istio · istio-testing · Aug 29, 2022 · Aug 17, 2022
@@ -178,7 +178,7 @@ func registerStringParameter(name, value, usage string) {
 	envName := strings.Replace(strings.ToUpper(name), "-", "_", -1)
 	// Note: we do not rely on istio env package to retrieve configuration. We relies on viper.
 	// This is just to make sure the reference doc tool can generate doc with these vars as env variable at istio.io.
-	env.RegisterStringVar(envName, value, usage)
+	env.Register(envName, value, usage)
 	bindViper(name)
 }
 
@@ -187,7 +187,7 @@ func registerStringArrayParameter(name string, value []string, usage string) {
 	envName := strings.Replace(strings.ToUpper(name), "-", "_", -1)
 	// Note: we do not rely on istio env package to retrieve configuration. We relies on viper.
 	// This is just to make sure the reference doc tool can generate doc with these vars as env variable at istio.io.
-	env.RegisterStringVar(envName, strings.Join(value, ","), usage)
+	env.Register(envName, strings.Join(value, ","), usage)
 	bindViper(name)
 }
 
@@ -196,7 +196,7 @@ func registerIntegerParameter(name string, value int, usage string) {
 	envName := strings.Replace(strings.ToUpper(name), "-", "_", -1)
 	// Note: we do not rely on istio env package to retrieve configuration. We relies on viper.
 	// This is just to make sure the reference doc tool can generate doc with these vars as env variable at istio.io.
-	env.RegisterIntVar(envName, value, usage)
+	env.Register(envName, value, usage)
 	bindViper(name)
 }
 
@@ -205,7 +205,7 @@ func registerBooleanParameter(name string, value bool, usage string) {
 	rootCmd.Flags().Bool(name, value, usage)
 	// Note: we do not rely on istio env package to retrieve configuration. We relies on viper.
 	// This is just to make sure the reference doc tool can generate doc with these vars as env variable at istio.io.
-	env.RegisterBoolVar(envName, value, usage)
+	env.Register(envName, value, usage)
 	bindViper(name)
 }
 

@@ -20,7 +20,7 @@ import (
 	"istio.io/pkg/env"
 )
 
-var dryRunFilePath = env.RegisterStringVar("DRY_RUN_FILE_PATH", "",
+var dryRunFilePath = env.Register("DRY_RUN_FILE_PATH", "",
 	"If provided, CNI will dry run iptables rule apply, and print the applied rules to the given file.")
 
 type iptables struct{}

@@ -28,15 +28,15 @@ import (
 )
 
 // settableFlags are the flags used to istioctl
-var settableFlags = map[string]any{
-	"istioNamespace":      env.RegisterStringVar("ISTIOCTL_ISTIONAMESPACE", constants.IstioSystemNamespace, "The istioctl --istioNamespace override"),
-	"xds-address":         env.RegisterStringVar("ISTIOCTL_XDS_ADDRESS", "", "The istioctl --xds-address override"),
-	"xds-port":            env.RegisterIntVar("ISTIOCTL_XDS_PORT", 15012, "The istioctl --xds-port override"),
-	"authority":           env.RegisterStringVar("ISTIOCTL_AUTHORITY", "", "The istioctl --authority override"),
-	"cert-dir":            env.RegisterStringVar("ISTIOCTL_CERT_DIR", "", "The istioctl --cert-dir override"),
-	"insecure":            env.RegisterBoolVar("ISTIOCTL_INSECURE", false, "The istioctl --insecure override"),
-	"prefer-experimental": env.RegisterBoolVar("ISTIOCTL_PREFER_EXPERIMENTAL", false, "The istioctl should use experimental subcommand variants"),
-	"plaintext":           env.RegisterBoolVar("ISTIOCTL_PLAINTEXT", false, "The istioctl --plaintext override"),
+var settableFlags = map[string]env.VariableInfo{
+	"istioNamespace":      env.Register("ISTIOCTL_ISTIONAMESPACE", constants.IstioSystemNamespace, "The istioctl --istioNamespace override"),
+	"xds-address":         env.Register("ISTIOCTL_XDS_ADDRESS", "", "The istioctl --xds-address override"),
+	"xds-port":            env.Register("ISTIOCTL_XDS_PORT", 15012, "The istioctl --xds-port override"),
+	"authority":           env.Register("ISTIOCTL_AUTHORITY", "", "The istioctl --authority override"),
+	"cert-dir":            env.Register("ISTIOCTL_CERT_DIR", "", "The istioctl --cert-dir override"),
+	"insecure":            env.Register("ISTIOCTL_INSECURE", false, "The istioctl --insecure override"),
+	"prefer-experimental": env.Register("ISTIOCTL_PREFER_EXPERIMENTAL", false, "The istioctl should use experimental subcommand variants"),
+	"plaintext":           env.Register("ISTIOCTL_PLAINTEXT", false, "The istioctl --plaintext override"),
 }
 
 // configCmd represents the config subcommand command
@@ -84,10 +84,10 @@ func runList(writer io.Writer) error {
 	return w.Flush()
 }
 
-func configSource(flag string, v any) string {
+func configSource(flag string, v env.VariableInfo) string {
 	// Environment variables have high precedence in Viper
-	if isVarSet(v) {
-		return "$" + getVarVar(v).Name
+	if v.IsSet() {
+		return "$" + v.GetName()
 	}
 
 	if viper.InConfig(flag) {
@@ -96,42 +96,3 @@ func configSource(flag string, v any) string {
 
 	return "default"
 }
-
-func getVarVar(v any) env.Var {
-	switch ev := v.(type) {
-	case env.StringVar:
-		return ev.Var
-	case env.BoolVar:
-		return ev.Var
-	case env.IntVar:
-		return ev.Var
-	case env.DurationVar:
-		return ev.Var
-	case env.FloatVar:
-		return ev.Var
-	default:
-		panic(fmt.Sprintf("Unexpected environment var type %v", v))
-	}
-}
-
-func isVarSet(v any) bool {
-	switch ev := v.(type) {
-	case env.StringVar:
-		_, ok := ev.Lookup()
-		return ok
-	case env.BoolVar:
-		_, ok := ev.Lookup()
-		return ok
-	case env.IntVar:
-		_, ok := ev.Lookup()
-		return ok
-	case env.DurationVar:
-		_, ok := ev.Lookup()
-		return ok
-	case env.FloatVar:
-		_, ok := ev.Lookup()
-		return ok
-	default:
-		panic(fmt.Sprintf("Unexpected environment var type %v", v))
-	}
-}
@@ -65,7 +65,7 @@ const (
 
 var (
 	// IstioConfig is the name of the istioctl config file (if any)
-	IstioConfig = env.RegisterStringVar("ISTIOCONFIG", defaultIstioctlConfig,
+	IstioConfig = env.Register("ISTIOCONFIG", defaultIstioctlConfig,
 		"Default values for istioctl flags").Get()
 
 	kubeconfig       string

@@ -38,7 +38,7 @@ const (
 var (
 	MsgOutputFormatKeys = []string{LogFormat, JSONFormat, YAMLFormat}
 	MsgOutputFormats    = make(map[string]bool)
-	termEnvVar          = env.RegisterStringVar("TERM", "", "Specifies terminal type.  Use 'dumb' to suppress color output")
+	termEnvVar          = env.Register("TERM", "", "Specifies terminal type.  Use 'dumb' to suppress color output")
 )
 
 func init() {

@@ -27,129 +27,129 @@ import (
 )
 
 var (
-	InstanceIPVar        = env.RegisterStringVar("INSTANCE_IP", "", "")
-	PodNameVar           = env.RegisterStringVar("POD_NAME", "", "")
-	PodNamespaceVar      = env.RegisterStringVar("POD_NAMESPACE", "", "")
-	kubeAppProberNameVar = env.RegisterStringVar(status.KubeAppProberEnvName, "", "")
-	ProxyConfigEnv       = env.RegisterStringVar(
+	InstanceIPVar        = env.Register("INSTANCE_IP", "", "")
+	PodNameVar           = env.Register("POD_NAME", "", "")
+	PodNamespaceVar      = env.Register("POD_NAMESPACE", "", "")
+	kubeAppProberNameVar = env.Register(status.KubeAppProberEnvName, "", "")
+	ProxyConfigEnv       = env.Register(
 		"PROXY_CONFIG",
 		"",
 		"The proxy configuration. This will be set by the injection - gateways will use file mounts.",
 	).Get()
 
-	serviceAccountVar = env.RegisterStringVar("SERVICE_ACCOUNT", "", "Name of service account")
-	clusterIDVar      = env.RegisterStringVar("ISTIO_META_CLUSTER_ID", "", "")
+	serviceAccountVar = env.Register("SERVICE_ACCOUNT", "", "Name of service account")
+	clusterIDVar      = env.Register("ISTIO_META_CLUSTER_ID", "", "")
 	// Provider for XDS auth, e.g., gcp. By default, it is empty, meaning no auth provider.
-	xdsAuthProvider = env.RegisterStringVar("XDS_AUTH_PROVIDER", "", "Provider for XDS auth")
+	xdsAuthProvider = env.Register("XDS_AUTH_PROVIDER", "", "Provider for XDS auth")
 
-	jwtPolicy = env.RegisterStringVar("JWT_POLICY", jwt.PolicyThirdParty,
+	jwtPolicy = env.Register("JWT_POLICY", jwt.PolicyThirdParty,
 		"The JWT validation policy.")
 	// ProvCert is the environment controlling the use of pre-provisioned certs, for VMs.
 	// May also be used in K8S to use a Secret to bootstrap (as a 'refresh key'), but use short-lived tokens
 	// with extra SAN (labels, etc) in data path.
-	provCert = env.RegisterStringVar("PROV_CERT", "",
+	provCert = env.Register("PROV_CERT", "",
 		"Set to a directory containing provisioned certs, for VMs").Get()
 
 	// set to "SYSTEM" for ACME/public signed XDS servers.
-	xdsRootCA = env.RegisterStringVar("XDS_ROOT_CA", "",
+	xdsRootCA = env.Register("XDS_ROOT_CA", "",
 		"Explicitly set the root CA to expect for the XDS connection.").Get()
 
 	// set to "SYSTEM" for ACME/public signed CA servers.
-	caRootCA = env.RegisterStringVar("CA_ROOT_CA", "",
+	caRootCA = env.Register("CA_ROOT_CA", "",
 		"Explicitly set the root CA to expect for the CA connection.").Get()
 
-	outputKeyCertToDir = env.RegisterStringVar("OUTPUT_CERTS", "",
+	outputKeyCertToDir = env.Register("OUTPUT_CERTS", "",
 		"The output directory for the key and certificate. If empty, key and certificate will not be saved. "+
 			"Must be set for VMs using provisioning certificates.").Get()
 
-	caProviderEnv = env.RegisterStringVar("CA_PROVIDER", "Citadel", "name of authentication provider").Get()
-	caEndpointEnv = env.RegisterStringVar("CA_ADDR", "", "Address of the spiffe certificate provider. Defaults to discoveryAddress").Get()
+	caProviderEnv = env.Register("CA_PROVIDER", "Citadel", "name of authentication provider").Get()
+	caEndpointEnv = env.Register("CA_ADDR", "", "Address of the spiffe certificate provider. Defaults to discoveryAddress").Get()
 
-	trustDomainEnv = env.RegisterStringVar("TRUST_DOMAIN", "cluster.local",
+	trustDomainEnv = env.Register("TRUST_DOMAIN", "cluster.local",
 		"The trust domain for spiffe certificates").Get()
 
-	secretTTLEnv = env.RegisterDurationVar("SECRET_TTL", 24*time.Hour,
+	secretTTLEnv = env.Register("SECRET_TTL", 24*time.Hour,
 		"The cert lifetime requested by istio agent").Get()
 
-	fileDebounceDuration = env.RegisterDurationVar("FILE_DEBOUNCE_DURATION", 100*time.Millisecond,
+	fileDebounceDuration = env.Register("FILE_DEBOUNCE_DURATION", 100*time.Millisecond,
 		"The duration for which the file read operation is delayed once file update is detected").Get()
 
-	secretRotationGracePeriodRatioEnv = env.RegisterFloatVar("SECRET_GRACE_PERIOD_RATIO", 0.5,
+	secretRotationGracePeriodRatioEnv = env.Register("SECRET_GRACE_PERIOD_RATIO", 0.5,
 		"The grace period ratio for the cert rotation, by default 0.5.").Get()
-	workloadRSAKeySizeEnv = env.RegisterIntVar("WORKLOAD_RSA_KEY_SIZE", 2048,
+	workloadRSAKeySizeEnv = env.Register("WORKLOAD_RSA_KEY_SIZE", 2048,
 		"Specify the RSA key size to use for workload certificates.").Get()
-	pkcs8KeysEnv = env.RegisterBoolVar("PKCS8_KEY", false,
+	pkcs8KeysEnv = env.Register("PKCS8_KEY", false,
 		"Whether to generate PKCS#8 private keys").Get()
-	eccSigAlgEnv        = env.RegisterStringVar("ECC_SIGNATURE_ALGORITHM", "", "The type of ECC signature algorithm to use when generating private keys").Get()
-	fileMountedCertsEnv = env.RegisterBoolVar("FILE_MOUNTED_CERTS", false, "").Get()
-	credFetcherTypeEnv  = env.RegisterStringVar("CREDENTIAL_FETCHER_TYPE", security.JWT,
+	eccSigAlgEnv        = env.Register("ECC_SIGNATURE_ALGORITHM", "", "The type of ECC signature algorithm to use when generating private keys").Get()
+	fileMountedCertsEnv = env.Register("FILE_MOUNTED_CERTS", false, "").Get()
+	credFetcherTypeEnv  = env.Register("CREDENTIAL_FETCHER_TYPE", security.JWT,
 		"The type of the credential fetcher. Currently supported types include GoogleComputeEngine").Get()
-	credIdentityProvider = env.RegisterStringVar("CREDENTIAL_IDENTITY_PROVIDER", "GoogleComputeEngine",
+	credIdentityProvider = env.Register("CREDENTIAL_IDENTITY_PROVIDER", "GoogleComputeEngine",
 		"The identity provider for credential. Currently default supported identity provider is GoogleComputeEngine").Get()
-	proxyXDSDebugViaAgent = env.RegisterBoolVar("PROXY_XDS_DEBUG_VIA_AGENT", true,
+	proxyXDSDebugViaAgent = env.Register("PROXY_XDS_DEBUG_VIA_AGENT", true,
 		"If set to true, the agent will listen on tap port and offer pilot's XDS istio.io/debug debug API there.").Get()
-	proxyXDSDebugViaAgentPort = env.RegisterIntVar("PROXY_XDS_DEBUG_VIA_AGENT_PORT", 15004,
+	proxyXDSDebugViaAgentPort = env.Register("PROXY_XDS_DEBUG_VIA_AGENT_PORT", 15004,
 		"Agent debugging port.").Get()
 	// DNSCaptureByAgent is a copy of the env var in the init code.
-	DNSCaptureByAgent = env.RegisterBoolVar("ISTIO_META_DNS_CAPTURE", false,
+	DNSCaptureByAgent = env.Register("ISTIO_META_DNS_CAPTURE", false,
 		"If set to true, enable the capture of outgoing DNS packets on port 53, redirecting to istio-agent on :15053")
 
 	// DNSCaptureAddr is the address to listen.
-	DNSCaptureAddr = env.RegisterStringVar("DNS_PROXY_ADDR", "localhost:15053",
+	DNSCaptureAddr = env.Register("DNS_PROXY_ADDR", "localhost:15053",
 		"Custom address for the DNS proxy. If it ends with :53 and running as root allows running without iptable DNS capture")
 
-	DNSForwardParallel = env.RegisterBoolVar("DNS_FORWARD_PARALLEL", false,
+	DNSForwardParallel = env.Register("DNS_FORWARD_PARALLEL", false,
 		"If set to true, agent will send parallel DNS queries to all upstream nameservers")
 
 	// Ability of istio-agent to retrieve proxyConfig via XDS for dynamic configuration updates
-	enableProxyConfigXdsEnv = env.RegisterBoolVar("PROXY_CONFIG_XDS_AGENT", false,
+	enableProxyConfigXdsEnv = env.Register("PROXY_CONFIG_XDS_AGENT", false,
 		"If set to true, agent retrieves dynamic proxy-config updates via xds channel").Get()
 
-	wasmInsecureRegistries = env.RegisterStringVar("WASM_INSECURE_REGISTRIES", "",
+	wasmInsecureRegistries = env.Register("WASM_INSECURE_REGISTRIES", "",
 		"allow agent pull wasm plugin from insecure registries or https server, for example: 'localhost:5000,docker-registry:5000'").Get()
 
-	wasmModuleExpiry = env.RegisterDurationVar("WASM_MODULE_EXPIRY", wasm.DefaultModuleExpiry,
+	wasmModuleExpiry = env.Register("WASM_MODULE_EXPIRY", wasm.DefaultModuleExpiry,
 		"cache expiration duration for a wasm module.").Get()
 
-	wasmPurgeInterval = env.RegisterDurationVar("WASM_PURGE_INTERVAL", wasm.DefaultPurgeInterval,
+	wasmPurgeInterval = env.Register("WASM_PURGE_INTERVAL", wasm.DefaultPurgeInterval,
 		"interval between checking the expiration of wasm modules").Get()
 
-	wasmHTTPRequestTimeout = env.RegisterDurationVar("WASM_HTTP_REQUEST_TIMEOUT", wasm.DefaultHTTPRequestTimeout,
+	wasmHTTPRequestTimeout = env.Register("WASM_HTTP_REQUEST_TIMEOUT", wasm.DefaultHTTPRequestTimeout,
 		"timeout per a HTTP request for pulling a Wasm module via http/https").Get()
 
-	wasmHTTPRequestMaxRetries = env.RegisterIntVar("WASM_HTTP_REQUEST_MAX_RETRIES", wasm.DefaultHTTPRequestMaxRetries,
+	wasmHTTPRequestMaxRetries = env.Register("WASM_HTTP_REQUEST_MAX_RETRIES", wasm.DefaultHTTPRequestMaxRetries,
 		"maximum number of HTTP/HTTPS request retries for pulling a Wasm module via http/https").Get()
 
 	// Ability of istio-agent to retrieve bootstrap via XDS
-	enableBootstrapXdsEnv = env.RegisterBoolVar("BOOTSTRAP_XDS_AGENT", false,
+	enableBootstrapXdsEnv = env.Register("BOOTSTRAP_XDS_AGENT", false,
 		"If set to true, agent retrieves the bootstrap configuration prior to starting Envoy").Get()
 
-	envoyStatusPortEnv = env.RegisterIntVar("ENVOY_STATUS_PORT", 15021,
+	envoyStatusPortEnv = env.Register("ENVOY_STATUS_PORT", 15021,
 		"Envoy health status port value").Get()
-	envoyPrometheusPortEnv = env.RegisterIntVar("ENVOY_PROMETHEUS_PORT", 15090,
+	envoyPrometheusPortEnv = env.Register("ENVOY_PROMETHEUS_PORT", 15090,
 		"Envoy prometheus redirection port value").Get()
 
 	// Defined by https://github.com/grpc/proposal/blob/c5722a35e71f83f07535c6c7c890cf0c58ec90c0/A27-xds-global-load-balancing.md#xdsclient-and-bootstrap-file
-	grpcBootstrapEnv = env.RegisterStringVar("GRPC_XDS_BOOTSTRAP", filepath.Join(constants.ConfigPathDir, "grpc-bootstrap.json"),
+	grpcBootstrapEnv = env.Register("GRPC_XDS_BOOTSTRAP", filepath.Join(constants.ConfigPathDir, "grpc-bootstrap.json"),
 		"Path where gRPC expects to read a bootstrap file. Agent will generate one if set.").Get()
 
-	disableEnvoyEnv = env.RegisterBoolVar("DISABLE_ENVOY", false,
+	disableEnvoyEnv = env.Register("DISABLE_ENVOY", false,
 		"Disables all Envoy agent features.").Get()
 
 	// certSigner is cert signer for workload cert
-	certSigner = env.RegisterStringVar("ISTIO_META_CERT_SIGNER", "",
+	certSigner = env.Register("ISTIO_META_CERT_SIGNER", "",
 		"The cert signer info for workload cert")
 
-	istiodSAN = env.RegisterStringVar("ISTIOD_SAN", "",
+	istiodSAN = env.Register("ISTIOD_SAN", "",
 		"Override the ServerName used to validate Istiod certificate. "+
 			"Can be used as an alternative to setting /etc/hosts for VMs - discovery address will be an IP:port")
 
-	minimumDrainDurationEnv = env.RegisterDurationVar("MINIMUM_DRAIN_DURATION",
+	minimumDrainDurationEnv = env.Register("MINIMUM_DRAIN_DURATION",
 		5*time.Second,
 		"The minimum duration for which agent waits before it checks for active connections and terminates proxy"+
 			"when number of active connections become zero").Get()
 
-	exitOnZeroActiveConnectionsEnv = env.RegisterBoolVar("EXIT_ON_ZERO_ACTIVE_CONNECTIONS",
+	exitOnZeroActiveConnectionsEnv = env.Register("EXIT_ON_ZERO_ACTIVE_CONNECTIONS",
 		false,
 		"When set to true, terminates proxy when number of active connections become zero during draining").Get()
 )
@@ -79,20 +79,20 @@ var (
 	UpstreamLocalAddressIPv6 = &net.TCPAddr{IP: net.ParseIP("::6")}
 )
 
-var PrometheusScrapingConfig = env.RegisterStringVar("ISTIO_PROMETHEUS_ANNOTATIONS", "", "")
+var PrometheusScrapingConfig = env.Register("ISTIO_PROMETHEUS_ANNOTATIONS", "", "")
 
 var (
 	appProberPattern = regexp.MustCompile(`^/app-health/[^/]+/(livez|readyz|startupz)$`)
 
 	promRegistry *prometheus.Registry
 
-	EnableHTTP2Probing = env.RegisterBoolVar("ISTIO_ENABLE_HTTP2_PROBING", true,
+	EnableHTTP2Probing = env.Register("ISTIO_ENABLE_HTTP2_PROBING", true,
 		"If enabled, HTTP2 probes will be enabled for HTTPS probes, following Kubernetes").Get()
 
-	LegacyLocalhostProbeDestination = env.RegisterBoolVar("REWRITE_PROBE_LEGACY_LOCALHOST_DESTINATION", false,
+	LegacyLocalhostProbeDestination = env.Register("REWRITE_PROBE_LEGACY_LOCALHOST_DESTINATION", false,
 		"If enabled, readiness probes will be sent to 'localhost'. Otherwise, they will be sent to the Pod's IP, matching Kubernetes' behavior.")
 
-	ProbeKeepaliveConnections = env.RegisterBoolVar("ENABLE_PROBE_KEEPALIVE_CONNECTIONS", false,
+	ProbeKeepaliveConnections = env.Register("ENABLE_PROBE_KEEPALIVE_CONNECTIONS", false,
 		"If enabled, readiness probes will keep the connection from pilot-agent to the application alive. "+
 			"This mirrors older Istio versions' behaviors, but not kubelet's.").Get()
 )