mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-28 18:06:34 +02:00
core/envoyconfig: make adding ipv6 addresses to internal cidr list conditional on ipv6 support on the system (#5538) (#5539)
This commit is contained in:
Denis Mishin
GitHub
parent
839bedac80
commit
dcb10b1727
22 changed files with 86 additions and 75 deletions
|
|
@ -8,7 +8,7 @@ import (
|
|||
)
|
||||
|
||||
func TestBuilder_buildACMETLSALPNCluster(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil, true)
|
||||
testutil.AssertProtoJSONEqual(t,
|
||||
`{
|
||||
"name": "pomerium-acme-tls-alpn",
|
||||
|
|
@ -34,7 +34,7 @@ func TestBuilder_buildACMETLSALPNCluster(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestBuilder_buildACMETLSALPNFilterChain(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil, true)
|
||||
testutil.AssertProtoJSONEqual(t,
|
||||
`{
|
||||
"filterChainMatch": {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import (
|
|||
|
||||
func TestBuilder_BuildBootstrapAdmin(t *testing.T) {
|
||||
t.Setenv("TMPDIR", "/tmp")
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
t.Run("valid", func(t *testing.T) {
|
||||
adminCfg, err := b.BuildBootstrapAdmin(&config.Config{
|
||||
Options: &config.Options{
|
||||
|
|
@ -35,7 +35,7 @@ func TestBuilder_BuildBootstrapAdmin(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestBuilder_BuildBootstrapLayeredRuntime(t *testing.T) {
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil)
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil, true)
|
||||
staticCfg, err := b.BuildBootstrapLayeredRuntime(context.Background(), &config.Config{})
|
||||
assert.NoError(t, err)
|
||||
testutil.AssertProtoJSONEqual(t, `
|
||||
|
|
@ -61,7 +61,7 @@ func TestBuilder_BuildBootstrapLayeredRuntime(t *testing.T) {
|
|||
|
||||
func TestBuilder_BuildBootstrapStaticResources(t *testing.T) {
|
||||
t.Run("valid", func(t *testing.T) {
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil)
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil, true)
|
||||
staticCfg, err := b.BuildBootstrapStaticResources(context.Background(), &config.Config{}, false)
|
||||
assert.NoError(t, err)
|
||||
testutil.AssertProtoJSONEqual(t, `
|
||||
|
|
@ -105,14 +105,14 @@ func TestBuilder_BuildBootstrapStaticResources(t *testing.T) {
|
|||
`, staticCfg)
|
||||
})
|
||||
t.Run("bad gRPC address", func(t *testing.T) {
|
||||
b := New("xyz:zyx", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil)
|
||||
b := New("xyz:zyx", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil, true)
|
||||
_, err := b.BuildBootstrapStaticResources(context.Background(), &config.Config{}, false)
|
||||
assert.Error(t, err)
|
||||
})
|
||||
}
|
||||
|
||||
func TestBuilder_BuildBootstrapStatsConfig(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
t.Run("valid", func(t *testing.T) {
|
||||
statsCfg, err := b.BuildBootstrapStatsConfig(&config.Config{
|
||||
Options: &config.Options{
|
||||
|
|
@ -132,7 +132,7 @@ func TestBuilder_BuildBootstrapStatsConfig(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestBuilder_BuildBootstrap(t *testing.T) {
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil)
|
||||
b := New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil, true)
|
||||
t.Run("OverloadManager", func(t *testing.T) {
|
||||
bootstrap, err := b.BuildBootstrap(context.Background(), &config.Config{
|
||||
Options: &config.Options{
|
||||
|
|
|
|||
|
|
@ -7,11 +7,12 @@ import (
|
|||
|
||||
// A Builder builds envoy config from pomerium config.
|
||||
type Builder struct {
|
||||
localGRPCAddress string
|
||||
localHTTPAddress string
|
||||
localMetricsAddress string
|
||||
filemgr *filemgr.Manager
|
||||
reproxy *reproxy.Handler
|
||||
localGRPCAddress string
|
||||
localHTTPAddress string
|
||||
localMetricsAddress string
|
||||
filemgr *filemgr.Manager
|
||||
reproxy *reproxy.Handler
|
||||
addIPV6InternalRanges bool
|
||||
}
|
||||
|
||||
// New creates a new Builder.
|
||||
|
|
@ -21,15 +22,17 @@ func New(
|
|||
localMetricsAddress string,
|
||||
fileManager *filemgr.Manager,
|
||||
reproxyHandler *reproxy.Handler,
|
||||
addIPV6InternalRanges bool,
|
||||
) *Builder {
|
||||
if reproxyHandler == nil {
|
||||
reproxyHandler = reproxy.New()
|
||||
}
|
||||
return &Builder{
|
||||
localGRPCAddress: localGRPCAddress,
|
||||
localHTTPAddress: localHTTPAddress,
|
||||
localMetricsAddress: localMetricsAddress,
|
||||
filemgr: fileManager,
|
||||
reproxy: reproxyHandler,
|
||||
localGRPCAddress: localGRPCAddress,
|
||||
localHTTPAddress: localHTTPAddress,
|
||||
localMetricsAddress: localMetricsAddress,
|
||||
filemgr: fileManager,
|
||||
reproxy: reproxyHandler,
|
||||
addIPV6InternalRanges: addIPV6InternalRanges,
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ func Test_BuildClusters(t *testing.T) {
|
|||
|
||||
opts := config.NewDefaultOptions()
|
||||
ctx := context.Background()
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
clusters, err := b.BuildClusters(ctx, &config.Config{Options: opts})
|
||||
require.NoError(t, err)
|
||||
testutil.AssertProtoJSONFileEqual(t, "testdata/clusters.json", clusters)
|
||||
|
|
@ -38,7 +38,7 @@ func Test_buildPolicyTransportSocket(t *testing.T) {
|
|||
cacheDir, _ := os.UserCacheDir()
|
||||
customCA := filepath.Join(cacheDir, "pomerium", "envoy", "files", "custom-ca-3133535332543131503345494c.pem")
|
||||
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
rootCABytes, _ := getCombinedCertificateAuthority(ctx, &config.Config{Options: &config.Options{}})
|
||||
rootCA := b.filemgr.BytesDataSource("ca.pem", rootCABytes).GetFilename()
|
||||
|
||||
|
|
@ -517,7 +517,7 @@ func Test_buildPolicyTransportSocket(t *testing.T) {
|
|||
|
||||
func Test_buildCluster(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
rootCABytes, _ := getCombinedCertificateAuthority(ctx, &config.Config{Options: &config.Options{}})
|
||||
rootCA := b.filemgr.BytesDataSource("ca.pem", rootCABytes).GetFilename()
|
||||
o1 := config.NewDefaultOptions()
|
||||
|
|
@ -1012,7 +1012,7 @@ func Test_bindConfig(t *testing.T) {
|
|||
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*10)
|
||||
defer clearTimeout()
|
||||
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
t.Run("no bind config", func(t *testing.T) {
|
||||
cluster, err := b.buildPolicyCluster(ctx, &config.Config{Options: &config.Options{}}, &config.Policy{
|
||||
From: "https://from.example.com",
|
||||
|
|
|
|||
|
|
@ -44,10 +44,10 @@ func ExtAuthzFilter(grpcClientTimeout *durationpb.Duration) *envoy_extensions_fi
|
|||
}
|
||||
|
||||
// HTTPConnectionManagerFilter creates a new HTTP connection manager filter.
|
||||
func HTTPConnectionManagerFilter(
|
||||
func (b *Builder) HTTPConnectionManagerFilter(
|
||||
httpConnectionManager *envoy_extensions_filters_network_http_connection_manager.HttpConnectionManager,
|
||||
) *envoy_config_listener_v3.Filter {
|
||||
applyGlobalHTTPConnectionManagerOptions(httpConnectionManager)
|
||||
b.applyGlobalHTTPConnectionManagerOptions(httpConnectionManager)
|
||||
return &envoy_config_listener_v3.Filter{
|
||||
Name: "envoy.filters.network.http_connection_manager",
|
||||
ConfigType: &envoy_config_listener_v3.Filter_TypedConfig{
|
||||
|
|
|
|||
|
|
@ -128,23 +128,29 @@ func (b *Builder) buildLocalReplyConfig(
|
|||
}, nil
|
||||
}
|
||||
|
||||
func applyGlobalHTTPConnectionManagerOptions(hcm *envoy_http_connection_manager.HttpConnectionManager) {
|
||||
func (b *Builder) applyGlobalHTTPConnectionManagerOptions(hcm *envoy_http_connection_manager.HttpConnectionManager) {
|
||||
if hcm.InternalAddressConfig == nil {
|
||||
// see doc comment on InternalAddressConfig for details
|
||||
hcm.InternalAddressConfig = &envoy_http_connection_manager.HttpConnectionManager_InternalAddressConfig{
|
||||
CidrRanges: []*envoy_config_core_v3.CidrRange{
|
||||
// localhost
|
||||
{AddressPrefix: "127.0.0.1", PrefixLen: wrapperspb.UInt32(32)},
|
||||
ranges := []*envoy_config_core_v3.CidrRange{
|
||||
// localhost
|
||||
{AddressPrefix: "127.0.0.1", PrefixLen: wrapperspb.UInt32(32)},
|
||||
|
||||
// RFC1918
|
||||
{AddressPrefix: "10.0.0.0", PrefixLen: wrapperspb.UInt32(8)},
|
||||
{AddressPrefix: "192.168.0.0", PrefixLen: wrapperspb.UInt32(16)},
|
||||
{AddressPrefix: "172.16.0.0", PrefixLen: wrapperspb.UInt32(12)},
|
||||
}
|
||||
if b.addIPV6InternalRanges {
|
||||
ranges = append(ranges, []*envoy_config_core_v3.CidrRange{
|
||||
// Localhost IPv6
|
||||
{AddressPrefix: "::1", PrefixLen: wrapperspb.UInt32(128)},
|
||||
|
||||
// RFC1918
|
||||
{AddressPrefix: "10.0.0.0", PrefixLen: wrapperspb.UInt32(8)},
|
||||
{AddressPrefix: "192.168.0.0", PrefixLen: wrapperspb.UInt32(16)},
|
||||
{AddressPrefix: "172.16.0.0", PrefixLen: wrapperspb.UInt32(12)},
|
||||
|
||||
// RFC4193
|
||||
{AddressPrefix: "fd00::", PrefixLen: wrapperspb.UInt32(8)},
|
||||
},
|
||||
}...)
|
||||
}
|
||||
|
||||
// see doc comment on InternalAddressConfig for details
|
||||
hcm.InternalAddressConfig = &envoy_http_connection_manager.HttpConnectionManager_InternalAddressConfig{
|
||||
CidrRanges: ranges,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ func (b *Builder) buildEnvoyAdminHTTPConnectionManagerFilter() *envoy_config_lis
|
|||
},
|
||||
}})
|
||||
|
||||
return HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
return b.HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
CodecType: envoy_http_connection_manager.HttpConnectionManager_AUTO,
|
||||
StatPrefix: "envoy-admin",
|
||||
RouteSpecifier: &envoy_http_connection_manager.HttpConnectionManager_RouteConfig{
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ func (b *Builder) buildGRPCHTTPConnectionManagerFilter() *envoy_config_listener_
|
|||
Routes: routes,
|
||||
}})
|
||||
|
||||
return HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
return b.HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
CodecType: envoy_http_connection_manager.HttpConnectionManager_AUTO,
|
||||
StatPrefix: "grpc_ingress",
|
||||
// limit request first byte to last byte time
|
||||
|
|
|
|||
|
|
@ -233,7 +233,7 @@ func (b *Builder) buildMainHTTPConnectionManagerFilter(
|
|||
}
|
||||
}
|
||||
|
||||
return HTTPConnectionManagerFilter(mgr), nil
|
||||
return b.HTTPConnectionManagerFilter(mgr), nil
|
||||
}
|
||||
|
||||
func newListenerAccessLog() *envoy_config_accesslog_v3.AccessLog {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ import (
|
|||
)
|
||||
|
||||
func Test_requireProxyProtocol(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil, true)
|
||||
t.Run("required", func(t *testing.T) {
|
||||
li, err := b.buildMainListener(context.Background(), &config.Config{Options: &config.Options{
|
||||
UseProxyProtocol: true,
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ func (b *Builder) buildMetricsHTTPConnectionManagerFilter() *envoy_config_listen
|
|||
},
|
||||
}})
|
||||
|
||||
return HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
return b.HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
CodecType: envoy_http_connection_manager.HttpConnectionManager_AUTO,
|
||||
StatPrefix: "metrics",
|
||||
RouteSpecifier: &envoy_http_connection_manager.HttpConnectionManager_RouteConfig{
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ func TestBuildListeners(t *testing.T) {
|
|||
OutboundPort: "10003",
|
||||
MetricsPort: "10004",
|
||||
}
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
t.Run("enable grpc by default", func(t *testing.T) {
|
||||
cfg := cfg.Clone()
|
||||
lis, err := b.BuildListeners(ctx, cfg, false)
|
||||
|
|
@ -125,7 +125,7 @@ func Test_buildMetricsHTTPConnectionManagerFilter(t *testing.T) {
|
|||
certFileName := filepath.Join(cacheDir, "pomerium", "envoy", "files", "tls-crt-5a353247453159375849565a.pem")
|
||||
keyFileName := filepath.Join(cacheDir, "pomerium", "envoy", "files", "tls-key-3159554e32473758435257364b.pem")
|
||||
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
li, err := b.buildMetricsListener(&config.Config{
|
||||
Options: &config.Options{
|
||||
MetricsAddr: "127.0.0.1:9902",
|
||||
|
|
@ -143,7 +143,7 @@ func Test_buildMetricsHTTPConnectionManagerFilter(t *testing.T) {
|
|||
}
|
||||
|
||||
func Test_buildMainHTTPConnectionManagerFilter(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil, true)
|
||||
|
||||
options := config.NewDefaultOptions()
|
||||
options.SkipXffAppend = true
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ func (b *Builder) buildOutboundListener(cfg *config.Config) (*envoy_config_liste
|
|||
func (b *Builder) buildOutboundHTTPConnectionManager() *envoy_config_listener_v3.Filter {
|
||||
rc := b.buildOutboundRouteConfiguration()
|
||||
|
||||
return HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
return b.HTTPConnectionManagerFilter(&envoy_http_connection_manager.HttpConnectionManager{
|
||||
CodecType: envoy_http_connection_manager.HttpConnectionManager_AUTO,
|
||||
StatPrefix: "grpc_egress",
|
||||
// limit request first byte to last byte time
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import (
|
|||
)
|
||||
|
||||
func Test_buildOutboundRoutes(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", nil, nil, true)
|
||||
routes := b.buildOutboundRoutes()
|
||||
testutil.AssertProtoJSONEqual(t, `[
|
||||
{
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ func TestBuilder_buildMainRouteConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}}
|
||||
b := New("grpc", "http", "metrics", filemgr.NewManager(), nil)
|
||||
b := New("grpc", "http", "metrics", filemgr.NewManager(), nil, true)
|
||||
routeConfiguration, err := b.buildMainRouteConfiguration(ctx, cfg)
|
||||
assert.NoError(t, err)
|
||||
testutil.AssertProtoJSONEqual(t, `{
|
||||
|
|
|
|||
|
|
@ -231,10 +231,6 @@
|
|||
"addressPrefix": "127.0.0.1",
|
||||
"prefixLen": 32
|
||||
},
|
||||
{
|
||||
"addressPrefix": "::1",
|
||||
"prefixLen": 128
|
||||
},
|
||||
{
|
||||
"addressPrefix": "10.0.0.0",
|
||||
"prefixLen": 8
|
||||
|
|
@ -247,6 +243,10 @@
|
|||
"addressPrefix": "172.16.0.0",
|
||||
"prefixLen": 12
|
||||
},
|
||||
{
|
||||
"addressPrefix": "::1",
|
||||
"prefixLen": 128
|
||||
},
|
||||
{
|
||||
"addressPrefix": "fd00::",
|
||||
"prefixLen": 8
|
||||
|
|
|
|||
|
|
@ -61,10 +61,6 @@
|
|||
"addressPrefix": "127.0.0.1",
|
||||
"prefixLen": 32
|
||||
},
|
||||
{
|
||||
"addressPrefix": "::1",
|
||||
"prefixLen": 128
|
||||
},
|
||||
{
|
||||
"addressPrefix": "10.0.0.0",
|
||||
"prefixLen": 8
|
||||
|
|
@ -77,6 +73,10 @@
|
|||
"addressPrefix": "172.16.0.0",
|
||||
"prefixLen": 12
|
||||
},
|
||||
{
|
||||
"addressPrefix": "::1",
|
||||
"prefixLen": 128
|
||||
},
|
||||
{
|
||||
"addressPrefix": "fd00::",
|
||||
"prefixLen": 8
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ func TestValidateCertificate(t *testing.T) {
|
|||
}
|
||||
|
||||
func Test_buildDownstreamTLSContext(t *testing.T) {
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil)
|
||||
b := New("local-grpc", "local-http", "local-metrics", filemgr.NewManager(), nil, true)
|
||||
|
||||
cacheDir, _ := os.UserCacheDir()
|
||||
clientCAFileName := filepath.Join(cacheDir, "pomerium", "envoy", "files", "client-ca-4e4c564e5a36544a4a33385a.pem")
|
||||
|
|
|
|||
10
go.mod
10
go.mod
|
|
@ -88,11 +88,11 @@ require (
|
|||
go.uber.org/automaxprocs v1.6.0
|
||||
go.uber.org/mock v0.5.0
|
||||
go.uber.org/zap v1.27.0
|
||||
golang.org/x/crypto v0.33.0
|
||||
golang.org/x/net v0.35.0
|
||||
golang.org/x/crypto v0.36.0
|
||||
golang.org/x/net v0.37.0
|
||||
golang.org/x/oauth2 v0.27.0
|
||||
golang.org/x/sync v0.11.0
|
||||
golang.org/x/sys v0.30.0
|
||||
golang.org/x/sync v0.12.0
|
||||
golang.org/x/sys v0.31.0
|
||||
golang.org/x/time v0.10.0
|
||||
google.golang.org/api v0.223.0
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2
|
||||
|
|
@ -239,7 +239,7 @@ require (
|
|||
go.uber.org/zap/exp v0.3.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect
|
||||
golang.org/x/mod v0.20.0 // indirect
|
||||
golang.org/x/text v0.22.0 // indirect
|
||||
golang.org/x/text v0.23.0 // indirect
|
||||
golang.org/x/tools v0.24.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f // indirect
|
||||
|
|
|
|||
24
go.sum
24
go.sum
|
|
@ -750,8 +750,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
|
|||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
|
||||
golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
|
||||
golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
|
||||
golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||
|
|
@ -827,8 +827,8 @@ golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su
|
|||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
|
||||
golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
|
||||
golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
|
||||
golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
|
|
@ -851,8 +851,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ
|
|||
golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
|
||||
golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
|
||||
golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
|
|
@ -912,15 +912,15 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
|
||||
golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
|
||||
golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
||||
golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
|
||||
golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
|
||||
golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y=
|
||||
golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g=
|
||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
|
|
@ -931,8 +931,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
|||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
|
||||
golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
|
||||
golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
|
||||
golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
|
||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ import (
|
|||
"github.com/rs/zerolog"
|
||||
"go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc"
|
||||
coltracepb "go.opentelemetry.io/proto/otlp/collector/trace/v1"
|
||||
"golang.org/x/net/nettest"
|
||||
"golang.org/x/sync/errgroup"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/health/grpc_health_v1"
|
||||
|
|
@ -177,6 +178,7 @@ func NewServer(
|
|||
srv.MetricsListener.Addr().String(),
|
||||
srv.filemgr,
|
||||
srv.reproxy,
|
||||
nettest.SupportsIPv6(),
|
||||
)
|
||||
|
||||
res, err := srv.buildDiscoveryResources(ctx)
|
||||
|
|
|
|||
|
|
@ -713,7 +713,7 @@ func TestSharedResourceMonitor(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestBootstrapConfig(t *testing.T) {
|
||||
b := envoyconfig.New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil)
|
||||
b := envoyconfig.New("localhost:1111", "localhost:2222", "localhost:3333", filemgr.NewManager(), nil, true)
|
||||
testEnvoyPid := 99
|
||||
tempDir := t.TempDir()
|
||||
monitor, err := NewSharedResourceMonitor(context.Background(), config.NewStaticSource(nil), tempDir, WithCgroupDriver(&cgroupV2Driver{
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue