Bump grpc-core from 1.36.1 to 1.37.0

[dependabot]

Bumps grpc-core from 1.36.1 to 1.37.0.

Release notes

Sourced from grpc-core's releases.

v1.37.0

Behavior Changes

• alts: make both GoogleDefaultChannelCredentials and ComputeEngineChannelCredentials choose ALTS for backends given by xDS TD. Changes for ComputeEngineChannelCredentials were missing, but they really should be the same.
• api: added a convenient ServerBuilder.addServices() API that allows adding a list of services instead of iterating through list and calling addService().
• api: deleted some NameResolver APIs that have been marked as deprecated since 1.21 release.
• api: implemented admin interface API, which automatically loads available admin services in a given binary. Currently, it only includes Channelz and CSDS with dependencies required at runtime.
• context: move pendingDeadline.cancel out of synchronized block.
• netty: allow connection handshakes (e.g., TCP, TLS) to be interrupted by channel.shutdown(). Previously shutdownNow() was required for prompt shutdown if a connection was handshaking.
• xds: change in parsing ADS responses for LDS, RDS, CDS, and EDS resources. Before this release, gRPC parsing logic for ADS response containing multiple resources was to stop resource processing on the first encountered error, followed by NACK with the details of this single error. With this change, the parsing logic processes all resources and collects all processing errors. If any error occurred, a NACK is issued with concatenated error messages of all errors encountered. The rationale and the detailed design can be found in gRFC A40 — ADS Parsing Logic Update: Continue After First Error.
• xds: change system property name for reading bootstrap config from io.grpc.xds.bootstrapValue to io.grpc.xds.bootstrapConfig.
• xds: circuit breaking, timeout and fault injection are enabled by default. Previously they were protected by environment variables.
• xds: use the new server_listener_resource_name_template property from the bootstrap file for server side xDS processing as per the gRFC A36-xds-for-servers.md.

New Features

• api: TlsChannelCredentials and TlsServerCredentials now support client certificates and custom KeyManagers/TrustManagers. grpc-netty fully supports these options. grpc-okhttp does not support keyfile-based configuration; you’d need to use a KeyManager. Most users of Netty’s SslContext and GrpcSslContexts should be able to migrate and are encouraged to do so, because this API does not have a Netty dependency and so is planned to become stable.
• netty: added support for OpenJSSE.
• okhttp: support compiling with okio 2.x API for Bazel users. grpc-okhttp was already compatible with okio 2 at runtime.
• xds: XdsServingStatusListener has been implemented as per the gRFC A36-xds-for-servers.md.
• xds: add proto leakage check at gradle build. Create a new Gradle task depends on shadowJar. It examines the outputs of shadowJar package prefix to make sure it is inside within the package.
• xds: added CsdsService. It is safe for production but are Experimental APIs to resolve issues discovered as they see usage. The rationale and description of the new API can be found in gRFC A40: xDS Configuration Dump via Client Status Discovery Service in gRPC.
• xds: implement gRPC server side validations and filterChain match of xDS configuration as per the gRFC A36-xds-for-servers.md.
• xds: WeightedTargetLoadBalancer collect all failure child pickers to log more error details.

Bug Fixes

• grpclb: gRPCLB would buffer RPCs indefinitely if failing to fallback because the resolver provides no fallback addresses. Now it turns into TRANSIENT_FAILURE for such cases.
• xds: fix CdsLoadBalancer2 childLb shutdown behavior. Previously these childLbs are not properly shutdown, which might cause channel panic as client channel is referenced by those childLbs.
• Fixed an UnsupportedOperationException incompatibility with Netty 4.1.60.Final (#7953). This allows users of grpc-netty that may be using Netty elsewhere in their application to upgrade their Netty version to avoid exposure to recent Netty CVEs. gRPC itself is not impacted by those CVEs.
• grpclb: fixed a race between address update and LB stream recreation, which would cause channel panic if the resolver refreshes the result while gRPCLB is in LB stream backoff.
• grpclb: gRPCLB ignored CONNECTING subchannels when aggregating the overall LB state, which would cause RPCs to fail prematurely if there are subchannels in its initial connection.
• grpclb: now we allow multiple authorities in lb backends instead of flattening to the first authority.
• interop-testing: fix alts handshaking race: add proper synchronization on the AltsTestServer object lock, this way, alts client and alts server won’t race on the AltsTestServer during Alts handshake negotiation.
• xds: fixed a bug that would drop some node information (e.g., user-agent) when reporting to LRS (#7964).
• xds: the xDS resolver did not clear its state when control plane resources were revoked before offloading the xDS LB plugin. It would treat the next update as duplicate if the control plane recovers and never comes back to use those resources. Now this is fixed.

Documentation

• example-tls: ported to TlsChannelCredentials/TlsServerCredentials and no longer depends on Netty at compile time.
• examples: add ALTS example README.md.

Dependencies

• gradle: bumped protobuf-gradle-plugin version to 0.8.15
• xds: envoy proto updated to commit ac9a26373. Added xDS v3 csds.proto with dependencies.

Acknowledgements

@​spkrka Kristofer Karlsson @​njhill Nick Hill @​ulfjack Ulf Adams

Commits

• 3836caa Bump version to 1.37.0
• 731d4ec Update README etc to reference 1.37.0
• 52a8450 xds: cache bootstrapInfo in the SslContextProviderFactory to prevent rereadin...
• c5fa257 bom: Do not include grpc-binder (#8038)
• 5090382 xds: Fix validation of HCM filter and Router httpFilter (#8039) (#8046)
• 7590bd1 netty: Add support for OpenJSSE
• 80585a4 xds: move the state check logic to delegate and eliminate boilerplate code (#...
• 828b03d xds: add CsdsService
• b417b70 xds: add csds.proto (v3) with dependencies, generated code
• ad2b264 xds: update (local) configurations atomically for each LDS/RDS resource updat...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[dependabot]

Looks like io.grpc:grpc-core is up-to-date now, so this is no longer needed.