Examples with UpstreamTlsContext io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext used on opensource projects

Search in sources :

Example 6 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientXdsClientTestBase method cdsResponseWithUpstreamTlsContext.

/**
 * CDS response containing UpstreamTlsContext for a cluster.
 */
@Test
@SuppressWarnings("deprecation")
public void cdsResponseWithUpstreamTlsContext() {
    Assume.assumeTrue(useProtocolV3());
    DiscoveryRpcCall call = startResourceWatcher(CDS, CDS_RESOURCE, cdsResourceWatcher);
    // Management server sends back CDS response with UpstreamTlsContext.
    Any clusterEds = Any.pack(mf.buildEdsCluster(CDS_RESOURCE, "eds-cluster-foo.googleapis.com", "round_robin", null, null, true, mf.buildUpstreamTlsContext("cert-instance-name", "cert1"), "envoy.transport_sockets.tls", null));
    List<Any> clusters = ImmutableList.of(Any.pack(mf.buildLogicalDnsCluster("cluster-bar.googleapis.com", "dns-service-bar.googleapis.com", 443, "round_robin", null, null, false, null, null)), clusterEds, Any.pack(mf.buildEdsCluster("cluster-baz.googleapis.com", null, "round_robin", null, null, false, null, "envoy.transport_sockets.tls", null)));
    call.sendResponse(CDS, clusters, VERSION_1, "0000");
    // Client sent an ACK CDS request.
    call.verifyRequest(CDS, CDS_RESOURCE, VERSION_1, "0000", NODE);
    verify(cdsResourceWatcher, times(1)).onChanged(cdsUpdateCaptor.capture());
    CdsUpdate cdsUpdate = cdsUpdateCaptor.getValue();
    CommonTlsContext.CertificateProviderInstance certificateProviderInstance = cdsUpdate.upstreamTlsContext().getCommonTlsContext().getCombinedValidationContext().getValidationContextCertificateProviderInstance();
    assertThat(certificateProviderInstance.getInstanceName()).isEqualTo("cert-instance-name");
    assertThat(certificateProviderInstance.getCertificateName()).isEqualTo("cert1");
    verifyResourceMetadataAcked(CDS, CDS_RESOURCE, clusterEds, VERSION_1, TIME_INCREMENT);
    verifySubscribedResourcesMetadataSizes(0, 1, 0, 0);
}
Also used : CdsUpdate(io.grpc.xds.XdsClient.CdsUpdate) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Any(com.google.protobuf.Any) Test(org.junit.Test)

Example 7 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientSslContextProviderFactoryTest method createNewCertProviderClientSslContextProvider_onlyRootCert.

@Test
public void createNewCertProviderClientSslContextProvider_onlyRootCert() {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[1];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    CertificateValidationContext staticCertValidationContext = CertificateValidationContext.newBuilder().addAllMatchSubjectAltNames(ImmutableSet.of(StringMatcher.newBuilder().setExact("foo").build(), StringMatcher.newBuilder().setExact("bar").build())).build();
    UpstreamTlsContext upstreamTlsContext = CommonTlsContextTestsUtil.buildNewUpstreamTlsContextForCertProviderInstance(/* certInstanceName= */
    null, /* certName= */
    null, "gcp_id", "root-default", /* alpnProtocols= */
    null, staticCertValidationContext);
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    clientSslContextProviderFactory = new ClientSslContextProviderFactory(bootstrapInfo, certProviderClientSslContextProviderFactory);
    SslContextProvider sslContextProvider = clientSslContextProviderFactory.create(upstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderClientSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) UpstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext) CertProviderClientSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 8 with UpstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext in project grpc-java by grpc.

the class ClientSslContextProviderFactoryTest method createNewCertProviderClientSslContextProvider_withSans.

@Test
public void createNewCertProviderClientSslContextProvider_withSans() {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[2];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "file_watcher", 1);
    CertificateValidationContext staticCertValidationContext = CertificateValidationContext.newBuilder().addAllMatchSubjectAltNames(ImmutableSet.of(StringMatcher.newBuilder().setExact("foo").build(), StringMatcher.newBuilder().setExact("bar").build())).build();
    UpstreamTlsContext upstreamTlsContext = CommonTlsContextTestsUtil.buildNewUpstreamTlsContextForCertProviderInstance("gcp_id", "cert-default", "file_provider", "root-default", /* alpnProtocols= */
    null, staticCertValidationContext);
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    clientSslContextProviderFactory = new ClientSslContextProviderFactory(bootstrapInfo, certProviderClientSslContextProviderFactory);
    SslContextProvider sslContextProvider = clientSslContextProviderFactory.create(upstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderClientSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
    verifyWatcher(sslContextProvider, watcherCaptor[1]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) UpstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext) CertProviderClientSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 UpstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext)5 Bootstrapper (io.grpc.xds.Bootstrapper)4 CertProviderClientSslContextProvider (io.grpc.xds.internal.certprovider.CertProviderClientSslContextProvider)4 CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)3 CommonTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)3 Any (com.google.protobuf.Any)2 CdsUpdate (io.grpc.xds.XdsClient.CdsUpdate)2 CertificateProviderPluginInstance (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)1 UpstreamTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial