Example 1 with CertificateProviderPluginInstance
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance in project grpc-java by grpc.
the class ClientXdsClientTestBase method cdsResponseWithNewUpstreamTlsContext.
/**
* CDS response containing new UpstreamTlsContext for a cluster.
*/
@Test
@SuppressWarnings("deprecation")
public void cdsResponseWithNewUpstreamTlsContext() {
Assume.assumeTrue(useProtocolV3());
DiscoveryRpcCall call = startResourceWatcher(CDS, CDS_RESOURCE, cdsResourceWatcher);
// Management server sends back CDS response with UpstreamTlsContext.
Any clusterEds = Any.pack(mf.buildEdsCluster(CDS_RESOURCE, "eds-cluster-foo.googleapis.com", "round_robin", null, null, true, mf.buildNewUpstreamTlsContext("cert-instance-name", "cert1"), "envoy.transport_sockets.tls", null));
List<Any> clusters = ImmutableList.of(Any.pack(mf.buildLogicalDnsCluster("cluster-bar.googleapis.com", "dns-service-bar.googleapis.com", 443, "round_robin", null, null, false, null, null)), clusterEds, Any.pack(mf.buildEdsCluster("cluster-baz.googleapis.com", null, "round_robin", null, null, false, null, "envoy.transport_sockets.tls", null)));
call.sendResponse(CDS, clusters, VERSION_1, "0000");
// Client sent an ACK CDS request.
call.verifyRequest(CDS, CDS_RESOURCE, VERSION_1, "0000", NODE);
verify(cdsResourceWatcher, times(1)).onChanged(cdsUpdateCaptor.capture());
CdsUpdate cdsUpdate = cdsUpdateCaptor.getValue();
CertificateProviderPluginInstance certificateProviderInstance = cdsUpdate.upstreamTlsContext().getCommonTlsContext().getValidationContext().getCaCertificateProviderInstance();
assertThat(certificateProviderInstance.getInstanceName()).isEqualTo("cert-instance-name");
assertThat(certificateProviderInstance.getCertificateName()).isEqualTo("cert1");
verifyResourceMetadataAcked(CDS, CDS_RESOURCE, clusterEds, VERSION_1, TIME_INCREMENT);
verifySubscribedResourcesMetadataSizes(0, 1, 0, 0);
}
Also used :
CertificateProviderPluginInstance(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)
CdsUpdate(io.grpc.xds.XdsClient.CdsUpdate)
Any(com.google.protobuf.Any)
Test(org.junit.Test)
Example 2 with CertificateProviderPluginInstance
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance in project grpc-java by grpc.
the class CommonTlsContextTestsUtil method addNewCertificateValidationContext.
private static CommonTlsContext.Builder addNewCertificateValidationContext(CommonTlsContext.Builder builder, String rootInstanceName, String rootCertName, CertificateValidationContext staticCertValidationContext) {
if (rootInstanceName != null) {
CertificateProviderPluginInstance providerInstance = CertificateProviderPluginInstance.newBuilder().setInstanceName(rootInstanceName).setCertificateName(rootCertName).build();
CertificateValidationContext.Builder validationContextBuilder = staticCertValidationContext != null ? staticCertValidationContext.toBuilder() : CertificateValidationContext.newBuilder();
return builder.setValidationContext(validationContextBuilder.setCaCertificateProviderInstance(providerInstance));
}
return builder;
}
Also used :
CertificateProviderPluginInstance(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)
CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)
CombinedCertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext)
Aggregations
CertificateProviderPluginInstance (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)2
Any (com.google.protobuf.Any)1
CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)1
CombinedCertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext)1
CdsUpdate (io.grpc.xds.XdsClient.CdsUpdate)1
Test (org.junit.Test)1
