* refactor: move away from legacy `hyper::body::HttpBody`
this is an incremental step away from hyper 0.14's request and response
body interfaces, and towards the 1.0 body types. see
<https://github.com/linkerd/linkerd2/issues/8733> for more information
about upgrading to hyper 1.0.
hyper 0.14 provides a `hyper::body::Body` that is removed in the 1.0
interface. `hyper-util` now provides a workable default body type. hyper
0.14 reëxports `http_body::Body` as `HttpBody`. hyper 1.0 reëxports this
trait as `hyper::body::Body` without any renaming.
this commit moves application code away from hyper's legacy `Body` type
and the `HttpBody` trait alias. this commit moves assorted interfaces
towards the boxed `BoxBody` type instead. when possible, code is tweaked
such that it refers to the reëxport in `linkerd-proxy-http`, rather than
directly through `hyper`.
NB: this commit is based upon #3466.
Signed-off-by: katelyn martin <kate@buoyant.io>
* feat(http/box): `BoxBody::from_static` constructor
this commit relates to review feedback offered here:
https://github.com/linkerd/linkerd2-proxy/pull/3467#discussion_r1888979001
it is slightly ungainly to place a static string into a BoxBody,
something that is a fairly common pattern throughout e.g. our admin
server.
to help nudge the compiler to infer a `B: Body` of `String`, various
code follows a common convention of calling e.g.
`BoxBody:🆕:<String>("ready\n".into())` or,
`BoxBody::new("ready\n".to_string())`.
this commit helps reduce that boilerplate by adding a `from_static(..)`
constructor that accepts a static string.
```rust
/// Returns a [`BoxBody`] with the contents of a static string.
pub fn from_static(body: &'static str) -> Self {
Self::new(body.to_string())
}
```
Co-authored-by: Scott Fleener <scott@buoyant.io>
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/admin): outline json bytes body construction
see <https://github.com/linkerd/linkerd2-proxy/pull/3467#discussion_r1888980453>.
@sfleen points out this unfortunate part of our diff:
```diff
- .body(json.into())
+ .body(BoxBody::new(http_body::Full::new(bytes::Bytes::from(json))))
```
this *is* a bit of an unfortunate edge, where boxing up a body feels
especially cumbersome.
this commit takes an attempt at tweaking the function in question so
that this large nested expression reads a bit nicer.
first, to justify why this gets a little more involved: hyper will no
longer provide the `Body` type after 1.0, so we are tasked with
providing our own body. for our purposes, `Full` works because we have a
single chunk of bytes in hand.
in order to create a `Full`, we must provide a `D: Buf`, which can be
satisfied by the following types:
<https://docs.rs/bytes/1.6.0/bytes/buf/trait.Buf.html#foreign-impls>
most simply, we can cast our vector of bytes into a `Bytes`.
with all of this in hand, we can hoist this creation of the body up out
of the `match` arm, and use `Result::map` to apply these constructors in
sequential order:
```rust
// Serialize the value into JSON, and then place the bytes in a boxed response body.
let json = serde_json::to_vec(val)
.map(Bytes::from)
.map(http_body::Full::new)
.map(BoxBody::new);
```
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
Co-authored-by: Scott Fleener <scott@buoyant.io>
hyper 0.14's body type provides an `empty()` method that can be used to
construct an empty request or response body.
this commit proposes an equivalent method for `BoxBody`. while it is
semantically equivalent to `BoxBody::default()`, it can be helpful to
clarify that this constructs an empty body.
<https://docs.rs/hyper/0.14.31/hyper/body/struct.Body.html#method.empty>
Signed-off-by: katelyn martin <kate@buoyant.io>
this commit fixes some warnings that are currently present in `main`
when building the project's docs, by mending two broken doc links.
see:
- 42fe4cf66
- <https://github.com/linkerd/linkerd2/issues/8733>
Signed-off-by: katelyn martin <kate@buoyant.io>
see linkerd/linkerd2#8733 for more information on upgrading to hyper 1.0.
this commit is based upon #3456, and #3457.
this commit is also contingent upon hyperium/hyper#3796, which backports
the server connection builder's `max_pending_accept_reset_streams()`
method.
this commit addresses hyper deprecations in `ServeHttp<N>`, which
defines a reusable HTTP/1 and HTTP/2 server for the linkerd proxy.
essentially, this commit replaces the singular `Http<E>` with a pair of
http/1 and http/2 specific connection `Builder`s. method names no longer
have `http2_*` prefixes, otherwise nothing about the connection setup
has been changed. in the `Service` implementation, we delegate to the
appropriate builder based upon the protocol version.
Signed-off-by: katelyn martin <kate@buoyant.io>
this commit removes a duplicate function that was errantly defined, due
to some issues when merging previous (interdependent) pr's.
see
- #3455
- #3454
- linkerd/linkerd2#8733
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(hyper): define hyper as a workspace dependency
this commit alters various crates' manifests, pointing to a common
workspace-level hyper dependency.
note that the lockfile is not altered, this commit does *not* affect the
version of hyper used, or have any other affect on the dependency graph.
this will make future maintenance, upgrading, and patching of our hyper
dependency marginally easier.
see linkerd/linkerd2#8733 for more information on upgrading to hyper
1.0.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(hyper): upgrade hyper to include hyperium/hyper#3796
this commit bumps the version of the workspace's hyper dependency to
include hyperium/hyper#3796, which backports the server connection
builder's `max_pending_accept_reset_streams()` method.
see linkerd/linkerd2#8733 for more information on upgrading to hyper 1.0.
this commit is based upon #3456.
to show the hyper commit in the context of the git log:
```sh
; basename $(pwd)
hyper
; git remote get-url upstream
git@github.com:hyperium/hyper.git
; git log --oneline --decorate 0.14.x -5
a24f0c0a (HEAD -> 0.14.x, upstream/0.14.x) feat(server): backport `max_pending_accept_reset_streams()` to builder (#3796)
96550840 chore(ci): pin hashbrown for MSRV job (#3797)
7829148b (tag: v0.14.31) v0.14.31
97b595e5 perf(http1): improve parsing of sequentially partial messages
739d5e63 chore(ci): pin some deps for MSRV job
```
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(deny.toml): add `hyperium/hyper` to git allowlist
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
this commit alters various crates' manifests, pointing to a common
workspace-level hyper dependency.
note that the lockfile is not altered, this commit does *not* affect the
version of hyper used, or have any other affect on the dependency graph.
this will make future maintenance, upgrading, and patching of our hyper
dependency marginally easier.
see linkerd/linkerd2#8733 for more information on upgrading to hyper
1.0.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/inbound): address hyper deprecations in http/1 tests
this is a follow-up commit related to 24dc5d8a (#3445).
see <https://github.com/linkerd/linkerd2/issues/8733> for more
information on upgrading to hyper 1.0.
---
this addresses hyper deprecations in the http/1 tests for the inbound
proxy.
prior, we made use of `tower::ServiceExt::oneshot`, which consumes a
service and drops it after sending a request and polling the response
future to completion.
<https://docs.rs/tower/0.5.2/src/tower/util/oneshot.rs.html#96-100>
tower is not a 1.0 library yet, so `SendRequest` does not provide an
implementation of `tower::Service` in hyper's 1.0 interface:
- <https://docs.rs/hyper/0.14.31/hyper/client/conn/struct.SendRequest.html#impl-Service%3CRequest%3CB%3E%3E-for-SendRequest%3CB%3E>
- <https://docs.rs/hyper/1.5.1/hyper/client/conn/http1/struct.SendRequest.html#trait-implementations>
consequentially, we must drop the sender ourselves after receiving a
response now.
---
this commit *also* addresses hyper deprecations in the http/1 downgrade
tests for the inbound proxy.
because these tests involve a http/2 client and an http/1 server, we
take the choice of inlining the body of
`http_util::connect_and_accept()` rather than introducing a new, third
`http_util::connect_and_accept_http_downgrade()` function.
we will refactor these helper functions in follow-on commits.
NB: because `ContextError` is internal to the `linkerd-app-test` crate,
we do not wrap the errors. these are allegedly used by the fuzzing tests
(_see f.ex #986 and #989_), but for our purposes with respect to the
inbound proxy we can elide them rather than making `ctx()` a public
method.
---
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove unused `http_util::connect_and_accept(..)`
this removes `connect_and_accept(..)`. this will break fuzzing builds,
but it is not used elsewhere.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(fuzz): address hyper deprecation in inbound fuzz tests
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(fuzz): address preëxisting fuzz breakage
this commit addresses other breakage found in the fuzz tests, tied to
other previous work.
after these changes, one can observe that the fuzz tests build and run
once more by running the following:
```sh
cargo +nightly fuzz run --fuzz-dir=linkerd/app/inbound/fuzz/ fuzz_target_1
```
Signed-off-by: katelyn martin <kate@buoyant.io>
* nit(fuzz): remove stray newline from manifest
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
this is a follow-up commit related to 24dc5d8a (#3445).
see <https://github.com/linkerd/linkerd2/issues/8733> for more
information on upgrading to hyper 1.0.
---
this addresses hyper deprecations in the http/1 tests for the inbound
proxy.
prior, we made use of `tower::ServiceExt::oneshot`, which consumes a
service and drops it after sending a request and polling the response
future to completion.
<https://docs.rs/tower/0.5.2/src/tower/util/oneshot.rs.html#96-100>
tower is not a 1.0 library yet, so `SendRequest` does not provide an
implementation of `tower::Service` in hyper's 1.0 interface:
- <https://docs.rs/hyper/0.14.31/hyper/client/conn/struct.SendRequest.html#impl-Service%3CRequest%3CB%3E%3E-for-SendRequest%3CB%3E>
- <https://docs.rs/hyper/1.5.1/hyper/client/conn/http1/struct.SendRequest.html#trait-implementations>
consequentially, we must drop the sender ourselves after receiving a
response now.
---
this commit *also* addresses hyper deprecations in the http/1 downgrade
tests for the inbound proxy.
because these tests involve a http/2 client and an http/1 server, we
take the choice of inlining the body of
`http_util::connect_and_accept()` rather than introducing a new, third
`http_util::connect_and_accept_http_downgrade()` function.
we will refactor these helper functions in follow-on commits.
NB: because `ContextError` is internal to the `linkerd-app-test` crate,
we do not wrap the errors. these are allegedly used by the fuzzing tests
(_see f.ex #986 and #989_), but for our purposes with respect to the
inbound proxy we can elide them rather than making `ctx()` a public
method.
---
Signed-off-by: katelyn martin <kate@buoyant.io>
if one runs `cargo deny check` on the current state of main, or checks
deny logs in ci, one observes this waning:
```sh
$ cargo deny check
warning[unnecessary-skip]: skip 'idna' applied to a crate with only one version
┌─ /path/to/linkerd/linkerd2-proxy/deny.toml:63:15
│
63 │ { name = "idna" },
│ ━━━━ unnecessary skip configuration
advisories ok, bans ok, licenses ok, sources ok
```
today, our dependency graph only contains one version of `idna`, which
has since release a 1.0 version:
```sh
$ cargo tree -i -p idna
idna v1.0.3
├── hickory-proto v0.24.2
└── url v2.5.4
```
this commit updates the `deny.toml` file, removing this directive to
permit duplicate versions, now that this is no longer the case.
Signed-off-by: katelyn martin <kate@buoyant.io>
chore(deps): Upgrade tokio-rustls to 0.26
This bumps rustls itself from 0.21 to 0.23, which comes with a few breaking API changes. Most of these are limited to types being moved or renamed, or how the certificate verifiers are constructed.
Signed-off-by: Scott Fleener <scott@buoyant.io>
Co-authored-by: Oliver Gould <ver@buoyant.io>
this addresses deprecations in inbound proxy tests that should migrate
to hyper's new http/2 client connection builder.
http/1 tests will be upgraded in a follow-on commit.
the `connect_and_accept(..)` helper function is copied, and duplicated
into an http/2 version.
see <https://github.com/linkerd/linkerd2/issues/8733> for more
information on upgrading to hyper 1.0.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(proxy/tap): address `Http` deprecation
this is a trivial deprecation fix, for
<https://github.com/linkerd/linkerd2/issues/8733>.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/outbound): address `Http` deprecation
see <https://github.com/linkerd/linkerd2/issues/8733>.
this updates some test code to use the backported server connection
interfaces.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/integration): address `conn::Builder` deprecation
this commit addresses uses of deprecated hyper interfaces in the
`linkerd-app-integration` crate.
see <https://github.com/linkerd/linkerd2/issues/8733>.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/inbound): remove stale `deprecated` allowance
this was fixed in a previous commit.
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
this commit changes the `connect_and_accept(..)` helper function used in
the proxy's unit tests, altering its logic such that it now runs
background tasks inside of a `JoinSet`.
then, subsequent commits hoist code out of `run_proxy()` and `connect_client()`, and consolidate our `async move {}` blocks. this both simplifies the control flow of this test infrastructure, but also addresses some more hyper deprecations.
for more information about our progressing upgrade to hyper 1.0, see https://github.com/linkerd/linkerd2/issues/8733.
NB: this branch is based upon #3432.
---
* refactor(app/inbound): remove unused `Http` parameter
this was not being flagged as an unused variable, due to the
`#[instrument]` attribute. (😉 _it's used as a field in the generated
span!_)
`connect_timeout(..)` doesn't use its parameter.
to address some deprecations, and avoid the need for polymorphism /
refactoring related to http/1 and http/2 connections being represented
as distinct types in the hyper 1.0 api, we remove it.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/inbound): address `server::conn::Http` deprecations
this addresses hyper 1.0 deprecations in the server side of the inbound
proxy's http unit test suite logic.
see <https://github.com/linkerd/linkerd2/issues/8733> for more
information.
the client end of this change ends up being slightly involved, due to
changes that will need to be made in `linkerd_app_test::http_util`.
accordingly, those deprecations will be addressed in a subsequent
commit.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): reorder and document test helpers
this moves the public `connect_client(..)` function up to the top of the
group of functions, and adds a documentation comment explaining its
purpose.
a todo comment is left noting that this can be refactored to use tokio's
new `JoinSet` type.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): briefly defer `spawn()`ing tasks
this is a small tweak, defering the call to `tokio::spawn(..)` to make
using `JoinSet` easier.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): use `JoinSet` for background tasks
this commit changes the `connect_and_accept(..)` helper function used in
the proxy's unit tests, altering its logic such that it now runs
background tasks inside of a `JoinSet`.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): tweak proxy process
this commit makes two minor changes to the `run_proxy()` helper
function:
* remove a frivolous `.map(|_| ())` on a result that already had a tuple
`Ok` type.
* use `ServiceExt::oneshot` for brevity.
this should have no effect on the tests, we're just golfing things down
a bit.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): hoist `instrument(..)` calls
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove `run_proxy(..)`
we've nudged this along well enough that this function can now
reasonably be removed.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove `connect_client(..)`
and once more, we remove a helper function that isn't doing quite so
much work, and whose signature contains deprecated hyper 1.0 types.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): consolidate anonymous futures
we create `async move {}` blocks in multiple places, without any clear
benefit.
this commit consolidates them into one place: when we spawn a task onto
the `JoinSet`.
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
this addresses hyper 1.0 deprecations in the server side of the inbound
proxy's http unit test suite logic.
see linkerd/linkerd2#8733 for more
information.
the client end of this change ends up being slightly involved, due to
changes that will need to be made in linkerd_app_test::http_util.
accordingly, those deprecations will be addressed in a subsequent
commit.
---
* refactor(app/inbound): remove unused `Http` parameter
this was not being flagged as an unused variable, due to the
`#[instrument]` attribute. (😉 _it's used as a field in the generated
span!_)
`connect_timeout(..)` doesn't use its parameter.
to address some deprecations, and avoid the need for polymorphism /
refactoring related to http/1 and http/2 connections being represented
as distinct types in the hyper 1.0 api, we remove it.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(app/inbound): address `server::conn::Http` deprecations
this addresses hyper 1.0 deprecations in the server side of the inbound
proxy's http unit test suite logic.
see <https://github.com/linkerd/linkerd2/issues/8733> for more
information.
the client end of this change ends up being slightly involved, due to
changes that will need to be made in `linkerd_app_test::http_util`.
accordingly, those deprecations will be addressed in a subsequent
commit.
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
while handling the upgrade to hyper 1.0, i noticed some small changes
that'd be nice to make.
most importantly, with respect to
https://github.com/linkerd/linkerd2/issues/8733, this commit outlines
`http_util::http_request()`. hyper 1.0 provides version specific
`SendRequest` types for HTTP/1 and HTTP/2, so rather than try to be
polymorphic across both senders, we send the request at the call site.
two other commits remove `pub` attributes for functions that aren't
called externally. we'll address `run_proxy()` and `connect_client()` in
a subsequent PR, because the dependent tests use both HTTP/1 and HTTP/2.
---
* refactor(app/test): remove `pub` from `http_util::connect_client()`
this is not used elsewhere. it can be private.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove `pub` from `http_util::run_proxy()`
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove `http_util::http_request()`
this function abstracts over one statement, at the cost of needing to
name the `SendRequest` type.
because hyper's 1.0 interface provides multiple `SendRequest` types
based on the HTTP version being used. to avoid needing to deal with
polymorphism, and to implicitly address a function-level allowance of
deprecated types, we remove this function and move this statement to the
function's call sites.
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): collect bodies with `String::from_utf8`
this function previously called `std::str::from_utf8`, before calling
`str::to_owned` on the result. because of this, there is a bit of extra
gymnastics, passing a `&body[..]` slice along after collecting the body
bytes.
this is both more baroque and less performant. this commit updates the
call, using `String::from_utf8` to collect the body, sparing a needless
`to_owned()`/`clone()` call.
Signed-off-by: katelyn martin <kate@buoyant.io>
* docs(app/test): document `io` submodule
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(app/test): remove duplicate `io` reëxport
the same `pub use` bundle is found in the parent `lib.rs`.
this removes it, and refers to the same `mod io {}` defined above.
Signed-off-by: katelyn martin <kate@buoyant.io>
* review(app/inbound): use `ServiceExt::oneshot(..)`
https://github.com/linkerd/linkerd2-proxy/pull/3428#discussion_r1873653091
we can simplify these statements sending requests, by using
`ServiceExt::oneshot(..)`.
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
this branch contains a sequence of commits that focus on addressing
deprecation warnings related to hyper::client::conn::Builder. this
branch enables the backports feature, and then replaces some of these
builders with the backported, http/2 specific,
hyper::client::conn::http2::Builder type.
relates to linkerd/linkerd2#8733.
---
* chore(proxy/http): address `h2::Connection` deprecation
this commit updates `Connection<B>` to use the backported, http/2
specific `SendRequest` type.
this commit enables the `backports` feature flag in the `hyper`
dependency.
Signed-off-by: katelyn martin <kate@buoyant.io>
* chore(proxy/http): address `server::tests` deprecations
Signed-off-by: katelyn martin <kate@buoyant.io>
* refactor(proxy/http): consolidate connect functions
`connect()` is never called elsewhere. let's avoid the misdirection and
move it into the body of `connect_h2()`.
Signed-off-by: katelyn martin <kate@buoyant.io>
---------
Signed-off-by: katelyn martin <kate@buoyant.io>
* docker.io/library/golang from 1.22 to 1.23
* gotestsum from 0.4.2 to 1.12.0
* protoc-gen-go from 1.28.1 to 1.35.2
* protoc-gen-go-grpc from 1.2 to 1.5.1
* docker.io/library/rust from 1.76.0 to 1.83.0
* cargo-deny from 0.14.11 to 0.16.3
* cargo-nextest from 0.9.67 to 0.9.85
* cargo-tarpaulin from 0.27.3 to 0.31.3
* just from 1.24.0 to 1.37.0
* yq from 4.33.3 to 4.44.5
* markdownlint-cli2 from 0.10.0 to 0.15.0
* shellcheck from 0.9.0 to 0.10.0
* actionlint from 1.6.26 to 1.7.4
* protoc from 3.20.3 to 29.0
* step from 0.25.2 to 0.28.2
* kubectl from 1.29.2 to 1.31.3
* k3d from 5.6.0 to 5.7.5
* k3s image shas
* helm from 3.14.1 to 3.16.3
* helm-docs from 1.12.0 to 1.14.2
dependabot[bot]
katelyn martin
Scott Fleener
katelyn martin
Oliver Gould