diff --git a/xds/src/main/java/io/grpc/xds/ClusterImplLoadBalancer.java b/xds/src/main/java/io/grpc/xds/ClusterImplLoadBalancer.java index 0106da79028..074bb301b58 100644 --- a/xds/src/main/java/io/grpc/xds/ClusterImplLoadBalancer.java +++ b/xds/src/main/java/io/grpc/xds/ClusterImplLoadBalancer.java @@ -69,10 +69,7 @@ final class ClusterImplLoadBalancer extends LoadBalancer { static boolean enableCircuitBreaking = Strings.isNullOrEmpty(System.getenv("GRPC_XDS_EXPERIMENTAL_CIRCUIT_BREAKING")) || Boolean.parseBoolean(System.getenv("GRPC_XDS_EXPERIMENTAL_CIRCUIT_BREAKING")); - @VisibleForTesting - static boolean enableSecurity = - Strings.isNullOrEmpty(System.getenv("GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT")) - || Boolean.parseBoolean(System.getenv("GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT")); + private static final Attributes.Key ATTR_CLUSTER_LOCALITY_STATS = Attributes.Key.create("io.grpc.xds.ClusterImplLoadBalancer.clusterLocalityStats"); @@ -240,7 +237,7 @@ private List withAdditionalAttributes( for (EquivalentAddressGroup eag : addresses) { Attributes.Builder attrBuilder = eag.getAttributes().toBuilder().set( InternalXdsAttributes.ATTR_CLUSTER_NAME, cluster); - if (enableSecurity && sslContextProviderSupplier != null) { + if (sslContextProviderSupplier != null) { attrBuilder.set( InternalXdsAttributes.ATTR_SSL_CONTEXT_PROVIDER_SUPPLIER, sslContextProviderSupplier); diff --git a/xds/src/test/java/io/grpc/xds/ClusterImplLoadBalancerTest.java b/xds/src/test/java/io/grpc/xds/ClusterImplLoadBalancerTest.java index ff5c7a22cbb..2ab101b730d 100644 --- a/xds/src/test/java/io/grpc/xds/ClusterImplLoadBalancerTest.java +++ b/xds/src/test/java/io/grpc/xds/ClusterImplLoadBalancerTest.java @@ -528,20 +528,8 @@ public void endpointAddressesAttachedWithClusterName() { } } - @Test - public void endpointAddressesAttachedWithTlsConfig_disableSecurity() { - boolean originalEnableSecurity = ClusterImplLoadBalancer.enableSecurity; - ClusterImplLoadBalancer.enableSecurity = false; - subtest_endpointAddressesAttachedWithTlsConfig(false); - ClusterImplLoadBalancer.enableSecurity = originalEnableSecurity; - } - @Test public void endpointAddressesAttachedWithTlsConfig_securityEnabledByDefault() { - subtest_endpointAddressesAttachedWithTlsConfig(true); - } - - private void subtest_endpointAddressesAttachedWithTlsConfig(boolean enableSecurity) { UpstreamTlsContext upstreamTlsContext = CommonTlsContextTestsUtil.buildUpstreamTlsContext("google_cloud_private_spiffe", true); LoadBalancerProvider weightedTargetProvider = new WeightedTargetLoadBalancerProvider(); @@ -566,11 +554,7 @@ private void subtest_endpointAddressesAttachedWithTlsConfig(boolean enableSecuri for (EquivalentAddressGroup eag : subchannel.getAllAddresses()) { SslContextProviderSupplier supplier = eag.getAttributes().get(InternalXdsAttributes.ATTR_SSL_CONTEXT_PROVIDER_SUPPLIER); - if (enableSecurity) { - assertThat(supplier.getTlsContext()).isEqualTo(upstreamTlsContext); - } else { - assertThat(supplier).isNull(); - } + assertThat(supplier.getTlsContext()).isEqualTo(upstreamTlsContext); } // Removes UpstreamTlsContext from the config. @@ -597,20 +581,14 @@ private void subtest_endpointAddressesAttachedWithTlsConfig(boolean enableSecuri for (EquivalentAddressGroup eag : subchannel.getAllAddresses()) { SslContextProviderSupplier supplier = eag.getAttributes().get(InternalXdsAttributes.ATTR_SSL_CONTEXT_PROVIDER_SUPPLIER); - if (enableSecurity) { - assertThat(supplier.isShutdown()).isFalse(); - assertThat(supplier.getTlsContext()).isEqualTo(upstreamTlsContext); - } else { - assertThat(supplier).isNull(); - } + assertThat(supplier.isShutdown()).isFalse(); + assertThat(supplier.getTlsContext()).isEqualTo(upstreamTlsContext); } loadBalancer.shutdown(); for (EquivalentAddressGroup eag : subchannel.getAllAddresses()) { SslContextProviderSupplier supplier = eag.getAttributes().get(InternalXdsAttributes.ATTR_SSL_CONTEXT_PROVIDER_SUPPLIER); - if (enableSecurity) { - assertThat(supplier.isShutdown()).isTrue(); - } + assertThat(supplier.isShutdown()).isTrue(); } loadBalancer = null; }