-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Import Envoy Mobile repo #24233
Import Envoy Mobile repo #24233
Conversation
Marking as draft until I can fix DCO and GPG signing on some commits. |
5006611
to
9cd65a5
Compare
Sometimes these downloads fail due to transient errors (example: https://github.com/envoyproxy/envoy-mobile/runs/6728606246?check_suite_focus=true) and a retry will succeed. Configure the downloader to retry twice before giving up. Signed-off-by: JP Simard <jp@jpsim.com>
Adds an RTDS integration test for Envoy Mobile This test does a simple verification that the RTDS protocol within the xDS family is working correctly. A subsequent PR will improve upon the test coverage. As part of this change, the common parts of running a Envoy Mobile client integration test were refactored out into a new BaseClientIntegrationTest class. Both ClientIntegrationTest and RtdsIntegrationTest inherit from BaseClientIntegrationTest. NB: the parameterized test currently fails when using IPv6. This will be debugged and fixed in a subsequent PR. Signed-off-by: Ali Beyad <abeyad@google.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Rejecting requests which don't have an https scheme if Android disallows cleartext Risk Level: High Testing: TODO (envoyproxy/envoy-mobile#2341) Docs Changes: n/a Release Notes: inline Fixes #1572 Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
And validate that it builds successfully on CI. Ideally we'd have a whole suite of example integrations that validate all our supported installation methods, but this should be a good start. I reached out to the owner of https://catfacts.ninja to make sure this usage is within the terms of service and will update to use something else if necessary. https://user-images.githubusercontent.com/474794/171312056-2167333a-fb88-4cfe-aa30-353cceaa49a0.mp4 Signed-off-by: JP Simard <jp@jpsim.com>
As a precursor to adding brotli, making the decompressor configurable. Description: Risk Level: low Testing: new unit tests Docs Changes: n/a Release Notes: in the next PR Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Adds EngineBuilder API and internal support for registering a platform key-value store on iOS. Internally this may be leveraged for HTTP caching, endpoint protocol support caching, and use in filters. Risk: Moderate Testing: Updated coverage. Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Updates the exposed KeyValueStore type to be a more traditional implementable interface, and provides a simple persisting implementation based on Android SharedPreferences. Risk: Low Testing: Application Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Adding the option to configure brotli in the bulder Risk Level: low off by default Testing: cc unit tests, updated java tests Docs Changes: n/a Release Notes: inline Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
We may be interested in experimenting with network monitoring & interface switching completely disabled to assess the impact of this feature. Disabling network switching is not something we recommend generally. Risk Level: Low, adds the ability to disable network switching on an opt-in basis Testing: Updated unit tests Docs Changes: Added Release Notes: Added Signed-off-by: JP Simard <jp@jpsim.com>
To pull in bazelbuild/rules_apple#1488, which should fix our CocoaPods integration and allow us to re-add it. Risk Level: Medium for iOS users who use the xcframework, low for everyone else Testing: There's a recent CI job that validates SwiftPM integration that acts as a good integration test for this Docs Changes: None for now, this isn't really a user-facing change, as Xcode/SwiftPM handles both the old and new xcframework format/layout transparently Release Notes: None for now, this isn't really a user-facing change Signed-off-by: JP Simard <jp@jpsim.com>
Description: Update the list of clusters in docs. Risk Level: None. Testing: N/A Docs Changes: N/A Release Notes: N/A Signed-off-by: Rafal Augustyniak <raugustyniak@lyft.com> Signed-off-by: JP Simard <jp@jpsim.com>
To account for recent changes to defaults: actions/runner-images#5595 Signed-off-by: JP Simard <jp@jpsim.com>
Bitcode is all but dead at this point. Here's a deprecation note from the Xcode 14 beta 1 release notes: https://developer.apple.com/documentation/Xcode-Release-Notes/xcode-14-release-notes > Starting with Xcode 14, bitcode is no longer required for watchOS and > tvOS applications, and the App Store no longer accepts bitcode > submissions from Xcode 14. > Xcode no longer builds bitcode by default and generates a warning > message if a project explicitly enables bitcode: “Building with > bitcode is deprecated. Please update your project and/or target > settings to disable bitcode.” The capability to build with bitcode > will be removed in a future Xcode release. IPAs that contain bitcode > will have the bitcode stripped before being submitted to the App > Store. Debug symbols for past bitcode submissions remain available > for download. (86118779) * Don't recompress xcarchive There are no longer any bad CRC errors, and bazel's compression is slightly better than the system's `zip` (94MB vs 97MB). Signed-off-by: JP Simard <jp@jpsim.com>
Description: Previously, gzip decompression was always enabled in base configuration. This makes both gzip and brotli decompression configurable, with gzip defaulting to on (as it was previously) and brotli defaulting to off. No changes to usage of EngineBuilder need to be made to maintain existing behavior. Risk Level: Moderate Testing: Added config coverage. Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Improves security with respect to third-party actions. See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions I also read through the recent commits and updated to the latest release, since it contained a few bugfixes. Risk: Low Testing: CI Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Ryan Hamilton rch@google.com Follow up from https://github.com/envoyproxy/envoy-mobile/pull/2667/files/2499cc1751d8de78d0e74ca7acc2da622dbc402e#diff-767c4a04d30b269fb25067e63d4b374c1e43dbc201bbea33121cac3af963abdc Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Fix #2697 Signed-off-by: Ryan Northey ryan@synca.io Signed-off-by: JP Simard <jp@jpsim.com>
Fix a possible use-after-free with platform cert verification by using a unique_ptr in the flat_hash_set of pending validations. The flat_hash_set does not ensure pointer stability, but the validation thread holds a pointer to the PendingVerification, which is problematic. This PR makes PendingVerification non-moveable and non-copyable which avoids this problem. There is also another potential use-after free in that the task posted to the dispatcher deletes the PendingValidation, but the PendingValidation touches member variables after the call to post. Reordered the call to post to avoid this. Fixes #2691 Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
This fixes up issues exposed in #24151 where the PlatformBridgeCertValidatorFactory was not associated with the PlatformBridgeCertValidator proto. Risk Level: low Testing: #24151 Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Rename release_validator to validation_cleanup. The release_validator function does not actually release the validator. On iOS is does nothing and on Android it merely detaches the JVM from the current thread. So "cleanup validation" is a better description of it's function than "release validator" and matches the existing description "to clean up after validation completion." Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
Remove unused next_iteration_callback_ member. Remove unused config_ member. Make some members const. Use hostname instead of host_name. Pass in the list of subject alt names instead of passing in the transport socket options. Risk Level: Low Testing: No behavior change Docs Changes: N/A Release Notes: N/A Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Removing Admin from release builds by default Risk Level: medium Testing: n/a Docs Changes: n/a Release Notes: inline Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: alyssawilk <alyssar@google.com> Co-authored-by: JP Simard <jp@jpsim.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
…roxy/envoy/pull/24187/files (#2707) Fix typo in starting_envoy.rst Backport of https://github.com/envoyproxy/envoy/pull/24187/files Signed-off-by: Ryan Hamilton <rch@google.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: JP Simard <jp@jpsim.com>
9cd65a5
to
ad2a8d4
Compare
Looks like previously a 12MB aar file was accidentally checked in. This removes it. |
Thank you so much for doing this! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks @jpsim
Signed-off-by: alyssawilk <alyssar@chromium.org>
7189899
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks again
This re-imports the Envoy Mobile repo, this time preserving git history so that
git log
andgit blame
remain useful.mobile
directorygit-filter-repo --to-subdirectory-filter mobile
using https://github.com/newren/git-filter-repomobile/
that were done in https://github.com/envoyproxy/envoy in the last weekPart of #23758