util

package
v0.0.0-...-da93f2a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 31, 2024 License: Apache-2.0 Imports: 48 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Http2KeepaliveInterval = 30 * time.Second
	Http2KeepaliveTimeout  = 10 * time.Second
)
View Source 
const (
	// Default port for HTTP.
	HTTPDefaultPort = "80"

	// Default port for HTTPS.
	HTTPSDefaultPort = "443"
)
View Source 
const (
	// DefaultRootCAPaths is the default certs path.
	DefaultRootCAPaths = "/etc/ssl/certs/ca-certificates.crt"

	// JwtPayloadMetadataName is the field name passed into metadata
	JwtPayloadMetadataName = "jwt_payloads"

	GET     = "GET"
	PUT     = "PUT"
	POST    = "POST"
	DELETE  = "DELETE"
	PATCH   = "PATCH"
	OPTIONS = "OPTIONS"
	CUSTOM  = "CUSTOM"

	FixedRolloutStrategy   = "fixed"
	ManagedRolloutStrategy = "managed"

	ConfigIDPath          = "/computeMetadata/v1/instance/attributes/endpoints-service-version"
	GAEServerSoftwarePath = "/computeMetadata/v1/instance/attributes/gae_server_software"
	KubeEnvPath           = "/computeMetadata/v1/instance/attributes/kube-env"
	RolloutStrategyPath   = "/computeMetadata/v1/instance/attributes/endpoints-rollout-strategy"
	ServiceNamePath       = "/computeMetadata/v1/instance/attributes/endpoints-service-name"

	AccessTokenPath   = "/computeMetadata/v1/instance/service-accounts/default/token"
	IdentityTokenPath = "/computeMetadata/v1/instance/service-accounts/default/identity"
	ProjectIDPath     = "/computeMetadata/v1/project/project-id"

	// Cloud Run platform is regional, use the region path.
	RegionPath = "/computeMetadata/v1/instance/region"

	// GKE/GCE platforms are zonal. Regional path does not exist in IMDS.
	ZonePath = "/computeMetadata/v1/instance/zone"

	// The path of getting access token from token agent server
	TokenAgentAccessTokenPath = "/local/access_token"

	// b/147591854: This string must NOT have a trailing slash
	OpenIDDiscoveryCfgURLSuffix = "/.well-known/openid-configuration"

	// Platforms
	GAEFlex = "GAE_FLEX(ESPv2)"
	GKE     = "GKE(ESPv2)"
	GCE     = "GCE(ESPv2)"

	// System Parameter Name
	ApiKeyParameterName = "api_key"

	// retriable-status-codes retryOn policy
	RetryOnRetriableStatusCodes = "retriable-status-codes"
	// Default response deadline used if user does not specify one in the BackendRule.
	DefaultResponseDeadline = 15 * time.Second

	// Default idle timeout applied globally if not specified via flag.
	DefaultIdleTimeout = 5 * time.Minute

	// A limit configured to restrict resource usage in Envoy's SafeRegex GoogleRE2 matcher.
	// It will be validated on configmanager side though it may use different GoogleRE2 library.
	// b/148606900: It is safe to set this to a fairly high value.
	// This won't impact resource usage for customers who have short UriTemplates.
	GoogleRE2MaxProgramSize = 1000

	// Default jwt locations
	DefaultJwtHeaderNameAuthorization          = "Authorization"
	DefaultJwtHeaderValuePrefixBearer          = "Bearer "
	DefaultJwtHeaderNameXGoogleIapJwtAssertion = "X-Goog-Iap-Jwt-Assertion"
	DefaultJwtQueryParamAccessToken            = "access_token"

	// The suffix of jwtAuthn filter header to forward payload
	JwtAuthnForwardPayloadHeaderSuffix = "API-UserInfo"

	// Default api key locations
	DefaultApiKeyQueryParamKey    = "key"
	DefaultApiKeyQueryParamApiKey = "api_key"

	// Strict Transport Security header key and value
	HSTSHeaderKey   = "Strict-Transport-Security"
	HSTSHeaderValue = "max-age=31536000; includeSubdomains"

	// Standard type url prefix.
	TypeUrlPrefix = "type.googleapis.com/"

	// Loopback Address
	LoopbackIPv4Addr = "127.0.0.1"

	// All operations auto-generated by ESPv2 be in the format:
	// `{prefix}_{component}`, with an optional `_{formatted_path}` suffix.
	AutogeneratedOperationPrefix = "ESPv2_Autogenerated"

	// For operations not tied to a specific API.
	EspOperation = "espv2_deployment"

	// All traces created by ESPv2 should have this prefix.
	SpanNamePrefix = "ingress"

	// The maximum byte number of a span name. This restriction is from StackDriver.
	SpanNameMaxByteNum = 128

	// The stat prefix.
	StatPrefix = "ingress_http"

	// The suffix that forms the operation name header.
	OperationHeaderSuffix = "Api-Operation-Name"

	// The serverless platform for the flag --compute_platform_override
	// It is copied from SERVERLESS_PLATFORM at "docker/start_proxy.py"
	ServerlessPlatform = "Cloud Run(ESPv2)"

	// HTTPBackendProtocolKey is the HTTP backend rule key defined in backend rules.
	HTTPBackendProtocolKey = "http"
)
View Source 
const (
	// Echo network filter
	Echo = "envoy.filters.network.echo"
	// TLSTransportSocket is Envoy TLS Transport Socket name.
	TLSTransportSocket = "envoy.transport_sockets.tls"
	// AccessFileLogger filter name
	AccessFileLogger = "envoy.access_loggers.file"
	// UpstreamProtocolOptions is the xDS extension name for HTTP options.
	UpstreamProtocolOptions = "envoy.extensions.upstreams.http.v3.HttpProtocolOptions"

	IngressListenerName  = "ingress_listener"
	LoopbackListenerName = "loopback_listener"
)

Variables

View Source 
var (
	FetchRolloutIdURL = func(serviceControlUrl, serviceName string) string {
		return fmt.Sprintf("%v/v1/services/%s:report",
			serviceControlUrl, serviceName)
	}

	FetchRolloutsURL = func(serviceManagementUrl, serviceName string) string {
		return fmt.Sprintf("%s/v1/services/%s/rollouts?filter=status=SUCCESS",
			serviceManagementUrl, serviceName)
	}

	FetchConfigURL = func(serviceManagementUrl, serviceName, configId string) string {
		return fmt.Sprintf("%s/v1/services/%s/configs/%s?view=FULL",
			serviceManagementUrl, serviceName, configId)
	}
)
View Source 
var CallGoogleapis = func(client *http.Client, path, method string, getTokenFunc GetAccessTokenFunc, retryConfigs map[int]RetryConfig, output proto.Message) error {
	token, _, err := getTokenFunc()
	if err != nil {
		return fmt.Errorf("fail to get access token: %v", err)
	}

	var respBytes []byte
	var statusCode int

	callStatusCnts := map[int]int{}

	for {
		respBytes, statusCode, err = callWithAccessToken(client, path, method, token)
		if retryConfigs == nil {
			break
		} else if retryConfig, ok := retryConfigs[statusCode]; !ok {
			break
		} else if retryConfig.RetryNum <= callStatusCnts[statusCode] {
			break
		} else {
			callStatusCnts[statusCode] += 1
			glog.Warningf("after %v failures on status %v, retrying http call %s with %v remaining chances", callStatusCnts[statusCode], statusCode, path, retryConfig.RetryNum-callStatusCnts[statusCode])

			time.Sleep(retryConfig.RetryInterval)
		}
	}

	if err != nil {
		return err
	}

	err = UnmarshalBytesToPbMessage(respBytes, output)
	if err != nil {
		return err
	}

	return nil
}

Method to call servicecontrol for latest service rolloutId and servicecontrol for service rollout and service config.

View Source 
var CallGoogleapisMu sync.RWMutex

CallGoogleapisMu guards the access to CallGoogleapis. This is used in the test to fake CallGoogleapis.

View Source 
var HardCodedSkipServiceControlMethods = []string{
	"grpc.health.v1.Health.Check",
	"grpc.health.v1.Health.Watch",
}

HardCodedSkipServiceControlMethods is a list of methods that should skip service control by default.

View Source 
var NormalizeJsonList = func(input string) (string, error) {
	var jsonObject []interface{}
	if err := json.Unmarshal([]byte(input), &jsonObject); err != nil {
		return "", err
	}
	outputString, err := json.Marshal(jsonObject)
	return string(outputString), err
}

normalizeJsonList receives a json list string and returns normalized JSON string.

View Source 
var UnmarshalBytesToPbMessage = func(input []byte, output proto.Message) error {
	switch t := output.(type) {
	case *confpb.Service:
		if err := proto.Unmarshal(input, output.(*confpb.Service)); err != nil {
			return fmt.Errorf("fail to unmarshal %T: %v", t, err)
		}
	case *smpb.ListServiceRolloutsResponse:
		if err := proto.Unmarshal(input, output.(*smpb.ListServiceRolloutsResponse)); err != nil {
			return fmt.Errorf("fail to unmarshal %T: %v", t, err)
		}
	case *servicecontrolpb.ReportResponse:
		if err := proto.Unmarshal(input, output.(*servicecontrolpb.ReportResponse)); err != nil {
			return fmt.Errorf("fail to unmarshal %T: %v", t, err)
		}
		return nil
	default:
		return fmt.Errorf("not support unmarshalling %T", t)
	}
	return nil
}

UnmarshalBytesToPbMessage converts bytes to corresponding pb message.

Functions

func BackendClusterName 

func BackendClusterName(address string) string

Backend cluster'name will be in form of "backend-cluster-${BACKEND_ADDRESS}"

func CreateCommonTlsContext 

func CreateCommonTlsContext(rootCertsPath, sslPath, sslFileName, sslMinimumProtocol, sslMaximumProtocol string, cipherSuites string) (*tlspb.CommonTlsContext, error)

func CreateDownstreamTransportSocket 

func CreateDownstreamTransportSocket(sslServerPath, sslServerRootPath, sslMinimumProtocol, sslMaximumProtocol string, cipherSuites string) (*corepb.TransportSocket, error)

CreateDownstreamTransportSocket creates a TransportSocket for Downstream

func CreateLoadAssignment 

func CreateLoadAssignment(hostname string, port uint32) *endpointpb.ClusterLoadAssignment

CreateLoadAssignment creates a cluster for a TCP/IP port.

func CreateUdsLoadAssignment 

func CreateUdsLoadAssignment(clusterName string) *endpointpb.ClusterLoadAssignment

CreateUdsLoadAssignment creates a cluster for a unix domain socket.

func CreateUpstreamProtocolOptions 

func CreateUpstreamProtocolOptions() map[string]*anypb.Any

CreateUpstreamProtocolOptions creates a http2 protocol option as a typed upstream extension.

func ExtractAddressFromURI 

func ExtractAddressFromURI(uri string) (string, error)

func IamAccessTokenPath 

func IamAccessTokenPath(IamServiceAccount string) string

func IamIdentityTokenPath 

func IamIdentityTokenPath(IamServiceAccount string) string

func InitMockServerFromPathResp 

func InitMockServerFromPathResp(pathResp map[string]string) *httptest.Server

func IsBackendGRPC 

func IsBackendGRPC(address string) (bool, error)

IsBackendGRPC returns if the backend address requires gRPC support.

func IsOPDiscoveryAPI 

func IsOPDiscoveryAPI(operationName string) bool

func JsonContains 

func JsonContains(source, target string) error

JsonContains should be used for test only. It can check whether partial target json string belong to the source json string. JsonContains will remove regex(`(\t|\n|\s)`) inside target so it shouldn't contains these chars in its content.

func JsonEqual 

func JsonEqual(want, got string) error

JsonEqual compares two JSON strings after normalizing them. Should be used for test only.

func JsonEqualWithNormalizer 

func JsonEqualWithNormalizer(want, got string, normalizer func(string) (string, error)) error

JsonEqual compares two JSON strings after normalizing them. Should be used for test only.

func JwtProviderClusterName 

func JwtProviderClusterName(address string) string

Jwt provider cluster's name will be in form of "jwt-provider-cluster-${JWT_PROVIDER_ADDRESS}".

func MaxDuration 

func MaxDuration(a, b time.Duration) time.Duration

func MaybeTruncateSpanName 

func MaybeTruncateSpanName(spanName string) string

func ParseURI 

func ParseURI(uri string) (string, string, uint32, string, error)

ParseURI parses uri into scheme, hostname, port, path with err(if exist). If uri has no scheme, it will be regarded as https. If uri has no port, it will use 80 for non-TLS and 443 for TLS. Ensures the path has no trailing slash. Strips out query parameters from the path.

func ParseURIIntoURL 

func ParseURIIntoURL(uri string) (url.URL, error)

ParseURIIntoURL is the same as ParseURI, but it returns the URL in a standard struct.

func ProtoToJson 

func ProtoToJson(msg proto.Message) (string, error)

func ResolveJwksUriUsingOpenID 

func ResolveJwksUriUsingOpenID(uri string) (string, error)

func SelectorToAPIName 

func SelectorToAPIName(selector string) (string, error)

SelectorToAPIName returns the API name of the selector.

func SelectorToMethodName 

func SelectorToMethodName(selector string) (string, error)

SelectorToMethodName returns the Method short name from the selector.

func ShouldSkipOPDiscoveryAPI 

func ShouldSkipOPDiscoveryAPI(operation string, allowDiscoveryAPIs bool) bool

func UnmarshalServiceConfig 

func UnmarshalServiceConfig(config []byte) (*confpb.Service, error)

UnmarshalServiceConfig converts service config in JSON to proto. Allows unknown fields.

func ValidateRegexProgramSize 

func ValidateRegexProgramSize(regex string, maxProgramSize int) error

Types

type BackendProtocol 

type BackendProtocol int32
const (
	UNKNOWN BackendProtocol = iota
	HTTP1
	HTTP2
	GRPC
)

Backend protocol.

func ParseBackendProtocol 

func ParseBackendProtocol(scheme string, httpProtocol string) (BackendProtocol, bool, error)

ParseBackendProtocol parses a scheme string and http protocol string into BackendProtocol and UseTLS bool.

type GetAccessTokenFunc 

type GetAccessTokenFunc func() (string, time.Duration, error)

type GetNewRolloutIdFunc 

type GetNewRolloutIdFunc func() (string, error)

type MockServer 

type MockServer struct {
	// contains filtered or unexported fields
}

func InitMockServer 

func InitMockServer(response string) *MockServer

func (*MockServer) Close 

func (m *MockServer) Close()

func (*MockServer) GetURL 

func (m *MockServer) GetURL() string

func (*MockServer) SetResp 

func (m *MockServer) SetResp(response string)

func (*MockServer) SetSleepTime 

func (m *MockServer) SetSleepTime(sleepDuration time.Duration)

type RetryConfig 

type RetryConfig struct {
	RetryNum      int
	RetryInterval time.Duration
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.