forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into filter-config-dump
* master: (167 commits) stats: Avoid asserts in fuzz-tests by eliminating arbitrary length limits, using the new MemBlock wrapper for memcpy (envoyproxy#8779) Make %UPSTREAM_LOCAL_ADDRESS% access-log format work for HTTP requests. (envoyproxy#9362) tools: API boosting support for using decls and enum constants. (envoyproxy#9418) Fix incorrect cluster InitializePhase type (envoyproxy#9379) build: fix merge race between envoyproxy#9241 and envoyproxy#9413. (envoyproxy#9427) fuzz: fix incorrect evaluator test (envoyproxy#9402) server: fix bogus startup log message (envoyproxy#9404) tools: Add protoxform tests (envoyproxy#9241) api: options after import (envoyproxy#9413) misc: use std::move instead of constructing a copy (envoyproxy#9415) tools: API boosting support for rewriting elaborated types. (envoyproxy#9375) docs: fix invalid transport_socket value (envoyproxy#9403) fix typo in docs (envoyproxy#9394) srds: remove to-de-removed scopes first and then apply additions to avoid scope key conflict. (envoyproxy#9366) api: generate whole directory and sync (envoyproxy#9382) bazel: Add load statements for proto_library (envoyproxy#9367) Fix typo (envoyproxy#9388) Correct test of OptionsImpl argc type (Was: Correct type for std::array size() result) (envoyproxy#9290) http1 encode trailers in chunk encoding (envoyproxy#8667) Add mode to PipeInstance (envoyproxy#8423) ...
- Loading branch information
Showing
1,635 changed files
with
28,668 additions
and
7,431 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,3 @@ | ||
| api | ||
| examples/grpc-bridge/script | ||
| tools/clang_tools |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| 1.1.0 | ||
| 1.2.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,6 @@ | ||
| /docs/root/intro/version_history.rst merge=union | ||
| *.generated.pb_text linguist-generated=true | ||
| *.generated.pb_text -diff -merge | ||
| *.svg binary | ||
| /test/**/*_corpus/* linguist-generated=true | ||
| /test/**/*_corpus/* -diff -merge |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -10,7 +10,7 @@ routing PRs, questions, etc. to the right place. | |
| * Catch-all, "all the things", and generally trying to make himself obsolete as fast as | ||
| possible. | ||
| * Harvey Tuch ([htuch](https://github.com/htuch)) ([email protected]) | ||
| * APIs, xDS, gRPC, configuration, Bazel/build, base server (startup, etc.), Python, and Bash. | ||
| * APIs, xDS, UDPA, gRPC, configuration, security, Python, and Bash. | ||
| * Alyssa Wilk ([alyssawilk](https://github.com/alyssawilk)) ([email protected]) | ||
| * HTTP, flow control, cluster manager, load balancing, and core networking (listeners, | ||
| connections, etc.). | ||
|
|
@@ -25,6 +25,8 @@ routing PRs, questions, etc. to the right place. | |
|
|
||
| # Maintainers | ||
|
|
||
| * Asra Ali ([asraa](https://github.com/asraa)) ([email protected]) | ||
| * Fuzzing, security, headers, HTTP/gRPC, router, access log, tests. | ||
| * Jose Nino ([junr03](https://github.com/junr03)) ([email protected]) | ||
| * Outlier detection, HTTP routing, xDS, configuration/operational questions. | ||
| * Dan Noé ([dnoe](https://github.com/dnoe)) ([email protected]) | ||
|
|
@@ -39,7 +41,6 @@ routing PRs, questions, etc. to the right place. | |
| * All maintainers | ||
| * Piotr Sikora ([PiotrSikora](https://github.com/PiotrSikora)) ([email protected]) | ||
| * Yan Avlasov ([yanavlasov](https://github.com/yanavlasov)) ([email protected]) | ||
| * Asra Ali ([asraa](https://github.com/asraa)) ([email protected]) | ||
|
|
||
| # Emeritus maintainers | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -185,16 +185,16 @@ These steps should be completed 1-3 days after the Release Date. The retrospecti | |
| ## Private Distributors List | ||
|
|
||
| This list is intended to be used primarily to provide actionable information to | ||
| multiple distribution vendors at once. This list is not intended for | ||
| individuals to find out about security issues. | ||
| multiple distribution vendors as well as a *limited* set of high impact end users at once. *This | ||
| list is not intended in the general case for end users to find out about security issues*. | ||
|
|
||
| ### Embargo Policy | ||
|
|
||
| The information members receive on cncf-envoy-distributors-announce must not be made public, shared, nor | ||
| even hinted at anywhere beyond the need-to-know within your specific team except with the list's | ||
| explicit approval. This holds true until the public disclosure date/time that was agreed upon by the | ||
| list. Members of the list and others may not use the information for anything other than getting the | ||
| issue fixed for your respective distribution's users. | ||
| issue fixed for your respective users. | ||
|
|
||
| Before any information from the list is shared with respective members of your team required to fix | ||
| said issue, they must agree to the same terms and only find out information on a need-to-know basis. | ||
|
|
@@ -246,7 +246,7 @@ could be in the form of the following: | |
| ### Membership Criteria | ||
|
|
||
| To be eligible for the cncf-envoy-distributors-announce mailing list, your | ||
| distribution should: | ||
| use of Envoy should: | ||
|
|
||
| 1. Be either: | ||
| 1. An actively maintained distribution of Envoy components. An example is | ||
|
|
@@ -261,11 +261,36 @@ distribution should: | |
| marketing copy, etc.) that it is built on top of Envoy. E.g., | ||
| "SuperAwesomeCloudProvider's Envoy as a Service (EaaS)". An infrastructure | ||
| service that uses Envoy for a product but does not publicly say they are | ||
| using Envoy does not qualify. This is essentially IaaS or PaaS, if you use | ||
| Envoy to support a SaaS, e.g. "SuperAwesomeCatVideoService", this does not | ||
| qualify. | ||
| 2. Have a user or customer base not limited to your own organization. We will use the size | ||
| of the user or customer base as part of the criteria to determine | ||
| using Envoy does not *generally* qualify (see option 3 that follows). This is essentially IaaS | ||
| or PaaS. If you use Envoy to support a SaaS, e.g. "SuperAwesomeCatVideoService", this does not | ||
| *generally* qualify. | ||
|
|
||
| OR | ||
|
|
||
| 3. An end user of Envoy that satisfies the following requirements: | ||
| 1. Is "well known" to the Envoy community. Being "well known" is fully subjective and | ||
| determined by the Envoy maintainers and security team. Becoming "well known" would | ||
| generally be achieved by activities such as: PR contributions, either code or | ||
| documentation; helping other end users on Slack, GitHub, and the mailing lists; speaking | ||
| about use of Envoy at conferences; writing about use of Envoy in blog posts; sponsoring | ||
| Envoy conferences, meetups, and other activities; etc. This is a more strict variant of | ||
| item 5 below. | ||
| 2. Is of sufficient size, scale, and impact to make your inclusion on the list | ||
| worthwhile. The definition of size, scale, and impact is fully subjective and | ||
| determined by the Envoy maintainers and security team. The definition will not be | ||
| discussed further in this document. | ||
| 3. You *must* smoke test and then widely deploy security patches promptly and report back | ||
| success or failure ASAP. Furthermore, the Envoy maintainers may occasionally ask you to | ||
| smoke test especially risky public PRs before they are merged. Not performing these tasks | ||
| in a reasonably prompt timeframe will result in removal from the list. This is a more | ||
| strict variant of item 7 below. | ||
| 4. In order to balance inclusion in the list versus a greater chance of accidental | ||
| disclosure, end users added to the list via this option will be limited to a total of | ||
| **10** slots. Periodic review (see below) may allow new slots to open, so please continue | ||
| to apply if it seems your organization would otherwise qualify. The security team also | ||
| reserves the right to change this limit in the future. | ||
| 2. Have a user or customer base not limited to your own organization (except for option 3 above). | ||
| We will use the size of the user or customer base as part of the criteria to determine | ||
| eligibility. | ||
| 3. Have a publicly verifiable track record up to present day of fixing security | ||
| issues. | ||
|
|
@@ -286,7 +311,7 @@ distribution should: | |
| e-mail updates. This e-mail address will be [shared with the Envoy community](#Members). | ||
|
|
||
| Note that Envoy maintainers are members of the Envoy security team. [Members of the Envoy security | ||
| team](OWNERS.md#envoy-security-team) and the organizations that they represents are implicitly | ||
| team](OWNERS.md#envoy-security-team) and the organizations that they represent are implicitly | ||
| included in the private distributor list. These organizations do not need to meet the above list of | ||
| criteria with the exception of the acceptance of the embargo policy. | ||
|
|
||
|
|
@@ -306,11 +331,20 @@ Subject: Seven-Corp Membership to cncf-envoy-distributors-announce | |
| Below are each criterion and why I think we, Seven-Corp, qualify. | ||
| > 1. Be an actively maintained distribution of Envoy components OR offer Envoy as a publicly | ||
| available service in which the product clearly states that it is built on top of Envoy. | ||
| available service in which the product clearly states that it is built on top of Envoy OR | ||
| be a well known end user of sufficient size, scale, and impact to make your | ||
| inclusion worthwhile. | ||
| We distribute the "Seven" distribution of Envoy [link]. We have been doing | ||
| this since 1999 before proxies were even cool. | ||
| OR | ||
| We use Envoy for our #1 rated cat video service and have 40 billion MAU, proxying 40 trillion^2 RPS | ||
| through Envoy at the edge. Secure cat videos are our top priority. We also contribute a lot to the Envoy | ||
| community by implementing features, not making Matt ask for documentation or tests, and writing blog | ||
| posts about efficient Envoy cat video serving. | ||
| > 2. Have a user or customer base not limited to your own organization. Please specify an | ||
| > approximate size of your user or customer base, including the number of | ||
| > production deployments. | ||
|
|
@@ -361,21 +395,29 @@ CrashOverride will vouch for the "Seven" distribution joining the distribution l | |
| individuals come and go. A good example is [email protected], a bad example is | ||
| [email protected]. You must accept the invite sent to this address or you will not receive any | ||
| e-mail updates. This e-mail address will be shared with the Envoy community. | ||
| [email protected] | ||
| ``` | ||
|
|
||
| ### Review of membership criteria | ||
|
|
||
| In all cases, members of the distribution list will be reviewed on a yearly basis by the maintainers | ||
| and security team to ensure they still qualify for inclusion on the list. | ||
|
|
||
| ### Members | ||
|
|
||
| | E-mail | Organization | | ||
| |-------------------------------------------------------|:-------------:| | ||
| | [email protected] | Aspen Mesh | | ||
| | [email protected] | AWS | | ||
| | [email protected] | Cilium | | ||
| | [email protected] | Cloud Foundry | | ||
| | [email protected] | Datawire | | ||
| | [email protected] | Google | | ||
| | [email protected] | IBM | | ||
| | [email protected] | Istio | | ||
| | [email protected] | Red Hat | | ||
| | [email protected] | solo.io | | ||
| | [email protected] | Tetrate | | ||
| | [email protected] | VMware | | ||
| | E-mail | Organization | End User | Last Review | | ||
| |-------------------------------------------------------|:-------------:|:--------:|:-----------:| | ||
| | [email protected] | Aspen Mesh | No | 12/19 | | ||
| | [email protected] | AWS | No | 12/19 | | ||
| | [email protected] | Cilium | No | 12/19 | | ||
| | [email protected] | Cloud Foundry | No | 12/19 | | ||
| | [email protected] | Datawire | No | 12/19 | | ||
| | [email protected] | Google | No | 12/19 | | ||
| | [email protected] | IBM | No | 12/19 | | ||
| | [email protected] | Istio | No | 12/19 | | ||
| | [email protected] | Red Hat | No | 12/19 | | ||
| | [email protected] | solo.io | No | 12/19 | | ||
| | [email protected] | Tetrate | No | 12/19 | | ||
| | [email protected] | VMware | No | 12/19 | | ||
| | [email protected] | Pinterest | Yes | 12/19 | | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.