, 0x69, 0x6f, 0x2e, 0x69, 0x6f, + 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x65, 0x6e, 0x76, 0x6f, 0x79, 0x2f, 0x65, 0x78, 0x74, 0x65, 0x6e, + 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, +} + +var ( + file_envoy_extensions_stats_config_proto_rawDescOnce sync.Once + file_envoy_extensions_stats_config_proto_rawDescData = file_envoy_extensions_stats_config_proto_rawDesc +) + +func file_envoy_extensions_stats_config_proto_rawDescGZIP() []byte { + file_envoy_extensions_stats_config_proto_rawDescOnce.Do(func() { + file_envoy_extensions_stats_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_envoy_extensions_stats_config_proto_rawDescData) + }) + return file_envoy_extensions_stats_config_proto_rawDescData +} + +var file_envoy_extensions_stats_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_envoy_extensions_stats_config_proto_msgTypes = make([]protoimpl.MessageInfo, 4) +var file_envoy_extensions_stats_config_proto_goTypes = []interface{}{ + (MetricType)(0), // 0: stats.MetricType + (*MetricConfig)(nil), // 1: stats.MetricConfig + (*MetricDefinition)(nil), // 2: stats.MetricDefinition + (*PluginConfig)(nil), // 3: stats.PluginConfig + nil, // 4: stats.MetricConfig.DimensionsEntry + (*duration.Duration)(nil), // 5: google.protobuf.Duration +} +var file_envoy_extensions_stats_config_proto_depIdxs = []int32{ + 4, // 0: stats.MetricConfig.dimensions:type_name -> stats.MetricConfig.DimensionsEntry + 0, // 1: stats.MetricDefinition.type:type_name -> stats.MetricType + 5, // 2: stats.PluginConfig.tcp_reporting_duration:type_name -> google.protobuf.Duration + 1, // 3: stats.PluginConfig.metrics:type_name -> stats.MetricConfig + 2, // 4: stats.PluginConfig.definitions:type_name -> stats.MetricDefinition + 5, // [5:5] is the sub-list for method output_type + 5, // [5:5] is the sub-list for method input_type + 5, // [5:5] is the sub-list for extension type_name + 5, // [5:5] is the sub-list for extension extendee + 0, // [0:5] is the sub-list for field type_name +} + +func init() { file_envoy_extensions_stats_config_proto_init() } +func file_envoy_extensions_stats_config_proto_init() { + if File_envoy_extensions_stats_config_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_envoy_extensions_stats_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*MetricConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_extensions_stats_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*MetricDefinition); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_envoy_extensions_stats_config_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*PluginConfig); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_envoy_extensions_stats_config_proto_rawDesc, + NumEnums: 1, + NumMessages: 4, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_envoy_extensions_stats_config_proto_goTypes, + DependencyIndexes: file_envoy_extensions_stats_config_proto_depIdxs, + EnumInfos: file_envoy_extensions_stats_config_proto_enumTypes, + MessageInfos: file_envoy_extensions_stats_config_proto_msgTypes, + }.Build() + File_envoy_extensions_stats_config_proto = out.File + file_envoy_extensions_stats_config_proto_rawDesc = nil + file_envoy_extensions_stats_config_proto_goTypes = nil + file_envoy_extensions_stats_config_proto_depIdxs = nil +} diff --git a/envoy/extensions/stats/config.proto b/envoy/extensions/stats/config.proto new file mode 100644 index 00000000..3cf09923 --- /dev/null +++ b/envoy/extensions/stats/config.proto @@ -0,0 +1,111 @@ +/* Copyright 2019 Istio Authors. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +syntax = "proto3"; + +// $title: Stats Config +// $description: Configuration for Stats Filter. +// $location: https://istio.io/docs/reference/config/proxy_extensions/stats.html +// $weight: 20 + +package stats; + +option go_package = "istio.io/api/envoy/extensions/stats"; + +import "google/protobuf/duration.proto"; + +// Metric instance configuration overrides. +// The metric value and the metric type are optional and permit changing the +// reported value for an existing metric. +// The standard metrics are optimized and reported through a "fast-path". +// The customizations allow full configurability, at the cost of a "slower" +// path. +message MetricConfig { + // (Optional) Collection of tag names and tag expressions to include in the + // metric. Conflicts are resolved by the tag name by overriding previously + // supplied values. + map dimensions = 1; + + // (Optional) Metric name to restrict the override to a metric. If not + // specified, applies to all. + string name = 2; + + // (Optional) A list of tags to remove. + repeated string tags_to_remove = 3; + + // NOT IMPLEMENTED. (Optional) Conditional enabling the override. + string match = 4; + + // (Optional) If this is set to true, the metric(s) selected by this + // configuration will not be generated or reported. + bool drop = 5; +} + +enum MetricType { + COUNTER = 0; + GAUGE = 1; + HISTOGRAM = 2; +} + +message MetricDefinition { + // Metric name. + string name = 1; + + // Metric value expression. + string value = 2; + + // NOT IMPLEMENTED (Optional) Metric type. + MetricType type = 3; +} + +message PluginConfig { + // next id: 7 + // The following settings should be rarely used. + // Enable debug for this filter. + // DEPRECATED. + bool debug = 1; + + // maximum size of the peer metadata cache. + // A long lived proxy that connects with many transient peers can build up a + // large cache. To turn off the cache, set this field to a negative value. + // DEPRECATED. + int32 max_peer_cache_size = 2; + + // prefix to add to stats emitted by the plugin. + // DEPRECATED. + string stat_prefix = 3; // default: "istio_" + + // Stats api squashes dimensions in a single string. + // The squashed string is parsed at prometheus scrape time to recover + // dimensions. The following 2 fields set the field and value separators {key: + // value} --> key{value_separator}value{field_separator} + string field_separator = 4; // default: ";;" + string value_separator = 5; // default: "==" + + // Optional: Disable using host header as a fallback if destination service is + // not available from the controlplane. Disable the fallback if the host + // header originates outsides the mesh, like at ingress. + bool disable_host_header_fallback = 6; + + // Optional. Allows configuration of the time between calls out to for TCP + // metrics reporting. The default duration is `15s`. + google.protobuf.Duration tcp_reporting_duration = 7; + + // Metric overrides. + repeated MetricConfig metrics = 8; + + // Metric definitions. + repeated MetricDefinition definitions = 9; +} diff --git a/gen.sh b/gen.sh index 22a77f87..5a97798e 100755 --- a/gen.sh +++ b/gen.sh @@ -37,6 +37,10 @@ buf generate --template buf.gen-noncrd.yaml \ --path mcp \ --path mesh +# These plugins are sent to Envoy, which uses golang/protobuf, so do not use gogo +buf generate --template buf.gen-golang.yaml \ + --path envoy + # Custom hacks to post-process some outputs go run ./operator/fixup_structs/main.go -f operator/v1alpha1/operator.pb.go go run ./operator/fixup_structs/main.go -f mesh/v1alpha1/config.pb.go diff --git a/go.mod b/go.mod index b8394808..adf73c8e 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,9 @@ go 1.12 require ( github.com/gogo/protobuf v1.3.2 + github.com/golang/protobuf v1.4.3 google.golang.org/grpc v1.35.0 + google.golang.org/protobuf v1.25.0 istio.io/gogo-genproto v0.0.0-20210113155706-4daf5697332f k8s.io/api v0.20.2 k8s.io/apimachinery v0.20.2