Examples with UpstreamTlsContext io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext used on opensource projects

Search in sources :

Example 1 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateUpstreamTlsContext_noCommonTlsContext.

@Test
public void validateUpstreamTlsContext_noCommonTlsContext() throws ResourceInvalidException {
    UpstreamTlsContext upstreamTlsContext = UpstreamTlsContext.getDefaultInstance();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("common-tls-context is required in upstream-tls-context");
    ClientXdsClient.validateUpstreamTlsContext(upstreamTlsContext, null);
}
Also used : UpstreamTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext) Test(org.junit.Test)

Example 2 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class TlsContextManagerImpl method findOrCreateClientSslContextProvider.

@Override
public SslContextProvider findOrCreateClientSslContextProvider(UpstreamTlsContext upstreamTlsContext) {
    checkNotNull(upstreamTlsContext, "upstreamTlsContext");
    CommonTlsContext.Builder builder = upstreamTlsContext.getCommonTlsContext().toBuilder();
    upstreamTlsContext = new UpstreamTlsContext(builder.build());
    return mapForClients.get(upstreamTlsContext);
}
Also used : UpstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)

Example 3 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientSslContextProviderFactoryTest method bothPresent_expectCertProviderClientSslContextProvider.

@Test
public void bothPresent_expectCertProviderClientSslContextProvider() throws XdsInitializationException {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[1];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    UpstreamTlsContext upstreamTlsContext = CommonTlsContextTestsUtil.buildUpstreamTlsContextForCertProviderInstance("gcp_id", "cert-default", "gcp_id", "root-default", /* alpnProtocols= */
    null, /* staticCertValidationContext= */
    null);
    CommonTlsContext.Builder builder = upstreamTlsContext.getCommonTlsContext().toBuilder();
    builder = addFilenames(builder, "foo.pem", "foo.key", "root.pem");
    upstreamTlsContext = new UpstreamTlsContext(builder.build());
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    clientSslContextProviderFactory = new ClientSslContextProviderFactory(bootstrapInfo, certProviderClientSslContextProviderFactory);
    SslContextProvider sslContextProvider = clientSslContextProviderFactory.create(upstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderClientSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) UpstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext) CertProviderClientSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Example 4 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientSslContextProviderFactoryTest method createCertProviderClientSslContextProvider_withStaticContext.

@Test
public void createCertProviderClientSslContextProvider_withStaticContext() throws XdsInitializationException {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[1];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    CertificateValidationContext staticCertValidationContext = CertificateValidationContext.newBuilder().addAllMatchSubjectAltNames(ImmutableSet.of(StringMatcher.newBuilder().setExact("foo").build(), StringMatcher.newBuilder().setExact("bar").build())).build();
    UpstreamTlsContext upstreamTlsContext = CommonTlsContextTestsUtil.buildUpstreamTlsContextForCertProviderInstance(/* certInstanceName= */
    null, /* certName= */
    null, "gcp_id", "root-default", /* alpnProtocols= */
    null, staticCertValidationContext);
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    clientSslContextProviderFactory = new ClientSslContextProviderFactory(bootstrapInfo, certProviderClientSslContextProviderFactory);
    SslContextProvider sslContextProvider = clientSslContextProviderFactory.create(upstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderClientSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) UpstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext) CertProviderClientSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 5 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientXdsClientTestBase method cdsResponseWithNewUpstreamTlsContext.

/**
 * CDS response containing new UpstreamTlsContext for a cluster.
 */
@Test
@SuppressWarnings("deprecation")
public void cdsResponseWithNewUpstreamTlsContext() {
    Assume.assumeTrue(useProtocolV3());
    DiscoveryRpcCall call = startResourceWatcher(CDS, CDS_RESOURCE, cdsResourceWatcher);
    // Management server sends back CDS response with UpstreamTlsContext.
    Any clusterEds = Any.pack(mf.buildEdsCluster(CDS_RESOURCE, "eds-cluster-foo.googleapis.com", "round_robin", null, null, true, mf.buildNewUpstreamTlsContext("cert-instance-name", "cert1"), "envoy.transport_sockets.tls", null));
    List<Any> clusters = ImmutableList.of(Any.pack(mf.buildLogicalDnsCluster("cluster-bar.googleapis.com", "dns-service-bar.googleapis.com", 443, "round_robin", null, null, false, null, null)), clusterEds, Any.pack(mf.buildEdsCluster("cluster-baz.googleapis.com", null, "round_robin", null, null, false, null, "envoy.transport_sockets.tls", null)));
    call.sendResponse(CDS, clusters, VERSION_1, "0000");
    // Client sent an ACK CDS request.
    call.verifyRequest(CDS, CDS_RESOURCE, VERSION_1, "0000", NODE);
    verify(cdsResourceWatcher, times(1)).onChanged(cdsUpdateCaptor.capture());
    CdsUpdate cdsUpdate = cdsUpdateCaptor.getValue();
    CertificateProviderPluginInstance certificateProviderInstance = cdsUpdate.upstreamTlsContext().getCommonTlsContext().getValidationContext().getCaCertificateProviderInstance();
    assertThat(certificateProviderInstance.getInstanceName()).isEqualTo("cert-instance-name");
    assertThat(certificateProviderInstance.getCertificateName()).isEqualTo("cert1");
    verifyResourceMetadataAcked(CDS, CDS_RESOURCE, clusterEds, VERSION_1, TIME_INCREMENT);
    verifySubscribedResourcesMetadataSizes(0, 1, 0, 0);
}
Also used : CertificateProviderPluginInstance(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance) CdsUpdate(io.grpc.xds.XdsClient.CdsUpdate) Any(com.google.protobuf.Any) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 UpstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext)5 Bootstrapper (io.grpc.xds.Bootstrapper)4 CertProviderClientSslContextProvider (io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider)4 CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)3 CommonTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)3 Any (com.google.protobuf.Any)2 CdsUpdate (io.grpc.xds.XdsClient.CdsUpdate)2 CertificateProviderPluginInstance (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)1 UpstreamTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial