Skip to content

Commit

Permalink
Revert "Wasm sync (envoyproxy#195)"
Browse files Browse the repository at this point in the history
This reverts commit 10bd762.

Signed-off-by: Piotr Sikora <piotrsikora@google.com>
  • Loading branch information
PiotrSikora committed Sep 24, 2019
1 parent 9551eb8 commit 7f892ef
Show file tree
Hide file tree
Showing 1,296 changed files with 7,348 additions and 54,630 deletions.
9 changes: 0 additions & 9 deletions .azure-pipelines/linux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ jobs:
CI_TARGET: 'bazel.gcc'
compile_time_options:
CI_TARGET: 'bazel.compile_time_options'
fuzz:
CI_TARGET: 'bazel.fuzz'
dependsOn: [] # this removes the implicit dependency on previous stage and causes this to run in parallel.
timeoutInMinutes: 360
pool:
Expand Down Expand Up @@ -48,13 +46,6 @@ jobs:
displayName: "Check disk space at end"
condition: always()
- task: PublishTestResults@2
inputs:
testResultsFiles: '**/bazel-out/**/testlogs/**/test.xml'
testRunTitle: '$(CI_TARGET)'
searchFolder: $(Build.StagingDirectory)/tmp
condition: always()

- task: PublishBuildArtifacts@1
inputs:
pathtoPublish: "$(Build.StagingDirectory)/envoy"
Expand Down
32 changes: 12 additions & 20 deletions .bazelrc
Original file line number Diff line number Diff line change
Expand Up @@ -16,36 +16,29 @@ build --experimental_local_memory_estimate
build --experimental_strict_action_env=true
build --host_force_python=PY2
build --action_env=BAZEL_LINKLIBS=-l%:libstdc++.a
build --action_env=BAZEL_LINKOPTS=-lm
build --action_env=BAZEL_LINKOPTS=-lm:-static-libgcc
build --host_javabase=@bazel_tools//tools/jdk:remote_jdk11
build --javabase=@bazel_tools//tools/jdk:remote_jdk11

# We already have absl in the build, define absl=1 to tell googletest to use absl for backtrace.
build --define absl=1

# Pass PATH, CC and CXX variables from the environment.
build --action_env=CC
build --action_env=CXX
build --action_env=PATH

# Common flags for sanitizers
build:sanitizer --define tcmalloc=disabled
build:sanitizer --linkopt -ldl
build:sanitizer --build_tag_filters=-no_san
build:sanitizer --test_tag_filters=-no_san

# Basic ASAN/UBSAN that works for gcc
build:asan --action_env=BAZEL_LINKLIBS=
build:asan --action_env=BAZEL_LINKOPTS=-lstdc++:-lm
build:asan --action_env=ENVOY_ASAN=1
build:asan --config=sanitizer
# ASAN install its signal handler, disable ours so the stacktrace will be printed by ASAN
build:asan --define signal_trace=disabled
build:asan --define ENVOY_CONFIG_ASAN=1
build:asan --copt -fsanitize=address,undefined
build:asan --linkopt -fsanitize=address,undefined
build:asan --copt -fno-sanitize=vptr
build:asan --linkopt -fno-sanitize=vptr
build:asan --linkopt -ldl
build:asan --define tcmalloc=disabled
build:asan --build_tag_filters=-no_asan
build:asan --test_tag_filters=-no_asan
build:asan --define signal_trace=disabled
build:asan --copt -DADDRESS_SANITIZER=1
build:asan --copt -D__SANITIZE_ADDRESS__
build:asan --test_env=ASAN_OPTIONS=handle_abort=1:allow_addr2line=true:check_initialization_order=true:strict_init_order=true:detect_odr_violation=1
Expand All @@ -68,21 +61,22 @@ build:macos-asan --dynamic_mode=off

# Clang TSAN
build:clang-tsan --action_env=ENVOY_TSAN=1
build:clang-tsan --config=sanitizer
build:clang-tsan --define ENVOY_CONFIG_TSAN=1
build:clang-tsan --copt -fsanitize=thread
build:clang-tsan --linkopt -fsanitize=thread
build:clang-tsan --linkopt -fuse-ld=lld
build:clang-tsan --linkopt -static-libsan
build:clang-tsan --define tcmalloc=disabled
# Needed due to https://github.com/libevent/libevent/issues/777
build:clang-tsan --copt -DEVENT__DISABLE_DEBUG_MODE

# Clang MSAN - broken today since we need to rebuild lib[std]c++ and external deps with MSAN
# support (see https://github.com/envoyproxy/envoy/issues/443).
build:clang-msan --action_env=ENVOY_MSAN=1
build:clang-msan --config=sanitizer
build:clang-msan --define ENVOY_CONFIG_MSAN=1
build:clang-msan --copt -fsanitize=memory
build:clang-msan --linkopt -fsanitize=memory
build:clang-msan --define tcmalloc=disabled
build:clang-msan --copt -fsanitize-memory-track-origins=2

# Clang with libc++
Expand Down Expand Up @@ -117,7 +111,6 @@ build:rbe-toolchain-clang-libc++ --extra_toolchains=@rbe_ubuntu_clang_libcxx//co
build:rbe-toolchain-clang-libc++ --action_env=CC=clang --action_env=CXX=clang++ --action_env=PATH=/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/llvm-8/bin
build:rbe-toolchain-clang-libc++ --action_env=CXXFLAGS=-stdlib=libc++
build:rbe-toolchain-clang-libc++ --action_env=LDFLAGS=-stdlib=libc++
build:rbe-toolchain-clang-libc++ --define force_libcpp=enabled

build:rbe-toolchain-gcc --config=rbe-toolchain
build:rbe-toolchain-gcc --crosstool_top=@rbe_ubuntu_gcc//cc:toolchain
Expand All @@ -132,12 +125,13 @@ build:remote --auth_enabled=true
build:remote --experimental_inmemory_jdeps_files
build:remote --experimental_inmemory_dotd_files
build:remote --experimental_remote_download_outputs=toplevel
test:remote --experimental_remote_download_outputs=minimal

build:remote-clang --config=remote
build:remote-clang --config=rbe-toolchain-clang

# Docker sandbox
build:docker-sandbox --experimental_docker_image=envoyproxy/envoy-build@sha256:9236915d10004a35f2439ce4a1c33c1dbb06f95f84c4a4497d4e4f95cdc9e07f
build:docker-sandbox --experimental_docker_image=envoyproxy/envoy-build:8246167b9d238797cbc6c03dccc9e3921c37617d
build:docker-sandbox --spawn_strategy=docker
build:docker-sandbox --strategy=Javac=docker
build:docker-sandbox --strategy=Closure=docker
Expand All @@ -157,6 +151,4 @@ build:remote-ci --remote_executor=grpcs://remotebuildexecution.googleapis.com
build:asan-fuzzer --config=asan
build:asan-fuzzer --define=FUZZING_ENGINE=libfuzzer
build:asan-fuzzer --copt=-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
build:asan-fuzzer --copt=-fsanitize-coverage=trace-pc-guard
# Remove UBSAN halt_on_error to avoid crashing on protobuf errors.
build:asan-fuzzer --test_env=UBSAN_OPTIONS=print_stacktrace=1
build:asan-fuzzer --copt=-fsanitize-coverage=trace-pc-guard
2 changes: 1 addition & 1 deletion .bazelversion
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.29.1
0.28.1
1 change: 0 additions & 1 deletion .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ executors:
ubuntu-build:
description: "A regular build executor based on ubuntu image"
docker:
# NOTE: Update bazel/toolchains/rbe_toolchains_config.bzl with sha256 digest to match the image here.
- image: piotrsikora/envoy:d799827e285e2f4f42f4ecf284ff4cc999f48e35
resource_class: xlarge
working_directory: /source
Expand Down
2 changes: 0 additions & 2 deletions .clang-tidy
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ Checks: 'abseil-*,
bugprone-*,
clang-analyzer-*,
clang-diagnostic-*,
misc-unused-using-decls,
modernize-*,
performance-*,
readability-braces-around-statements,
Expand All @@ -21,7 +20,6 @@ WarningsAsErrors: 'abseil-duration-*,
bugprone-unused-raii,
bugprone-use-after-move,
clang-analyzer-core.DivideZero,
misc-unused-using-decls,
modernize-deprecated-headers,
modernize-loop-convert,
modernize-make-shared,
Expand Down
2 changes: 0 additions & 2 deletions .zuul/playbooks/envoy-build/run.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@
roles:
- role: config-gcc
gcc_version: 7
- role: config-bazel
bazel_version: 0.28.1
tasks:
- name: Build envoy
shell:
Expand Down
6 changes: 1 addition & 5 deletions CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,6 @@ extensions/filters/common/original_src @snowp @klarose
/*/extensions/filters/http/header_to_metadata @rgs1 @zuercher
# alts transport socket extension
/*/extensions/transport_sockets/alts @htuch @yangminzhu
# tls transport socket extension
/*/extensions/transport_sockets/tls @PiotrSikora @lizan
# sni_cluster extension
/*/extensions/filters/network/sni_cluster @rshriram @lizan
# tracers.datadog extension
Expand Down Expand Up @@ -55,9 +53,7 @@ extensions/filters/common/original_src @snowp @klarose
/*/extensions/filters/listener/http_inspector @crazyxy @PiotrSikora @lizan
# attribute context
/*/extensions/filters/common/expr @kyessenov @yangminzhu
# webassembly access logger extensions
# WebAssembly extensions
/*/extensions/access_loggers/wasm @jplevyak @PiotrSikora
# webassembly common extension
/*/extensions/common/wasm @jplevyak @PiotrSikora
# webassembly http extensions
/*/extensions/filters/http/wasm @jplevyak @PiotrSikora
6 changes: 1 addition & 5 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -72,11 +72,7 @@ maximize the chances of your PR being merged.
could convert from the earlier API to the new API. A field may be deprecated
if this tool would be able to perform the conversion. For example, removing a
field to describe HTTP/2 window settings is valid if a more comprehensive
HTTP/2 protocol options field is being introduced to replace it. The PR author
deprecating the old configuration is responsible for updating all tests and
canonical configuration, or guarding them with the DEPRECATED_FEATURE_TEST() macro.
This will be validated by the bazel.compile_time_options target, which will hard-fail when
deprecated configuration is used.
HTTP/2 protocol options field is being introduced to replace it.
* For configuration deprecations that are not covered by the above semantic
replacement policy, any deprecation will only take place after
community consultation on mailing lists, Slack and GitHub, over the period of
Expand Down
3 changes: 0 additions & 3 deletions OWNERS.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,6 @@ routing PRs, questions, etc. to the right place.
* All maintainers
* Piotr Sikora ([PiotrSikora](https://github.com/PiotrSikora)) (piotrsikora@google.com)
* Yan Avlasov ([yanavlasov](https://github.com/yanavlasov)) (yavlasov@google.com)
* Asra Ali ([asraa](https://github.com/asraa)) (asraa@google.com)

# Emeritus maintainers

Expand All @@ -61,5 +60,3 @@ matter expert reviews. Feel free to loop them in as needed.
* Bazel/build.
* Daniel Hochman ([danielhochman](https://github.com/danielhochman)) (dhochman@lyft.com)
* Redis, Python, configuration/operational questions.
* Yuchen Dai ([lambdai](https://github.com/lambdai)) (lambdai@google.com)
* v2 xDS, listeners, filter chain discovery service.
14 changes: 0 additions & 14 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -217,25 +217,11 @@ issue fixed for your respective distribution's users.
Before any information from the list is shared with respective members of your team required to fix
said issue, they must agree to the same terms and only find out information on a need-to-know basis.

We typically expect a single point-of-contact (PoC) at any given legal entity. Within the
organization, it is the responsibility of the PoC to share CVE and related patches internally. This
should be performed on a strictly need-to-know basis with affected groups to the extent that this is
technically plausible. All teams should be aware of the embargo conditions and accept them.
Ultimately, if an organization breaks embargo transitively through such sharing, they will lose
the early disclosure privilege, so it's in their best interest to carefully share information internally,
following best practices and use their judgement in balancing the tradeoff between protecting users
and maintaining confidentiality.

The embargo applies to information shared, source code and binary images. **It is a violation of the
embargo policy to share binary distributions of the security fixes before the public release date.**
This includes, but is not limited to, Envoy binaries and Docker images. It is expected that
distributors have a method to stage and validate new binaries without exposing them publicly.

If the information shared is under embargo from a third party, where Envoy is one of many projects
that a disclosure is shared with, it is critical to consider that the ramifications of any leak will
extend beyond the Envoy community and will leave us in a position in which we will be less likely to
receive embargoed reports in the future.

In the unfortunate event you share the information beyond what is allowed by this policy, you _must_
urgently inform the envoy-security@googlegroups.com mailing list of exactly what information leaked
and to whom. A retrospective will take place after the leak so we can assess how to prevent making the
Expand Down
2 changes: 1 addition & 1 deletion api/CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ API changes are regular PRs in https://github.com/envoyproxy/envoy for the API/c
changes. They may be as part of a larger implementation PR. Please follow the standard Bazel and CI
process for validating build/test sanity of `api/` before submitting a PR.

*Note: New .proto files should be added to
*Note: New .proto files should be also included to [build.sh](https://github.com/envoyproxy/envoy/blob/master/docs/build.sh) and
[BUILD](https://github.com/envoyproxy/envoy/blob/master/api/docs/BUILD) in order to get the RSTs generated.*

## Documentation changes
Expand Down
12 changes: 0 additions & 12 deletions api/bazel/BUILD
Original file line number Diff line number Diff line change
@@ -1,12 +0,0 @@
load("@io_bazel_rules_go//proto:compiler.bzl", "go_proto_compiler")

licenses(["notice"]) # Apache 2

go_proto_compiler(
name = "pgv_plugin_go",
options = ["lang=go"],
plugin = "@com_envoyproxy_protoc_gen_validate//:protoc-gen-validate",
suffix = ".pb.validate.go",
valid_archive = False,
visibility = ["//visibility:public"],
)
Loading

0 comments on commit 7f892ef

Please sign in to comment.