Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Log and count unknown proto fields #6818

Closed
mergeconflict opened this issue May 6, 2019 · 6 comments · Fixed by #7857
Closed

Log and count unknown proto fields #6818

mergeconflict opened this issue May 6, 2019 · 6 comments · Fixed by #7857
Assignees
Labels
enhancement Feature requests. Not bugs or questions. no stalebot Disables stalebot from closing an issue
Milestone

Comments

@mergeconflict
Copy link
Member

mergeconflict commented May 6, 2019

Deprecated proto fields are currently logged as a warning or an error in MessageUtil::checkForDeprecation, and counted in SnapshotImpl::deprecatedFeatureEnabled. We should probably do the same thing for unknown proto fields in MessageUtil::checkUnknownFields when not in strict mode.

@alyssawilk alyssawilk added the enhancement Feature requests. Not bugs or questions. label May 6, 2019
@mergeconflict mergeconflict changed the title Log unknown proto fields Log and count unknown proto fields May 6, 2019
@htuch
Copy link
Member

htuch commented May 7, 2019

See also protocolbuffers/protobuf#5967, where we track the necessary work on protobuf side to support this for JSON/YAML. We can only do this for proto configuration files today, which is only a partial solution.

@ramaraochavali
Copy link
Contributor

Would it be useful to add these counts as stats? NBD, but generally it would be difficult search through logs for a fleet of envoys

@htuch
Copy link
Member

htuch commented May 9, 2019

I think both stats and warning-level logs would be good. I agree that we need stats for monitoring to alert on.

@htuch htuch self-assigned this May 24, 2019
@htuch
Copy link
Member

htuch commented May 24, 2019

I think I can address this in the context of #6651

htuch added a commit to htuch/envoy that referenced this issue May 30, 2019
This is the plumbing to support envoyproxy#6651 and envoyproxy#6818, where we remove the global control over message
validation type and put it under the control over a new injectable interface. It's pretty horrible
IMHO that there is this much churn; the closest major context object that we could associate with is
Api, but it's not part of the filter API as such and we will want to later inject different
validators at different points, depending on whether we are reading the static bootstrap or on xDS.

No new behavior should be added in this PR.

Risk level: Low.
Testing: bazel test //test/...

Signed-off-by: Harvey Tuch <htuch@google.com>
htuch added a commit that referenced this issue May 31, 2019
This is the plumbing to support #6651 and #6818, where we remove the global control over message
validation type and put it under the control of a new injectable interface. It's pretty horrible
IMHO that there is this much churn; the closest major context object that we could associate with is
Api.

The main from the new dependency is that we can:

1. Inject different validators, e.g. one for static config when ingesting bootstrap resources, another for xDS.
2. Validation state, so that we can reach back to the server stats for the purpose of tracking unknown fields.
This PR introduces a visitor pattern for the validator and starts to do the threading needed for dependency injection here.

It's possible that we could extend this visitor for deprecated fields in the future to provide finer grained control over these alongside unknown, if there is a use case.

No new behavior should be added in this PR.

Risk level: Low.
Testing: bazel test //test/...

Signed-off-by: Harvey Tuch <htuch@google.com>
@stale
Copy link

stale bot commented Jun 23, 2019

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions.

@stale stale bot added the stale stalebot believes this issue/PR has not been touched recently label Jun 23, 2019
@stale
Copy link

stale bot commented Jun 30, 2019

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted". Thank you for your contributions.

@stale stale bot closed this as completed Jun 30, 2019
@jmarantz jmarantz reopened this Jul 2, 2019
@stale stale bot removed the stale stalebot believes this issue/PR has not been touched recently label Jul 2, 2019
@jmarantz jmarantz added the no stalebot Disables stalebot from closing an issue label Jul 2, 2019
@mattklein123 mattklein123 added this to the 1.12.0 milestone Aug 11, 2019
htuch added a commit that referenced this issue Aug 19, 2019
…/dynamic config. (#7857)

As per #6651, this PR plumbs in CLI options to allow independent control over static/dynamic unknown
field validation.

The defaults are the same for static as today (strict) and for dynamic we are by default permissive.
This permits easy rollout of new API minor versions, including those related to security fixes.

Fixes a regression that occurred in #7200 where strict/permissive checking CLI options were
inverted.

As per #6818, added stats/warning for any unknown fields encountered.

Risk level: Low (strictly more permissive by default)
Testing: additional unit and integration tests added, exercising both permissive/strict checking
over various parts of the API (bootstrap, listeners, clusters, xDS, network filters, etc).

Fixes #6651
Fixed #6818

Signed-off-by: Harvey Tuch <htuch@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Feature requests. Not bugs or questions. no stalebot Disables stalebot from closing an issue
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants