Upgrade gRPC to 1.25 which has gRPC STS feature #145
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
cc @istio/release-managers-1-4 |
howardjohn
previously requested changes
Feb 12, 2020
I will update envoy upstream in a separate PR today or tomorrow, and upgrade gRPC SHA to the same SHA as this PR. If I upgrade envoy upstream from gRPC 1.25 to that SHA, the change is only in repository_locations.bzl. when I cherry-pick that upgrade PR into istio/envoy 1.4 branch, I still need to make changes to other files to fix the build issue. I think the risk of diverge is low. |
|
Ok I think this makes sense, but I would like approval from a proxy owner before merging |
Thanks a lot! |
|
Two comments:
|
|
Merging, because but I still think it's a bad idea... |
duderino
added a commit
to duderino/envoy
that referenced
this pull request
Mar 3, 2020
This reverts commit 03ecfad.
istio-testing
pushed a commit
that referenced
this pull request
Mar 4, 2020
…fixes. (#180) * Revert "fix opencensus tracer (#155)" This reverts commit 063eeb9. * Revert "Add x-goog-user-proj header for sts credential (#152)" This reverts commit 37dbbd4. * Revert "Update GrpcService to add StsService. (envoyproxy#411)" This reverts commit ab59731. * Revert "fix tracer ssl credential (#151)" This reverts commit 02901d0. * Revert "remove url validation as it is not implemented" This reverts commit 3eb2101. * Revert "Use gRPC Security Token Service (STS) to get call credentials (envoyproxy#9101)" This reverts commit ec6b907. * Revert "[release-1.4] Use sts for call credential when STS_PORT is provided in node metadata #144 (#148)" This reverts commit 7081e43. * Revert "Upgrade gRPC to 1.25 which has gRPC STS feature (#145)" This reverts commit 03ecfad. * ci: mark //test/integration:protocol_integration_test as flaky. (#162) Backport envoyproxy/envoy-wasm#422 and its prerequisite (envoyproxy#10009). * Plumb the flaky flag from envoy_cc_test to the native.cc_test (envoyproxy#10009) Signed-off-by: Yan Avlasov <yavlasov@google.com> * ci: mark //test/integration:protocol_integration_test as flaky. (envoyproxy#422) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Remove wasm filter stress test Signed-off-by: gargnupur <gargnupur@google.com> * Remove wasm stress test framework Signed-off-by: gargnupur <gargnupur@google.com> Co-authored-by: Piotr Sikora <piotrsikora@google.com> Co-authored-by: Nupur Garg <37600866+gargnupur@users.noreply.github.com>
brian-avery
pushed a commit
that referenced
this pull request
Jun 30, 2020
…eject partial headers that exceed configured limits (#145) Signed-off-by: Antonio Vicente <avd@google.com>
fpesce
pushed a commit
that referenced
this pull request
Jun 30, 2020
…eject partial headers that exceed configured limits (#145) Improve the robustness of HTTP1 request and response header size checks by including the request URL in the request header size, and add missing header size check when parsing header field names. The missing header field name size check can result in excessive buffering up to a hard-coded 32MB limit until timeout. The missing request URL size check can result in Envoy attempting to route match and proxy HTTP/1.1 requests with URLs up to a hard-coded 32MB limit, which could result in excess memory usage or performance problems in regex route matches. Signed-off-by: Antonio Vicente <avd@google.com> Signed-off-by: John Plevyak <jplevyak@gmail.com>
brian-avery
pushed a commit
that referenced
this pull request
Jun 30, 2020
…eject partial headers that exceed configured limits (#145) Improve the robustness of HTTP1 request and response header size checks by including the request URL in the request header size, and add missing header size check when parsing header field names. The missing header field name size check can result in excessive buffering up to a hard-coded 32MB limit until timeout. The missing request URL size check can result in Envoy attempting to route match and proxy HTTP/1.1 requests with URLs up to a hard-coded 32MB limit, which could result in excess memory usage or performance problems in regex route matches. Signed-off-by: Antonio Vicente <avd@google.com> Signed-off-by: John Plevyak <jplevyak@gmail.com>
jplevyak
pushed a commit
that referenced
this pull request
Jul 9, 2020
…eject partial headers that exceed configured limits (#145) Signed-off-by: antonio <avd@google.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For an explanation of how to fill out the fields, please see the relevant section
in PULL_REQUESTS.md
Upgrade gRPC to d8f4928fa779f6005a7fe55a176bdb373b0f910f (1.25.x).
Follow envoyproxy#9041 that updates gRPC from 1.22 to 1.25.
Follow envoyproxy#6584 that fixes compile issues complained by clang-8.
Description:
Risk Level: Low
Testing: Existing Tests
Docs Changes: N/A
Release Notes: N/A
istio/istio#20133