xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap changes for GrpcService#12492
Open
sauravzg wants to merge 9 commits intogrpc:masterfrom
Open
xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap changes for GrpcService#12492sauravzg wants to merge 9 commits intogrpc:masterfrom
sauravzg wants to merge 9 commits intogrpc:masterfrom
Conversation
This was referenced Nov 11, 2025
sauravzg
force-pushed
the
feat/authz-config
branch
6 times, most recently
from
6738492 to
a02a2a9
Compare
ejona86
reviewed
Dec 29, 2025
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/grpcservice/InsecureGrpcChannelFactory.java
Outdated
Show resolved
Hide resolved
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java
Outdated
Show resolved
Hide resolved
This commit introduces configuration objects for the external authorization (ExtAuthz) filter and the gRPC service it uses. These classes provide a structured, immutable representation of the configuration defined in the xDS protobuf messages. The main new classes are: - `ExtAuthzConfig`: Represents the configuration for the `ExtAuthz` filter, including settings for the gRPC service, header mutation rules, and other filter behaviors. - `GrpcServiceConfig`: Represents the configuration for a gRPC service, including the target URI, credentials, and other settings. - `HeaderMutationRulesConfig`: Represents the configuration for header mutation rules. This commit also includes parsers to create these configuration objects from the corresponding protobuf messages, as well as unit tests for the new classes.
sauravzg
added a commit
to sauravzg/grpc-java
that referenced
this pull request
Mar 10, 2026
Fixup: Address comments from grpc#12492 for non PR deps Fixup: CallCreds changes to use CompositeCreds Fixup: 12493 : Remove redundant CheckParamsBuilder Fixup: 12493 : Move the CertificateProvider to CheckRequestBuilder and create utils class Fixup: 12492 Separate out config parsing yolo
sauravzg
force-pushed
the
feat/authz-config
branch
from
a02a2a9 to
47f2a85
Compare
Collaborator
Author
|
@ejona86 PTAL. I've addressed most of the comments and have updated the PR description. Apart from addresing the comments, this PR now also contains the remaining implementation of GrpcService which wasn't in scope last quarter (essentially bootstrap changes and some bootstrap abstractions). |
sauravzg
force-pushed
the
feat/authz-config
branch
from
47f2a85 to
5654c64
Compare
… the updated requirements
sauravzg
changed the title
kannanjgithub
previously approved these changes
Mar 17, 2026
Contributor
|
/gcbrun |
kannanjgithub
dismissed
their stale review
Will wait for the security level check to be implemented before applying token call cred.
… and add test coverage
sauravzg
force-pushed
the
feat/authz-config
branch
from
8e50ad9 to
c1b95f1
Compare
kannanjgithub
approved these changes
Mar 17, 2026
AgraVator
reviewed
Mar 23, 2026
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParser.java
Show resolved
Hide resolved
Contributor
Is there a tracked issue for the follow-up PR to implement this? |
… bug Makes `allowedGrpcServices` to be a non-optional struct instead of an `Optional<Map<str,AllowedService>>` since it's essentially an immuatable hash map, making it preferable to use an empty instance instead of null. Change a small bug where we continued instead of return when parsing bootstrap credentials.
Collaborator
Author
I am not sure what's the process here when creating an issue. What sort of issue do I need to create? |
Collaborator
Author
|
@AgraVator @kannanjgithub I made a minor refactor + bugfix in the latest commit around bootstrap. PTAL |
There was a problem hiding this comment.
Pull request overview
Adds new internal, immutable config objects and parsers for xDS GrpcService and ExtAuthz (including header mutation rules), plus bootstrap support for allowed_grpc_services, with accompanying unit tests.
Changes:
- Introduces config models + parsers for
GrpcService,ExtAuthz, andHeaderMutationRules. - Adds gRPC-service-specific validation/utilities (header validation) and xDS parsing context abstractions.
- Extends bootstrap parsing to read
allowed_grpc_servicesand exposes it viaBootstrapInfo.
Reviewed changes
Copilot reviewed 30 out of 30 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| xds/src/test/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesParserTest.java | Tests for HeaderMutationRules proto parsing (success + invalid regex). |
| xds/src/test/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesConfigTest.java | Tests defaulting and builder behavior for HeaderMutationRulesConfig. |
| xds/src/test/java/io/grpc/xds/internal/grpcservice/HeaderValueValidationUtilsTest.java | Tests header key/value validation rules and limits. |
| xds/src/test/java/io/grpc/xds/internal/grpcservice/HeaderValueTest.java | Tests HeaderValue creation for ASCII vs binary values. |
| xds/src/test/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContextTestUtil.java | Test helper for creating a dummy GrpcServiceXdsContextProvider. |
| xds/src/test/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParserTest.java | Extensive tests for GrpcService parsing, creds handling, metadata, timeouts, and security-aware call creds. |
| xds/src/test/java/io/grpc/xds/internal/extauthz/ExtAuthzConfigParserTest.java | Tests ExtAuthz parsing + integration with GrpcService parsing and header mutation rules. |
| xds/src/test/java/io/grpc/xds/internal/MatcherParserTest.java | Tests for MatcherParser StringMatcher and new FractionMatcher parsing. |
| xds/src/test/java/io/grpc/xds/GrpcBootstrapperImplTest.java | Adds tests for bootstrap allowed_grpc_services parsing and validation. |
| xds/src/main/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesParser.java | Parser from Envoy HeaderMutationRules proto to internal config. |
| xds/src/main/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesParseException.java | Dedicated exception type for header mutation rules parsing failures. |
| xds/src/main/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesConfig.java | Immutable internal representation of header mutation rules. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/HeaderValueValidationUtils.java | Header validation utility used by GrpcService parsing. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/HeaderValue.java | Immutable internal header representation (string vs raw bytes). |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContextProvider.java | Interface for retrieving target-specific parsing context. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContext.java | Immutable context object for trusted/untrusted control plane logic. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceParseException.java | Dedicated exception type for GrpcService parsing failures. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParser.java | Core parser for Envoy GrpcService proto into internal config + creds extraction. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java | Immutable internal GrpcService config model. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/ConfiguredChannelCredentials.java | Value type combining ChannelCredentials with comparable config. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/ChannelCredsConfig.java | Interface describing channel credential configuration identity. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/AllowedGrpcServices.java | Wrapper for per-target allowed gRPC services from bootstrap. |
| xds/src/main/java/io/grpc/xds/internal/grpcservice/AllowedGrpcService.java | Per-target allowed service config (channel creds + optional call creds). |
| xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzParseException.java | Dedicated exception type for ExtAuthz parsing failures. |
| xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfigParser.java | Parser for Envoy ExtAuthz proto into internal config + matcher/header rules parsing. |
| xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java | Immutable internal ExtAuthz config model. |
| xds/src/main/java/io/grpc/xds/internal/MatcherParser.java | Adds FractionalPercent → FractionMatcher parsing. |
| xds/src/main/java/io/grpc/xds/client/BootstrapperImpl.java | Wires in parsing hook for allowed_grpc_services. |
| xds/src/main/java/io/grpc/xds/client/Bootstrapper.java | Extends BootstrapInfo to expose parsed allowed_grpc_services. |
| xds/src/main/java/io/grpc/xds/GrpcBootstrapperImpl.java | Implements allowed_grpc_services parsing and wraps channel creds with config identity. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
sauravzg
force-pushed
the
feat/authz-config
branch
from
e73bc7b to
804cb09
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This commit introduces configuration objects for the external authorization (ExtAuthz) filter and the gRPC service and corresponding translations from XDS proto and Bootstrap. These classes provide a structured, immutable representation of the subset of the configuration defined in the xDS protobuf messages.
This PR should mostly now (hopefully ) be compliant with grpc/proposal#510 but without
The main new classes are:
ExtAuthzConfig: Represents the configuration for theExtAuthzfilter, including settings for the gRPC service, header mutation rules, and other filter behaviors.GrpcServiceConfig: Represents the configuration for a gRPC service, including the target URI, credentials, and other settings.HeaderMutationRulesConfig: Represents the configuration for header mutation rules.ChannelCredsConfigand friends: To allow comparison between credential configuration , to allow caching based on creds which'll be needed in followup PRs for authz and proc.The relevant sections of the spec are
This commit also includes parsers to create these configuration objects from the corresponding protobuf messages, as well as unit tests for the new classes.