move boringssl dependencies to extensions

[bdecoste]

Signed-off-by: William DeCoste bdecoste@gmail.com

For an explanation of how to fill out the fields, please see the relevant section
in PULL_REQUESTS.md

Description: As part of the work to support openssl this PR moves all boringssl dependencies to extensions. This is one step that will enable the linking and testing of openssl with a new transport socket for openssl. Those files with boringssl dependencies were moved from common/ssl to extensions/transport_sockets/ssl with similar changes for the tests. Please see #5524 for additional context.
Risk Level: Low
Testing: Standard tests passed
Docs Changes: None
Release Notes: None
[Optional Fixes #Issue]
[Optional Deprecated:]

[PiotrSikora]

/assign @lizan @PiotrSikora

[lizan]

/retest

[repokitteh-read-only]

🔨 rebuilding ci/circleci: release (failed build)

🐱

Caused by: a #5543 (comment) was created by @lizan.

see: more, trace.

[lizan]

At a glance this looks good, @bdecoste can you open an issue to track the overall work to make BoringSSL can be compiled out? i.e. what is the next step of this PR etc, based on the conversation in KubeCon last month.

[bdecoste]

#5545

[lizan]

Ideally I think we want the namespaces to be consistent with the path, do you want to do that in this PR or in next PR? I'm fine either.

[PiotrSikora]

Could you move it to extensions/transport_sockets/tls instead, so that it matches naming we use in the API? Thanks!

Also, changing namespaces would be great.

[bdecoste]

Thanks you. Just to confirm: You want the directory changed to extensions/transport_sockets/tls and the corresponding namespace to be Envoy::Extensions::TransportSockets::Tls?

Thanks -Bill

[PiotrSikora]

@bdecoste yes, if that's not too much work (there is already config in extensions/transport_sockets/ssl, which you'd need to move as well). Thanks!

[lizan]

SGTM, the transport socket is already named as tls. Thank you!

[bdecoste]

Great, thank you. I will make the changes and update the PR asap. The transport socket namespace in the extensions/transport_socket/ssl directory was Envoy::Extensions::TransportSockets::SslTransport so I will move and rename.

[bdecoste]

Do you also want me to change include/envoy/ssl and Envoy::Ssl to include/envoy/tls and Envoy::Tls? Thanks

[PiotrSikora]

@bdecoste I don't particularly care if it's done as part of this PR or another, but it should be renamed before OpenSSL extension starts including it.

[bdecoste]

OK, thanks. I will update the include as the next PR. This one is big enough already :-)

[lizan]

LGTM, sorry for the delay.

[bdecoste]

Thanks Lizan. As soon as this is merged, I'll put in another PR for moving the remaining file/namespaces from ssl to tls. I have this all ready and tested locally.

[PiotrSikora]

Nit: I think you can omit Envoy:: here (and everywhere else), Extensions::TransportSockets::Tls:: should also work, though I'm not sure if there are any style guidelines or preferences for that.

[bdecoste]

Ya, I find having the full namespace is easier to read but if you want me to reduce them please let me know

[PiotrSikora]

No, it's fine. Thanks.

[mattklein123]

In general we do try to reduce the namespace length, so I have a mild preference to remove Envoy:: here if you don't mind. If you don't feel like it it's fine to merge.

[bdecoste]

OK, I'll remove the Envoy::
Thanks

[repokitteh-read-only]

🙀 Error while processing event:

evaluation error
error: finished: cannot load github.com/repokitteh/modules/lib/utils.star: error from server: {module load error GET https://api.github.com/repos/repokitteh/modules/contents/lib/utils.star: 401 Bad credentials [] map[]}

🐱

Caused by: #5543 was synchronize by bdecoste.

see: more, trace.

[PiotrSikora]

@bdecoste It looks that you've missed one file, looks good, otherwise. Thanks!

Also, please don't force push in the future, since it makes reviewing much more demanding (basically, requiring review from scratch), and GitHub doesn't send notifications for the force push, so no one knows that you've made any changes. Instead, please push multiple commits (including merge with master, if your base drifted too much). All commits are squashed during merge, so it's a single commit once merged into master.

[bdecoste]

Thanks. Will not squash and force push in the future. We've (RH) have always squashed to a single commit for our other projects.

[bdecoste]

Resolved merge conflicts but had to force push to resolve.

[PiotrSikora]

Thanks!

[mattklein123]

I still see a bunch of Envoy::Ssl in here. Is that needed for a namespace conflict? Doesn't seem like there should be?

[PiotrSikora]

Interfaces in include/envoy still use Envoy:Ssl, @bdecoste is going to rename those in a follow-up PR... Unless you prefer to do it in this one?

[mattklein123]

My point was I don't think the Envoy:: is required, but if this is going to be changed in a follow up we can go ahead and just merge it.

[PiotrSikora]

Ah, that. I focused on Ssl vs Tls and completely missed it. Yes, it probably wasn't needed.

[lizan]

When @bdecoste renames Envoy::Ssl to Envoy::Tls this will conflict with Envoy::Extensions::TransportSockets::Tls, so let's just leave this as Envoy::Ssl.

[bdecoste]

Thanks for the reviews and merge. I should have the next PR to complete the directory and namespace change from ssl to tls in today or tomorrow.

[bdecoste]

To confirm... do you want me to leave include/envoy/ssl alone (i.e. Envoy::Ssl) or make the change to include/envoy/tls and Envoy::Tls and use fully qualified namespaces to avoid conflict?If we are sticking with ssl then I will put in a PR to remove the extraneous Envoy::

Thanks