envoyproxy/envoy

Proto validation of gRPC runtime credentials

Open

#8,010 创建于 2019年8月22日

在 GitHub 查看
 (0 评论) (0 反应) (0 负责人)C++ (5,373 fork)batch import
enhancementhelp wanted

仓库指标

Star
 (27,997 star)
PR 合并指标
 (平均合并 8天) (30 天内合并 378 个 PR)

描述

In some places, e.g. https://github.com/envoyproxy/envoy/blob/7267542177ef49b33d6dd7b6ae6cdaa4ce2fb9ce/source/extensions/grpc_credentials/file_based_metadata/config.cc#L31, https://github.com/envoyproxy/envoy/blob/7267542177ef49b33d6dd7b6ae6cdaa4ce2fb9ce/source/extensions/grpc_credentials/aws_iam/config.cc#L39, we're explicitly plumbing in a null proto validation visitor, rather than using something derived from server settings. We also, more generally, lack handling of proto validation failure.

In some sense, this is totally fine today, since these are not control plane API and don't use PGV. In principle, it might be useful to have unknown field validation here and PGV support, so opening this issue to track future work here.

贡献者指南