Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

s2a: Add gRPC S2A #11113

Merged
merged 28 commits into from
Sep 14, 2024
Merged
Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
42cd3e8
add s2a java client.
rmehta19 Apr 25, 2024
739ee23
update to use gRPC Authors with copyright.
rmehta19 Apr 29, 2024
72630d8
S2AChannelPool returnChannel --> returnToPool name change.
rmehta19 Apr 29, 2024
46691df
add s2a to sync-protos script.
rmehta19 Apr 29, 2024
44fe552
S2AGrpcChannelPool remove unnecessary state check.
rmehta19 Apr 29, 2024
2dd1c7e
update proto package to grpc.gcp.s2a.
rmehta19 Apr 29, 2024
d1f413b
ConnectionIsClosedException --> ConnectionClosedException.
rmehta19 Apr 29, 2024
f94cc10
identity() --> getIdentity().
rmehta19 Apr 29, 2024
217a3e4
annotate S2AChannelCredentials.Builder with NotThreadSafe.
rmehta19 Apr 29, 2024
b35f145
add values entered when generating certs.
rmehta19 Apr 30, 2024
f47c560
remove JCommander dependency.
rmehta19 Apr 30, 2024
50b7366
Committing to resolve merge conflicts when syncing.
rmehta19 Sep 9, 2024
1d41d10
Migrate away from deprecated functions.
rmehta19 Sep 9, 2024
35084af
Remove logging before errors thrown in S2AStub.
rmehta19 Sep 9, 2024
da330cd
Build set of TLS versions from S2Av2's GetTlsConfigResp.
rmehta19 Sep 9, 2024
655f0bd
S2AStub uses withWaitForReady.
rmehta19 Sep 9, 2024
3184cdc
Don't block on SslContext creation in Java S2A client.
rmehta19 Sep 9, 2024
f96d395
use javax.annotation.Nullable in S2AProtocolNegotiatorFactory.
rmehta19 Sep 9, 2024
38b0a3a
getChannel() doesn't block.
rmehta19 Sep 12, 2024
12586b1
Remove unnecessary local variable in getAuthMechanism.
rmehta19 Sep 12, 2024
08f8342
Invert if statement in ProtoUtil to improve readability.
rmehta19 Sep 12, 2024
7f26712
Check localIdentity is null before setting it.
rmehta19 Sep 12, 2024
19583a7
Check hostname not null or empty.
rmehta19 Sep 12, 2024
3198eec
Change channelRead argument ctx to unused.
rmehta19 Sep 12, 2024
0e059e4
Remove unnecessary waitForReady() in IntegrationTest.
rmehta19 Sep 12, 2024
b021a21
Push down the creation of Optional<S2AIdentity> until S2AProtocolNego…
rmehta19 Sep 12, 2024
752627a
Wait for servers to be terminated in tearDown in IntegrationTest.java.
rmehta19 Sep 13, 2024
a8cacb0
mark unused ctx in channelReadComplete.
rmehta19 Sep 13, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions MODULE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ IO_GRPC_GRPC_JAVA_ARTIFACTS = [
"io.perfmark:perfmark-api:0.27.0",
"junit:junit:4.13.2",
"org.apache.tomcat:annotations-api:6.0.53",
"org.checkerframework:checker-qual:3.12.0",
"org.codehaus.mojo:animal-sniffer-annotations:1.24",
]
# GRPC_DEPS_END
Expand Down
2 changes: 1 addition & 1 deletion buildscripts/sync-protos.sh
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ curl -Ls https://github.com/grpc/grpc-proto/archive/master.tar.gz | tar xz -C "$
base="$tmpdir/grpc-proto-master"

# Copy protos in 'src/main/proto' from grpc-proto for these projects
for project in alts grpclb services rls interop-testing; do
for project in alts grpclb services s2a rls interop-testing; do
while read -r proto; do
[ -f "$base/$proto" ] && cp "$base/$proto" "$project/src/main/proto/$proto"
echo "$proto"
Expand Down
2 changes: 2 additions & 0 deletions repositories.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ IO_GRPC_GRPC_JAVA_ARTIFACTS = [
"io.perfmark:perfmark-api:0.27.0",
"junit:junit:4.13.2",
"org.apache.tomcat:annotations-api:6.0.53",
"org.checkerframework:checker-qual:3.12.0",
"org.codehaus.mojo:animal-sniffer-annotations:1.24",
]
# GRPC_DEPS_END
Expand Down Expand Up @@ -80,6 +81,7 @@ IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS = {
"io.grpc:grpc-rls": "@io_grpc_grpc_java//rls",
"io.grpc:grpc-services": "@io_grpc_grpc_java//services:services_maven",
"io.grpc:grpc-stub": "@io_grpc_grpc_java//stub",
"io.grpc:grpc-s2a": "@io_grpc_grpc_java//s2a",
"io.grpc:grpc-testing": "@io_grpc_grpc_java//testing",
"io.grpc:grpc-xds": "@io_grpc_grpc_java//xds:xds_maven",
"io.grpc:grpc-util": "@io_grpc_grpc_java//util",
Expand Down
194 changes: 194 additions & 0 deletions s2a/BUILD.bazel
Original file line number Diff line number Diff line change
@@ -0,0 +1,194 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("//:java_grpc_library.bzl", "java_grpc_library")
load("@rules_jvm_external//:defs.bzl", "artifact")

java_library(
name = "s2a_channel_pool",
srcs = glob([
"src/main/java/io/grpc/s2a/channel/*.java",
]),
deps = [
"//api",
"//core",
"//core:internal",
"//netty",
artifact("com.google.code.findbugs:jsr305"),
artifact("com.google.errorprone:error_prone_annotations"),
artifact("com.google.guava:guava"),
artifact("org.checkerframework:checker-qual"),
artifact("io.netty:netty-common"),
artifact("io.netty:netty-transport"),
],
)

java_library(
name = "s2a_identity",
srcs = ["src/main/java/io/grpc/s2a/handshaker/S2AIdentity.java"],
deps = [
":common_java_proto",
artifact("com.google.errorprone:error_prone_annotations"),
artifact("com.google.guava:guava"),
],
)

java_library(
name = "token_fetcher",
srcs = ["src/main/java/io/grpc/s2a/handshaker/tokenmanager/TokenFetcher.java"],
deps = [
":s2a_identity",
],
)

java_library(
name = "access_token_manager",
srcs = [
"src/main/java/io/grpc/s2a/handshaker/tokenmanager/AccessTokenManager.java",
],
deps = [
":s2a_identity",
":token_fetcher",
artifact("com.google.code.findbugs:jsr305"),
],
)

java_library(
name = "single_token_fetcher",
srcs = [
"src/main/java/io/grpc/s2a/handshaker/tokenmanager/SingleTokenFetcher.java",
],
deps = [
":s2a_identity",
":token_fetcher",
artifact("com.google.guava:guava"),
],
)

java_library(
name = "s2a_handshaker",
srcs = [
"src/main/java/io/grpc/s2a/handshaker/ConnectionClosedException.java",
"src/main/java/io/grpc/s2a/handshaker/GetAuthenticationMechanisms.java",
"src/main/java/io/grpc/s2a/handshaker/ProtoUtil.java",
"src/main/java/io/grpc/s2a/handshaker/S2AConnectionException.java",
"src/main/java/io/grpc/s2a/handshaker/S2APrivateKeyMethod.java",
"src/main/java/io/grpc/s2a/handshaker/S2AProtocolNegotiatorFactory.java",
"src/main/java/io/grpc/s2a/handshaker/S2AStub.java",
"src/main/java/io/grpc/s2a/handshaker/S2ATrustManager.java",
"src/main/java/io/grpc/s2a/handshaker/SslContextFactory.java",
],
deps = [
":access_token_manager",
":common_java_proto",
":s2a_channel_pool",
":s2a_identity",
":s2a_java_proto",
":s2a_java_grpc_proto",
":single_token_fetcher",
"//api",
"//core:internal",
"//netty",
"//stub",
artifact("com.google.code.findbugs:jsr305"),
artifact("com.google.errorprone:error_prone_annotations"),
artifact("com.google.guava:guava"),
artifact("org.checkerframework:checker-qual"),
"@com_google_protobuf//:protobuf_java",
artifact("io.netty:netty-common"),
artifact("io.netty:netty-handler"),
artifact("io.netty:netty-transport"),
],
)

java_library(
name = "s2av2_credentials",
srcs = ["src/main/java/io/grpc/s2a/S2AChannelCredentials.java"],
visibility = ["//visibility:public"],
deps = [
":s2a_channel_pool",
":s2a_handshaker",
":s2a_identity",
"//api",
"//core:internal",
"//netty",
artifact("com.google.code.findbugs:jsr305"),
artifact("com.google.errorprone:error_prone_annotations"),
artifact("com.google.guava:guava"),
artifact("org.checkerframework:checker-qual"),
],
)

java_library(
name = "mtls_to_s2av2_credentials",
srcs = ["src/main/java/io/grpc/s2a/MtlsToS2AChannelCredentials.java"],
visibility = ["//visibility:public"],
deps = [
":s2a_channel_pool",
":s2av2_credentials",
"//api",
"//util",
artifact("com.google.guava:guava"),
],
)

# bazel only accepts proto import with absolute path.
genrule(
name = "protobuf_imports",
srcs = glob(["src/main/proto/grpc/gcp/s2a/*.proto"]),
outs = [
"protobuf_out/grpc/gcp/s2a/s2a.proto",
"protobuf_out/grpc/gcp/s2a/s2a_context.proto",
"protobuf_out/grpc/gcp/s2a/common.proto",
],
cmd = "for fname in $(SRCS); do " +
"sed 's,import \",import \"s2a/protobuf_out/,g' $$fname > " +
"$(@D)/protobuf_out/grpc/gcp/s2a/$$(basename $$fname); done",
)

proto_library(
name = "common_proto",
srcs = [
"protobuf_out/grpc/gcp/s2a/common.proto",
],
)

proto_library(
name = "s2a_context_proto",
srcs = [
"protobuf_out/grpc/gcp/s2a/s2a_context.proto",
],
deps = [
":common_proto",
],
)

proto_library(
name = "s2a_proto",
srcs = [
"protobuf_out/grpc/gcp/s2a/s2a.proto",
],
deps = [
":common_proto",
":s2a_context_proto",
],
)

java_proto_library(
name = "s2a_java_proto",
deps = [":s2a_proto"],
)

java_proto_library(
name = "s2a_context_java_proto",
deps = [":s2a_context_proto"],
)

java_proto_library(
name = "common_java_proto",
deps = [":common_proto"],
)

java_grpc_library(
name = "s2a_java_grpc_proto",
srcs = [":s2a_proto"],
deps = [":s2a_java_proto"],
)
151 changes: 151 additions & 0 deletions s2a/build.gradle
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
buildscript {
dependencies {
classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0'
}
}

plugins {
id "java-library"
id "maven-publish"

id "com.github.johnrengelman.shadow"
id "com.google.protobuf"
id "ru.vyarus.animalsniffer"
}

description = "gRPC: S2A"

apply plugin: "com.google.osdetector"

dependencies {

api project(':grpc-api')
implementation project(':grpc-stub'),
project(':grpc-protobuf'),
project(':grpc-core'),
libraries.protobuf.java,
libraries.conscrypt,
libraries.guava.jre // JRE required by protobuf-java-util from grpclb
def nettyDependency = implementation project(':grpc-netty')
compileOnly libraries.javax.annotation

shadow configurations.implementation.getDependencies().minus(nettyDependency)
shadow project(path: ':grpc-netty-shaded', configuration: 'shadow')

testImplementation project(':grpc-benchmarks'),
project(':grpc-testing'),
project(':grpc-testing-proto'),
testFixtures(project(':grpc-core')),
libraries.guava,
libraries.junit,
libraries.mockito.core,
libraries.truth,
libraries.conscrypt,
libraries.netty.transport.epoll

testImplementation 'com.google.truth:truth:1.4.2'
testImplementation 'com.google.truth.extensions:truth-proto-extension:1.4.2'
testImplementation libraries.guava.testlib

testRuntimeOnly libraries.netty.tcnative,
libraries.netty.tcnative.classes
testRuntimeOnly (libraries.netty.tcnative) {
artifact {
classifier = "linux-x86_64"
}
}
testRuntimeOnly (libraries.netty.tcnative) {
artifact {
classifier = "linux-aarch_64"
}
}
testRuntimeOnly (libraries.netty.tcnative) {
artifact {
classifier = "osx-x86_64"
}
}
testRuntimeOnly (libraries.netty.tcnative) {
artifact {
classifier = "osx-aarch_64"
}
}
testRuntimeOnly (libraries.netty.tcnative) {
artifact {
classifier = "windows-x86_64"
}
}
testRuntimeOnly (libraries.netty.transport.epoll) {
artifact {
classifier = "linux-x86_64"
}
}

signature libraries.signature.java
}

tasks.named("compileJava") {
dependsOn(tasks.named("generateProto"))
//dependsOn(tasks.named("syncGeneratedSourcesmain"))
}


tasks.named("sourcesJar") {
dependsOn(tasks.named("generateProto"))
//dependsOn(tasks.named("syncGeneratedSourcesmain"))
}

sourceSets {
main {
//java.srcDirs += "src/generated/main/java"
//java.srcDirs += "src/generated/main/grpc"
}
}
//println sourceSets.main.java.srcDirs
//println sourceSets.test.resources.srcDirs

configureProtoCompilation()

tasks.named("javadoc").configure {
exclude 'io/grpc/s2a/**'
}

tasks.named("jar").configure {
// Must use a different archiveClassifier to avoid conflicting with shadowJar
archiveClassifier = 'original'
manifest {
attributes('Automatic-Module-Name': 'io.grpc.s2a')
}
}

// We want to use grpc-netty-shaded instead of grpc-netty. But we also want our
// source to work with Bazel, so we rewrite the code as part of the build.
tasks.named("shadowJar").configure {
archiveClassifier = null
dependencies {
exclude(dependency {true})
}
relocate 'io.grpc.netty', 'io.grpc.netty.shaded.io.grpc.netty'
relocate 'io.netty', 'io.grpc.netty.shaded.io.netty'
}

publishing {
publications {
maven(MavenPublication) {
// We want this to throw an exception if it isn't working
def originalJar = artifacts.find { dep -> dep.classifier == 'original'}
artifacts.remove(originalJar)

pom.withXml {
def dependenciesNode = new Node(null, 'dependencies')
project.configurations.shadow.allDependencies.each { dep ->
def dependencyNode = dependenciesNode.appendNode('dependency')
dependencyNode.appendNode('groupId', dep.group)
dependencyNode.appendNode('artifactId', dep.name)
dependencyNode.appendNode('version', dep.version)
dependencyNode.appendNode('scope', 'compile')
}
asNode().dependencies[0].replaceNode(dependenciesNode)
}
}
}
}
Loading