Import Envoy Mobile repo #24233
Merged
Import Envoy Mobile repo #24233
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jpsim
requested review from
Augustyniak,
RyanTheOptimist,
alyssawilk and
abeyad
as code owners
|
Marking as draft until I can fix DCO and GPG signing on some commits. |
jpsim
force-pushed
the
envoy-mobile-repo-merge
branch
from
5006611
to
9cd65a5
Compare
Sometimes these downloads fail due to transient errors (example: https://github.com/envoyproxy/envoy-mobile/runs/6728606246?check_suite_focus=true) and a retry will succeed. Configure the downloader to retry twice before giving up. Signed-off-by: JP Simard <jp@jpsim.com>
Adds an RTDS integration test for Envoy Mobile This test does a simple verification that the RTDS protocol within the xDS family is working correctly. A subsequent PR will improve upon the test coverage. As part of this change, the common parts of running a Envoy Mobile client integration test were refactored out into a new BaseClientIntegrationTest class. Both ClientIntegrationTest and RtdsIntegrationTest inherit from BaseClientIntegrationTest. NB: the parameterized test currently fails when using IPv6. This will be debugged and fixed in a subsequent PR. Signed-off-by: Ali Beyad <abeyad@google.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Rejecting requests which don't have an https scheme if Android disallows cleartext Risk Level: High Testing: TODO (envoyproxy/envoy-mobile#2341) Docs Changes: n/a Release Notes: inline Fixes #1572 Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
And validate that it builds successfully on CI. Ideally we'd have a whole suite of example integrations that validate all our supported installation methods, but this should be a good start. I reached out to the owner of https://catfacts.ninja to make sure this usage is within the terms of service and will update to use something else if necessary. https://user-images.githubusercontent.com/474794/171312056-2167333a-fb88-4cfe-aa30-353cceaa49a0.mp4 Signed-off-by: JP Simard <jp@jpsim.com>
As a precursor to adding brotli, making the decompressor configurable. Description: Risk Level: low Testing: new unit tests Docs Changes: n/a Release Notes: in the next PR Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Adds EngineBuilder API and internal support for registering a platform key-value store on iOS. Internally this may be leveraged for HTTP caching, endpoint protocol support caching, and use in filters. Risk: Moderate Testing: Updated coverage. Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Updates the exposed KeyValueStore type to be a more traditional implementable interface, and provides a simple persisting implementation based on Android SharedPreferences. Risk: Low Testing: Application Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Adding the option to configure brotli in the bulder Risk Level: low off by default Testing: cc unit tests, updated java tests Docs Changes: n/a Release Notes: inline Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
We may be interested in experimenting with network monitoring & interface switching completely disabled to assess the impact of this feature. Disabling network switching is not something we recommend generally. Risk Level: Low, adds the ability to disable network switching on an opt-in basis Testing: Updated unit tests Docs Changes: Added Release Notes: Added Signed-off-by: JP Simard <jp@jpsim.com>
To pull in bazelbuild/rules_apple#1488, which should fix our CocoaPods integration and allow us to re-add it. Risk Level: Medium for iOS users who use the xcframework, low for everyone else Testing: There's a recent CI job that validates SwiftPM integration that acts as a good integration test for this Docs Changes: None for now, this isn't really a user-facing change, as Xcode/SwiftPM handles both the old and new xcframework format/layout transparently Release Notes: None for now, this isn't really a user-facing change Signed-off-by: JP Simard <jp@jpsim.com>
Description: Update the list of clusters in docs. Risk Level: None. Testing: N/A Docs Changes: N/A Release Notes: N/A Signed-off-by: Rafal Augustyniak <raugustyniak@lyft.com> Signed-off-by: JP Simard <jp@jpsim.com>
To account for recent changes to defaults: actions/runner-images#5595 Signed-off-by: JP Simard <jp@jpsim.com>
Bitcode is all but dead at this point. Here's a deprecation note from the Xcode 14 beta 1 release notes: https://developer.apple.com/documentation/Xcode-Release-Notes/xcode-14-release-notes > Starting with Xcode 14, bitcode is no longer required for watchOS and > tvOS applications, and the App Store no longer accepts bitcode > submissions from Xcode 14. > Xcode no longer builds bitcode by default and generates a warning > message if a project explicitly enables bitcode: “Building with > bitcode is deprecated. Please update your project and/or target > settings to disable bitcode.” The capability to build with bitcode > will be removed in a future Xcode release. IPAs that contain bitcode > will have the bitcode stripped before being submitted to the App > Store. Debug symbols for past bitcode submissions remain available > for download. (86118779) * Don't recompress xcarchive There are no longer any bad CRC errors, and bazel's compression is slightly better than the system's `zip` (94MB vs 97MB). Signed-off-by: JP Simard <jp@jpsim.com>
Description: Previously, gzip decompression was always enabled in base configuration. This makes both gzip and brotli decompression configurable, with gzip defaulting to on (as it was previously) and brotli defaulting to off. No changes to usage of EngineBuilder need to be made to maintain existing behavior. Risk Level: Moderate Testing: Added config coverage. Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Description: Improves security with respect to third-party actions. See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions I also read through the recent commits and updated to the latest release, since it contained a few bugfixes. Risk: Low Testing: CI Signed-off-by: Mike Schore <mike.schore@gmail.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Ryan Hamilton rch@google.com Follow up from https://github.com/envoyproxy/envoy-mobile/pull/2667/files/2499cc1751d8de78d0e74ca7acc2da622dbc402e#diff-767c4a04d30b269fb25067e63d4b374c1e43dbc201bbea33121cac3af963abdc Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Fix #2697 Signed-off-by: Ryan Northey ryan@synca.io Signed-off-by: JP Simard <jp@jpsim.com>
Fix a possible use-after-free with platform cert verification by using a unique_ptr in the flat_hash_set of pending validations. The flat_hash_set does not ensure pointer stability, but the validation thread holds a pointer to the PendingVerification, which is problematic. This PR makes PendingVerification non-moveable and non-copyable which avoids this problem. There is also another potential use-after free in that the task posted to the dispatcher deletes the PendingValidation, but the PendingValidation touches member variables after the call to post. Reordered the call to post to avoid this. Fixes #2691 Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
This fixes up issues exposed in #24151 where the PlatformBridgeCertValidatorFactory was not associated with the PlatformBridgeCertValidator proto. Risk Level: low Testing: #24151 Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Rename release_validator to validation_cleanup. The release_validator function does not actually release the validator. On iOS is does nothing and on Android it merely detaches the JVM from the current thread. So "cleanup validation" is a better description of it's function than "release validator" and matches the existing description "to clean up after validation completion." Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
Remove unused next_iteration_callback_ member. Remove unused config_ member. Make some members const. Use hostname instead of host_name. Pass in the list of subject alt names instead of passing in the transport socket options. Risk Level: Low Testing: No behavior change Docs Changes: N/A Release Notes: N/A Signed-off-by: Ryan Hamilton rch@google.com Signed-off-by: JP Simard <jp@jpsim.com>
Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: GitHub Action <noreply@github.com> Signed-off-by: JP Simard <jp@jpsim.com>
Removing Admin from release builds by default Risk Level: medium Testing: n/a Docs Changes: n/a Release Notes: inline Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: alyssawilk <alyssar@google.com> Co-authored-by: JP Simard <jp@jpsim.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: GitHub Action <noreply@github.com> Co-authored-by: jpsim <jpsim@users.noreply.github.com> Signed-off-by: JP Simard <jp@jpsim.com>
…roxy/envoy/pull/24187/files (#2707) Fix typo in starting_envoy.rst Backport of https://github.com/envoyproxy/envoy/pull/24187/files Signed-off-by: Ryan Hamilton <rch@google.com> Signed-off-by: JP Simard <jp@jpsim.com>
Signed-off-by: JP Simard <jp@jpsim.com>
jpsim
force-pushed
the
envoy-mobile-repo-merge
branch
from
9cd65a5
to
ad2a8d4
Compare
|
Looks like previously a 12MB aar file was accidentally checked in. This removes it. |
alyssawilk
previously approved these changes
Nov 28, 2022
|
Thank you so much for doing this! |
phlax
reviewed
Nov 28, 2022
Augustyniak
previously approved these changes
Nov 28, 2022
phlax
previously approved these changes
Nov 28, 2022
Signed-off-by: alyssawilk <alyssar@chromium.org>
alyssawilk
dismissed stale reviews from phlax, Augustyniak, and themself
via
7189899
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This re-imports the Envoy Mobile repo, this time preserving git history so that
git logandgit blameremain useful.mobiledirectorygit-filter-repo --to-subdirectory-filter mobileusing https://github.com/newren/git-filter-repomobile/that were done in https://github.com/envoyproxy/envoy in the last weekPart of #23758