Skip to content

xds: Remove feature guarding using env vars for Cloud run CSM #12480

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

xds: Remove feature guarding using env vars for Cloud run CSM #12480

wants to merge 5 commits into from

Conversation

@kannanjgithub
Copy link
Contributor

@kannanjgithub kannanjgithub commented Nov 6, 2025

Removes the following env var usages.
GRPC_EXPERIMENTAL_XDS_SNI
GRPC_EXPERIMENTAL_XDS_AUTHORITY_REWRITE
GRPC_EXPERIMENTAL_XDS_SYSTEM_ROOT_CERTS
GRPC_EXPERIMENTAL_XDS_GCP_AUTHENTICATION_FILTER

@kannanjgithub
Remove feature guarding of the env vars for Cloud run CSM:
98e5ec2 
  GRPC_EXPERIMENTAL_XDS_SNI
  GRPC_EXPERIMENTAL_XDS_AUTHORITY_REWRITE
  GRPC_EXPERIMENTAL_XDS_SYSTEM_ROOT_CERTS
  GRPC_EXPERIMENTAL_XDS_GCP_AUTHENTICATION_FILTER
@kannanjgithub
Remove unused var.
5859f9b
@kannanjgithub
Remove feature guarding of the env vars for Cloud run CSM:
faa3dc0 
  GRPC_EXPERIMENTAL_XDS_SNI
  GRPC_EXPERIMENTAL_XDS_AUTHORITY_REWRITE
  GRPC_EXPERIMENTAL_XDS_SYSTEM_ROOT_CERTS
  GRPC_EXPERIMENTAL_XDS_GCP_AUTHENTICATION_FILTER
@kannanjgithub
fix tests.
2ba9fd9
@kannanjgithub
Fix style
b605ab5
@kannanjgithub kannanjgithub requested a review from ejona86 November 6, 2025 10:58
@ejona86 ejona86 added the TODO:backport PR needs to be backported. Removed after backport complete label Nov 11, 2025
ejona86
ejona86 reviewed Nov 11, 2025
View reviewed changes
Copy link
Member

@ejona86 ejona86 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd feel more comfortable if we left the feature guards in-place and just change their default value. GRPC_EXPERIMENTAL_XDS_GCP_AUTHENTICATION_FILTER isn't really a concern, as any problems discovered there wouldn't be helped by keeping the env variable around. And the tests were already sort of broken.

xds/src/test/java/io/grpc/xds/XdsTestUtils.java
public static final String ENDPOINT_HOSTNAME = "data-host";
public static final int ENDPOINT_PORT = 1234;
static final Bootstrapper.ServerInfo EMPTY_BOOTSTRAPPER_SERVER_INFO =
new Bootstrapper.ServerInfo() {
Copy link
Member

@ejona86 ejona86 Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This class shouldn't be extended. Use create() to construct.

xds/src/main/java/io/grpc/xds/internal/security/SecurityProtocolNegotiators.java
this.sslContextProviderSupplier = sslContextProviderSupplier;
EnvoyServerProtoData.BaseTlsContext tlsContext = sslContextProviderSupplier.getTlsContext();
UpstreamTlsContext upstreamTlsContext = ((UpstreamTlsContext) tlsContext);
if (CertificateUtils.isXdsSniEnabled) {
Copy link
Member

@ejona86 ejona86 Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How is this being removed without also changing the default value of/deleting GRPC_EXPERIMENTAL_XDS_SNI?

@kannanjgithub
Copy link
Contributor Author

kannanjgithub commented Nov 11, 2025

It is easier to start from scratch for the changes to just change the default to true. I have raised a different PR #12499 for this.

@ejona86 ejona86 removed the TODO:backport PR needs to be backported. Removed after backport complete label Nov 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ejona86 ejona86 ejona86 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kannanjgithub @ejona86