/
wasm.proto
166 lines (141 loc) · 7.52 KB
/
wasm.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
syntax = "proto3";
package envoy.extensions.wasm.v3;
import "envoy/config/core/v3/base.proto";
import "google/protobuf/any.proto";
import "udpa/annotations/status.proto";
option java_package = "io.envoyproxy.envoy.extensions.wasm.v3";
option java_outer_classname = "WasmProto";
option java_multiple_files = true;
option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/wasm/v3;wasmv3";
option (udpa.annotations.file_status).package_version_status = ACTIVE;
// [#protodoc-title: Wasm]
// [#extension: envoy.bootstrap.wasm]
// Configuration for restricting Proxy-Wasm capabilities available to modules.
message CapabilityRestrictionConfig {
// The Proxy-Wasm capabilities which will be allowed. Capabilities are mapped by
// name. The ``SanitizationConfig`` which each capability maps to is currently unimplemented and ignored,
// and so should be left empty.
//
// The capability names are given in the
// `Proxy-Wasm ABI <https://github.com/proxy-wasm/spec/tree/master/abi-versions/vNEXT>`_.
// Additionally, the following WASI capabilities from
// `this list <https://github.com/WebAssembly/WASI/blob/master/phases/snapshot/docs.md#modules>`_
// are implemented and can be allowed:
// ``fd_write``, ``fd_read``, ``fd_seek``, ``fd_close``, ``fd_fdstat_get``, ``environ_get``, ``environ_sizes_get``,
// ``args_get``, ``args_sizes_get``, ``proc_exit``, ``clock_time_get``, ``random_get``.
map<string, SanitizationConfig> allowed_capabilities = 1;
}
// Configuration for sanitization of inputs to an allowed capability.
//
// NOTE: This is currently unimplemented.
message SanitizationConfig {
}
// Configuration for a Wasm VM.
// [#next-free-field: 8]
message VmConfig {
// An ID which will be used along with a hash of the wasm code (or the name of the registered Null
// VM plugin) to determine which VM will be used for the plugin. All plugins which use the same
// ``vm_id`` and code will use the same VM. May be left blank. Sharing a VM between plugins can
// reduce memory utilization and make sharing of data easier which may have security implications.
// [#comment: TODO: add ref for details.]
string vm_id = 1;
// The Wasm runtime type, defaults to the first available Wasm engine used at Envoy build-time.
// The priority to search for the available engine is: v8 -> wasmtime -> wamr -> wavm.
// Available Wasm runtime types are registered as extensions. The following runtimes are included
// in Envoy code base:
//
// .. _extension_envoy.wasm.runtime.null:
//
// **envoy.wasm.runtime.null**: Null sandbox, the Wasm module must be compiled and linked into the
// Envoy binary. The registered name is given in the ``code`` field as ``inline_string``.
//
// .. _extension_envoy.wasm.runtime.v8:
//
// **envoy.wasm.runtime.v8**: `V8 <https://v8.dev/>`_-based WebAssembly runtime.
//
// .. _extension_envoy.wasm.runtime.wamr:
//
// **envoy.wasm.runtime.wamr**: `WAMR <https://github.com/bytecodealliance/wasm-micro-runtime/>`_-based WebAssembly runtime.
// This runtime is not enabled in the official build.
//
// .. _extension_envoy.wasm.runtime.wavm:
//
// **envoy.wasm.runtime.wavm**: `WAVM <https://wavm.github.io/>`_-based WebAssembly runtime.
// This runtime is not enabled in the official build.
//
// .. _extension_envoy.wasm.runtime.wasmtime:
//
// **envoy.wasm.runtime.wasmtime**: `Wasmtime <https://wasmtime.dev/>`_-based WebAssembly runtime.
// This runtime is not enabled in the official build.
//
// [#extension-category: envoy.wasm.runtime]
string runtime = 2;
// The Wasm code that Envoy will execute.
config.core.v3.AsyncDataSource code = 3;
// The Wasm configuration used in initialization of a new VM
// (proxy_on_start). ``google.protobuf.Struct`` is serialized as JSON before
// passing it to the plugin. ``google.protobuf.BytesValue`` and
// ``google.protobuf.StringValue`` are passed directly without the wrapper.
google.protobuf.Any configuration = 4;
// Allow the wasm file to include pre-compiled code on VMs which support it.
// Warning: this should only be enable for trusted sources as the precompiled code is not
// verified.
bool allow_precompiled = 5;
// If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration
// update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter
// warming state.
bool nack_on_code_cache_miss = 6;
// Specifies environment variables to be injected to this VM which will be available through
// WASI's ``environ_get`` and ``environ_get_sizes`` system calls. Note that these functions are mostly implicitly
// called in your language's standard library, so you do not need to call them directly and you can access to env
// vars just like when you do on native platforms.
// Warning: Envoy rejects the configuration if there's conflict of key space.
EnvironmentVariables environment_variables = 7;
}
message EnvironmentVariables {
// The keys of *Envoy's* environment variables exposed to this VM. In other words, if a key exists in Envoy's environment
// variables, then that key-value pair will be injected. Note that if a key does not exist, it will be ignored.
repeated string host_env_keys = 1;
// Explicitly given key-value pairs to be injected to this VM in the form of "KEY=VALUE".
map<string, string> key_values = 2;
}
// Base Configuration for Wasm Plugins e.g. filters and services.
// [#next-free-field: 7]
message PluginConfig {
// A unique name for a filters/services in a VM for use in identifying the filter/service if
// multiple filters/services are handled by the same ``vm_id`` and ``root_id`` and for
// logging/debugging.
string name = 1;
// A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts
// if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all
// filters/services with a blank root_id with the same ``vm_id`` will share Context(s).
string root_id = 2;
// Configuration for finding or starting VM.
oneof vm {
VmConfig vm_config = 3;
// TODO: add referential VM configurations.
}
// Filter/service configuration used to configure or reconfigure a plugin
// (``proxy_on_configure``).
// ``google.protobuf.Struct`` is serialized as JSON before
// passing it to the plugin. ``google.protobuf.BytesValue`` and
// ``google.protobuf.StringValue`` are passed directly without the wrapper.
google.protobuf.Any configuration = 4;
// If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false),
// then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error,
// or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false
// during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial
// startup the proxy will not start.
bool fail_open = 5;
// Configuration for restricting Proxy-Wasm capabilities available to modules.
CapabilityRestrictionConfig capability_restriction_config = 6;
}
// WasmService is configured as a built-in ``envoy.wasm_service`` :ref:`WasmService
// <config_wasm_service>` This opaque configuration will be used to create a Wasm Service.
message WasmService {
// General plugin configuration.
PluginConfig config = 1;
// If true, create a single VM rather than creating one VM per worker. Such a singleton can
// not be used with filters.
bool singleton = 2;
}