diff --git a/bin/protoc-go.sh b/bin/protoc-go.sh index 48a62cf5d..3d37e3bd0 100755 --- a/bin/protoc-go.sh +++ b/bin/protoc-go.sh @@ -11,7 +11,6 @@ rm -rf controller/gen/common controller/gen/config viz/metrics-api/gen viz/tap/g mkdir -p controller/gen/common/net viz/metrics-api/gen/viz viz/tap/gen/tap "$bindir"/protoc -I proto --go_out=paths=source_relative:controller/gen proto/common/net.proto -"$bindir"/protoc -I proto --go_out=paths=source_relative:controller/gen proto/config/config.proto "$bindir"/protoc -I proto -I viz/metrics-api/proto --go_out=paths=source_relative:viz/metrics-api/gen viz/metrics-api/proto/viz.proto "$bindir"/protoc -I proto -I viz/metrics-api/proto --go-grpc_out=paths=source_relative:viz/metrics-api/gen/viz viz/metrics-api/proto/viz.proto "$bindir"/protoc -I proto -I viz/tap/proto -I viz/metrics-api/proto --go_out=paths=source_relative:viz/tap/gen viz/tap/proto/viz_tap.proto diff --git a/cli/cmd/repair.go b/cli/cmd/repair.go index 4af45f222..d8545c980 100644 --- a/cli/cmd/repair.go +++ b/cli/cmd/repair.go @@ -8,10 +8,13 @@ import ( "regexp" "time" - "github.com/golang/protobuf/ptypes" - pb "github.com/linkerd/linkerd2/controller/gen/config" + corev1 "k8s.io/api/core/v1" + "k8s.io/client-go/kubernetes" + "github.com/linkerd/linkerd2/pkg/charts/linkerd2" + charts "github.com/linkerd/linkerd2/pkg/charts/linkerd2" "github.com/linkerd/linkerd2/pkg/healthcheck" + "github.com/linkerd/linkerd2/pkg/issuercerts" "github.com/linkerd/linkerd2/pkg/k8s" "github.com/linkerd/linkerd2/pkg/version" "github.com/spf13/cobra" @@ -127,16 +130,16 @@ func repair(ctx context.Context, forced bool) error { if err != nil { return fmt.Errorf("Failed to parse IssuanceLifetime from linkerd-config: %s", err) } - idCtx := pb.IdentityContext{ - TrustAnchorsPem: values.IdentityTrustAnchorsPEM, - Scheme: values.Identity.Issuer.Scheme, - ClockSkewAllowance: ptypes.DurationProto(clockSkewDuration), - IssuanceLifetime: ptypes.DurationProto(issuanceLifetime), - TrustDomain: values.IdentityTrustDomain, + idCtx := identityContext{ + trustAnchorsPem: values.IdentityTrustAnchorsPEM, + scheme: values.Identity.Issuer.Scheme, + clockSkewAllowance: clockSkewDuration, + issuanceLifetime: issuanceLifetime, + trustDomain: values.IdentityTrustDomain, } // Populate identity values - err = fetchIdentityValues(ctx, k8sAPI, &idCtx, &values) + err = fetchIdentityValues(ctx, k8sAPI, idCtx, &values) if err != nil { return fmt.Errorf("Failed to load issuer credentials: %s", err) } @@ -185,3 +188,68 @@ func resetVersion(values *linkerd2.Values) error { values.LinkerdVersion = defaults.LinkerdVersion return nil } + +type identityContext struct { + trustAnchorsPem string + scheme string + clockSkewAllowance time.Duration + issuanceLifetime time.Duration + trustDomain string +} + +// fetchIdentityValue checks the kubernetes API to fetch an existing +// linkerd identity configuration. +// +// This bypasses the public API so that we can access secrets and validate +// permissions. +func fetchIdentityValues(ctx context.Context, k kubernetes.Interface, idctx identityContext, values *charts.Values) error { + if idctx.scheme == "" { + // if this is empty, then we are upgrading from a version + // that did not support issuer schemes. Just default to the + // linkerd one. + idctx.scheme = k8s.IdentityIssuerSchemeLinkerd + } + + var trustAnchorsPEM string + var issuerData *issuercerts.IssuerCertData + var err error + + trustAnchorsPEM = idctx.trustAnchorsPem + + issuerData, err = fetchIssuer(ctx, k, trustAnchorsPEM, idctx.scheme) + if err != nil { + return err + } + + values.IdentityTrustAnchorsPEM = trustAnchorsPEM + values.Identity.Issuer.Scheme = idctx.scheme + values.Identity.Issuer.ClockSkewAllowance = idctx.clockSkewAllowance.String() + values.Identity.Issuer.IssuanceLifetime = idctx.issuanceLifetime.String() + values.Identity.Issuer.TLS.KeyPEM = issuerData.IssuerKey + values.Identity.Issuer.TLS.CrtPEM = issuerData.IssuerCrt + + return nil +} + +func fetchIssuer(ctx context.Context, k kubernetes.Interface, trustPEM string, scheme string) (*issuercerts.IssuerCertData, error) { + var ( + issuerData *issuercerts.IssuerCertData + err error + ) + switch scheme { + case string(corev1.SecretTypeTLS): + // Do not return external issuer certs as no need of storing them in config and upgrade secrets + // Also contradicts condition in https://github.com/linkerd/linkerd2/blob/main/cli/cmd/options.go#L550 + return &issuercerts.IssuerCertData{}, nil + default: + issuerData, err = issuercerts.FetchIssuerData(ctx, k, trustPEM, controlPlaneNamespace) + if issuerData != nil && issuerData.TrustAnchors != trustPEM { + issuerData.TrustAnchors = trustPEM + } + } + if err != nil { + return nil, err + } + + return issuerData, nil +} diff --git a/cli/cmd/upgrade.go b/cli/cmd/upgrade.go index ed84d7156..910651816 100644 --- a/cli/cmd/upgrade.go +++ b/cli/cmd/upgrade.go @@ -265,19 +265,10 @@ func upgrade(ctx context.Context, k *k8s.KubernetesAPI, flags []flag.Flag, stage if err != nil { return bytes.Buffer{}, fmt.Errorf("failed to load stored values: %w", err) } - // If there is no linkerd-config-overrides secret, assume we are upgrading - // from a version of Linkerd prior to the introduction of this secret. In - // this case we load the values from the legacy linkerd-config configmap. - if values == nil { - values, err = loadStoredValuesLegacy(ctx, k) - if err != nil { - return bytes.Buffer{}, err - } - } - // If values is still nil, then neither the linkerd-config-overrides secret - // nor the legacy values were found. This means either means that Linkerd - // was installed with Helm or that the installation needs to be repaired. + // If values is still nil, then the linkerd-config-overrides secret was not found. + // This means either means that Linkerd was installed with Helm or that the installation + // needs to be repaired. if values == nil { return bytes.Buffer{}, errors.New( `Could not find the Linkerd config. If Linkerd was installed with Helm, please diff --git a/cli/cmd/upgrade_legacy.go b/cli/cmd/upgrade_legacy.go deleted file mode 100644 index f735df979..000000000 --- a/cli/cmd/upgrade_legacy.go +++ /dev/null @@ -1,183 +0,0 @@ -package cmd - -import ( - "context" - "fmt" - "strings" - - "github.com/golang/protobuf/ptypes" - "github.com/linkerd/linkerd2/cli/flag" - pb "github.com/linkerd/linkerd2/controller/gen/config" - charts "github.com/linkerd/linkerd2/pkg/charts/linkerd2" - "github.com/linkerd/linkerd2/pkg/healthcheck" - "github.com/linkerd/linkerd2/pkg/issuercerts" - "github.com/linkerd/linkerd2/pkg/k8s" - "github.com/linkerd/linkerd2/pkg/version" - "github.com/spf13/pflag" - corev1 "k8s.io/api/core/v1" - "k8s.io/client-go/kubernetes" -) - -func loadStoredValuesLegacy(ctx context.Context, k *k8s.KubernetesAPI) (*charts.Values, error) { - - // We fetch the configs directly from kubernetes because we need to be able - // to upgrade/reinstall the control plane when the API is not available; and - // this also serves as a passive check that we have privileges to access this - // control plane. - _, configs, err := healthcheck.FetchLinkerdConfigMap(ctx, k, controlPlaneNamespace) - if err != nil { - return nil, fmt.Errorf("could not fetch configs from kubernetes: %s", err) - } - if configs == nil { - return nil, nil - } - repairConfigs(configs) - - values, err := charts.NewValues() - if err != nil { - return nil, err - } - allStageFlags, allStageFlagSet := makeAllStageFlags(values) - installFlags, installFlagSet := makeInstallFlags(values) - upgradeFlags, installUpgradeFlagSet, err := makeInstallUpgradeFlags(values) - if err != nil { - return nil, err - } - proxyFlags, proxyFlagSet := makeProxyFlags(values) - - flagSet := pflag.NewFlagSet("loaded_flags", pflag.ExitOnError) - flagSet.AddFlagSet(allStageFlagSet) - flagSet.AddFlagSet(installFlagSet) - flagSet.AddFlagSet(installUpgradeFlagSet) - flagSet.AddFlagSet(proxyFlagSet) - - setFlagsFromInstall(flagSet, configs.GetInstall().GetFlags()) - - flags := flattenFlags(allStageFlags, installFlags, upgradeFlags, proxyFlags) - err = flag.ApplySetFlags(values, flags) - if err != nil { - return nil, err - } - - idctx := configs.GetGlobal().GetIdentityContext() - if idctx.GetTrustDomain() != "" && idctx.GetTrustAnchorsPem() != "" { - err = fetchIdentityValues(ctx, k, idctx, values) - if err != nil { - return nil, err - } - } - - return values, nil -} - -func setFlagsFromInstall(flags *pflag.FlagSet, installFlags []*pb.Install_Flag) { - for _, i := range installFlags { - if f := flags.Lookup(i.GetName()); f != nil && !f.Changed { - // The function recordFlags() stores the string representation of flags in the ConfigMap - // so a stringSlice is stored e.g. as [a,b]. - // To avoid having f.Value.Set() interpreting that as a string we need to remove - // the brackets - value := i.GetValue() - if f.Value.Type() == "stringSlice" { - value = strings.Trim(value, "[]") - } - - f.Value.Set(value) - f.Changed = true - } - } -} - -func repairConfigs(configs *pb.All) { - // Repair the "install" section; install flags are updated separately - if configs.Install == nil { - configs.Install = &pb.Install{} - } - // ALWAYS update the CLI version to the most recent. - configs.Install.CliVersion = version.Version - - // Repair the "proxy" section - if configs.Proxy == nil { - configs.Proxy = &pb.Proxy{} - } - if configs.Proxy.DebugImage == nil { - configs.Proxy.DebugImage = &pb.Image{} - } - if configs.GetProxy().GetDebugImage().GetImageName() == "" { - configs.Proxy.DebugImage.ImageName = k8s.DebugSidecarImage - } - if configs.GetProxy().GetDebugImageVersion() == "" { - configs.Proxy.DebugImageVersion = version.Version - } -} - -// fetchIdentityValue checks the kubernetes API to fetch an existing -// linkerd identity configuration. -// -// This bypasses the public API so that we can access secrets and validate -// permissions. -func fetchIdentityValues(ctx context.Context, k kubernetes.Interface, idctx *pb.IdentityContext, values *charts.Values) error { - if idctx == nil { - return nil - } - - if idctx.Scheme == "" { - // if this is empty, then we are upgrading from a version - // that did not support issuer schemes. Just default to the - // linkerd one. - idctx.Scheme = k8s.IdentityIssuerSchemeLinkerd - } - - var trustAnchorsPEM string - var issuerData *issuercerts.IssuerCertData - var err error - - trustAnchorsPEM = idctx.GetTrustAnchorsPem() - - issuerData, err = fetchIssuer(ctx, k, trustAnchorsPEM, idctx.Scheme) - if err != nil { - return err - } - - clockSkewDuration, err := ptypes.Duration(idctx.GetClockSkewAllowance()) - if err != nil { - return fmt.Errorf("could not convert clock skew protobuf Duration format into golang Duration: %s", err) - } - - issuanceLifetimeDuration, err := ptypes.Duration(idctx.GetIssuanceLifetime()) - if err != nil { - return fmt.Errorf("could not convert issuance Lifetime protobuf Duration format into golang Duration: %s", err) - } - - values.IdentityTrustAnchorsPEM = trustAnchorsPEM - values.Identity.Issuer.Scheme = idctx.Scheme - values.Identity.Issuer.ClockSkewAllowance = clockSkewDuration.String() - values.Identity.Issuer.IssuanceLifetime = issuanceLifetimeDuration.String() - values.Identity.Issuer.TLS.KeyPEM = issuerData.IssuerKey - values.Identity.Issuer.TLS.CrtPEM = issuerData.IssuerCrt - - return nil -} - -func fetchIssuer(ctx context.Context, k kubernetes.Interface, trustPEM string, scheme string) (*issuercerts.IssuerCertData, error) { - var ( - issuerData *issuercerts.IssuerCertData - err error - ) - switch scheme { - case string(corev1.SecretTypeTLS): - // Do not return external issuer certs as no need of storing them in config and upgrade secrets - // Also contradicts condition in https://github.com/linkerd/linkerd2/blob/main/cli/cmd/options.go#L550 - return &issuercerts.IssuerCertData{}, nil - default: - issuerData, err = issuercerts.FetchIssuerData(ctx, k, trustPEM, controlPlaneNamespace) - if issuerData != nil && issuerData.TrustAnchors != trustPEM { - issuerData.TrustAnchors = trustPEM - } - } - if err != nil { - return nil, err - } - - return issuerData, nil -} diff --git a/controller/api/destination/watcher/opaque_ports_watcher.go b/controller/api/destination/watcher/opaque_ports_watcher.go index 6f553c33c..6d33ba2b5 100644 --- a/controller/api/destination/watcher/opaque_ports_watcher.go +++ b/controller/api/destination/watcher/opaque_ports_watcher.go @@ -203,8 +203,7 @@ func getServiceOpaquePortsAnnotation(svc *corev1.Service) (map[uint32]struct{}, func parseServiceOpaquePorts(annotation string, sps []corev1.ServicePort) []string { portRanges := util.GetPortRanges(annotation) var values []string - for _, portRange := range portRanges { - pr := portRange.GetPortRange() + for _, pr := range portRanges { port, named := isNamed(pr, sps) if named { values = append(values, strconv.Itoa(int(port))) diff --git a/controller/gen/config/config.pb.go b/controller/gen/config/config.pb.go deleted file mode 100644 index 5e369ce51..000000000 --- a/controller/gen/config/config.pb.go +++ /dev/null @@ -1,1280 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.27.1 -// protoc v3.15.8 -// source: config/config.proto - -package config - -import ( - duration "github.com/golang/protobuf/ptypes/duration" - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type All struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Global *Global `protobuf:"bytes,1,opt,name=global,proto3" json:"global,omitempty"` - Proxy *Proxy `protobuf:"bytes,2,opt,name=proxy,proto3" json:"proxy,omitempty"` - Install *Install `protobuf:"bytes,3,opt,name=install,proto3" json:"install,omitempty"` -} - -func (x *All) Reset() { - *x = All{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *All) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*All) ProtoMessage() {} - -func (x *All) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use All.ProtoReflect.Descriptor instead. -func (*All) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{0} -} - -func (x *All) GetGlobal() *Global { - if x != nil { - return x.Global - } - return nil -} - -func (x *All) GetProxy() *Proxy { - if x != nil { - return x.Proxy - } - return nil -} - -func (x *All) GetInstall() *Install { - if x != nil { - return x.Install - } - return nil -} - -type Global struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - LinkerdNamespace string `protobuf:"bytes,1,opt,name=linkerd_namespace,json=linkerdNamespace,proto3" json:"linkerd_namespace,omitempty"` - CniEnabled bool `protobuf:"varint,2,opt,name=cni_enabled,json=cniEnabled,proto3" json:"cni_enabled,omitempty"` - // Control plane version - Version string `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"` - // If present, configures identity. - IdentityContext *IdentityContext `protobuf:"bytes,4,opt,name=identity_context,json=identityContext,proto3" json:"identity_context,omitempty"` - // Deprecated: Do not use. - AutoInjectContext *AutoInjectContext `protobuf:"bytes,6,opt,name=auto_inject_context,json=autoInjectContext,proto3" json:"auto_inject_context,omitempty"` - // Deprecated: Do not use. - OmitWebhookSideEffects bool `protobuf:"varint,7,opt,name=omitWebhookSideEffects,proto3" json:"omitWebhookSideEffects,omitempty"` - // Override default `cluster.local` - ClusterDomain string `protobuf:"bytes,8,opt,name=cluster_domain,json=clusterDomain,proto3" json:"cluster_domain,omitempty"` -} - -func (x *Global) Reset() { - *x = Global{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Global) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Global) ProtoMessage() {} - -func (x *Global) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Global.ProtoReflect.Descriptor instead. -func (*Global) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{1} -} - -func (x *Global) GetLinkerdNamespace() string { - if x != nil { - return x.LinkerdNamespace - } - return "" -} - -func (x *Global) GetCniEnabled() bool { - if x != nil { - return x.CniEnabled - } - return false -} - -func (x *Global) GetVersion() string { - if x != nil { - return x.Version - } - return "" -} - -func (x *Global) GetIdentityContext() *IdentityContext { - if x != nil { - return x.IdentityContext - } - return nil -} - -// Deprecated: Do not use. -func (x *Global) GetAutoInjectContext() *AutoInjectContext { - if x != nil { - return x.AutoInjectContext - } - return nil -} - -// Deprecated: Do not use. -func (x *Global) GetOmitWebhookSideEffects() bool { - if x != nil { - return x.OmitWebhookSideEffects - } - return false -} - -func (x *Global) GetClusterDomain() string { - if x != nil { - return x.ClusterDomain - } - return "" -} - -type Proxy struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - ProxyImage *Image `protobuf:"bytes,1,opt,name=proxy_image,json=proxyImage,proto3" json:"proxy_image,omitempty"` - ProxyInitImage *Image `protobuf:"bytes,2,opt,name=proxy_init_image,json=proxyInitImage,proto3" json:"proxy_init_image,omitempty"` - ControlPort *Port `protobuf:"bytes,3,opt,name=control_port,json=controlPort,proto3" json:"control_port,omitempty"` - IgnoreInboundPorts []*PortRange `protobuf:"bytes,4,rep,name=ignore_inbound_ports,json=ignoreInboundPorts,proto3" json:"ignore_inbound_ports,omitempty"` - IgnoreOutboundPorts []*PortRange `protobuf:"bytes,5,rep,name=ignore_outbound_ports,json=ignoreOutboundPorts,proto3" json:"ignore_outbound_ports,omitempty"` - InboundPort *Port `protobuf:"bytes,6,opt,name=inbound_port,json=inboundPort,proto3" json:"inbound_port,omitempty"` - AdminPort *Port `protobuf:"bytes,7,opt,name=admin_port,json=adminPort,proto3" json:"admin_port,omitempty"` - OutboundPort *Port `protobuf:"bytes,8,opt,name=outbound_port,json=outboundPort,proto3" json:"outbound_port,omitempty"` - Resource *ResourceRequirements `protobuf:"bytes,9,opt,name=resource,proto3" json:"resource,omitempty"` - ProxyUid int64 `protobuf:"varint,10,opt,name=proxy_uid,json=proxyUid,proto3" json:"proxy_uid,omitempty"` - LogLevel *LogLevel `protobuf:"bytes,11,opt,name=log_level,json=logLevel,proto3" json:"log_level,omitempty"` - DisableExternalProfiles bool `protobuf:"varint,12,opt,name=disable_external_profiles,json=disableExternalProfiles,proto3" json:"disable_external_profiles,omitempty"` - ProxyVersion string `protobuf:"bytes,13,opt,name=proxy_version,json=proxyVersion,proto3" json:"proxy_version,omitempty"` - ProxyInitImageVersion string `protobuf:"bytes,14,opt,name=proxy_init_image_version,json=proxyInitImageVersion,proto3" json:"proxy_init_image_version,omitempty"` - DebugImage *Image `protobuf:"bytes,15,opt,name=debug_image,json=debugImage,proto3" json:"debug_image,omitempty"` - DebugImageVersion string `protobuf:"bytes,16,opt,name=debug_image_version,json=debugImageVersion,proto3" json:"debug_image_version,omitempty"` - DestinationGetNetworks string `protobuf:"bytes,17,opt,name=destination_get_networks,json=destinationGetNetworks,proto3" json:"destination_get_networks,omitempty"` - LogFormat string `protobuf:"bytes,18,opt,name=log_format,json=logFormat,proto3" json:"log_format,omitempty"` - OutboundConnectTimeout string `protobuf:"bytes,19,opt,name=outbound_connect_timeout,json=outboundConnectTimeout,proto3" json:"outbound_connect_timeout,omitempty"` - InboundConnectTimeout string `protobuf:"bytes,20,opt,name=inbound_connect_timeout,json=inboundConnectTimeout,proto3" json:"inbound_connect_timeout,omitempty"` -} - -func (x *Proxy) Reset() { - *x = Proxy{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Proxy) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Proxy) ProtoMessage() {} - -func (x *Proxy) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Proxy.ProtoReflect.Descriptor instead. -func (*Proxy) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{2} -} - -func (x *Proxy) GetProxyImage() *Image { - if x != nil { - return x.ProxyImage - } - return nil -} - -func (x *Proxy) GetProxyInitImage() *Image { - if x != nil { - return x.ProxyInitImage - } - return nil -} - -func (x *Proxy) GetControlPort() *Port { - if x != nil { - return x.ControlPort - } - return nil -} - -func (x *Proxy) GetIgnoreInboundPorts() []*PortRange { - if x != nil { - return x.IgnoreInboundPorts - } - return nil -} - -func (x *Proxy) GetIgnoreOutboundPorts() []*PortRange { - if x != nil { - return x.IgnoreOutboundPorts - } - return nil -} - -func (x *Proxy) GetInboundPort() *Port { - if x != nil { - return x.InboundPort - } - return nil -} - -func (x *Proxy) GetAdminPort() *Port { - if x != nil { - return x.AdminPort - } - return nil -} - -func (x *Proxy) GetOutboundPort() *Port { - if x != nil { - return x.OutboundPort - } - return nil -} - -func (x *Proxy) GetResource() *ResourceRequirements { - if x != nil { - return x.Resource - } - return nil -} - -func (x *Proxy) GetProxyUid() int64 { - if x != nil { - return x.ProxyUid - } - return 0 -} - -func (x *Proxy) GetLogLevel() *LogLevel { - if x != nil { - return x.LogLevel - } - return nil -} - -func (x *Proxy) GetDisableExternalProfiles() bool { - if x != nil { - return x.DisableExternalProfiles - } - return false -} - -func (x *Proxy) GetProxyVersion() string { - if x != nil { - return x.ProxyVersion - } - return "" -} - -func (x *Proxy) GetProxyInitImageVersion() string { - if x != nil { - return x.ProxyInitImageVersion - } - return "" -} - -func (x *Proxy) GetDebugImage() *Image { - if x != nil { - return x.DebugImage - } - return nil -} - -func (x *Proxy) GetDebugImageVersion() string { - if x != nil { - return x.DebugImageVersion - } - return "" -} - -func (x *Proxy) GetDestinationGetNetworks() string { - if x != nil { - return x.DestinationGetNetworks - } - return "" -} - -func (x *Proxy) GetLogFormat() string { - if x != nil { - return x.LogFormat - } - return "" -} - -func (x *Proxy) GetOutboundConnectTimeout() string { - if x != nil { - return x.OutboundConnectTimeout - } - return "" -} - -func (x *Proxy) GetInboundConnectTimeout() string { - if x != nil { - return x.InboundConnectTimeout - } - return "" -} - -type Image struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - ImageName string `protobuf:"bytes,1,opt,name=image_name,json=imageName,proto3" json:"image_name,omitempty"` - PullPolicy string `protobuf:"bytes,2,opt,name=pull_policy,json=pullPolicy,proto3" json:"pull_policy,omitempty"` -} - -func (x *Image) Reset() { - *x = Image{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Image) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Image) ProtoMessage() {} - -func (x *Image) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Image.ProtoReflect.Descriptor instead. -func (*Image) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{3} -} - -func (x *Image) GetImageName() string { - if x != nil { - return x.ImageName - } - return "" -} - -func (x *Image) GetPullPolicy() string { - if x != nil { - return x.PullPolicy - } - return "" -} - -type Port struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Port uint32 `protobuf:"varint,1,opt,name=port,proto3" json:"port,omitempty"` -} - -func (x *Port) Reset() { - *x = Port{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Port) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Port) ProtoMessage() {} - -func (x *Port) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Port.ProtoReflect.Descriptor instead. -func (*Port) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{4} -} - -func (x *Port) GetPort() uint32 { - if x != nil { - return x.Port - } - return 0 -} - -type PortRange struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - PortRange string `protobuf:"bytes,1,opt,name=port_range,json=portRange,proto3" json:"port_range,omitempty"` -} - -func (x *PortRange) Reset() { - *x = PortRange{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[5] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *PortRange) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*PortRange) ProtoMessage() {} - -func (x *PortRange) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[5] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use PortRange.ProtoReflect.Descriptor instead. -func (*PortRange) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{5} -} - -func (x *PortRange) GetPortRange() string { - if x != nil { - return x.PortRange - } - return "" -} - -type ResourceRequirements struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - RequestCpu string `protobuf:"bytes,1,opt,name=request_cpu,json=requestCpu,proto3" json:"request_cpu,omitempty"` - RequestMemory string `protobuf:"bytes,2,opt,name=request_memory,json=requestMemory,proto3" json:"request_memory,omitempty"` - LimitCpu string `protobuf:"bytes,3,opt,name=limit_cpu,json=limitCpu,proto3" json:"limit_cpu,omitempty"` - LimitMemory string `protobuf:"bytes,4,opt,name=limit_memory,json=limitMemory,proto3" json:"limit_memory,omitempty"` -} - -func (x *ResourceRequirements) Reset() { - *x = ResourceRequirements{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[6] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ResourceRequirements) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ResourceRequirements) ProtoMessage() {} - -func (x *ResourceRequirements) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[6] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ResourceRequirements.ProtoReflect.Descriptor instead. -func (*ResourceRequirements) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{6} -} - -func (x *ResourceRequirements) GetRequestCpu() string { - if x != nil { - return x.RequestCpu - } - return "" -} - -func (x *ResourceRequirements) GetRequestMemory() string { - if x != nil { - return x.RequestMemory - } - return "" -} - -func (x *ResourceRequirements) GetLimitCpu() string { - if x != nil { - return x.LimitCpu - } - return "" -} - -func (x *ResourceRequirements) GetLimitMemory() string { - if x != nil { - return x.LimitMemory - } - return "" -} - -// Deprecated: Do not use. -type AutoInjectContext struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *AutoInjectContext) Reset() { - *x = AutoInjectContext{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[7] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *AutoInjectContext) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*AutoInjectContext) ProtoMessage() {} - -func (x *AutoInjectContext) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[7] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use AutoInjectContext.ProtoReflect.Descriptor instead. -func (*AutoInjectContext) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{7} -} - -type IdentityContext struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - TrustDomain string `protobuf:"bytes,1,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` - TrustAnchorsPem string `protobuf:"bytes,2,opt,name=trust_anchors_pem,json=trustAnchorsPem,proto3" json:"trust_anchors_pem,omitempty"` - IssuanceLifetime *duration.Duration `protobuf:"bytes,3,opt,name=issuance_lifetime,json=issuanceLifetime,proto3" json:"issuance_lifetime,omitempty"` - ClockSkewAllowance *duration.Duration `protobuf:"bytes,4,opt,name=clock_skew_allowance,json=clockSkewAllowance,proto3" json:"clock_skew_allowance,omitempty"` - Scheme string `protobuf:"bytes,5,opt,name=scheme,proto3" json:"scheme,omitempty"` -} - -func (x *IdentityContext) Reset() { - *x = IdentityContext{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[8] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *IdentityContext) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*IdentityContext) ProtoMessage() {} - -func (x *IdentityContext) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[8] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use IdentityContext.ProtoReflect.Descriptor instead. -func (*IdentityContext) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{8} -} - -func (x *IdentityContext) GetTrustDomain() string { - if x != nil { - return x.TrustDomain - } - return "" -} - -func (x *IdentityContext) GetTrustAnchorsPem() string { - if x != nil { - return x.TrustAnchorsPem - } - return "" -} - -func (x *IdentityContext) GetIssuanceLifetime() *duration.Duration { - if x != nil { - return x.IssuanceLifetime - } - return nil -} - -func (x *IdentityContext) GetClockSkewAllowance() *duration.Duration { - if x != nil { - return x.ClockSkewAllowance - } - return nil -} - -func (x *IdentityContext) GetScheme() string { - if x != nil { - return x.Scheme - } - return "" -} - -type LogLevel struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Level string `protobuf:"bytes,1,opt,name=level,proto3" json:"level,omitempty"` -} - -func (x *LogLevel) Reset() { - *x = LogLevel{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[9] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LogLevel) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LogLevel) ProtoMessage() {} - -func (x *LogLevel) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[9] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LogLevel.ProtoReflect.Descriptor instead. -func (*LogLevel) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{9} -} - -func (x *LogLevel) GetLevel() string { - if x != nil { - return x.Level - } - return "" -} - -// Stores information about the last installation/upgrade. -// -// Useful for driving upgrades. -type Install struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // The CLI version that drove the last install or upgrade. - CliVersion string `protobuf:"bytes,2,opt,name=cli_version,json=cliVersion,proto3" json:"cli_version,omitempty"` - // The CLI arguments to the install (or upgrade) command, indicating the - // installer's intent. - Flags []*Install_Flag `protobuf:"bytes,3,rep,name=flags,proto3" json:"flags,omitempty"` -} - -func (x *Install) Reset() { - *x = Install{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[10] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Install) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Install) ProtoMessage() {} - -func (x *Install) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[10] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Install.ProtoReflect.Descriptor instead. -func (*Install) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{10} -} - -func (x *Install) GetCliVersion() string { - if x != nil { - return x.CliVersion - } - return "" -} - -func (x *Install) GetFlags() []*Install_Flag { - if x != nil { - return x.Flags - } - return nil -} - -type Install_Flag struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` -} - -func (x *Install_Flag) Reset() { - *x = Install_Flag{} - if protoimpl.UnsafeEnabled { - mi := &file_config_config_proto_msgTypes[11] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Install_Flag) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Install_Flag) ProtoMessage() {} - -func (x *Install_Flag) ProtoReflect() protoreflect.Message { - mi := &file_config_config_proto_msgTypes[11] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Install_Flag.ProtoReflect.Descriptor instead. -func (*Install_Flag) Descriptor() ([]byte, []int) { - return file_config_config_proto_rawDescGZIP(), []int{10, 0} -} - -func (x *Install_Flag) GetName() string { - if x != nil { - return x.Name - } - return "" -} - -func (x *Install_Flag) GetValue() string { - if x != nil { - return x.Value - } - return "" -} - -var File_config_config_proto protoreflect.FileDescriptor - -var file_config_config_proto_rawDesc = []byte{ - 0x0a, 0x13, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0f, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x98, 0x01, 0x0a, 0x03, 0x41, 0x6c, 0x6c, 0x12, 0x2f, - 0x0a, 0x06, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, - 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x52, 0x06, 0x67, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x12, - 0x2c, 0x0a, 0x05, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, - 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x52, 0x05, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x12, 0x32, 0x0a, - 0x07, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, - 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x52, 0x07, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6c, - 0x6c, 0x22, 0xf8, 0x02, 0x0a, 0x06, 0x47, 0x6c, 0x6f, 0x62, 0x61, 0x6c, 0x12, 0x2b, 0x0a, 0x11, - 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, - 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6e, 0x69, - 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, - 0x63, 0x6e, 0x69, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x4b, 0x0a, 0x10, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, - 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, - 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, - 0x52, 0x0f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, - 0x74, 0x12, 0x56, 0x0a, 0x13, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x69, 0x6e, 0x6a, 0x65, 0x63, 0x74, - 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, - 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x2e, 0x41, 0x75, 0x74, 0x6f, 0x49, 0x6e, 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x74, 0x65, - 0x78, 0x74, 0x42, 0x02, 0x18, 0x01, 0x52, 0x11, 0x61, 0x75, 0x74, 0x6f, 0x49, 0x6e, 0x6a, 0x65, - 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x3a, 0x0a, 0x16, 0x6f, 0x6d, 0x69, - 0x74, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x53, 0x69, 0x64, 0x65, 0x45, 0x66, 0x66, 0x65, - 0x63, 0x74, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x16, 0x6f, - 0x6d, 0x69, 0x74, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x53, 0x69, 0x64, 0x65, 0x45, 0x66, - 0x66, 0x65, 0x63, 0x74, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, - 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, - 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x22, 0xec, 0x08, 0x0a, - 0x05, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x12, 0x37, 0x0a, 0x0b, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, - 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6c, 0x69, - 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x49, 0x6d, - 0x61, 0x67, 0x65, 0x52, 0x0a, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, - 0x40, 0x0a, 0x10, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x5f, 0x69, 0x6d, - 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, - 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x49, 0x6d, 0x61, 0x67, - 0x65, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x49, 0x6e, 0x69, 0x74, 0x49, 0x6d, 0x61, 0x67, - 0x65, 0x12, 0x38, 0x0a, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x5f, 0x70, 0x6f, 0x72, - 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, - 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x0b, - 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x4c, 0x0a, 0x14, 0x69, - 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x5f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x70, 0x6f, - 0x72, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, - 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, - 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x12, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x49, 0x6e, 0x62, - 0x6f, 0x75, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x12, 0x4e, 0x0a, 0x15, 0x69, 0x67, 0x6e, - 0x6f, 0x72, 0x65, 0x5f, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x70, 0x6f, 0x72, - 0x74, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, - 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, - 0x61, 0x6e, 0x67, 0x65, 0x52, 0x13, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65, 0x4f, 0x75, 0x74, 0x62, - 0x6f, 0x75, 0x6e, 0x64, 0x50, 0x6f, 0x72, 0x74, 0x73, 0x12, 0x38, 0x0a, 0x0c, 0x69, 0x6e, 0x62, - 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x15, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x0b, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x50, - 0x6f, 0x72, 0x74, 0x12, 0x34, 0x0a, 0x0a, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x5f, 0x70, 0x6f, 0x72, - 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, - 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x09, - 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x3a, 0x0a, 0x0d, 0x6f, 0x75, 0x74, - 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x15, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, - 0x69, 0x67, 0x2e, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x0c, 0x6f, 0x75, 0x74, 0x62, 0x6f, 0x75, 0x6e, - 0x64, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x41, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, - 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x08, - 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x72, 0x6f, 0x78, - 0x79, 0x5f, 0x75, 0x69, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x03, 0x52, 0x08, 0x70, 0x72, 0x6f, - 0x78, 0x79, 0x55, 0x69, 0x64, 0x12, 0x36, 0x0a, 0x09, 0x6c, 0x6f, 0x67, 0x5f, 0x6c, 0x65, 0x76, - 0x65, 0x6c, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, - 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x4c, 0x6f, 0x67, 0x4c, 0x65, - 0x76, 0x65, 0x6c, 0x52, 0x08, 0x6c, 0x6f, 0x67, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x3a, 0x0a, - 0x19, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, - 0x6c, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, - 0x52, 0x17, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, - 0x6c, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x72, 0x6f, - 0x78, 0x79, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0c, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x37, - 0x0a, 0x18, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x5f, 0x69, 0x6d, 0x61, - 0x67, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x15, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x49, 0x6e, 0x69, 0x74, 0x49, 0x6d, 0x61, 0x67, 0x65, - 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x37, 0x0a, 0x0b, 0x64, 0x65, 0x62, 0x75, 0x67, - 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x6c, - 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x49, - 0x6d, 0x61, 0x67, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x62, 0x75, 0x67, 0x49, 0x6d, 0x61, 0x67, 0x65, - 0x12, 0x2e, 0x0a, 0x13, 0x64, 0x65, 0x62, 0x75, 0x67, 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x5f, - 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x64, - 0x65, 0x62, 0x75, 0x67, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x12, 0x38, 0x0a, 0x18, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, - 0x67, 0x65, 0x74, 0x5f, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x73, 0x18, 0x11, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x16, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x47, - 0x65, 0x74, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x6c, 0x6f, - 0x67, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x12, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, - 0x6c, 0x6f, 0x67, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x38, 0x0a, 0x18, 0x6f, 0x75, 0x74, - 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x69, - 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x13, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x6f, 0x75, 0x74, - 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x54, 0x69, 0x6d, 0x65, - 0x6f, 0x75, 0x74, 0x12, 0x36, 0x0a, 0x17, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x5f, 0x63, - 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x14, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x15, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x43, 0x6f, 0x6e, - 0x6e, 0x65, 0x63, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x22, 0x47, 0x0a, 0x05, 0x49, - 0x6d, 0x61, 0x67, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x5f, 0x6e, 0x61, - 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x4e, - 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x75, 0x6c, 0x6c, 0x5f, 0x70, 0x6f, 0x6c, 0x69, - 0x63, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x75, 0x6c, 0x6c, 0x50, 0x6f, - 0x6c, 0x69, 0x63, 0x79, 0x22, 0x1a, 0x0a, 0x04, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x12, 0x0a, 0x04, - 0x70, 0x6f, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, - 0x22, 0x2a, 0x0a, 0x09, 0x50, 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x1d, 0x0a, - 0x0a, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x09, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x22, 0x9e, 0x01, 0x0a, - 0x14, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, - 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x5f, 0x63, 0x70, 0x75, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x43, 0x70, 0x75, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x5f, 0x6d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, - 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x4d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x12, 0x1b, 0x0a, - 0x09, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x63, 0x70, 0x75, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x43, 0x70, 0x75, 0x12, 0x21, 0x0a, 0x0c, 0x6c, 0x69, - 0x6d, 0x69, 0x74, 0x5f, 0x6d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0b, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x4d, 0x65, 0x6d, 0x6f, 0x72, 0x79, 0x22, 0x17, 0x0a, - 0x11, 0x41, 0x75, 0x74, 0x6f, 0x49, 0x6e, 0x6a, 0x65, 0x63, 0x74, 0x43, 0x6f, 0x6e, 0x74, 0x65, - 0x78, 0x74, 0x3a, 0x02, 0x18, 0x01, 0x22, 0x8d, 0x02, 0x0a, 0x0f, 0x49, 0x64, 0x65, 0x6e, 0x74, - 0x69, 0x74, 0x79, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x72, - 0x75, 0x73, 0x74, 0x5f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0b, 0x74, 0x72, 0x75, 0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x2a, 0x0a, - 0x11, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x61, 0x6e, 0x63, 0x68, 0x6f, 0x72, 0x73, 0x5f, 0x70, - 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x74, 0x72, 0x75, 0x73, 0x74, 0x41, - 0x6e, 0x63, 0x68, 0x6f, 0x72, 0x73, 0x50, 0x65, 0x6d, 0x12, 0x46, 0x0a, 0x11, 0x69, 0x73, 0x73, - 0x75, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, - 0x10, 0x69, 0x73, 0x73, 0x75, 0x61, 0x6e, 0x63, 0x65, 0x4c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, - 0x65, 0x12, 0x4b, 0x0a, 0x14, 0x63, 0x6c, 0x6f, 0x63, 0x6b, 0x5f, 0x73, 0x6b, 0x65, 0x77, 0x5f, - 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x61, 0x6e, 0x63, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, - 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x12, 0x63, 0x6c, 0x6f, 0x63, - 0x6b, 0x53, 0x6b, 0x65, 0x77, 0x41, 0x6c, 0x6c, 0x6f, 0x77, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x16, - 0x0a, 0x06, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, - 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x22, 0x20, 0x0a, 0x08, 0x4c, 0x6f, 0x67, 0x4c, 0x65, 0x76, - 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x22, 0x97, 0x01, 0x0a, 0x07, 0x49, 0x6e, 0x73, - 0x74, 0x61, 0x6c, 0x6c, 0x12, 0x1f, 0x0a, 0x0b, 0x63, 0x6c, 0x69, 0x5f, 0x76, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x63, 0x6c, 0x69, 0x56, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x0a, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x18, 0x03, - 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x32, 0x2e, - 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, 0x2e, 0x46, - 0x6c, 0x61, 0x67, 0x52, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x1a, 0x30, 0x0a, 0x04, 0x46, 0x6c, - 0x61, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x4a, 0x04, 0x08, 0x01, - 0x10, 0x02, 0x42, 0x33, 0x5a, 0x31, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, 0x2f, 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x72, 0x64, - 0x32, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x67, 0x65, 0x6e, - 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_config_config_proto_rawDescOnce sync.Once - file_config_config_proto_rawDescData = file_config_config_proto_rawDesc -) - -func file_config_config_proto_rawDescGZIP() []byte { - file_config_config_proto_rawDescOnce.Do(func() { - file_config_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_config_config_proto_rawDescData) - }) - return file_config_config_proto_rawDescData -} - -var file_config_config_proto_msgTypes = make([]protoimpl.MessageInfo, 12) -var file_config_config_proto_goTypes = []interface{}{ - (*All)(nil), // 0: linkerd2.config.All - (*Global)(nil), // 1: linkerd2.config.Global - (*Proxy)(nil), // 2: linkerd2.config.Proxy - (*Image)(nil), // 3: linkerd2.config.Image - (*Port)(nil), // 4: linkerd2.config.Port - (*PortRange)(nil), // 5: linkerd2.config.PortRange - (*ResourceRequirements)(nil), // 6: linkerd2.config.ResourceRequirements - (*AutoInjectContext)(nil), // 7: linkerd2.config.AutoInjectContext - (*IdentityContext)(nil), // 8: linkerd2.config.IdentityContext - (*LogLevel)(nil), // 9: linkerd2.config.LogLevel - (*Install)(nil), // 10: linkerd2.config.Install - (*Install_Flag)(nil), // 11: linkerd2.config.Install.Flag - (*duration.Duration)(nil), // 12: google.protobuf.Duration -} -var file_config_config_proto_depIdxs = []int32{ - 1, // 0: linkerd2.config.All.global:type_name -> linkerd2.config.Global - 2, // 1: linkerd2.config.All.proxy:type_name -> linkerd2.config.Proxy - 10, // 2: linkerd2.config.All.install:type_name -> linkerd2.config.Install - 8, // 3: linkerd2.config.Global.identity_context:type_name -> linkerd2.config.IdentityContext - 7, // 4: linkerd2.config.Global.auto_inject_context:type_name -> linkerd2.config.AutoInjectContext - 3, // 5: linkerd2.config.Proxy.proxy_image:type_name -> linkerd2.config.Image - 3, // 6: linkerd2.config.Proxy.proxy_init_image:type_name -> linkerd2.config.Image - 4, // 7: linkerd2.config.Proxy.control_port:type_name -> linkerd2.config.Port - 5, // 8: linkerd2.config.Proxy.ignore_inbound_ports:type_name -> linkerd2.config.PortRange - 5, // 9: linkerd2.config.Proxy.ignore_outbound_ports:type_name -> linkerd2.config.PortRange - 4, // 10: linkerd2.config.Proxy.inbound_port:type_name -> linkerd2.config.Port - 4, // 11: linkerd2.config.Proxy.admin_port:type_name -> linkerd2.config.Port - 4, // 12: linkerd2.config.Proxy.outbound_port:type_name -> linkerd2.config.Port - 6, // 13: linkerd2.config.Proxy.resource:type_name -> linkerd2.config.ResourceRequirements - 9, // 14: linkerd2.config.Proxy.log_level:type_name -> linkerd2.config.LogLevel - 3, // 15: linkerd2.config.Proxy.debug_image:type_name -> linkerd2.config.Image - 12, // 16: linkerd2.config.IdentityContext.issuance_lifetime:type_name -> google.protobuf.Duration - 12, // 17: linkerd2.config.IdentityContext.clock_skew_allowance:type_name -> google.protobuf.Duration - 11, // 18: linkerd2.config.Install.flags:type_name -> linkerd2.config.Install.Flag - 19, // [19:19] is the sub-list for method output_type - 19, // [19:19] is the sub-list for method input_type - 19, // [19:19] is the sub-list for extension type_name - 19, // [19:19] is the sub-list for extension extendee - 0, // [0:19] is the sub-list for field type_name -} - -func init() { file_config_config_proto_init() } -func file_config_config_proto_init() { - if File_config_config_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_config_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*All); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Global); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Proxy); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Image); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Port); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*PortRange); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ResourceRequirements); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*AutoInjectContext); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IdentityContext); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LogLevel); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Install); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_config_config_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Install_Flag); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_config_config_proto_rawDesc, - NumEnums: 0, - NumMessages: 12, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_config_config_proto_goTypes, - DependencyIndexes: file_config_config_proto_depIdxs, - MessageInfos: file_config_config_proto_msgTypes, - }.Build() - File_config_config_proto = out.File - file_config_config_proto_rawDesc = nil - file_config_config_proto_goTypes = nil - file_config_config_proto_depIdxs = nil -} diff --git a/controller/heartbeat/heartbeat.go b/controller/heartbeat/heartbeat.go index 4c9324755..07f836711 100644 --- a/controller/heartbeat/heartbeat.go +++ b/controller/heartbeat/heartbeat.go @@ -11,7 +11,7 @@ import ( "time" pkgK8s "github.com/linkerd/linkerd2/controller/k8s" - "github.com/linkerd/linkerd2/pkg/healthcheck" + "github.com/linkerd/linkerd2/pkg/config" "github.com/linkerd/linkerd2/pkg/k8s" "github.com/linkerd/linkerd2/pkg/version" promv1 "github.com/prometheus/client_golang/api/prometheus/v1" @@ -29,7 +29,7 @@ type containerMeta struct { func K8sValues(ctx context.Context, kubeAPI *k8s.KubernetesAPI, controlPlaneNamespace string) url.Values { v := url.Values{} - cm, _, err := healthcheck.FetchLinkerdConfigMap(ctx, kubeAPI, controlPlaneNamespace) + cm, err := config.FetchLinkerdConfigMap(ctx, kubeAPI, controlPlaneNamespace) if err != nil { log.Errorf("Failed to fetch linkerd-config: %s", err) } else { diff --git a/pkg/config/config.go b/pkg/config/config.go index be3a58415..3191b1d1b 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -1,13 +1,15 @@ package config import ( + "context" "fmt" "io/ioutil" - "strings" - "github.com/golang/protobuf/jsonpb" - "github.com/golang/protobuf/proto" - pb "github.com/linkerd/linkerd2/controller/gen/config" + "github.com/linkerd/linkerd2/pkg/k8s" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + l5dcharts "github.com/linkerd/linkerd2/pkg/charts/linkerd2" log "github.com/sirupsen/logrus" "sigs.k8s.io/yaml" @@ -28,49 +30,6 @@ func Values(filepath string) (*l5dcharts.Values, error) { return values, err } -func unmarshal(json string, msg proto.Message) error { - // If a config is missing, then just leave the message as nil and return - // without an error. - if json == "" { - return nil - } - - // If we're using older code to read a newer config, blowing up during decoding - // is not helpful. We should detect that through other means. - u := jsonpb.Unmarshaler{AllowUnknownFields: true} - return u.Unmarshal(strings.NewReader(json), msg) -} - -// FromConfigMap builds a configuration by reading a map with the keys "global", -// "proxy", and "install" each containing JSON values. If none of these keys -// exist, FromConfigMap will return nil. This likely indicates that the -// installed version of Linkerd is stable-2.9.0 or later which uses a different -// config format. -func FromConfigMap(configMap map[string]string) (*pb.All, error) { - c := &pb.All{Global: &pb.Global{}, Proxy: &pb.Proxy{}, Install: &pb.Install{}} - - global, globalOk := configMap["global"] - proxy, proxyOk := configMap["proxy"] - install, installOk := configMap["install"] - if !globalOk && !proxyOk && !installOk { - return nil, nil - } - - if err := unmarshal(global, c.Global); err != nil { - return nil, fmt.Errorf("invalid global config: %s", err) - } - - if err := unmarshal(proxy, c.Proxy); err != nil { - return nil, fmt.Errorf("invalid proxy config: %s", err) - } - - if err := unmarshal(install, c.Install); err != nil { - return nil, fmt.Errorf("invalid install config: %s", err) - } - - return c, nil -} - // RemoveGlobalFieldIfPresent removes the `global` node and // attaches the children nodes there. func RemoveGlobalFieldIfPresent(bytes []byte) ([]byte, error) { @@ -101,106 +60,12 @@ func RemoveGlobalFieldIfPresent(bytes []byte) ([]byte, error) { return bytes, nil } -// ToValues converts configuration into a Values struct, i.e to be consumed by check -// TODO: Remove this once the newer configuration becomes the default i.e 2.10 -func ToValues(configs *pb.All) *l5dcharts.Values { - - // convert install flags into values - values := &l5dcharts.Values{ - CNIEnabled: configs.GetGlobal().GetCniEnabled(), - Namespace: configs.GetGlobal().GetLinkerdNamespace(), - IdentityTrustAnchorsPEM: configs.GetGlobal().GetIdentityContext().GetTrustAnchorsPem(), - IdentityTrustDomain: configs.GetGlobal().GetIdentityContext().GetTrustDomain(), - ClusterDomain: configs.GetGlobal().GetClusterDomain(), - ClusterNetworks: configs.GetProxy().GetDestinationGetNetworks(), - LinkerdVersion: configs.GetGlobal().GetVersion(), - Proxy: &l5dcharts.Proxy{ - Image: &l5dcharts.Image{ - Name: configs.GetProxy().GetProxyImage().GetImageName(), - PullPolicy: configs.GetProxy().GetProxyImage().GetPullPolicy(), - Version: configs.GetProxy().GetProxyVersion(), - }, - Ports: &l5dcharts.Ports{ - Control: int32(configs.GetProxy().GetControlPort().GetPort()), - Inbound: int32(configs.GetProxy().GetInboundPort().GetPort()), - Admin: int32(configs.GetProxy().GetAdminPort().GetPort()), - Outbound: int32(configs.GetProxy().GetOutboundPort().GetPort()), - }, - Resources: &l5dcharts.Resources{ - CPU: l5dcharts.Constraints{ - Limit: configs.GetProxy().GetResource().GetLimitCpu(), - Request: configs.GetProxy().GetResource().GetRequestCpu(), - }, - Memory: l5dcharts.Constraints{ - Limit: configs.GetProxy().GetResource().GetLimitMemory(), - Request: configs.GetProxy().GetResource().GetRequestMemory(), - }, - }, - EnableExternalProfiles: !configs.Proxy.GetDisableExternalProfiles(), - LogFormat: configs.GetProxy().GetLogFormat(), - OutboundConnectTimeout: configs.GetProxy().GetOutboundConnectTimeout(), - InboundConnectTimeout: configs.GetProxy().GetInboundConnectTimeout(), - }, - ProxyInit: &l5dcharts.ProxyInit{ - IgnoreInboundPorts: toString(configs.GetProxy().GetIgnoreInboundPorts()), - IgnoreOutboundPorts: toString(configs.GetProxy().GetIgnoreOutboundPorts()), - Image: &l5dcharts.Image{ - Name: configs.GetProxy().GetProxyInitImage().GetImageName(), - PullPolicy: configs.GetProxy().GetProxyInitImage().GetPullPolicy(), - Version: configs.GetProxy().GetProxyInitImageVersion(), - }, - }, - Identity: &l5dcharts.Identity{ - Issuer: &l5dcharts.Issuer{ - Scheme: configs.GetGlobal().GetIdentityContext().GetScheme(), - }, - }, - DebugContainer: &l5dcharts.DebugContainer{ - Image: &l5dcharts.Image{ - Name: configs.GetProxy().GetDebugImage().GetImageName(), - PullPolicy: configs.GetProxy().GetDebugImage().GetPullPolicy(), - Version: configs.GetProxy().GetDebugImageVersion(), - }, - }, +// FetchLinkerdConfigMap retrieves the `linkerd-config` ConfigMap from +// Kubernetes. +func FetchLinkerdConfigMap(ctx context.Context, k kubernetes.Interface, controlPlaneNamespace string) (*corev1.ConfigMap, error) { + cm, err := k.CoreV1().ConfigMaps(controlPlaneNamespace).Get(ctx, k8s.ConfigConfigMapName, metav1.GetOptions{}) + if err != nil { + return nil, err } - - // for non-primitive types set only if they are not nil - if configs.GetGlobal().GetIdentityContext().GetIssuanceLifetime() != nil { - values.Identity.Issuer.IssuanceLifetime = configs.GetGlobal().GetIdentityContext().GetIssuanceLifetime().String() - } - if configs.GetGlobal().GetIdentityContext().GetClockSkewAllowance() != nil { - values.Identity.Issuer.ClockSkewAllowance = configs.GetGlobal().GetIdentityContext().GetClockSkewAllowance().String() - } - - if configs.GetProxy().GetLogLevel() != nil { - values.Proxy.LogLevel = configs.GetProxy().GetLogLevel().String() - - } - - // set HA, and Heartbeat flags as health-check needs them for old config installs - for _, flag := range configs.GetInstall().GetFlags() { - if flag.GetName() == "ha" && flag.GetValue() == "true" { - values.HighAvailability = true - } - - if flag.GetName() == "disable-heartbeat" && flag.GetValue() == "true" { - values.DisableHeartBeat = true - } - } - - return values -} - -func toString(portRanges []*pb.PortRange) string { - - var portRangeString string - if len(portRanges) > 0 { - for i := 0; i < len(portRanges)-1; i++ { - portRangeString += portRanges[i].GetPortRange() + "," - } - - portRangeString += portRanges[len(portRanges)-1].GetPortRange() - } - - return portRangeString + return cm, nil } diff --git a/pkg/healthcheck/healthcheck.go b/pkg/healthcheck/healthcheck.go index f8a5b99d4..2c3fbcbab 100644 --- a/pkg/healthcheck/healthcheck.go +++ b/pkg/healthcheck/healthcheck.go @@ -13,7 +13,6 @@ import ( "strings" "time" - configPb "github.com/linkerd/linkerd2/controller/gen/config" controllerK8s "github.com/linkerd/linkerd2/controller/k8s" l5dcharts "github.com/linkerd/linkerd2/pkg/charts/linkerd2" "github.com/linkerd/linkerd2/pkg/config" @@ -1689,35 +1688,30 @@ func (hc *HealthChecker) checkCertificatesConfig(ctx context.Context) (*tls.Cred // FetchCurrentConfiguration retrieves the current Linkerd configuration func FetchCurrentConfiguration(ctx context.Context, k kubernetes.Interface, controlPlaneNamespace string) (*corev1.ConfigMap, *l5dcharts.Values, error) { - - // Get the linkerd-config values if present - configMap, configPb, err := FetchLinkerdConfigMap(ctx, k, controlPlaneNamespace) + // Get the linkerd-config values if present. + configMap, err := config.FetchLinkerdConfigMap(ctx, k, controlPlaneNamespace) if err != nil { return nil, nil, err } - if rawValues := configMap.Data["values"]; rawValues != "" { - // Convert into latest values, where global field is removed - rawValuesBytes, err := config.RemoveGlobalFieldIfPresent([]byte(rawValues)) - if err != nil { - return nil, nil, err - } - rawValues = string(rawValuesBytes) - var fullValues l5dcharts.Values - - err = yaml.Unmarshal([]byte(rawValues), &fullValues) - if err != nil { - return nil, nil, err - } - return configMap, &fullValues, nil - } - - if configPb == nil { + rawValues := configMap.Data["values"] + if rawValues == "" { return configMap, nil, nil } - // fall back to the older configMap - // TODO: remove this once the newer config override secret becomes the default i.e 2.10 - return configMap, config.ToValues(configPb), nil + + // Convert into latest values, where global field is removed. + rawValuesBytes, err := config.RemoveGlobalFieldIfPresent([]byte(rawValues)) + if err != nil { + return nil, nil, err + } + rawValues = string(rawValuesBytes) + var fullValues l5dcharts.Values + + err = yaml.Unmarshal([]byte(rawValues), &fullValues) + if err != nil { + return nil, nil, err + } + return configMap, &fullValues, nil } func (hc *HealthChecker) fetchProxyInjectorCaBundle(ctx context.Context) ([]*x509.Certificate, error) { @@ -1802,26 +1796,6 @@ func (hc *HealthChecker) FetchCredsFromOldSecret(ctx context.Context, namespace return cred, nil } -// FetchLinkerdConfigMap retrieves the `linkerd-config` ConfigMap from -// Kubernetes and parses it into `linkerd2.config` protobuf. -// TODO: Consider a different package for this function. This lives in the -// healthcheck package because healthcheck depends on it, along with other -// packages that also depend on healthcheck. This function depends on both -// `pkg/k8s` and `pkg/config`, which do not depend on each other. -func FetchLinkerdConfigMap(ctx context.Context, k kubernetes.Interface, controlPlaneNamespace string) (*corev1.ConfigMap, *configPb.All, error) { - cm, err := k.CoreV1().ConfigMaps(controlPlaneNamespace).Get(ctx, k8s.ConfigConfigMapName, metav1.GetOptions{}) - if err != nil { - return nil, nil, err - } - - configPB, err := config.FromConfigMap(cm.Data) - if err != nil { - return nil, nil, err - } - - return cm, configPB, nil -} - // CheckNamespace checks whether the given namespace exists, and returns an // error if it does not match `shouldExist`. func (hc *HealthChecker) CheckNamespace(ctx context.Context, namespace string, shouldExist bool) error { diff --git a/pkg/healthcheck/healthcheck_test.go b/pkg/healthcheck/healthcheck_test.go index 63ee4aae2..33e1aebae 100644 --- a/pkg/healthcheck/healthcheck_test.go +++ b/pkg/healthcheck/healthcheck_test.go @@ -11,19 +11,14 @@ import ( "testing" "time" - "github.com/golang/protobuf/ptypes/duration" - configPb "github.com/linkerd/linkerd2/controller/gen/config" "github.com/linkerd/linkerd2/pkg/charts/linkerd2" "github.com/linkerd/linkerd2/pkg/identity" "github.com/linkerd/linkerd2/pkg/issuercerts" "github.com/linkerd/linkerd2/pkg/k8s" "github.com/linkerd/linkerd2/pkg/tls" "github.com/linkerd/linkerd2/testutil" - "google.golang.org/protobuf/proto" corev1 "k8s.io/api/core/v1" - k8sErrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime/schema" ) type observer struct { @@ -1279,8 +1274,9 @@ apiVersion: v1 metadata: name: %s data: - global: | - {"identityContext":{"trustAnchorsPem": "%s"}} + values: | + identityTrustAnchorsPEM: %s + `, k8s.ConfigConfigMapName, currentCertificate) var testCases = []struct { @@ -2170,138 +2166,6 @@ func TestKubeSystemNamespaceInHA(t *testing.T) { } -func TestFetchLinkerdConfigMap(t *testing.T) { - testCases := []struct { - k8sConfigs []string - expected *configPb.All - err error - }{ - { - []string{` -kind: ConfigMap -apiVersion: v1 -metadata: - name: linkerd-config - namespace: linkerd -data: - global: | - {"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"fake-trust-anchors-pem","issuanceLifetime":"86400s","clockSkewAllowance":"20s"}} - proxy: | - {"proxyImage":{"imageName":"cr.l5d.io/linkerd/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"cr.l5d.io/linkerd/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxy_init_image_version":"v1.5.1","debugImage":{"imageName":"cr.l5d.io/linkerd/debug","pullPolicy":"IfNotPresent"},"debugImageVersion":"install-debug-version"} - install: | - {"cliVersion":"dev-undefined","flags":[]}`, - }, - &configPb.All{ - Global: &configPb.Global{ - LinkerdNamespace: "linkerd", - Version: "install-control-plane-version", - IdentityContext: &configPb.IdentityContext{ - TrustDomain: "cluster.local", - TrustAnchorsPem: "fake-trust-anchors-pem", - IssuanceLifetime: &duration.Duration{ - Seconds: 86400, - }, - ClockSkewAllowance: &duration.Duration{ - Seconds: 20, - }, - }, - }, Proxy: &configPb.Proxy{ - ProxyImage: &configPb.Image{ - ImageName: "cr.l5d.io/linkerd/proxy", - PullPolicy: "IfNotPresent", - }, - ProxyInitImage: &configPb.Image{ - ImageName: "cr.l5d.io/linkerd/proxy-init", - PullPolicy: "IfNotPresent", - }, - ControlPort: &configPb.Port{ - Port: 4190, - }, - InboundPort: &configPb.Port{ - Port: 4143, - }, - AdminPort: &configPb.Port{ - Port: 4191, - }, - OutboundPort: &configPb.Port{ - Port: 4140, - }, - Resource: &configPb.ResourceRequirements{}, - ProxyUid: 2102, - LogLevel: &configPb.LogLevel{ - Level: "warn,linkerd=info", - }, - DisableExternalProfiles: true, - ProxyVersion: "install-proxy-version", - ProxyInitImageVersion: "v1.5.1", - DebugImage: &configPb.Image{ - ImageName: "cr.l5d.io/linkerd/debug", - PullPolicy: "IfNotPresent", - }, - DebugImageVersion: "install-debug-version", - }, Install: &configPb.Install{ - CliVersion: "dev-undefined", - }}, - nil, - }, - { - []string{` -kind: ConfigMap -apiVersion: v1 -metadata: - name: linkerd-config - namespace: linkerd -data: - global: | - {"linkerdNamespace":"ns","identityContext":null} - proxy: "{}" - install: "{}"`, - }, - &configPb.All{Global: &configPb.Global{LinkerdNamespace: "ns", IdentityContext: nil}, Proxy: &configPb.Proxy{}, Install: &configPb.Install{}}, - nil, - }, - { - []string{` -kind: ConfigMap -apiVersion: v1 -metadata: - name: linkerd-config - namespace: linkerd -data: - global: "{}" - proxy: "{}" - install: "{}"`, - }, - &configPb.All{Global: &configPb.Global{}, Proxy: &configPb.Proxy{}, Install: &configPb.Install{}}, - nil, - }, - { - nil, - nil, - k8sErrors.NewNotFound(schema.GroupResource{Resource: "configmaps"}, "linkerd-config"), - }, - } - - for i, tc := range testCases { - tc := tc // pin - t.Run(fmt.Sprintf("%d", i), func(t *testing.T) { - clientset, err := k8s.NewFakeAPI(tc.k8sConfigs...) - if err != nil { - t.Fatalf("Unexpected error: %s", err) - } - - _, configs, err := FetchLinkerdConfigMap(context.Background(), clientset, "linkerd") - if !reflect.DeepEqual(err, tc.err) { - t.Fatalf("Expected \"%+v\", got \"%+v\"", tc.err, err) - } - - if !proto.Equal(configs, tc.expected) { - t.Fatalf("Unexpected config:\nExpected:\n%+v\nGot:\n%+v", tc.expected, configs) - } - }) - } -} - func TestFetchCurrentConfiguration(t *testing.T) { defaultValues, err := linkerd2.NewValues() @@ -2635,50 +2499,6 @@ data: }, nil, }, - { - []string{` -kind: ConfigMap -apiVersion: v1 -metadata: - name: linkerd-config - namespace: linkerd -data: - global: | - {"linkerdNamespace":"ns","identityContext":null, "cniEnabled": true} - proxy: | - {"proxyImage":{"imageName":"registry", "pullPolicy":"Always"}} - install: | - {"flags":[{"name":"ha","value":"true"}]}`, - }, - &linkerd2.Values{ - Namespace: "ns", - CNIEnabled: true, - HighAvailability: true, - Proxy: &linkerd2.Proxy{ - EnableExternalProfiles: true, - Image: &linkerd2.Image{ - Name: "registry", - PullPolicy: "Always", - }, - LogLevel: "", - Ports: &linkerd2.Ports{}, - Resources: &linkerd2.Resources{ - CPU: linkerd2.Constraints{}, - Memory: linkerd2.Constraints{}, - }, - }, - ProxyInit: &linkerd2.ProxyInit{ - Image: &linkerd2.Image{}, - }, - Identity: &linkerd2.Identity{ - Issuer: &linkerd2.Issuer{}, - }, - DebugContainer: &linkerd2.DebugContainer{ - Image: &linkerd2.Image{}, - }, - }, - nil, - }, } for i, tc := range testCases { @@ -2710,8 +2530,13 @@ metadata: name: linkerd-config namespace: linkerd data: - global: | - {"linkerdNamespace": "linkerd", "identityContext":{"trustAnchorsPem": %s, "trustDomain": "cluster.local", "scheme": "%s"}} + values: | + namespace: linkerd + identityTrustAnchorsPEM: %s + identityTrustDomain: cluster.local + identity: + issuer: + scheme: %s --- `, anchors, scheme) } diff --git a/pkg/healthcheck/version.go b/pkg/healthcheck/version.go index 623f8f479..3ad868e87 100644 --- a/pkg/healthcheck/version.go +++ b/pkg/healthcheck/version.go @@ -4,13 +4,15 @@ import ( "context" "fmt" + "github.com/linkerd/linkerd2/pkg/config" + "github.com/linkerd/linkerd2/pkg/charts/linkerd2" "github.com/linkerd/linkerd2/pkg/k8s" ) // GetServerVersion returns Linkerd's version, as set in linkerd-config func GetServerVersion(ctx context.Context, controlPlaneNamespace string, kubeAPI *k8s.KubernetesAPI) (string, error) { - cm, _, err := FetchLinkerdConfigMap(ctx, kubeAPI, controlPlaneNamespace) + cm, err := config.FetchLinkerdConfigMap(ctx, kubeAPI, controlPlaneNamespace) if err != nil { return "", fmt.Errorf("failed to fetch linkerd-config: %s", err) } diff --git a/pkg/util/parsing.go b/pkg/util/parsing.go index ba0267555..6ee9195c4 100644 --- a/pkg/util/parsing.go +++ b/pkg/util/parsing.go @@ -5,7 +5,6 @@ import ( "strings" "github.com/linkerd/linkerd2-proxy-init/ports" - "github.com/linkerd/linkerd2/controller/gen/config" log "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" ) @@ -16,8 +15,7 @@ func ParsePorts(portsString string) (map[uint32]struct{}, error) { opaquePorts := make(map[uint32]struct{}) if portsString != "" { portRanges := GetPortRanges(portsString) - for _, portRange := range portRanges { - pr := portRange.GetPortRange() + for _, pr := range portRanges { portsRange, err := ports.ParsePortRange(pr) if err != nil { log.Warnf("Invalid port range [%v]: %s", pr, err) @@ -38,8 +36,7 @@ func ParsePorts(portsString string) (map[uint32]struct{}, error) { func ParseContainerOpaquePorts(override string, containers []corev1.Container) []string { portRanges := GetPortRanges(override) var values []string - for _, portRange := range portRanges { - pr := portRange.GetPortRange() + for _, pr := range portRanges { port, named := isNamed(pr, containers) if named { values = append(values, strconv.Itoa(int(port))) @@ -58,13 +55,8 @@ func ParseContainerOpaquePorts(override string, containers []corev1.Container) [ } // GetPortRanges gets port ranges from an override annotation -func GetPortRanges(override string) []*config.PortRange { - split := strings.Split(strings.TrimSuffix(override, ","), ",") - ports := make([]*config.PortRange, len(split)) - for i, p := range split { - ports[i] = &config.PortRange{PortRange: p} - } - return ports +func GetPortRanges(override string) []string { + return strings.Split(strings.TrimSuffix(override, ","), ",") } // isNamed checks if a port range is actually a container named port (e.g. diff --git a/proto/config/config.proto b/proto/config/config.proto deleted file mode 100644 index 78f6931f5..000000000 --- a/proto/config/config.proto +++ /dev/null @@ -1,119 +0,0 @@ -syntax = "proto3"; - -package linkerd2.config; - -import "google/protobuf/duration.proto"; - -option go_package = "github.com/linkerd/linkerd2/controller/gen/config"; - -message All { - Global global = 1; - Proxy proxy = 2; - Install install = 3; -} - -message Global { - string linkerd_namespace = 1; - bool cni_enabled = 2; - - // Control plane version - string version = 3; - - // If present, configures identity. - IdentityContext identity_context = 4; - - AutoInjectContext auto_inject_context = 6 [deprecated=true]; - - bool omitWebhookSideEffects = 7 [deprecated=true]; - - // Override default `cluster.local` - string cluster_domain = 8; -} - -message Proxy { - Image proxy_image = 1; - Image proxy_init_image = 2; - - Port control_port = 3; - repeated PortRange ignore_inbound_ports = 4; - repeated PortRange ignore_outbound_ports = 5; - Port inbound_port = 6; - Port admin_port = 7; - Port outbound_port = 8; - - ResourceRequirements resource = 9; - - int64 proxy_uid = 10; - LogLevel log_level = 11; - bool disable_external_profiles = 12; - - string proxy_version = 13; - - string proxy_init_image_version = 14; - - Image debug_image = 15; - string debug_image_version = 16; - - string destination_get_networks = 17; - - string log_format = 18; - - string outbound_connect_timeout = 19; - - string inbound_connect_timeout = 20; -} - -message Image { - string image_name = 1; - string pull_policy = 2; -} - -message Port { - uint32 port = 1; -} - -message PortRange { - string port_range = 1; -} - -message ResourceRequirements { - string request_cpu = 1; - string request_memory = 2; - string limit_cpu = 3; - string limit_memory = 4; -} - -message AutoInjectContext { option deprecated = true; } - -message IdentityContext { - string trust_domain = 1; - string trust_anchors_pem = 2; - - google.protobuf.Duration issuance_lifetime = 3; - google.protobuf.Duration clock_skew_allowance = 4; - string scheme = 5; -} - -message LogLevel { - string level = 1; -} - -// Stores information about the last installation/upgrade. -// -// Useful for driving upgrades. -message Install { - reserved 1; - //string uuid = 1; - - // The CLI version that drove the last install or upgrade. - string cli_version = 2; - - // The CLI arguments to the install (or upgrade) command, indicating the - // installer's intent. - repeated Flag flags = 3; - - message Flag { - string name = 1; - string value = 2; - } -} diff --git a/web/main.go b/web/main.go index 6d5bb8864..26f219a7c 100644 --- a/web/main.go +++ b/web/main.go @@ -10,6 +10,8 @@ import ( "syscall" "time" + "github.com/linkerd/linkerd2/pkg/config" + "github.com/linkerd/linkerd2/pkg/admin" "github.com/linkerd/linkerd2/pkg/charts/linkerd2" "github.com/linkerd/linkerd2/pkg/flags" @@ -120,7 +122,7 @@ func getUUIDAndVersion(ctx context.Context, k8sAPI *k8s.KubernetesAPI, controlle var uuid string var version string - cm, _, err := healthcheck.FetchLinkerdConfigMap(ctx, k8sAPI, controllerNamespace) + cm, err := config.FetchLinkerdConfigMap(ctx, k8sAPI, controllerNamespace) if err != nil { log.Errorf("Failed to fetch linkerd-config: %s", err) } else {