Skip to content

Commit b0b550f

Browse files
authored
context: move the secret manager and ssl context manager to server context (envoyproxy#39027)
Both secret manager and ssl context manager are server wide resource and should be accessed by server factory context. This provides a unified way to access all server wide resources. See envoyproxy#26476 for more detail for why we do this. And after this PR is merged, we can use GenericFactoryContext to replace TransportSocketFactoryContext. Signed-off-by: wangbaiping(wbpcode) <wbphub@gmail.com>
1 parent e451caf commit b0b550f

73 files changed

Lines changed: 319 additions & 341 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

contrib/cryptomb/private_key_providers/test/config_test.cc

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66
#include "test/common/stats/stat_test_utility.h"
77
#include "test/mocks/common.h"
8-
#include "test/mocks/server/transport_socket_factory_context.h"
8+
#include "test/mocks/server/factory_context.h"
99
#include "test/mocks/ssl/mocks.h"
1010
#include "test/mocks/thread_local/mocks.h"
1111
#include "test/test_common/environment.h"
@@ -37,7 +37,8 @@ class CryptoMbConfigTest : public Event::TestUsingSimulatedTime, public testing:
3737
CryptoMbConfigTest() : api_(Api::createApiForTest(store_, time_system_)) {
3838
ON_CALL(factory_context_.server_context_, api()).WillByDefault(ReturnRef(*api_));
3939
ON_CALL(factory_context_.server_context_, threadLocal()).WillByDefault(ReturnRef(tls_));
40-
ON_CALL(factory_context_, sslContextManager()).WillByDefault(ReturnRef(context_manager_));
40+
ON_CALL(factory_context_.server_context_, sslContextManager())
41+
.WillByDefault(ReturnRef(context_manager_));
4142
ON_CALL(context_manager_, privateKeyMethodManager())
4243
.WillByDefault(ReturnRef(private_key_method_manager_));
4344
}
@@ -48,7 +49,8 @@ class CryptoMbConfigTest : public Event::TestUsingSimulatedTime, public testing:
4849
Registry::InjectFactory<Ssl::PrivateKeyMethodProviderInstanceFactory>
4950
cryptomb_private_key_method_factory(cryptomb_factory);
5051

51-
return factory_context_.sslContextManager()
52+
return factory_context_.serverFactoryContext()
53+
.sslContextManager()
5254
.privateKeyMethodManager()
5355
.createPrivateKeyMethodProvider(parsePrivateKeyProviderFromV3Yaml(yaml), factory_context_);
5456
}

contrib/qat/private_key_providers/test/config_test.cc

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66
#include "test/common/stats/stat_test_utility.h"
77
#include "test/mocks/common.h"
8-
#include "test/mocks/server/transport_socket_factory_context.h"
8+
#include "test/mocks/server/server_factory_context.h"
99
#include "test/mocks/ssl/mocks.h"
1010
#include "test/mocks/thread_local/mocks.h"
1111
#include "test/test_common/environment.h"
@@ -50,7 +50,8 @@ class QatConfigTest : public Event::TestUsingSimulatedTime, public testing::Test
5050
: api_(Api::createApiForTest(store_, time_system_)),
5151
libqat_(std::make_shared<FakeLibQatCryptoImpl>()), fsm_(libqat_) {
5252
ON_CALL(factory_context_.server_context_, api()).WillByDefault(ReturnRef(*api_));
53-
ON_CALL(factory_context_, sslContextManager()).WillByDefault(ReturnRef(context_manager_));
53+
ON_CALL(factory_context_.server_context_, sslContextManager())
54+
.WillByDefault(ReturnRef(context_manager_));
5455
ON_CALL(context_manager_, privateKeyMethodManager())
5556
.WillByDefault(ReturnRef(private_key_method_manager_));
5657
ON_CALL(factory_context_.server_context_, singletonManager()).WillByDefault(ReturnRef(fsm_));
@@ -61,7 +62,8 @@ class QatConfigTest : public Event::TestUsingSimulatedTime, public testing::Test
6162
Registry::InjectFactory<Ssl::PrivateKeyMethodProviderInstanceFactory>
6263
qat_private_key_method_factory(qat_factory);
6364

64-
return factory_context_.sslContextManager()
65+
return factory_context_.serverFactoryContext()
66+
.sslContextManager()
6567
.privateKeyMethodManager()
6668
.createPrivateKeyMethodProvider(parsePrivateKeyProviderFromV3Yaml(yaml), factory_context_);
6769
}

contrib/qat/private_key_providers/test/ops_test.cc

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
#include "source/common/tls/private_key/private_key_manager_impl.h"
77

88
#include "test/common/stats/stat_test_utility.h"
9-
#include "test/mocks/server/transport_socket_factory_context.h"
9+
#include "test/mocks/server/server_factory_context.h"
1010
#include "test/test_common/environment.h"
1111
#include "test/test_common/simulated_time_system.h"
1212
#include "test/test_common/utility.h"
@@ -110,7 +110,7 @@ class QatProviderRsaTest : public QatProviderTest {
110110
rsa_ = EVP_PKEY_get0_RSA(pkey_.get());
111111
libqat_->setRsaKey(rsa_);
112112
}
113-
bssl::UniquePtr<EVP_PKEY> pkey_{};
113+
bssl::UniquePtr<EVP_PKEY> pkey_;
114114
RSA* rsa_{};
115115
};
116116

contrib/sxg/filters/http/test/filter_test.cc

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -375,10 +375,12 @@ TEST_F(FilterTest, SdsDynamicGenericSecret) {
375375

376376
auto certificate_secret_provider = secret_manager.findOrCreateGenericSecretProvider(
377377
config_source, "certificate", secret_context, init_manager);
378-
auto certificate_callback = secret_context.cluster_manager_.subscription_factory_.callbacks_;
378+
auto certificate_callback =
379+
secret_context.server_context_.cluster_manager_.subscription_factory_.callbacks_;
379380
auto private_key_secret_provider = secret_manager.findOrCreateGenericSecretProvider(
380381
config_source, "private_key", secret_context, init_manager);
381-
auto private_key_callback = secret_context.cluster_manager_.subscription_factory_.callbacks_;
382+
auto private_key_callback =
383+
secret_context.server_context_.cluster_manager_.subscription_factory_.callbacks_;
382384

383385
NiceMock<ThreadLocal::MockInstance> tls;
384386
SDSSecretReader secret_reader(std::move(certificate_secret_provider),

envoy/server/factory_context.h

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -229,6 +229,16 @@ class ServerFactoryContext : public virtual CommonFactoryContext {
229229
* @return whether external healthchecks are currently failed or not.
230230
*/
231231
virtual bool healthCheckFailed() const PURE;
232+
233+
/**
234+
* @return Ssl::ContextManager& the SSL context manager.
235+
*/
236+
virtual Ssl::ContextManager& sslContextManager() PURE;
237+
238+
/**
239+
* Return the instance of secret manager.
240+
*/
241+
virtual Secret::SecretManager& secretManager() PURE;
232242
};
233243

234244
// ServerFactoryContextInstance is a thread local singleton that provides access to the

envoy/server/transport_socket_config.h

Lines changed: 0 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -34,35 +34,17 @@ class TransportSocketFactoryContext {
3434
*/
3535
virtual ServerFactoryContext& serverFactoryContext() PURE;
3636

37-
/**
38-
* @return Upstream::ClusterManager& singleton for use by the entire server.
39-
* TODO(wbpcode): clusterManager() of ServerFactoryContext still be invalid when loading
40-
* static cluster. So we need to provide an cluster manager reference here.
41-
* This could be removed after https://github.com/envoyproxy/envoy/issues/26653 is resolved.
42-
*/
43-
virtual Upstream::ClusterManager& clusterManager() PURE;
44-
4537
/**
4638
* @return ProtobufMessage::ValidationVisitor& validation visitor for cluster configuration
4739
* messages.
4840
*/
4941
virtual ProtobufMessage::ValidationVisitor& messageValidationVisitor() PURE;
5042

51-
/**
52-
* @return Ssl::ContextManager& the SSL context manager.
53-
*/
54-
virtual Ssl::ContextManager& sslContextManager() PURE;
55-
5643
/**
5744
* @return Stats::Scope& the transport socket's stats scope.
5845
*/
5946
virtual Stats::Scope& statsScope() PURE;
6047

61-
/**
62-
* Return the instance of secret manager.
63-
*/
64-
virtual Secret::SecretManager& secretManager() PURE;
65-
6648
/**
6749
* @return the init manager of the particular context.
6850
*/

mobile/test/common/integration/BUILD

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,8 +77,8 @@ envoy_cc_test_library(
7777
"@envoy//source/exe:process_wide_lib",
7878
"@envoy//test/integration:autonomous_upstream_lib",
7979
"@envoy//test/integration:utility_lib",
80+
"@envoy//test/mocks/server:factory_context_mocks",
8081
"@envoy//test/mocks/server:server_factory_context_mocks",
81-
"@envoy//test/mocks/server:transport_socket_factory_context_mocks",
8282
"@envoy//test/test_common:environment_lib",
8383
"@envoy_build_config//:extension_registry",
8484
] + envoy_select_signal_trace(

mobile/test/common/integration/test_server.cc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -136,7 +136,7 @@ TestServer::TestServer()
136136
ON_CALL(factory_context_.server_context_, api()).WillByDefault(testing::ReturnRef(*api_));
137137
ON_CALL(factory_context_, statsScope())
138138
.WillByDefault(testing::ReturnRef(*stats_store_.rootScope()));
139-
ON_CALL(factory_context_, sslContextManager())
139+
ON_CALL(factory_context_.server_context_, sslContextManager())
140140
.WillByDefault(testing::ReturnRef(context_manager_));
141141

142142
Envoy::ExtensionRegistry::registerFactories();

mobile/test/common/integration/test_server.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
#include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.h"
1010
#include "test/integration/autonomous_upstream.h"
1111
#include "test/mocks/server/server_factory_context.h"
12-
#include "test/mocks/server/transport_socket_factory_context.h"
12+
#include "test/mocks/server/server_factory_context.h"
1313
#include "test/integration/server.h"
1414

1515
#include "tools/cpp/runfiles/runfiles.h"

source/common/listener_manager/listener_impl.cc

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -335,8 +335,7 @@ ListenerImpl::ListenerImpl(const envoy::config::listener::v3::Listener& config,
335335
}),
336336
transport_factory_context_(
337337
std::make_shared<Server::Configuration::TransportSocketFactoryContextImpl>(
338-
parent_.server_.serverFactoryContext(), parent_.server_.sslContextManager(),
339-
listenerScope(), parent_.server_.clusterManager(), validation_visitor_)),
338+
parent_.server_.serverFactoryContext(), listenerScope(), validation_visitor_)),
340339
quic_stat_names_(parent_.quicStatNames()),
341340
missing_listener_config_stats_({ALL_MISSING_LISTENER_CONFIG_STATS(
342341
POOL_COUNTER(listener_factory_context_->listenerScope()))}) {

0 commit comments

Comments
 (0)