-
Notifications
You must be signed in to change notification settings - Fork 510
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable xDS credentials #424
Conversation
This change should be relatively straightforward. It is a noop outside of the context of xDS (as demonstrated by the fact that the tests all pass), but it enables xDS-provided certificates (i.e. the ones that would be provided/specified in GRPC_XDS_BOOTSTRAP). See proposal [A29](https://github.com/grpc/proposal/blob/master/A29-xds-tls-security.md#go) for additional detail.
This probably needs a rebase. Are you sure that the XDS creds should wrap the errSignalingCreds and not the other way around? The code flow is a little tricky to absorb. |
Let me check |
I think you're right, it's likely best to wrap the final |
Yeah I confirmed that this works! Since |
Waaaait a second. That's definitely not true. |
I had to open another PR to get CI to work, for some reason it's getting stuck on this one. WDYT? |
Why not? This prints |
That one works because you embedded the concrete fooBar, which implements both interfaces. If you change it to this, it doesn't work: https://go.dev/play/p/OyIwdHFyJ3x (I had to rename the interfaces so that the interface names and method names dont clash.) What we're trying to do here is more similar to this example. |
### Summary ### v1.9.1 - Update Dockerfile to use Go v1.21 (fullstorydev/grpcurl#455) - chore: fix some typos in comments (fullstorydev/grpcurl#454) ### v1.9.0 - Use latest protoreflect to fix some bugs (fullstorydev/grpcurl#453) - Brand name update (fullstorydev/grpcurl#452) - Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 (fullstorydev/grpcurl#448) - goreleaser: bump version & add nfmp support fullstorydev/grpcurl#440) - Enable xDS credentials (fullstorydev/grpcurl#424) - Bump github.com/jhump/protoreflect from 1.15.5 to 1.15.6 (fullstorydev/grpcurl#446) - Use localhost for default unix domain socket authority (fullstorydev/grpcurl#445) - Bump github.com/jhump/protoreflect from 1.15.4 to 1.15.5 (fullstorydev/grpcurl#443) - Added initial support for -t flag to show timings (fullstorydev/grpcurl#428) - Expand the documentation of -max-time to clarify this sets the RPC timeout (fullstorydev/grpcurl#435) - Bump github.com/jhump/protoreflect from 1.15.3 to 1.15.4 (fullstorydev/grpcurl#436) - Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (fullstorydev/grpcurl#437) - indent: rip out old go 1.9 support - Bump golang.google.org/grpc to v1.57.1 (fullstorydev/grpcurl#427) - Update Tarball URL used by Homebrew (fullstorydev/grpcurl#421) #### v1.8.9 - Disable CGO for improved compatibility across distros (fullstorydev/grpcurl#420) - Bump golang.org/x/net from 0.9.0 to 0.17.0 (fullstorydev/grpcurl#419) - SIGSEGV: panic: runtime error: invalid memory address or nil pointer dereference in protoreflect (fullstorydev/grpcurl#416) - Added alts credential option (fullstorydev/grpcurl#341) #### v1.8.8 - Update go.mod, goreleaser for v1.8.8 (fullstorydev/grpcurl#413) - Run tests on Go 1.21 (fullstorydev/grpcurl#408) - Update protoreflect v1.15.2 and grpc v1.57.0 (fullstorydev/grpcurl#406) - Use grpc.reflection.v1.ServerReflection (fullstorydev/grpcurl#407) - Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 (fullstorydev/grpcurl#401) - Bump google.golang.org/grpc from 1.55.0 to 1.56.1 (fullstorydev/grpcurl#400) - Fix issues with error details (fullstorydev/grpcurl#379) - fix nil-dereference panic (fullstorydev/grpcurl#395) - Bump google.golang.org/grpc from 1.54.0 to 1.55.0 (fullstorydev/grpcurl#390) - Add "checkgenerate" make target to CI (fullstorydev/grpcurl#385) - Bump google.golang.org/grpc from 1.53.0 to 1.54.0 (fullstorydev/grpcurl#383) - Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 (fullstorydev/grpcurl#378) - Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (fullstorydev/grpcurl#376) - Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 (fullstorydev/grpcurl#375) - Bump github.com/golang/protobuf from 1.5.2 to 1.5.3 (fullstorydev/grpcurl#374) - Bump google.golang.org/grpc from 1.52.3 to 1.53.0 (fullstorydev/grpcurl#370) - Install the CodeSee workflow. Learn more at https://docs.codesee.io (fullstorydev/grpcurl#368) - Bump google.golang.org/grpc from 1.51.0 to 1.52.3 (fullstorydev/grpcurl#365) - Bump github.com/jhump/protoreflect from 1.14.0 to 1.14.1 (fullstorydev/grpcurl#361) - Bump google.golang.org/grpc from 1.50.1 to 1.51.0 (fullstorydev/grpcurl#348) - fix funcname in comment (fullstorydev/grpcurl#346) - Bump github.com/jhump/protoreflect from 1.13.0 to 1.14.0 (fullstorydev/grpcurl#343) - Bump google.golang.org/grpc from 1.50.0 to 1.50.1 (fullstorydev/grpcurl#338) - Bump google.golang.org/grpc from 1.49.0 to 1.50.0 (fullstorydev/grpcurl#336) - Bump github.com/jhump/protoreflect from 1.12.0 to 1.13.0 (fullstorydev/grpcurl#335) - Bump google.golang.org/grpc from 1.48.0 to 1.49.0 (fullstorydev/grpcurl#330) - fixup release process (fullstorydev/grpcurl#328) #### v1.8.7 - Unix sockets for windows - Lots of dependency version updates - Support for Go 1.18 - Add go 1.18 support; set Dockerfile to go 1.18 (fullstorydev/grpcurl#325) - build alpine base image (fullstorydev/grpcurl#311) - fix some typos (fullstorydev/grpcurl#314) - Bump google.golang.org/grpc from 1.47.0 to 1.48.0 (fullstorydev/grpcurl#324) - Adding power(ppc64le) arch support (fullstorydev/grpcurl#296) - Enable support for Unix sockets for Windows by enabling -unix flag for Windows builds. (fullstorydev/grpcurl#317) - Bump google.golang.org/grpc from 1.46.2 to 1.47.0 (fullstorydev/grpcurl#315) - Bump github.com/jhump/protoreflect from 1.10.3 to 1.12.0 (fullstorydev/grpcurl#294) - Bump google.golang.org/grpc from 1.44.0 to 1.46.2 (fullstorydev/grpcurl#310) - Bump google.golang.org/protobuf from 1.27.1 to 1.28.0 (fullstorydev/grpcurl#298) - use newer goreleaser (fullstorydev/grpcurl#293) - Restore support for linux/s390x for the next release. (fullstorydev/grpcurl#292) - Bump google.golang.org/protobuf from 1.26.0 to 1.27.1 (fullstorydev/grpcurl#288) #### v1.8.6 - Some bugs have been addressed in the library used to parse proto source files. Previously grpcurl would accept proto source files that could not actually be compiled with protoc. The converse could also happen: grpcurl could reject some proto source files that could successfully be compiled with protoc. More details can be found in the release notes for the changes to the protoparse library, versions v1.10.2 and v1.10.3. - Some implementations of the server reflection service have been observed to return multiple (even superfluous) file descriptors, in response to requests made by grpcurl. These extra files, if not returned in a particular order, would cause grpcurl to report an error that the service or method to be invoked could be not be resolved. The reflection client in grpcurl is now more robust to this condition and can handle responses with file descriptors in any order, so it should be interoperable with a larger variety of servers. - When a request message includes a field of type google.protobuf.Value and a value for that field that was a JSON array, grpcurl would incorrectly interpret the JSON array as if it were a single atomic value, the last value that was in the array. This has been fixed. - When a response message includes non-printable characters or code points outside the ASCII 7-bit range in the name of a field in a JSON object, it could be improperly encoded with escape characters that are not valid JSON. Standard tools/libraries could then fail to parse the JSON output from grpcurl. This has been fixed. Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com>
This change should be relatively straightforward. It is a noop outside of the context of xDS (as demonstrated by the fact that the tests all pass), but it enables xDS-provided certificates (i.e. the ones that would be provided/specified in GRPC_XDS_BOOTSTRAP). See proposal A29 for additional detail.