docs/ci: Update config validation (#13387)

Signed-off-by: Ryan Northey <[email protected]>
envoyproxy · Oct 5, 2020 · bfe8de1 · bfe8de1
1 parent fe7af9a
commit bfe8de1
Show file tree

Hide file tree

Showing 7 changed files with 137 additions and 160 deletions.
diff --git a/ci/verify_examples.sh b/ci/verify_examples.sh
@@ -1,10 +1,8 @@
 #!/bin/bash -E
 
-TESTCOMMAND="${1:-}"
-TESTFILTER="${2:-*}"
+TESTFILTER="${1:-*}"
 FAILED=()
 SRCDIR="${SRCDIR:-$(pwd)}"
-EXCLUDED_BUILD_CONFIGS=${EXCLUDED_BUILD_CONFIGS:-"^./cache/responses.yaml|^./jaeger-native-tracing|docker-compose"}
 
 
 trap_errors () {
@@ -39,39 +37,7 @@ run_examples () {
     done
 }
 
-verify_build_configs () {
-    local config configs missing
-    missing=()
-    cd "${SRCDIR}/examples" || return 1
-    configs="$(find . -name "*.yaml" -o -name "*.lua" | grep -vE "${EXCLUDED_BUILD_CONFIGS}" | cut  -d/ -f2-)"
-    for config in $configs; do
-        grep "\"$config\"" BUILD || missing+=("$config")
-    done
-    if [[ -n "${missing[*]}" ]]; then
-       for config in "${missing[@]}"; do
-           echo "Missing config: $config" >&2
-       done
-       return 1
-    fi
-}
-
-case "$TESTCOMMAND" in
-    build_config)
-	echo "Running build_configs test"
-	verify_build_configs
-	;;
-    sandbox)
-	echo "Running sandbox test"
-	run_examples
-	;;
-    ""|all)
-	echo "Running all tests"
-	verify_build_configs
-	run_examples
-	;;
-    *)
-	echo "Usage: ./ci/verify_examples.sh [build_config|sandbox|all] [<test_filter>]"
-esac
+run_examples
 
 if [[ "${#FAILED[@]}" -ne "0" ]]; then
     echo "TESTS FAILED:"

diff --git a/configs/BUILD b/configs/BUILD
@@ -39,11 +39,17 @@ genrule(
     srcs = [
         ":configs",
         "//examples:configs",
+        "//docs:configs",
         "//test/config/integration/certs",
     ],
     outs = ["example_configs.tar"],
-    cmd = "$(location configgen.sh) $(location configgen) $(@D) $(locations :configs) " +
-          "$(locations //examples:configs) $(locations //test/config/integration/certs)",
+    cmd = (
+        "$(location configgen.sh) $(location configgen) $(@D) " +
+        "$(locations :configs) " +
+        "$(locations //examples:configs) " +
+        "$(locations //docs:configs) " +
+        "$(locations //test/config/integration/certs)"
+    ),
     tools = [
         "configgen.sh",
         ":configgen",

diff --git a/docs/BUILD b/docs/BUILD
@@ -1,3 +1,28 @@
+load(
+    "//bazel:envoy_build_system.bzl",
+    "envoy_package",
+)
+
 licenses(["notice"])  # Apache 2
 
 exports_files(["protodoc_manifest.yaml"])
+
+envoy_package()
+
+# TODO(phlax): fix failing/excluded configs
+# the following config only fails on windows:
+#       dns-cache-circuit-breaker: "Error: unable to read file: /etc/ssl/certs/ca-certificates.crt"
+
+filegroup(
+    name = "configs",
+    srcs = glob(
+        ["root/**/*.yaml"],
+        exclude = [
+            "root/intro/_include/life-of-a-request.yaml",
+            "root/intro/arch_overview/security/_include/ssl.yaml",
+            "root/configuration/http/http_filters/_include/dns-cache-circuit-breaker.yaml",
+            "root/configuration/http/http_filters/_include/grpc-reverse-bridge-filter.yaml",
+            "root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml",
+        ],
+    ),
+)
diff --git a/docs/root/configuration/best_practices/_include/edge.yaml b/docs/root/configuration/best_practices/_include/edge.yaml
@@ -44,8 +44,8 @@ static_resources:
           "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
           common_tls_context:
             tls_certificates:
-            - certificate_chain: { filename: "example_com_cert.pem" }
-              private_key: { filename: "example_com_key.pem" }
+            - certificate_chain: { filename: "certs/servercert.pem" }
+              private_key: { filename: "certs/serverkey.pem" }
       # Uncomment if Envoy is behind a load balancer that exposes client IP address using the PROXY protocol.
       # use_proxy_proto: true
       filters:

diff --git a/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml b/docs/root/configuration/http/http_filters/_include/grpc-transcoder-filter.yaml
@@ -1,59 +1,59 @@
-  admin:
-    access_log_path: /tmp/admin_access.log
-    address:
-      socket_address: { address: 0.0.0.0, port_value: 9901 }
+admin:
+  access_log_path: /tmp/admin_access.log
+  address:
+    socket_address: { address: 0.0.0.0, port_value: 9901 }
 
-  static_resources:
-    listeners:
-    - name: listener1
-      address:
-        socket_address: { address: 0.0.0.0, port_value: 51051 }
-      filter_chains:
-      - filters:
-        - name: envoy.filters.network.http_connection_manager
-          typed_config:
-            "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
-            stat_prefix: grpc_json
-            codec_type: AUTO
-            route_config:
-              name: local_route
-              virtual_hosts:
-              - name: local_service
-                domains: ["*"]
-                routes:
-                # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path.
-                # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
-                - match: { prefix: "/helloworld.Greeter" }
-                  route: { cluster: grpc, timeout: { seconds: 60 } }
-            http_filters:
-            - name: envoy.filters.http.grpc_json_transcoder
-              typed_config:
-                "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder
-                proto_descriptor: "/tmp/envoy/proto.pb"
-                services: ["helloworld.Greeter"]
-                print_options:
-                  add_whitespace: true
-                  always_print_primitive_fields: true
-                  always_print_enums_as_ints: false
-                  preserve_proto_field_names: false
-            - name: envoy.filters.http.router
+static_resources:
+  listeners:
+  - name: listener1
+    address:
+      socket_address: { address: 0.0.0.0, port_value: 51051 }
+    filter_chains:
+    - filters:
+      - name: envoy.filters.network.http_connection_manager
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+          stat_prefix: grpc_json
+          codec_type: AUTO
+          route_config:
+            name: local_route
+            virtual_hosts:
+            - name: local_service
+              domains: ["*"]
+              routes:
+              # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path.
+              # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
+              - match: { prefix: "/helloworld.Greeter" }
+                route: { cluster: grpc, timeout: { seconds: 60 } }
+          http_filters:
+          - name: envoy.filters.http.grpc_json_transcoder
+            typed_config:
+              "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder
+              proto_descriptor: "/tmp/envoy/proto.pb"
+              services: ["helloworld.Greeter"]
+              print_options:
+                add_whitespace: true
+                always_print_primitive_fields: true
+                always_print_enums_as_ints: false
+                preserve_proto_field_names: false
+          - name: envoy.filters.http.router
 
-    clusters:
-    - name: grpc
-      connect_timeout: 1.25s
-      type: logical_dns
-      lb_policy: round_robin
-      dns_lookup_family: V4_ONLY
-      http2_protocol_options: {}
-      load_assignment:
-        cluster_name: grpc
-        endpoints:
-        - lb_endpoints:
-          - endpoint:
-              address:
-                socket_address:
-                  # WARNING: "docker.for.mac.localhost" has been deprecated from Docker v18.03.0.
-                  # If you're running an older version of Docker, please use "docker.for.mac.localhost" instead.
-                  # Reference: https://docs.docker.com/docker-for-mac/release-notes/#docker-community-edition-18030-ce-mac59-2018-03-26
-                  address: host.docker.internal
-                  port_value: 50051
+  clusters:
+  - name: grpc
+    connect_timeout: 1.25s
+    type: logical_dns
+    lb_policy: round_robin
+    dns_lookup_family: V4_ONLY
+    http2_protocol_options: {}
+    load_assignment:
+      cluster_name: grpc
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                # WARNING: "docker.for.mac.localhost" has been deprecated from Docker v18.03.0.
+                # If you're running an older version of Docker, please use "docker.for.mac.localhost" instead.
+                # Reference: https://docs.docker.com/docker-for-mac/release-notes/#docker-community-edition-18030-ce-mac59-2018-03-26
+                address: host.docker.internal
+                port_value: 50051
diff --git a/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml b/docs/root/configuration/listeners/udp_filters/_include/udp-proxy.yaml
@@ -1,35 +1,35 @@
-  admin:
-    access_log_path: /tmp/admin_access.log
+admin:
+  access_log_path: /tmp/admin_access.log
+  address:
+    socket_address:
+      protocol: TCP
+      address: 127.0.0.1
+      port_value: 9901
+static_resources:
+  listeners:
+  - name: listener_0
     address:
       socket_address:
-        protocol: TCP
+        protocol: UDP
         address: 127.0.0.1
-        port_value: 9901
-  static_resources:
-    listeners:
-    - name: listener_0
-      address:
-        socket_address:
-          protocol: UDP
-          address: 127.0.0.1
-          port_value: 1234
-      listener_filters:
-        name: envoy.filters.udp_listener.udp_proxy
-        typed_config:
-          '@type': type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig
-          stat_prefix: service
-          cluster: service_udp
-    clusters:
-    - name: service_udp
-      connect_timeout: 0.25s
-      type: STATIC
-      lb_policy: ROUND_ROBIN
-      load_assignment:
-        cluster_name: service_udp
-        endpoints:
-        - lb_endpoints:
-          - endpoint:
-              address:
-                socket_address:
-                  address: 127.0.0.1
-                  port_value: 1235
+        port_value: 1234
+    listener_filters:
+      name: envoy.filters.udp_listener.udp_proxy
+      typed_config:
+        '@type': type.googleapis.com/envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig
+        stat_prefix: service
+        cluster: service_udp
+  clusters:
+  - name: service_udp
+    connect_timeout: 0.25s
+    type: STATIC
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+      cluster_name: service_udp
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: 127.0.0.1
+                port_value: 1235
diff --git a/examples/BUILD b/examples/BUILD
@@ -9,35 +9,15 @@ envoy_package()
 
 filegroup(
     name = "configs",
-    srcs = [
-        "cache/front-envoy.yaml",
-        "cache/service-envoy.yaml",
-        "cors/backend/front-envoy.yaml",
-        "cors/backend/service-envoy.yaml",
-        "cors/frontend/front-envoy.yaml",
-        "cors/frontend/service-envoy.yaml",
-        "csrf/crosssite/front-envoy.yaml",
-        "csrf/samesite/front-envoy.yaml",
-        "csrf/service-envoy.yaml",
-        "ext_authz/config/grpc-service/v2.yaml",
-        "ext_authz/config/grpc-service/v3.yaml",
-        "ext_authz/config/http-service.yaml",
-        "ext_authz/config/opa-service/v2.yaml",
-        "fault-injection/envoy.yaml",
-        "front-proxy/front-envoy.yaml",
-        "front-proxy/service-envoy.yaml",
-        "grpc-bridge/client/envoy-proxy.yaml",
-        "grpc-bridge/server/envoy-proxy.yaml",
-        "jaeger-tracing/front-envoy-jaeger.yaml",
-        "jaeger-tracing/service1-envoy-jaeger.yaml",
-        "jaeger-tracing/service2-envoy-jaeger.yaml",
-        "load-reporting-service/service-envoy-w-lrs.yaml",
-        "lua/envoy.yaml",
-        "lua/lib/mylibrary.lua",
-        "mysql/envoy.yaml",
-        "redis/envoy.yaml",
-        "zipkin-tracing/front-envoy-zipkin.yaml",
-        "zipkin-tracing/service1-envoy-zipkin.yaml",
-        "zipkin-tracing/service2-envoy-zipkin.yaml",
-    ],
+    srcs = glob(
+        [
+            "**/*.yaml",
+            "**/*.lua",
+        ],
+        exclude = [
+            "cache/responses.yaml",
+            "jaeger-native-tracing/*",
+            "**/*docker-compose*.yaml",
+        ],
+    ),
 )