Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OSX support #128

Closed
mattklein123 opened this issue Oct 7, 2016 · 38 comments · Fixed by #1346
Closed

OSX support #128

mattklein123 opened this issue Oct 7, 2016 · 38 comments · Fixed by #1346
Assignees
Labels
enhancement Feature requests. Not bugs or questions. help wanted Needs help!
Milestone

Comments

@mattklein123
Copy link
Member

Get Envoy compiling on OSX. Shim out all linux specific features and either turn them off in OSX build or provide OS shim layer to make them work on BSD.

@mattklein123 mattklein123 added enhancement Feature requests. Not bugs or questions. help wanted labels Oct 7, 2016
@ramtej
Copy link

ramtej commented Nov 22, 2016

+1

@mattklein123
Copy link
Member Author

@Reflejo if you are working on this can you keep notes in here on your progress (just so we don't duplicate effort).

Thanks,
Matt

@Reflejo
Copy link
Contributor

Reflejo commented Feb 6, 2017

I'll keep this issue updated; I'm planning on compile envoy on freebsd fwiw, but I think the delta between freebsd and darwin should be pretty small

@Reflejo Reflejo self-assigned this Feb 6, 2017
@dch
Copy link

dch commented Feb 14, 2017

hi folks, I started on a port for this to FreeBSD; I'm not a C/C++ programmer but will do what I can to get this into the ports tree. Feel free to contact me directly, I'm also in the IRC channel as dch. No idea why github has unassigned @Reflejo it wasn't intentional on my part 👎 sorry!

@dch dch unassigned Reflejo Feb 14, 2017
@Reflejo
Copy link
Contributor

Reflejo commented Feb 21, 2017

Update for FreeBSD

tl;dr; I have a branch that compiles and passes all the tests on FreeBSD.

Take this as a very experimental first step.

Non comprehensive TODO list

  • Provide a more elegant shim layer instead of inlining #ifdefs which is nasty
  • Discuss / decide what to do with hot restart; is it ok to use files instead of abstract sockets on FreeBSD?
  • Is it ok to disable TCMalloc?
  • Make OSX pass all tests
  • consistent mutex is not available on Darwin.

See: https://github.com/lyft/envoy/compare/master...Reflejo:freebsd?expand=1

What was done

TCMalloc disabled (commit)

envoy compiled w/TCMalloc seg faults on OSX and creates deadlocks on FreeBSD on very specific situations while removing events with event_del. I got deep into this deadlock for hours before I realized that TCMalloc was contributing to this (probably indirectly but still).

Make currentThreadId multiplatform (commit)

I decided to use pthread_getthreadid_np on FreeBSD for convenience which I believe it was added around fbsd 9. Alternatively pthread_self could be used which is more portable.

Add kqueue implementation for monitoring symlinks (commit)

inotify is not available on BSD hence why I implemented the watcher using kqueue. There is a caveat though, envoy is mainly using the watcher for symlinks but freebsd doesn't support O_SYMLINK (i.e. get a file descriptor from a symlink). I included a kernel patch for freebsd11 adding this functionality. FWIW OSX supports O_SYMLINK.

Handle EAGAIN when querying SO_ERROR on bsd (commit)

When a connect() is performed on a non-blocking socket, it'll return -1/EINPROGRESS immediately and when select()'ed for writability it'll succeed or fail but when it fails the reason is hidden. getsockopt(,,SO_ERROR,,) solves this issue on some systems but on some cases such as FreeBSD getsockopt returns 0 even on EAGAIN.

This was a big problem on freebsd that'd hang connections so instead of trusting on SO_ERROR I'm also calling getpeername() which will return -1/ENOTCONN if the socket is not connected and read(,,1) will produce the right errno.

UUID implementation on FreeBSD (commit)

Envoy was getting uuids from /proc/sys/kernel/random/uuid on linux (which afaik uses urandom). Instead I changed it to use uuid_generate_random on Linux and hand craft a uuid using arc4random on bsd.

Hot restart on BSD doesn't use abstract sockets (commit)

envoy uses abstract sockets which are only supported on Linux. As a temporary hack; I'm just using concrete files on FreeBSD, but a decision needs to be taken for the whole hot restart system to make it more portable.

Fix tests on FreeBSD (commit)

Some tests were making assumptions that only worked on Linux (for example at what point on the event loop a connection would be open/ready). I fixed some tests that were using NonBlock.

Additionally I had to disable TcpClientConnectionImplTest.BadConnectNotConnRefused since FreeBSD will happily connect to almost any ip (even checking the kernel code I couldn't find a case that'd return ENETUNREACH on a common gw configuration).

OSX

The delta from here to make it compile in OSX is actually very small. With this change it'll compile but I still haven't try to make the tests pass.

cc @dch Since I'm on and off here (more off than on), feel free to take over this and let me know how I can help.

@mattklein123
Copy link
Member Author

FYI @ldemailly and @9len have both expressed interest in finishing this up. I doubt it would really be that difficult at this point, especially I'm guessing if hot restart is just not supported on OSX (I think the MSFT folks are doing this also for the initial NT port). Please coordinate here so we don't duplicate effort.

@9len
Copy link

9len commented Jul 12, 2017

Cc @zuercher who is looking at this on our end.

@mattklein123 mattklein123 added the help wanted Needs help! label Jul 12, 2017
@zuercher
Copy link
Member

I'm going to start looking at this today, starting by porting over the changes mentioned above to fresh branch off master.

@zuercher
Copy link
Member

c.f. master...turbinelabs:osx

I maintained the author field on commits I copied from Refejlo:freebsd. Some further changes were necessary since envoy has changed a lot since February. The end result almost compiles. The final build failure in the linking step because of an unsupported linker flag. Looking at that next.

If someone who has a better understanding of bazel would care to suggest a better way to accomplish what I did in turbinelabs@88344c1, I'd be grateful. I ended up copying bazel's tools/osx (at SHA 7b85122) into envoy's bazel/tools/osx. This provides detection of various xcode cross compilers (envoy for Apple Watch 🤣). The one change I made in crosstool was to switch the flags for ar from ar -static -s -o to ar -r -s (turbinelabs@88344c1#diff-0cea4aa18c29d749a512a756ef2f98c1R159). I wasn't able to find docs for a version of ar that takes those flags (on my mac -static is taken to mean -s -t -a -t -i -c; -o is not recognized and taken as the first file argument).

Also, source/common/filesystem is pretty awful. I'm not sure what I've done is really better than a single header and source file with conditionally compiled parts. Is there a better way to do OS-specific code with bazel?

I kept @Reflejo's file-based hot restart implementation, since it wasn't obvious to me how to disable it completely.

@zuercher
Copy link
Member

Just realized those flags for ar seem like they would be valid for ld.

@mattklein123
Copy link
Member Author

@lizan @ldemailly @htuch can probably advise on bazel issues. I just skimmed this real quick and it would be nice to avoid copying so much bazel code into our repo somehow (sad that we already have to copy so much. Not sure what is possible. :(

Overall this looks good modulo the details. Exciting to see this come together.

@zuercher once you get it mostly working, please add the bazel files/changes in their own PR. It will make it easier to review the other stuff.

@mattklein123
Copy link
Member Author

@zuercher if you want to get rid of hot restart, basically do this: https://github.com/lyft/envoy/blob/master/test/integration/server.cc#L20

in prod code.

@htuch
Copy link
Member

htuch commented Jul 20, 2017

The ar flag issue looks like it should be fixed upstream. Given how we're forking cc_configure.bzl, we might not be able to avoid some of this copy as we have things implemented today. It's possible within the cc_configure repository rule we could pull down stuff from the Bazel Github and inject it, that might be a lot cleaner for files that are essentially unchanged.

We wouldn't need to do any of this if bazelbuild/bazel#2840 was fixed upstream.

@lizan
Copy link
Member

lizan commented Jul 20, 2017

I am happy to help.

Also, source/common/filesystem is pretty awful. I'm not sure what I've done is really better than a single header and source file with conditionally compiled parts. Is there a better way to do OS-specific code with bazel?

You can use select function in BUILD files, to compile specific cc_library as deps.

@zuercher
Copy link
Member

@lizan thanks -- I think that's enough for to make it better.

Current status:

  • it links and doesn't immediately crash on start with no config (output looks the same as linux)
  • the same branch links and passes tests under linux
  • Executed 143 out of 143 tests: 110 tests pass and 33 fail locally.

@Reflejo
Copy link
Contributor

Reflejo commented Jul 21, 2017

I'm glad someone is picking this up. It's was on my backlog and never got back to it.

@zuercher Sounds like you are good, but do let me know if you need something from me. I got all the tests passing on FreeBSD at some point

@zuercher
Copy link
Member

I've got it down to 3 failing tests:

  1. /test/common/network:proxy_protocol_test hangs
  2. /test/common/network:connection_impl_test asserts when the ConnectionImplTest destructor destroys the client ConnectionImpl (I think) because the connection hasn't been closed.
  3. /test/common/ssl:connection_impl_test hangs

@zuercher
Copy link
Member

I've gotten all the tests passing on osx (and don't seem to have caused any linux regressions).

@htuch The tools/osx/crosstools ar invocation is still broken with bazel's master. I'll see about filing an issue with them. Maybe no one else is linking statically on OSX? Meanwhile, I'll try to trim the changes down to copying stuff from the bazel repo at build time and applying a diff for the one file I changed.

I also need to circle back and clean up the watcher code, and then I should be able to make some PRs.

@Reflejo
Copy link
Contributor

Reflejo commented Jul 26, 2017

That's fantastic @zuercher. Thanks for taking this

@mattklein123
Copy link
Member Author

Awesome work @zuercher !

re: bazel, at this point, I would just copy the code in the same as we have done for all the other crosstools stuff, but up to you (please just do in dedicated PR).

@zuercher
Copy link
Member

That's good, because I fell down a rabbit hole trying to make it smaller yesterday. But... I endedup upgrading to bazel 0.5.2 on the max and it turns out strip has the same crazy arguments program as ar if you use bazel 0.5.2. I "fixed it."

Anyway, tada:
#1346
#1348

@mattklein123
Copy link
Member Author

I'm reopening this for tracking until we are sure this is fully done and to see if there are any needed doc updates.

@mattklein123 mattklein123 reopened this Aug 7, 2017
@mattklein123 mattklein123 added this to the 1.4.0 milestone Aug 7, 2017
@9len
Copy link

9len commented Aug 7, 2017

We should probably set up a darwin CI build.

@mattklein123
Copy link
Member Author

@9len @zuercher unfortunately right now we won't have the ability to host OSX CI (our CI story is a mess and we need to get that in shape first before taking on potentially non-Linux targets). Some options for CI are:

  • Someone else sets up a CI job for OSX. We will setup whatever GH hooks you want to fire events into your system.
  • We will not block merge if that job is broken, but at least we will know about it.

There was a question that popped up in Gitter about the OSX build not working (I don't know details), so at minimum we should probably just go through the various ci/bazel/public docs and see if anything needs to be updated for doing an OSX build.

@9len
Copy link

9len commented Aug 7, 2017

looks like there's only one option :)

we can try to set it up.

@ldemailly
Copy link

travis has OSX support (it's a small pool and fairly slow but I've had successes with it) ?

@mattklein123
Copy link
Member Author

Travis may have OSX support but Lyft and non-Istio Google do not have the resources to manage it right now. Like I said I'm happy to install hooks and make the tests non-blocking for merge but that's the best we can do right now. cc @htuch

@9len
Copy link

9len commented Aug 7, 2017

That's fine with us, and about what we expected.

We run CircleCI for our in-house stuff, would you be opposed to us using that for an OSX build? Sidesteps figuring out how to do both from one travis yaml file.

@mattklein123
Copy link
Member Author

We run CircleCI for our in-house stuff, would you be opposed to us using that for an OSX build?

Opposite of opposed. Please do!!! :) I will setup the hooks to send them to you when you are ready. We can figure that out offline.

@9len
Copy link

9len commented Aug 7, 2017

cool. we'll prototype in our fork until we find something we like.

@zuercher
Copy link
Member

@lizan You noted a compile error on the original PR for this (#1348). All my changes have landed on master, do you still see that? If so, what version of bazel & xcode do you have installed?

@mattklein123
Copy link
Member Author

@zuercher AFAWK this is done right? Can we tell people to start testing?

@zuercher
Copy link
Member

@mattklein123 Sure. I'm working on a CI build for now. That'll uncover some things (like missing tools, of which I'm keeping a list to update the README).

@mattklein123
Copy link
Member Author

OK I will blast out to try to get some people testing. This is awesome!!

@lizan
Copy link
Member

lizan commented Aug 10, 2017

@zuercher I still see the same compile errors (on commit 5e35e19)

Errors: bazel build -c dbg //test/...

ERROR: /Users/zlizan/github/lizan/envoy/source/common/http/BUILD:11:1: C++ compilation of rule '//source/common/http:async_client_lib' failed (Exit 1).
source/common/http/async_client_impl.cc:16:77: error: default initialization of an object of const type 'const AsyncStreamImpl::NullRateLimitPolicy' without a user-provided default constructor
const AsyncStreamImpl::NullRateLimitPolicy AsyncStreamImpl::RouteEntryImpl::rate_limit_policy_;
                                                                            ^
                                                                                              {}
source/common/http/async_client_impl.cc:17:73: error: default initialization of an object of const type 'const AsyncStreamImpl::NullRetryPolicy' without a user-provided default constructor
const AsyncStreamImpl::NullRetryPolicy AsyncStreamImpl::RouteEntryImpl::retry_policy_;
                                                                        ^
                                                                                     {}
source/common/http/async_client_impl.cc:18:74: error: default initialization of an object of const type 'const AsyncStreamImpl::NullShadowPolicy' without a user-provided default constructor
const AsyncStreamImpl::NullShadowPolicy AsyncStreamImpl::RouteEntryImpl::shadow_policy_;
                                                                         ^
                                                                                       {}
source/common/http/async_client_impl.cc:19:73: error: default initialization of an object of const type 'const AsyncStreamImpl::NullVirtualHost' without a user-provided default constructor
const AsyncStreamImpl::NullVirtualHost AsyncStreamImpl::RouteEntryImpl::virtual_host_;
                                                                        ^
                                                                                     {}
source/common/http/async_client_impl.cc:20:78: error: default initialization of an object of const type 'const AsyncStreamImpl::NullRateLimitPolicy' without a user-provided default constructor
const AsyncStreamImpl::NullRateLimitPolicy AsyncStreamImpl::NullVirtualHost::rate_limit_policy_;
                                                                             ^
                                                                                               {}

bazel version:

Build label: 0.5.3-homebrew
Build target: bazel-out/darwin_x86_64-opt/bin/src/main/java/com/google/devtools/build/lib/bazel/BazelServer_deploy.jar
Build time: Thu Jul 27 19:30:37 2017 (1501183837)
Build timestamp: 1501183837
Build timestamp as int: 1501183837

Xcode version:

Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr --with-gxx-include-dir=/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/usr/include/c++/4.2.1
Apple LLVM version 8.0.0 (clang-800.0.42.1)
Target: x86_64-apple-darwin16.7.0
Thread model: posix
InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin

@zuercher
Copy link
Member

I've updated the readme to indicate that XCode 8.3.3 is required.

@timperrett
Copy link
Contributor

Managed to compile a static binary using the instructions here: https://github.com/lyft/envoy/blob/master/bazel/README.md#quick-start-bazel-build-for-developers

Running bazel build -c dbg //test/... took 30 minutes to run, but it does indeed work.

Great stuff folks!

@mattklein123
Copy link
Member Author

Nice going to close this as complete since I think several people have got it working. We can track CI in a different PR/Issue.

rshriram pushed a commit to rshriram/envoy that referenced this issue Oct 30, 2018
* Point to googleapi in service control client. (envoyproxy#91)

* Point to googleapi in service control client.

* Use git repository for service-control-client.

* Merge latest changes from master (envoyproxy#104)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Extract quota config from service config. (envoyproxy#101)

* Add metric_cost in config.

* Remove group rules.

* Call loadQuotaConfig in config::create.

* Update latest update from master branch (envoyproxy#106)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Added quota contoll without the service control client library (envoyproxy#93)

* Added quota contoll without the service control client library

* Applied code review

* Applied code review

* Resolve conflicts

* Resolve conflicts

* Fixed format error reported by script/check-style

* Fixed a bug at Aggregated::GetAuthToken that causes Segmentation Fault

* Changed usage of template funcion

* Applied latest changes from the repo

* Applied latest changes from the repo

* Applied latest changes from the repo

* Adde comments

* Updated log information

* Applied envoyproxy#101

* Changed metric_cost_map to metric_cost_vector

* Fixed test case compilation error

* Fixed test case compilation error

* Add unit test for quota config. (envoyproxy#108)

* Add unit test for quota config.

* Add comments.

* Update test specifics.

* Merge latest changes from master branch (envoyproxy#112)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Not to use api_key if its service is not actived. (envoyproxy#109)

* If QuotaControl service is not available, return utils::Status::OK (envoyproxy#113)

* If QuotaControl service is not available, return utils::Status::OK

* Updated comment

* Return HTTP status code 429 on google.rpc.Code.RESOURCE_EXHAUSTED (envoyproxy#119)

* Fixed incorrectly resolved conflicts (envoyproxy#123)

* Added unit test cases for rate limiting (envoyproxy#124)

* Fixed incorrectly resolved conflicts

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Rename response.http.code (envoyproxy#125) (envoyproxy#128)

* Added handling of error code QUOTA_SYSTEM_UNAVAILABLE (envoyproxy#148)

* Integrated service control client library with quota cache aggregation (envoyproxy#149)

* Fixed error on merge (envoyproxy#151)

* Integrated service control client library with quota cache aggregation

* Fixed error on merge

* Fixed the compatibility issue with the latest update on esp (envoyproxy#152)

* Removed copied proto files (envoyproxy#208)

* Set default allocate quota request timeout to 1sec and applied latest service control client library change (envoyproxy#211)

* Merged key_restriction related changes from master (envoyproxy#213)

* Merge latest changes from master branch (envoyproxy#217)

* Not call report if decodeHeaders is not called. (envoyproxy#150)

* Update mixerclient with sync-ed grpc write and fail-fast. (envoyproxy#155)

* Update mixerclient with sync-ed write and fail-fast.

* Update to latest test.

* Update again

* Update envoy to PR553 (envoyproxy#156)

* Update envoy to PR553

* Update libevent to 2.1.8

* Uses a specific version of the Shared Pipeline lib (envoyproxy#158)

* Update lyft/envoy commit Id to latest. (envoyproxy#161)

* Update lyft/envoy commit Id to latest.

* Remove the comment about pull request

* Add new line - will delete in next commit.

* Update repositories.bzl (envoyproxy#169)

* Always set response latency (envoyproxy#172)

* Update mixerclient to sync_transport change. (envoyproxy#178)

* Use opaque config to turn on/off forward attribute and mixer filter (envoyproxy#179)

* Modify mixer filter

* Swap defaults

* Make the filter decoder only

* cache mixer disabled decision

* Fix a bug in opaque config change and test it out (envoyproxy#182)

* Fix a bug and test it out

* Update filter type

* Update README.md

* Update mixer client to mixer api with gogoproto. (envoyproxy#184)

* Move .bazelrc to tools/bazel.rc (envoyproxy#186)

* Move .bazelrc to tools/bazel.rc

* Update Jenkinsfile with latest version of pipeline

* Support apikey based traffic restriction (envoyproxy#189)

* b/36368559 support apikey based traffic restriction

* Fixed code formatting

* Fix crash in unreachable/overloaded RDS (envoyproxy#190)

* Add mixer client end to end integration test. (envoyproxy#177)

* Add mixer client end to end integration test.

* Split some repositories into a separate file.

* use real mixer for fake mixer_server.

* Test repository

* use mixer bzl file.

* Use mixer repositories

* Not to use mixer repository.

* Add return line at the end of WORKSPACE.

* Fix broken link (envoyproxy#193)

* Make quota call (envoyproxy#192)

* hookup quota call

* Make quota call.

* Update indent.

* Update envoy and update configs (envoyproxy#195)

* Update envoy and update configs

* Use gcc-4.9 for travis

* Use bazel 0.4.5

* Fix SHA of lightstep-tracer-common

* Enable check cache and refactory mixer config loading  (envoyproxy#197)

* Refactory the mixer config loading.

* fix format

* Add integration test.

* updated README.md

* s/send/sent/

* Split into separate tests. (envoyproxy#201)

* Update README on how to enable check cache. (envoyproxy#204)

* Update README on how to enable check cache.

* Update the comment.

* build: support Envoy native Bazel build. (envoyproxy#210)

* build: support Envoy native Bazel build.

This patch switches the Envoy build from src/envoy/repositories.bzl to
using the upstream native build.

See envoyproxy#663 for the corresponding changes
on the Envoy side.

* Use Envoy master with BUILD.wip rename merged.

* Fix clang-format issues.

* Fixes bazel.rc issues (envoyproxy#212)

* Fixes bazel rc issues

* Update Jenkins to latest pipeline version

* Updated the commit id of cloudendpoints/service-control-client-cxx (envoyproxy#218)

* Update commitid of cloudendpoints/service-control-client-cxx repo (envoyproxy#220)
rshriram pushed a commit to rshriram/envoy that referenced this issue Oct 30, 2018
* Created check security rules file and a few dummy/helper functions. (envoyproxy#40)

* Created check security rules file and a few dummy/helper functions.

And added it to check work flow.

* Fix format.

* Firebase: Merge from master. (envoyproxy#53)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect (envoyproxy#38)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect

* Fixed style.

* Rebase Envoy (envoyproxy#41)

* Update prototype to use iptables (envoyproxy#42)

* Rebase to fixed Envoy (envoyproxy#43)

* Handle HEAD request. (envoyproxy#34)

* Handle HEAD request.

* Try with GET if HEAD fails.

* Address comments.

* Format file.

* Expose bazel target (envoyproxy#48)

* Try again (envoyproxy#49)

* Enable ESP to invoke Firebase Security rules. (envoyproxy#54)

* Enable ESP to invoke Firebase Security rules.

* Address code review comments.

* Remove some debug logs

* Add proto file to capture TestRulesetRequest.

* clang-format files

* Resolve a merge issue with previous commit

* Allow security rules to disabled via serverconfig

* format file

* Addressed Wayne's review comments.

* Add firebase server to Server Config.

* Address Lizan's review comments

* Address review comments.

* Disable check rules service by default.

* Address more review comments.

* Fix a check.

* Delete unwanted constant.

* Address Wayne's comments and add a simple config test.

* Address a review comment.

* Add negative test case for config

* Address code review

* Remove unwanted const std::string

* Merge from master into firebase (envoyproxy#65)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect (envoyproxy#38)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect

* Fixed style.

* Rebase Envoy (envoyproxy#41)

* Update prototype to use iptables (envoyproxy#42)

* Rebase to fixed Envoy (envoyproxy#43)

* Handle HEAD request. (envoyproxy#34)

* Handle HEAD request.

* Try with GET if HEAD fails.

* Address comments.

* Format file.

* Expose bazel target (envoyproxy#48)

* Try again (envoyproxy#49)

* Integrate with mixer client. (envoyproxy#55)

* Integrate with mixer client.

* Restore  repositories.bzl back.

* Add originIp and originHost attributes. (envoyproxy#56)

* Add uuid-dev dependency in README.md (envoyproxy#45)

* Extract originIp and OriginHost. (envoyproxy#57)

* Extract originIp and OriginHost.

* Make header x-forwarded-host const.

* Update buckets for UI. (envoyproxy#58)

* Update buckets for UI.

* Only update time_distribution.

* Add targetService attribute. (envoyproxy#59)

* Use envoy new access_log handler for sending Report. (envoyproxy#60)

* use access_log handler.

* Not to use Loggable base class.

* Update to the latest envoy with envoyproxy#396. (envoyproxy#61)

* Fix tclap dependency fetching error (envoyproxy#62)

* Update the auth checke to use service.experimental.authorization.providerwq!

* Update the auth check to use service.experimental.authorization.provider

* Update the auth check to use service.experimental.authorization.provider (envoyproxy#67)

* Update the auth check to use service.experimental.authorization.provider

* Address comments and revert accidental change.

* Remove unnecessary added accidentally.

* Another patch

* fix the logic

* fix lint

* Fix broken test and add unit tests

* Fix comments

* Fix style check

* revert style for raw string

* fix small lint

* fix small lint

* fix small lint

* Unit tests for check security rules. (envoyproxy#75)

* Unit tests for check security rules.

* format

* Address review comments.

* Fix typos

* Merge from master to firebase (envoyproxy#143)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect (envoyproxy#38)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect

* Fixed style.

* Rebase Envoy (envoyproxy#41)

* Update prototype to use iptables (envoyproxy#42)

* Rebase to fixed Envoy (envoyproxy#43)

* Handle HEAD request. (envoyproxy#34)

* Handle HEAD request.

* Try with GET if HEAD fails.

* Address comments.

* Format file.

* Expose bazel target (envoyproxy#48)

* Try again (envoyproxy#49)

* Integrate with mixer client. (envoyproxy#55)

* Integrate with mixer client.

* Restore  repositories.bzl back.

* Add originIp and originHost attributes. (envoyproxy#56)

* Add uuid-dev dependency in README.md (envoyproxy#45)

* Extract originIp and OriginHost. (envoyproxy#57)

* Extract originIp and OriginHost.

* Make header x-forwarded-host const.

* Update buckets for UI. (envoyproxy#58)

* Update buckets for UI.

* Only update time_distribution.

* Add targetService attribute. (envoyproxy#59)

* Use envoy new access_log handler for sending Report. (envoyproxy#60)

* use access_log handler.

* Not to use Loggable base class.

* Update to the latest envoy with envoyproxy#396. (envoyproxy#61)

* Fix tclap dependency fetching error (envoyproxy#62)

* Integrate mixer client directly with envoy. (envoyproxy#66)

* Integrate mixer client directly with envoy.

* Send response header in Report.

* rename filter name from esp to mixer.

* add README.

* Add release binary script. (envoyproxy#68)

* Push tar.gz to GCS (envoyproxy#69)

* Push tar.gz to GCS

* Rename envoy_esp

* Remove mixer_client from api_manager. (envoyproxy#72)

* Update mixer client SHA. (envoyproxy#74)

* Update readme. (envoyproxy#73)

* Adds Jenkinsfile and updates release-binary to create a SHA. (envoyproxy#71)

* Adds Jenkinsfile and update release-binary
* Update Jenkinsfile and gitignore
* Fixes typo and use normal build Node
* Uses default bazel config
* Using batch mode
* Update bazel memory settings
* Do not use Jenkins bazel env
* Set .bazelrc for postsubmit

* Update grpc and protobuf (envoyproxy#70)

* protobuf v3.2.0
* grpc v1.1.1
* Align auth lib with grpc 1.1.1

* Add sourceService. (envoyproxy#78)

* Add script to build docker image. (envoyproxy#77)

* Add script to build docker image.

* Add start_envoy for docker image.

* Use official attribute names (envoyproxy#80)

* Use official attribute names

* fix format

* Creates a KEY for mixer client dep. Updates release-binary (envoyproxy#79)

* Updated mixer repo to use a key for commit

* release-binary skip build if file exists.

* Update src/envoy/mixer/README. (envoyproxy#82)

* Fix src/envoy/mixer/README.md (envoyproxy#85)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Not to use api_key if its service is not actived. (envoyproxy#109)

* Update envoy and add c-ares (envoyproxy#107)

* Update envoy and add c-ares depedencies

* Update release script with debug and normal binary

* remove debug ls

* formatting

* Send StatusCode Attributes to Mixer. (envoyproxy#110)

* Add send_attribute filter. (envoyproxy#115)

* Add send_attribute filter.

* Fix format

* rename variable serialized_attributes_

* Address the comments.

* Fail request if api_key is not valid. (envoyproxy#116)

* Fail request if api_key is not valid.

* Format code.

* Update comments.

* Address comment.

* Rename response.http.code (envoyproxy#125)

* Send headers as string map. (envoyproxy#129)

* Send headers as string map.

* Remove origin.ip and origin.host.

* Fix format

* unify bazel's docker build targets with other istio repos (envoyproxy#127)

* update base debug docker image reference (envoyproxy#133)

* Update postsubmit to create docker images (envoyproxy#132)

* Adding config release for bazel build (envoyproxy#135)

* Fix mixer client crash. (envoyproxy#136)

* Get mixerclient with response parsing. (envoyproxy#138)

* Update nghttp2 to sync with envoy (envoyproxy#140)

* Fix src/envoy/mixer/README.md

* Update nghttp2 to sync with envoy

* update

* fix typo

* Merge from master to firebase (envoyproxy#159)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect (envoyproxy#38)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect

* Fixed style.

* Rebase Envoy (envoyproxy#41)

* Update prototype to use iptables (envoyproxy#42)

* Rebase to fixed Envoy (envoyproxy#43)

* Handle HEAD request. (envoyproxy#34)

* Handle HEAD request.

* Try with GET if HEAD fails.

* Address comments.

* Format file.

* Expose bazel target (envoyproxy#48)

* Try again (envoyproxy#49)

* Integrate with mixer client. (envoyproxy#55)

* Integrate with mixer client.

* Restore  repositories.bzl back.

* Add originIp and originHost attributes. (envoyproxy#56)

* Add uuid-dev dependency in README.md (envoyproxy#45)

* Extract originIp and OriginHost. (envoyproxy#57)

* Extract originIp and OriginHost.

* Make header x-forwarded-host const.

* Update buckets for UI. (envoyproxy#58)

* Update buckets for UI.

* Only update time_distribution.

* Add targetService attribute. (envoyproxy#59)

* Use envoy new access_log handler for sending Report. (envoyproxy#60)

* use access_log handler.

* Not to use Loggable base class.

* Update to the latest envoy with envoyproxy#396. (envoyproxy#61)

* Fix tclap dependency fetching error (envoyproxy#62)

* Integrate mixer client directly with envoy. (envoyproxy#66)

* Integrate mixer client directly with envoy.

* Send response header in Report.

* rename filter name from esp to mixer.

* add README.

* Add release binary script. (envoyproxy#68)

* Push tar.gz to GCS (envoyproxy#69)

* Push tar.gz to GCS

* Rename envoy_esp

* Remove mixer_client from api_manager. (envoyproxy#72)

* Update mixer client SHA. (envoyproxy#74)

* Update readme. (envoyproxy#73)

* Adds Jenkinsfile and updates release-binary to create a SHA. (envoyproxy#71)

* Adds Jenkinsfile and update release-binary
* Update Jenkinsfile and gitignore
* Fixes typo and use normal build Node
* Uses default bazel config
* Using batch mode
* Update bazel memory settings
* Do not use Jenkins bazel env
* Set .bazelrc for postsubmit

* Update grpc and protobuf (envoyproxy#70)

* protobuf v3.2.0
* grpc v1.1.1
* Align auth lib with grpc 1.1.1

* Add sourceService. (envoyproxy#78)

* Add script to build docker image. (envoyproxy#77)

* Add script to build docker image.

* Add start_envoy for docker image.

* Use official attribute names (envoyproxy#80)

* Use official attribute names

* fix format

* Creates a KEY for mixer client dep. Updates release-binary (envoyproxy#79)

* Updated mixer repo to use a key for commit

* release-binary skip build if file exists.

* Update src/envoy/mixer/README. (envoyproxy#82)

* Fix src/envoy/mixer/README.md (envoyproxy#85)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Not to use api_key if its service is not actived. (envoyproxy#109)

* Update envoy and add c-ares (envoyproxy#107)

* Update envoy and add c-ares depedencies

* Update release script with debug and normal binary

* remove debug ls

* formatting

* Send StatusCode Attributes to Mixer. (envoyproxy#110)

* Add send_attribute filter. (envoyproxy#115)

* Add send_attribute filter.

* Fix format

* rename variable serialized_attributes_

* Address the comments.

* Fail request if api_key is not valid. (envoyproxy#116)

* Fail request if api_key is not valid.

* Format code.

* Update comments.

* Address comment.

* Rename response.http.code (envoyproxy#125)

* Send headers as string map. (envoyproxy#129)

* Send headers as string map.

* Remove origin.ip and origin.host.

* Fix format

* unify bazel's docker build targets with other istio repos (envoyproxy#127)

* update base debug docker image reference (envoyproxy#133)

* Update postsubmit to create docker images (envoyproxy#132)

* Adding config release for bazel build (envoyproxy#135)

* Fix mixer client crash. (envoyproxy#136)

* Get mixerclient with response parsing. (envoyproxy#138)

* Update nghttp2 to sync with envoy (envoyproxy#140)

* Fix src/envoy/mixer/README.md

* Update nghttp2 to sync with envoy

* update

* fix typo

* Populate origin.user attribute from the SAN field of client cert (envoyproxy#142)

* Test

* test

* test

* revert file

* address comments

* test

* fix typo

* fix format

* fix format

* Update to latest mixer_client. (envoyproxy#145)

* Update to latest mixer_client.

* Updated the sha.

* Not call report if decodeHeaders is not called. (envoyproxy#150)

* Update mixerclient with sync-ed grpc write and fail-fast. (envoyproxy#155)

* Update mixerclient with sync-ed write and fail-fast.

* Update to latest test.

* Update again

* Update envoy to PR553 (envoyproxy#156)

* Update envoy to PR553

* Update libevent to 2.1.8

* Update the Commit id for envoy

* Allow for HTTP based function from Firebase rules (envoyproxy#202)

* Allow for HTTP based function from Firebase rules

* Fix code style check

* Added more comments.

* Fix style issues.

* Address code review comments from Limin and Lizan.

* Add more comments and address CR comments.

* Fix a typo.

* Address Wayne's CR comments.

* Merge from master to firebase (envoyproxy#237)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect (envoyproxy#38)

* Simple TCP server to show how to retrieve original dest IP:port after an iptables redirect

* Fixed style.

* Rebase Envoy (envoyproxy#41)

* Update prototype to use iptables (envoyproxy#42)

* Rebase to fixed Envoy (envoyproxy#43)

* Handle HEAD request. (envoyproxy#34)

* Handle HEAD request.

* Try with GET if HEAD fails.

* Address comments.

* Format file.

* Expose bazel target (envoyproxy#48)

* Try again (envoyproxy#49)

* Integrate with mixer client. (envoyproxy#55)

* Integrate with mixer client.

* Restore  repositories.bzl back.

* Add originIp and originHost attributes. (envoyproxy#56)

* Add uuid-dev dependency in README.md (envoyproxy#45)

* Extract originIp and OriginHost. (envoyproxy#57)

* Extract originIp and OriginHost.

* Make header x-forwarded-host const.

* Update buckets for UI. (envoyproxy#58)

* Update buckets for UI.

* Only update time_distribution.

* Add targetService attribute. (envoyproxy#59)

* Use envoy new access_log handler for sending Report. (envoyproxy#60)

* use access_log handler.

* Not to use Loggable base class.

* Update to the latest envoy with envoyproxy#396. (envoyproxy#61)

* Fix tclap dependency fetching error (envoyproxy#62)

* Integrate mixer client directly with envoy. (envoyproxy#66)

* Integrate mixer client directly with envoy.

* Send response header in Report.

* rename filter name from esp to mixer.

* add README.

* Add release binary script. (envoyproxy#68)

* Push tar.gz to GCS (envoyproxy#69)

* Push tar.gz to GCS

* Rename envoy_esp

* Remove mixer_client from api_manager. (envoyproxy#72)

* Update mixer client SHA. (envoyproxy#74)

* Update readme. (envoyproxy#73)

* Adds Jenkinsfile and updates release-binary to create a SHA. (envoyproxy#71)

* Adds Jenkinsfile and update release-binary
* Update Jenkinsfile and gitignore
* Fixes typo and use normal build Node
* Uses default bazel config
* Using batch mode
* Update bazel memory settings
* Do not use Jenkins bazel env
* Set .bazelrc for postsubmit

* Update grpc and protobuf (envoyproxy#70)

* protobuf v3.2.0
* grpc v1.1.1
* Align auth lib with grpc 1.1.1

* Add sourceService. (envoyproxy#78)

* Add script to build docker image. (envoyproxy#77)

* Add script to build docker image.

* Add start_envoy for docker image.

* Use official attribute names (envoyproxy#80)

* Use official attribute names

* fix format

* Creates a KEY for mixer client dep. Updates release-binary (envoyproxy#79)

* Updated mixer repo to use a key for commit

* release-binary skip build if file exists.

* Update src/envoy/mixer/README. (envoyproxy#82)

* Fix src/envoy/mixer/README.md (envoyproxy#85)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Not to use api_key if its service is not actived. (envoyproxy#109)

* Update envoy and add c-ares (envoyproxy#107)

* Update envoy and add c-ares depedencies

* Update release script with debug and normal binary

* remove debug ls

* formatting

* Send StatusCode Attributes to Mixer. (envoyproxy#110)

* Add send_attribute filter. (envoyproxy#115)

* Add send_attribute filter.

* Fix format

* rename variable serialized_attributes_

* Address the comments.

* Fail request if api_key is not valid. (envoyproxy#116)

* Fail request if api_key is not valid.

* Format code.

* Update comments.

* Address comment.

* Rename response.http.code (envoyproxy#125)

* Send headers as string map. (envoyproxy#129)

* Send headers as string map.

* Remove origin.ip and origin.host.

* Fix format

* unify bazel's docker build targets with other istio repos (envoyproxy#127)

* update base debug docker image reference (envoyproxy#133)

* Update postsubmit to create docker images (envoyproxy#132)

* Adding config release for bazel build (envoyproxy#135)

* Fix mixer client crash. (envoyproxy#136)

* Get mixerclient with response parsing. (envoyproxy#138)

* Update nghttp2 to sync with envoy (envoyproxy#140)

* Fix src/envoy/mixer/README.md

* Update nghttp2 to sync with envoy

* update

* fix typo

* Populate origin.user attribute from the SAN field of client cert (envoyproxy#142)

* Test

* test

* test

* revert file

* address comments

* test

* fix typo

* fix format

* fix format

* Update to latest mixer_client. (envoyproxy#145)

* Update to latest mixer_client.

* Updated the sha.

* Not call report if decodeHeaders is not called. (envoyproxy#150)

* Update mixerclient with sync-ed grpc write and fail-fast. (envoyproxy#155)

* Update mixerclient with sync-ed write and fail-fast.

* Update to latest test.

* Update again

* Update envoy to PR553 (envoyproxy#156)

* Update envoy to PR553

* Update libevent to 2.1.8

* Uses a specific version of the Shared Pipeline lib (envoyproxy#158)

* Update lyft/envoy commit Id to latest. (envoyproxy#161)

* Update lyft/envoy commit Id to latest.

* Remove the comment about pull request

* Add new line - will delete in next commit.

* Update repositories.bzl (envoyproxy#169)

* Always set response latency (envoyproxy#172)

* Update mixerclient to sync_transport change. (envoyproxy#178)

* Use opaque config to turn on/off forward attribute and mixer filter (envoyproxy#179)

* Modify mixer filter

* Swap defaults

* Make the filter decoder only

* cache mixer disabled decision

* Fix a bug in opaque config change and test it out (envoyproxy#182)

* Fix a bug and test it out

* Update filter type

* Update README.md

* Update mixer client to mixer api with gogoproto. (envoyproxy#184)

* Move .bazelrc to tools/bazel.rc (envoyproxy#186)

* Move .bazelrc to tools/bazel.rc

* Update Jenkinsfile with latest version of pipeline

* Support apikey based traffic restriction (envoyproxy#189)

* b/36368559 support apikey based traffic restriction

* Fixed code formatting

* Fix crash in unreachable/overloaded RDS (envoyproxy#190)

* Add mixer client end to end integration test. (envoyproxy#177)

* Add mixer client end to end integration test.

* Split some repositories into a separate file.

* use real mixer for fake mixer_server.

* Test repository

* use mixer bzl file.

* Use mixer repositories

* Not to use mixer repository.

* Add return line at the end of WORKSPACE.

* Fix broken link (envoyproxy#193)

* Make quota call (envoyproxy#192)

* hookup quota call

* Make quota call.

* Update indent.

* Update envoy and update configs (envoyproxy#195)

* Update envoy and update configs

* Use gcc-4.9 for travis

* Use bazel 0.4.5

* Fix SHA of lightstep-tracer-common

* Enable check cache and refactory mixer config loading  (envoyproxy#197)

* Refactory the mixer config loading.

* fix format

* Add integration test.

* updated README.md

* s/send/sent/

* Split into separate tests. (envoyproxy#201)

* Update README on how to enable check cache. (envoyproxy#204)

* Update README on how to enable check cache.

* Update the comment.

* build: support Envoy native Bazel build. (envoyproxy#210)

* build: support Envoy native Bazel build.

This patch switches the Envoy build from src/envoy/repositories.bzl to
using the upstream native build.

See envoyproxy#663 for the corresponding changes
on the Envoy side.

* Use Envoy master with BUILD.wip rename merged.

* Fix clang-format issues.

* Fixes bazel.rc issues (envoyproxy#212)

* Fixes bazel rc issues

* Update Jenkins to latest pipeline version

* Fix go build (envoyproxy#224)

* Use TranscoderInputStream to reduce confusion around ByteCount() (envoyproxy#225)

* Add TranscoderInputStream to reduce confusion

* fix_format

* Merge latest changes from rate_limiting to master (envoyproxy#221)

* Point to googleapi in service control client. (envoyproxy#91)

* Point to googleapi in service control client.

* Use git repository for service-control-client.

* Merge latest changes from master (envoyproxy#104)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Extract quota config from service config. (envoyproxy#101)

* Add metric_cost in config.

* Remove group rules.

* Call loadQuotaConfig in config::create.

* Update latest update from master branch (envoyproxy#106)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Added quota contoll without the service control client library (envoyproxy#93)

* Added quota contoll without the service control client library

* Applied code review

* Applied code review

* Resolve conflicts

* Resolve conflicts

* Fixed format error reported by script/check-style

* Fixed a bug at Aggregated::GetAuthToken that causes Segmentation Fault

* Changed usage of template funcion

* Applied latest changes from the repo

* Applied latest changes from the repo

* Applied latest changes from the repo

* Adde comments

* Updated log information

* Applied envoyproxy#101

* Changed metric_cost_map to metric_cost_vector

* Fixed test case compilation error

* Fixed test case compilation error

* Add unit test for quota config. (envoyproxy#108)

* Add unit test for quota config.

* Add comments.

* Update test specifics.

* Merge latest changes from master branch (envoyproxy#112)

* Get attributes from envoy config. (envoyproxy#87)

* Send all attributes.

* Remove unused const strings.

* Address comment.

* updated SHA to point to newer envoy with RDS API feature (envoyproxy#94)

* Disable travis on stable branches (envoyproxy#96)

* Publish debug binaries (no release yet) (envoyproxy#98)

* Copies the binary instead of linking for release (envoyproxy#102)

* Not to use api_key if its service is not actived. (envoyproxy#109)

* If QuotaControl service is not available, return utils::Status::OK (envoyproxy#113)

* If QuotaControl service is not available, return utils::Status::OK

* Updated comment

* Return HTTP status code 429 on google.rpc.Code.RESOURCE_EXHAUSTED (envoyproxy#119)

* Fixed incorrectly resolved conflicts (envoyproxy#123)

* Added unit test cases for rate limiting (envoyproxy#124)

* Fixed incorrectly resolved conflicts

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Added unit test cases for rate limiting

* Rename response.http.code (envoyproxy#125) (envoyproxy#128)

* Added handling of error code QUOTA_SYSTEM_UNAVAILABLE (envoyproxy#148)

* Integrated service control client library with quota cache aggregation (envoyproxy#149)

* Fixed error on merge (envoyproxy#151)

* Integrated service control client library with quota cache aggregation

* Fixed error on merge

* Fixed the compatibility issue with the latest update on esp (envoyproxy#152)

* Removed copied proto files (envoyproxy#208)

* Set default allocate quota request timeout to 1sec and applied latest service control client library change (envoyproxy#211)

* Merged key_restriction related changes from master (envoyproxy#213)

* Merge latest changes from master branch (envoyproxy#217)

* Not call report if decodeHeaders is not called. (envoyproxy#150)

* Update mixerclient with sync-ed grpc write and fail-fast. (envoyproxy#155)

* Update mixerclient with sync-ed write and fail-fast.

* Update to latest test.

* Update again

* Update envoy to PR553 (envoyproxy#156)

* Update envoy to PR553

* Update libevent to 2.1.8

* Uses a specific version of the Shared Pipeline lib (envoyproxy#158)

* Update lyft/envoy commit Id to latest. (envoyproxy#161)

* Update lyft/envoy commit Id to latest.

* Remove the comment about pull request

* Add new line - will delete in next commit.

* Update repositories.bzl (envoyproxy#169)

* Always set response latency (envoyproxy#172)

* Update mixerclient to sync_transport change. (envoyproxy#178)

* Use opaque config to turn on/off forward attribute and mixer filter (envoyproxy#179)

* Modify mixer filter

* Swap defaults

* Make the filter decoder only

* cache mixer disabled decision

* Fix a bug in opaque config change and test it out (envoyproxy#182)

* Fix a bug and test it out

* Update filter type

* Update README.md

* Update mixer client to mixer api with gogoproto. (envoyproxy#184)

* Move .bazelrc to tools/bazel.rc (envoyproxy#186)

* Move .bazelrc to tools/bazel.rc

* Update Jenkinsfile with latest version of pipeline

* Support apikey based traffic restriction (envoyproxy#189)

* b/36368559 support apikey based traffic restriction

* Fixed code formatting

* Fix crash in unreachable/overloaded RDS (envoyproxy#190)

* Add mixer client end to end integration test. (envoyproxy#177)

* Add mixer client end to end integration test.

* Split some repositories into a separate file.

* use real mixer for fake mixer_server.

* Test repository

* use mixer bzl file.

* Use mixer repositories

* Not to use mixer repository.

* Add return line at the end of WORKSPACE.

* Fix broken link (envoyproxy#193)

* Make quota call (envoyproxy#192)

* hookup quota call

* Make quota call.

* Update indent.

* Update envoy and update configs (envoyproxy#195)

* Update envoy and update configs

* Use gcc-4.9 for travis

* Use bazel 0.4.5

* Fix SHA of lightstep-tracer-common

* Enable check cache and refactory mixer config loading  (envoyproxy#197)

* Refactory the mixer config loading.

* fix format

* Add integration test.

* updated README.md

* s/send/sent/

* Split into separate tests. (envoyproxy#201)

* Update README on how to enable check cache. (envoyproxy#204)

* Update README on how to enable check cache.

* Update the comment.

* build: support Envoy native Bazel build. (envoyproxy#210)

* build: support Envoy native Bazel build.

This patch switches the Envoy build from src/envoy/repositories.bzl to
using the upstream native build.

See envoyproxy#663 for the corresponding changes
on the Envoy side.

* Use Envoy master with BUILD.wip rename merged.

* Fix clang-format issues.

* Fixes bazel.rc issues (envoyproxy#212)

* Fixes bazel rc issues

* Update Jenkins to latest pipeline version

* Updated the commit id of cloudendpoints/service-control-client-cxx (envoyproxy#218)

* Update commitid of cloudendpoints/service-control-client-cxx repo (envoyproxy#220)

* Send delta metrics for intermediate reports. (envoyproxy#219)

* Send delta metrics for intermediate reports.

* Move last_request_bytes/last_response_bytes to RequestContext.

* Handle final report.

* Address comment.

* Update attributes to match the canonical attribute list. (envoyproxy#232)

* Update response.http.code to response.code and response.latency to response.duration to line up with the canonical attributes in istio/istio.github.io/docs/concepts/attributes.md

* Format according to clang-format

* Add envoy Buffer based TranscoderInputStream (envoyproxy#231)

* Add envoy Buffer based TranscoderInputStream

* fix format

* A few doc changes for consistency across repos. (envoyproxy#235)

* Add repositories.bzl

* Added missing export setting in bazel configuration (envoyproxy#236)

* Added export missing in bazel configuration

* Added export missing in bazel configuration

* Allow HTTP functions in firebase rules to specify audience (envoyproxy#244)

* Allow HTTP functions in firebase rules to specify audience

* Allow GetAuthToken to ignore cache and fix style checks.

* Fix GetAuthToken

* Address Wayne's comment

* Check for empty response body

* Remove .bazelrc.jenkins file not present in the master branch.

* Remove forward_attribute_filter.cc not present in master.
lizan pushed a commit that referenced this issue Mar 3, 2020
Description: Remove empty slices off the end of buffers after calls to OwnedImpl::commit. The slices reserved when OwnedImpl::reserve is called will sit unused in cases where the 0 bytes are commited, for example, when socket read returns 0 bytes EAGAIN. Trapped slices act like a memory leak until there is a successful read or the socket is closed.
Risk Level: low
Testing: unit
Docs Changes: n/a
Release Notes: n/a

Signed-off-by: Antonio Vicente <[email protected]>
Signed-off-by: Asra Ali <[email protected]>
Signed-off-by: Yangmin Zhu <[email protected]>
LukeShu pushed a commit to datawire/envoy that referenced this issue Apr 6, 2020
…y#128)

Description: Remove empty slices off the end of buffers after calls to OwnedImpl::commit. The slices reserved when OwnedImpl::reserve is called will sit unused in cases where the 0 bytes are commited, for example, when socket read returns 0 bytes EAGAIN. Trapped slices act like a memory leak until there is a successful read or the socket is closed.
Risk Level: low
Testing: unit
Docs Changes: n/a
Release Notes: n/a

Signed-off-by: Antonio Vicente <[email protected]>
Signed-off-by: Asra Ali <[email protected]>
Signed-off-by: Yangmin Zhu <[email protected]>
wolfguoliang pushed a commit to wolfguoliang/envoy that referenced this issue Jan 23, 2021
…filter

zh-translation: docs/root/intro/arch_overview/security/jwt_authn_filt…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Feature requests. Not bugs or questions. help wanted Needs help!
Projects
None yet
Development

Successfully merging a pull request may close this issue.

10 participants