diff --git a/galley/pkg/config/processing/runtime_test.go b/galley/pkg/config/processing/runtime_test.go index 138be211cca5..ebc280e56e1c 100644 --- a/galley/pkg/config/processing/runtime_test.go +++ b/galley/pkg/config/processing/runtime_test.go @@ -22,6 +22,8 @@ import ( . "github.com/onsi/gomega" "istio.io/api/mesh/v1alpha1" + "istio.io/pkg/log" + "istio.io/istio/galley/pkg/config/event" "istio.io/istio/galley/pkg/config/meshcfg" "istio.io/istio/galley/pkg/config/resource" @@ -29,7 +31,6 @@ import ( "istio.io/istio/galley/pkg/config/source/kube/inmemory" "istio.io/istio/galley/pkg/config/testing/basicmeta" "istio.io/istio/galley/pkg/config/testing/fixtures" - "istio.io/pkg/log" ) func init() { diff --git a/galley/pkg/config/processing/session.go b/galley/pkg/config/processing/session.go index 264cbab2f90f..9603492fe0bd 100644 --- a/galley/pkg/config/processing/session.go +++ b/galley/pkg/config/processing/session.go @@ -21,6 +21,7 @@ import ( "github.com/gogo/protobuf/proto" "istio.io/api/mesh/v1alpha1" + "istio.io/istio/galley/pkg/config/event" "istio.io/istio/galley/pkg/config/meshcfg" "istio.io/istio/galley/pkg/config/scope" diff --git a/galley/pkg/source/kube/dynamic/converter/converter_test.go b/galley/pkg/source/kube/dynamic/converter/converter_test.go index 7e166e3fdc14..cdb555bc33ba 100644 --- a/galley/pkg/source/kube/dynamic/converter/converter_test.go +++ b/galley/pkg/source/kube/dynamic/converter/converter_test.go @@ -25,9 +25,10 @@ import ( authn "istio.io/api/authentication/v1alpha1" meshcfg "istio.io/api/mesh/v1alpha1" + "istio.io/istio/galley/pkg/meshconfig" "istio.io/istio/galley/pkg/runtime/resource" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" extensions "k8s.io/api/extensions/v1beta1" metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -544,7 +545,7 @@ func TestKubeIngressResource(t *testing.T) { } func TestShouldProcessIngress(t *testing.T) { - istio := config.DefaultMeshConfig().IngressClass + istio := mesh.DefaultMeshConfig().IngressClass cases := []struct { ingressClass string ingressMode meshcfg.MeshConfig_IngressControllerMode @@ -575,7 +576,7 @@ func TestShouldProcessIngress(t *testing.T) { }, } - mesh := config.DefaultMeshConfig() + mesh := mesh.DefaultMeshConfig() mesh.IngressControllerMode = c.ingressMode cch := meshconfig.NewInMemory() cch.Set(mesh) diff --git a/istioctl/cmd/kubeinject.go b/istioctl/cmd/kubeinject.go index 06861062d72e..c3b597cdc26f 100644 --- a/istioctl/cmd/kubeinject.go +++ b/istioctl/cmd/kubeinject.go @@ -27,12 +27,13 @@ import ( "go.uber.org/multierr" meshconfig "istio.io/api/mesh/v1alpha1" + "istio.io/pkg/log" + "istio.io/pkg/version" + "istio.io/istio/pilot/cmd" "istio.io/istio/pilot/pkg/kube/inject" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/kube" - "istio.io/pkg/log" - "istio.io/pkg/version" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" @@ -72,7 +73,7 @@ func getMeshConfigFromConfigMap(kubeconfig string) (*meshconfig.MeshConfig, erro if !exists { return nil, fmt.Errorf("missing configuration map key %q", configMapKey) } - cfg, err := config.ApplyMeshConfigDefaults(configYaml) + cfg, err := mesh.ApplyMeshConfigDefaults(configYaml) if err != nil { err = multierr.Append(fmt.Errorf("istioctl version %s cannot parse mesh config. Install istioctl from the latest Istio release", version.Info.Version), err) diff --git a/pilot/cmd/cmd.go b/pilot/cmd/cmd.go index ae9cf833d209..f5adea0f5197 100644 --- a/pilot/cmd/cmd.go +++ b/pilot/cmd/cmd.go @@ -20,7 +20,8 @@ import ( "github.com/hashicorp/go-multierror" meshconfig "istio.io/api/mesh/v1alpha1" - "istio.io/istio/pkg/config" + + "istio.io/istio/pkg/config/mesh" ) // ReadMeshConfig gets mesh configuration from a config file @@ -29,7 +30,7 @@ func ReadMeshConfig(filename string) (*meshconfig.MeshConfig, error) { if err != nil { return nil, multierror.Prefix(err, "cannot read mesh config file") } - return config.ApplyMeshConfigDefaults(string(yaml)) + return mesh.ApplyMeshConfigDefaults(string(yaml)) } // ReadMeshNetworksConfig gets mesh networks configuration from a config file @@ -38,5 +39,5 @@ func ReadMeshNetworksConfig(filename string) (*meshconfig.MeshNetworks, error) { if err != nil { return nil, multierror.Prefix(err, "cannot read networks config file") } - return config.LoadMeshNetworksConfig(string(yaml)) + return mesh.LoadMeshNetworksConfig(string(yaml)) } diff --git a/pilot/cmd/pilot-agent/main.go b/pilot/cmd/pilot-agent/main.go index 5b689eabff2e..da9dea7fe3c7 100644 --- a/pilot/cmd/pilot-agent/main.go +++ b/pilot/cmd/pilot-agent/main.go @@ -47,7 +47,9 @@ import ( "istio.io/istio/pkg/cmd" "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/spiffe" + "istio.io/istio/pkg/util/protomarshal" ) const jwtPath = "/var/run/secrets/kubernetes.io/serviceaccount/token" @@ -182,7 +184,7 @@ var ( // dedupe cert paths so we don't set up 2 watchers for the same file: tlsCertsToWatch = dedupeStrings(tlsCertsToWatch) - proxyConfig := config.DefaultProxyConfig() + proxyConfig := mesh.DefaultProxyConfig() // set all flags proxyConfig.CustomConfigFile = customConfigFile @@ -282,7 +284,7 @@ var ( return err } - if out, err := config.ToYAML(&proxyConfig); err != nil { + if out, err := protomarshal.ToYAML(&proxyConfig); err != nil { log.Infof("Failed to serialize to YAML: %v", err) } else { log.Infof("Effective config: %s", out) @@ -562,7 +564,7 @@ func init() { "Ports exposed by the application. Used to determine that Envoy is configured and ready to receive traffic.") // Flags for proxy configuration - values := config.DefaultProxyConfig() + values := mesh.DefaultProxyConfig() proxyCmd.PersistentFlags().StringVar(&configPath, "configPath", values.ConfigPath, "Path to the generated configuration file directory") proxyCmd.PersistentFlags().StringVar(&binaryPath, "binaryPath", values.BinaryPath, diff --git a/pilot/pkg/bootstrap/server.go b/pilot/pkg/bootstrap/server.go index c7fd7d0542df..e379eddabaad 100644 --- a/pilot/pkg/bootstrap/server.go +++ b/pilot/pkg/bootstrap/server.go @@ -74,6 +74,7 @@ import ( srmemory "istio.io/istio/pilot/pkg/serviceregistry/memory" "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" + "istio.io/istio/pkg/config/mesh" istiokeepalive "istio.io/istio/pkg/keepalive" kubelib "istio.io/istio/pkg/kube" configz "istio.io/istio/pkg/mcp/configz/client" @@ -344,14 +345,14 @@ func (s *Server) initClusterRegistries(args *PilotArgs) (err error) { func GetMeshConfig(kube kubernetes.Interface, namespace, name string) (*v1.ConfigMap, *meshconfig.MeshConfig, error) { if kube == nil { - defaultMesh := config.DefaultMeshConfig() + defaultMesh := mesh.DefaultMeshConfig() return nil, &defaultMesh, nil } cfg, err := kube.CoreV1().ConfigMaps(namespace).Get(name, meta_v1.GetOptions{}) if err != nil { if errors.IsNotFound(err) { - defaultMesh := config.DefaultMeshConfig() + defaultMesh := mesh.DefaultMeshConfig() return nil, &defaultMesh, nil } return nil, nil, err @@ -364,7 +365,7 @@ func GetMeshConfig(kube kubernetes.Interface, namespace, name string) (*v1.Confi return nil, nil, fmt.Errorf("missing configuration map key %q", ConfigMapKey) } - mesh, err := config.ApplyMeshConfigDefaults(cfgYaml) + mesh, err := mesh.ApplyMeshConfigDefaults(cfgYaml) if err != nil { return nil, nil, err } diff --git a/pilot/pkg/config/kube/crd/conversion.go b/pilot/pkg/config/kube/crd/conversion.go index fb760ad24123..8571acce53f7 100644 --- a/pilot/pkg/config/kube/crd/conversion.go +++ b/pilot/pkg/config/kube/crd/conversion.go @@ -28,8 +28,8 @@ import ( "istio.io/pkg/log" "istio.io/istio/pilot/pkg/model" - "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" + "istio.io/istio/pkg/util/protomarshal" ) // ConvertObject converts an IstioObject k8s-style object to the @@ -85,7 +85,7 @@ func ConvertObjectFromUnstructured(schema model.ProtoSchema, un *unstructured.Un // ConvertConfig translates Istio config to k8s config JSON func ConvertConfig(schema model.ProtoSchema, cfg model.Config) (IstioObject, error) { - spec, err := config.ToJSONMap(cfg.Spec) + spec, err := protomarshal.ToJSONMap(cfg.Spec) if err != nil { return nil, err } diff --git a/pilot/pkg/config/kube/ingress/conversion_test.go b/pilot/pkg/config/kube/ingress/conversion_test.go index f3e46a5db472..c24c43059631 100644 --- a/pilot/pkg/config/kube/ingress/conversion_test.go +++ b/pilot/pkg/config/kube/ingress/conversion_test.go @@ -23,8 +23,9 @@ import ( meshconfig "istio.io/api/mesh/v1alpha1" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pilot/pkg/model" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) func TestConversion(t *testing.T) { @@ -180,7 +181,7 @@ func TestEncoding(t *testing.T) { } func TestIngressClass(t *testing.T) { - istio := config.DefaultMeshConfig().IngressClass + istio := mesh.DefaultMeshConfig().IngressClass cases := []struct { ingressClass string ingressMode meshconfig.MeshConfig_IngressControllerMode @@ -211,7 +212,7 @@ func TestIngressClass(t *testing.T) { }, } - mesh := config.DefaultMeshConfig() + mesh := mesh.DefaultMeshConfig() mesh.IngressControllerMode = c.ingressMode if c.ingressClass != "" { diff --git a/pilot/pkg/config/kube/ingress/status_test.go b/pilot/pkg/config/kube/ingress/status_test.go index 43b8a25b83a1..6e85e5f5cc90 100644 --- a/pilot/pkg/config/kube/ingress/status_test.go +++ b/pilot/pkg/config/kube/ingress/status_test.go @@ -25,10 +25,11 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes/fake" - meshconfig "istio.io/api/mesh/v1alpha1" + meshapi "istio.io/api/mesh/v1alpha1" + "istio.io/istio/pilot/pkg/serviceregistry/kube" kubecontroller "istio.io/istio/pilot/pkg/serviceregistry/kube/controller" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) var ( @@ -120,14 +121,14 @@ func makeFakeClient() *fake.Clientset { } func makeStatusSyncer(t *testing.T, client kubernetes.Interface) (*StatusSyncer, error) { - mesh := config.DefaultMeshConfig() - mesh.IngressService = "istio-ingress" + m := mesh.DefaultMeshConfig() + m.IngressService = "istio-ingress" oldEnvs := setAndRestoreEnv(t, map[string]string{"POD_NAME": pod, "POD_NAMESPACE": testNamespace}) // Restore env settings defer setAndRestoreEnv(t, oldEnvs) - return NewStatusSyncer(&mesh, client, testNamespace, kubecontroller.Options{ + return NewStatusSyncer(&m, client, testNamespace, kubecontroller.Options{ WatchedNamespace: testNamespace, ResyncPeriod: resync, }) @@ -151,36 +152,36 @@ func setAndRestoreEnv(t *testing.T, inputs map[string]string) map[string]string func TestConvertIngressControllerMode(t *testing.T) { cases := []struct { Annotation string - Mode meshconfig.MeshConfig_IngressControllerMode + Mode meshapi.MeshConfig_IngressControllerMode Ignore bool }{ { - Mode: meshconfig.MeshConfig_DEFAULT, + Mode: meshapi.MeshConfig_DEFAULT, Annotation: "", Ignore: true, }, { - Mode: meshconfig.MeshConfig_DEFAULT, + Mode: meshapi.MeshConfig_DEFAULT, Annotation: "istio", Ignore: true, }, { - Mode: meshconfig.MeshConfig_DEFAULT, + Mode: meshapi.MeshConfig_DEFAULT, Annotation: "nginx", Ignore: false, }, { - Mode: meshconfig.MeshConfig_STRICT, + Mode: meshapi.MeshConfig_STRICT, Annotation: "", Ignore: false, }, { - Mode: meshconfig.MeshConfig_STRICT, + Mode: meshapi.MeshConfig_STRICT, Annotation: "istio", Ignore: true, }, { - Mode: meshconfig.MeshConfig_STRICT, + Mode: meshapi.MeshConfig_STRICT, Annotation: "nginx", Ignore: false, }, diff --git a/pilot/pkg/kube/inject/inject_test.go b/pilot/pkg/kube/inject/inject_test.go index 7117a3c6a12d..fd20fc6b396f 100644 --- a/pilot/pkg/kube/inject/inject_test.go +++ b/pilot/pkg/kube/inject/inject_test.go @@ -25,9 +25,10 @@ import ( "github.com/gogo/protobuf/types" - meshconfig "istio.io/api/mesh/v1alpha1" + meshapi "istio.io/api/mesh/v1alpha1" + "istio.io/istio/pilot/test/util" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) const ( @@ -512,16 +513,16 @@ func TestIntoResourceFile(t *testing.T) { for i, c := range cases { testName := fmt.Sprintf("[%02d] %s", i, c.want) t.Run(testName, func(t *testing.T) { - mesh := config.DefaultMeshConfig() + m := mesh.DefaultMeshConfig() if c.duration != 0 { - mesh.DefaultConfig.DrainDuration = types.DurationProto(c.duration) - mesh.DefaultConfig.ParentShutdownDuration = types.DurationProto(c.duration) - mesh.DefaultConfig.ConnectTimeout = types.DurationProto(c.duration) + m.DefaultConfig.DrainDuration = types.DurationProto(c.duration) + m.DefaultConfig.ParentShutdownDuration = types.DurationProto(c.duration) + m.DefaultConfig.ConnectTimeout = types.DurationProto(c.duration) } if c.tproxy { - mesh.DefaultConfig.InterceptionMode = meshconfig.ProxyConfig_TPROXY + m.DefaultConfig.InterceptionMode = meshapi.ProxyConfig_TPROXY } else { - mesh.DefaultConfig.InterceptionMode = meshconfig.ProxyConfig_REDIRECT + m.DefaultConfig.InterceptionMode = meshapi.ProxyConfig_REDIRECT } params := &Params{ @@ -535,7 +536,7 @@ func TestIntoResourceFile(t *testing.T) { Version: "12345678", EnableCoreDump: c.enableCoreDump, Privileged: c.privileged, - Mesh: &mesh, + Mesh: &m, DebugMode: c.debugMode, IncludeIPRanges: c.includeIPRanges, ExcludeIPRanges: c.excludeIPRanges, @@ -562,7 +563,7 @@ func TestIntoResourceFile(t *testing.T) { } defer func() { _ = in.Close() }() var got bytes.Buffer - if err = IntoResourceFile(sidecarTemplate, valuesConfig, &mesh, in, &got); err != nil { + if err = IntoResourceFile(sidecarTemplate, valuesConfig, &m, in, &got); err != nil { t.Fatalf("IntoResourceFile(%v) returned an error: %v", inputFilePath, err) } @@ -641,7 +642,7 @@ func TestRewriteAppProbe(t *testing.T) { for i, c := range cases { testName := fmt.Sprintf("[%02d] %s", i, c.want) t.Run(testName, func(t *testing.T) { - mesh := config.DefaultMeshConfig() + m := mesh.DefaultMeshConfig() params := &Params{ InitImage: InitImageName(unitTestHub, unitTestTag, false), ProxyImage: ProxyImageName(unitTestHub, unitTestTag, false), @@ -664,7 +665,7 @@ func TestRewriteAppProbe(t *testing.T) { } defer func() { _ = in.Close() }() var got bytes.Buffer - if err = IntoResourceFile(sidecarTemplate, valuesConfig, &mesh, in, &got); err != nil { + if err = IntoResourceFile(sidecarTemplate, valuesConfig, &m, in, &got); err != nil { t.Fatalf("IntoResourceFile(%v) returned an error: %v", inputFilePath, err) } @@ -778,7 +779,7 @@ func TestInvalidAnnotations(t *testing.T) { } func newTestParams() *Params { - mesh := config.DefaultMeshConfig() + m := mesh.DefaultMeshConfig() return &Params{ InitImage: InitImageName(unitTestHub, unitTestTag, false), ProxyImage: ProxyImageName(unitTestHub, unitTestTag, false), @@ -788,7 +789,7 @@ func newTestParams() *Params { SidecarProxyUID: DefaultSidecarProxyUID, Version: "12345678", EnableCoreDump: false, - Mesh: &mesh, + Mesh: &m, DebugMode: false, IncludeIPRanges: DefaultIncludeIPRanges, ExcludeIPRanges: "", diff --git a/pilot/pkg/kube/inject/webhook_test.go b/pilot/pkg/kube/inject/webhook_test.go index bf5cfc735251..1fd528e00a2b 100644 --- a/pilot/pkg/kube/inject/webhook_test.go +++ b/pilot/pkg/kube/inject/webhook_test.go @@ -35,8 +35,9 @@ import ( "github.com/onsi/gomega" "istio.io/api/annotation" + "istio.io/istio/pilot/test/util" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/mcp/testing/testcerts" "k8s.io/api/admission/v1beta1" @@ -821,7 +822,7 @@ func TestHelmInject(t *testing.T) { } func createTestWebhook(t testing.TB, sidecarTemplate string) (*Webhook, func()) { - mesh := config.DefaultMeshConfig() + m := mesh.DefaultMeshConfig() dir, err := ioutil.TempDir("", "webhook_test") if err != nil { t.Fatalf("TempDir() failed: %v", err) @@ -836,7 +837,7 @@ func createTestWebhook(t testing.TB, sidecarTemplate string) (*Webhook, func()) Template: sidecarTemplate, }, sidecarTemplateVersion: "unit-test-fake-version", - meshConfig: &mesh, + meshConfig: &m, valuesConfig: getValuesWithHelm(nil, t), }, cleanup } @@ -1295,12 +1296,12 @@ func createWebhook(t testing.TB, sidecarTemplate string) (*Webhook, func()) { } // mesh - mesh := config.DefaultMeshConfig() - m := jsonpb.Marshaler{ + m := mesh.DefaultMeshConfig() + marshaller := jsonpb.Marshaler{ Indent: " ", } var meshBytes bytes.Buffer - if err := m.Marshal(&meshBytes, &mesh); err != nil { // nolint: vetshadow + if err := marshaller.Marshal(&meshBytes, &m); err != nil { // nolint: vetshadow cleanup() t.Fatalf("yaml.Marshal(mesh) failed: %v", err) } @@ -1521,7 +1522,7 @@ func checkCert(t *testing.T, wh *Webhook, cert, key []byte) bool { } func BenchmarkInjectServe(b *testing.B) { - mesh := config.DefaultMeshConfig() + mesh := mesh.DefaultMeshConfig() params := &Params{ InitImage: InitImageName(unitTestHub, unitTestTag, false), ProxyImage: ProxyImageName(unitTestHub, unitTestTag, false), diff --git a/pilot/pkg/model/context_test.go b/pilot/pkg/model/context_test.go index b4e3f01ddee1..c259abd42720 100644 --- a/pilot/pkg/model/context_test.go +++ b/pilot/pkg/model/context_test.go @@ -15,16 +15,13 @@ package model_test import ( - "fmt" "reflect" "testing" "github.com/stretchr/testify/assert" - meshconfig "istio.io/api/mesh/v1alpha1" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/serviceregistry/memory" - "istio.io/istio/pkg/config" ) func TestServiceNode(t *testing.T) { @@ -84,103 +81,6 @@ func TestParsePort(t *testing.T) { } } -func TestDefaultConfig(t *testing.T) { - proxyConfig := config.DefaultProxyConfig() - if err := config.ValidateProxyConfig(&proxyConfig); err != nil { - t.Errorf("validation of default proxy config failed with %v", err) - } -} - -func TestDefaultMeshConfig(t *testing.T) { - mesh := config.DefaultMeshConfig() - if err := config.ValidateMeshConfig(&mesh); err != nil { - t.Errorf("validation of default mesh config failed with %v", err) - } -} - -func TestApplyMeshConfigDefaults(t *testing.T) { - configPath := "/test/config/patch" - yaml := fmt.Sprintf(` -defaultConfig: - configPath: %s -`, configPath) - - want := config.DefaultMeshConfig() - want.DefaultConfig.ConfigPath = configPath - - got, err := config.ApplyMeshConfigDefaults(yaml) - if err != nil { - t.Fatalf("ApplyMeshConfigDefaults() failed: %v", err) - } - if !reflect.DeepEqual(got, &want) { - t.Fatalf("Wrong default values:\n got %#v \nwant %#v", got, &want) - } -} - -func TestApplyMeshNetworksDefaults(t *testing.T) { - yml := fmt.Sprintf(` -networks: - network1: - endpoints: - - fromCidr: "192.168.0.1/24" - gateways: - - address: 1.1.1.1 - port: 80 - network2: - endpoints: - - fromRegistry: reg1 - gateways: - - registryServiceName: reg1 - port: 443 -`) - - want := config.EmptyMeshNetworks() - want.Networks = map[string]*meshconfig.Network{ - "network1": { - Endpoints: []*meshconfig.Network_NetworkEndpoints{ - { - Ne: &meshconfig.Network_NetworkEndpoints_FromCidr{ - FromCidr: "192.168.0.1/24", - }, - }, - }, - Gateways: []*meshconfig.Network_IstioNetworkGateway{ - { - Gw: &meshconfig.Network_IstioNetworkGateway_Address{ - Address: "1.1.1.1", - }, - Port: 80, - }, - }, - }, - "network2": { - Endpoints: []*meshconfig.Network_NetworkEndpoints{ - { - Ne: &meshconfig.Network_NetworkEndpoints_FromRegistry{ - FromRegistry: "reg1", - }, - }, - }, - Gateways: []*meshconfig.Network_IstioNetworkGateway{ - { - Gw: &meshconfig.Network_IstioNetworkGateway_RegistryServiceName{ - RegistryServiceName: "reg1", - }, - Port: 443, - }, - }, - }, - } - - got, err := config.LoadMeshNetworksConfig(yml) - if err != nil { - t.Fatalf("ApplyMeshNetworksDefaults() failed: %v", err) - } - if !reflect.DeepEqual(got, &want) { - t.Fatalf("Wrong values:\n got %#v \nwant %#v", got, &want) - } -} - func TestGetOrDefaultFromMap(t *testing.T) { meta := map[string]string{"key1": "key1ValueFromMap"} assert.Equal(t, "key1ValueFromMap", model.GetOrDefaultFromMap(meta, "key1", "unexpected")) diff --git a/pilot/pkg/model/conversion.go b/pilot/pkg/model/conversion.go index 91681c18e60a..e0298fd6457a 100644 --- a/pilot/pkg/model/conversion.go +++ b/pilot/pkg/model/conversion.go @@ -22,7 +22,7 @@ import ( "github.com/hashicorp/go-multierror" yaml2 "gopkg.in/yaml.v2" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/util/protomarshal" ) // Make creates a new instance of the proto message @@ -40,7 +40,7 @@ func (ps *ProtoSchema) FromJSON(js string) (proto.Message, error) { if err != nil { return nil, err } - if err = config.ApplyJSON(js, pb); err != nil { + if err = protomarshal.ApplyJSON(js, pb); err != nil { return nil, err } return pb, nil @@ -52,7 +52,7 @@ func (ps *ProtoSchema) FromYAML(yml string) (proto.Message, error) { if err != nil { return nil, err } - if err = config.ApplyYAML(yml, pb); err != nil { + if err = protomarshal.ApplyYAML(yml, pb); err != nil { return nil, err } return pb, nil diff --git a/pilot/pkg/model/conversion_test.go b/pilot/pkg/model/conversion_test.go index da0f6430c4bd..77f4145d85d1 100644 --- a/pilot/pkg/model/conversion_test.go +++ b/pilot/pkg/model/conversion_test.go @@ -26,8 +26,9 @@ import ( mpb "istio.io/api/mixer/v1" mccpb "istio.io/api/mixer/v1/config/client" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pilot/pkg/model" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/util/protomarshal" ) func TestApplyJSON(t *testing.T) { @@ -48,7 +49,7 @@ func TestApplyJSON(t *testing.T) { for i, c := range cases { t.Run(fmt.Sprintf("[%v]", i), func(tt *testing.T) { var got meshconfig.MeshConfig - err := config.ApplyJSON(c.in, &got) + err := protomarshal.ApplyJSON(c.in, &got) if err != nil { if !c.wantErr { tt.Fatalf("got unexpected error: %v", err) @@ -187,7 +188,7 @@ patterns: }, } - gotJSON, err := config.ToJSON(msg) + gotJSON, err := protomarshal.ToJSON(msg) if err != nil { t.Errorf("ToJSON failed: %v", err) } @@ -195,7 +196,7 @@ patterns: t.Errorf("ToJSON failed: \ngot %s, \nwant %s", gotJSON, strings.Join(strings.Fields(wantJSON), "")) } - if _, err = config.ToJSON(nil); err == nil { + if _, err = protomarshal.ToJSON(nil); err == nil { t.Error("should produce an error") } @@ -207,7 +208,7 @@ patterns: t.Errorf("FromYAML failed: got %+v want %+v", spew.Sdump(gotFromJSON), spew.Sdump(msg)) } - gotYAML, err := config.ToYAML(msg) + gotYAML, err := protomarshal.ToYAML(msg) if err != nil { t.Errorf("ToYAML failed: %v", err) } @@ -215,7 +216,7 @@ patterns: t.Errorf("ToYAML failed: \ngot %+v \nwant %+v", spew.Sdump(gotYAML), spew.Sdump(wantYAML)) } - if _, err = config.ToYAML(nil); err == nil { + if _, err = protomarshal.ToYAML(nil); err == nil { t.Error("should produce an error") } @@ -231,7 +232,7 @@ patterns: t.Errorf("should produce an error") } - gotJSONMap, err := config.ToJSONMap(msg) + gotJSONMap, err := protomarshal.ToJSONMap(msg) if err != nil { t.Errorf("ToJSONMap failed: %v", err) } @@ -239,7 +240,7 @@ patterns: t.Errorf("ToJSONMap failed: \ngot %vwant %v", spew.Sdump(gotJSONMap), spew.Sdump(wantJSONMap)) } - if _, err = config.ToJSONMap(nil); err == nil { + if _, err = protomarshal.ToJSONMap(nil); err == nil { t.Error("should produce an error") } @@ -322,7 +323,7 @@ trafficPolicy: t.Errorf("FromYAML should have failed using ProtoSchema with bad MessageName") } - gotJSON, err := config.ToJSON(msg) + gotJSON, err := protomarshal.ToJSON(msg) if err != nil { t.Errorf("ToJSON failed: %v", err) } @@ -330,7 +331,7 @@ trafficPolicy: t.Errorf("ToJSON failed: got %s, want %s", gotJSON, wantJSON) } - if _, err = config.ToJSON(nil); err == nil { + if _, err = protomarshal.ToJSON(nil); err == nil { t.Error("should produce an error") } @@ -342,7 +343,7 @@ trafficPolicy: t.Errorf("FromYAML failed: got %+v want %+v", spew.Sdump(gotFromJSON), spew.Sdump(msg)) } - gotYAML, err := config.ToYAML(msg) + gotYAML, err := protomarshal.ToYAML(msg) if err != nil { t.Errorf("ToYAML failed: %v", err) } @@ -350,7 +351,7 @@ trafficPolicy: t.Errorf("ToYAML failed: got %+v want %+v", spew.Sdump(gotYAML), spew.Sdump(wantYAML)) } - if _, err = config.ToYAML(nil); err == nil { + if _, err = protomarshal.ToYAML(nil); err == nil { t.Error("should produce an error") } @@ -366,7 +367,7 @@ trafficPolicy: t.Errorf("should produce an error") } - gotJSONMap, err := config.ToJSONMap(msg) + gotJSONMap, err := protomarshal.ToJSONMap(msg) if err != nil { t.Errorf("ToJSONMap failed: %v", err) } @@ -374,7 +375,7 @@ trafficPolicy: t.Errorf("ToJSONMap failed: \ngot %vwant %v", spew.Sdump(gotJSONMap), spew.Sdump(wantJSONMap)) } - if _, err = config.ToJSONMap(nil); err == nil { + if _, err = protomarshal.ToJSONMap(nil); err == nil { t.Error("should produce an error") } diff --git a/pilot/pkg/model/sidecar_test.go b/pilot/pkg/model/sidecar_test.go index d193a56cfebc..e83255217bb1 100644 --- a/pilot/pkg/model/sidecar_test.go +++ b/pilot/pkg/model/sidecar_test.go @@ -23,7 +23,9 @@ import ( "istio.io/api/mesh/v1alpha1" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) var ( @@ -193,7 +195,7 @@ func TestCreateSidecarScope(t *testing.T) { t.Run(fmt.Sprintf("[%d] %s", idx, tt.name), func(t *testing.T) { var found bool ps := NewPushContext() - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() ps.Env = &Environment{ Mesh: &meshConfig, } @@ -410,7 +412,7 @@ func TestSidecarOutboundTrafficPolicy(t *testing.T) { }, } - meshConfigWithRegistryOnly, err := config.ApplyMeshConfigDefaults(` + meshConfigWithRegistryOnly, err := mesh.ApplyMeshConfigDefaults(` outboundTrafficPolicy: mode: REGISTRY_ONLY `) @@ -426,7 +428,7 @@ outboundTrafficPolicy: }{ { name: "default MeshConfig, no Sidecar", - meshConfig: config.DefaultMeshConfig(), + meshConfig: mesh.DefaultMeshConfig(), sidecar: nil, outboundTrafficPolicy: &networking.OutboundTrafficPolicy{ Mode: networking.OutboundTrafficPolicy_ALLOW_ANY, @@ -434,7 +436,7 @@ outboundTrafficPolicy: }, { name: "default MeshConfig, sidecar without OutboundTrafficPolicy", - meshConfig: config.DefaultMeshConfig(), + meshConfig: mesh.DefaultMeshConfig(), sidecar: configWithoutOutboundTrafficPolicy, outboundTrafficPolicy: &networking.OutboundTrafficPolicy{ Mode: networking.OutboundTrafficPolicy_ALLOW_ANY, @@ -442,7 +444,7 @@ outboundTrafficPolicy: }, { name: "default MeshConfig, Sidecar with registry only", - meshConfig: config.DefaultMeshConfig(), + meshConfig: mesh.DefaultMeshConfig(), sidecar: configRegistryOnly, outboundTrafficPolicy: &networking.OutboundTrafficPolicy{ Mode: networking.OutboundTrafficPolicy_REGISTRY_ONLY, @@ -450,7 +452,7 @@ outboundTrafficPolicy: }, { name: "default MeshConfig, Sidecar with allow any", - meshConfig: config.DefaultMeshConfig(), + meshConfig: mesh.DefaultMeshConfig(), sidecar: configAllowAny, outboundTrafficPolicy: &networking.OutboundTrafficPolicy{ Mode: networking.OutboundTrafficPolicy_ALLOW_ANY, diff --git a/pilot/pkg/networking/core/v1alpha3/gateway_test.go b/pilot/pkg/networking/core/v1alpha3/gateway_test.go index 8b2e7c7f3c08..5e300b13743d 100644 --- a/pilot/pkg/networking/core/v1alpha3/gateway_test.go +++ b/pilot/pkg/networking/core/v1alpha3/gateway_test.go @@ -23,13 +23,14 @@ import ( http_conn "github.com/envoyproxy/go-control-plane/envoy/config/filter/network/http_connection_manager/v2" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pilot/pkg/features" pilot_model "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/core/v1alpha3/fakes" "istio.io/istio/pilot/pkg/networking/plugin" "istio.io/istio/pilot/pkg/networking/util" "istio.io/istio/pilot/pkg/security/model" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/proto" ) @@ -656,12 +657,12 @@ func buildEnv(t *testing.T, gateways []pilot_model.Config, virtualServices []pil } return nil, nil } - mesh := config.DefaultMeshConfig() + m := mesh.DefaultMeshConfig() env := pilot_model.Environment{ PushContext: pilot_model.NewPushContext(), ServiceDiscovery: serviceDiscovery, IstioConfigStore: configStore, - Mesh: &mesh, + Mesh: &m, MixerSAN: []string{}, } diff --git a/pilot/pkg/networking/core/v1alpha3/listener_test.go b/pilot/pkg/networking/core/v1alpha3/listener_test.go index ed339fc5f7ad..72d1fee50b09 100644 --- a/pilot/pkg/networking/core/v1alpha3/listener_test.go +++ b/pilot/pkg/networking/core/v1alpha3/listener_test.go @@ -30,11 +30,13 @@ import ( "github.com/gogo/protobuf/types" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pilot/pkg/features" "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/core/v1alpha3/fakes" "istio.io/istio/pilot/pkg/networking/plugin" "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/config/protocol" ) @@ -967,13 +969,13 @@ func buildListenerEnvWithVirtualServices(services []*model.Service, virtualServi }, } - mesh := config.DefaultMeshConfig() - mesh.EnableEnvoyAccessLogService = true + m := mesh.DefaultMeshConfig() + m.EnableEnvoyAccessLogService = true env := model.Environment{ PushContext: model.NewPushContext(), ServiceDiscovery: serviceDiscovery, IstioConfigStore: configStore, - Mesh: &mesh, + Mesh: &m, } return env diff --git a/pilot/pkg/networking/core/v1alpha3/route/route_test.go b/pilot/pkg/networking/core/v1alpha3/route/route_test.go index cb39b3efdad9..4f4b15cf98a7 100644 --- a/pilot/pkg/networking/core/v1alpha3/route/route_test.go +++ b/pilot/pkg/networking/core/v1alpha3/route/route_test.go @@ -23,9 +23,11 @@ import ( "github.com/onsi/gomega" networking "istio.io/api/networking/v1alpha3" + "istio.io/istio/pilot/pkg/model" "istio.io/istio/pilot/pkg/networking/core/v1alpha3/route" "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/config/protocol" ) @@ -66,7 +68,7 @@ func TestBuildHTTPRoutes(t *testing.T) { g := gomega.NewGomegaWithT(t) ttl := time.Nanosecond * 100 - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() push := &model.PushContext{ Env: &model.Environment{ Mesh: &meshConfig, @@ -126,7 +128,7 @@ func TestBuildHTTPRoutes(t *testing.T) { Spec: virtualServiceWithSubset, } - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() push := &model.PushContext{ Env: &model.Environment{ Mesh: &meshConfig, @@ -171,7 +173,7 @@ func TestBuildHTTPRoutes(t *testing.T) { Spec: virtualServiceWithSubsetWithPortLevelSettings, } - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() push := &model.PushContext{ Env: &model.Environment{ Mesh: &meshConfig, @@ -227,7 +229,7 @@ func TestBuildHTTPRoutes(t *testing.T) { rule.Subsets = []*networking.Subset{networkingSubset} cnfg.Spec = networkingDestinationRule - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() push := &model.PushContext{ Env: &model.Environment{ Mesh: &meshConfig, @@ -255,7 +257,7 @@ func TestBuildHTTPRoutes(t *testing.T) { t.Run("port selector based traffic policy", func(t *testing.T) { g := gomega.NewGomegaWithT(t) - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() push := &model.PushContext{ Env: &model.Environment{ Mesh: &meshConfig, diff --git a/pilot/pkg/networking/plugin/mixer/mixer_test.go b/pilot/pkg/networking/plugin/mixer/mixer_test.go index 3830081a8aec..5d0aa2451306 100644 --- a/pilot/pkg/networking/plugin/mixer/mixer_test.go +++ b/pilot/pkg/networking/plugin/mixer/mixer_test.go @@ -24,8 +24,9 @@ import ( "istio.io/api/annotation" meshconfig "istio.io/api/mesh/v1alpha1" mccpb "istio.io/api/mixer/v1/config/client" + "istio.io/istio/pilot/pkg/model" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) func TestTransportConfig(t *testing.T) { @@ -36,7 +37,7 @@ func TestTransportConfig(t *testing.T) { }{ { // defaults set - mesh: config.DefaultMeshConfig(), + mesh: mesh.DefaultMeshConfig(), node: model.Proxy{ Metadata: map[string]string{}, }, @@ -49,7 +50,7 @@ func TestTransportConfig(t *testing.T) { }, { // retry and retry times set - mesh: config.DefaultMeshConfig(), + mesh: mesh.DefaultMeshConfig(), node: model.Proxy{ Metadata: map[string]string{ annotation.PolicyCheckRetries.Name: "5", @@ -66,7 +67,7 @@ func TestTransportConfig(t *testing.T) { }, { // just retry amount set - mesh: config.DefaultMeshConfig(), + mesh: mesh.DefaultMeshConfig(), node: model.Proxy{ Metadata: map[string]string{ annotation.PolicyCheckRetries.Name: "1", @@ -81,7 +82,7 @@ func TestTransportConfig(t *testing.T) { }, { // fail open from node metadata - mesh: config.DefaultMeshConfig(), + mesh: mesh.DefaultMeshConfig(), node: model.Proxy{ Metadata: map[string]string{ annotation.PolicyCheck.Name: policyCheckDisable, diff --git a/pilot/pkg/proxy/envoy/proxy_test.go b/pilot/pkg/proxy/envoy/proxy_test.go index 62b1968996f9..9bbd440a8e90 100644 --- a/pilot/pkg/proxy/envoy/proxy_test.go +++ b/pilot/pkg/proxy/envoy/proxy_test.go @@ -19,11 +19,11 @@ import ( "reflect" "testing" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" ) func TestEnvoyArgs(t *testing.T) { - proxyConfig := config.DefaultProxyConfig() + proxyConfig := mesh.DefaultProxyConfig() proxyConfig.ServiceCluster = "my-cluster" proxyConfig.Concurrency = 8 diff --git a/pilot/pkg/proxy/envoy/v2/ads_test.go b/pilot/pkg/proxy/envoy/v2/ads_test.go index 06e5dc65225f..cf505b4cd0cd 100644 --- a/pilot/pkg/proxy/envoy/v2/ads_test.go +++ b/pilot/pkg/proxy/envoy/v2/ads_test.go @@ -21,8 +21,8 @@ import ( "istio.io/istio/pilot/pkg/model" v2 "istio.io/istio/pilot/pkg/proxy/envoy/v2" - "istio.io/istio/pkg/config" "istio.io/istio/pkg/test/env" + "istio.io/istio/pkg/util/protomarshal" "istio.io/istio/tests/util" xdsapi "github.com/envoyproxy/go-control-plane/envoy/api/v2" @@ -230,7 +230,7 @@ func TestAdsUpdate(t *testing.T) { if lbe[0].GetEndpoint().Address.GetSocketAddress().Address != "10.2.0.1" { t.Error("Expecting 10.2.0.1 got ", lbe[0].GetEndpoint().Address.GetSocketAddress().Address) } - strResponse, _ := config.ToJSONWithIndent(res1, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(res1, " ") _ = ioutil.WriteFile(env.IstioOut+"/edsv2_sidecar.json", []byte(strResponse), 0644) _ = server.EnvoyXdsServer.MemRegistry.AddEndpoint("adsupdate.default.svc.cluster.local", @@ -244,7 +244,7 @@ func TestAdsUpdate(t *testing.T) { if err != nil { t.Fatal("Recv2 failed", err) } - strResponse, _ = config.ToJSONWithIndent(res1, " ") + strResponse, _ = protomarshal.ToJSONWithIndent(res1, " ") _ = ioutil.WriteFile(env.IstioOut+"/edsv2_update.json", []byte(strResponse), 0644) } diff --git a/pilot/pkg/proxy/envoy/v2/cds_test.go b/pilot/pkg/proxy/envoy/v2/cds_test.go index b6401a01fa6f..2eeb702657c2 100644 --- a/pilot/pkg/proxy/envoy/v2/cds_test.go +++ b/pilot/pkg/proxy/envoy/v2/cds_test.go @@ -17,8 +17,8 @@ import ( "io/ioutil" "testing" - "istio.io/istio/pkg/config" "istio.io/istio/pkg/test/env" + "istio.io/istio/pkg/util/protomarshal" "istio.io/istio/tests/util" ) @@ -42,7 +42,7 @@ func TestCDS(t *testing.T) { return } - strResponse, _ := config.ToJSONWithIndent(res, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(res, " ") _ = ioutil.WriteFile(env.IstioOut+"/cdsv2_sidecar.json", []byte(strResponse), 0644) t.Log("CDS response", strResponse) diff --git a/pilot/pkg/proxy/envoy/v2/lds_test.go b/pilot/pkg/proxy/envoy/v2/lds_test.go index 8b5ba73dd29f..c7e315fe411b 100644 --- a/pilot/pkg/proxy/envoy/v2/lds_test.go +++ b/pilot/pkg/proxy/envoy/v2/lds_test.go @@ -24,6 +24,7 @@ import ( xdsapi_http_connection_manager "github.com/envoyproxy/go-control-plane/envoy/config/filter/network/http_connection_manager/v2" "istio.io/istio/pilot/pkg/features" + "istio.io/istio/pkg/util/protomarshal" testenv "istio.io/istio/mixer/test/client/env" "istio.io/istio/pilot/pkg/bootstrap" @@ -342,7 +343,7 @@ func TestLDS(t *testing.T) { return } - strResponse, _ := config.ToJSONWithIndent(res, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(res, " ") _ = ioutil.WriteFile(env.IstioOut+"/ldsv2_sidecar.json", []byte(strResponse), 0644) if len(res.Resources) == 0 { @@ -367,7 +368,7 @@ func TestLDS(t *testing.T) { t.Fatal("Failed to receive LDS", err) } - strResponse, _ := config.ToJSONWithIndent(res, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(res, " ") _ = ioutil.WriteFile(env.IstioOut+"/ldsv2_gateway.json", []byte(strResponse), 0644) diff --git a/pilot/pkg/proxy/envoy/v2/rds.go b/pilot/pkg/proxy/envoy/v2/rds.go index f968a48f11fc..443a866d18f6 100644 --- a/pilot/pkg/proxy/envoy/v2/rds.go +++ b/pilot/pkg/proxy/envoy/v2/rds.go @@ -22,8 +22,8 @@ import ( "github.com/gogo/protobuf/types" "istio.io/istio/pilot/pkg/model" - "istio.io/istio/pkg/config" "istio.io/istio/pkg/proto" + "istio.io/istio/pkg/util/protomarshal" ) func (s *DiscoveryServer) pushRoute(con *XdsConnection, push *model.PushContext, version string) error { @@ -32,7 +32,7 @@ func (s *DiscoveryServer) pushRoute(con *XdsConnection, push *model.PushContext, for _, r := range rawRoutes { con.RouteConfigs[r.Name] = r if adsLog.DebugEnabled() { - resp, _ := config.ToJSONWithIndent(r, " ") + resp, _ := protomarshal.ToJSONWithIndent(r, " ") adsLog.Debugf("RDS: Adding route:%s for node:%v", resp, con.modelNode.ID) } } diff --git a/pilot/pkg/proxy/envoy/v2/rds_test.go b/pilot/pkg/proxy/envoy/v2/rds_test.go index 8da20226b440..488255d33522 100644 --- a/pilot/pkg/proxy/envoy/v2/rds_test.go +++ b/pilot/pkg/proxy/envoy/v2/rds_test.go @@ -18,8 +18,8 @@ import ( "io/ioutil" "testing" - "istio.io/istio/pkg/config" "istio.io/istio/pkg/test/env" + "istio.io/istio/pkg/util/protomarshal" "istio.io/istio/tests/util" ) @@ -70,7 +70,7 @@ func TestRDS(t *testing.T) { t.Fatal("Failed to receive RDS", err) } - strResponse, _ := config.ToJSONWithIndent(res, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(res, " ") _ = ioutil.WriteFile(env.IstioOut+fmt.Sprintf("/rdsv2/%s_%d.json", tt.name, idx), []byte(strResponse), 0644) if len(res.Resources) == 0 { t.Fatal("No response") diff --git a/pilot/pkg/security/authz/model/permission_test.go b/pilot/pkg/security/authz/model/permission_test.go index 51acdc3d573e..bca81d014c49 100644 --- a/pilot/pkg/security/authz/model/permission_test.go +++ b/pilot/pkg/security/authz/model/permission_test.go @@ -22,7 +22,7 @@ import ( envoy_rbac "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v2" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/util/protomarshal" ) func TestPermission_Match(t *testing.T) { @@ -624,7 +624,7 @@ func TestPermission_Generate(t *testing.T) { } else { var gotYaml string if got != nil { - if gotYaml, err = config.ToYAML(got); err != nil { + if gotYaml, err = protomarshal.ToYAML(got); err != nil { t.Fatalf("%s: failed to parse yaml: %s", tc.name, err) } } @@ -634,7 +634,7 @@ func TestPermission_Generate(t *testing.T) { } } else { want := &envoy_rbac.Permission{} - if err := config.ApplyYAML(tc.wantYAML, want); err != nil { + if err := protomarshal.ApplyYAML(tc.wantYAML, want); err != nil { t.Fatalf("%s: failed to parse yaml: %s", tc.name, err) } diff --git a/pilot/pkg/security/authz/model/principal_test.go b/pilot/pkg/security/authz/model/principal_test.go index ab1c21f67007..af3db14e8448 100644 --- a/pilot/pkg/security/authz/model/principal_test.go +++ b/pilot/pkg/security/authz/model/principal_test.go @@ -22,7 +22,7 @@ import ( envoy_rbac "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v2" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/util/protomarshal" ) func TestPrincipal_ValidateForTCP(t *testing.T) { @@ -771,7 +771,7 @@ func TestPrincipal_Generate(t *testing.T) { } else { var gotYaml string if got != nil { - if gotYaml, err = config.ToYAML(got); err != nil { + if gotYaml, err = protomarshal.ToYAML(got); err != nil { t.Fatalf("%s: failed to parse yaml: %s", tc.name, err) } } @@ -781,7 +781,7 @@ func TestPrincipal_Generate(t *testing.T) { } } else { want := &envoy_rbac.Principal{} - if err := config.ApplyYAML(tc.wantYAML, want); err != nil { + if err := protomarshal.ApplyYAML(tc.wantYAML, want); err != nil { t.Fatalf("%s: failed to parse yaml: %s", tc.name, err) } diff --git a/pilot/pkg/security/authz/policy/v2/v2.go b/pilot/pkg/security/authz/policy/v2/v2.go index 26c250179803..488d395a78d9 100644 --- a/pilot/pkg/security/authz/policy/v2/v2.go +++ b/pilot/pkg/security/authz/policy/v2/v2.go @@ -22,10 +22,13 @@ import ( envoy_rbac "github.com/envoyproxy/go-control-plane/envoy/config/rbac/v2" istio_rbac "istio.io/api/rbac/v1alpha1" + "istio.io/istio/pilot/pkg/model" authz_model "istio.io/istio/pilot/pkg/security/authz/model" "istio.io/istio/pilot/pkg/security/authz/policy" "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" + istiolog "istio.io/pkg/log" ) @@ -114,7 +117,7 @@ func roleForBinding(binding *istio_rbac.ServiceRoleBinding, namespace string, ap } else if binding.Role != "" { if strings.HasPrefix(binding.Role, rootNamespacePrefix) { globalRoleName := strings.TrimPrefix(binding.Role, rootNamespacePrefix) - role = ap.RoleForNameAndNamespace(globalRoleName, config.DefaultMeshConfig().RootNamespace) + role = ap.RoleForNameAndNamespace(globalRoleName, mesh.DefaultMeshConfig().RootNamespace) } else { role = ap.RoleForNameAndNamespace(binding.Role, namespace) } diff --git a/pilot/tools/debug/pilot_cli.go b/pilot/tools/debug/pilot_cli.go index c9a638aba9a6..f135353b889f 100644 --- a/pilot/tools/debug/pilot_cli.go +++ b/pilot/tools/debug/pilot_cli.go @@ -72,7 +72,8 @@ import ( "k8s.io/client-go/tools/clientcmd" v2 "istio.io/istio/pilot/pkg/proxy/envoy/v2" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/util/protomarshal" + "istio.io/pkg/env" "istio.io/pkg/log" ) @@ -325,7 +326,7 @@ func main() { os.Exit(1) } - strResponse, _ := config.ToJSONWithIndent(resp, " ") + strResponse, _ := protomarshal.ToJSONWithIndent(resp, " ") if outputFile == nil || *outputFile == "" { fmt.Printf("%v\n", strResponse) } else if err := ioutil.WriteFile(*outputFile, []byte(strResponse), 0644); err != nil { diff --git a/pkg/config/mesh.go b/pkg/config/mesh/mesh.go similarity index 90% rename from pkg/config/mesh.go rename to pkg/config/mesh/mesh.go index 1755ffedb186..1ec26b16537d 100644 --- a/pkg/config/mesh.go +++ b/pkg/config/mesh/mesh.go @@ -20,7 +20,7 @@ // generate the configuration files for the Layer 7 proxy sidecar. The proxy // code is specific to individual proxy implementations -package config +package mesh import ( "time" @@ -30,7 +30,9 @@ import ( meshconfig "istio.io/api/mesh/v1alpha1" + "istio.io/istio/pkg/config" "istio.io/istio/pkg/config/constants" + "istio.io/istio/pkg/util/protomarshal" ) // DefaultProxyConfig for individual proxies @@ -56,7 +58,7 @@ func DefaultProxyConfig() meshconfig.ProxyConfig { // DefaultMeshConfig configuration func DefaultMeshConfig() meshconfig.MeshConfig { - config := DefaultProxyConfig() + proxyConfig := DefaultProxyConfig() return meshconfig.MeshConfig{ MixerCheckServer: "", MixerReportServer: "", @@ -70,7 +72,7 @@ func DefaultMeshConfig() meshconfig.MeshConfig { EnableTracing: true, AccessLogFile: "/dev/stdout", AccessLogEncoding: meshconfig.MeshConfig_TEXT, - DefaultConfig: &config, + DefaultConfig: &proxyConfig, SdsUdsPath: "", EnableSdsTokenMount: false, TrustDomain: "", @@ -86,7 +88,7 @@ func DefaultMeshConfig() meshconfig.MeshConfig { // input YAML with defaults applied to omitted configuration values. func ApplyMeshConfigDefaults(yaml string) (*meshconfig.MeshConfig, error) { out := DefaultMeshConfig() - if err := ApplyYAML(yaml, &out); err != nil { + if err := protomarshal.ApplyYAML(yaml, &out); err != nil { return nil, multierror.Prefix(err, "failed to convert to proto.") } @@ -99,16 +101,16 @@ func ApplyMeshConfigDefaults(yaml string) (*meshconfig.MeshConfig, error) { // Re-apply defaults to ProxyConfig if they were defined in the // original input MeshConfig.ProxyConfig. if prevDefaultConfig != nil { - origProxyConfigYAML, err := ToYAML(prevDefaultConfig) + origProxyConfigYAML, err := protomarshal.ToYAML(prevDefaultConfig) if err != nil { return nil, multierror.Prefix(err, "failed to re-encode default proxy config") } - if err := ApplyYAML(origProxyConfigYAML, out.DefaultConfig); err != nil { + if err := protomarshal.ApplyYAML(origProxyConfigYAML, out.DefaultConfig); err != nil { return nil, multierror.Prefix(err, "failed to convert to proto.") } } - if err := ValidateMeshConfig(&out); err != nil { + if err := config.ValidateMeshConfig(&out); err != nil { return nil, err } @@ -126,7 +128,7 @@ func EmptyMeshNetworks() meshconfig.MeshNetworks { // input YAML. func LoadMeshNetworksConfig(yaml string) (*meshconfig.MeshNetworks, error) { out := EmptyMeshNetworks() - if err := ApplyYAML(yaml, &out); err != nil { + if err := protomarshal.ApplyYAML(yaml, &out); err != nil { return nil, multierror.Prefix(err, "failed to convert to proto.") } diff --git a/pkg/config/mesh/mesh_test.go b/pkg/config/mesh/mesh_test.go new file mode 100644 index 000000000000..1a98da6cb09d --- /dev/null +++ b/pkg/config/mesh/mesh_test.go @@ -0,0 +1,123 @@ +// Copyright 2017 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mesh_test + +import ( + "fmt" + "reflect" + "testing" + + meshconfig "istio.io/api/mesh/v1alpha1" + + "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" +) + +func TestDefaultProxyConfig(t *testing.T) { + proxyConfig := mesh.DefaultProxyConfig() + if err := config.ValidateProxyConfig(&proxyConfig); err != nil { + t.Errorf("validation of default proxy config failed with %v", err) + } +} + +func TestDefaultMeshConfig(t *testing.T) { + m := mesh.DefaultMeshConfig() + if err := config.ValidateMeshConfig(&m); err != nil { + t.Errorf("validation of default mesh config failed with %v", err) + } +} + +func TestApplyMeshConfigDefaults(t *testing.T) { + configPath := "/test/config/patch" + yaml := fmt.Sprintf(` +defaultConfig: + configPath: %s +`, configPath) + + want := mesh.DefaultMeshConfig() + want.DefaultConfig.ConfigPath = configPath + + got, err := mesh.ApplyMeshConfigDefaults(yaml) + if err != nil { + t.Fatalf("ApplyMeshConfigDefaults() failed: %v", err) + } + if !reflect.DeepEqual(got, &want) { + t.Fatalf("Wrong default values:\n got %#v \nwant %#v", got, &want) + } +} + +func TestApplyMeshNetworksDefaults(t *testing.T) { + yml := fmt.Sprintf(` +networks: + network1: + endpoints: + - fromCidr: "192.168.0.1/24" + gateways: + - address: 1.1.1.1 + port: 80 + network2: + endpoints: + - fromRegistry: reg1 + gateways: + - registryServiceName: reg1 + port: 443 +`) + + want := mesh.EmptyMeshNetworks() + want.Networks = map[string]*meshconfig.Network{ + "network1": { + Endpoints: []*meshconfig.Network_NetworkEndpoints{ + { + Ne: &meshconfig.Network_NetworkEndpoints_FromCidr{ + FromCidr: "192.168.0.1/24", + }, + }, + }, + Gateways: []*meshconfig.Network_IstioNetworkGateway{ + { + Gw: &meshconfig.Network_IstioNetworkGateway_Address{ + Address: "1.1.1.1", + }, + Port: 80, + }, + }, + }, + "network2": { + Endpoints: []*meshconfig.Network_NetworkEndpoints{ + { + Ne: &meshconfig.Network_NetworkEndpoints_FromRegistry{ + FromRegistry: "reg1", + }, + }, + }, + Gateways: []*meshconfig.Network_IstioNetworkGateway{ + { + Gw: &meshconfig.Network_IstioNetworkGateway_RegistryServiceName{ + RegistryServiceName: "reg1", + }, + Port: 443, + }, + }, + }, + } + + got, err := mesh.LoadMeshNetworksConfig(yml) + if err != nil { + t.Fatalf("ApplyMeshNetworksDefaults() failed: %v", err) + } + if !reflect.DeepEqual(got, &want) { + t.Fatalf("Wrong values:\n got %#v \nwant %#v", got, &want) + } +} diff --git a/pkg/test/framework/components/pilot/native.go b/pkg/test/framework/components/pilot/native.go index 87f590601e14..75a3f9bd6245 100644 --- a/pkg/test/framework/components/pilot/native.go +++ b/pkg/test/framework/components/pilot/native.go @@ -22,11 +22,12 @@ import ( "github.com/hashicorp/go-multierror" - meshconfig "istio.io/api/mesh/v1alpha1" + meshapi "istio.io/api/mesh/v1alpha1" + "istio.io/istio/pilot/pkg/bootstrap" "istio.io/istio/pilot/pkg/proxy/envoy" "istio.io/istio/pilot/pkg/serviceregistry/kube/controller" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/test/env" "istio.io/istio/pkg/test/framework/components/environment/native" "istio.io/istio/pkg/test/framework/resource" @@ -84,10 +85,10 @@ func newNative(ctx resource.Context, cfg Config) (Instance, error) { SecureGrpcAddr: ":0", } - tmpMesh := config.DefaultMeshConfig() - mesh := &tmpMesh + tmpMesh := mesh.DefaultMeshConfig() + m := &tmpMesh if cfg.MeshConfig != nil { - mesh = cfg.MeshConfig + m = cfg.MeshConfig } bootstrapArgs := bootstrap.PilotArgs{ @@ -98,7 +99,7 @@ func newNative(ctx resource.Context, cfg Config) (Instance, error) { DomainSuffix: e.Domain, }, }, - MeshConfig: mesh, + MeshConfig: m, // Use the config store for service entries as well. Service: bootstrap.ServiceArgs{ // A ServiceEntry registry is added by default, which is what we want. Don't include any other registries. @@ -110,10 +111,10 @@ func newNative(ctx resource.Context, cfg Config) (Instance, error) { } if bootstrapArgs.MeshConfig == nil { - bootstrapArgs.MeshConfig = &meshconfig.MeshConfig{} + bootstrapArgs.MeshConfig = &meshapi.MeshConfig{} } // Set as MCP address, note needs to strip 'tcp://' from the address prefix - bootstrapArgs.MeshConfig.ConfigSources = []*meshconfig.ConfigSource{ + bootstrapArgs.MeshConfig.ConfigSources = []*meshapi.ConfigSource{ {Address: cfg.Galley.Address()[6:]}, } bootstrapArgs.MCPMaxMessageSize = bootstrap.DefaultMCPMaxMsgSize diff --git a/pkg/config/json_util.go b/pkg/util/protomarshal/protomarshal.go similarity index 99% rename from pkg/config/json_util.go rename to pkg/util/protomarshal/protomarshal.go index 3bb505c6d9c9..623b2d9c692e 100644 --- a/pkg/config/json_util.go +++ b/pkg/util/protomarshal/protomarshal.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package config +package protomarshal import ( "encoding/json" diff --git a/tests/integration/security/rbac/v2_test.go b/tests/integration/security/rbac/v2_test.go index 1e62813a79e6..e510dcecf9ba 100644 --- a/tests/integration/security/rbac/v2_test.go +++ b/tests/integration/security/rbac/v2_test.go @@ -17,7 +17,7 @@ package rbac import ( "testing" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/test/echo/common/scheme" "istio.io/istio/pkg/test/framework" "istio.io/istio/pkg/test/framework/components/echo" @@ -535,7 +535,7 @@ func TestV2_Extended(t *testing.T) { }, } - rootNamespace := config.DefaultMeshConfig().RootNamespace + rootNamespace := mesh.DefaultMeshConfig().RootNamespace namespaceTmpl := map[string]string{ "Namespace": ns.Name(), "RootNamespace": rootNamespace, diff --git a/tests/util/pilot_server.go b/tests/util/pilot_server.go index 4b3efac51544..6e0f340165d2 100644 --- a/tests/util/pilot_server.go +++ b/tests/util/pilot_server.go @@ -24,13 +24,14 @@ import ( "github.com/gogo/protobuf/types" + "istio.io/pkg/log" + "istio.io/istio/pilot/pkg/bootstrap" "istio.io/istio/pilot/pkg/proxy/envoy" "istio.io/istio/pilot/pkg/serviceregistry" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/keepalive" "istio.io/istio/pkg/test/env" - "istio.io/pkg/log" "k8s.io/apimachinery/pkg/util/wait" ) @@ -78,7 +79,7 @@ func setup(additionalArgs ...func(*bootstrap.PilotArgs)) (*bootstrap.Server, Tea } httpAddr := ":" + pilotHTTP - meshConfig := config.DefaultMeshConfig() + meshConfig := mesh.DefaultMeshConfig() // Create a test pilot discovery service configured to watch the tempDir. args := bootstrap.PilotArgs{ Namespace: "testing", diff --git a/tools/hyperistio/hyperistio.go b/tools/hyperistio/hyperistio.go index 6eec6fc1babb..e12600414cfb 100644 --- a/tools/hyperistio/hyperistio.go +++ b/tools/hyperistio/hyperistio.go @@ -26,12 +26,13 @@ import ( "github.com/gogo/protobuf/types" meshconfig "istio.io/api/mesh/v1alpha1" + mixerEnv "istio.io/istio/mixer/test/client/env" "istio.io/istio/pilot/pkg/bootstrap" "istio.io/istio/pilot/pkg/proxy/envoy" "istio.io/istio/pilot/pkg/serviceregistry" agent "istio.io/istio/pkg/bootstrap" - "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/mesh" "istio.io/istio/pkg/keepalive" "istio.io/istio/pkg/test/env" "istio.io/istio/tests/util" @@ -147,7 +148,7 @@ func startEnvoy() error { func startPilot() error { stop := make(chan struct{}) - mcfg := config.DefaultMeshConfig() + mcfg := mesh.DefaultMeshConfig() mcfg.ProxyHttpPort = 15002 // Create a test pilot discovery service configured to watch the tempDir.