proxy_sdk/
envoy.rs

1use std::borrow::Cow;
2
3use prost::Message;
4
5use crate::upstream::Upstream;
6
7use self::grpc_service::grpc_service::{
8    google_grpc::{channel_credentials::CredentialSpecifier, ChannelCredentials, SslCredentials},
9    EnvoyGrpc, GoogleGrpc, TargetSpecifier,
10};
11
12mod grpc_service {
13    include!(concat!(env!("OUT_DIR"), "/envoy.config.core.v3.rs"));
14}
15
16impl<'a> Upstream<'a> {
17    /// Creates an Envoy-compatible upstream configuration for the given upstream cluster name
18    pub fn envoy_upstream(cluster_name: impl ToString, authority: impl ToString) -> Self {
19        let cluster_name = cluster_name.to_string();
20        let service = grpc_service::GrpcService {
21            target_specifier: Some(TargetSpecifier::EnvoyGrpc(EnvoyGrpc {
22                authority: authority.to_string(),
23                cluster_name,
24            })),
25            ..Default::default()
26        };
27        Self(Cow::Owned(service.encode_to_vec()))
28    }
29
30    /// like grpc_upstream, but without TLS. used for testing purposes
31    pub fn insecure_grpc_upstream(target_uri: impl ToString) -> Self {
32        let service = grpc_service::GrpcService {
33            target_specifier: Some(TargetSpecifier::GoogleGrpc(GoogleGrpc {
34                target_uri: target_uri.to_string(),
35                channel_credentials: None,
36                call_credentials: vec![],
37                channel_args: Default::default(),
38                config: Default::default(),
39                credentials_factory_name: String::new(),
40                per_stream_buffer_limit_bytes: None,
41                stat_prefix: "leaksignal_command".to_string(),
42            })),
43            ..Default::default()
44        };
45        Self(Cow::Owned(service.encode_to_vec()))
46    }
47
48    pub fn grpc_upstream(target_uri: impl ToString) -> Self {
49        let target_uri = target_uri.to_string();
50        let is_plaintext = target_uri.starts_with("http://");
51        let target_uri = target_uri
52            .strip_prefix(if is_plaintext { "http://" } else { "https://" })
53            .unwrap_or(&*target_uri)
54            .to_string();
55        let service = grpc_service::GrpcService {
56            target_specifier: Some(TargetSpecifier::GoogleGrpc(GoogleGrpc {
57                channel_credentials: if is_plaintext {
58                    None
59                } else {
60                    Some(ChannelCredentials {
61                        credential_specifier: Some(CredentialSpecifier::SslCredentials(
62                            SslCredentials {
63                                root_certs: None,
64                                private_key: None,
65                                cert_chain: None,
66                            },
67                        )),
68                    })
69                },
70                target_uri,
71                call_credentials: vec![],
72                channel_args: Default::default(),
73                config: Default::default(),
74                credentials_factory_name: String::new(),
75                per_stream_buffer_limit_bytes: None,
76                stat_prefix: "leaksignal_command".to_string(),
77            })),
78            ..Default::default()
79        };
80        Self(Cow::Owned(service.encode_to_vec()))
81    }
82}
proxy_sdk/envoy.rs

proxy_sdk/
envoy.rs
