From 051b0ca4b33a39b7b7cdf4cf6d3cdb4bab32e50b Mon Sep 17 00:00:00 2001 From: Rachael Graham Date: Fri, 8 Nov 2024 15:46:44 -0600 Subject: [PATCH] Doc fixes 1.17 (#10269) Co-authored-by: soloio-bulldozer[bot] <48420018+soloio-bulldozer[bot]@users.noreply.github.com> --- .github/workflows/push-docs.yaml | 35 +++- changelog/v1.17.16/doc-fixes.yaml | 5 + .../api/envoy/api/v2/route/route.proto.sk.md | 12 +- .../api/v2/core/health_check.proto.sk.md | 13 +- .../v3/mutation_rules.proto.sk.md | 26 +-- .../envoy/config/core/v3/address.proto.sk.md | 8 +- .../envoy/config/core/v3/base.proto.sk.md | 28 ++-- .../config/core/v3/grpc_service.proto.sk.md | 12 +- .../config/core/v3/health_check.proto.sk.md | 21 ++- .../config/core/v3/proxy_protocol.proto.sk.md | 2 +- .../route/v3/route_components.proto.sk.md | 92 +++++------ .../envoy/config/trace/v3/zipkin.proto.sk.md | 2 +- .../filters/http/csrf/v3/csrf.proto.sk.md | 6 +- .../http/jwt_authn/v3/config.proto.sk.md | 14 +- .../envoy/type/matcher/v3/regex.proto.sk.md | 6 +- .../type/metadata/v3/metadata.proto.sk.md | 4 +- .../type/tracing/v3/custom_tag.proto.sk.md | 6 +- .../api/external/xds/core/v3/cidr.proto.sk.md | 4 +- .../xds/type/matcher/v3/domain.proto.sk.md | 6 +- .../type/matcher/v3/http_inputs.proto.sk.md | 5 +- .../xds/type/matcher/v3/ip.proto.sk.md | 2 +- .../xds/type/matcher/v3/regex.proto.sk.md | 5 +- .../api/v1/core/matchers/matchers.proto.sk.md | 4 +- .../options/extproc/extproc.proto.sk.md | 4 +- .../graphql/v1beta1/graphql.proto.sk.md | 4 +- .../projects/gloo/api/v1/failover.proto.sk.md | 4 +- .../gloo/api/v1/load_balancer.proto.sk.md | 2 +- .../gloo/api/v1/options/als/als.proto.sk.md | 4 +- .../dynamic_forward_proxy.proto.sk.md | 12 +- .../options/grpc_json/grpc_json.proto.sk.md | 14 +- .../v1/options/protocol/protocol.proto.sk.md | 8 +- .../proxy_protocol/proxy_protocol.proto.sk.md | 4 +- .../projects/gloo/api/v1/proxy.proto.sk.md | 2 +- .../projects/gloo/api/v1/upstream.proto.sk.md | 6 +- .../static/content/version_gee_latest.md | 2 +- .../content/static/content/version_gee_n+1.md | 2 +- .../static/content/version_geoss_latest.md | 2 +- .../static/content/version_geoss_n+1.md | 2 +- .../envoy/annotations/deprecation.proto | 2 +- .../envoy/api/v2/core/health_check.proto | 19 +-- .../external/envoy/api/v2/route/route.proto | 24 ++- .../mutation_rules/v3/mutation_rules.proto | 32 ++-- .../envoy/config/core/v3/address.proto | 19 +-- .../external/envoy/config/core/v3/base.proto | 47 +++--- .../envoy/config/core/v3/grpc_service.proto | 16 +- .../envoy/config/core/v3/health_check.proto | 35 ++-- .../envoy/config/core/v3/http_uri.proto | 3 +- .../envoy/config/core/v3/proxy_protocol.proto | 3 +- .../config/route/v3/route_components.proto | 154 +++++++++--------- .../envoy/config/trace/v3/zipkin.proto | 2 +- .../filters/http/buffer/v3/buffer.proto | 2 +- .../filters/http/csrf/v3/csrf.proto | 12 +- .../filters/http/jwt_authn/v3/config.proto | 24 ++- .../filters/http/wasm/v3/wasm.proto | 2 +- .../envoy/type/matcher/v3/regex.proto | 9 +- .../envoy/type/metadata/v3/metadata.proto | 4 +- .../envoy/type/tracing/v3/custom_tag.proto | 6 +- .../gloo/api/external/xds/core/v3/cidr.proto | 4 +- .../xds/data/orca/v3/orca_load_report.proto | 2 +- .../external/xds/type/matcher/v3/domain.proto | 12 +- .../xds/type/matcher/v3/http_inputs.proto | 5 +- .../api/external/xds/type/matcher/v3/ip.proto | 4 +- .../external/xds/type/matcher/v3/regex.proto | 5 +- .../gloo/api/v1/core/matchers/matchers.proto | 5 +- .../enterprise/options/extproc/extproc.proto | 8 +- .../options/graphql/v1beta1/graphql.proto | 4 +- projects/gloo/api/v1/failover.proto | 9 +- projects/gloo/api/v1/load_balancer.proto | 4 +- projects/gloo/api/v1/options/als/als.proto | 6 +- .../dynamic_forward_proxy.proto | 16 +- .../api/v1/options/grpc_json/grpc_json.proto | 45 +++-- .../api/v1/options/protocol/protocol.proto | 9 +- .../proxy_protocol/proxy_protocol.proto | 5 +- projects/gloo/api/v1/proxy.proto | 24 +-- projects/gloo/api/v1/upstream.proto | 6 +- .../envoy/api/v2/core/health_check.pb.go | 19 +-- .../external/envoy/api/v2/route/route.pb.go | 24 ++- .../mutation_rules/v3/mutation_rules.pb.go | 32 ++-- .../envoy/config/core/v3/address.pb.go | 19 +-- .../external/envoy/config/core/v3/base.pb.go | 47 +++--- .../envoy/config/core/v3/grpc_service.pb.go | 16 +- .../envoy/config/core/v3/health_check.pb.go | 31 ++-- .../envoy/config/core/v3/http_uri.pb.go | 3 +- .../envoy/config/core/v3/proxy_protocol.pb.go | 3 +- .../config/route/v3/route_components.pb.go | 154 +++++++++--------- .../envoy/config/trace/v3/zipkin.pb.go | 2 +- .../filters/http/csrf/v3/csrf.pb.go | 10 +- .../filters/http/jwt_authn/v3/config.pb.go | 22 ++- .../envoy/type/matcher/v3/regex.pb.go | 9 +- .../envoy/type/metadata/v3/metadata.pb.go | 4 +- .../envoy/type/tracing/v3/custom_tag.pb.go | 6 +- .../pkg/api/v1/core/matchers/matchers.pb.go | 5 +- .../enterprise/options/extproc/extproc.pb.go | 8 +- .../options/graphql/v1beta1/graphql.pb.go | 4 +- projects/gloo/pkg/api/v1/failover.pb.go | 9 +- projects/gloo/pkg/api/v1/load_balancer.pb.go | 4 +- .../gloo/pkg/api/v1/options/als/als.pb.go | 6 +- .../dynamic_forward_proxy.pb.go | 16 +- .../api/v1/options/grpc_json/grpc_json.pb.go | 43 +++-- .../api/v1/options/protocol/protocol.pb.go | 9 +- .../proxy_protocol/proxy_protocol.pb.go | 5 +- projects/gloo/pkg/api/v1/proxy.pb.go | 24 +-- projects/gloo/pkg/api/v1/upstream.pb.go | 6 +- 103 files changed, 753 insertions(+), 765 deletions(-) create mode 100644 changelog/v1.17.16/doc-fixes.yaml diff --git a/.github/workflows/push-docs.yaml b/.github/workflows/push-docs.yaml index be9046593e0..e3fc45c56f1 100644 --- a/.github/workflows/push-docs.yaml +++ b/.github/workflows/push-docs.yaml @@ -158,4 +158,37 @@ jobs: --base main \ --head ${{ steps.create-branch.outputs.branch }} \ --reviewer solo-io/solo-docs - popd || exit 1 \ No newline at end of file + popd || exit 1 + + slack-notification: + runs-on: ubuntu-latest + needs: + - copy-docs + steps: + - name: Notify on workflow success + if: | + needs.copy-docs.result == 'success' + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} + run: | + MESSAGE="✅ *Success:* Automated copy of reference docs for ${{ steps.version-variables.outputs.minor }} was successful. " + + curl \ + -d "text=$MESSAGE" \ + -d "channel=doctopus-tests" \ + -d "token=${SLACK_BOT_TOKEN}" \ + -X POST https://slack.com/api/chat.postMessage + - name: Notify on workflow failure + if: | + needs.copy-docs.result == 'failure' + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} + run: | + JOB_URL=https://github.com/solo-io/gloo/actions/runs/${GITHUB_RUN_ID} + MESSAGE="❌ *Failure:* Automated copy of reference docs for ${{ steps.version-variables.outputs.minor }} failed. <${JOB_URL}|Review the workflow failure>" + + curl \ + -d "text=$MESSAGE" \ + -d "channel=doctopus-tests" \ + -d "token=${SLACK_BOT_TOKEN}" \ + -X POST https://slack.com/api/chat.postMessage \ No newline at end of file diff --git a/changelog/v1.17.16/doc-fixes.yaml b/changelog/v1.17.16/doc-fixes.yaml new file mode 100644 index 00000000000..3d2c72a6c40 --- /dev/null +++ b/changelog/v1.17.16/doc-fixes.yaml @@ -0,0 +1,5 @@ +changelog: + - type: NON_USER_FACING + description: >- + Weekly doc fixes, including API proto doc format changes and an update to the copy-docs workflow. + skipCI-kube-tests:true \ No newline at end of file diff --git a/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md b/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md index 2ec2492b224..519775ec9ae 100644 --- a/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md +++ b/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md @@ -93,7 +93,7 @@ upstream cluster to route to or whether to perform a redirect. | Field | Type | Description | | ----- | ---- | ----------- | | `name` | `string` | The logical name of the virtual host. This is used when emitting certain statistics but is not relevant for routing. | -| `domains` | `[]string` | A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the suffix or prefix form. Domain search order: 1. Exact domain names: ``www.foo.com``. 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. 4. Special wildcard ``*`` matching any domain. The wildcard will not match the empty string. e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. The longest wildcards match first. Only a single virtual host in the entire route configuration can match on ``*``. A domain must be unique across all virtual hosts or the config will fail to load. | +| `domains` | `[]string` | A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the suffix or prefix form. Domain search order: 1. Exact domain names: `www.foo.com`. 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. 3. Prefix domain wildcards: `foo.*` or `foo-*`. 4. Special wildcard `*` matching any domain. The wildcard will not match the empty string. e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. The longest wildcards match first. Only a single virtual host in the entire route configuration can match on `*`. A domain must be unique across all virtual hosts or the config will fail to load. | | `routes` | [[]solo.io.envoy.api.v2.route.Route](../route.proto.sk/#route) | The list of routes that will be matched, in order, for incoming requests. The first route that matches will be used. | | `requireTls` | [.solo.io.envoy.api.v2.route.VirtualHost.TlsRequirementType](../route.proto.sk/#tlsrequirementtype) | Specifies the type of TLS enforcement the virtual host expects. If this option is not specified, there is no TLS requirement for the virtual host. | | `virtualClusters` | [[]solo.io.envoy.api.v2.route.VirtualCluster](../route.proto.sk/#virtualcluster) | A list of virtual clusters defined for this virtual host. Virtual clusters are used for additional statistics gathering. | @@ -257,7 +257,7 @@ weights. | ----- | ---- | ----------- | | `prefix` | `string` | If specified, the route is a prefix rule meaning that the prefix must match the beginning of the *:path* header. Only one of `prefix`, `path`, `regex`, or `connectMatcher` can be set. | | `path` | `string` | If specified, the route is an exact path rule meaning that the path must exactly match the *:path* header once the query string is removed. Only one of `path`, `prefix`, `regex`, or `connectMatcher` can be set. | -| `regex` | `string` | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a subsequence of the *:path* header matches the regex. The regex grammar is defined `here `_. Examples: * The regex */b[io]t* matches the path */bit* * The regex */b[io]t* matches the path */bot* * The regex */b[io]t* does not match the path */bite* * The regex */b[io]t* does not match the path */bit/bot*. Only one of `regex`, `prefix`, `path`, or `connectMatcher` can be set. | +| `regex` | `string` | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a subsequence of the *:path* header matches the regex. The regex grammar is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). Examples: * The regex */b[io]t* matches the path */bit* * The regex */b[io]t* matches the path */bot* * The regex */b[io]t* does not match the path */bite* * The regex */b[io]t* does not match the path */bit/bot*. Only one of `regex`, `prefix`, `path`, or `connectMatcher` can be set. | | `connectMatcher` | [.solo.io.envoy.api.v2.route.RouteMatch.ConnectMatcher](../route.proto.sk/#connectmatcher) | If this is used as the matcher, the matcher will only match CONNECT requests. Note that this will not match HTTP/2 upgrade-style CONNECT requests (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style upgrades. This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, where CONNECT requests may have a path, the path matchers will work if there is a path present. Note that CONNECT support is currently considered alpha in Envoy. Only one of `connectMatcher`, `prefix`, `path`, or `regex` can be set. | | `caseSensitive` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that prefix/path matching should be case insensitive. The default is true. | | `runtimeFraction` | [.solo.io.envoy.api.v2.core.RuntimeFractionalPercent](../../../../../github.com/solo-io/solo-kit/api/external/envoy/api/v2/core/base.proto.sk/#runtimefractionalpercent) | Indicates that the route should additionally match on a runtime key. Every time the route is considered for a match, it must also fall under the percentage of matches indicated by this field. For some fraction N/D, a random number in the range [0,D) is selected. If the number is <= the value of the numerator N, or if the key is not present, the default value, the router continues to evaluate the remaining match criteria. A runtime_fraction route configuration can be used to roll out route changes in a gradual manner without full code/config deploys. Refer to the `traffic shifting (config_http_conn_man_route_table_traffic_splitting_shift)` docs for additional documentation. Parsing this field is implemented such that the runtime key's data may be represented as a FractionalPercent proto represented as JSON/YAML and may also be represented as an integer with the assumption that the value is an integral percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. | @@ -385,7 +385,7 @@ weights. | `includeVhRateLimits` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies if the rate limit filter should include the virtual host rate limits. By default, if the route configured rate limits, the virtual host `rate_limits (envoy_api_field_route.VirtualHost.rate_limits)` are not applied to the request. | | `hashPolicy` | [[]solo.io.envoy.api.v2.route.RouteAction.HashPolicy](../route.proto.sk/#hashpolicy) | Specifies a list of hash policies to use for ring hash load balancing. Each hash policy is evaluated individually and the combined result is used to route the request. The method of combination is deterministic such that identical lists of hash policies will produce the same hash. Since a hash policy examines specific parts of a request, it can fail to produce a hash (i.e. if the hashed header is not present). If (and only if) all configured hash policies fail to generate a hash, no hash will be produced for the route. In this case, the behavior is the same as if no hash policies were specified (i.e. the ring hash load balancer will choose a random backend). If a hash policy has the "terminal" attribute set to true, and there is already a hash generated, the hash is returned immediately, ignoring the rest of the hash policy list. | | `cors` | [.solo.io.envoy.api.v2.route.CorsPolicy](../route.proto.sk/#corspolicy) | Indicates that the route has a CORS policy. | -| `maxGrpcTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, and the request is a gRPC request, use the `grpc-timeout header `_, or its default value (infinity) instead of `timeout (envoy_api_field_route.RouteAction.timeout)`, but limit the applied timeout to the maximum value specified here. If configured as 0, the maximum allowed timeout for gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used and gRPC requests time out like any other requests using `timeout (envoy_api_field_route.RouteAction.timeout)` or its default. This can be used to prevent unexpected upstream request timeouts due to potentially long time gaps between gRPC request and response in gRPC streaming mode. | +| `maxGrpcTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, and the request is a gRPC request, use the [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), or its default value (infinity) instead of `timeout (envoy_api_field_route.RouteAction.timeout)`, but limit the applied timeout to the maximum value specified here. If configured as 0, the maximum allowed timeout for gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used and gRPC requests time out like any other requests using `timeout (envoy_api_field_route.RouteAction.timeout)` or its default. This can be used to prevent unexpected upstream request timeouts due to potentially long time gaps between gRPC request and response in gRPC streaming mode. | | `grpcTimeoutOffset` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting the provided duration from the header. This is useful in allowing Envoy to set its global timeout to be less than that of the deadline imposed by the calling client, which makes it more likely that Envoy will handle the timeout instead of having the call canceled by the client. The offset will only be applied if the provided grpc_timeout is greater than the offset. This ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning infinity). | | `upgradeConfigs` | [[]solo.io.envoy.api.v2.route.RouteAction.UpgradeConfig](../route.proto.sk/#upgradeconfig) | | | `internalRedirectAction` | [.solo.io.envoy.api.v2.route.RouteAction.InternalRedirectAction](../route.proto.sk/#internalredirectaction) | | @@ -817,7 +817,7 @@ Documentation for `virtual cluster statistics (config_http_filters_router_stats) | Field | Type | Description | | ----- | ---- | ----------- | -| `pattern` | `string` | Specifies a regex pattern to use for matching requests. The entire path of the request must match the regex. The regex grammar used is defined `here `_. Examples: * The regex */rides/\d+* matches the path */rides/0* * The regex */rides/\d+* matches the path */rides/123* * The regex */rides/\d+* does not match the path */rides/123/456*. | +| `pattern` | `string` | Specifies a regex pattern to use for matching requests. The entire path of the request must match the regex. The regex grammar used is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). Examples: * The regex */rides/\d+* matches the path */rides/0* * The regex */rides/\d+* matches the path */rides/123* * The regex */rides/\d+* does not match the path */rides/123/456*. | | `name` | `string` | Specifies the name of the virtual cluster. The virtual cluster name as well as the virtual host name are used when emitting statistics. The statistics are emitted by the router filter and are documented `here (config_http_filters_router_stats)`. | | `method` | [.solo.io.envoy.api.v2.core.RequestMethod](../../../../../github.com/solo-io/solo-kit/api/external/envoy/api/v2/core/base.proto.sk/#requestmethod) | Optionally specifies the HTTP method to match on. For example GET, PUT, etc. https://github.com/lyft/protoc-gen-validate/issues/42 is resolved.]. | @@ -883,7 +883,7 @@ The following descriptor entry is appended to the descriptor: ("source_cluster", "") ``` - is derived from the :option:`--service-cluster` option. + is derived from the `--service-cluster` option. ```yaml @@ -1059,7 +1059,7 @@ Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HT | ----- | ---- | ----------- | | `name` | `string` | Specifies the name of the header in the request. | | `exactMatch` | `string` | If specified, header match will be performed based on the value of the header. Only one of `exactMatch`, `regexMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `regexMatch` | `string` | If specified, this regex string is a regular expression rule which implies the entire request header value must match the regex. The rule will not match if only a subsequence of the request header value matches the regex. The regex grammar used in the value field is defined `here `_. Examples: * The regex *\d{3}* matches the value *123* * The regex *\d{3}* does not match the value *1234* * The regex *\d{3}* does not match the value *123.456*. Only one of `regexMatch`, `exactMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | +| `regexMatch` | `string` | If specified, this regex string is a regular expression rule which implies the entire request header value must match the regex. The rule will not match if only a subsequence of the request header value matches the regex. The regex grammar used in the value field is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). Examples: * The regex *\d{3}* matches the value *123* * The regex *\d{3}* does not match the value *1234* * The regex *\d{3}* does not match the value *123.456*. Only one of `regexMatch`, `exactMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `rangeMatch` | [.solo.io.envoy.type.Int64Range](../../../../../github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto.sk/#int64range) | If specified, header match will be performed based on range. The rule will match if the request header value is within this range. The entire request header value must represent an integer in base 10 notation: consisting of an optional plus or minus sign followed by a sequence of digits. The rule will not match if the header value does not represent an integer. Match will fail for empty values, floating point numbers or if only a subsequence of the header value is an integer. Examples: * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, "-1somestring". Only one of `rangeMatch`, `exactMatch`, `regexMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `presentMatch` | `bool` | If specified, header match will be performed based on whether the header is in the request. Only one of `presentMatch`, `exactMatch`, `regexMatch`, `rangeMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `prefixMatch` | `string` | If specified, header match will be performed based on the prefix of the header value. Note: empty prefix is not allowed, please use present_match instead. Examples: * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. Only one of `prefixMatch`, `exactMatch`, `regexMatch`, `rangeMatch`, `presentMatch`, or `suffixMatch` can be set. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md index 1a28eef2634..da672fa11a1 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md @@ -133,7 +133,7 @@ Describes the encoding of the payload bytes in the payload. | `useHttp2` | `bool` | If set, health checks will be made using http/2. | | `expectedStatuses` | [[]solo.io.envoy.type.Int64Range](../../../../type/range.proto.sk/#int64range) | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of `Int64Range (envoy_api_msg_type.Int64Range)`. | | `responseAssertions` | [.advancedhttp.options.gloo.solo.io.ResponseAssertions](../../../../../../v1/options/advanced_http/advanced_http.proto.sk/#responseassertions) | (Enterprise Only): If defined, the response health check rules take precedence over the http `expected_statuses`. | -| `method` | [.solo.io.envoy.config.core.v3.RequestMethod](../../../../config/core/v3/base.proto.sk/#requestmethod) | HTTP Method that will be used for health checking, default is "GET". GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported. CONNECT method is disallowed because it is not appropriate for health check request. If a non-200 response is expected by the method, it needs to be set in :ref:`expected_statuses `. | +| `method` | [.solo.io.envoy.config.core.v3.RequestMethod](../../../../config/core/v3/base.proto.sk/#requestmethod) | HTTP Method that will be used for health checking, default is "GET". GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported. CONNECT method is disallowed because it is not appropriate for health check request. If a non-200 response is expected by the method, it needs to be set in expected_statuses. | @@ -169,7 +169,7 @@ Describes the encoding of the payload bytes in the payload. | Field | Type | Description | | ----- | ---- | ----------- | -| `key` | `string` | If set, optionally perform ``EXISTS `` instead of ``PING``. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | +| `key` | `string` | If set, optionally perform `EXISTS ` instead of `PING`. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | @@ -178,9 +178,8 @@ Describes the encoding of the payload bytes in the payload. ### GrpcHealthCheck -`grpc.health.v1.Health -`_-based -healthcheck. See `gRPC doc `_ +[grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based +healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for details. ```yaml @@ -192,7 +191,7 @@ for details. | Field | Type | Description | | ----- | ---- | ----------- | -| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in `grpc.health.v1.HealthCheckRequest `_. message. See `gRPC health-checking overview `_ for more information. | +| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20) message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. | | `authority` | `string` | The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. | | `initialMetadata` | [[]solo.io.envoy.api.v2.core.HeaderValueOption](../../../../../../../../../../solo-kit/api/external/envoy/api/v2/core/base.proto.sk/#headervalueoption) | Specifies a list of key-value pairs that should be added to the metadata of each GRPC call that is sent to the health checked cluster. | @@ -230,7 +229,7 @@ Description: Endpoint health status. | UNKNOWN | The health status is not known. This is interpreted by Envoy as *HEALTHY*. | | HEALTHY | Healthy. | | UNHEALTHY | Unhealthy. | -| DRAINING | Connection draining in progress. E.g., ``_ or ``_. This is interpreted by Envoy as *UNHEALTHY*. | +| DRAINING | Connection draining in progress. E.g., https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ or https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. This is interpreted by Envoy as *UNHEALTHY*. | | TIMEOUT | Health check timed out. This is part of HDS and is interpreted by Envoy as *UNHEALTHY*. | | DEGRADED | Degraded. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md index 7376117f535..0479a5be108 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md @@ -40,22 +40,22 @@ any header except for an "Envoy internal" header (which is typically denoted by an x-envoy prefix) or specific headers that may affect further filter processing: -* ``host`` -* ``:authority`` -* ``:scheme`` -* ``:method`` +* `host` +* `:authority` +* `:scheme` +* `:method` Every attempt to add, change, append, or remove a header will be tested against the rules here. Disallowed header mutations will be -ignored unless ``disallow_is_error`` is set to true. +ignored unless `disallow_is_error` is set to true. Attempts to remove headers are further constrained -- regardless of the -settings, system-defined headers (that start with ``:``) and the ``host`` +settings, system-defined headers (that start with `:`) and the `host` header may never be removed. In addition, a counter will be incremented whenever a mutation is rejected. In the ext_proc filter, that counter is named -``rejected_header_mutations``. +`rejected_header_mutations`. [#next-free-field: 8] ```yaml @@ -71,13 +71,13 @@ rejected. In the ext_proc filter, that counter is named | Field | Type | Description | | ----- | ---- | ----------- | -| `allowAllRouting` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | By default, certain headers that could affect processing of subsequent filters or request routing cannot be modified. These headers are ``host``, ``:authority``, ``:scheme``, and ``:method``. Setting this parameter to true allows these headers to be modified as well. | -| `allowEnvoy` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, allow modification of envoy internal headers. By default, these start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration using the :ref:`header_prefix ` field. Default is false. | -| `disallowSystem` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modification of any system header, defined as a header that starts with a ``:`` character, regardless of any other settings. A processing server may still override the ``:status`` of an HTTP response using an ``ImmediateResponse`` message. Default is false. | -| `disallowAll` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modifications of all header values, regardless of any other settings. A processing server may still override the ``:status`` of an HTTP response using an ``ImmediateResponse`` message. Default is false. | -| `allowExpression` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If set, specifically allow any header that matches this regular expression. This overrides all other settings except for ``disallow_expression``. | +| `allowAllRouting` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | By default, certain headers that could affect processing of subsequent filters or request routing cannot be modified. These headers are `host`, `:authority`, `:scheme`, and `:method`. Setting this parameter to true allows these headers to be modified as well. | +| `allowEnvoy` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, allow modification of envoy internal headers. By default, these start with `x-envoy` but this may be overridden in the `Bootstrap` configuration using the :ref:`header_prefix ` field. Default is false. | +| `disallowSystem` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modification of any system header, defined as a header that starts with a `:` character, regardless of any other settings. A processing server may still override the `:status` of an HTTP response using an `ImmediateResponse` message. Default is false. | +| `disallowAll` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modifications of all header values, regardless of any other settings. A processing server may still override the `:status` of an HTTP response using an `ImmediateResponse` message. Default is false. | +| `allowExpression` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If set, specifically allow any header that matches this regular expression. This overrides all other settings except for `disallow_expression`. | | `disallowExpression` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If set, specifically disallow any header that matches this regular expression regardless of any other settings. | -| `disallowIsError` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, and if the rules in this list cause a header mutation to be disallowed, then the filter using this configuration will terminate the request with a 500 error. In addition, regardless of the setting of this parameter, any attempt to set, add, or modify a disallowed header will cause the ``rejected_header_mutations`` counter to be incremented. Default is false. | +| `disallowIsError` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, and if the rules in this list cause a header mutation to be disallowed, then the filter using this configuration will terminate the request with a 500 error. In addition, regardless of the setting of this parameter, any attempt to set, add, or modify a disallowed header will cause the `rejected_header_mutations` counter to be incremented. Default is false. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md index cb0b11a6baf..5c2b4de3304 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md @@ -66,11 +66,11 @@ weight: 5 | Field | Type | Description | | ----- | ---- | ----------- | | `protocol` | [.solo.io.envoy.config.core.v3.SocketAddress.Protocol](../address.proto.sk/#protocol) | | -| `address` | `string` | The address for this socket. :ref:`Listeners ` will bind to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: It is possible to distinguish a Listener address via the prefix/suffix matching in :ref:`FilterChainMatch `.] When used within an upstream :ref:`BindConfig `, the address controls the source address of outbound connections. For :ref:`clusters `, the cluster type determines whether the address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized via :ref:`resolver_name `. | +| `address` | `string` | The address for this socket. Listeners will bind to the address. An empty address is not allowed. Specify `0.0.0.0` or `::` to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: It is possible to distinguish a Listener address via the prefix/suffix matching in FilterChainMatch.] When used within an upstream BindConfig, the address controls the source address of outbound connections. For :ref:`clusters `, the cluster type determines whether the address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized via resolver_name. | | `portValue` | `int` | Only one of `portValue` or `namedPort` can be set. | | `namedPort` | `string` | This is only valid if :ref:`resolver_name ` is specified below and the named resolver is capable of named port resolution. Only one of `namedPort` or `portValue` can be set. | | `resolverName` | `string` | The name of the custom resolver. This must have been registered with Envoy. If this is empty, a context dependent default applies. If the address is a concrete IP address, no resolution will occur. If address is a hostname this should be set for resolution other than DNS. Specifying a custom resolver with *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. | -| `ipv4Compat` | `bool` | When binding to an IPv6 address above, this enables `IPv4 compatibility `_. Binding to ``::`` will allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into IPv6 space as ``::FFFF:``. | +| `ipv4Compat` | `bool` | When binding to an IPv6 address above, this enables [IPv4 compatibility](https://datatracker.ietf.org/doc/html/rfc3493#page-11). Binding to `::` will allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into IPv6 space as `::FFFF:`. | @@ -157,7 +157,7 @@ management servers. CidrRange specifies an IP Address and a prefix length to construct -the subnet mask for a `CIDR `_ range. +the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. ```yaml "addressPrefix": string @@ -167,7 +167,7 @@ the subnet mask for a `CIDR `_ ra | Field | Type | Description | | ----- | ---- | ----------- | -| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. | +| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. | | `prefixLen` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Length of prefix, e.g. 0, 32. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md index 9113e25b5f2..07c4318d076 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md @@ -63,8 +63,8 @@ Identifies location of where either Envoy runs or where upstream hosts run. | Field | Type | Description | | ----- | ---- | ----------- | -| `region` | `string` | Region this :ref:`zone ` belongs to. | -| `zone` | `string` | Defines the local service zone where Envoy is running. Though optional, it should be set if discovery service routing is used and the discovery service exposes :ref:`zone data `, either in this message or via :option:`--service-zone`. The meaning of zone is context dependent, e.g. `Availability Zone (AZ) `_ on AWS, `Zone `_ on GCP, etc. | +| `region` | `string` | Region this zone belongs to. | +| `zone` | `string` | Defines the local service zone where Envoy is running. Though optional, it should be set if discovery service routing is used and the discovery service exposes zone data, either in this message or via `--service-zone`. The meaning of zone is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on GCP, etc. | | `subZone` | `string` | When used for locality of upstream hosts, this field further splits zone into smaller chunks of sub-zones so they can be load balanced independently. | @@ -143,16 +143,16 @@ configuration for serving. | Field | Type | Description | | ----- | ---- | ----------- | -| `id` | `string` | An opaque node identifier for the Envoy node. This also provides the local service node name. It should be set if any of the following features are used: :ref:`statsd `, :ref:`CDS `, and :ref:`HTTP tracing `, either in this message or via :option:`--service-node`. | -| `cluster` | `string` | Defines the local service cluster name where Envoy is running. Though optional, it should be set if any of the following features are used: :ref:`statsd `, :ref:`health check cluster verification `, :ref:`runtime override directory `, :ref:`user agent addition `, :ref:`HTTP global rate limiting `, :ref:`CDS `, and :ref:`HTTP tracing `, either in this message or via :option:`--service-cluster`. | +| `id` | `string` | An opaque node identifier for the Envoy node. This also provides the local service node name. It should be set if any of the following features are used: statsd, :ref:`CDS `, and :ref:`HTTP tracing `, either in this message or via `--service-node`. | +| `cluster` | `string` | Defines the local service cluster name where Envoy is running. Though optional, it should be set if any of the following features are used: statsd, :ref:`health check cluster verification `, runtime override directory, :ref:`user agent addition `, HTTP global rate limiting, CDS, and :ref:`HTTP tracing `, either in this message or via `--service-cluster`. | | `metadata` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Opaque metadata extending the node identifier. Envoy will pass this directly to the management server. | | `locality` | [.solo.io.envoy.config.core.v3.Locality](../base.proto.sk/#locality) | Locality specifying where the Envoy instance is running. | | `userAgentName` | `string` | Free-form string that identifies the entity requesting config. E.g. "envoy" or "grpc". | | `userAgentVersion` | `string` | Free-form string that identifies the version of the entity requesting config. E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild". Only one of `userAgentVersion` or `userAgentBuildVersion` can be set. | | `userAgentBuildVersion` | [.solo.io.envoy.config.core.v3.BuildVersion](../base.proto.sk/#buildversion) | Structured version of the entity requesting config. Only one of `userAgentBuildVersion` or `userAgentVersion` can be set. | | `extensions` | [[]solo.io.envoy.config.core.v3.Extension](../base.proto.sk/#extension) | List of extensions and their versions supported by the node. | -| `clientFeatures` | `[]string` | Client feature support list. These are well known features described in the Envoy API repository for a given major version of an API. Client features use reverse DNS naming scheme, for example `com.acme.feature`. See :ref:`the list of features ` that xDS client may support. | -| `listeningAddresses` | [[]solo.io.envoy.config.core.v3.Address](../address.proto.sk/#address) | Known listening ports on the node as a generic hint to the management server for filtering :ref:`listeners ` to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. | +| `clientFeatures` | `[]string` | Client feature support list. These are well known features described in the Envoy API repository for a given major version of an API. Client features use reverse DNS naming scheme, for example `com.acme.feature`. See the list of features that xDS client may support. | +| `listeningAddresses` | [[]solo.io.envoy.config.core.v3.Address](../address.proto.sk/#address) | Known listening ports on the node as a generic hint to the management server for filtering listeners to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. | @@ -179,7 +179,7 @@ Endpoints have a Metadata object associated and routes contain a Metadata object to match against. There are some well defined metadata used today for this purpose: -* ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an +* `{"envoy.lb": {"canary": }}` This indicates the canary status of an endpoint and is also used during header processing (x-envoy-upstream-canary) and for stats purposes. [#next-major-version: move to type/metadata/v2] @@ -251,7 +251,7 @@ Runtime derived bool with a default when not specified. | Field | Type | Description | | ----- | ---- | ----------- | | `defaultValue` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Default value if runtime value is not available. | -| `runtimeKey` | `string` | Runtime key to get value for comparison. This value is used if defined. The boolean value must be represented via its `canonical JSON encoding `_. | +| `runtimeKey` | `string` | Runtime key to get value for comparison. This value is used if defined. The boolean value must be represented via its [canonical JSON encoding](https://developers.google.com/protocol-buffers/docs/proto3#json). | @@ -271,7 +271,7 @@ Header name/value pair. | Field | Type | Description | | ----- | ---- | ----------- | | `key` | `string` | Header name. | -| `value` | `string` | Header value. The same :ref:`format specifier ` as used for :ref:`HTTP access logging ` applies here, however unknown header values are replaced with the empty string instead of `-`. | +| `value` | `string` | Header value. The same format specifier as used for HTTP access logging applies here, however unknown header values are replaced with the empty string instead of `-`. | @@ -350,7 +350,7 @@ The message specifies the retry policy of remote data source when fetching fails | Field | Type | Description | | ----- | ---- | ----------- | -| `retryBackOff` | [.solo.io.envoy.config.core.v3.BackoffStrategy](../backoff.proto.sk/#backoffstrategy) | Specifies parameters that control :ref:`retry backoff strategy `. This parameter is optional, in which case the default base interval is 1000 milliseconds. The default maximum interval is 10 times the base interval. | +| `retryBackOff` | [.solo.io.envoy.config.core.v3.BackoffStrategy](../backoff.proto.sk/#backoffstrategy) | Specifies parameters that control retry backoff strategy. This parameter is optional, in which case the default base interval is 1000 milliseconds. The default maximum interval is 10 times the base interval. | | `numRetries` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the allowed number of retries. This parameter is optional and defaults to 1. | @@ -402,8 +402,8 @@ Async data source which support async data fetch. ### TransportSocket -Configuration for transport socket in :ref:`listeners ` and -:ref:`clusters `. If the configuration is +Configuration for transport socket in listeners and +clusters. If the configuration is empty, a default transport socket implementation and configuration will be chosen based on the platform and existence of tls_context. @@ -428,10 +428,10 @@ chosen based on the platform and existence of tls_context. Runtime derived FractionalPercent with defaults for when the numerator or denominator is not specified via a runtime key. -.. note:: +**Note**: Parsing of the runtime key's data is implemented such that it may be represented as a - :ref:`FractionalPercent ` proto represented as JSON/YAML + FractionalPercent proto represented as JSON/YAML and may also be represented as an integer with the assumption that the value is an integral percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md index bac662558e7..20d42bdebfe 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md @@ -53,9 +53,9 @@ gRPC service configuration. This is used by :ref:`ApiConfigSource | Field | Type | Description | | ----- | ---- | ----------- | | `envoyGrpc` | [.solo.io.envoy.config.core.v3.GrpcService.EnvoyGrpc](../grpc_service.proto.sk/#envoygrpc) | Envoy's in-built gRPC client. See the :ref:`gRPC services overview ` documentation for discussion on gRPC client selection. Only one of `envoyGrpc` or `googleGrpc` can be set. | -| `googleGrpc` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc](../grpc_service.proto.sk/#googlegrpc) | `Google C++ gRPC client `_ See the :ref:`gRPC services overview ` documentation for discussion on gRPC client selection. Only one of `googleGrpc` or `envoyGrpc` can be set. | +| `googleGrpc` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc](../grpc_service.proto.sk/#googlegrpc) | [Google C++ gRPC client](https://github.com/grpc/grpc) See the :ref:`gRPC services overview ` documentation for discussion on gRPC client selection. Only one of `googleGrpc` or `envoyGrpc` can be set. | | `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The timeout for the gRPC request. This is the timeout for a specific request. | -| `initialMetadata` | [[]solo.io.envoy.config.core.v3.HeaderValue](../base.proto.sk/#headervalue) | Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. ``x-foo-bar: baz-key``) are to be injected. | +| `initialMetadata` | [[]solo.io.envoy.config.core.v3.HeaderValue](../base.proto.sk/#headervalue) | Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. `x-foo-bar: baz-key`) are to be injected. | @@ -74,8 +74,8 @@ gRPC service configuration. This is used by :ref:`ApiConfigSource | Field | Type | Description | | ----- | ---- | ----------- | -| `clusterName` | `string` | The name of the upstream gRPC cluster. SSL credentials will be supplied in the :ref:`Cluster ` :ref:`transport_socket `. | -| `authority` | `string` | The ``:authority`` header in the grpc request. If this field is not set, the authority header value will be ``cluster_name``. Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. | +| `clusterName` | `string` | The name of the upstream gRPC cluster. SSL credentials will be supplied in the Cluster :ref:`transport_socket `. | +| `authority` | `string` | The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. | | `retryPolicy` | [.solo.io.envoy.config.core.v3.RetryPolicy](../base.proto.sk/#retrypolicy) | Indicates the retry policy for re-establishing the gRPC stream This field is optional. If max interval is not provided, it will be set to ten times the provided base interval. Currently only supported for xDS gRPC streams. If not set, xDS gRPC streams default base interval:500ms, maximum interval:30s will be applied. | @@ -101,9 +101,9 @@ gRPC service configuration. This is used by :ref:`ApiConfigSource | Field | Type | Description | | ----- | ---- | ----------- | -| `targetUri` | `string` | The target URI when using the `Google C++ gRPC client `_. SSL credentials will be supplied in :ref:`channel_credentials `. | +| `targetUri` | `string` | The target URI when using the [Google C++ gRPC client](https://github.com/grpc/grpc). SSL credentials will be supplied in channel_credentials. | | `channelCredentials` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials](../grpc_service.proto.sk/#channelcredentials) | | -| `callCredentials` | [[]solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials](../grpc_service.proto.sk/#callcredentials) | A set of call credentials that can be composed with `channel credentials `_. | +| `callCredentials` | [[]solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials](../grpc_service.proto.sk/#callcredentials) | A set of call credentials that can be composed with [channel credentials](https://grpc.io/docs/guides/auth.html#credential-types). | | `statPrefix` | `string` | The human readable prefix to use when emitting statistics for the gRPC service. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 streams_total, Counter, Total number of streams opened streams_closed_, Counter, Total streams closed with . | | `credentialsFactoryName` | `string` | The name of the Google gRPC credentials factory to use. This must have been registered with Envoy. If this is empty, a default credentials factory will be used that sets up channel credentials based on other configuration parameters. | | `config` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Additional configuration for site-specific customizations of the Google gRPC library. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md index 8fb5c2a47a8..958dc4282ad 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md @@ -87,11 +87,11 @@ weight: 5 | `unhealthyInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy interval" is a health check interval that is used for hosts that are marked as unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the standard health check interval that is defined. The default value for "unhealthy interval" is the same as "interval". | | `unhealthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as unhealthy. For subsequent health checks Envoy will shift back to using either "unhealthy interval" if present or the standard health check interval that is defined. The default value for "unhealthy edge interval" is the same as "unhealthy interval". | | `healthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "healthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as healthy. For subsequent health checks Envoy will shift back to using the standard health check interval that is defined. The default value for "healthy edge interval" is the same as the default interval. | -| `eventLogPath` | `string` | Specifies the path to the :ref:`health check event log `. If empty, no event log will be written. | +| `eventLogPath` | `string` | Specifies the path to the health check event log. If empty, no event log will be written. | | `eventService` | [.solo.io.envoy.config.core.v3.EventServiceConfig](../event_service_config.proto.sk/#eventserviceconfig) | [#not-implemented-hide:] The gRPC service for the health check event service. If empty, health check events won't be sent to a remote endpoint. | | `alwaysLogHealthCheckFailures` | `bool` | If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false. | | `tlsOptions` | [.solo.io.envoy.config.core.v3.HealthCheck.TlsOptions](../health_check.proto.sk/#tlsoptions) | This allows overriding the cluster TLS settings, just for health check connections. | -| `transportSocketMatchCriteria` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's :ref:`tranport socket matches `. For example, the following match criteria .. code-block:: yaml transport_socket_match_criteria: useMTLS: true Will match the following :ref:`cluster socket match ` .. code-block:: yaml transport_socket_matches: - name: "useMTLS" match: useMTLS: true transport_socket: name: envoy.transport_sockets.tls config: { ... } # tls socket configuration If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the :ref:`LbEndpoint.Metadata `. This allows using different transport socket capabilities for health checking versus proxying to the endpoint. If the key/values pairs specified do not match any :ref:`transport socket matches `, the cluster's :ref:`transport socket ` will be used for health check socket configuration. | +| `transportSocketMatchCriteria` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's tranport socket matches. For example, the following match criteria .. code-block:: yaml transport_socket_match_criteria: useMTLS: true Will match the following :ref:`cluster socket match ` .. code-block:: yaml transport_socket_matches: - name: "useMTLS" match: useMTLS: true transport_socket: name: envoy.transport_sockets.tls config: { ... } # tls socket configuration If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the LbEndpoint.Metadata. This allows using different transport socket capabilities for health checking versus proxying to the endpoint. If the key/values pairs specified do not match any transport socket matches, the cluster's :ref:`transport socket ` will be used for health check socket configuration. | @@ -138,13 +138,13 @@ Describes the encoding of the payload bytes in the payload. | Field | Type | Description | | ----- | ---- | ----------- | -| `host` | `string` | The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The host header can be customized for a specific endpoint by setting the :ref:`hostname ` field. | +| `host` | `string` | The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The host header can be customized for a specific endpoint by setting the hostname field. | | `path` | `string` | Specifies the HTTP path that will be requested during health checking. For example */healthcheck*. | | `send` | [.solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | [#not-implemented-hide:] HTTP specific payload. | | `receive` | [.solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | [#not-implemented-hide:] HTTP specific response. | | `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../base.proto.sk/#headervalueoption) | Specifies a list of HTTP headers that should be added to each request that is sent to the health checked cluster. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | | `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request that is sent to the health checked cluster. | -| `expectedStatuses` | [[]solo.io.envoy.type.v3.Int64Range](../../../../type/v3/range.proto.sk/#int64range) | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of :ref:`Int64Range `. The start and end of each range are required. Only statuses in the range [100, 600) are allowed. | +| `expectedStatuses` | [[]solo.io.envoy.type.v3.Int64Range](../../../../type/v3/range.proto.sk/#int64range) | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of Int64Range. The start and end of each range are required. Only statuses in the range [100, 600) are allowed. | | `codecClientType` | [.solo.io.envoy.type.v3.CodecClientType](../../../../type/v3/http.proto.sk/#codecclienttype) | Use specified application protocol for health checks. | | `serviceNameMatcher` | [.solo.io.envoy.type.matcher.v3.StringMatcher](../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | An optional service name parameter which is used to validate the identity of the health checked cluster using a :ref:`StringMatcher `. See the :ref:`architecture overview ` for more information. | | `responseAssertions` | [.advancedhttp.options.gloo.solo.io.ResponseAssertions](../../../../../../v1/options/advanced_http/advanced_http.proto.sk/#responseassertions) | (Enterprise Only): If defined, the response health check rules take precedence over the http `expected_statuses`. | @@ -183,7 +183,7 @@ Describes the encoding of the payload bytes in the payload. | Field | Type | Description | | ----- | ---- | ----------- | -| `key` | `string` | If set, optionally perform ``EXISTS `` instead of ``PING``. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | +| `key` | `string` | If set, optionally perform `EXISTS ` instead of `PING`. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | @@ -192,9 +192,8 @@ Describes the encoding of the payload bytes in the payload. ### GrpcHealthCheck -`grpc.health.v1.Health -`_-based -healthcheck. See `gRPC doc `_ +[grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based +healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for details. ```yaml @@ -205,8 +204,8 @@ for details. | Field | Type | Description | | ----- | ---- | ----------- | -| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in `grpc.health.v1.HealthCheckRequest `_. message. See `gRPC health-checking overview `_ for more information. | -| `authority` | `string` | The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The authority header can be customized for a specific endpoint by setting the :ref:`hostname ` field. | +| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20). message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. | +| `authority` | `string` | The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The authority header can be customized for a specific endpoint by setting the hostname field. | @@ -261,7 +260,7 @@ Description: Endpoint health status. | UNKNOWN | The health status is not known. This is interpreted by Envoy as *HEALTHY*. | | HEALTHY | Healthy. | | UNHEALTHY | Unhealthy. | -| DRAINING | Connection draining in progress. E.g., ``_ or ``_. This is interpreted by Envoy as *UNHEALTHY*. | +| DRAINING | Connection draining in progress. E.g., https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ or https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. This is interpreted by Envoy as *UNHEALTHY*. | | TIMEOUT | Health check timed out. This is part of HDS and is interpreted by Envoy as *UNHEALTHY*. | | DEGRADED | Degraded. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md index 614e2d156cf..8cb30452725 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md @@ -39,7 +39,7 @@ weight: 5 | Field | Type | Description | | ----- | ---- | ----------- | | `matchType` | [.solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType](../proxy_protocol.proto.sk/#passtlvsmatchtype) | The strategy to pass through TLVs. Default is INCLUDE_ALL. If INCLUDE_ALL is set, all TLVs will be passed through no matter the tlv_type field. | -| `tlvType` | `[]int` | The TLV types that are applied based on match_type. TLV type is defined as uint8_t in proxy protocol. See `the spec `_ for details. | +| `tlvType` | `[]int` | The TLV types that are applied based on match_type. TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md index 1c53df06ca0..1a3360dded7 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md @@ -105,7 +105,7 @@ upstream cluster to route to or whether to perform a redirect. | Field | Type | Description | | ----- | ---- | ----------- | | `name` | `string` | The logical name of the virtual host. This is used when emitting certain statistics but is not relevant for routing. | -| `domains` | `[]string` | A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the suffix or prefix form. Domain search order: 1. Exact domain names: ``www.foo.com``. 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. 4. Special wildcard ``*`` matching any domain. .. note:: The wildcard will not match the empty string. e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. The longest wildcards match first. Only a single virtual host in the entire route configuration can match on ``*``. A domain must be unique across all virtual hosts or the config will fail to load. Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. | +| `domains` | `[]string` | A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the suffix or prefix form. Domain search order: 1. Exact domain names: `www.foo.com`. 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. 3. Prefix domain wildcards: `foo.*` or `foo-*`. 4. Special wildcard `*` matching any domain. **Note**: The wildcard will not match the empty string. e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. The longest wildcards match first. Only a single virtual host in the entire route configuration can match on `*`. A domain must be unique across all virtual hosts or the config will fail to load. Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. | | `routes` | [[]solo.io.envoy.config.route.v3.Route](../route_components.proto.sk/#route) | The list of routes that will be matched, in order, for incoming requests. The first route that matches will be used. | | `requireTls` | [.solo.io.envoy.config.route.v3.VirtualHost.TlsRequirementType](../route_components.proto.sk/#tlsrequirementtype) | Specifies the type of TLS enforcement the virtual host expects. If this option is not specified, there is no TLS requirement for the virtual host. | | `virtualClusters` | [[]solo.io.envoy.config.route.v3.VirtualCluster](../route_components.proto.sk/#virtualcluster) | A list of virtual clusters defined for this virtual host. Virtual clusters are used for additional statistics gathering. | @@ -119,7 +119,7 @@ upstream cluster to route to or whether to perform a redirect. | `includeRequestAttemptCount` | `bool` | Decides whether the :ref:`x-envoy-attempt-count ` header should be included in the upstream request. Setting this option will cause it to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the upstream will see the attempt count as perceived by the second Envoy. Defaults to false. This header is unaffected by the :ref:`suppress_envoy_headers ` flag. [#next-major-version: rename to include_attempt_count_in_request.]. | | `includeAttemptCountInResponse` | `bool` | Decides whether the :ref:`x-envoy-attempt-count ` header should be included in the downstream response. Setting this option will cause the router to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the downstream will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. This header is unaffected by the :ref:`suppress_envoy_headers ` flag. | | `retryPolicy` | [.solo.io.envoy.config.route.v3.RetryPolicy](../route_components.proto.sk/#retrypolicy) | Indicates the retry policy for all routes in this virtual host. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). | -| `retryPolicyTypedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | [#not-implemented-hide:] Specifies the configuration for retry policy extension. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). :ref:`Retry policy ` should not be set if this field is used. | +| `retryPolicyTypedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | [#not-implemented-hide:] Specifies the configuration for retry policy extension. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). Retry policy should not be set if this field is used. | | `hedgePolicy` | [.solo.io.envoy.config.route.v3.HedgePolicy](../route_components.proto.sk/#hedgepolicy) | Indicates the hedge policy for all routes in this virtual host. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). | | `perRequestBufferLimitBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum bytes which will be buffered for retries and shadowing. If set and a route-specific limit is not set, the bytes actually buffered will be the minimum value of this and the listener per_connection_buffer_limit_bytes. | @@ -165,7 +165,7 @@ A filter-defined action type. A route is both a specification of how to match a request as well as an indication of what to do next (e.g., redirect, forward, rewrite, etc.). -.. attention:: +**Attention**: Envoy supports routing on HTTP method via :ref:`header matching `. @@ -200,10 +200,10 @@ next (e.g., redirect, forward, rewrite, etc.). | `filterAction` | [.solo.io.envoy.config.route.v3.FilterAction](../route_components.proto.sk/#filteraction) | [#not-implemented-hide:] If true, a filter will define the action (e.g., it could dynamically generate the RouteAction). [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when implemented]. Only one of `filterAction`, `route`, `redirect`, or `directResponse` can be set. | | `metadata` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | The Metadata field can be used to provide additional information about the route. It can be used for configuration, stats, and logging. The metadata should go under the filter namespace that will need it. For instance, if the metadata is intended for the Router filter, the filter name should be specified as *envoy.filters.http.router*. | | `decorator` | [.solo.io.envoy.config.route.v3.Decorator](../route_components.proto.sk/#decorator) | Decorator for the matched route. | -| `typedPerFilterConfig` | `map` | The typed_per_filter_config field can be used to provide route-specific configurations for filters. The key should match the filter name, such as *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter specific; see the :ref:`HTTP filter documentation ` for if and how it is utilized. | +| `typedPerFilterConfig` | `map` | The typed_per_filter_config field can be used to provide route-specific configurations for filters. The key should match the filter name, such as *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter specific; see the HTTP filter documentation for if and how it is utilized. | | `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a set of headers that will be added to requests matching this route. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | | `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request matching this route. | -| `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a set of headers that will be added to responses to requests matching this route. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | +| `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a set of headers that will be added to responses to requests matching this route. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on custom request headers. | | `responseHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each response to requests matching this route. | | `tracing` | [.solo.io.envoy.config.route.v3.Tracing](../route_components.proto.sk/#tracing) | Presence of the object defines whether the connection manager's tracing configuration is overridden by this route specific instance. | | `perRequestBufferLimitBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum bytes which will be buffered for retries and shadowing. If set, the bytes actually buffered will be the minimum value of this and the listener per_connection_buffer_limit_bytes. | @@ -215,7 +215,7 @@ next (e.g., redirect, forward, rewrite, etc.). ### WeightedCluster -Compared to the :ref:`cluster ` field that specifies a +Compared to the cluster field that specifies a single upstream cluster as the target of a request, the :ref:`weighted_clusters ` option allows for specification of multiple upstream clusters along with weights that indicate the percentage of @@ -258,9 +258,9 @@ weights. | Field | Type | Description | | ----- | ---- | ----------- | -| `name` | `string` | Name of the upstream cluster. The cluster must exist in the :ref:`cluster manager configuration `. | +| `name` | `string` | Name of the upstream cluster. The cluster must exist in the cluster manager configuration. | | `weight` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | An integer between 0 and :ref:`total_weight `. When a request matches the route, the choice of an upstream cluster is determined by its weight. The sum of weights across all entries in the clusters array must add up to the total_weight, which defaults to 100. | -| `metadataMatch` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in the upstream cluster with metadata matching what is set in this field will be considered for load balancing. Note that this will be merged with what's provided in :ref:`RouteAction.metadata_match `, with values here taking precedence. The filter name should be specified as *envoy.lb*. | +| `metadataMatch` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in the upstream cluster with metadata matching what is set in this field will be considered for load balancing. Note that this will be merged with what's provided in RouteAction.metadata_match, with values here taking precedence. The filter name should be specified as *envoy.lb*. | | `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of headers to be added to requests when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | | `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. | | `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of headers to be added to responses when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | @@ -297,7 +297,7 @@ weights. | `safeRegex` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a subsequence of the *:path* header matches the regex. [#next-major-version: In the v3 API we should redo how path specification works such that we utilize StringMatcher, and additionally have consistent options around whether we strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive to deprecate the existing options. We should even consider whether we want to do away with path_specifier entirely and just rely on a set of header matchers which can already match on :path, etc. The issue with that is it is unclear how to generically deal with query string stripping. This needs more thought.]. Only one of `safeRegex`, `prefix`, `path`, or `connectMatcher` can be set. | | `connectMatcher` | [.solo.io.envoy.config.route.v3.RouteMatch.ConnectMatcher](../route_components.proto.sk/#connectmatcher) | If this is used as the matcher, the matcher will only match CONNECT requests. Note that this will not match HTTP/2 upgrade-style CONNECT requests (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style upgrades. This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, where CONNECT requests may have a path, the path matchers will work if there is a path present. Note that CONNECT support is currently considered alpha in Envoy. [#comment:TODO(htuch): Replace the above comment with an alpha tag. Only one of `connectMatcher`, `prefix`, `path`, or `safeRegex` can be set. | | `caseSensitive` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that prefix/path matching should be case insensitive. The default is true. | -| `runtimeFraction` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Indicates that the route should additionally match on a runtime key. Every time the route is considered for a match, it must also fall under the percentage of matches indicated by this field. For some fraction N/D, a random number in the range [0,D) is selected. If the number is <= the value of the numerator N, or if the key is not present, the default value, the router continues to evaluate the remaining match criteria. A runtime_fraction route configuration can be used to roll out route changes in a gradual manner without full code/config deploys. Refer to the :ref:`traffic shifting ` docs for additional documentation. .. note:: Parsing this field is implemented such that the runtime key's data may be represented as a FractionalPercent proto represented as JSON/YAML and may also be represented as an integer with the assumption that the value is an integral percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. | +| `runtimeFraction` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Indicates that the route should additionally match on a runtime key. Every time the route is considered for a match, it must also fall under the percentage of matches indicated by this field. For some fraction N/D, a random number in the range [0,D) is selected. If the number is <= the value of the numerator N, or if the key is not present, the default value, the router continues to evaluate the remaining match criteria. A runtime_fraction route configuration can be used to roll out route changes in a gradual manner without full code/config deploys. Refer to the :ref:`traffic shifting ` docs for additional documentation. **Note**: Parsing this field is implemented such that the runtime key's data may be represented as a FractionalPercent proto represented as JSON/YAML and may also be represented as an integer with the assumption that the value is an integral percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. | | `headers` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | Specifies a set of headers that the route should match on. The router will check the request’s headers against all the specified headers in the route config. A match will happen if all the headers in the route are present in the request with the same values (or based on presence if the value field is not in the config). | | `queryParameters` | [[]solo.io.envoy.config.route.v3.QueryParameterMatcher](../route_components.proto.sk/#queryparametermatcher) | Specifies a set of URL query parameters on which the route should match. The router will check the query string from the *path* header against all the specified query parameters. If the number of specified query parameters is nonzero, they all must match the *path* header's query string for a match to occur. | | `grpc` | [.solo.io.envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions](../route_components.proto.sk/#grpcroutematchoptions) | If specified, only gRPC requests will be matched. The router will check that the content-type header has a application/grpc or one of the various application/grpc+ values. | @@ -382,8 +382,8 @@ An extensible message for matching CONNECT requests. | `exposeHeaders` | `string` | Specifies the content for the *access-control-expose-headers* header. | | `maxAge` | `string` | Specifies the content for the *access-control-max-age* header. | | `allowCredentials` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies whether the resource allows credentials. | -| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS filter is enabled. If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS filter will be enabled for 100% of the requests. If :ref:`runtime_key ` is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. | -| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not enforced. This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those fields have to explicitly disable the filter in order for this setting to take effect. If :ref:`runtime_key ` is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* to determine if it's valid but will not enforce any policies. | +| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS filter is enabled. If neither `enabled`, `filter_enabled`, nor `shadow_enabled` are specified, the CORS filter will be enabled for 100% of the requests. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. | +| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not enforced. This field is intended to be used when `filter_enabled` and `enabled` are off. One of those fields have to explicitly disable the filter in order for this setting to take effect. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* to determine if it's valid but will not enforce any policies. | @@ -428,26 +428,26 @@ An extensible message for matching CONNECT requests. | Field | Type | Description | | ----- | ---- | ----------- | | `cluster` | `string` | Indicates the upstream cluster to which the request should be routed to. Only one of `cluster`, `clusterHeader`, or `weightedClusters` can be set. | -| `clusterHeader` | `string` | Envoy will determine the cluster to route to by reading the value of the HTTP header named by cluster_header from the request headers. If the header is not found or the referenced cluster does not exist, Envoy will return a 404 response. .. attention:: Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. Only one of `clusterHeader`, `cluster`, or `weightedClusters` can be set. | +| `clusterHeader` | `string` | Envoy will determine the cluster to route to by reading the value of the HTTP header named by cluster_header from the request headers. If the header is not found or the referenced cluster does not exist, Envoy will return a 404 response. **Attention**: Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. Only one of `clusterHeader`, `cluster`, or `weightedClusters` can be set. | | `weightedClusters` | [.solo.io.envoy.config.route.v3.WeightedCluster](../route_components.proto.sk/#weightedcluster) | Multiple upstream clusters can be specified for a given route. The request is routed to one of the upstream clusters based on weights assigned to each cluster. See :ref:`traffic splitting ` for additional documentation. Only one of `weightedClusters`, `cluster`, or `clusterHeader` can be set. | | `clusterNotFoundResponseCode` | [.solo.io.envoy.config.route.v3.RouteAction.ClusterNotFoundResponseCode](../route_components.proto.sk/#clusternotfoundresponsecode) | The HTTP status code to use when configured cluster is not found. The default response code is 503 Service Unavailable. | | `metadataMatch` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in the upstream cluster with metadata matching what's set in this field will be considered for load balancing. If using :ref:`weighted_clusters `, metadata will be merged, with values provided there taking precedence. The filter name should be specified as *envoy.lb*. | -| `prefixRewrite` | `string` | Indicates that during forwarding, the matched prefix (or path) should be swapped with this value. This option allows application URLs to be rooted at a different path from those exposed at the reverse proxy layer. The router filter will place the original path before rewrite into the :ref:`x-envoy-original-path ` header. Only one of *prefix_rewrite* or :ref:`regex_rewrite ` may be specified. .. attention:: Pay careful attention to the use of trailing slashes in the :ref:`route's match ` prefix value. Stripping a prefix from a path requires multiple Routes to handle all cases. For example, rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single :ref:`Route `, as shown by the below config entries: .. code-block:: yaml - match: prefix: "/prefix/" route: prefix_rewrite: "/" - match: prefix: "/prefix" route: prefix_rewrite: "/" Having above entries in the config, requests to */prefix* will be stripped to */*, while requests to */prefix/etc* will be stripped to */etc*. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../../../type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's `RE2 `_ engine: * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` into ``/v1/api/instance/foo``. * The pattern ``one`` paired with a substitution string of ``two`` would transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of ``\1two\2`` would replace only the first occurrence of ``one``, transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to ``/aaa/yyy/bbb``. | +| `prefixRewrite` | `string` | Indicates that during forwarding, the matched prefix (or path) should be swapped with this value. This option allows application URLs to be rooted at a different path from those exposed at the reverse proxy layer. The router filter will place the original path before rewrite into the :ref:`x-envoy-original-path ` header. Only one of *prefix_rewrite* or :ref:`regex_rewrite ` may be specified. **Attention**: Pay careful attention to the use of trailing slashes in the route's match prefix value. Stripping a prefix from a path requires multiple Routes to handle all cases. For example, rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single Route, as shown by the below config entries: .. code-block:: yaml - match: prefix: "/prefix/" route: prefix_rewrite: "/" - match: prefix: "/prefix" route: prefix_rewrite: "/" Having above entries in the config, requests to */prefix* will be stripped to */*, while requests to */prefix/etc* will be stripped to */etc*. | +| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../../../type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's [RE2](https://github.com/google/re2) engine: * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution string of `\2/instance/\1` would transform `/service/foo/v1/api` into `/v1/api/instance/foo`. * The pattern `one` paired with a substitution string of `two` would transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. * The pattern `^(.*?)one(.*)$` paired with a substitution string of `\1two\2` would replace only the first occurrence of `one`, transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` would do a case-insensitive match and transform path `/aaa/XxX/bbb` to `/aaa/yyy/bbb`. | | `hostRewriteLiteral` | `string` | Indicates that during forwarding, the host header will be swapped with this value. Only one of `hostRewriteLiteral`, `autoHostRewrite`, or `hostRewriteHeader` can be set. | | `autoHostRewrite` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that during forwarding, the host header will be swapped with the hostname of the upstream host chosen by the cluster manager. This option is applicable only when the destination cluster for a route is of type *strict_dns* or *logical_dns*. Setting this to true with other cluster types has no effect. Only one of `autoHostRewrite`, `hostRewriteLiteral`, or `hostRewriteHeader` can be set. | -| `hostRewriteHeader` | `string` | Indicates that during forwarding, the host header will be swapped with the content of given downstream or :ref:`custom ` header. If header value is empty, host header is left intact. .. attention:: Pay attention to the potential security implications of using this option. Provided header must come from trusted source. Only one of `hostRewriteHeader`, `hostRewriteLiteral`, or `autoHostRewrite` can be set. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the upstream timeout for the route. If not specified, the default is 15s. This spans between the point at which the entire downstream request (i.e. end-of-stream) has been processed and when the upstream response has been completely processed. A value of 0 will disable the route's timeout. .. note:: This timeout includes all retries. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the :ref:`retry overview `. | +| `hostRewriteHeader` | `string` | Indicates that during forwarding, the host header will be swapped with the content of given downstream or custom header. If header value is empty, host header is left intact. **Attention**: Pay attention to the potential security implications of using this option. Provided header must come from trusted source. Only one of `hostRewriteHeader`, `hostRewriteLiteral`, or `autoHostRewrite` can be set. | +| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the upstream timeout for the route. If not specified, the default is 15s. This spans between the point at which the entire downstream request (i.e. end-of-stream) has been processed and when the upstream response has been completely processed. A value of 0 will disable the route's timeout. **Note**: This timeout includes all retries. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the retry overview. | | `idleTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, although the connection manager wide :ref:`stream_idle_timeout ` will still apply. A value of 0 will completely disable the route's idle timeout, even if a connection manager stream idle timeout is configured. The idle timeout is distinct to :ref:`timeout `, which provides an upper bound on the upstream response time; :ref:`idle_timeout ` instead bounds the amount of time the request's stream may be idle. After header decoding, the idle timeout will apply on downstream and upstream request events. Each time an encode/decode event for headers or data is processed for the stream, the timer will be reset. If the timeout fires, the stream is terminated with a 408 Request Timeout error code if no upstream response header has been received, otherwise a stream reset occurs. | | `retryPolicy` | [.solo.io.envoy.config.route.v3.RetryPolicy](../route_components.proto.sk/#retrypolicy) | Indicates that the route has a retry policy. Note that if this is set, it'll take precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, most internal one becomes the enforced policy). | | `retryPolicyTypedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | [#not-implemented-hide:] Specifies the configuration for retry policy extension. Note that if this is set, it'll take precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, most internal one becomes the enforced policy). :ref:`Retry policy ` should not be set if this field is used. | | `requestMirrorPolicies` | [[]solo.io.envoy.config.route.v3.RouteAction.RequestMirrorPolicy](../route_components.proto.sk/#requestmirrorpolicy) | Indicates that the route has request mirroring policies. | -| `priority` | [.solo.io.envoy.config.core.v3.RoutingPriority](../../../core/v3/base.proto.sk/#routingpriority) | Optionally specifies the :ref:`routing priority `. | +| `priority` | [.solo.io.envoy.config.core.v3.RoutingPriority](../../../core/v3/base.proto.sk/#routingpriority) | Optionally specifies the routing priority. | | `rateLimits` | [[]solo.io.envoy.config.route.v3.RateLimit](../route_components.proto.sk/#ratelimit) | Specifies a set of rate limit configurations that could be applied to the route. | -| `includeVhRateLimits` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies if the rate limit filter should include the virtual host rate limits. By default, if the route configured rate limits, the virtual host :ref:`rate_limits ` are not applied to the request. | +| `includeVhRateLimits` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies if the rate limit filter should include the virtual host rate limits. By default, if the route configured rate limits, the virtual host rate_limits are not applied to the request. | | `hashPolicy` | [[]solo.io.envoy.config.route.v3.RouteAction.HashPolicy](../route_components.proto.sk/#hashpolicy) | Specifies a list of hash policies to use for ring hash load balancing. Each hash policy is evaluated individually and the combined result is used to route the request. The method of combination is deterministic such that identical lists of hash policies will produce the same hash. Since a hash policy examines specific parts of a request, it can fail to produce a hash (i.e. if the hashed header is not present). If (and only if) all configured hash policies fail to generate a hash, no hash will be produced for the route. In this case, the behavior is the same as if no hash policies were specified (i.e. the ring hash load balancer will choose a random backend). If a hash policy has the "terminal" attribute set to true, and there is already a hash generated, the hash is returned immediately, ignoring the rest of the hash policy list. | | `cors` | [.solo.io.envoy.config.route.v3.CorsPolicy](../route_components.proto.sk/#corspolicy) | Indicates that the route has a CORS policy. | -| `maxGrpcTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, and the request is a gRPC request, use the `grpc-timeout header `_, or its default value (infinity) instead of :ref:`timeout `, but limit the applied timeout to the maximum value specified here. If configured as 0, the maximum allowed timeout for gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used and gRPC requests time out like any other requests using :ref:`timeout ` or its default. This can be used to prevent unexpected upstream request timeouts due to potentially long time gaps between gRPC request and response in gRPC streaming mode. .. note:: If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes precedence over `grpc-timeout header `_, when both are present. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the :ref:`retry overview `. | +| `maxGrpcTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, and the request is a gRPC request, use the [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), or its default value (infinity) instead of timeout, but limit the applied timeout to the maximum value specified here. If configured as 0, the maximum allowed timeout for gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used and gRPC requests time out like any other requests using timeout or its default. This can be used to prevent unexpected upstream request timeouts due to potentially long time gaps between gRPC request and response in gRPC streaming mode. **Note**: If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes precedence over [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), when both are present. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the retry overview. | | `grpcTimeoutOffset` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting the provided duration from the header. This is useful in allowing Envoy to set its global timeout to be less than that of the deadline imposed by the calling client, which makes it more likely that Envoy will handle the timeout instead of having the call canceled by the client. The offset will only be applied if the provided grpc_timeout is greater than the offset. This ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning infinity). | | `upgradeConfigs` | [[]solo.io.envoy.config.route.v3.RouteAction.UpgradeConfig](../route_components.proto.sk/#upgradeconfig) | | | `internalRedirectPolicy` | [.solo.io.envoy.config.route.v3.InternalRedirectPolicy](../route_components.proto.sk/#internalredirectpolicy) | If present, Envoy will try to follow an upstream redirect response instead of proxying the response back to the downstream. An upstream redirect response is defined by :ref:`redirect_response_codes `. | @@ -470,7 +470,7 @@ collected for the shadow cluster making this feature useful for testing. During shadowing, the host/authority header is altered such that *-shadow* is appended. This is useful for logging. For example, *cluster1* becomes *cluster1-shadow*. -.. note:: +**Note**: Shadowing will not be triggered if the primary cluster does not exist. @@ -688,7 +688,7 @@ CONNECT requests, when forwarding CONNECT payload as raw TCP. ### InternalRedirectAction -Configures :ref:`internal redirect ` behavior. +Configures internal redirect behavior. [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] | Name | Description | @@ -703,7 +703,7 @@ Configures :ref:`internal redirect ` behavior. ### RetryPolicy -HTTP retry :ref:`architecture overview `. +HTTP retry architecture overview. [#next-free-field: 11] ```yaml @@ -724,9 +724,9 @@ HTTP retry :ref:`architecture overview `. | ----- | ---- | ----------- | | `retryOn` | `string` | Specifies the conditions under which retry takes place. These are the same conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. | | `numRetries` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the allowed number of retries. This parameter is optional and defaults to 1. These are the same conditions documented for :ref:`config_http_filters_router_x-envoy-max-retries`. | -| `perTryTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The same conditions documented for :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. .. note:: If left unspecified, Envoy will use the global :ref:`route timeout ` for the request. Consequently, when using a :ref:`5xx ` based retry policy, a request that times out will not be retried as the total timeout budget would have been exhausted. | -| `retryPriority` | [.solo.io.envoy.config.route.v3.RetryPolicy.RetryPriority](../route_components.proto.sk/#retrypriority) | Specifies an implementation of a RetryPriority which is used to determine the distribution of load across priorities used for retries. Refer to :ref:`retry plugin configuration ` for more details. | -| `retryHostPredicate` | [[]solo.io.envoy.config.route.v3.RetryPolicy.RetryHostPredicate](../route_components.proto.sk/#retryhostpredicate) | Specifies a collection of RetryHostPredicates that will be consulted when selecting a host for retries. If any of the predicates reject the host, host selection will be reattempted. Refer to :ref:`retry plugin configuration ` for more details. | +| `perTryTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The same conditions documented for :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. **Note**: If left unspecified, Envoy will use the global route timeout for the request. Consequently, when using a 5xx based retry policy, a request that times out will not be retried as the total timeout budget would have been exhausted. | +| `retryPriority` | [.solo.io.envoy.config.route.v3.RetryPolicy.RetryPriority](../route_components.proto.sk/#retrypriority) | Specifies an implementation of a RetryPriority which is used to determine the distribution of load across priorities used for retries. Refer to retry plugin configuration for more details. | +| `retryHostPredicate` | [[]solo.io.envoy.config.route.v3.RetryPolicy.RetryHostPredicate](../route_components.proto.sk/#retryhostpredicate) | Specifies a collection of RetryHostPredicates that will be consulted when selecting a host for retries. If any of the predicates reject the host, host selection will be reattempted. Refer to retry plugin configuration for more details. | | `hostSelectionRetryMaxAttempts` | `int` | The maximum number of times host selection will be reattempted before giving up, at which point the host that was last selected will be routed to. If unspecified, this will default to retrying once. | | `retriableStatusCodes` | `[]int` | HTTP status codes that should trigger a retry in addition to those specified by retry_on. | | `retryBackOff` | [.solo.io.envoy.config.route.v3.RetryPolicy.RetryBackOff](../route_components.proto.sk/#retrybackoff) | Specifies parameters that control retry back off. This parameter is optional, in which case the default base interval is 25 milliseconds or, if set, the current value of the `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` describes Envoy's back-off algorithm. | @@ -797,7 +797,7 @@ HTTP retry :ref:`architecture overview `. ### HedgePolicy -HTTP request hedging :ref:`architecture overview `. +HTTP request hedging architecture overview. ```yaml "initialRequests": .google.protobuf.UInt32Value @@ -810,7 +810,7 @@ HTTP request hedging :ref:`architecture overview `. Defaults to false. | +| `hedgeOnPerTryTimeout` | `bool` | Indicates that a hedged request should be sent when the per-try timeout is hit. This will only occur if the retry policy also indicates that a timed out request should be retried. Once a timed out request is retried due to per try timeout, the router filter will ensure that it is not retried again even if the returned response headers would otherwise be retried according the specified RetryPolicy. Defaults to false. | @@ -840,7 +840,7 @@ HTTP request hedging :ref:`architecture overview `. Only one of `prefixRewrite` or `pathRedirect` can be set. | +| `prefixRewrite` | `string` | Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows redirect URLs be dynamically created based on the request. **Attention**: Pay attention to the use of trailing slashes as mentioned in RouteAction's prefix_rewrite. Only one of `prefixRewrite` or `pathRedirect` can be set. | | `responseCode` | [.solo.io.envoy.config.route.v3.RedirectAction.RedirectResponseCode](../route_components.proto.sk/#redirectresponsecode) | The HTTP status code to use in the redirect response. The default response code is MOVED_PERMANENTLY (301). | | `stripQuery` | `bool` | Indicates that during redirection, the query portion of the URL will be removed. Default value is false. | @@ -877,7 +877,7 @@ HTTP request hedging :ref:`architecture overview ` header. | +| `operation` | `string` | The operation name associated with the request matched to this route. If tracing is enabled, this information will be used as the span name reported for this request. **Note**: For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden by the :ref:`x-envoy-decorator-operation ` header. | | `propagate` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Whether the decorated details should be propagated to the other party. The default is true. | @@ -917,8 +917,8 @@ HTTP request hedging :ref:`architecture overview ` header is set. This field is a direct analog for the runtime variable 'tracing.client_sampling' in the :ref:`HTTP Connection Manager `. Default: 100%. | -| `randomSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be randomly selected for trace generation, if not requested by the client or not forced. This field is a direct analog for the runtime variable 'tracing.random_sampling' in the :ref:`HTTP Connection Manager `. Default: 100%. | -| `overallSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be traced after all other sampling checks have been applied (client-directed, force tracing, random sampling). This field functions as an upper limit on the total configured sampling rate. For instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% of client requests with the appropriate headers to be force traced. This field is a direct analog for the runtime variable 'tracing.global_enabled' in the :ref:`HTTP Connection Manager `. Default: 100%. | +| `randomSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be randomly selected for trace generation, if not requested by the client or not forced. This field is a direct analog for the runtime variable 'tracing.random_sampling' in the HTTP Connection Manager. Default: 100%. | +| `overallSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be traced after all other sampling checks have been applied (client-directed, force tracing, random sampling). This field functions as an upper limit on the total configured sampling rate. For instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% of client requests with the appropriate headers to be force traced. This field is a direct analog for the runtime variable 'tracing.global_enabled' in the HTTP Connection Manager. Default: 100%. | | `customTags` | [[]solo.io.envoy.type.tracing.v3.CustomTag](../../../../type/tracing/v3/custom_tag.proto.sk/#customtag) | A list of custom tags with unique tag name to create tags for the active span. It will take effect after merging with the :ref:`corresponding configuration ` configured in the HTTP connection manager. If two tags with the same name are configured each in the HTTP connection manager and the route level, the one configured here takes priority. | @@ -938,9 +938,9 @@ endpoints that they wish to get “perfect” statistics on. Virtual cluster statistics are perfect in the sense that they are emitted on the downstream side such that they include network level failures. -Documentation for :ref:`virtual cluster statistics `. +Documentation for virtual cluster statistics. -.. note:: +**Note**: Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for every application endpoint. This is both not easily maintainable and as well the matching and @@ -955,7 +955,7 @@ Documentation for :ref:`virtual cluster statistics `. | +| `name` | `string` | Specifies the name of the virtual cluster. The virtual cluster name as well as the virtual host name are used when emitting statistics. The statistics are emitted by the router filter and are documented here. | @@ -964,7 +964,7 @@ Documentation for :ref:`virtual cluster statistics `. +Global rate limiting architecture overview. ```yaml "stage": .google.protobuf.UInt32Value @@ -976,7 +976,7 @@ Global rate limiting :ref:`architecture overview ` for additional documentation. | | `limit` | [.solo.io.envoy.config.route.v3.RateLimit.Override](../route_components.proto.sk/#override) | An optional limit override to be appended to the descriptor produced by this rate limit configuration. If the override value is invalid or cannot be resolved from metadata, no override is provided. See :ref:`rate limit override ` for more information. | @@ -1024,7 +1024,7 @@ The following descriptor entry is appended to the descriptor: ("source_cluster", "") - is derived from the :option:`--service-cluster` option. + is derived from the `--service-cluster` option. ```yaml @@ -1050,11 +1050,11 @@ Once a request matches against a route table rule, a routed cluster is determine the following :ref:`route table configuration ` settings: -* :ref:`cluster ` indicates the upstream cluster +* cluster indicates the upstream cluster to route to. * :ref:`weighted_clusters ` chooses a cluster randomly from a set of clusters with attributed weight. -* :ref:`cluster_header ` indicates which +* cluster_header indicates which header in the request contains the target cluster. ```yaml @@ -1099,7 +1099,7 @@ The following descriptor entry is appended when a header contains a key that mat The following descriptor entry is appended to the descriptor and is populated using the -trusted address from :ref:`x-forwarded-for `: +trusted address from x-forwarded-for. .. code-block:: cpp @@ -1226,12 +1226,12 @@ Fetches the override from the dynamic metadata. ### HeaderMatcher -.. attention:: +**Attention**: Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. -.. attention:: +**Attention**: To route on HTTP method, use the special HTTP/2 *:method* header. This works for both HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., @@ -1243,7 +1243,7 @@ Fetches the override from the dynamic metadata. "exact_match": "POST" } -.. attention:: +**Attention**: In the absence of any header match specifier, match will default to :ref:`present_match `. i.e, a request that has the :ref:`name ` header will match, regardless of the header's @@ -1273,7 +1273,7 @@ Fetches the override from the dynamic metadata. | `presentMatch` | `bool` | If specified, header match will be performed based on whether the header is in the request. Only one of `presentMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `prefixMatch` | `string` | If specified, header match will be performed based on the prefix of the header value. Note: empty prefix is not allowed, please use present_match instead. Examples: * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. Only one of `prefixMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `presentMatch`, or `suffixMatch` can be set. | | `suffixMatch` | `string` | If specified, header match will be performed based on the suffix of the header value. Note: empty suffix is not allowed, please use present_match instead. Examples: * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. Only one of `suffixMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `presentMatch`, or `prefixMatch` can be set. | -| `invertMatch` | `bool` | If specified, the match result will be inverted before checking. Defaults to false. Examples: * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. * The range [-10,0) will match the value -1, so it will not match when inverted. | +| `invertMatch` | `bool` | If specified, the match result will be inverted before checking. Defaults to false. Examples: * The regex `\d{3}` does not match the value *1234*, so it will match when inverted. * The range [-10,0) will match the value -1, so it will not match when inverted. | @@ -1306,7 +1306,7 @@ as an ampersand-separated list of keys and/or key=value elements. ### InternalRedirectPolicy -HTTP Internal Redirect :ref:`architecture overview `. +HTTP Internal Redirect architecture overview. ```yaml "maxInternalRedirects": .google.protobuf.UInt32Value diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md index ee504a9d616..8a330e6e487 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md @@ -48,7 +48,7 @@ Configuration for the Zipkin tracer. | `collectorEndpoint` | `string` | The API endpoint of the Zipkin service where the spans will be sent. When using a standard Zipkin installation, the API endpoint is typically /api/v1/spans, which is the default value. | | `traceId128Bit` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines whether a 128bit trace id will be used when creating a new trace instance. The default value is false, which will result in a 64 bit trace id being used. | | `sharedSpanContext` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines whether client and server spans will share the same span context. The default value is true. | -| `collectorEndpointVersion` | [.solo.io.envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion](../zipkin.proto.sk/#collectorendpointversion) | Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be used. | +| `collectorEndpointVersion` | [.solo.io.envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion](../zipkin.proto.sk/#collectorendpointversion) | Determines the selected collector endpoint version. By default, the `HTTP_JSON_V1` will be used. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md index 6cc37e68c81..529b0c37825 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md @@ -41,9 +41,9 @@ CSRF filter config. | Field | Type | Description | | ----- | ---- | ----------- | -| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CSRF filter is enabled. If :ref:`runtime_key ` is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. .. note:: This field defaults to 100/:ref:`HUNDRED `. | -| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. If :ref:`runtime_key ` is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* and *Destination* to determine if it's valid, but will not enforce any policies. | -| `additionalOrigins` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../../../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Specifies additional source origins that will be allowed in addition to the destination origin. More information on how this can be configured via runtime can be found :ref:`here `. | +| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CSRF filter is enabled. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. **Note**: This field defaults to 100/:ref:`HUNDRED `. | +| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when `filter_enabled` is off and will be ignored otherwise. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* and *Destination* to determine if it's valid, but will not enforce any policies. | +| `additionalOrigins` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../../../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Specifies additional source origins that will be allowed in addition to the destination origin. More information on how this can be configured via runtime can be found here. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md index 0159cf80ed9..96dea070dee 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md @@ -39,9 +39,9 @@ weight: 5 Please see following for JWT authentication flow: -* `JSON Web Token (JWT) `_ -* `The OAuth 2.0 Authorization Framework `_ -* `OpenID Connect `_ +* [JSON Web Token (JWT)](https://datatracker.ietf.org/doc/html/rfc7519) +* [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749) +* [OpenID Connect](http://openid.net/connect) A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: @@ -85,12 +85,12 @@ Example: | Field | Type | Description | | ----- | ---- | ----------- | -| `issuer` | `string` | Specify the `principal `_ that issued the JWT, usually a URL or an email address. It is optional. If specified, it has to match the *iss* field in JWT. If a JWT has *iss* field and this field is specified, they have to match, otherwise the JWT *iss* field is not checked. Note: *JwtRequirement* :ref:`allow_missing ` and :ref:`allow_missing_or_failed ` are implemented differently than other *JwtRequirements*. Hence the usage of this field is different as follows if *allow_missing* or *allow_missing_or_failed* is used: * If a JWT has *iss* field, it needs to be specified by this field in one of *JwtProviders*. * If a JWT doesn't have *iss* field, one of *JwtProviders* should fill this field empty. * Multiple *JwtProviders* should not have same value in this field. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com. | -| `audiences` | `[]string` | The list of JWT `audiences `_ are allowed to access. A JWT containing any of these audiences will be accepted. If not specified, will not check audiences in the token. Example: .. code-block:: yaml audiences: - bookstore_android.apps.googleusercontent.com - bookstore_web.apps.googleusercontent.com. | +| `issuer` | `string` | Specify the [principal](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1) that issued the JWT, usually a URL or an email address. It is optional. If specified, it has to match the *iss* field in JWT. If a JWT has *iss* field and this field is specified, they have to match, otherwise the JWT *iss* field is not checked. Note: *JwtRequirement* :ref:`allow_missing ` and :ref:`allow_missing_or_failed ` are implemented differently than other *JwtRequirements*. Hence the usage of this field is different as follows if *allow_missing* or *allow_missing_or_failed* is used: * If a JWT has *iss* field, it needs to be specified by this field in one of *JwtProviders*. * If a JWT doesn't have *iss* field, one of *JwtProviders* should fill this field empty. * Multiple *JwtProviders* should not have same value in this field. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com. | +| `audiences` | `[]string` | The list of JWT [audiences](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3) are allowed to access. A JWT containing any of these audiences will be accepted. If not specified, will not check audiences in the token. Example: .. code-block:: yaml audiences: - bookstore_android.apps.googleusercontent.com - bookstore_web.apps.googleusercontent.com. | | `remoteJwks` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks](../config.proto.sk/#remotejwks) | JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP URI and how the fetched JWKS should be cached. Example: .. code-block:: yaml remote_jwks: http_uri: uri: https://www.googleapis.com/oauth2/v1/certs cluster: jwt.www.googleapis.com|443 timeout: 1s cache_duration: seconds: 300. Only one of `remoteJwks` or `localJwks` can be set. | | `localJwks` | [.solo.io.envoy.config.core.v3.DataSource](../../../../../../config/core/v3/base.proto.sk/#datasource) | JWKS is in local data source. It could be either in a local file or embedded in the inline_string. Example: local file .. code-block:: yaml local_jwks: filename: /etc/envoy/jwks/jwks1.txt Example: inline_string .. code-block:: yaml local_jwks: inline_string: ACADADADADA. Only one of `localJwks` or `remoteJwks` can be set. | | `forward` | `bool` | If false, the JWT is removed in the request after a success verification. If true, the JWT is not removed in the request. Default value is false. | -| `fromHeaders` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtHeader](../config.proto.sk/#jwtheader) | Two fields below define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the `Bearer schema `_. Example:: Authorization: Bearer . 2. `access_token `_ query parameter. Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its provider specified or from the default locations. Specify the HTTP headers to extract JWT token. For examples, following config: .. code-block:: yaml from_headers: - name: x-goog-iap-jwt-assertion can be used to extract token from header:: ``x-goog-iap-jwt-assertion: ``. | +| `fromHeaders` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtHeader](../config.proto.sk/#jwtheader) | Two fields below define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the [Bearer schema](https://datatracker.ietf.org/doc/html/rfc6750#section-2.1). Example:: Authorization: Bearer . 2. [access_token](https://datatracker.ietf.org/doc/html/rfc6750#section-2.3) query parameter. Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its provider specified or from the default locations. Specify the HTTP headers to extract JWT token. For examples, following config: .. code-block:: yaml from_headers: - name: x-goog-iap-jwt-assertion can be used to extract token from header:: `x-goog-iap-jwt-assertion: `. | | `fromParams` | `[]string` | JWT is sent in a query parameter. `jwt_params` represents the query parameter names. For example, if config is: .. code-block:: yaml from_params: - jwt_token The JWT format in query parameter is:: /path?jwt_token=. | | `forwardPayloadHeader` | `string` | This field specifies the header name to forward a successfully verified JWT payload to the backend. The forwarded data is:: base64url_encoded(jwt_payload_in_JSON) If it is not specified, the payload will not be forwarded. | | `payloadInMetadata` | `string` | If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* and the value is the *protobuf::Struct* converted from JWT JSON payload. For example, if payload_in_metadata is *my_payload*: .. code-block:: yaml envoy.filters.http.jwt_authn: my_payload: iss: https://example.com sub: test@example.com aud: https://example.com exp: 1501281058. | @@ -444,7 +444,7 @@ For example: | `providers` | `map` | Map of provider names to JwtProviders. .. code-block:: yaml providers: provider1: issuer: issuer1 audiences: - audience1 - audience2 remote_jwks: http_uri: uri: https://example.com/.well-known/jwks.json cluster: example_jwks_cluster timeout: 1s provider2: issuer: provider2 local_jwks: inline_string: jwks_string. | | `rules` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.RequirementRule](../config.proto.sk/#requirementrule) | Specifies requirements based on the route matches. The first matched requirement will be applied. If there are overlapped match conditions, please put the most specific match first. Examples .. code-block:: yaml rules: - match: prefix: /healthz - match: prefix: /baz requires: provider_name: provider1 - match: prefix: /foo requires: requires_any: requirements: - provider_name: provider1 - provider_name: provider2 - match: prefix: /bar requires: requires_all: requirements: - provider_name: provider1 - provider_name: provider2. | | `filterStateRules` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.FilterStateRule](../config.proto.sk/#filterstaterule) | This message specifies Jwt requirements based on stream_info.filterState. Other HTTP filters can use it to specify Jwt requirements dynamically. The *rules* field above is checked first, if it could not find any matches, check this one. | -| `bypassCorsPreflight` | `bool` | When set to true, bypass the `CORS preflight request `_ regardless of JWT requirements specified in the rules. | +| `bypassCorsPreflight` | `bool` | When set to true, bypass the [CORS preflight request](http://www.w3.org/TR/cors/#cross-origin-request-with-preflight) regardless of JWT requirements specified in the rules. | | `requirementMap` | `map` | A map of unique requirement_names to JwtRequirements. :ref:`requirement_name ` in `PerRouteConfig` uses this map to specify a JwtRequirement. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md index 9d1469532ac..b21f7570e87 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md @@ -48,8 +48,8 @@ A regex matcher designed for safety when used with untrusted input. ### GoogleRE2 -Google's `RE2 `_ regex engine. The regex string must adhere to -the documented `syntax `_. The engine is designed +Google's [RE2](https://github.com/google/re2) regex engine. The regex string must adhere to +the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed to complete execution in linear time as well as limit the amount of memory used. Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` @@ -90,7 +90,7 @@ expression and a substitution string. | Field | Type | Description | | ----- | ---- | ----------- | | `pattern` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../regex.proto.sk/#regexmatcher) | The regular expression used to find portions of a string (hereafter called the "subject string") that should be replaced. When a new string is produced during the substitution operation, the new string is initially the same as the subject string, but then all matches in the subject string are replaced by the substitution string. If replacing all matches isn't desired, regular expression anchors can be used to ensure a single match, so as to replace just one occurrence of a pattern. Capture groups can be used in the pattern to extract portions of the subject string, and then referenced in the substitution string. | -| `substitution` | `string` | The string that should be substituted into matching portions of the subject string during a substitution operation to produce a new string. Capture groups in the pattern can be referenced in the substitution string. Note, however, that the syntax for referring to capture groups is defined by the chosen regular expression engine. Google's `RE2 `_ regular expression engine uses a backslash followed by the capture group number to denote a numbered capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers to capture group 2. | +| `substitution` | `string` | The string that should be substituted into matching portions of the subject string during a substitution operation to produce a new string. Capture groups in the pattern can be referenced in the substitution string. Note, however, that the syntax for referring to capture groups is defined by the chosen regular expression engine. Google's [RE2](https://github.com/google/re2) regular expression engine uses a backslash followed by the capture group number to denote a numbered capture group. E.g., `\1` refers to capture group 1, and `\2` refers to capture group 2. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md index 787aebb063b..7f3d9898d03 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md @@ -33,7 +33,7 @@ weight: 5 MetadataKey provides a general interface using `key` and `path` to retrieve value from -:ref:`Metadata `. +Metadata. For example, for the following Metadata: @@ -64,7 +64,7 @@ The following MetadataKey will retrieve a string value "bar" from the Metadata. | Field | Type | Description | | ----- | ---- | ----------- | | `key` | `string` | The key name of Metadata to retrieve the Struct from the metadata. Typically, it represents a builtin subsystem or custom extension. | -| `path` | [[]solo.io.envoy.type.metadata.v3.MetadataKey.PathSegment](../metadata.proto.sk/#pathsegment) | The path to retrieve the Value from the Struct. It can be a prefix or a full path, e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, which depends on the particular scenario. Note: Due to that only the key type segment is supported, the path can not specify a list unless the list is the last segment. | +| `path` | [[]solo.io.envoy.type.metadata.v3.MetadataKey.PathSegment](../metadata.proto.sk/#pathsegment) | The path to retrieve the Value from the Struct. It can be a prefix or a full path, e.g. `[prop, xyz]` for a struct or `[prop, foo]` for a string in the example, which depends on the particular scenario. Note: Due to that only the key type segment is supported, the path can not specify a list unless the list is the last segment. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md index 84301ce0323..f3e866e97d8 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md @@ -116,9 +116,9 @@ Header type custom tag with header name and default value. Metadata type custom tag using -:ref:`MetadataKey ` to retrieve the protobuf value -from :ref:`Metadata `, and populate the tag value with -`the canonical JSON `_ +MetadataKey to retrieve the protobuf value +from Metadata, and populate the tag value with +[the canonical JSON](https://developers.google.com/protocol-buffers/docs/proto3#json) representation of it. ```yaml diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md index bd5faed0788..efaeda855e2 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md @@ -27,7 +27,7 @@ weight: 5 CidrRange specifies an IP Address and a prefix length to construct -the subnet mask for a `CIDR `_ range. +the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. ```yaml "addressPrefix": string @@ -37,7 +37,7 @@ the subnet mask for a `CIDR `_ ra | Field | Type | Description | | ----- | ---- | ----------- | -| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. | +| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. | | `prefixLen` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Length of prefix, e.g. 0, 32. Defaults to 0 when unset. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md index d94d24cef36..6e1c551b9ca 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md @@ -37,7 +37,7 @@ names with optional wildcards. | Field | Type | Description | | ----- | ---- | ----------- | -| `domainMatchers` | [[]xds.type.matcher.v3.ServerNameMatcher.DomainMatcher](../domain.proto.sk/#domainmatcher) | Match a server name by multiple domain matchers. Each domain, exact or wildcard, must appear at most once across all the domain matchers. The server name will be matched against all wildcard domains starting from the longest suffix, i.e. ``www.example.com`` input will be first matched against ``www.example.com``, then ``*.example.com``, then ``*.com``, then ``*``, until the associated matcher action accepts the input. Note that wildcards must be on a dot border, and values like ``*w.example.com`` are invalid. | +| `domainMatchers` | [[]xds.type.matcher.v3.ServerNameMatcher.DomainMatcher](../domain.proto.sk/#domainmatcher) | Match a server name by multiple domain matchers. Each domain, exact or wildcard, must appear at most once across all the domain matchers. The server name will be matched against all wildcard domains starting from the longest suffix, i.e. `www.example.com` input will be first matched against `www.example.com`, then `*.example.com`, then `*.com`, then `*`, until the associated matcher action accepts the input. Note that wildcards must be on a dot border, and values like `*w.example.com` are invalid. | @@ -47,7 +47,7 @@ names with optional wildcards. Specifies a set of exact and wildcard domains and a match action. The -wildcard symbol ``*`` must appear at most once as the left-most part of +wildcard symbol `*` must appear at most once as the left-most part of the domain on a dot border. The wildcard matches one or more non-empty domain parts. @@ -59,7 +59,7 @@ domain parts. | Field | Type | Description | | ----- | ---- | ----------- | -| `domains` | `[]string` | A non-empty set of domain names with optional wildcards, e.g. ``www.example.com``, ``*.com``, or ``*``. | +| `domains` | `[]string` | A non-empty set of domain names with optional wildcards, e.g. `www.example.com`, `*.com`, or `*`. | | `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the server name matches any of the domain names in the matcher. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md index 4238e8e3b91..553f471dad2 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md @@ -29,10 +29,9 @@ weight: 5 Specifies that matching should be performed on the set of :ref:`HTTP attributes `. -The attributes will be exposed via `Common Expression Language -`_ runtime to associated CEL matcher. +The attributes will be exposed via [Common Expression Language](https://github.com/google/cel-spec) runtime to associated CEL matcher. -Refer to :ref:`Unified Matcher API ` documentation +Refer to Unified Matcher API documentation for usage details. [#comment:TODO(sergiitk): When implemented, add the extension tag.] diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md index 0c2bae198b3..63551d485b7 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md @@ -58,7 +58,7 @@ Specifies a list of IP address ranges and a match action. | ----- | ---- | ----------- | | `ranges` | [[]xds.core.v3.CidrRange](../../../../core/v3/cidr.proto.sk/#cidrrange) | A non-empty set of CIDR ranges. | | `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the IP address is within one of the CIDR ranges. | -| `exclusive` | `bool` | Indicates whether this match option should be considered if there is a more specific matcher. Exclusive matchers are not selected whenever a more specific matcher exists (e.g. matcher with a longer prefix) even when the more specific matcher fails its nested match condition. Non-exclusive matchers are considered if the more specific matcher exists but its nested match condition does not entirely match. Non-exclusive matchers are selected in the order of their specificity first (longest prefix first), then the order of declaration next. For example, consider two range matchers: an exclusive matcher *X* on ``0.0.0.0/0`` and a matcher *Y* on ``192.0.0.0/2`` with a nested match condition *Z*. For the input IP ``192.168.0.1`` matcher *Y* is the most specific. If its nested match condition *Z* does not accept the input, then the less specific matcher *X* does not apply either despite the input being within the range, because matcher *X* is exclusive. The opposite is true if matcher *X* is not marked as exclusive. In that case matcher *X* always matches whenever matcher "*Y* rejects the input. | +| `exclusive` | `bool` | Indicates whether this match option should be considered if there is a more specific matcher. Exclusive matchers are not selected whenever a more specific matcher exists (e.g. matcher with a longer prefix) even when the more specific matcher fails its nested match condition. Non-exclusive matchers are considered if the more specific matcher exists but its nested match condition does not entirely match. Non-exclusive matchers are selected in the order of their specificity first (longest prefix first), then the order of declaration next. For example, consider two range matchers: an exclusive matcher *X* on `0.0.0.0/0` and a matcher *Y* on `192.0.0.0/2` with a nested match condition *Z*. For the input IP `192.168.0.1` matcher *Y* is the most specific. If its nested match condition *Z* does not accept the input, then the less specific matcher *X* does not apply either despite the input being within the range, because matcher *X* is exclusive. The opposite is true if matcher *X* is not marked as exclusive. In that case matcher *X* always matches whenever matcher "*Y* rejects the input. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md index 021fc325c56..ee3d486fd02 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md @@ -47,9 +47,8 @@ A regex matcher designed for safety when used with untrusted input. ### GoogleRE2 -Google's `RE2 `_ regex engine. The regex -string must adhere to the documented `syntax -`_. The engine is designed to +Google's [RE2](https://github.com/google/re2) regex engine. The regex +string must adhere to the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed to complete execution in linear time as well as limit the amount of memory used. diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/core/matchers/matchers.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/core/matchers/matchers.proto.sk.md index eced9ea4e16..c725a21a5e9 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/core/matchers/matchers.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/core/matchers/matchers.proto.sk.md @@ -47,7 +47,7 @@ Parameters for matching routes to requests received by a Gloo-managed proxy | ----- | ---- | ----------- | | `prefix` | `string` | If specified, the route is a prefix rule meaning that the prefix must match the beginning of the *:path* header. Only one of `prefix`, `exact`, `regex`, or `connectMatcher` can be set. | | `exact` | `string` | If specified, the route is an exact path rule meaning that the path must exactly match the *:path* header once the query string is removed. Only one of `exact`, `prefix`, `regex`, or `connectMatcher` can be set. | -| `regex` | `string` | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a sub-sequence of the *:path* header matches the regex. The regex grammar is defined `here `_. Examples:
* The regex */b[io]t* matches the path */bit*
* The regex */b[io]t* matches the path */bot*
* The regex */b[io]t* does not match the path */bite*
* The regex */b[io]t* does not match the path */bit/bot*

Note that the complexity of the regex is constrained by the regex engine's "program size" setting. If your regex is too complex, you may need to adjust the `regexMaxProgramSize` field in the `GlooOptions` section of your `Settings` resource (The gloo default is 1024). Only one of `regex`, `prefix`, `exact`, or `connectMatcher` can be set. | +| `regex` | `string` | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a sub-sequence of the *:path* header matches the regex. The regex grammar is defined [here](http://en.cppreference.com/w/cpp/regex/ecmascript). Examples:
* The regex */b[io]t* matches the path */bit*
* The regex */b[io]t* matches the path */bot*
* The regex */b[io]t* does not match the path */bite*
* The regex */b[io]t* does not match the path */bit/bot*

Note that the complexity of the regex is constrained by the regex engine's "program size" setting. If your regex is too complex, you may need to adjust the `regexMaxProgramSize` field in the `GlooOptions` section of your `Settings` resource (The gloo default is 1024). Only one of `regex`, `prefix`, `exact`, or `connectMatcher` can be set. | | `connectMatcher` | [.matchers.core.gloo.solo.io.Matcher.ConnectMatcher](../matchers.proto.sk/#connectmatcher) | If this is used as the matcher, the matcher will only match CONNECT requests. Note that this will not match HTTP/2 upgrade-style CONNECT requests (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style upgrades. This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, where CONNECT requests may have a path, the path matchers will work if there is a path present. Note that CONNECT support is currently considered alpha in Envoy. Only one of `connectMatcher`, `prefix`, `exact`, or `regex` can be set. | | `caseSensitive` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that prefix/path matching should be case sensitive. The default is true. | | `headers` | [[]matchers.core.gloo.solo.io.HeaderMatcher](../matchers.proto.sk/#headermatcher) | Specifies a set of headers that the route should match on. The router will check the request’s headers against all the specified headers in the route config. A match will happen if all the headers in the route are present in the request with the same values (or based on presence if the value field is not in the config). | @@ -92,7 +92,7 @@ Thus, if attempting to match on *Host*, match on *:authority* instead. | `name` | `string` | Specifies the name of the header in the request. | | `value` | `string` | Specifies the value of the header. If the value is absent a request that has the name header will match, regardless of the header’s value. | | `regex` | `bool` | Specifies whether the header value should be treated as regex or not. | -| `invertMatch` | `bool` | If set to true, the result of the match will be inverted. Defaults to false. Examples: * name=foo, invert_match=true: matches if no header named `foo` is present * name=foo, value=bar, invert_match=true: matches if no header named `foo` with value `bar` is present * name=foo, value=``\d{3}``, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present. | +| `invertMatch` | `bool` | If set to true, the result of the match will be inverted. Defaults to false. Examples: * name=foo, invert_match=true: matches if no header named `foo` is present * name=foo, value=bar, invert_match=true: matches if no header named `foo` with value `bar` is present * name=foo, value=`\d{3}`, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md index e430bcecc98..de49a683ff8 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md @@ -76,7 +76,7 @@ Users should take care to understand the risks of using this extension before pr | `filterMetadata` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Additional metadata to be added to the filter state for logging purposes. The metadata will be added to StreamInfo's filter state under the namespace corresponding to the ext_proc filter name. | | `allowModeOverride` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If `allow_mode_override` is set to true, the filter config [processing_mode](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto#envoy-v3-api-field-extensions-filters-http-ext-proc-v3-externalprocessor-processing-mode) can be overridden by the response message from the external processing server [mode_override](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto#envoy-v3-api-field-service-ext-proc-v3-processingresponse-mode-override). If not set, `mode_override` API in the response message will be ignored. | | `metadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service as an opaque *protobuf::Struct*. | -| `typedMetadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service. :ref:`typed_filter_metadata ` is passed as an ``protobuf::Any``. It works in a way similar to ``metadata_context_namespaces`` but allows envoy and external processing server to share the protobuf message definition in order to do a safe parsing. | +| `typedMetadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition in order to do a safe parsing. | @@ -150,7 +150,7 @@ External processor settings that can be configured on a virtual host or route. | `responseAttributes` | `[]string` | NOT FINALIZED UPSTREAM use at your own upgrade risk Set different optional properties than the default setting of the `response_attributes` field. | | `grpcService` | [.extproc.options.gloo.solo.io.GrpcService](../extproc.proto.sk/#grpcservice) | Set a different gRPC service for this virtual host or route than the default. | | `metadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service as an opaque *protobuf::Struct*. | -| `typedMetadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service. :ref:`typed_filter_metadata ` is passed as an ``protobuf::Any``. It works in a way similar to ``metadata_context_namespaces`` but allows envoy and external processing server to share the protobuf message definition in order to do a safe parsing. | +| `typedMetadataContextNamespaces` | `[]string` | Specifies a list of metadata namespaces whose values, if present, will be passed to the ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition in order to do a safe parsing. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto.sk.md index 3630ab38c63..f3e63dec3bf 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto.sk.md @@ -149,8 +149,8 @@ Is a Schema Extension | Field | Type | Description | | ----- | ---- | ----------- | -| `protoDescriptor` | `string` | Supplies the filename of :ref:`the proto descriptor set ` for the gRPC services. Only one of `protoDescriptor`, `protoDescriptorBin`, or `protoRefsList` can be set. | -| `protoDescriptorBin` | `bytes` | Supplies the binary content of :ref:`the proto descriptor set ` for the gRPC services. Note: in yaml, this must be provided as a base64 standard encoded string; yaml cannot handle binary bytes. Only one of `protoDescriptorBin`, `protoDescriptor`, or `protoRefsList` can be set. | +| `protoDescriptor` | `string` | Supplies the filename of the proto descriptor set for the gRPC services. Only one of `protoDescriptor`, `protoDescriptorBin`, or `protoRefsList` can be set. | +| `protoDescriptorBin` | `bytes` | Supplies the binary content of the proto descriptor set for the gRPC services. Note: in yaml, this must be provided as a base64 standard encoded string; yaml cannot handle binary bytes. Only one of `protoDescriptorBin`, `protoDescriptor`, or `protoRefsList` can be set. | | `protoRefsList` | [.graphql.gloo.solo.io.GrpcDescriptorRegistry.ProtoRefs](../graphql.proto.sk/#protorefs) | Allows the user to put proto descriptor set binary content in configmaps; The descriptor set binary content in these config maps must be base64 encoded Generating the proto descriptor binary and base64 encoding it can be done using the following command `protoc ./your-proto-here.proto --proto_path . --descriptor_set_out="/dev/stdout" --include_imports | base64`. Only one of `protoRefsList`, `protoDescriptor`, or `protoDescriptorBin` can be set. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/failover.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/failover.proto.sk.md index 5f49097146f..dd184a7dba1 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/failover.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/failover.proto.sk.md @@ -88,7 +88,7 @@ the list, first being `0` through `n-1`. | Field | Type | Description | | ----- | ---- | ----------- | -| `overprovisioningFactor` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Priority levels and localities are considered overprovisioned with this factor (in percentage). This means that we don't consider a priority level or locality unhealthy until the fraction of healthy hosts multiplied by the overprovisioning factor drops below 100. With the default value 140(1.4), Envoy doesn't consider a priority level or a locality unhealthy until their percentage of healthy hosts drops below 72%. For example: .. code-block:: json { "overprovisioning_factor": 100 } Read more at :ref:`priority levels ` and :ref:`localities `. | +| `overprovisioningFactor` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Priority levels and localities are considered overprovisioned with this factor (in percentage). This means that we don't consider a priority level or locality unhealthy until the fraction of healthy hosts multiplied by the overprovisioning factor drops below 100. With the default value 140(1.4), Envoy doesn't consider a priority level or a locality unhealthy until their percentage of healthy hosts drops below 72%. For example: .. code-block:: json { "overprovisioning_factor": 100 } Read more at priority levels and localities. | @@ -186,7 +186,7 @@ Identifies location of where either Envoy runs or where upstream hosts run. | Field | Type | Description | | ----- | ---- | ----------- | | `region` | `string` | Region this zone belongs to. | -| `zone` | `string` | Defines the local service zone where Envoy is running. The meaning of zone is context dependent, e.g. `Availability Zone (AZ) `_ on AWS, `Zone `_ on GCP, etc. | +| `zone` | `string` | Defines the local service zone where Envoy is running. The meaning of zone is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on GCP, etc. | | `subZone` | `string` | When used for locality of upstream hosts, this field further splits zone into smaller chunks of sub-zones so they can be load balanced independently. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/load_balancer.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/load_balancer.proto.sk.md index a587b9f4916..a3d3a2921cf 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/load_balancer.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/load_balancer.proto.sk.md @@ -181,7 +181,7 @@ Customizes the parameters used in the hashing algorithm to refine performance or | Field | Type | Description | | ----- | ---- | ----------- | | `slowStartWindow` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Represents the size of slow start window. If set, the newly created host remains in slow start mode starting from its creation time for the duration of slow start window. | -| `aggression` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | This parameter controls the speed of traffic increase over the slow start window. Defaults to 1.0, so that endpoint would get linearly increasing amount of traffic. When increasing the value for this parameter, the speed of traffic ramp-up increases non-linearly. The value of aggression parameter should be greater than 0.0. By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve. During slow start window, effective weight of an endpoint would be scaled with time factor and aggression: ``new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))``, where ``time_factor=(time_since_start_seconds / slow_start_time_seconds)``. As time progresses, more and more traffic would be sent to endpoint, which is in slow start window. Once host exits slow start, time_factor and aggression no longer affect its weight. | +| `aggression` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | This parameter controls the speed of traffic increase over the slow start window. Defaults to 1.0, so that endpoint would get linearly increasing amount of traffic. When increasing the value for this parameter, the speed of traffic ramp-up increases non-linearly. The value of aggression parameter should be greater than 0.0. By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve. During slow start window, effective weight of an endpoint would be scaled with time factor and aggression: `new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))`, where `time_factor=(time_since_start_seconds / slow_start_time_seconds)`. As time progresses, more and more traffic would be sent to endpoint, which is in slow start window. Once host exits slow start, time_factor and aggression no longer affect its weight. | | `minWeightPercent` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | Configures the minimum percentage of origin weight that avoids too small new weight, which may cause endpoints in slow start mode receive no traffic in slow start window. If not specified, the default is 10%. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md index 30d8cdc2302..cfc3ea94119 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md @@ -279,9 +279,9 @@ Filters for random sampling of requests. | Field | Type | Description | | ----- | ---- | ----------- | -| `runtimeKey` | `string` | Runtime key to get an optional overridden numerator for use in the ``percent_sampled`` field. If found in runtime, this value will replace the default numerator. | +| `runtimeKey` | `string` | Runtime key to get an optional overridden numerator for use in the `percent_sampled` field. If found in runtime, this value will replace the default numerator. | | `percentSampled` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../external/envoy/type/v3/percent.proto.sk/#fractionalpercent) | The default sampling percentage. If not specified, defaults to 0% with denominator of 100. | -| `useIndependentRandomness` | `bool` | By default, sampling pivots on the header :ref:`x-request-id` being present. If :ref:`x-request-id` is present, the filter will consistently sample across multiple hosts based on the runtime key value and the value extracted from :ref:`x-request-id`. If it is missing, or ``use_independent_randomness`` is set to true, the filter will randomly sample based on the runtime key value alone. ``use_independent_randomness`` can be used for logging kill switches within complex nested :ref:`AndFilter ` and :ref:`OrFilter ` blocks that are easier to reason about from a probability perspective (i.e., setting to true will cause the filter to behave like an independent random variable when composed within logical operator filters). | +| `useIndependentRandomness` | `bool` | By default, sampling pivots on the header :ref:`x-request-id` being present. If :ref:`x-request-id` is present, the filter will consistently sample across multiple hosts based on the runtime key value and the value extracted from :ref:`x-request-id`. If it is missing, or `use_independent_randomness` is set to true, the filter will randomly sample based on the runtime key value alone. `use_independent_randomness` can be used for logging kill switches within complex nested :ref:`AndFilter ` and :ref:`OrFilter ` blocks that are easier to reason about from a probability perspective (i.e., setting to true will cause the filter to behave like an independent random variable when composed within logical operator filters). | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md index 6ae90cbf974..c02d37c1947 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md @@ -104,8 +104,8 @@ Configuration for the dynamic forward proxy DNS cache. See the :ref:`architectur | ----- | ---- | ----------- | | `dnsLookupFamily` | [.dfp.options.gloo.solo.io.DnsLookupFamily](../dynamic_forward_proxy.proto.sk/#dnslookupfamily) | The DNS lookup family to use during resolution. [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and then configures a host to have a primary and fall back address. With this, we could very likely build a "happy eyeballs" connection pool which would race the primary / fall back address and return the one that wins. This same method could potentially also be used for QUIC to TCP fall back.]. | | `dnsRefreshRate` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The DNS refresh rate for unresolved DNS hosts. If not specified defaults to 60s. The refresh rate is rounded to the closest millisecond, and must be at least 1ms. Once a host has been resolved, the refresh rate will be the DNS TTL, capped at a minimum of 5s. | -| `hostTtl` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The TTL for hosts that are unused. Hosts that have not been used in the configured time interval will be purged. If not specified defaults to 5m. .. note: The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This means that if the configured TTL is shorter than the refresh rate the host may not be removed immediately. .. note: The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. | -| `maxHosts` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum number of hosts that the cache will hold. If not specified defaults to 1024. .. note: The implementation is approximate and enforced independently on each worker thread, thus it is possible for the maximum hosts in the cache to go slightly above the configured value depending on timing. This is similar to how other circuit breakers work. | +| `hostTtl` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The TTL for hosts that are unused. Hosts that have not been used in the configured time interval will be purged. If not specified defaults to 5m. **Note**: The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This means that if the configured TTL is shorter than the refresh rate the host may not be removed immediately. **Note**: The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. | +| `maxHosts` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum number of hosts that the cache will hold. If not specified defaults to 1024. **Note**: The implementation is approximate and enforced independently on each worker thread, thus it is possible for the maximum hosts in the cache to go slightly above the configured value depending on timing. This is similar to how other circuit breakers work. | | `dnsFailureRefreshRate` | [.dfp.options.gloo.solo.io.RefreshRate](../dynamic_forward_proxy.proto.sk/#refreshrate) | If the DNS failure refresh rate is specified, this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is not specified, the failure refresh rate defaults to the dns_refresh_rate. | | `dnsCacheCircuitBreaker` | [.dfp.options.gloo.solo.io.DnsCacheCircuitBreakers](../dynamic_forward_proxy.proto.sk/#dnscachecircuitbreakers) | The config of circuit breakers for resolver. It provides a configurable threshold. Envoy will use dns cache circuit breakers with default settings even if this value is not set. | | `caresDns` | [.dfp.options.gloo.solo.io.CaresDnsResolverConfig](../dynamic_forward_proxy.proto.sk/#caresdnsresolverconfig) | Only one of `caresDns` or `appleDns` can be set. | @@ -129,8 +129,8 @@ Configuration for the dynamic forward proxy DNS cache. See the :ref:`architectur | Field | Type | Description | | ----- | ---- | ----------- | -| `baseInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the base interval between refreshes. This parameter is required and must be greater than 1ms and less than :ref:`max_interval `. | -| `maxInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the maximum interval between refreshes. This parameter is optional, but must be greater than or equal to the :ref:`base_interval ` if set. The default is 10 times the :ref:`base_interval `. | +| `baseInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the base interval between refreshes. This parameter is required and must be greater than 1ms and less than max_interval. | +| `maxInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the maximum interval between refreshes. This parameter is optional, but must be greater than or equal to the base_interval if set. The default is 10 times the base_interval. | @@ -149,8 +149,8 @@ Per route Configuration for the dynamic forward proxy HTTP filter. | Field | Type | Description | | ----- | ---- | ----------- | -| `hostRewrite` | `string` | Indicates that before DNS lookup, the host header will be swapped with this value. If not set or empty, the original host header value will be used and no rewrite will happen. Note: this rewrite affects both DNS lookup and host header forwarding. However, this option shouldn't be used with :ref:`HCM host rewrite ` given that the value set here would be used for DNS lookups whereas the value set in the HCM would be used for host header forwarding which is not the desired outcome. Only one of `hostRewrite` or `autoHostRewriteHeader` can be set. | -| `autoHostRewriteHeader` | `string` | Indicates that before DNS lookup, the host header will be swapped with the value of this header. If not set or empty, the original host header value will be used and no rewrite will happen. Note: this rewrite affects both DNS lookup and host header forwarding. However, this option shouldn't be used with :ref:`HCM host rewrite header ` given that the value set here would be used for DNS lookups whereas the value set in the HCM would be used for host header forwarding which is not the desired outcome. .. note:: If the header appears multiple times only the first value is used. Only one of `autoHostRewriteHeader` or `hostRewrite` can be set. | +| `hostRewrite` | `string` | Indicates that before DNS lookup, the host header will be swapped with this value. If not set or empty, the original host header value will be used and no rewrite will happen. Note: this rewrite affects both DNS lookup and host header forwarding. However, this option shouldn't be used with HCM host rewrite given that the value set here would be used for DNS lookups whereas the value set in the HCM would be used for host header forwarding which is not the desired outcome. Only one of `hostRewrite` or `autoHostRewriteHeader` can be set. | +| `autoHostRewriteHeader` | `string` | Indicates that before DNS lookup, the host header will be swapped with the value of this header. If not set or empty, the original host header value will be used and no rewrite will happen. Note: this rewrite affects both DNS lookup and host header forwarding. However, this option shouldn't be used with :ref:`HCM host rewrite header ` given that the value set here would be used for DNS lookups whereas the value set in the HCM would be used for host header forwarding which is not the desired outcome. **Note**: If the header appears multiple times only the first value is used. Only one of `autoHostRewriteHeader` or `hostRewrite` can be set. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/grpc_json/grpc_json.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/grpc_json/grpc_json.proto.sk.md index 757c1089d02..0f870b3fa60 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/grpc_json/grpc_json.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/grpc_json/grpc_json.proto.sk.md @@ -49,13 +49,13 @@ weight: 5 | `protoDescriptor` | `string` | Supplies the filename of the [proto descriptor set](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#config-grpc-json-generate-proto-descriptor-set) for the gRPC services. Only one of `protoDescriptor`, `protoDescriptorBin`, or `protoDescriptorConfigMap` can be set. | | `protoDescriptorBin` | `bytes` | Supplies the binary content of the [proto descriptor set](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#config-grpc-json-generate-proto-descriptor-set) for the gRPC services. Note: in yaml, this must be provided as a base64 standard encoded string; yaml can't handle binary bytes. Only one of `protoDescriptorBin`, `protoDescriptor`, or `protoDescriptorConfigMap` can be set. | | `protoDescriptorConfigMap` | [.grpc_json.options.gloo.solo.io.GrpcJsonTranscoder.DescriptorConfigMap](../grpc_json.proto.sk/#descriptorconfigmap) | A reference to a ConfigMap containing the base64-encoded binary content of the [proto descriptor set](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/grpc_json_transcoder_filter#config-grpc-json-generate-proto-descriptor-set) for the gRPC services. Only one of `protoDescriptorConfigMap`, `protoDescriptor`, or `protoDescriptorBin` can be set. | -| `services` | `[]string` | A list of strings that supplies the fully qualified service names (i.e. "package_name.service_name") that the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, Envoy will fail at startup. The ``proto_descriptor`` may contain more services than the service names specified here, but they won't be translated. | -| `printOptions` | [.grpc_json.options.gloo.solo.io.GrpcJsonTranscoder.PrintOptions](../grpc_json.proto.sk/#printoptions) | Control options for response JSON. These options are passed directly to `JsonPrintOptions `_. | +| `services` | `[]string` | A list of strings that supplies the fully qualified service names (i.e. "package_name.service_name") that the transcoder will translate. If the service name doesn't exist in `proto_descriptor`, Envoy will fail at startup. The `proto_descriptor` may contain more services than the service names specified here, but they won't be translated. | +| `printOptions` | [.grpc_json.options.gloo.solo.io.GrpcJsonTranscoder.PrintOptions](../grpc_json.proto.sk/#printoptions) | Control options for response JSON. These options are passed directly to [JsonPrintOptions](https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.util.json_util#JsonPrintOptions). | | `matchIncomingRequestRoute` | `bool` | Set this value to true to keep the incoming request route after the outgoing headers are transformed to match the upstream gRPC service. Note that you cannot set this value to true with routes for gRPC services that are not transcoded. When set to false, Envoy does not match against the incoming request path. For more information, see the Envoy docs . | -| `ignoredQueryParameters` | `[]string` | A list of query parameters to be ignored for transcoding method mapping. By default, the transcoder filter will not transcode a request if there are any unknown/invalid query parameters. Example : .. code-block:: proto service Bookstore { rpc GetShelf(GetShelfRequest) returns (Shelf) { option (google.api.http) = { get: "/shelves/{shelf}" }; } } message GetShelfRequest { int64 shelf = 1; } message Shelf {} The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow the same request to be mapped to ``GetShelf``. | -| `autoMapping` | `bool` | Whether to route methods without the ``google.api.http`` option. Example : .. code-block:: proto package bookstore; service Bookstore { rpc GetShelf(GetShelfRequest) returns (Shelf) {} } message GetShelfRequest { int64 shelf = 1; } message Shelf {} The client could ``post`` a json body ``{"shelf": 1234}`` with the path of ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. | -| `ignoreUnknownQueryParameters` | `bool` | Whether to ignore query parameters that cannot be mapped to a corresponding protobuf field. Use this if you cannot control the query parameters and do not know them beforehand. Otherwise use ``ignored_query_parameters``. Defaults to false. | -| `convertGrpcStatus` | `bool` | Whether to convert gRPC status headers to JSON. When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` from the ``grpc-status-details-bin`` header and use it as JSON body. If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and ``grpc-message`` headers. The error details types must be present in the ``proto_descriptor``. For example, if an upstream server replies with headers: .. code-block:: none grpc-status: 5 grpc-status-details-bin: CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message ``google.rpc.Status``. It will be transcoded into: .. code-block:: none HTTP/1.1 404 Not Found content-type: application/json {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} In order to transcode the message, the ``google.rpc.RequestInfo`` type from the ``google/rpc/error_details.proto`` should be included in the configured :ref:`proto descriptor set `. | +| `ignoredQueryParameters` | `[]string` | A list of query parameters to be ignored for transcoding method mapping. By default, the transcoder filter will not transcode a request if there are any unknown/invalid query parameters. Example : .. code-block:: proto service Bookstore { rpc GetShelf(GetShelfRequest) returns (Shelf) { option (google.api.http) = { get: "/shelves/{shelf}" }; } } message GetShelfRequest { int64 shelf = 1; } message Shelf {} The request `/shelves/100?foo=bar` will not be mapped to `GetShelf` because variable binding for `foo` is not defined. Adding `foo` to `ignored_query_parameters` will allow the same request to be mapped to `GetShelf`. | +| `autoMapping` | `bool` | Whether to route methods without the `google.api.http` option. Example : .. code-block:: proto package bookstore; service Bookstore { rpc GetShelf(GetShelfRequest) returns (Shelf) {} } message GetShelfRequest { int64 shelf = 1; } message Shelf {} The client could `post` a json body `{"shelf": 1234}` with the path of `/bookstore.Bookstore/GetShelfRequest` to call `GetShelfRequest`. | +| `ignoreUnknownQueryParameters` | `bool` | Whether to ignore query parameters that cannot be mapped to a corresponding protobuf field. Use this if you cannot control the query parameters and do not know them beforehand. Otherwise use `ignored_query_parameters`. Defaults to false. | +| `convertGrpcStatus` | `bool` | Whether to convert gRPC status headers to JSON. When trailer indicates a gRPC error and there was no HTTP body, take `google.rpc.Status` from the `grpc-status-details-bin` header and use it as JSON body. If there was no such header, make `google.rpc.Status` out of the `grpc-status` and `grpc-message` headers. The error details types must be present in the `proto_descriptor`. For example, if an upstream server replies with headers: .. code-block:: none grpc-status: 5 grpc-status-details-bin: CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ The `grpc-status-details-bin` header contains a base64-encoded protobuf message `google.rpc.Status`. It will be transcoded into: .. code-block:: none HTTP/1.1 404 Not Found content-type: application/json {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} In order to transcode the message, the `google.rpc.RequestInfo` type from the `google/rpc/error_details.proto` should be included in the configured proto descriptor set. | @@ -78,7 +78,7 @@ weight: 5 | `addWhitespace` | `bool` | Whether to add spaces, line breaks and indentation to make the JSON output easy to read. Defaults to false. | | `alwaysPrintPrimitiveFields` | `bool` | Whether to always print primitive fields. By default primitive fields with default values will be omitted in JSON output. For example, an int32 field set to 0 will be omitted. Setting this flag to true will override the default behavior and print primitive fields regardless of their values. Defaults to false. | | `alwaysPrintEnumsAsInts` | `bool` | Whether to always print enums as ints. By default they are rendered as strings. Defaults to false. | -| `preserveProtoFieldNames` | `bool` | Whether to preserve proto field names. By default protobuf will generate JSON field names using the ``json_name`` option, or lower camel case, in that order. Setting this flag will preserve the original field names. Defaults to false. | +| `preserveProtoFieldNames` | `bool` | Whether to preserve proto field names. By default protobuf will generate JSON field names using the `json_name` option, or lower camel case, in that order. Setting this flag will preserve the original field names. Defaults to false. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/protocol/protocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/protocol/protocol.proto.sk.md index b0edbd60451..aa47e0284f3 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/protocol/protocol.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/protocol/protocol.proto.sk.md @@ -40,7 +40,7 @@ weight: 5 | Field | Type | Description | | ----- | ---- | ----------- | -| `idleTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The idle timeout for connections. The idle timeout is defined as the period in which there are no active requests. When the idle timeout is reached the connection will be closed. If the connection is an HTTP/2 downstream connection a drain sequence will occur prior to closing the connection, see :ref:`drain_timeout `. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. .. warning:: Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP FIN packets, etc. | +| `idleTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The idle timeout for connections. The idle timeout is defined as the period in which there are no active requests. When the idle timeout is reached the connection will be closed. If the connection is an HTTP/2 downstream connection a drain sequence will occur prior to closing the connection, see :ref:`drain_timeout `. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. **Warning**: Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP FIN packets, etc. | | `maxHeadersCount` | `int` | The maximum number of headers. If unconfigured, the default maximum number of request headers allowed is 100. Requests that exceed this limit will receive a 431 response for HTTP/1.x and cause a stream reset for HTTP/2. | | `maxStreamDuration` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be reset independent of any other timeouts. If not specified, this value is not set. | | `headersWithUnderscoresAction` | [.protocol.options.gloo.solo.io.HttpProtocolOptions.HeadersWithUnderscoresAction](../protocol.proto.sk/#headerswithunderscoresaction) | Action to take when a client request with a header name containing underscore characters is received. If this setting is not specified, the value defaults to ALLOW. Note: upstream responses are not affected by this setting. | @@ -105,10 +105,10 @@ characters. | Field | Type | Description | | ----- | ---- | ----------- | -| `maxConcurrentStreams` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | `Maximum concurrent streams `_ allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) and defaults to 2147483647. For upstream connections, this also limits how many streams Envoy will initiate concurrently on a single connection. If the limit is reached, Envoy may queue requests or establish additional connections (as allowed per circuit breaker limits). This acts as an upper bound: Envoy will lower the max concurrent streams allowed on a given connection based on upstream settings. Config dumps will reflect the configured upper bound, not the per-connection negotiated limits. | -| `initialStreamWindowSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | `Initial stream-level flow-control window `_ size. Valid values range from 65535 (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 (256 * 1024 * 1024). NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default window size now, so it's also the minimum. This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to stop the flow of data to the codec buffers. | +| `maxConcurrentStreams` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | [Maximum concurrent streams](https://httpwg.org/specs/rfc7540.html#rfc.section.5.1.2) allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) and defaults to 2147483647. For upstream connections, this also limits how many streams Envoy will initiate concurrently on a single connection. If the limit is reached, Envoy may queue requests or establish additional connections (as allowed per circuit breaker limits). This acts as an upper bound: Envoy will lower the max concurrent streams allowed on a given connection based on upstream settings. Config dumps will reflect the configured upper bound, not the per-connection negotiated limits. | +| `initialStreamWindowSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | [Initial stream-level flow-control window](https://httpwg.org/specs/rfc7540.html#rfc.section.6.9.2) size. Valid values range from 65535 (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 (256 * 1024 * 1024). NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default window size now, so it's also the minimum. This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to stop the flow of data to the codec buffers. | | `initialConnectionWindowSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Similar to *initial_stream_window_size*, but for connection-level flow-control window. Currently, this has the same minimum/maximum/default as *initial_stream_window_size*. | -| `overrideStreamErrorOnInvalidHttpMessage` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Allows invalid HTTP messaging and headers. When this option is disabled (default), then the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, when this option is enabled, only the offending stream is terminated. This overrides any HCM :ref:`stream_error_on_invalid_http_messaging ` See `RFC7540, sec. 8.1 `_ for details. | +| `overrideStreamErrorOnInvalidHttpMessage` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Allows invalid HTTP messaging and headers. When this option is disabled (default), then the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, when this option is enabled, only the offending stream is terminated. This overrides any HCM :ref:`stream_error_on_invalid_http_messaging ` See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto.sk.md index 6b6c3d548f9..1807c9a6910 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto.sk.md @@ -38,7 +38,7 @@ weight: 5 | Field | Type | Description | | ----- | ---- | ----------- | | `rules` | [[]proxy_protocol.options.gloo.solo.io.ProxyProtocol.Rule](../proxy_protocol.proto.sk/#rule) | The list of rules to apply to requests. | -| `allowRequestsWithoutProxyProtocol` | `bool` | Allow requests through that don't use proxy protocol. Defaults to false. .. attention:: The true setting is only honored in Gloo Gateway Enterprise. This breaks conformance with the specification. Only enable if ALL traffic to the listener comes from a trusted source. For more information on the security implications of this feature, see https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt. | +| `allowRequestsWithoutProxyProtocol` | `bool` | Allow requests through that don't use proxy protocol. Defaults to false. **Attention**: The true setting is only honored in Gloo Gateway Enterprise. This breaks conformance with the specification. Only enable if ALL traffic to the listener comes from a trusted source. For more information on the security implications of this feature, see https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt. | @@ -76,7 +76,7 @@ A Rule defines what metadata to apply when a header is present or missing. | Field | Type | Description | | ----- | ---- | ----------- | -| `tlvType` | `int` | The type that triggers the rule - required TLV type is defined as uint8_t in proxy protocol. See `the spec `_ for details. | +| `tlvType` | `int` | The type that triggers the rule - required TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. | | `onTlvPresent` | [.proxy_protocol.options.gloo.solo.io.ProxyProtocol.KeyValuePair](../proxy_protocol.proto.sk/#keyvaluepair) | If the TLV type is present, apply this metadata KeyValuePair. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md index a7182584fd8..71149940b61 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md @@ -612,7 +612,7 @@ Notice: RedirectAction is copied directly from https://github.com/envoyproxy/env | `hostRedirect` | `string` | The host portion of the URL will be swapped with this value. | | `pathRedirect` | `string` | The path portion of the URL will be swapped with this value. Only one of `pathRedirect`, `prefixRewrite`, or `regexRewrite` can be set. | | `prefixRewrite` | `string` | Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows redirect URLs be dynamically created based on the request. Pay attention to the use of trailing slashes as mentioned in `RouteAction`'s `prefix_rewrite`. Only one of `prefixRewrite`, `pathRedirect`, or `regexRewrite` can be set. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../external/envoy/type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's `RE2 `_ engine: * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` into ``/v1/api/instance/foo``. * The pattern ``one`` paired with a substitution string of ``two`` would transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of ``\1two\2`` would replace only the first occurrence of ``one``, transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to ``/aaa/yyy/bbb``. Only one of `regexRewrite`, `pathRedirect`, or `prefixRewrite` can be set. | +| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../external/envoy/type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's [RE2](https://github.com/google/re2) engine: * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution string of `\2/instance/\1` would transform `/service/foo/v1/api` into `/v1/api/instance/foo`. * The pattern `one` paired with a substitution string of `two` would transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. * The pattern `^(.*?)one(.*)$` paired with a substitution string of `\1two\2` would replace only the first occurrence of `one`, transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` would do a case-insensitive match and transform path `/aaa/XxX/bbb` to `/aaa/yyy/bbb`. Only one of `regexRewrite`, `pathRedirect`, or `prefixRewrite` can be set. | | `responseCode` | [.gloo.solo.io.RedirectAction.RedirectResponseCode](../proxy.proto.sk/#redirectresponsecode) | The HTTP status code to use in the redirect response. The default response code is MOVED_PERMANENTLY (301). | | `httpsRedirect` | `bool` | The scheme portion of the URL will be swapped with "https". | | `stripQuery` | `bool` | Indicates that during redirection, the query portion of the URL will be removed. Default value is false. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md index 24b857bd036..733a183f198 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md @@ -97,7 +97,7 @@ Each upstream type is handled by a corresponding Gloo plugin. (plugins currently | `initialStreamWindowSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | (UInt32Value) Initial stream-level flow-control window size. Valid values range from 65535 (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 (256 * 1024 * 1024). NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default window size now, so it’s also the minimum. This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to stop the flow of data to the codec buffers. Requires UseHttp2 to be true to be acknowledged. | | `initialConnectionWindowSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | (UInt32Value) Similar to initial_stream_window_size, but for connection-level flow-control window. Currently, this has the same minimum/maximum/default as initial_stream_window_size. Requires UseHttp2 to be true to be acknowledged. | | `maxConcurrentStreams` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | (UInt32Value) Maximum concurrent streams allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) and defaults to 2147483647. Requires UseHttp2 to be true to be acknowledged. | -| `overrideStreamErrorOnInvalidHttpMessage` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Allows invalid HTTP messaging and headers. When this option is disabled (default), then the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, when this option is enabled, only the offending stream is terminated. This overrides any HCM :ref:`stream_error_on_invalid_http_messaging ` See `RFC7540, sec. 8.1 `_ for details. | +| `overrideStreamErrorOnInvalidHttpMessage` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Allows invalid HTTP messaging and headers. When this option is disabled (default), then the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However, when this option is enabled, only the offending stream is terminated. This overrides any HCM :ref:`stream_error_on_invalid_http_messaging ` See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. | | `httpProxyHostname` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | Tells envoy that the upstream is an HTTP proxy (e.g., another proxy in a DMZ) that supports HTTP Connect. This configuration sets the hostname used as part of the HTTP Connect request. For example, setting to: host.com:443 and making a request routed to the upstream such as `curl :/v1` would result in the following request: CONNECT host.com:443 HTTP/1.1 host: host.com:443 GET /v1 HTTP/1.1 host: : user-agent: curl/7.64.1 accept: */* Note: if setting this field to a hostname rather than IP:PORT, you may want to also set `host_rewrite` on the route. | | `httpConnectSslConfig` | [.gloo.solo.io.UpstreamSslConfig](../ssl/ssl.proto.sk/#upstreamsslconfig) | HttpConnectSslConfig contains the options necessary to configure envoy to originate TLS to an HTTP Connect proxy. If you also want to ensure the bytes proxied by the HTTP Connect proxy are encrypted, you should also specify `ssl_config`. | | `httpConnectHeaders` | [[]gloo.solo.io.HeaderValue](../upstream.proto.sk/#headervalue) | HttpConnectHeaders specifies the headers sent with the initial HTTP Connect request. | @@ -118,7 +118,7 @@ Each upstream type is handled by a corresponding Gloo plugin. (plugins currently | Name | Description | | ----- | ----------- | -| `USE_CONFIGURED_PROTOCOL` | Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). If :ref:`http2_protocol_options ` are present, HTTP2 will be used, otherwise HTTP1.1 will be used. | +| `USE_CONFIGURED_PROTOCOL` | Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). If http2_protocol_options are present, HTTP2 will be used, otherwise HTTP1.1 will be used. | | `USE_DOWNSTREAM_PROTOCOL` | Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. | @@ -176,7 +176,7 @@ Header name/value pair. | Field | Type | Description | | ----- | ---- | ----------- | | `perUpstreamPreconnectRatio` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | Indicates how many streams (rounded up) can be anticipated per-upstream for each incoming stream. This is useful for high-QPS or latency-sensitive services. Preconnecting will only be done if the upstream is healthy and the cluster has traffic. For example if this is 2, for an incoming HTTP/1.1 stream, 2 connections will be established, one for the new incoming stream, and one for a presumed follow-up stream. For HTTP/2, only one connection would be established by default as one connection can serve both the original and presumed follow-up stream. In steady state for non-multiplexed connections a value of 1.5 would mean if there were 100 active streams, there would be 100 connections in use, and 50 connections preconnected. This might be a useful value for something like short lived single-use connections, for example proxying HTTP/1.1 if keep-alive were false and each stream resulted in connection termination. It would likely be overkill for long lived connections, such as TCP proxying SMTP or regular HTTP/1.1 with keep-alive. For long lived traffic, a value of 1.05 would be more reasonable, where for every 100 connections, 5 preconnected connections would be in the queue in case of unexpected disconnects where the connection could not be reused. If this value is not set, or set explicitly to one, Envoy will fetch as many connections as needed to serve streams in flight. This means in steady state if a connection is torn down, a subsequent streams will pay an upstream-rtt latency penalty waiting for a new connection. This is limited somewhat arbitrarily to 3 because preconnecting too aggressively can harm latency more than the preconnecting helps. | -| `predictivePreconnectRatio` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | Indicates how many streams (rounded up) can be anticipated across a cluster for each stream, useful for low QPS services. This is currently supported for a subset of deterministic non-hash-based load-balancing algorithms (weighted round robin, random). Unlike ``per_upstream_preconnect_ratio`` this preconnects across the upstream instances in a cluster, doing best effort predictions of what upstream would be picked next and pre-establishing a connection. Preconnecting will be limited to one preconnect per configured upstream in the cluster and will only be done if there are healthy upstreams and the cluster has traffic. For example if preconnecting is set to 2 for a round robin HTTP/2 cluster, on the first incoming stream, 2 connections will be preconnected - one to the first upstream for this cluster, one to the second on the assumption there will be a follow-up stream. If this value is not set, or set explicitly to one, Envoy will fetch as many connections as needed to serve streams in flight, so during warm up and in steady state if a connection is closed (and per_upstream_preconnect_ratio is not set), there will be a latency hit for connection establishment. If both this and preconnect_ratio are set, Envoy will make sure both predicted needs are met, basically preconnecting max(predictive-preconnect, per-upstream-preconnect), for each upstream. | +| `predictivePreconnectRatio` | [.google.protobuf.DoubleValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/double-value) | Indicates how many streams (rounded up) can be anticipated across a cluster for each stream, useful for low QPS services. This is currently supported for a subset of deterministic non-hash-based load-balancing algorithms (weighted round robin, random). Unlike `per_upstream_preconnect_ratio` this preconnects across the upstream instances in a cluster, doing best effort predictions of what upstream would be picked next and pre-establishing a connection. Preconnecting will be limited to one preconnect per configured upstream in the cluster and will only be done if there are healthy upstreams and the cluster has traffic. For example if preconnecting is set to 2 for a round robin HTTP/2 cluster, on the first incoming stream, 2 connections will be preconnected - one to the first upstream for this cluster, one to the second on the assumption there will be a follow-up stream. If this value is not set, or set explicitly to one, Envoy will fetch as many connections as needed to serve streams in flight, so during warm up and in steady state if a connection is closed (and per_upstream_preconnect_ratio is not set), there will be a latency hit for connection establishment. If both this and preconnect_ratio are set, Envoy will make sure both predicted needs are met, basically preconnecting max(predictive-preconnect, per-upstream-preconnect), for each upstream. | diff --git a/docs/content/static/content/version_gee_latest.md b/docs/content/static/content/version_gee_latest.md index 250f3597453..021c75ee124 100644 --- a/docs/content/static/content/version_gee_latest.md +++ b/docs/content/static/content/version_gee_latest.md @@ -1 +1 @@ -1.17.4 \ No newline at end of file +1.17.3 \ No newline at end of file diff --git a/docs/content/static/content/version_gee_n+1.md b/docs/content/static/content/version_gee_n+1.md index cf22b067685..0ef51e2e4f9 100644 --- a/docs/content/static/content/version_gee_n+1.md +++ b/docs/content/static/content/version_gee_n+1.md @@ -1 +1 @@ -1.18.0-beta1 \ No newline at end of file +1.18.0-beta2 \ No newline at end of file diff --git a/docs/content/static/content/version_geoss_latest.md b/docs/content/static/content/version_geoss_latest.md index 9d21fd5ca4d..93c2e384e81 100644 --- a/docs/content/static/content/version_geoss_latest.md +++ b/docs/content/static/content/version_geoss_latest.md @@ -1 +1 @@ -1.17.14 \ No newline at end of file +1.17.15 \ No newline at end of file diff --git a/docs/content/static/content/version_geoss_n+1.md b/docs/content/static/content/version_geoss_n+1.md index 4865174136a..340c8aa8661 100644 --- a/docs/content/static/content/version_geoss_n+1.md +++ b/docs/content/static/content/version_geoss_n+1.md @@ -1 +1 @@ -1.18.0-beta24 +1.18.0-beta33 \ No newline at end of file diff --git a/projects/gloo/api/external/envoy/annotations/deprecation.proto b/projects/gloo/api/external/envoy/annotations/deprecation.proto index 76c770aa121..ba2bc82362b 100644 --- a/projects/gloo/api/external/envoy/annotations/deprecation.proto +++ b/projects/gloo/api/external/envoy/annotations/deprecation.proto @@ -7,7 +7,7 @@ import "google/protobuf/descriptor.proto"; // [#protodoc-title: Deprecation] // Allows tagging proto fields as fatal by default. One Envoy release after // deprecation, deprecated fields will be disallowed by default, a state which -// is reversible with :ref:`runtime overrides `. +// is reversible with runtime overrides. // Magic number in this file derived from top 28bit of SHA256 digest of // "solo.io.envoy.annotation.disallowed_by_default" diff --git a/projects/gloo/api/external/envoy/api/v2/core/health_check.proto b/projects/gloo/api/external/envoy/api/v2/core/health_check.proto index 05c075c8ad4..c6b27737996 100644 --- a/projects/gloo/api/external/envoy/api/v2/core/health_check.proto +++ b/projects/gloo/api/external/envoy/api/v2/core/health_check.proto @@ -142,7 +142,7 @@ message HealthCheck { // HTTP Method that will be used for health checking, default is "GET". // GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported. // CONNECT method is disallowed because it is not appropriate for health check request. - // If a non-200 response is expected by the method, it needs to be set in :ref:`expected_statuses `. + // If a non-200 response is expected by the method, it needs to be set in expected_statuses. solo.io.envoy.config.core.v3.RequestMethod method = 11; } @@ -157,23 +157,20 @@ message HealthCheck { } message RedisHealthCheck { - // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value + // If set, optionally perform `EXISTS ` instead of `PING`. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } - // `grpc.health.v1.Health - // `_-based - // healthcheck. See `gRPC doc `_ + // [grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based + // healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) // for details. message GrpcHealthCheck { // An optional service name parameter which will be sent to gRPC service in - // `grpc.health.v1.HealthCheckRequest - // `_. - // message. See `gRPC health-checking overview - // `_ for more information. + // [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20) + // message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If @@ -277,9 +274,9 @@ enum HealthStatus { UNHEALTHY = 2; // Connection draining in progress. E.g., - // ``_ + // https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ // or - // ``_. + // https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; diff --git a/projects/gloo/api/external/envoy/api/v2/route/route.proto b/projects/gloo/api/external/envoy/api/v2/route/route.proto index e9f8410b5d8..9ec3e760551 100644 --- a/projects/gloo/api/external/envoy/api/v2/route/route.proto +++ b/projects/gloo/api/external/envoy/api/v2/route/route.proto @@ -41,16 +41,16 @@ message VirtualHost { // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: - // 1. Exact domain names: ``www.foo.com``. - // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. - // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. - // 4. Special wildcard ``*`` matching any domain. + // 1. Exact domain names: `www.foo.com`. + // 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. + // 3. Prefix domain wildcards: `foo.*` or `foo-*`. + // 4. Special wildcard `*` matching any domain. // // // The wildcard will not match the empty string. - // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. + // e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. // The longest wildcards match first. - // Only a single virtual host in the entire route configuration can match on ``*``. A domain + // Only a single virtual host in the entire route configuration can match on `*`. A domain // must be unique across all virtual hosts or the config will fail to load. repeated string domains = 2 [(validate.rules).repeated.min_items = 1]; @@ -338,8 +338,7 @@ message RouteMatch { // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a - // subsequence of the *:path* header matches the regex. The regex grammar is defined `here - // `_. + // subsequence of the *:path* header matches the regex. The regex grammar is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // @@ -762,7 +761,7 @@ message RouteAction { reserved 21; // If present, and the request is a gRPC request, use the - // `grpc-timeout header `_, + // [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), // or its default value (infinity) instead of // `timeout (envoy_api_field_route.RouteAction.timeout)`, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for @@ -1053,8 +1052,7 @@ message Tracing { // statistics output are not free. message VirtualCluster { // Specifies a regex pattern to use for matching requests. The entire path of the request - // must match the regex. The regex grammar used is defined `here - // `_. + // must match the regex. The regex grammar used is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // @@ -1094,7 +1092,7 @@ message RateLimit { // ("source_cluster", "") // ``` // - // is derived from the :option:`--service-cluster` option. + // is derived from the `--service-cluster` option. message SourceCluster { } @@ -1245,7 +1243,7 @@ message HeaderMatcher { // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. The regex grammar used in the value field is defined - // `here `_. + // [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // diff --git a/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto b/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto index 3ec8b6bfec9..91ed34c32f3 100644 --- a/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto +++ b/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto @@ -40,51 +40,51 @@ option (extproto.clone_all) = true; // denoted by an x-envoy prefix) or specific headers that may affect // further filter processing: // -// * ``host`` -// * ``:authority`` -// * ``:scheme`` -// * ``:method`` +// * `host` +// * `:authority` +// * `:scheme` +// * `:method` // // Every attempt to add, change, append, or remove a header will be // tested against the rules here. Disallowed header mutations will be -// ignored unless ``disallow_is_error`` is set to true. +// ignored unless `disallow_is_error` is set to true. // // Attempts to remove headers are further constrained -- regardless of the -// settings, system-defined headers (that start with ``:``) and the ``host`` +// settings, system-defined headers (that start with `:`) and the `host` // header may never be removed. // // In addition, a counter will be incremented whenever a mutation is // rejected. In the ext_proc filter, that counter is named -// ``rejected_header_mutations``. +// `rejected_header_mutations`. // [#next-free-field: 8] message HeaderMutationRules { // By default, certain headers that could affect processing of subsequent // filters or request routing cannot be modified. These headers are - // ``host``, ``:authority``, ``:scheme``, and ``:method``. Setting this parameter + // `host`, `:authority`, `:scheme`, and `:method`. Setting this parameter // to true allows these headers to be modified as well. google.protobuf.BoolValue allow_all_routing = 1; // If true, allow modification of envoy internal headers. By default, these - // start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` + // start with `x-envoy` but this may be overridden in the `Bootstrap` // configuration using the // :ref:`header_prefix ` // field. Default is false. google.protobuf.BoolValue allow_envoy = 2; // If true, prevent modification of any system header, defined as a header - // that starts with a ``:`` character, regardless of any other settings. - // A processing server may still override the ``:status`` of an HTTP response - // using an ``ImmediateResponse`` message. Default is false. + // that starts with a `:` character, regardless of any other settings. + // A processing server may still override the `:status` of an HTTP response + // using an `ImmediateResponse` message. Default is false. google.protobuf.BoolValue disallow_system = 3; // If true, prevent modifications of all header values, regardless of any - // other settings. A processing server may still override the ``:status`` - // of an HTTP response using an ``ImmediateResponse`` message. Default is false. + // other settings. A processing server may still override the `:status` + // of an HTTP response using an `ImmediateResponse` message. Default is false. google.protobuf.BoolValue disallow_all = 4; // If set, specifically allow any header that matches this regular // expression. This overrides all other settings except for - // ``disallow_expression``. + // `disallow_expression`. solo.io.envoy.type.matcher.v3.RegexMatcher allow_expression = 5; // If set, specifically disallow any header that matches this regular @@ -95,7 +95,7 @@ message HeaderMutationRules { // disallowed, then the filter using this configuration will terminate the // request with a 500 error. In addition, regardless of the setting of this // parameter, any attempt to set, add, or modify a disallowed header will - // cause the ``rejected_header_mutations`` counter to be incremented. + // cause the `rejected_header_mutations` counter to be incremented. // Default is false. google.protobuf.BoolValue disallow_is_error = 7; } diff --git a/projects/gloo/api/external/envoy/config/core/v3/address.proto b/projects/gloo/api/external/envoy/config/core/v3/address.proto index 643d4c7b6c3..55721e07bca 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/address.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/address.proto @@ -41,17 +41,17 @@ message SocketAddress { Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}]; - // The address for this socket. :ref:`Listeners ` will bind - // to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::`` + // The address for this socket. Listeners will bind + // to the address. An empty address is not allowed. Specify `0.0.0.0` or `::` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching - // in :ref:`FilterChainMatch `.] When used - // within an upstream :ref:`BindConfig `, the address + // in FilterChainMatch.] When used + // within an upstream BindConfig, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized - // via :ref:`resolver_name `. + // via resolver_name. string address = 2 [(validate.rules).string = {min_bytes: 1}]; oneof port_specifier { @@ -72,10 +72,9 @@ message SocketAddress { // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. string resolver_name = 5; - // When binding to an IPv6 address above, this enables `IPv4 compatibility - // `_. Binding to ``::`` will + // When binding to an IPv6 address above, this enables [IPv4 compatibility](https://datatracker.ietf.org/doc/html/rfc3493#page-11). Binding to `::` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into - // IPv6 space as ``::FFFF:``. + // IPv6 space as `::FFFF:`. bool ipv4_compat = 6; } @@ -133,11 +132,11 @@ message Address { } // CidrRange specifies an IP Address and a prefix length to construct -// the subnet mask for a `CIDR `_ range. +// the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. message CidrRange { option (solo.io.udpa.annotations.versioning).previous_message_type = "solo.io.envoy.api.v2.core.CidrRange"; - // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. + // IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. string address_prefix = 1 [(validate.rules).string = {min_bytes: 1}]; // Length of prefix, e.g. 0, 32. diff --git a/projects/gloo/api/external/envoy/config/core/v3/base.proto b/projects/gloo/api/external/envoy/config/core/v3/base.proto index 92b3b72ce4a..c145c544c77 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/base.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/base.proto @@ -67,16 +67,15 @@ enum TrafficDirection { message Locality { option (solo.io.udpa.annotations.versioning).previous_message_type = ".solo.io.envoy.api.v2.core.Locality"; - // Region this :ref:`zone ` belongs to. + // Region this zone belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery - // service exposes :ref:`zone data `, - // either in this message or via :option:`--service-zone`. The meaning of zone - // is context dependent, e.g. `Availability Zone (AZ) - // `_ - // on AWS, `Zone `_ on + // service exposes zone data, + // either in this message or via `--service-zone`. The meaning of zone + // is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) + // on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on // GCP, etc. string zone = 2; @@ -142,24 +141,24 @@ message Node { // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are - // used: :ref:`statsd `, :ref:`CDS + // used: statsd, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via - // :option:`--service-node`. + // `--service-node`. string id = 1; // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: - // :ref:`statsd `, :ref:`health check cluster + // statsd, :ref:`health check cluster // verification // `, - // :ref:`runtime override directory `, + // runtime override directory, // :ref:`user agent addition // `, - // :ref:`HTTP global rate limiting `, - // :ref:`CDS `, and :ref:`HTTP tracing + // HTTP global rate limiting, + // CDS, and :ref:`HTTP tracing // `, either in this message or via - // :option:`--service-cluster`. + // `--service-cluster`. string cluster = 2; // Opaque metadata extending the node identifier. Envoy will pass this @@ -188,12 +187,12 @@ message Node { // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. - // See :ref:`the list of features ` that xDS client may + // See the list of features that xDS client may // support. repeated string client_features = 10; // Known listening ports on the node as a generic hint to the management server - // for filtering :ref:`listeners ` to be returned. For example, + // for filtering listeners to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. repeated Address listening_addresses = 11; @@ -217,7 +216,7 @@ message Node { // object to match against. There are some well defined metadata used today for // this purpose: // -// * ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an +// * `{"envoy.lb": {"canary": }}` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // [#next-major-version: move to type/metadata/v2] @@ -261,7 +260,7 @@ message RuntimeFeatureFlag { // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its - // `canonical JSON encoding `_. + // [canonical JSON encoding](https://developers.google.com/protocol-buffers/docs/proto3#json). string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; } @@ -276,8 +275,8 @@ message HeaderValue { // Header value. // - // The same :ref:`format specifier ` as used for - // :ref:`HTTP access logging ` applies here, however + // The same format specifier as used for + // HTTP access logging applies here, however // unknown header values are replaced with the empty string instead of `-`. string value = 2 [ (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} @@ -326,7 +325,7 @@ message DataSource { message RetryPolicy { option (solo.io.udpa.annotations.versioning).previous_message_type = ".solo.io.envoy.api.v2.core.RetryPolicy"; - // Specifies parameters that control :ref:`retry backoff strategy `. + // Specifies parameters that control retry backoff strategy. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. BackoffStrategy retry_back_off = 1; @@ -366,8 +365,8 @@ message AsyncDataSource { } } -// Configuration for transport socket in :ref:`listeners ` and -// :ref:`clusters `. If the configuration is +// Configuration for transport socket in listeners and +// clusters. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. message TransportSocket { @@ -391,10 +390,10 @@ message TransportSocket { // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // -// .. note:: +// **Note**: // // Parsing of the runtime key's data is implemented such that it may be represented as a -// :ref:`FractionalPercent ` proto represented as JSON/YAML +// FractionalPercent proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. diff --git a/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto b/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto index 17fabe25cf8..ed950d1ac8e 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto @@ -33,11 +33,11 @@ message GrpcService { "solo.io.envoy.api.v2.core.GrpcService.EnvoyGrpc"; // The name of the upstream gRPC cluster. SSL credentials will be supplied - // in the :ref:`Cluster ` :ref:`transport_socket + // in the Cluster :ref:`transport_socket // `. string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}]; - // The ``:authority`` header in the grpc request. If this field is not set, the authority header value will be ``cluster_name``. + // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. string authority = 2 [(validate.rules).string = @@ -233,15 +233,13 @@ message GrpcService { map args = 1; } - // The target URI when using the `Google C++ gRPC client - // `_. SSL credentials will be supplied in - // :ref:`channel_credentials `. + // The target URI when using the [Google C++ gRPC client](https://github.com/grpc/grpc). SSL credentials will be supplied in + // channel_credentials. string target_uri = 1 [(validate.rules).string = {min_bytes: 1}]; ChannelCredentials channel_credentials = 2; - // A set of call credentials that can be composed with `channel credentials - // `_. + // A set of call credentials that can be composed with [channel credentials](https://grpc.io/docs/guides/auth.html#credential-types). repeated CallCredentials call_credentials = 3; // The human readable prefix to use when emitting statistics for the gRPC @@ -282,7 +280,7 @@ message GrpcService { // documentation for discussion on gRPC client selection. EnvoyGrpc envoy_grpc = 1; - // `Google C++ gRPC client `_ + // [Google C++ gRPC client](https://github.com/grpc/grpc) // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc google_grpc = 2; @@ -294,7 +292,7 @@ message GrpcService { // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization - // headers (e.g. ``x-foo-bar: baz-key``) are to be injected. + // headers (e.g. `x-foo-bar: baz-key`) are to be injected. repeated HeaderValue initial_metadata = 5; } option go_package = "github.com/solo-io/gloo/projects/gloo/pkg/api/external/envoy/config/core/v3"; diff --git a/projects/gloo/api/external/envoy/config/core/v3/health_check.proto b/projects/gloo/api/external/envoy/config/core/v3/health_check.proto index 59153bf6b45..db6ccff29fb 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/health_check.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/health_check.proto @@ -24,9 +24,9 @@ option java_multiple_files = true; option (solo.io.udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Health check] -// * Health checking :ref:`architecture overview `. +// * Health checking architecture overview. // * If health checking is configured for a cluster, additional statistics are emitted. They are -// documented :ref:`here `. +// documented here. // Endpoint health status. enum HealthStatus { @@ -40,9 +40,9 @@ enum HealthStatus { UNHEALTHY = 2; // Connection draining in progress. E.g., - // ``_ + // https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ // or - // ``_. + // https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. // This is interpreted by Envoy as *UNHEALTHY*. DRAINING = 3; @@ -86,7 +86,7 @@ message HealthCheck { // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the - // :ref:`hostname ` field. + // hostname field. string host = 1 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; // Specifies the HTTP path that will be requested during health checking. For example @@ -116,7 +116,7 @@ message HealthCheck { // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open - // semantics of :ref:`Int64Range `. The start and end of each + // semantics of Int64Range. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. repeated type.v3.Int64Range expected_statuses = 9; @@ -151,32 +151,29 @@ message HealthCheck { option (solo.io.udpa.annotations.versioning).previous_message_type = ".solo.io.envoy.api.v2.core.HealthCheck.RedisHealthCheck"; - // If set, optionally perform ``EXISTS `` instead of ``PING``. A return value + // If set, optionally perform `EXISTS ` instead of `PING`. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. string key = 1; } - // `grpc.health.v1.Health - // `_-based - // healthcheck. See `gRPC doc `_ + // [grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based + // healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) // for details. message GrpcHealthCheck { option (solo.io.udpa.annotations.versioning).previous_message_type = ".solo.io.envoy.api.v2.core.HealthCheck.GrpcHealthCheck"; // An optional service name parameter which will be sent to gRPC service in - // `grpc.health.v1.HealthCheckRequest - // `_. - // message. See `gRPC health-checking overview - // `_ for more information. + // [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20). + // message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. string service_name = 1; // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting - // the :ref:`hostname ` field. + // the hostname field. string authority = 2 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } @@ -311,7 +308,7 @@ message HealthCheck { // The default value for "healthy edge interval" is the same as the default interval. google.protobuf.Duration healthy_edge_interval = 16 [(validate.rules).duration = {gt {}}]; - // Specifies the path to the :ref:`health check event log `. + // Specifies the path to the health check event log. // If empty, no event log will be written. string event_log_path = 17; @@ -329,7 +326,7 @@ message HealthCheck { TlsOptions tls_options = 21; // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's - // :ref:`tranport socket matches `. + // tranport socket matches. // For example, the following match criteria // // .. code-block:: yaml @@ -350,12 +347,12 @@ message HealthCheck { // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the - // :ref:`LbEndpoint.Metadata `. + // LbEndpoint.Metadata. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any - // :ref:`transport socket matches `, + // transport socket matches, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. google.protobuf.Struct transport_socket_match_criteria = 23; diff --git a/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto b/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto index 5458ff6c6f8..ab36b2fa286 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto @@ -31,8 +31,7 @@ message HttpUri { // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or - // inline DNS resolution. See `issue - // `_. + // inline DNS resolution. See [issue](https://github.com/envoyproxy/envoy/issues/1606). oneof http_upstream_type { option (validate.required) = true; diff --git a/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto b/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto index 9729cb19576..e152c5e89ac 100644 --- a/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto +++ b/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto @@ -26,8 +26,7 @@ message ProxyProtocolPassThroughTLVs { PassTLVsMatchType match_type = 1; // The TLV types that are applied based on match_type. - // TLV type is defined as uint8_t in proxy protocol. See `the spec - // `_ for details. + // TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. repeated uint32 tlv_type = 2 [(validate.rules).repeated = {items {uint32 {lt: 256}}}]; } diff --git a/projects/gloo/api/external/envoy/config/route/v3/route_components.proto b/projects/gloo/api/external/envoy/config/route/v3/route_components.proto index 26334e76aa4..fc731a70c2d 100644 --- a/projects/gloo/api/external/envoy/config/route/v3/route_components.proto +++ b/projects/gloo/api/external/envoy/config/route/v3/route_components.proto @@ -65,17 +65,17 @@ message VirtualHost { // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: - // 1. Exact domain names: ``www.foo.com``. - // 2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``. - // 3. Prefix domain wildcards: ``foo.*`` or ``foo-*``. - // 4. Special wildcard ``*`` matching any domain. + // 1. Exact domain names: `www.foo.com`. + // 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. + // 3. Prefix domain wildcards: `foo.*` or `foo-*`. + // 4. Special wildcard `*` matching any domain. // - // .. note:: + // **Note**: // // The wildcard will not match the empty string. - // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. + // e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. // The longest wildcards match first. - // Only a single virtual host in the entire route configuration can match on ``*``. A domain + // Only a single virtual host in the entire route configuration can match on `*`. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. @@ -168,7 +168,7 @@ message VirtualHost { // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not - // inherited). :ref:`Retry policy ` should not be + // inherited). Retry policy should not be // set if this field is used. google.protobuf.Any retry_policy_typed_config = 20; @@ -193,7 +193,7 @@ message FilterAction { // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // -// .. attention:: +// **Attention**: // // Envoy supports routing on HTTP method via :ref:`header matching // `. @@ -244,7 +244,7 @@ message Route { // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter - // specific; see the :ref:`HTTP filter documentation ` for + // specific; see the HTTP filter documentation for // if and how it is utilized. map typed_per_filter_config = 13; @@ -268,7 +268,7 @@ message Route { // headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on - // :ref:`custom request headers `. + // custom request headers. repeated core.v3.HeaderValueOption response_headers_to_add = 10 [(validate.rules).repeated = {max_items: 1000}]; @@ -286,7 +286,7 @@ message Route { google.protobuf.UInt32Value per_request_buffer_limit_bytes = 16; } -// Compared to the :ref:`cluster ` field that specifies a +// Compared to the cluster field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of @@ -305,7 +305,7 @@ message WeightedCluster { reserved "per_filter_config"; // Name of the upstream cluster. The cluster must exist in the - // :ref:`cluster manager configuration `. + // cluster manager configuration. string name = 1 [(validate.rules).string = {min_bytes: 1}]; // An integer between 0 and :ref:`total_weight @@ -317,7 +317,7 @@ message WeightedCluster { // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in - // :ref:`RouteAction.metadata_match `, with + // RouteAction.metadata_match, with // values here taking precedence. The filter name should be specified as *envoy.lb*. core.v3.Metadata metadata_match = 3; @@ -455,7 +455,7 @@ message RouteMatch { // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // - // .. note:: + // **Note**: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an @@ -520,10 +520,10 @@ message CorsPolicy { oneof enabled_specifier { // Specifies the % of requests for which the CORS filter is enabled. // - // If neither ``enabled``, ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS + // If neither `enabled`, `filter_enabled`, nor `shadow_enabled` are specified, the CORS // filter will be enabled for 100% of the requests. // - // If :ref:`runtime_key ` is + // If runtime_key is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. core.v3.RuntimeFractionalPercent filter_enabled = 9; } @@ -531,10 +531,10 @@ message CorsPolicy { // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // - // This field is intended to be used when ``filter_enabled`` and ``enabled`` are off. One of those + // This field is intended to be used when `filter_enabled` and `enabled` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. core.v3.RuntimeFractionalPercent shadow_enabled = 10; @@ -552,7 +552,7 @@ message RouteAction { NOT_FOUND = 1; } - // Configures :ref:`internal redirect ` behavior. + // Configures internal redirect behavior. // [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] enum InternalRedirectAction { option deprecated = true; @@ -569,7 +569,7 @@ message RouteAction { // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // - // .. note:: + // **Note**: // // Shadowing will not be triggered if the primary cluster does not exist. message RequestMirrorPolicy { @@ -771,7 +771,7 @@ message RouteAction { // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // - // .. attention:: + // **Attention**: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. @@ -808,13 +808,13 @@ message RouteAction { // :ref:`regex_rewrite ` // may be specified. // - // .. attention:: + // **Attention**: // // Pay careful attention to the use of trailing slashes in the - // :ref:`route's match ` prefix value. + // route's match prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single - // :ref:`Route `, as shown by the below config entries: + // Route, as shown by the below config entries: // // .. code-block:: yaml // @@ -844,22 +844,22 @@ message RouteAction { // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // - // Examples using Google's `RE2 `_ engine: + // Examples using Google's [RE2](https://github.com/google/re2) engine: // - // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution - // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` - // into ``/v1/api/instance/foo``. + // * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution + // string of `\2/instance/\1` would transform `/service/foo/v1/api` + // into `/v1/api/instance/foo`. // - // * The pattern ``one`` paired with a substitution string of ``two`` would - // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. + // * The pattern `one` paired with a substitution string of `two` would + // transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. // - // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of - // ``\1two\2`` would replace only the first occurrence of ``one``, - // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. + // * The pattern `^(.*?)one(.*)$` paired with a substitution string of + // `\1two\2` would replace only the first occurrence of `one`, + // transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. // - // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` - // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to - // ``/aaa/yyy/bbb``. + // * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` + // would do a case-insensitive match and transform path `/aaa/XxX/bbb` to + // `/aaa/yyy/bbb`. type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 32; oneof host_rewrite_specifier { @@ -876,10 +876,10 @@ message RouteAction { google.protobuf.BoolValue auto_host_rewrite = 7; // Indicates that during forwarding, the host header will be swapped with the content of given - // downstream or :ref:`custom ` header. + // downstream or custom header. // If header value is empty, host header is left intact. // - // .. attention:: + // **Attention**: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. @@ -892,12 +892,12 @@ message RouteAction { // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // - // .. note:: + // **Note**: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the - // :ref:`retry overview `. + // retry overview. google.protobuf.Duration timeout = 8; // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, @@ -935,7 +935,7 @@ message RouteAction { // Indicates that the route has request mirroring policies. repeated RequestMirrorPolicy request_mirror_policies = 30; - // Optionally specifies the :ref:`routing priority `. + // Optionally specifies the routing priority. core.v3.RoutingPriority priority = 11 [(validate.rules).enum = {defined_only: true}]; // Specifies a set of rate limit configurations that could be applied to the @@ -944,7 +944,7 @@ message RouteAction { // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host - // :ref:`rate_limits ` are not applied to the + // rate_limits are not applied to the // request. google.protobuf.BoolValue include_vh_rate_limits = 14; @@ -966,24 +966,24 @@ message RouteAction { CorsPolicy cors = 17; // If present, and the request is a gRPC request, use the - // `grpc-timeout header `_, + // [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), // or its default value (infinity) instead of - // :ref:`timeout `, but limit the applied timeout + // timeout, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using - // :ref:`timeout ` or its default. + // timeout or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // - // .. note:: + // **Note**: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes - // precedence over `grpc-timeout header `_, when + // precedence over [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the - // :ref:`retry overview `. + // retry overview. google.protobuf.Duration max_grpc_timeout = 23; // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting @@ -1027,7 +1027,7 @@ message RouteAction { HedgePolicy hedge_policy = 27; } -// HTTP retry :ref:`architecture overview `. +// HTTP retry architecture overview. // [#next-free-field: 11] message RetryPolicy { option (solo.io.udpa.annotations.versioning).previous_message_type = "solo.io.envoy.api.v2.route.RetryPolicy"; @@ -1097,23 +1097,23 @@ message RetryPolicy { // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // - // .. note:: + // **Note**: // // If left unspecified, Envoy will use the global - // :ref:`route timeout ` for the request. - // Consequently, when using a :ref:`5xx ` based + // route timeout for the request. + // Consequently, when using a 5xx based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. google.protobuf.Duration per_try_timeout = 3; // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to - // :ref:`retry plugin configuration ` for more details. + // retry plugin configuration for more details. RetryPriority retry_priority = 4; // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. - // Refer to :ref:`retry plugin configuration ` for more + // Refer to retry plugin configuration for more // details. repeated RetryHostPredicate retry_host_predicate = 5; @@ -1141,7 +1141,7 @@ message RetryPolicy { repeated HeaderMatcher retriable_request_headers = 10; } -// HTTP request hedging :ref:`architecture overview `. +// HTTP request hedging architecture overview. message HedgePolicy { option (solo.io.udpa.annotations.versioning).previous_message_type = "solo.io.envoy.api.v2.route.HedgePolicy"; @@ -1163,7 +1163,7 @@ message HedgePolicy { // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified - // :ref:`RetryPolicy `. + // RetryPolicy. // Defaults to false. bool hedge_on_per_try_timeout = 3; } @@ -1233,10 +1233,10 @@ message RedirectAction { // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // - // .. attention:: + // **Attention**: // // Pay attention to the use of trailing slashes as mentioned in - // :ref:`RouteAction's prefix_rewrite `. + // RouteAction's prefix_rewrite. string prefix_rewrite = 5 [(validate.rules).string = {well_known_regex: HTTP_HEADER_VALUE strict: false}]; } @@ -1260,7 +1260,7 @@ message DirectResponseAction { // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // - // .. note:: + // **Note**: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` or @@ -1274,7 +1274,7 @@ message Decorator { // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // - // .. note:: + // **Note**: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation @@ -1299,7 +1299,7 @@ message Tracing { // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the - // :ref:`HTTP Connection Manager `. + // HTTP Connection Manager. // Default: 100% type.v3.FractionalPercent random_sampling = 2; @@ -1309,7 +1309,7 @@ message Tracing { // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the - // :ref:`HTTP Connection Manager `. + // HTTP Connection Manager. // Default: 100% type.v3.FractionalPercent overall_sampling = 3; @@ -1332,9 +1332,9 @@ message Tracing { // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // -// Documentation for :ref:`virtual cluster statistics `. +// Documentation for virtual cluster statistics. // -// .. note:: +// **Note**: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and @@ -1353,11 +1353,11 @@ message VirtualCluster { // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the - // router filter and are documented :ref:`here `. + // router filter and are documented here. string name = 2 [(validate.rules).string = {min_bytes: 1}]; } -// Global rate limiting :ref:`architecture overview `. +// Global rate limiting architecture overview. message RateLimit { option (solo.io.udpa.annotations.versioning).previous_message_type = "solo.io.envoy.api.v2.route.RateLimit"; @@ -1372,7 +1372,7 @@ message RateLimit { // // ("source_cluster", "") // - // is derived from the :option:`--service-cluster` option. + // is derived from the `--service-cluster` option. message SourceCluster { option (solo.io.udpa.annotations.versioning).previous_message_type = "solo.io.envoy.api.v2.route.RateLimit.Action.SourceCluster"; @@ -1388,11 +1388,11 @@ message RateLimit { // the following :ref:`route table configuration ` // settings: // - // * :ref:`cluster ` indicates the upstream cluster + // * cluster indicates the upstream cluster // to route to. // * :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. - // * :ref:`cluster_header ` indicates which + // * cluster_header indicates which // header in the request contains the target cluster. message DestinationCluster { option (solo.io.udpa.annotations.versioning).previous_message_type = @@ -1426,7 +1426,7 @@ message RateLimit { } // The following descriptor entry is appended to the descriptor and is populated using the - // trusted address from :ref:`x-forwarded-for `: + // trusted address from x-forwarded-for. // // .. code-block:: cpp // @@ -1537,7 +1537,7 @@ message RateLimit { // applies to filters with the same stage number. The default stage number is // 0. // - // .. note:: + // **Note**: // // The filter supports a range of 0 - 10 inclusively for stage numbers. google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32 = {lte: 10}]; @@ -1560,12 +1560,12 @@ message RateLimit { Override limit = 4; } -// .. attention:: +// **Attention**: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // -// .. attention:: +// **Attention**: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., @@ -1577,7 +1577,7 @@ message RateLimit { // "exact_match": "POST" // } // -// .. attention:: +// **Attention**: // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name // ` header will match, regardless of the header's @@ -1644,7 +1644,7 @@ message HeaderMatcher { // // Examples: // - // * The regex ``\d{3}`` does not match the value *1234*, so it will match when inverted. + // * The regex `\d{3}` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. bool invert_match = 8; } @@ -1673,7 +1673,7 @@ message QueryParameterMatcher { } } -// HTTP Internal Redirect :ref:`architecture overview `. +// HTTP Internal Redirect architecture overview. message InternalRedirectPolicy { // An internal redirect is not handled, unless the number of previous internal redirects that a // downstream request has encountered is lower than this value. diff --git a/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto b/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto index b03277fb4b0..58da99a4411 100644 --- a/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto +++ b/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto @@ -69,7 +69,7 @@ message ZipkinConfig { // The default value is true. google.protobuf.BoolValue shared_span_context = 4; - // Determines the selected collector endpoint version. By default, the ``HTTP_JSON_V1`` will be + // Determines the selected collector endpoint version. By default, the `HTTP_JSON_V1` will be // used. CollectorEndpointVersion collector_endpoint_version = 5; } diff --git a/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto b/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto index d66f7e43e97..7cbbb8dd99e 100644 --- a/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto +++ b/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto @@ -23,7 +23,7 @@ option (extproto.hash_all) = true; option (extproto.clone_all) = true; // [#protodoc-title: Buffer] -// Buffer :ref:`configuration overview `. +// Buffer configuration overview. // [#extension: envoy.filters.http.buffer] message Buffer { diff --git a/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto b/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto index b1a33ebb1d1..f2fcd957638 100644 --- a/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto +++ b/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto @@ -23,7 +23,7 @@ option (extproto.hash_all) = true; option (extproto.clone_all) = true; // [#protodoc-title: CSRF] -// Cross-Site Request Forgery :ref:`configuration overview `. +// Cross-Site Request Forgery configuration overview. // [#extension: envoy.filters.http.csrf] // CSRF filter config. @@ -31,10 +31,10 @@ message CsrfPolicy { // Specifies the % of requests for which the CSRF filter is enabled. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // - // .. note:: + // **Note**: // // This field defaults to 100/:ref:`HUNDRED // `. @@ -43,9 +43,9 @@ message CsrfPolicy { // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // - // This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. + // This is intended to be used when `filter_enabled` is off and will be ignored otherwise. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. @@ -55,6 +55,6 @@ message CsrfPolicy { // the destination origin. // // More information on how this can be configured via runtime can be found - // :ref:`here `. + // here. repeated type.matcher.v3.StringMatcher additional_origins = 3; } \ No newline at end of file diff --git a/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto b/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto index e5e3bdb8150..a5fa5bd2161 100644 --- a/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto +++ b/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto @@ -21,14 +21,14 @@ option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: JWT Authentication] -// JWT Authentication :ref:`configuration overview `. +// JWT Authentication configuration overview. // [#extension: envoy.filters.http.jwt_authn] // Please see following for JWT authentication flow: // -// * `JSON Web Token (JWT) `_ -// * `The OAuth 2.0 Authorization Framework `_ -// * `OpenID Connect `_ +// * [JSON Web Token (JWT)](https://datatracker.ietf.org/doc/html/rfc7519) +// * [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749) +// * [OpenID Connect](http://openid.net/connect) // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // @@ -59,7 +59,7 @@ message JwtProvider { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.http.jwt_authn.v2alpha.JwtProvider"; - // Specify the `principal `_ that issued + // Specify the [principal](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1) that issued // the JWT, usually a URL or an email address. // // It is optional. If specified, it has to match the *iss* field in JWT. @@ -81,7 +81,7 @@ message JwtProvider { // string issuer = 1; - // The list of JWT `audiences `_ are + // The list of JWT [audiences](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3) are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // @@ -95,7 +95,7 @@ message JwtProvider { // repeated string audiences = 2; - // `JSON Web Key Set (JWKS) `_ is needed to + // [JSON Web Key Set (JWKS)](https://datatracker.ietf.org/doc/html/rfc7517#appendix-A) is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. oneof jwks_source_specifier { option (validate.required) = true; @@ -145,12 +145,11 @@ message JwtProvider { // // If no explicit location is specified, the following default locations are tried in order: // - // 1. The Authorization header using the `Bearer schema - // `_. Example:: + // 1. The Authorization header using the [Bearer schema](https://datatracker.ietf.org/doc/html/rfc6750#section-2.1). Example:: // // Authorization: Bearer . // - // 2. `access_token `_ query parameter. + // 2. [access_token](https://datatracker.ietf.org/doc/html/rfc6750#section-2.3) query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. @@ -164,7 +163,7 @@ message JwtProvider { // // can be used to extract token from header:: // - // ``x-goog-iap-jwt-assertion: ``. + // `x-goog-iap-jwt-assertion: `. // repeated JwtHeader from_headers = 6; @@ -586,8 +585,7 @@ message JwtAuthentication { // check this one. FilterStateRule filter_state_rules = 3; - // When set to true, bypass the `CORS preflight request - // `_ regardless of JWT + // When set to true, bypass the [CORS preflight request](http://www.w3.org/TR/cors/#cross-origin-request-with-preflight) regardless of JWT // requirements specified in the rules. bool bypass_cors_preflight = 4; diff --git a/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto b/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto index f60e03d58fb..a28436466a9 100644 --- a/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto +++ b/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto @@ -20,7 +20,7 @@ option java_outer_classname = "WasmProto"; option java_multiple_files = true; // [#protodoc-title: Wasm] -// Wasm :ref:`configuration overview `. +// Wasm configuration overview. message Wasm { // General Plugin configuration. diff --git a/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto b/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto index 213a849d27f..3ffc09d7fd4 100644 --- a/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto +++ b/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto @@ -19,8 +19,8 @@ option (solo.io.udpa.annotations.file_status).package_version_status = ACTIVE; message RegexMatcher { option (solo.io.udpa.annotations.versioning).previous_message_type = "envoy.type.matcher.RegexMatcher"; - // Google's `RE2 `_ regex engine. The regex string must adhere to - // the documented `syntax `_. The engine is designed + // Google's [RE2](https://github.com/google/re2) regex engine. The regex string must adhere to + // the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` @@ -78,10 +78,9 @@ message RegexMatchAndSubstitute { // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is - // defined by the chosen regular expression engine. Google's `RE2 - // `_ regular expression engine uses a + // defined by the chosen regular expression engine. Google's [RE2](https://github.com/google/re2) regular expression engine uses a // backslash followed by the capture group number to denote a numbered - // capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers + // capture group. E.g., `\1` refers to capture group 1, and `\2` refers // to capture group 2. string substitution = 2; } diff --git a/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto b/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto index d8060b70505..f8c50cf2edf 100644 --- a/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto +++ b/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto @@ -14,7 +14,7 @@ option (solo.io.udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Metadata] // MetadataKey provides a general interface using `key` and `path` to retrieve value from -// :ref:`Metadata `. +// Metadata. // // For example, for the following Metadata: // @@ -58,7 +58,7 @@ message MetadataKey { string key = 1 [(validate.rules).string = {min_bytes: 1}]; // The path to retrieve the Value from the Struct. It can be a prefix or a full path, - // e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example, + // e.g. `[prop, xyz]` for a struct or `[prop, foo]` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list diff --git a/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto b/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto index e14649328f0..0aca7dcb2b9 100644 --- a/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto +++ b/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto @@ -59,9 +59,9 @@ message CustomTag { } // Metadata type custom tag using - // :ref:`MetadataKey ` to retrieve the protobuf value - // from :ref:`Metadata `, and populate the tag value with - // `the canonical JSON `_ + // MetadataKey to retrieve the protobuf value + // from Metadata, and populate the tag value with + // [the canonical JSON](https://developers.google.com/protocol-buffers/docs/proto3#json) // representation of it. message Metadata { option (solo.io.udpa.annotations.versioning).previous_message_type = diff --git a/projects/gloo/api/external/xds/core/v3/cidr.proto b/projects/gloo/api/external/xds/core/v3/cidr.proto index 5dd87b4d573..9c65fd1741f 100644 --- a/projects/gloo/api/external/xds/core/v3/cidr.proto +++ b/projects/gloo/api/external/xds/core/v3/cidr.proto @@ -15,9 +15,9 @@ option go_package = "github.com/cncf/xds/go/xds/core/v3"; option (xds.annotations.v3.file_status).work_in_progress = true; // CidrRange specifies an IP Address and a prefix length to construct -// the subnet mask for a `CIDR `_ range. +// the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. message CidrRange { - // IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``. + // IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. string address_prefix = 1 [(validate.rules).string = {min_len: 1}]; // Length of prefix, e.g. 0, 32. Defaults to 0 when unset. diff --git a/projects/gloo/api/external/xds/data/orca/v3/orca_load_report.proto b/projects/gloo/api/external/xds/data/orca/v3/orca_load_report.proto index 4996164a325..40fb298d61e 100644 --- a/projects/gloo/api/external/xds/data/orca/v3/orca_load_report.proto +++ b/projects/gloo/api/external/xds/data/orca/v3/orca_load_report.proto @@ -23,7 +23,7 @@ message OrcaLoadReport { // Total RPS being served by an endpoint. This should cover all services that an endpoint is // responsible for. - // Deprecated -- use ``rps_fractional`` field instead. + // Deprecated -- use `rps_fractional` field instead. uint64 rps = 3 [deprecated = true]; // Application specific requests costs. Each value is an absolute cost (e.g. 3487 bytes of diff --git a/projects/gloo/api/external/xds/type/matcher/v3/domain.proto b/projects/gloo/api/external/xds/type/matcher/v3/domain.proto index 06f11d70009..d4c7c54e6a0 100644 --- a/projects/gloo/api/external/xds/type/matcher/v3/domain.proto +++ b/projects/gloo/api/external/xds/type/matcher/v3/domain.proto @@ -20,12 +20,12 @@ option (xds.annotations.v3.file_status).work_in_progress = true; // names with optional wildcards. message ServerNameMatcher { // Specifies a set of exact and wildcard domains and a match action. The - // wildcard symbol ``*`` must appear at most once as the left-most part of + // wildcard symbol `*` must appear at most once as the left-most part of // the domain on a dot border. The wildcard matches one or more non-empty // domain parts. message DomainMatcher { // A non-empty set of domain names with optional wildcards, e.g. - // ``www.example.com``, ``*.com``, or ``*``. + // `www.example.com`, `*.com`, or `*`. repeated string domains = 1 [ (validate.rules).repeated = {min_items : 1} ]; // Match action to apply when the server name matches any of the domain @@ -37,10 +37,10 @@ message ServerNameMatcher { // wildcard, must appear at most once across all the domain matchers. // // The server name will be matched against all wildcard domains starting from - // the longest suffix, i.e. ``www.example.com`` input will be first matched - // against ``www.example.com``, then ``*.example.com``, then ``*.com``, then - // ``*``, until the associated matcher action accepts the input. Note that - // wildcards must be on a dot border, and values like ``*w.example.com`` are + // the longest suffix, i.e. `www.example.com` input will be first matched + // against `www.example.com`, then `*.example.com`, then `*.com`, then + // `*`, until the associated matcher action accepts the input. Note that + // wildcards must be on a dot border, and values like `*w.example.com` are // invalid. repeated DomainMatcher domain_matchers = 1; } diff --git a/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto b/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto index 0dd80cd6f66..375f27f392e 100644 --- a/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto +++ b/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto @@ -16,10 +16,9 @@ option (xds.annotations.v3.file_status).work_in_progress = true; // Specifies that matching should be performed on the set of :ref:`HTTP attributes // `. // -// The attributes will be exposed via `Common Expression Language -// `_ runtime to associated CEL matcher. +// The attributes will be exposed via [Common Expression Language](https://github.com/google/cel-spec) runtime to associated CEL matcher. // -// Refer to :ref:`Unified Matcher API ` documentation +// Refer to Unified Matcher API documentation // for usage details. // // [#comment:TODO(sergiitk): When implemented, add the extension tag.] diff --git a/projects/gloo/api/external/xds/type/matcher/v3/ip.proto b/projects/gloo/api/external/xds/type/matcher/v3/ip.proto index ad3ab065cf9..cb3dea1929e 100644 --- a/projects/gloo/api/external/xds/type/matcher/v3/ip.proto +++ b/projects/gloo/api/external/xds/type/matcher/v3/ip.proto @@ -37,8 +37,8 @@ message IPMatcher { // first (longest prefix first), then the order of declaration next. // // For example, consider two range matchers: an exclusive matcher *X* on - // ``0.0.0.0/0`` and a matcher *Y* on ``192.0.0.0/2`` with a nested match - // condition *Z*. For the input IP ``192.168.0.1`` matcher *Y* is the most + // `0.0.0.0/0` and a matcher *Y* on `192.0.0.0/2` with a nested match + // condition *Z*. For the input IP `192.168.0.1` matcher *Y* is the most // specific. If its nested match condition *Z* does not accept the input, // then the less specific matcher *X* does not apply either despite the // input being within the range, because matcher *X* is exclusive. diff --git a/projects/gloo/api/external/xds/type/matcher/v3/regex.proto b/projects/gloo/api/external/xds/type/matcher/v3/regex.proto index 3ff4ca95c2c..1b82168cc8f 100644 --- a/projects/gloo/api/external/xds/type/matcher/v3/regex.proto +++ b/projects/gloo/api/external/xds/type/matcher/v3/regex.proto @@ -13,9 +13,8 @@ option go_package = "github.com/cncf/xds/go/xds/type/matcher/v3"; // A regex matcher designed for safety when used with untrusted input. message RegexMatcher { - // Google's `RE2 `_ regex engine. The regex - // string must adhere to the documented `syntax - // `_. The engine is designed to + // Google's [RE2](https://github.com/google/re2) regex engine. The regex + // string must adhere to the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed to // complete execution in linear time as well as limit the amount of memory // used. // diff --git a/projects/gloo/api/v1/core/matchers/matchers.proto b/projects/gloo/api/v1/core/matchers/matchers.proto index b350d6ca212..23431aefa33 100644 --- a/projects/gloo/api/v1/core/matchers/matchers.proto +++ b/projects/gloo/api/v1/core/matchers/matchers.proto @@ -26,8 +26,7 @@ message Matcher { // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a - // sub-sequence of the *:path* header matches the regex. The regex grammar is defined `here - // `_. + // sub-sequence of the *:path* header matches the regex. The regex grammar is defined [here](http://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples:
// @@ -91,7 +90,7 @@ message HeaderMatcher { // Examples: // * name=foo, invert_match=true: matches if no header named `foo` is present // * name=foo, value=bar, invert_match=true: matches if no header named `foo` with value `bar` is present - // * name=foo, value=``\d{3}``, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present + // * name=foo, value=`\d{3}`, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present bool invert_match = 4; } diff --git a/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto b/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto index 629f3c8c041..695b70acd6b 100644 --- a/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto +++ b/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto @@ -136,9 +136,9 @@ message Settings { repeated string metadata_context_namespaces = 16; // Specifies a list of metadata namespaces whose values, if present, will be passed to the - // ext_proc service. :ref:`typed_filter_metadata ` is passed as an ``protobuf::Any``. + // ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. // - // It works in a way similar to ``metadata_context_namespaces`` but allows envoy and external processing server to share the protobuf message definition + // It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition // in order to do a safe parsing. repeated string typed_metadata_context_namespaces = 17; @@ -211,9 +211,9 @@ message Overrides { // Specifies a list of metadata namespaces whose values, if present, will be passed to the - // ext_proc service. :ref:`typed_filter_metadata ` is passed as an ``protobuf::Any``. + // ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. // - // It works in a way similar to ``metadata_context_namespaces`` but allows envoy and external processing server to share the protobuf message definition + // It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition // in order to do a safe parsing. repeated string typed_metadata_context_namespaces = 7; } diff --git a/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto b/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto index 57d1aa49bf3..897a5279e3d 100644 --- a/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto +++ b/projects/gloo/api/v1/enterprise/options/graphql/v1beta1/graphql.proto @@ -167,12 +167,12 @@ message GrpcDescriptorRegistry { option (validate.required) = true; // Supplies the filename of - // :ref:`the proto descriptor set ` for the gRPC + // the proto descriptor set for the gRPC // services. string proto_descriptor = 1; // Supplies the binary content of - // :ref:`the proto descriptor set ` for the gRPC + // the proto descriptor set for the gRPC // services. // Note: in yaml, this must be provided as a base64 standard encoded string; yaml cannot handle binary bytes bytes proto_descriptor_bin = 2; diff --git a/projects/gloo/api/v1/failover.proto b/projects/gloo/api/v1/failover.proto index efeb7075ca5..3c53e3fb074 100644 --- a/projects/gloo/api/v1/failover.proto +++ b/projects/gloo/api/v1/failover.proto @@ -52,8 +52,8 @@ message Failover { // // { "overprovisioning_factor": 100 } // - // Read more at :ref:`priority levels ` and - // :ref:`localities `. + // Read more at priority levels and + // localities. google.protobuf.UInt32Value overprovisioning_factor = 1 [(validate.rules).uint32 = {gt: 0}]; } } @@ -142,9 +142,8 @@ message Locality { string region = 1; // Defines the local service zone where Envoy is running. The meaning of zone - // is context dependent, e.g. `Availability Zone (AZ) - // `_ - // on AWS, `Zone `_ on + // is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) + // on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on // GCP, etc. string zone = 2; diff --git a/projects/gloo/api/v1/load_balancer.proto b/projects/gloo/api/v1/load_balancer.proto index 41d77a763a0..58df387f061 100644 --- a/projects/gloo/api/v1/load_balancer.proto +++ b/projects/gloo/api/v1/load_balancer.proto @@ -95,8 +95,8 @@ message LoadBalancerConfig { // By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve. // // During slow start window, effective weight of an endpoint would be scaled with time factor and aggression: - // ``new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))``, - // where ``time_factor=(time_since_start_seconds / slow_start_time_seconds)``. + // `new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))`, + // where `time_factor=(time_since_start_seconds / slow_start_time_seconds)`. // // As time progresses, more and more traffic would be sent to endpoint, which is in slow start window. // Once host exits slow start, time_factor and aggression no longer affect its weight. diff --git a/projects/gloo/api/v1/options/als/als.proto b/projects/gloo/api/v1/options/als/als.proto index 65adb1317ec..058ccf3f791 100644 --- a/projects/gloo/api/v1/options/als/als.proto +++ b/projects/gloo/api/v1/options/als/als.proto @@ -145,7 +145,7 @@ message TraceableFilter { // Filters for random sampling of requests. message RuntimeFilter { // Runtime key to get an optional overridden numerator for use in the - // ``percent_sampled`` field. If found in runtime, this value will replace the + // `percent_sampled` field. If found in runtime, this value will replace the // default numerator. string runtime_key = 1 [(validate.rules).string = {min_len: 1}]; @@ -159,9 +159,9 @@ message RuntimeFilter { // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is - // missing, or ``use_independent_randomness`` is set to true, the filter will + // missing, or `use_independent_randomness` is set to true, the filter will // randomly sample based on the runtime key value alone. - // ``use_independent_randomness`` can be used for logging kill switches within + // `use_independent_randomness` can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to diff --git a/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto b/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto index 44efeb60f92..373c54a2af5 100644 --- a/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto +++ b/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto @@ -65,20 +65,20 @@ message DnsCacheConfig { // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // - // .. note: + // **Note**: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // - // .. note: + // **Note**: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}]; // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // - // .. note: + // **Note**: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured @@ -141,7 +141,7 @@ enum DnsLookupFamily { message RefreshRate { // Specifies the base interval between refreshes. This parameter is required and must be greater // than 1ms and less than - // :ref:`max_interval `. + // max_interval. google.protobuf.Duration base_interval = 1 [(validate.rules).duration = { required: true gt {nanos: 1000000} @@ -149,8 +149,8 @@ message RefreshRate { // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the - // :ref:`base_interval ` if set. The default - // is 10 times the :ref:`base_interval `. + // base_interval if set. The default + // is 10 times the base_interval. google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}]; } @@ -163,7 +163,7 @@ message PerRouteConfig { // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with - // :ref:`HCM host rewrite ` given that the + // HCM host rewrite given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. string host_rewrite = 1; @@ -178,7 +178,7 @@ message PerRouteConfig { // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. // - // .. note:: + // **Note**: // // If the header appears multiple times only the first value is used. string auto_host_rewrite_header = 2; diff --git a/projects/gloo/api/v1/options/grpc_json/grpc_json.proto b/projects/gloo/api/v1/options/grpc_json/grpc_json.proto index 5995a96a299..ca799bf95ac 100644 --- a/projects/gloo/api/v1/options/grpc_json/grpc_json.proto +++ b/projects/gloo/api/v1/options/grpc_json/grpc_json.proto @@ -15,7 +15,7 @@ option (extproto.clone_all) = true; import "validate/validate.proto"; // [#protodoc-title: gRPC-JSON transcoder] -// gRPC-JSON transcoder :ref:`configuration overview `. +// gRPC-JSON transcoder configuration overview. // [#extension: envoy.filters.http.grpc_json_transcoder] // [#next-free-field: 10] @@ -39,7 +39,7 @@ message GrpcJsonTranscoder { bool always_print_enums_as_ints = 3; // Whether to preserve proto field names. By default protobuf will - // generate JSON field names using the ``json_name`` option, or lower camel case, + // generate JSON field names using the `json_name` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. bool preserve_proto_field_names = 4; } @@ -77,14 +77,13 @@ message GrpcJsonTranscoder { // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that - // the transcoder will translate. If the service name doesn't exist in ``proto_descriptor``, - // Envoy will fail at startup. The ``proto_descriptor`` may contain more services than + // the transcoder will translate. If the service name doesn't exist in `proto_descriptor`, + // Envoy will fail at startup. The `proto_descriptor` may contain more services than // the service names specified here, but they won't be translated. repeated string services = 2 [(validate.rules).repeated = {min_items: 1}]; // Control options for response JSON. These options are passed directly to - // `JsonPrintOptions `_. + // [JsonPrintOptions](https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.util.json_util#JsonPrintOptions). PrintOptions print_options = 3; // Whether to keep the incoming request route after the outgoing headers have been transformed to @@ -121,12 +120,12 @@ message GrpcJsonTranscoder { // // message Shelf {} // - // The request ``/shelves/100?foo=bar`` will not be mapped to ``GetShelf``` because variable - // binding for ``foo`` is not defined. Adding ``foo`` to ``ignored_query_parameters`` will allow - // the same request to be mapped to ``GetShelf``. + // The request `/shelves/100?foo=bar` will not be mapped to `GetShelf` because variable + // binding for `foo` is not defined. Adding `foo` to `ignored_query_parameters` will allow + // the same request to be mapped to `GetShelf`. repeated string ignored_query_parameters = 6; - // Whether to route methods without the ``google.api.http`` option. + // Whether to route methods without the `google.api.http` option. // // Example : // @@ -144,22 +143,22 @@ message GrpcJsonTranscoder { // // message Shelf {} // - // The client could ``post`` a json body ``{"shelf": 1234}`` with the path of - // ``/bookstore.Bookstore/GetShelfRequest`` to call ``GetShelfRequest``. + // The client could `post` a json body `{"shelf": 1234}` with the path of + // `/bookstore.Bookstore/GetShelfRequest` to call `GetShelfRequest`. bool auto_mapping = 7; // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do - // not know them beforehand. Otherwise use ``ignored_query_parameters``. + // not know them beforehand. Otherwise use `ignored_query_parameters`. // Defaults to false. bool ignore_unknown_query_parameters = 8; // Whether to convert gRPC status headers to JSON. - // When trailer indicates a gRPC error and there was no HTTP body, take ``google.rpc.Status`` - // from the ``grpc-status-details-bin`` header and use it as JSON body. - // If there was no such header, make ``google.rpc.Status`` out of the ``grpc-status`` and - // ``grpc-message`` headers. - // The error details types must be present in the ``proto_descriptor``. + // When trailer indicates a gRPC error and there was no HTTP body, take `google.rpc.Status` + // from the `grpc-status-details-bin` header and use it as JSON body. + // If there was no such header, make `google.rpc.Status` out of the `grpc-status` and + // `grpc-message` headers. + // The error details types must be present in the `proto_descriptor`. // // For example, if an upstream server replies with headers: // @@ -169,8 +168,8 @@ message GrpcJsonTranscoder { // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // - // The ``grpc-status-details-bin`` header contains a base64-encoded protobuf message - // ``google.rpc.Status``. It will be transcoded into: + // The `grpc-status-details-bin` header contains a base64-encoded protobuf message + // `google.rpc.Status`. It will be transcoded into: // // .. code-block:: none // @@ -179,8 +178,8 @@ message GrpcJsonTranscoder { // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // - // In order to transcode the message, the ``google.rpc.RequestInfo`` type from - // the ``google/rpc/error_details.proto`` should be included in the configured - // :ref:`proto descriptor set `. + // In order to transcode the message, the `google.rpc.RequestInfo` type from + // the `google/rpc/error_details.proto` should be included in the configured + // proto descriptor set. bool convert_grpc_status = 9; } \ No newline at end of file diff --git a/projects/gloo/api/v1/options/protocol/protocol.proto b/projects/gloo/api/v1/options/protocol/protocol.proto index 4849045dae1..90a25e72d28 100644 --- a/projects/gloo/api/v1/options/protocol/protocol.proto +++ b/projects/gloo/api/v1/options/protocol/protocol.proto @@ -20,7 +20,7 @@ message HttpProtocolOptions { // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // - // .. warning:: + // **Warning**: // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. google.protobuf.Duration idle_timeout = 1; @@ -89,7 +89,7 @@ message Http1ProtocolOptions { } message Http2ProtocolOptions { - // `Maximum concurrent streams `_ + // [Maximum concurrent streams](https://httpwg.org/specs/rfc7540.html#rfc.section.5.1.2) // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // @@ -102,8 +102,7 @@ message Http2ProtocolOptions { // not the per-connection negotiated limits. google.protobuf.UInt32Value max_concurrent_streams = 2; - // `Initial stream-level flow-control window - // `_ size. Valid values range from 65535 + // [Initial stream-level flow-control window](https://httpwg.org/specs/rfc7540.html#rfc.section.6.9.2) size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // @@ -126,7 +125,7 @@ message Http2ProtocolOptions { // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // - // See `RFC7540, sec. 8.1 `_ for details. + // See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 14; } diff --git a/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto b/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto index ed2ab083795..771a2b830de 100644 --- a/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto +++ b/projects/gloo/api/v1/options/proxy_protocol/proxy_protocol.proto @@ -23,8 +23,7 @@ message ProxyProtocol { // A Rule defines what metadata to apply when a header is present or missing. message Rule { // The type that triggers the rule - required - // TLV type is defined as uint8_t in proxy protocol. See `the spec - // `_ for details. + // TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. uint32 tlv_type = 1 [(validate.rules).uint32 = {lt: 256}]; // If the TLV type is present, apply this metadata KeyValuePair. @@ -36,7 +35,7 @@ message ProxyProtocol { // Allow requests through that don't use proxy protocol. Defaults to false. // - // .. attention:: + // **Attention**: // // The true setting is only honored in Gloo Gateway Enterprise. // This breaks conformance with the specification. diff --git a/projects/gloo/api/v1/proxy.proto b/projects/gloo/api/v1/proxy.proto index 525a271c1a2..cfa2f6947af 100644 --- a/projects/gloo/api/v1/proxy.proto +++ b/projects/gloo/api/v1/proxy.proto @@ -520,22 +520,22 @@ message RedirectAction { // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // - // Examples using Google's `RE2 `_ engine: + // Examples using Google's [RE2](https://github.com/google/re2) engine: // - // * The path pattern ``^/service/([^/]+)(/.*)$`` paired with a substitution - // string of ``\2/instance/\1`` would transform ``/service/foo/v1/api`` - // into ``/v1/api/instance/foo``. + // * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution + // string of `\2/instance/\1` would transform `/service/foo/v1/api` + // into `/v1/api/instance/foo`. // - // * The pattern ``one`` paired with a substitution string of ``two`` would - // transform ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/two/zzz``. + // * The pattern `one` paired with a substitution string of `two` would + // transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. // - // * The pattern ``^(.*?)one(.*)$`` paired with a substitution string of - // ``\1two\2`` would replace only the first occurrence of ``one``, - // transforming path ``/xxx/one/yyy/one/zzz`` into ``/xxx/two/yyy/one/zzz``. + // * The pattern `^(.*?)one(.*)$` paired with a substitution string of + // `\1two\2` would replace only the first occurrence of `one`, + // transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. // - // * The pattern ``(?i)/xxx/`` paired with a substitution string of ``/yyy/`` - // would do a case-insensitive match and transform path ``/aaa/XxX/bbb`` to - // ``/aaa/yyy/bbb``. + // * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` + // would do a case-insensitive match and transform path `/aaa/XxX/bbb` to + // `/aaa/yyy/bbb`. .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute regex_rewrite = 32; } diff --git a/projects/gloo/api/v1/upstream.proto b/projects/gloo/api/v1/upstream.proto index f21a38583eb..7a2f04bfdc2 100644 --- a/projects/gloo/api/v1/upstream.proto +++ b/projects/gloo/api/v1/upstream.proto @@ -90,7 +90,7 @@ message Upstream { enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). - // If :ref:`http2_protocol_options ` are + // If http2_protocol_options are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. USE_CONFIGURED_PROTOCOL = 0; @@ -134,7 +134,7 @@ message Upstream { // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // - // See `RFC7540, sec. 8.1 `_ for details. + // See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. google.protobuf.BoolValue override_stream_error_on_invalid_http_message = 26; // Tells envoy that the upstream is an HTTP proxy (e.g., another proxy in a DMZ) that supports HTTP Connect. @@ -236,7 +236,7 @@ message PreconnectPolicy { // Indicates how many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). - // Unlike ``per_upstream_preconnect_ratio`` this preconnects across the upstream instances in a + // Unlike `per_upstream_preconnect_ratio` this preconnects across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. // diff --git a/projects/gloo/pkg/api/external/envoy/api/v2/core/health_check.pb.go b/projects/gloo/pkg/api/external/envoy/api/v2/core/health_check.pb.go index 4e1c5db87cb..ac980bd2a7a 100644 --- a/projects/gloo/pkg/api/external/envoy/api/v2/core/health_check.pb.go +++ b/projects/gloo/pkg/api/external/envoy/api/v2/core/health_check.pb.go @@ -42,9 +42,9 @@ const ( // Unhealthy. HealthStatus_UNHEALTHY HealthStatus = 2 // Connection draining in progress. E.g., - // ``_ + // https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ // or - // ``_. + // https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. // This is interpreted by Envoy as *UNHEALTHY*. HealthStatus_DRAINING HealthStatus = 3 // Health check timed out. This is part of HDS and is interpreted by Envoy as @@ -482,7 +482,7 @@ type HealthCheck_HttpHealthCheck struct { // HTTP Method that will be used for health checking, default is "GET". // GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported. // CONNECT method is disallowed because it is not appropriate for health check request. - // If a non-200 response is expected by the method, it needs to be set in :ref:`expected_statuses `. + // If a non-200 response is expected by the method, it needs to be set in expected_statuses. Method v3.RequestMethod `protobuf:"varint,11,opt,name=method,proto3,enum=solo.io.envoy.config.core.v3.RequestMethod" json:"method,omitempty"` } @@ -645,7 +645,7 @@ type HealthCheck_RedisHealthCheck struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // If set, optionally perform “EXISTS “ instead of “PING“. A return value + // If set, optionally perform `EXISTS ` instead of `PING`. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. @@ -691,9 +691,8 @@ func (x *HealthCheck_RedisHealthCheck) GetKey() string { return "" } -// `grpc.health.v1.Health -// `_-based -// healthcheck. See `gRPC doc `_ +// [grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based +// healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) // for details. type HealthCheck_GrpcHealthCheck struct { state protoimpl.MessageState @@ -701,10 +700,8 @@ type HealthCheck_GrpcHealthCheck struct { unknownFields protoimpl.UnknownFields // An optional service name parameter which will be sent to gRPC service in - // `grpc.health.v1.HealthCheckRequest - // `_. - // message. See `gRPC health-checking overview - // `_ for more information. + // [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20) + // message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. ServiceName string `protobuf:"bytes,1,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"` // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated diff --git a/projects/gloo/pkg/api/external/envoy/api/v2/route/route.pb.go b/projects/gloo/pkg/api/external/envoy/api/v2/route/route.pb.go index 5378d88ccf2..944090cd58e 100644 --- a/projects/gloo/pkg/api/external/envoy/api/v2/route/route.pb.go +++ b/projects/gloo/pkg/api/external/envoy/api/v2/route/route.pb.go @@ -257,18 +257,18 @@ type VirtualHost struct { // // Domain search order: // - // 1. Exact domain names: “www.foo.com“. + // 1. Exact domain names: `www.foo.com`. // - // 2. Suffix domain wildcards: “*.foo.com“ or “*-bar.foo.com“. + // 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. // - // 3. Prefix domain wildcards: “foo.*“ or “foo-*“. + // 3. Prefix domain wildcards: `foo.*` or `foo-*`. // - // 4. Special wildcard “*“ matching any domain. + // 4. Special wildcard `*` matching any domain. // // The wildcard will not match the empty string. - // e.g. “*-bar.foo.com“ will match “baz-bar.foo.com“ but not “-bar.foo.com“. + // e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. // The longest wildcards match first. - // Only a single virtual host in the entire route configuration can match on “*“. A domain + // Only a single virtual host in the entire route configuration can match on `*`. A domain // must be unique across all virtual hosts or the config will fail to load. Domains []string `protobuf:"bytes,2,rep,name=domains,proto3" json:"domains,omitempty"` // The list of routes that will be matched, in order, for incoming requests. @@ -957,8 +957,7 @@ type RouteMatch_Regex struct { // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a - // subsequence of the *:path* header matches the regex. The regex grammar is defined `here - // `_. + // subsequence of the *:path* header matches the regex. The regex grammar is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // @@ -1279,7 +1278,7 @@ type RouteAction struct { // Indicates that the route has a CORS policy. Cors *CorsPolicy `protobuf:"bytes,17,opt,name=cors,proto3" json:"cors,omitempty"` // If present, and the request is a gRPC request, use the - // `grpc-timeout header `_, + // [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), // or its default value (infinity) instead of // `timeout (envoy_api_field_route.RouteAction.timeout)`, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for @@ -2192,8 +2191,7 @@ type VirtualCluster struct { unknownFields protoimpl.UnknownFields // Specifies a regex pattern to use for matching requests. The entire path of the request - // must match the regex. The regex grammar used is defined `here - // `_. + // must match the regex. The regex grammar used is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // @@ -2495,7 +2493,7 @@ type HeaderMatcher_RegexMatch struct { // If specified, this regex string is a regular expression rule which implies the entire request // header value must match the regex. The rule will not match if only a subsequence of the // request header value matches the regex. The regex grammar used in the value field is defined - // `here `_. + // [here](https://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples: // @@ -3727,7 +3725,7 @@ func (*RateLimit_Action_HeaderValueMatch_) isRateLimit_Action_ActionSpecifier() // // ``` // -// is derived from the :option:`--service-cluster` option. +// is derived from the `--service-cluster` option. type RateLimit_Action_SourceCluster struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/projects/gloo/pkg/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.pb.go b/projects/gloo/pkg/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.pb.go index 29577e2cdb4..c7e2782f580 100644 --- a/projects/gloo/pkg/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.pb.go @@ -40,22 +40,22 @@ const ( // denoted by an x-envoy prefix) or specific headers that may affect // further filter processing: // -// * “host“ -// * “:authority“ -// * “:scheme“ -// * “:method“ +// * `host` +// * `:authority` +// * `:scheme` +// * `:method` // // Every attempt to add, change, append, or remove a header will be // tested against the rules here. Disallowed header mutations will be -// ignored unless “disallow_is_error“ is set to true. +// ignored unless `disallow_is_error` is set to true. // // Attempts to remove headers are further constrained -- regardless of the -// settings, system-defined headers (that start with “:“) and the “host“ +// settings, system-defined headers (that start with `:`) and the `host` // header may never be removed. // // In addition, a counter will be incremented whenever a mutation is // rejected. In the ext_proc filter, that counter is named -// “rejected_header_mutations“. +// `rejected_header_mutations`. // [#next-free-field: 8] type HeaderMutationRules struct { state protoimpl.MessageState @@ -64,27 +64,27 @@ type HeaderMutationRules struct { // By default, certain headers that could affect processing of subsequent // filters or request routing cannot be modified. These headers are - // “host“, “:authority“, “:scheme“, and “:method“. Setting this parameter + // `host`, `:authority`, `:scheme`, and `:method`. Setting this parameter // to true allows these headers to be modified as well. AllowAllRouting *wrappers.BoolValue `protobuf:"bytes,1,opt,name=allow_all_routing,json=allowAllRouting,proto3" json:"allow_all_routing,omitempty"` // If true, allow modification of envoy internal headers. By default, these - // start with “x-envoy“ but this may be overridden in the “Bootstrap“ + // start with `x-envoy` but this may be overridden in the `Bootstrap` // configuration using the // :ref:`header_prefix ` // field. Default is false. AllowEnvoy *wrappers.BoolValue `protobuf:"bytes,2,opt,name=allow_envoy,json=allowEnvoy,proto3" json:"allow_envoy,omitempty"` // If true, prevent modification of any system header, defined as a header - // that starts with a “:“ character, regardless of any other settings. - // A processing server may still override the “:status“ of an HTTP response - // using an “ImmediateResponse“ message. Default is false. + // that starts with a `:` character, regardless of any other settings. + // A processing server may still override the `:status` of an HTTP response + // using an `ImmediateResponse` message. Default is false. DisallowSystem *wrappers.BoolValue `protobuf:"bytes,3,opt,name=disallow_system,json=disallowSystem,proto3" json:"disallow_system,omitempty"` // If true, prevent modifications of all header values, regardless of any - // other settings. A processing server may still override the “:status“ - // of an HTTP response using an “ImmediateResponse“ message. Default is false. + // other settings. A processing server may still override the `:status` + // of an HTTP response using an `ImmediateResponse` message. Default is false. DisallowAll *wrappers.BoolValue `protobuf:"bytes,4,opt,name=disallow_all,json=disallowAll,proto3" json:"disallow_all,omitempty"` // If set, specifically allow any header that matches this regular // expression. This overrides all other settings except for - // “disallow_expression“. + // `disallow_expression`. AllowExpression *v3.RegexMatcher `protobuf:"bytes,5,opt,name=allow_expression,json=allowExpression,proto3" json:"allow_expression,omitempty"` // If set, specifically disallow any header that matches this regular // expression regardless of any other settings. @@ -93,7 +93,7 @@ type HeaderMutationRules struct { // disallowed, then the filter using this configuration will terminate the // request with a 500 error. In addition, regardless of the setting of this // parameter, any attempt to set, add, or modify a disallowed header will - // cause the “rejected_header_mutations“ counter to be incremented. + // cause the `rejected_header_mutations` counter to be incremented. // Default is false. DisallowIsError *wrappers.BoolValue `protobuf:"bytes,7,opt,name=disallow_is_error,json=disallowIsError,proto3" json:"disallow_is_error,omitempty"` } diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/address.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/address.pb.go index ee969903677..e827b31e206 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/address.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/address.pb.go @@ -138,17 +138,17 @@ type SocketAddress struct { unknownFields protoimpl.UnknownFields Protocol SocketAddress_Protocol `protobuf:"varint,1,opt,name=protocol,proto3,enum=solo.io.envoy.config.core.v3.SocketAddress_Protocol" json:"protocol,omitempty"` - // The address for this socket. :ref:`Listeners ` will bind - // to the address. An empty address is not allowed. Specify “0.0.0.0“ or “::“ + // The address for this socket. Listeners will bind + // to the address. An empty address is not allowed. Specify `0.0.0.0` or `::` // to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: // It is possible to distinguish a Listener address via the prefix/suffix matching - // in :ref:`FilterChainMatch `.] When used - // within an upstream :ref:`BindConfig `, the address + // in FilterChainMatch.] When used + // within an upstream BindConfig, the address // controls the source address of outbound connections. For :ref:`clusters // `, the cluster type determines whether the // address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS // (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized - // via :ref:`resolver_name `. + // via resolver_name. Address string `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"` // Types that are assignable to PortSpecifier: // @@ -161,10 +161,9 @@ type SocketAddress struct { // should be set for resolution other than DNS. Specifying a custom resolver with // *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. ResolverName string `protobuf:"bytes,5,opt,name=resolver_name,json=resolverName,proto3" json:"resolver_name,omitempty"` - // When binding to an IPv6 address above, this enables `IPv4 compatibility - // `_. Binding to “::“ will + // When binding to an IPv6 address above, this enables [IPv4 compatibility](https://datatracker.ietf.org/doc/html/rfc3493#page-11). Binding to `::` will // allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into - // IPv6 space as “::FFFF:“. + // IPv6 space as `::FFFF:`. Ipv4Compat bool `protobuf:"varint,6,opt,name=ipv4_compat,json=ipv4Compat,proto3" json:"ipv4_compat,omitempty"` } @@ -497,13 +496,13 @@ func (*Address_SocketAddress) isAddress_Address() {} func (*Address_Pipe) isAddress_Address() {} // CidrRange specifies an IP Address and a prefix length to construct -// the subnet mask for a `CIDR `_ range. +// the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. type CidrRange struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // IPv4 or IPv6 address, e.g. “192.0.0.0“ or “2001:db8::“. + // IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. AddressPrefix string `protobuf:"bytes,1,opt,name=address_prefix,json=addressPrefix,proto3" json:"address_prefix,omitempty"` // Length of prefix, e.g. 0, 32. PrefixLen *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=prefix_len,json=prefixLen,proto3" json:"prefix_len,omitempty"` diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/base.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/base.pb.go index 931df682f7a..b5d75a841aa 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/base.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/base.pb.go @@ -212,15 +212,14 @@ type Locality struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // Region this :ref:`zone ` belongs to. + // Region this zone belongs to. Region string `protobuf:"bytes,1,opt,name=region,proto3" json:"region,omitempty"` // Defines the local service zone where Envoy is running. Though optional, it // should be set if discovery service routing is used and the discovery - // service exposes :ref:`zone data `, - // either in this message or via :option:`--service-zone`. The meaning of zone - // is context dependent, e.g. `Availability Zone (AZ) - // `_ - // on AWS, `Zone `_ on + // service exposes zone data, + // either in this message or via `--service-zone`. The meaning of zone + // is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) + // on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on // GCP, etc. Zone string `protobuf:"bytes,2,opt,name=zone,proto3" json:"zone,omitempty"` // When used for locality of upstream hosts, this field further splits zone @@ -448,23 +447,23 @@ type Node struct { // An opaque node identifier for the Envoy node. This also provides the local // service node name. It should be set if any of the following features are - // used: :ref:`statsd `, :ref:`CDS + // used: statsd, :ref:`CDS // `, and :ref:`HTTP tracing // `, either in this message or via - // :option:`--service-node`. + // `--service-node`. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Defines the local service cluster name where Envoy is running. Though // optional, it should be set if any of the following features are used: - // :ref:`statsd `, :ref:`health check cluster + // statsd, :ref:`health check cluster // verification // `, - // :ref:`runtime override directory `, + // runtime override directory, // :ref:`user agent addition // `, - // :ref:`HTTP global rate limiting `, - // :ref:`CDS `, and :ref:`HTTP tracing + // HTTP global rate limiting, + // CDS, and :ref:`HTTP tracing // `, either in this message or via - // :option:`--service-cluster`. + // `--service-cluster`. Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3" json:"cluster,omitempty"` // Opaque metadata extending the node identifier. Envoy will pass this // directly to the management server. @@ -484,11 +483,11 @@ type Node struct { // Client feature support list. These are well known features described // in the Envoy API repository for a given major version of an API. Client features // use reverse DNS naming scheme, for example `com.acme.feature`. - // See :ref:`the list of features ` that xDS client may + // See the list of features that xDS client may // support. ClientFeatures []string `protobuf:"bytes,10,rep,name=client_features,json=clientFeatures,proto3" json:"client_features,omitempty"` // Known listening ports on the node as a generic hint to the management server - // for filtering :ref:`listeners ` to be returned. For example, + // for filtering listeners to be returned. For example, // if there is a listener bound to port 80, the list can optionally contain the // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. ListeningAddresses []*Address `protobuf:"bytes,11,rep,name=listening_addresses,json=listeningAddresses,proto3" json:"listening_addresses,omitempty"` @@ -640,7 +639,7 @@ func (*Node_UserAgentBuildVersion) isNode_UserAgentVersionType() {} // object to match against. There are some well defined metadata used today for // this purpose: // -// - “{"envoy.lb": {"canary": }}“ This indicates the canary status of an +// - `{"envoy.lb": {"canary": }}` This indicates the canary status of an // endpoint and is also used during header processing // (x-envoy-upstream-canary) and for stats purposes. // @@ -820,7 +819,7 @@ type RuntimeFeatureFlag struct { DefaultValue *wrappers.BoolValue `protobuf:"bytes,1,opt,name=default_value,json=defaultValue,proto3" json:"default_value,omitempty"` // Runtime key to get value for comparison. This value is used if defined. The boolean value must // be represented via its - // `canonical JSON encoding `_. + // [canonical JSON encoding](https://developers.google.com/protocol-buffers/docs/proto3#json). RuntimeKey string `protobuf:"bytes,2,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"` } @@ -880,8 +879,8 @@ type HeaderValue struct { Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` // Header value. // - // The same :ref:`format specifier ` as used for - // :ref:`HTTP access logging ` applies here, however + // The same format specifier as used for + // HTTP access logging applies here, however // unknown header values are replaced with the empty string instead of `-`. Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"` } @@ -1144,7 +1143,7 @@ type RetryPolicy struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // Specifies parameters that control :ref:`retry backoff strategy `. + // Specifies parameters that control retry backoff strategy. // This parameter is optional, in which case the default base interval is 1000 milliseconds. The // default maximum interval is 10 times the base interval. RetryBackOff *BackoffStrategy `protobuf:"bytes,1,opt,name=retry_back_off,json=retryBackOff,proto3" json:"retry_back_off,omitempty"` @@ -1350,8 +1349,8 @@ func (*AsyncDataSource_Local) isAsyncDataSource_Specifier() {} func (*AsyncDataSource_Remote) isAsyncDataSource_Specifier() {} -// Configuration for transport socket in :ref:`listeners ` and -// :ref:`clusters `. If the configuration is +// Configuration for transport socket in listeners and +// clusters. If the configuration is // empty, a default transport socket implementation and configuration will be // chosen based on the platform and existence of tls_context. type TransportSocket struct { @@ -1437,10 +1436,10 @@ func (*TransportSocket_TypedConfig) isTransportSocket_ConfigType() {} // Runtime derived FractionalPercent with defaults for when the numerator or denominator is not // specified via a runtime key. // -// .. note:: +// **Note**: // // Parsing of the runtime key's data is implemented such that it may be represented as a -// :ref:`FractionalPercent ` proto represented as JSON/YAML +// FractionalPercent proto represented as JSON/YAML // and may also be represented as an integer with the assumption that the value is an integral // percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse // as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/grpc_service.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/grpc_service.pb.go index 3bd1bbbfe51..69c30dbcb5d 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/grpc_service.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/grpc_service.pb.go @@ -47,7 +47,7 @@ type GrpcService struct { Timeout *duration.Duration `protobuf:"bytes,3,opt,name=timeout,proto3" json:"timeout,omitempty"` // Additional metadata to include in streams initiated to the GrpcService. // This can be used for scenarios in which additional ad hoc authorization - // headers (e.g. “x-foo-bar: baz-key“) are to be injected. + // headers (e.g. `x-foo-bar: baz-key`) are to be injected. InitialMetadata []*HeaderValue `protobuf:"bytes,5,rep,name=initial_metadata,json=initialMetadata,proto3" json:"initial_metadata,omitempty"` } @@ -130,7 +130,7 @@ type GrpcService_EnvoyGrpc_ struct { } type GrpcService_GoogleGrpc_ struct { - // `Google C++ gRPC client `_ + // [Google C++ gRPC client](https://github.com/grpc/grpc) // See the :ref:`gRPC services overview ` // documentation for discussion on gRPC client selection. GoogleGrpc *GrpcService_GoogleGrpc `protobuf:"bytes,2,opt,name=google_grpc,json=googleGrpc,proto3,oneof"` @@ -146,10 +146,10 @@ type GrpcService_EnvoyGrpc struct { unknownFields protoimpl.UnknownFields // The name of the upstream gRPC cluster. SSL credentials will be supplied - // in the :ref:`Cluster ` :ref:`transport_socket + // in the Cluster :ref:`transport_socket // `. ClusterName string `protobuf:"bytes,1,opt,name=cluster_name,json=clusterName,proto3" json:"cluster_name,omitempty"` - // The “:authority“ header in the grpc request. If this field is not set, the authority header value will be “cluster_name“. + // The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. // Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. Authority string `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"` // Indicates the retry policy for re-establishing the gRPC stream @@ -218,13 +218,11 @@ type GrpcService_GoogleGrpc struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // The target URI when using the `Google C++ gRPC client - // `_. SSL credentials will be supplied in - // :ref:`channel_credentials `. + // The target URI when using the [Google C++ gRPC client](https://github.com/grpc/grpc). SSL credentials will be supplied in + // channel_credentials. TargetUri string `protobuf:"bytes,1,opt,name=target_uri,json=targetUri,proto3" json:"target_uri,omitempty"` ChannelCredentials *GrpcService_GoogleGrpc_ChannelCredentials `protobuf:"bytes,2,opt,name=channel_credentials,json=channelCredentials,proto3" json:"channel_credentials,omitempty"` - // A set of call credentials that can be composed with `channel credentials - // `_. + // A set of call credentials that can be composed with [channel credentials](https://grpc.io/docs/guides/auth.html#credential-types). CallCredentials []*GrpcService_GoogleGrpc_CallCredentials `protobuf:"bytes,3,rep,name=call_credentials,json=callCredentials,proto3" json:"call_credentials,omitempty"` // The human readable prefix to use when emitting statistics for the gRPC // service. diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/health_check.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/health_check.pb.go index c27728031d6..2a50a82b844 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/health_check.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/health_check.pb.go @@ -42,9 +42,9 @@ const ( // Unhealthy. HealthStatus_UNHEALTHY HealthStatus = 2 // Connection draining in progress. E.g., - // ``_ + // https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ // or - // ``_. + // https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. // This is interpreted by Envoy as *UNHEALTHY*. HealthStatus_DRAINING HealthStatus = 3 // Health check timed out. This is part of HDS and is interpreted by Envoy as @@ -173,7 +173,7 @@ type HealthCheck struct { // // The default value for "healthy edge interval" is the same as the default interval. HealthyEdgeInterval *duration.Duration `protobuf:"bytes,16,opt,name=healthy_edge_interval,json=healthyEdgeInterval,proto3" json:"healthy_edge_interval,omitempty"` - // Specifies the path to the :ref:`health check event log `. + // Specifies the path to the health check event log. // If empty, no event log will be written. EventLogPath string `protobuf:"bytes,17,opt,name=event_log_path,json=eventLogPath,proto3" json:"event_log_path,omitempty"` // [#not-implemented-hide:] @@ -187,7 +187,7 @@ type HealthCheck struct { // This allows overriding the cluster TLS settings, just for health check connections. TlsOptions *HealthCheck_TlsOptions `protobuf:"bytes,21,opt,name=tls_options,json=tlsOptions,proto3" json:"tls_options,omitempty"` // Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's - // :ref:`tranport socket matches `. + // tranport socket matches. // For example, the following match criteria // // .. code-block:: yaml @@ -208,12 +208,12 @@ type HealthCheck struct { // config: { ... } # tls socket configuration // // If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the - // :ref:`LbEndpoint.Metadata `. + // LbEndpoint.Metadata. // This allows using different transport socket capabilities for health checking versus proxying to the // endpoint. // // If the key/values pairs specified do not match any - // :ref:`transport socket matches `, + // transport socket matches, // the cluster's :ref:`transport socket ` // will be used for health check socket configuration. TransportSocketMatchCriteria *_struct.Struct `protobuf:"bytes,23,opt,name=transport_socket_match_criteria,json=transportSocketMatchCriteria,proto3" json:"transport_socket_match_criteria,omitempty"` @@ -537,7 +537,7 @@ type HealthCheck_HttpHealthCheck struct { // The value of the host header in the HTTP health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The host header can be customized for a specific endpoint by setting the - // :ref:`hostname ` field. + // hostname field. Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` // Specifies the HTTP path that will be requested during health checking. For example // */healthcheck*. @@ -556,7 +556,7 @@ type HealthCheck_HttpHealthCheck struct { RequestHeadersToRemove []string `protobuf:"bytes,8,rep,name=request_headers_to_remove,json=requestHeadersToRemove,proto3" json:"request_headers_to_remove,omitempty"` // Specifies a list of HTTP response statuses considered healthy. If provided, replaces default // 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open - // semantics of :ref:`Int64Range `. The start and end of each + // semantics of Int64Range. The start and end of each // range are required. Only statuses in the range [100, 600) are allowed. ExpectedStatuses []*v3.Int64Range `protobuf:"bytes,9,rep,name=expected_statuses,json=expectedStatuses,proto3" json:"expected_statuses,omitempty"` // Use specified application protocol for health checks. @@ -737,7 +737,7 @@ type HealthCheck_RedisHealthCheck struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // If set, optionally perform “EXISTS “ instead of “PING“. A return value + // If set, optionally perform `EXISTS ` instead of `PING`. A return value // from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other // than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance // by setting the specified key to any value and waiting for traffic to drain. @@ -783,9 +783,8 @@ func (x *HealthCheck_RedisHealthCheck) GetKey() string { return "" } -// `grpc.health.v1.Health -// `_-based -// healthcheck. See `gRPC doc `_ +// [grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based +// healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) // for details. type HealthCheck_GrpcHealthCheck struct { state protoimpl.MessageState @@ -793,15 +792,13 @@ type HealthCheck_GrpcHealthCheck struct { unknownFields protoimpl.UnknownFields // An optional service name parameter which will be sent to gRPC service in - // `grpc.health.v1.HealthCheckRequest - // `_. - // message. See `gRPC health-checking overview - // `_ for more information. + // [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20). + // message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. ServiceName string `protobuf:"bytes,1,opt,name=service_name,json=serviceName,proto3" json:"service_name,omitempty"` // The value of the :authority header in the gRPC health check request. If // left empty (default value), the name of the cluster this health check is associated // with will be used. The authority header can be customized for a specific endpoint by setting - // the :ref:`hostname ` field. + // the hostname field. Authority string `protobuf:"bytes,2,opt,name=authority,proto3" json:"authority,omitempty"` } diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/http_uri.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/http_uri.pb.go index 36e6b784a39..6dcd20f6d0c 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/http_uri.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/http_uri.pb.go @@ -41,8 +41,7 @@ type HttpUri struct { Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"` // Specify how `uri` is to be fetched. Today, this requires an explicit // cluster, but in the future we may support dynamic cluster creation or - // inline DNS resolution. See `issue - // `_. + // inline DNS resolution. See [issue](https://github.com/envoyproxy/envoy/issues/1606). // // Types that are assignable to HttpUpstreamType: // diff --git a/projects/gloo/pkg/api/external/envoy/config/core/v3/proxy_protocol.pb.go b/projects/gloo/pkg/api/external/envoy/config/core/v3/proxy_protocol.pb.go index 43a1337dfff..71bd7d5ef77 100644 --- a/projects/gloo/pkg/api/external/envoy/config/core/v3/proxy_protocol.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/core/v3/proxy_protocol.pb.go @@ -129,8 +129,7 @@ type ProxyProtocolPassThroughTLVs struct { // If INCLUDE_ALL is set, all TLVs will be passed through no matter the tlv_type field. MatchType ProxyProtocolPassThroughTLVs_PassTLVsMatchType `protobuf:"varint,1,opt,name=match_type,json=matchType,proto3,enum=solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs_PassTLVsMatchType" json:"match_type,omitempty"` // The TLV types that are applied based on match_type. - // TLV type is defined as uint8_t in proxy protocol. See `the spec - // `_ for details. + // TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. TlvType []uint32 `protobuf:"varint,2,rep,packed,name=tlv_type,json=tlvType,proto3" json:"tlv_type,omitempty"` } diff --git a/projects/gloo/pkg/api/external/envoy/config/route/v3/route_components.pb.go b/projects/gloo/pkg/api/external/envoy/config/route/v3/route_components.pb.go index 355d5788c42..ac903bc98ba 100644 --- a/projects/gloo/pkg/api/external/envoy/config/route/v3/route_components.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/route/v3/route_components.pb.go @@ -135,7 +135,7 @@ func (RouteAction_ClusterNotFoundResponseCode) EnumDescriptor() ([]byte, []int) return file_github_com_solo_io_gloo_projects_gloo_api_external_envoy_config_route_v3_route_components_proto_rawDescGZIP(), []int{6, 0} } -// Configures :ref:`internal redirect ` behavior. +// Configures internal redirect behavior. // [#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] // // Deprecated: Marked as deprecated in github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto. @@ -263,17 +263,17 @@ type VirtualHost struct { // virtual host. Wildcard hosts are supported in the suffix or prefix form. // // Domain search order: - // 1. Exact domain names: “www.foo.com“. - // 2. Suffix domain wildcards: “*.foo.com“ or “*-bar.foo.com“. - // 3. Prefix domain wildcards: “foo.*“ or “foo-*“. - // 4. Special wildcard “*“ matching any domain. + // 1. Exact domain names: `www.foo.com`. + // 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. + // 3. Prefix domain wildcards: `foo.*` or `foo-*`. + // 4. Special wildcard `*` matching any domain. // - // .. note:: + // **Note**: // // The wildcard will not match the empty string. - // e.g. ``*-bar.foo.com`` will match ``baz-bar.foo.com`` but not ``-bar.foo.com``. + // e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. // The longest wildcards match first. - // Only a single virtual host in the entire route configuration can match on ``*``. A domain + // Only a single virtual host in the entire route configuration can match on `*`. A domain // must be unique across all virtual hosts or the config will fail to load. // // Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. @@ -345,7 +345,7 @@ type VirtualHost struct { // [#not-implemented-hide:] // Specifies the configuration for retry policy extension. Note that setting a route level entry // will take precedence over this config and it'll be treated independently (e.g.: values are not - // inherited). :ref:`Retry policy ` should not be + // inherited). Retry policy should not be // set if this field is used. RetryPolicyTypedConfig *any1.Any `protobuf:"bytes,20,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"` // Indicates the hedge policy for all routes in this virtual host. Note that setting a @@ -567,7 +567,7 @@ func (x *FilterAction) GetAction() *any1.Any { // A route is both a specification of how to match a request as well as an indication of what to do // next (e.g., redirect, forward, rewrite, etc.). // -// .. attention:: +// **Attention**: // // Envoy supports routing on HTTP method via :ref:`header matching // `. @@ -600,7 +600,7 @@ type Route struct { // The typed_per_filter_config field can be used to provide route-specific // configurations for filters. The key should match the filter name, such as // *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter - // specific; see the :ref:`HTTP filter documentation ` for + // specific; see the HTTP filter documentation for // if and how it is utilized. TypedPerFilterConfig map[string]*any1.Any `protobuf:"bytes,13,rep,name=typed_per_filter_config,json=typedPerFilterConfig,proto3" json:"typed_per_filter_config,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` // Specifies a set of headers that will be added to requests matching this @@ -618,7 +618,7 @@ type Route struct { // headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and // :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on - // :ref:`custom request headers `. + // custom request headers. ResponseHeadersToAdd []*v3.HeaderValueOption `protobuf:"bytes,10,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"` // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. @@ -812,7 +812,7 @@ func (*Route_DirectResponse) isRoute_Action() {} func (*Route_FilterAction) isRoute_Action() {} -// Compared to the :ref:`cluster ` field that specifies a +// Compared to the cluster field that specifies a // single upstream cluster as the target of a request, the :ref:`weighted_clusters // ` option allows for specification of // multiple upstream clusters along with weights that indicate the percentage of @@ -917,7 +917,7 @@ type RouteMatch struct { // code/config deploys. Refer to the :ref:`traffic shifting // ` docs for additional documentation. // - // .. note:: + // **Note**: // // Parsing this field is implemented such that the runtime key's data may be represented // as a FractionalPercent proto represented as JSON/YAML and may also be represented as an @@ -1136,10 +1136,10 @@ type CorsPolicy struct { // Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not // enforced. // - // This field is intended to be used when “filter_enabled“ and “enabled“ are off. One of those + // This field is intended to be used when `filter_enabled` and `enabled` are off. One of those // fields have to explicitly disable the filter in order for this setting to take effect. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* to determine if it's valid but will not enforce any policies. ShadowEnabled *v3.RuntimeFractionalPercent `protobuf:"bytes,10,opt,name=shadow_enabled,json=shadowEnabled,proto3" json:"shadow_enabled,omitempty"` @@ -1247,10 +1247,10 @@ type isCorsPolicy_EnabledSpecifier interface { type CorsPolicy_FilterEnabled struct { // Specifies the % of requests for which the CORS filter is enabled. // - // If neither “enabled“, “filter_enabled“, nor “shadow_enabled“ are specified, the CORS + // If neither `enabled`, `filter_enabled`, nor `shadow_enabled` are specified, the CORS // filter will be enabled for 100% of the requests. // - // If :ref:`runtime_key ` is + // If runtime_key is // specified, Envoy will lookup the runtime key to get the percentage of requests to filter. FilterEnabled *v3.RuntimeFractionalPercent `protobuf:"bytes,9,opt,name=filter_enabled,json=filterEnabled,proto3,oneof"` } @@ -1288,13 +1288,13 @@ type RouteAction struct { // :ref:`regex_rewrite ` // may be specified. // - // .. attention:: + // **Attention**: // // Pay careful attention to the use of trailing slashes in the - // :ref:`route's match ` prefix value. + // route's match prefix value. // Stripping a prefix from a path requires multiple Routes to handle all cases. For example, // rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single - // :ref:`Route `, as shown by the below config entries: + // Route, as shown by the below config entries: // // .. code-block:: yaml // @@ -1322,22 +1322,22 @@ type RouteAction struct { // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // - // Examples using Google's `RE2 `_ engine: + // Examples using Google's [RE2](https://github.com/google/re2) engine: // - // - The path pattern “^/service/([^/]+)(/.*)$“ paired with a substitution - // string of “\2/instance/\1“ would transform “/service/foo/v1/api“ - // into “/v1/api/instance/foo“. + // - The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution + // string of `\2/instance/\1` would transform `/service/foo/v1/api` + // into `/v1/api/instance/foo`. // - // - The pattern “one“ paired with a substitution string of “two“ would - // transform “/xxx/one/yyy/one/zzz“ into “/xxx/two/yyy/two/zzz“. + // - The pattern `one` paired with a substitution string of `two` would + // transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. // - // - The pattern “^(.*?)one(.*)$“ paired with a substitution string of - // “\1two\2“ would replace only the first occurrence of “one“, - // transforming path “/xxx/one/yyy/one/zzz“ into “/xxx/two/yyy/one/zzz“. + // - The pattern `^(.*?)one(.*)$` paired with a substitution string of + // `\1two\2` would replace only the first occurrence of `one`, + // transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. // - // - The pattern “(?i)/xxx/“ paired with a substitution string of “/yyy/“ - // would do a case-insensitive match and transform path “/aaa/XxX/bbb“ to - // “/aaa/yyy/bbb“. + // - The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` + // would do a case-insensitive match and transform path `/aaa/XxX/bbb` to + // `/aaa/yyy/bbb`. RegexRewrite *v31.RegexMatchAndSubstitute `protobuf:"bytes,32,opt,name=regex_rewrite,json=regexRewrite,proto3" json:"regex_rewrite,omitempty"` // Types that are assignable to HostRewriteSpecifier: // @@ -1350,12 +1350,12 @@ type RouteAction struct { // processed and when the upstream response has been completely processed. A value of 0 will // disable the route's timeout. // - // .. note:: + // **Note**: // // This timeout includes all retries. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the - // :ref:`retry overview `. + // retry overview. Timeout *duration.Duration `protobuf:"bytes,8,opt,name=timeout,proto3" json:"timeout,omitempty"` // Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, // although the connection manager wide :ref:`stream_idle_timeout @@ -1388,14 +1388,14 @@ type RouteAction struct { RetryPolicyTypedConfig *any1.Any `protobuf:"bytes,33,opt,name=retry_policy_typed_config,json=retryPolicyTypedConfig,proto3" json:"retry_policy_typed_config,omitempty"` // Indicates that the route has request mirroring policies. RequestMirrorPolicies []*RouteAction_RequestMirrorPolicy `protobuf:"bytes,30,rep,name=request_mirror_policies,json=requestMirrorPolicies,proto3" json:"request_mirror_policies,omitempty"` - // Optionally specifies the :ref:`routing priority `. + // Optionally specifies the routing priority. Priority v3.RoutingPriority `protobuf:"varint,11,opt,name=priority,proto3,enum=solo.io.envoy.config.core.v3.RoutingPriority" json:"priority,omitempty"` // Specifies a set of rate limit configurations that could be applied to the // route. RateLimits []*RateLimit `protobuf:"bytes,13,rep,name=rate_limits,json=rateLimits,proto3" json:"rate_limits,omitempty"` // Specifies if the rate limit filter should include the virtual host rate // limits. By default, if the route configured rate limits, the virtual host - // :ref:`rate_limits ` are not applied to the + // rate_limits are not applied to the // request. IncludeVhRateLimits *wrappers.BoolValue `protobuf:"bytes,14,opt,name=include_vh_rate_limits,json=includeVhRateLimits,proto3" json:"include_vh_rate_limits,omitempty"` // Specifies a list of hash policies to use for ring hash load balancing. Each @@ -1414,24 +1414,24 @@ type RouteAction struct { // Indicates that the route has a CORS policy. Cors *CorsPolicy `protobuf:"bytes,17,opt,name=cors,proto3" json:"cors,omitempty"` // If present, and the request is a gRPC request, use the - // `grpc-timeout header `_, + // [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), // or its default value (infinity) instead of - // :ref:`timeout `, but limit the applied timeout + // timeout, but limit the applied timeout // to the maximum value specified here. If configured as 0, the maximum allowed timeout for // gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used // and gRPC requests time out like any other requests using - // :ref:`timeout ` or its default. + // timeout or its default. // This can be used to prevent unexpected upstream request timeouts due to potentially long // time gaps between gRPC request and response in gRPC streaming mode. // - // .. note:: + // **Note**: // // If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes - // precedence over `grpc-timeout header `_, when + // precedence over [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), when // both are present. See also // :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the - // :ref:`retry overview `. + // retry overview. MaxGrpcTimeout *duration.Duration `protobuf:"bytes,23,opt,name=max_grpc_timeout,json=maxGrpcTimeout,proto3" json:"max_grpc_timeout,omitempty"` // If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting // the provided duration from the header. This is useful in allowing Envoy to set its global @@ -1725,7 +1725,7 @@ type RouteAction_ClusterHeader struct { // header is not found or the referenced cluster does not exist, Envoy will // return a 404 response. // - // .. attention:: + // **Attention**: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 // *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. @@ -1768,10 +1768,10 @@ type RouteAction_AutoHostRewrite struct { type RouteAction_HostRewriteHeader struct { // Indicates that during forwarding, the host header will be swapped with the content of given - // downstream or :ref:`custom ` header. + // downstream or custom header. // If header value is empty, host header is left intact. // - // .. attention:: + // **Attention**: // // Pay attention to the potential security implications of using this option. Provided header // must come from trusted source. @@ -1784,7 +1784,7 @@ func (*RouteAction_AutoHostRewrite) isRouteAction_HostRewriteSpecifier() {} func (*RouteAction_HostRewriteHeader) isRouteAction_HostRewriteSpecifier() {} -// HTTP retry :ref:`architecture overview `. +// HTTP retry architecture overview. // [#next-free-field: 11] type RetryPolicy struct { state protoimpl.MessageState @@ -1803,21 +1803,21 @@ type RetryPolicy struct { // same conditions documented for // :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. // - // .. note:: + // **Note**: // // If left unspecified, Envoy will use the global - // :ref:`route timeout ` for the request. - // Consequently, when using a :ref:`5xx ` based + // route timeout for the request. + // Consequently, when using a 5xx based // retry policy, a request that times out will not be retried as the total timeout budget // would have been exhausted. PerTryTimeout *duration.Duration `protobuf:"bytes,3,opt,name=per_try_timeout,json=perTryTimeout,proto3" json:"per_try_timeout,omitempty"` // Specifies an implementation of a RetryPriority which is used to determine the // distribution of load across priorities used for retries. Refer to - // :ref:`retry plugin configuration ` for more details. + // retry plugin configuration for more details. RetryPriority *RetryPolicy_RetryPriority `protobuf:"bytes,4,opt,name=retry_priority,json=retryPriority,proto3" json:"retry_priority,omitempty"` // Specifies a collection of RetryHostPredicates that will be consulted when selecting a host // for retries. If any of the predicates reject the host, host selection will be reattempted. - // Refer to :ref:`retry plugin configuration ` for more + // Refer to retry plugin configuration for more // details. RetryHostPredicate []*RetryPolicy_RetryHostPredicate `protobuf:"bytes,5,rep,name=retry_host_predicate,json=retryHostPredicate,proto3" json:"retry_host_predicate,omitempty"` // The maximum number of times host selection will be reattempted before giving up, at which @@ -1942,7 +1942,7 @@ func (x *RetryPolicy) GetRetriableRequestHeaders() []*HeaderMatcher { return nil } -// HTTP request hedging :ref:`architecture overview `. +// HTTP request hedging architecture overview. type HedgePolicy struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -1964,7 +1964,7 @@ type HedgePolicy struct { // Once a timed out request is retried due to per try timeout, the router // filter will ensure that it is not retried again even if the returned // response headers would otherwise be retried according the specified - // :ref:`RetryPolicy `. + // RetryPolicy. // Defaults to false. HedgeOnPerTryTimeout bool `protobuf:"varint,3,opt,name=hedge_on_per_try_timeout,json=hedgeOnPerTryTimeout,proto3" json:"hedge_on_per_try_timeout,omitempty"` } @@ -2205,10 +2205,10 @@ type RedirectAction_PrefixRewrite struct { // should be swapped with this value. This option allows redirect URLs be dynamically created // based on the request. // - // .. attention:: + // **Attention**: // // Pay attention to the use of trailing slashes as mentioned in - // :ref:`RouteAction's prefix_rewrite `. + // RouteAction's prefix_rewrite. PrefixRewrite string `protobuf:"bytes,5,opt,name=prefix_rewrite,json=prefixRewrite,proto3,oneof"` } @@ -2226,7 +2226,7 @@ type DirectResponseAction struct { // Specifies the content of the response body. If this setting is omitted, // no body is included in the generated response. // - // .. note:: + // **Note**: // // Headers can be specified using *response_headers_to_add* in the enclosing // :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` or @@ -2288,7 +2288,7 @@ type Decorator struct { // The operation name associated with the request matched to this route. If tracing is // enabled, this information will be used as the span name reported for this request. // - // .. note:: + // **Note**: // // For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden // by the :ref:`x-envoy-decorator-operation @@ -2359,7 +2359,7 @@ type Tracing struct { // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the - // :ref:`HTTP Connection Manager `. + // HTTP Connection Manager. // Default: 100% RandomSampling *v32.FractionalPercent `protobuf:"bytes,2,opt,name=random_sampling,json=randomSampling,proto3" json:"random_sampling,omitempty"` // Target percentage of requests managed by this HTTP connection manager that will be traced @@ -2368,7 +2368,7 @@ type Tracing struct { // instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% // of client requests with the appropriate headers to be force traced. This field is a direct // analog for the runtime variable 'tracing.global_enabled' in the - // :ref:`HTTP Connection Manager `. + // HTTP Connection Manager. // Default: 100% OverallSampling *v32.FractionalPercent `protobuf:"bytes,3,opt,name=overall_sampling,json=overallSampling,proto3" json:"overall_sampling,omitempty"` // A list of custom tags with unique tag name to create tags for the active span. @@ -2450,9 +2450,9 @@ func (x *Tracing) GetCustomTags() []*v33.CustomTag { // statistics are perfect in the sense that they are emitted on the downstream // side such that they include network level failures. // -// Documentation for :ref:`virtual cluster statistics `. +// Documentation for virtual cluster statistics. // -// .. note:: +// **Note**: // // Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for // every application endpoint. This is both not easily maintainable and as well the matching and @@ -2468,7 +2468,7 @@ type VirtualCluster struct { Headers []*HeaderMatcher `protobuf:"bytes,4,rep,name=headers,proto3" json:"headers,omitempty"` // Specifies the name of the virtual cluster. The virtual cluster name as well // as the virtual host name are used when emitting statistics. The statistics are emitted by the - // router filter and are documented :ref:`here `. + // router filter and are documented here. Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` } @@ -2518,7 +2518,7 @@ func (x *VirtualCluster) GetName() string { return "" } -// Global rate limiting :ref:`architecture overview `. +// Global rate limiting architecture overview. type RateLimit struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -2528,7 +2528,7 @@ type RateLimit struct { // applies to filters with the same stage number. The default stage number is // 0. // - // .. note:: + // **Note**: // // The filter supports a range of 0 - 10 inclusively for stage numbers. Stage *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=stage,proto3" json:"stage,omitempty"` @@ -2608,12 +2608,12 @@ func (x *RateLimit) GetLimit() *RateLimit_Override { return nil } -// .. attention:: +// **Attention**: // // Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* // header. Thus, if attempting to match on *Host*, match on *:authority* instead. // -// .. attention:: +// **Attention**: // // To route on HTTP method, use the special HTTP/2 *:method* header. This works for both // HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., @@ -2625,7 +2625,7 @@ func (x *RateLimit) GetLimit() *RateLimit_Override { // "exact_match": "POST" // } // -// .. attention:: +// **Attention**: // // In the absence of any header match specifier, match will default to :ref:`present_match // `. i.e, a request that has the :ref:`name @@ -2657,7 +2657,7 @@ type HeaderMatcher struct { // // Examples: // - // * The regex “\d{3}“ does not match the value *1234*, so it will match when inverted. + // * The regex `\d{3}` does not match the value *1234*, so it will match when inverted. // * The range [-10,0) will match the value -1, so it will not match when inverted. InvertMatch bool `protobuf:"varint,8,opt,name=invert_match,json=invertMatch,proto3" json:"invert_match,omitempty"` } @@ -2922,7 +2922,7 @@ func (*QueryParameterMatcher_StringMatch) isQueryParameterMatcher_QueryParameter func (*QueryParameterMatcher_PresentMatch) isQueryParameterMatcher_QueryParameterMatchSpecifier() {} -// HTTP Internal Redirect :ref:`architecture overview `. +// HTTP Internal Redirect architecture overview. type InternalRedirectPolicy struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -3017,7 +3017,7 @@ type WeightedCluster_ClusterWeight struct { unknownFields protoimpl.UnknownFields // Name of the upstream cluster. The cluster must exist in the - // :ref:`cluster manager configuration `. + // cluster manager configuration. Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // An integer between 0 and :ref:`total_weight // `. When a request matches the route, @@ -3027,7 +3027,7 @@ type WeightedCluster_ClusterWeight struct { // Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in // the upstream cluster with metadata matching what is set in this field will be considered for // load balancing. Note that this will be merged with what's provided in - // :ref:`RouteAction.metadata_match `, with + // RouteAction.metadata_match, with // values here taking precedence. The filter name should be specified as *envoy.lb*. MetadataMatch *v3.Metadata `protobuf:"bytes,3,opt,name=metadata_match,json=metadataMatch,proto3" json:"metadata_match,omitempty"` // Specifies a list of headers to be added to requests when this cluster is selected @@ -3292,7 +3292,7 @@ func (*RouteMatch_ConnectMatcher) Descriptor() ([]byte, []int) { // During shadowing, the host/authority header is altered such that *-shadow* is appended. This is // useful for logging. For example, *cluster1* becomes *cluster1-shadow*. // -// .. note:: +// **Note**: // // Shadowing will not be triggered if the primary cluster does not exist. type RouteAction_RequestMirrorPolicy struct { @@ -4392,7 +4392,7 @@ func (*RateLimit_Override_DynamicMetadata_) isRateLimit_Override_OverrideSpecifi // // ("source_cluster", "") // -// is derived from the :option:`--service-cluster` option. +// is derived from the `--service-cluster` option. type RateLimit_Action_SourceCluster struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -4441,11 +4441,11 @@ func (*RateLimit_Action_SourceCluster) Descriptor() ([]byte, []int) { // the following :ref:`route table configuration ` // settings: // -// - :ref:`cluster ` indicates the upstream cluster +// - cluster indicates the upstream cluster // to route to. // - :ref:`weighted_clusters ` // chooses a cluster randomly from a set of clusters with attributed weight. -// - :ref:`cluster_header ` indicates which +// - cluster_header indicates which // header in the request contains the target cluster. type RateLimit_Action_DestinationCluster struct { state protoimpl.MessageState @@ -4562,7 +4562,7 @@ func (x *RateLimit_Action_RequestHeaders) GetSkipIfAbsent() bool { } // The following descriptor entry is appended to the descriptor and is populated using the -// trusted address from :ref:`x-forwarded-for `: +// trusted address from x-forwarded-for. // // .. code-block:: cpp // diff --git a/projects/gloo/pkg/api/external/envoy/config/trace/v3/zipkin.pb.go b/projects/gloo/pkg/api/external/envoy/config/trace/v3/zipkin.pb.go index e73e63599b4..cb1b4831cbd 100644 --- a/projects/gloo/pkg/api/external/envoy/config/trace/v3/zipkin.pb.go +++ b/projects/gloo/pkg/api/external/envoy/config/trace/v3/zipkin.pb.go @@ -113,7 +113,7 @@ type ZipkinConfig struct { // Determines whether client and server spans will share the same span context. // The default value is true. SharedSpanContext *wrappers.BoolValue `protobuf:"bytes,4,opt,name=shared_span_context,json=sharedSpanContext,proto3" json:"shared_span_context,omitempty"` - // Determines the selected collector endpoint version. By default, the “HTTP_JSON_V1“ will be + // Determines the selected collector endpoint version. By default, the `HTTP_JSON_V1` will be // used. CollectorEndpointVersion ZipkinConfig_CollectorEndpointVersion `protobuf:"varint,5,opt,name=collector_endpoint_version,json=collectorEndpointVersion,proto3,enum=solo.io.envoy.config.trace.v3.ZipkinConfig_CollectorEndpointVersion" json:"collector_endpoint_version,omitempty"` } diff --git a/projects/gloo/pkg/api/external/envoy/extensions/filters/http/csrf/v3/csrf.pb.go b/projects/gloo/pkg/api/external/envoy/extensions/filters/http/csrf/v3/csrf.pb.go index d77523adae5..d7c22005571 100644 --- a/projects/gloo/pkg/api/external/envoy/extensions/filters/http/csrf/v3/csrf.pb.go +++ b/projects/gloo/pkg/api/external/envoy/extensions/filters/http/csrf/v3/csrf.pb.go @@ -35,19 +35,19 @@ type CsrfPolicy struct { // Specifies the % of requests for which the CSRF filter is enabled. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests to filter. // - // .. note:: + // **Note**: // // This field defaults to 100/:ref:`HUNDRED // `. FilterEnabled *v3.RuntimeFractionalPercent `protobuf:"bytes,1,opt,name=filter_enabled,json=filterEnabled,proto3" json:"filter_enabled,omitempty"` // Specifies that CSRF policies will be evaluated and tracked, but not enforced. // - // This is intended to be used when “filter_enabled“ is off and will be ignored otherwise. + // This is intended to be used when `filter_enabled` is off and will be ignored otherwise. // - // If :ref:`runtime_key ` is specified, + // If runtime_key is specified, // Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate // and track the request's *Origin* and *Destination* to determine if it's valid, but will not // enforce any policies. @@ -56,7 +56,7 @@ type CsrfPolicy struct { // the destination origin. // // More information on how this can be configured via runtime can be found - // :ref:`here `. + // here. AdditionalOrigins []*v31.StringMatcher `protobuf:"bytes,3,rep,name=additional_origins,json=additionalOrigins,proto3" json:"additional_origins,omitempty"` } diff --git a/projects/gloo/pkg/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.pb.go b/projects/gloo/pkg/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.pb.go index fcb352b716b..89b4f303df7 100644 --- a/projects/gloo/pkg/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.pb.go +++ b/projects/gloo/pkg/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.pb.go @@ -29,9 +29,9 @@ const ( // Please see following for JWT authentication flow: // -// * `JSON Web Token (JWT) `_ -// * `The OAuth 2.0 Authorization Framework `_ -// * `OpenID Connect `_ +// * [JSON Web Token (JWT)](https://datatracker.ietf.org/doc/html/rfc7519) +// * [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749) +// * [OpenID Connect](http://openid.net/connect) // // A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: // @@ -63,7 +63,7 @@ type JwtProvider struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // Specify the `principal `_ that issued + // Specify the [principal](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1) that issued // the JWT, usually a URL or an email address. // // It is optional. If specified, it has to match the *iss* field in JWT. @@ -83,7 +83,7 @@ type JwtProvider struct { // Example: https://securetoken.google.com // Example: 1234567-compute@developer.gserviceaccount.com Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"` - // The list of JWT `audiences `_ are + // The list of JWT [audiences](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3) are // allowed to access. A JWT containing any of these audiences will be accepted. If not specified, // will not check audiences in the token. // @@ -95,7 +95,7 @@ type JwtProvider struct { // - bookstore_android.apps.googleusercontent.com // - bookstore_web.apps.googleusercontent.com Audiences []string `protobuf:"bytes,2,rep,name=audiences,proto3" json:"audiences,omitempty"` - // `JSON Web Key Set (JWKS) `_ is needed to + // [JSON Web Key Set (JWKS)](https://datatracker.ietf.org/doc/html/rfc7517#appendix-A) is needed to // validate signature of a JWT. This field specifies where to fetch JWKS. // // Types that are assignable to JwksSourceSpecifier: @@ -110,12 +110,11 @@ type JwtProvider struct { // // If no explicit location is specified, the following default locations are tried in order: // - // 1. The Authorization header using the `Bearer schema - // `_. Example:: + // 1. The Authorization header using the [Bearer schema](https://datatracker.ietf.org/doc/html/rfc6750#section-2.1). Example:: // // Authorization: Bearer . // - // 2. `access_token `_ query parameter. + // 2. [access_token](https://datatracker.ietf.org/doc/html/rfc6750#section-2.3) query parameter. // // Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations // its provider specified or from the default locations. @@ -129,7 +128,7 @@ type JwtProvider struct { // // can be used to extract token from header:: // - // ``x-goog-iap-jwt-assertion: ``. + // `x-goog-iap-jwt-assertion: `. FromHeaders []*JwtHeader `protobuf:"bytes,6,rep,name=from_headers,json=fromHeaders,proto3" json:"from_headers,omitempty"` // JWT is sent in a query parameter. `jwt_params` represents the query parameter names. // @@ -1200,8 +1199,7 @@ type JwtAuthentication struct { // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRules *FilterStateRule `protobuf:"bytes,3,opt,name=filter_state_rules,json=filterStateRules,proto3" json:"filter_state_rules,omitempty"` - // When set to true, bypass the `CORS preflight request - // `_ regardless of JWT + // When set to true, bypass the [CORS preflight request](http://www.w3.org/TR/cors/#cross-origin-request-with-preflight) regardless of JWT // requirements specified in the rules. BypassCorsPreflight bool `protobuf:"varint,4,opt,name=bypass_cors_preflight,json=bypassCorsPreflight,proto3" json:"bypass_cors_preflight,omitempty"` // A map of unique requirement_names to JwtRequirements. diff --git a/projects/gloo/pkg/api/external/envoy/type/matcher/v3/regex.pb.go b/projects/gloo/pkg/api/external/envoy/type/matcher/v3/regex.pb.go index 52ddf5cd33c..d56069c7225 100644 --- a/projects/gloo/pkg/api/external/envoy/type/matcher/v3/regex.pb.go +++ b/projects/gloo/pkg/api/external/envoy/type/matcher/v3/regex.pb.go @@ -124,10 +124,9 @@ type RegexMatchAndSubstitute struct { // subject string during a substitution operation to produce a new string. // Capture groups in the pattern can be referenced in the substitution // string. Note, however, that the syntax for referring to capture groups is - // defined by the chosen regular expression engine. Google's `RE2 - // `_ regular expression engine uses a + // defined by the chosen regular expression engine. Google's [RE2](https://github.com/google/re2) regular expression engine uses a // backslash followed by the capture group number to denote a numbered - // capture group. E.g., “\1“ refers to capture group 1, and “\2“ refers + // capture group. E.g., `\1` refers to capture group 1, and `\2` refers // to capture group 2. Substitution string `protobuf:"bytes,2,opt,name=substitution,proto3" json:"substitution,omitempty"` } @@ -178,8 +177,8 @@ func (x *RegexMatchAndSubstitute) GetSubstitution() string { return "" } -// Google's `RE2 `_ regex engine. The regex string must adhere to -// the documented `syntax `_. The engine is designed +// Google's [RE2](https://github.com/google/re2) regex engine. The regex string must adhere to +// the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed // to complete execution in linear time as well as limit the amount of memory used. // // Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` diff --git a/projects/gloo/pkg/api/external/envoy/type/metadata/v3/metadata.pb.go b/projects/gloo/pkg/api/external/envoy/type/metadata/v3/metadata.pb.go index da825a39c36..87b05ab00ac 100644 --- a/projects/gloo/pkg/api/external/envoy/type/metadata/v3/metadata.pb.go +++ b/projects/gloo/pkg/api/external/envoy/type/metadata/v3/metadata.pb.go @@ -25,7 +25,7 @@ const ( ) // MetadataKey provides a general interface using `key` and `path` to retrieve value from -// :ref:`Metadata `. +// Metadata. // // For example, for the following Metadata: // @@ -55,7 +55,7 @@ type MetadataKey struct { // Typically, it represents a builtin subsystem or custom extension. Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` // The path to retrieve the Value from the Struct. It can be a prefix or a full path, - // e.g. “[prop, xyz]“ for a struct or “[prop, foo]“ for a string in the example, + // e.g. `[prop, xyz]` for a struct or `[prop, foo]` for a string in the example, // which depends on the particular scenario. // // Note: Due to that only the key type segment is supported, the path can not specify a list diff --git a/projects/gloo/pkg/api/external/envoy/type/tracing/v3/custom_tag.pb.go b/projects/gloo/pkg/api/external/envoy/type/tracing/v3/custom_tag.pb.go index 26a1036edfa..7425b863ff6 100644 --- a/projects/gloo/pkg/api/external/envoy/type/tracing/v3/custom_tag.pb.go +++ b/projects/gloo/pkg/api/external/envoy/type/tracing/v3/custom_tag.pb.go @@ -321,9 +321,9 @@ func (x *CustomTag_Header) GetDefaultValue() string { } // Metadata type custom tag using -// :ref:`MetadataKey ` to retrieve the protobuf value -// from :ref:`Metadata `, and populate the tag value with -// `the canonical JSON `_ +// MetadataKey to retrieve the protobuf value +// from Metadata, and populate the tag value with +// [the canonical JSON](https://developers.google.com/protocol-buffers/docs/proto3#json) // representation of it. type CustomTag_Metadata struct { state protoimpl.MessageState diff --git a/projects/gloo/pkg/api/v1/core/matchers/matchers.pb.go b/projects/gloo/pkg/api/v1/core/matchers/matchers.pb.go index 8f11f7be49b..6bf824c7e37 100644 --- a/projects/gloo/pkg/api/v1/core/matchers/matchers.pb.go +++ b/projects/gloo/pkg/api/v1/core/matchers/matchers.pb.go @@ -169,8 +169,7 @@ type Matcher_Regex struct { // If specified, the route is a regular expression rule meaning that the // regex must match the *:path* header once the query string is removed. The entire path // (without the query string) must match the regex. The rule will not match if only a - // sub-sequence of the *:path* header matches the regex. The regex grammar is defined `here - // `_. + // sub-sequence of the *:path* header matches the regex. The regex grammar is defined [here](http://en.cppreference.com/w/cpp/regex/ecmascript). // // Examples:
// @@ -224,7 +223,7 @@ type HeaderMatcher struct { // Examples: // * name=foo, invert_match=true: matches if no header named `foo` is present // * name=foo, value=bar, invert_match=true: matches if no header named `foo` with value `bar` is present - // * name=foo, value=“\d{3}“, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present + // * name=foo, value=`\d{3}`, regex=true, invert_match=true: matches if no header named `foo` with a value consisting of three integers is present InvertMatch bool `protobuf:"varint,4,opt,name=invert_match,json=invertMatch,proto3" json:"invert_match,omitempty"` } diff --git a/projects/gloo/pkg/api/v1/enterprise/options/extproc/extproc.pb.go b/projects/gloo/pkg/api/v1/enterprise/options/extproc/extproc.pb.go index cd7634696ae..51d6cfa074a 100644 --- a/projects/gloo/pkg/api/v1/enterprise/options/extproc/extproc.pb.go +++ b/projects/gloo/pkg/api/v1/enterprise/options/extproc/extproc.pb.go @@ -129,9 +129,9 @@ type Settings struct { // ext_proc service as an opaque *protobuf::Struct*. MetadataContextNamespaces []string `protobuf:"bytes,16,rep,name=metadata_context_namespaces,json=metadataContextNamespaces,proto3" json:"metadata_context_namespaces,omitempty"` // Specifies a list of metadata namespaces whose values, if present, will be passed to the - // ext_proc service. :ref:`typed_filter_metadata ` is passed as an “protobuf::Any“. + // ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. // - // It works in a way similar to “metadata_context_namespaces“ but allows envoy and external processing server to share the protobuf message definition + // It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition // in order to do a safe parsing. TypedMetadataContextNamespaces []string `protobuf:"bytes,17,rep,name=typed_metadata_context_namespaces,json=typedMetadataContextNamespaces,proto3" json:"typed_metadata_context_namespaces,omitempty"` } @@ -491,9 +491,9 @@ type Overrides struct { // ext_proc service as an opaque *protobuf::Struct*. MetadataContextNamespaces []string `protobuf:"bytes,6,rep,name=metadata_context_namespaces,json=metadataContextNamespaces,proto3" json:"metadata_context_namespaces,omitempty"` // Specifies a list of metadata namespaces whose values, if present, will be passed to the - // ext_proc service. :ref:`typed_filter_metadata ` is passed as an “protobuf::Any“. + // ext_proc service. typed_filter_metadata is passed as an `protobuf::Any`. // - // It works in a way similar to “metadata_context_namespaces“ but allows envoy and external processing server to share the protobuf message definition + // It works in a way similar to `metadata_context_namespaces` but allows envoy and external processing server to share the protobuf message definition // in order to do a safe parsing. TypedMetadataContextNamespaces []string `protobuf:"bytes,7,rep,name=typed_metadata_context_namespaces,json=typedMetadataContextNamespaces,proto3" json:"typed_metadata_context_namespaces,omitempty"` } diff --git a/projects/gloo/pkg/api/v1/enterprise/options/graphql/v1beta1/graphql.pb.go b/projects/gloo/pkg/api/v1/enterprise/options/graphql/v1beta1/graphql.pb.go index ec1fc0e6f6f..346047f1bd1 100644 --- a/projects/gloo/pkg/api/v1/enterprise/options/graphql/v1beta1/graphql.pb.go +++ b/projects/gloo/pkg/api/v1/enterprise/options/graphql/v1beta1/graphql.pb.go @@ -448,14 +448,14 @@ type isGrpcDescriptorRegistry_DescriptorSet interface { type GrpcDescriptorRegistry_ProtoDescriptor struct { // Supplies the filename of - // :ref:`the proto descriptor set ` for the gRPC + // the proto descriptor set for the gRPC // services. ProtoDescriptor string `protobuf:"bytes,1,opt,name=proto_descriptor,json=protoDescriptor,proto3,oneof"` } type GrpcDescriptorRegistry_ProtoDescriptorBin struct { // Supplies the binary content of - // :ref:`the proto descriptor set ` for the gRPC + // the proto descriptor set for the gRPC // services. // Note: in yaml, this must be provided as a base64 standard encoded string; yaml cannot handle binary bytes ProtoDescriptorBin []byte `protobuf:"bytes,2,opt,name=proto_descriptor_bin,json=protoDescriptorBin,proto3,oneof"` diff --git a/projects/gloo/pkg/api/v1/failover.pb.go b/projects/gloo/pkg/api/v1/failover.pb.go index 632dee53669..dc6348e9227 100644 --- a/projects/gloo/pkg/api/v1/failover.pb.go +++ b/projects/gloo/pkg/api/v1/failover.pb.go @@ -287,9 +287,8 @@ type Locality struct { // Region this zone belongs to. Region string `protobuf:"bytes,1,opt,name=region,proto3" json:"region,omitempty"` // Defines the local service zone where Envoy is running. The meaning of zone - // is context dependent, e.g. `Availability Zone (AZ) - // `_ - // on AWS, `Zone `_ on + // is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) + // on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on // GCP, etc. Zone string `protobuf:"bytes,2,opt,name=zone,proto3" json:"zone,omitempty"` // When used for locality of upstream hosts, this field further splits zone @@ -415,8 +414,8 @@ type Failover_Policy struct { // // { "overprovisioning_factor": 100 } // - // Read more at :ref:`priority levels ` and - // :ref:`localities `. + // Read more at priority levels and + // localities. OverprovisioningFactor *wrappers.UInt32Value `protobuf:"bytes,1,opt,name=overprovisioning_factor,json=overprovisioningFactor,proto3" json:"overprovisioning_factor,omitempty"` } diff --git a/projects/gloo/pkg/api/v1/load_balancer.pb.go b/projects/gloo/pkg/api/v1/load_balancer.pb.go index 50657a044bd..eb35a5e4995 100644 --- a/projects/gloo/pkg/api/v1/load_balancer.pb.go +++ b/projects/gloo/pkg/api/v1/load_balancer.pb.go @@ -523,8 +523,8 @@ type LoadBalancerConfig_SlowStartConfig struct { // By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve. // // During slow start window, effective weight of an endpoint would be scaled with time factor and aggression: - // “new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))“, - // where “time_factor=(time_since_start_seconds / slow_start_time_seconds)“. + // `new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))`, + // where `time_factor=(time_since_start_seconds / slow_start_time_seconds)`. // // As time progresses, more and more traffic would be sent to endpoint, which is in slow start window. // Once host exits slow start, time_factor and aggression no longer affect its weight. diff --git a/projects/gloo/pkg/api/v1/options/als/als.pb.go b/projects/gloo/pkg/api/v1/options/als/als.pb.go index b2d3bdb9825..0232a5a2f59 100644 --- a/projects/gloo/pkg/api/v1/options/als/als.pb.go +++ b/projects/gloo/pkg/api/v1/options/als/als.pb.go @@ -960,7 +960,7 @@ type RuntimeFilter struct { unknownFields protoimpl.UnknownFields // Runtime key to get an optional overridden numerator for use in the - // “percent_sampled“ field. If found in runtime, this value will replace the + // `percent_sampled` field. If found in runtime, this value will replace the // default numerator. RuntimeKey string `protobuf:"bytes,1,opt,name=runtime_key,json=runtimeKey,proto3" json:"runtime_key,omitempty"` // The default sampling percentage. If not specified, defaults to 0% with @@ -972,9 +972,9 @@ type RuntimeFilter struct { // is present, the filter will consistently sample across multiple hosts based // on the runtime key value and the value extracted from // :ref:`x-request-id`. If it is - // missing, or “use_independent_randomness“ is set to true, the filter will + // missing, or `use_independent_randomness` is set to true, the filter will // randomly sample based on the runtime key value alone. - // “use_independent_randomness“ can be used for logging kill switches within + // `use_independent_randomness` can be used for logging kill switches within // complex nested :ref:`AndFilter // ` and :ref:`OrFilter // ` blocks that are easier to diff --git a/projects/gloo/pkg/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.pb.go b/projects/gloo/pkg/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.pb.go index e69e17add38..f4eb5a4916c 100644 --- a/projects/gloo/pkg/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.pb.go +++ b/projects/gloo/pkg/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.pb.go @@ -252,19 +252,19 @@ type DnsCacheConfig struct { // The TTL for hosts that are unused. Hosts that have not been used in the configured time // interval will be purged. If not specified defaults to 5m. // - // .. note: + // **Note**: // // The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This // means that if the configured TTL is shorter than the refresh rate the host may not be removed // immediately. // - // .. note: + // **Note**: // // The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage. HostTtl *duration.Duration `protobuf:"bytes,4,opt,name=host_ttl,json=hostTtl,proto3" json:"host_ttl,omitempty"` // The maximum number of hosts that the cache will hold. If not specified defaults to 1024. // - // .. note: + // **Note**: // // The implementation is approximate and enforced independently on each worker thread, thus // it is possible for the maximum hosts in the cache to go slightly above the configured @@ -425,12 +425,12 @@ type RefreshRate struct { // Specifies the base interval between refreshes. This parameter is required and must be greater // than 1ms and less than - // :ref:`max_interval `. + // max_interval. BaseInterval *duration.Duration `protobuf:"bytes,1,opt,name=base_interval,json=baseInterval,proto3" json:"base_interval,omitempty"` // Specifies the maximum interval between refreshes. This parameter is optional, but must be // greater than or equal to the - // :ref:`base_interval ` if set. The default - // is 10 times the :ref:`base_interval `. + // base_interval if set. The default + // is 10 times the base_interval. MaxInterval *duration.Duration `protobuf:"bytes,2,opt,name=max_interval,json=maxInterval,proto3" json:"max_interval,omitempty"` } @@ -557,7 +557,7 @@ type PerRouteConfig_HostRewrite struct { // // Note: this rewrite affects both DNS lookup and host header forwarding. However, this // option shouldn't be used with - // :ref:`HCM host rewrite ` given that the + // HCM host rewrite given that the // value set here would be used for DNS lookups whereas the value set in the HCM would be used // for host header forwarding which is not the desired outcome. HostRewrite string `protobuf:"bytes,1,opt,name=host_rewrite,json=hostRewrite,proto3,oneof"` @@ -574,7 +574,7 @@ type PerRouteConfig_AutoHostRewriteHeader struct { // given that the value set here would be used for DNS lookups whereas the value set in the HCM // would be used for host header forwarding which is not the desired outcome. // - // .. note:: + // **Note**: // // If the header appears multiple times only the first value is used. AutoHostRewriteHeader string `protobuf:"bytes,2,opt,name=auto_host_rewrite_header,json=autoHostRewriteHeader,proto3,oneof"` diff --git a/projects/gloo/pkg/api/v1/options/grpc_json/grpc_json.pb.go b/projects/gloo/pkg/api/v1/options/grpc_json/grpc_json.pb.go index bf7ec1fbf87..d8d5394b16c 100644 --- a/projects/gloo/pkg/api/v1/options/grpc_json/grpc_json.pb.go +++ b/projects/gloo/pkg/api/v1/options/grpc_json/grpc_json.pb.go @@ -40,13 +40,12 @@ type GrpcJsonTranscoder struct { DescriptorSet isGrpcJsonTranscoder_DescriptorSet `protobuf_oneof:"descriptor_set"` // A list of strings that // supplies the fully qualified service names (i.e. "package_name.service_name") that - // the transcoder will translate. If the service name doesn't exist in “proto_descriptor“, - // Envoy will fail at startup. The “proto_descriptor“ may contain more services than + // the transcoder will translate. If the service name doesn't exist in `proto_descriptor`, + // Envoy will fail at startup. The `proto_descriptor` may contain more services than // the service names specified here, but they won't be translated. Services []string `protobuf:"bytes,2,rep,name=services,proto3" json:"services,omitempty"` // Control options for response JSON. These options are passed directly to - // `JsonPrintOptions `_. + // [JsonPrintOptions](https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.util.json_util#JsonPrintOptions). PrintOptions *GrpcJsonTranscoder_PrintOptions `protobuf:"bytes,3,opt,name=print_options,json=printOptions,proto3" json:"print_options,omitempty"` // Set this value to true to keep the incoming request route after the outgoing headers are transformed to match the upstream gRPC service. // Note that you cannot set this value to true with routes for gRPC services that are not transcoded. @@ -75,11 +74,11 @@ type GrpcJsonTranscoder struct { // // message Shelf {} // - // The request “/shelves/100?foo=bar“ will not be mapped to “GetShelf``` because variable - // binding for “foo“ is not defined. Adding “foo“ to “ignored_query_parameters“ will allow - // the same request to be mapped to “GetShelf“. + // The request `/shelves/100?foo=bar` will not be mapped to `GetShelf` because variable + // binding for `foo` is not defined. Adding `foo` to `ignored_query_parameters` will allow + // the same request to be mapped to `GetShelf`. IgnoredQueryParameters []string `protobuf:"bytes,6,rep,name=ignored_query_parameters,json=ignoredQueryParameters,proto3" json:"ignored_query_parameters,omitempty"` - // Whether to route methods without the “google.api.http“ option. + // Whether to route methods without the `google.api.http` option. // // Example : // @@ -97,20 +96,20 @@ type GrpcJsonTranscoder struct { // // message Shelf {} // - // The client could “post“ a json body “{"shelf": 1234}“ with the path of - // “/bookstore.Bookstore/GetShelfRequest“ to call “GetShelfRequest“. + // The client could `post` a json body `{"shelf": 1234}` with the path of + // `/bookstore.Bookstore/GetShelfRequest` to call `GetShelfRequest`. AutoMapping bool `protobuf:"varint,7,opt,name=auto_mapping,json=autoMapping,proto3" json:"auto_mapping,omitempty"` // Whether to ignore query parameters that cannot be mapped to a corresponding // protobuf field. Use this if you cannot control the query parameters and do - // not know them beforehand. Otherwise use “ignored_query_parameters“. + // not know them beforehand. Otherwise use `ignored_query_parameters`. // Defaults to false. IgnoreUnknownQueryParameters bool `protobuf:"varint,8,opt,name=ignore_unknown_query_parameters,json=ignoreUnknownQueryParameters,proto3" json:"ignore_unknown_query_parameters,omitempty"` // Whether to convert gRPC status headers to JSON. - // When trailer indicates a gRPC error and there was no HTTP body, take “google.rpc.Status“ - // from the “grpc-status-details-bin“ header and use it as JSON body. - // If there was no such header, make “google.rpc.Status“ out of the “grpc-status“ and - // “grpc-message“ headers. - // The error details types must be present in the “proto_descriptor“. + // When trailer indicates a gRPC error and there was no HTTP body, take `google.rpc.Status` + // from the `grpc-status-details-bin` header and use it as JSON body. + // If there was no such header, make `google.rpc.Status` out of the `grpc-status` and + // `grpc-message` headers. + // The error details types must be present in the `proto_descriptor`. // // For example, if an upstream server replies with headers: // @@ -120,8 +119,8 @@ type GrpcJsonTranscoder struct { // grpc-status-details-bin: // CAUaMwoqdHlwZS5nb29nbGVhcGlzLmNvbS9nb29nbGUucnBjLlJlcXVlc3RJbmZvEgUKA3ItMQ // - // The “grpc-status-details-bin“ header contains a base64-encoded protobuf message - // “google.rpc.Status“. It will be transcoded into: + // The `grpc-status-details-bin` header contains a base64-encoded protobuf message + // `google.rpc.Status`. It will be transcoded into: // // .. code-block:: none // @@ -130,9 +129,9 @@ type GrpcJsonTranscoder struct { // // {"code":5,"details":[{"@type":"type.googleapis.com/google.rpc.RequestInfo","requestId":"r-1"}]} // - // In order to transcode the message, the ``google.rpc.RequestInfo`` type from - // the ``google/rpc/error_details.proto`` should be included in the configured - // :ref:`proto descriptor set `. + // In order to transcode the message, the `google.rpc.RequestInfo` type from + // the `google/rpc/error_details.proto` should be included in the configured + // proto descriptor set. ConvertGrpcStatus bool `protobuf:"varint,9,opt,name=convert_grpc_status,json=convertGrpcStatus,proto3" json:"convert_grpc_status,omitempty"` } @@ -292,7 +291,7 @@ type GrpcJsonTranscoder_PrintOptions struct { // as strings. Defaults to false. AlwaysPrintEnumsAsInts bool `protobuf:"varint,3,opt,name=always_print_enums_as_ints,json=alwaysPrintEnumsAsInts,proto3" json:"always_print_enums_as_ints,omitempty"` // Whether to preserve proto field names. By default protobuf will - // generate JSON field names using the “json_name“ option, or lower camel case, + // generate JSON field names using the `json_name` option, or lower camel case, // in that order. Setting this flag will preserve the original field names. Defaults to false. PreserveProtoFieldNames bool `protobuf:"varint,4,opt,name=preserve_proto_field_names,json=preserveProtoFieldNames,proto3" json:"preserve_proto_field_names,omitempty"` } diff --git a/projects/gloo/pkg/api/v1/options/protocol/protocol.pb.go b/projects/gloo/pkg/api/v1/options/protocol/protocol.pb.go index 66d9da77c56..fc705cbe9b6 100644 --- a/projects/gloo/pkg/api/v1/options/protocol/protocol.pb.go +++ b/projects/gloo/pkg/api/v1/options/protocol/protocol.pb.go @@ -99,7 +99,7 @@ type HttpProtocolOptions struct { // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. // If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0. // - // .. warning:: + // **Warning**: // // Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP // FIN packets, etc. @@ -294,7 +294,7 @@ type Http2ProtocolOptions struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - // `Maximum concurrent streams `_ + // [Maximum concurrent streams](https://httpwg.org/specs/rfc7540.html#rfc.section.5.1.2) // allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1) // and defaults to 2147483647. // @@ -306,8 +306,7 @@ type Http2ProtocolOptions struct { // connection based on upstream settings. Config dumps will reflect the configured upper bound, // not the per-connection negotiated limits. MaxConcurrentStreams *wrappers.UInt32Value `protobuf:"bytes,2,opt,name=max_concurrent_streams,json=maxConcurrentStreams,proto3" json:"max_concurrent_streams,omitempty"` - // `Initial stream-level flow-control window - // `_ size. Valid values range from 65535 + // [Initial stream-level flow-control window](https://httpwg.org/specs/rfc7540.html#rfc.section.6.9.2) size. Valid values range from 65535 // (2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456 // (256 * 1024 * 1024). // @@ -328,7 +327,7 @@ type Http2ProtocolOptions struct { // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // - // See `RFC7540, sec. 8.1 `_ for details. + // See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. OverrideStreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,14,opt,name=override_stream_error_on_invalid_http_message,json=overrideStreamErrorOnInvalidHttpMessage,proto3" json:"override_stream_error_on_invalid_http_message,omitempty"` } diff --git a/projects/gloo/pkg/api/v1/options/proxy_protocol/proxy_protocol.pb.go b/projects/gloo/pkg/api/v1/options/proxy_protocol/proxy_protocol.pb.go index 4f854150ade..1d7029089e3 100644 --- a/projects/gloo/pkg/api/v1/options/proxy_protocol/proxy_protocol.pb.go +++ b/projects/gloo/pkg/api/v1/options/proxy_protocol/proxy_protocol.pb.go @@ -32,7 +32,7 @@ type ProxyProtocol struct { Rules []*ProxyProtocol_Rule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"` // Allow requests through that don't use proxy protocol. Defaults to false. // - // .. attention:: + // **Attention**: // // The true setting is only honored in Gloo Gateway Enterprise. // This breaks conformance with the specification. @@ -152,8 +152,7 @@ type ProxyProtocol_Rule struct { unknownFields protoimpl.UnknownFields // The type that triggers the rule - required - // TLV type is defined as uint8_t in proxy protocol. See `the spec - // `_ for details. + // TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. TlvType uint32 `protobuf:"varint,1,opt,name=tlv_type,json=tlvType,proto3" json:"tlv_type,omitempty"` // If the TLV type is present, apply this metadata KeyValuePair. OnTlvPresent *ProxyProtocol_KeyValuePair `protobuf:"bytes,2,opt,name=on_tlv_present,json=onTlvPresent,proto3" json:"on_tlv_present,omitempty"` diff --git a/projects/gloo/pkg/api/v1/proxy.pb.go b/projects/gloo/pkg/api/v1/proxy.pb.go index d3c68c7c61b..5edb943b585 100644 --- a/projects/gloo/pkg/api/v1/proxy.pb.go +++ b/projects/gloo/pkg/api/v1/proxy.pb.go @@ -2062,22 +2062,22 @@ type RedirectAction_RegexRewrite struct { // Only one of :ref:`prefix_rewrite ` // or *regex_rewrite* may be specified. // - // Examples using Google's `RE2 `_ engine: + // Examples using Google's [RE2](https://github.com/google/re2) engine: // - // - The path pattern “^/service/([^/]+)(/.*)$“ paired with a substitution - // string of “\2/instance/\1“ would transform “/service/foo/v1/api“ - // into “/v1/api/instance/foo“. + // - The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution + // string of `\2/instance/\1` would transform `/service/foo/v1/api` + // into `/v1/api/instance/foo`. // - // - The pattern “one“ paired with a substitution string of “two“ would - // transform “/xxx/one/yyy/one/zzz“ into “/xxx/two/yyy/two/zzz“. + // - The pattern `one` paired with a substitution string of `two` would + // transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. // - // - The pattern “^(.*?)one(.*)$“ paired with a substitution string of - // “\1two\2“ would replace only the first occurrence of “one“, - // transforming path “/xxx/one/yyy/one/zzz“ into “/xxx/two/yyy/one/zzz“. + // - The pattern `^(.*?)one(.*)$` paired with a substitution string of + // `\1two\2` would replace only the first occurrence of `one`, + // transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. // - // - The pattern “(?i)/xxx/“ paired with a substitution string of “/yyy/“ - // would do a case-insensitive match and transform path “/aaa/XxX/bbb“ to - // “/aaa/yyy/bbb“. + // - The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` + // would do a case-insensitive match and transform path `/aaa/XxX/bbb` to + // `/aaa/yyy/bbb`. RegexRewrite *v31.RegexMatchAndSubstitute `protobuf:"bytes,32,opt,name=regex_rewrite,json=regexRewrite,proto3,oneof"` } diff --git a/projects/gloo/pkg/api/v1/upstream.pb.go b/projects/gloo/pkg/api/v1/upstream.pb.go index 7b6131c2f03..4b27da620c6 100644 --- a/projects/gloo/pkg/api/v1/upstream.pb.go +++ b/projects/gloo/pkg/api/v1/upstream.pb.go @@ -41,7 +41,7 @@ type Upstream_ClusterProtocolSelection int32 const ( // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). - // If :ref:`http2_protocol_options ` are + // If http2_protocol_options are // present, HTTP2 will be used, otherwise HTTP1.1 will be used. Upstream_USE_CONFIGURED_PROTOCOL Upstream_ClusterProtocolSelection = 0 // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. @@ -163,7 +163,7 @@ type Upstream struct { // This overrides any HCM :ref:`stream_error_on_invalid_http_messaging // ` // - // See `RFC7540, sec. 8.1 `_ for details. + // See [RFC7540, sec. 8.1](https://datatracker.ietf.org/doc/html/rfc7540#section-8.1) for details. OverrideStreamErrorOnInvalidHttpMessage *wrappers.BoolValue `protobuf:"bytes,26,opt,name=override_stream_error_on_invalid_http_message,json=overrideStreamErrorOnInvalidHttpMessage,proto3" json:"override_stream_error_on_invalid_http_message,omitempty"` // Tells envoy that the upstream is an HTTP proxy (e.g., another proxy in a DMZ) that supports HTTP Connect. // This configuration sets the hostname used as part of the HTTP Connect request. @@ -672,7 +672,7 @@ type PreconnectPolicy struct { // Indicates how many streams (rounded up) can be anticipated across a cluster for each // stream, useful for low QPS services. This is currently supported for a subset of // deterministic non-hash-based load-balancing algorithms (weighted round robin, random). - // Unlike “per_upstream_preconnect_ratio“ this preconnects across the upstream instances in a + // Unlike `per_upstream_preconnect_ratio` this preconnects across the upstream instances in a // cluster, doing best effort predictions of what upstream would be picked next and // pre-establishing a connection. //