chore: fix build

.bazelversion

@@ -1 +1 @@
-6.0.0
+6.3.2

.github/workflows/build_api.yml

@@ -0,0 +1,36 @@
+---
+name: build-api
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+    - "main"
+    - "master"
+    - "release/v*"
+    paths-ignore:
+    - "**/*.md"
+    - "**/*.png"
+  pull_request:
+    branches:
+    - "main"
+    - "master"
+    - "release/v*"
+    paths-ignore:
+    - "**/*.md"
+    - "**/*.png"
+
+jobs:
+  BuildMetaProtocolBinary:
+    runs-on: ubuntu-latest
+    timeout-minutes: 1440 # 12 hours
+    name: Build API
+    env:
+      LOG_DIR: /tmp/test_logs
+      LOG_PATH: /tmp/test_logs/${{ matrix.protocal }}.log
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Build
+        run: |
+          bash ${GITHUB_WORKSPACE}/ci/ci_api.sh

.github/workflows/build_meta_proticol_proxy.yml

@@ -0,0 +1,36 @@
+---
+name: build-metaprotocol
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+    - "main"
+    - "master"
+    - "release/v*"
+    paths-ignore:
+    - "**/*.md"
+    - "**/*.png"
+  pull_request:
+    branches:
+    - "main"
+    - "master"
+    - "release/v*"
+    paths-ignore:
+    - "**/*.md"
+    - "**/*.png"
+
+jobs:
+  BuildMetaProtocolBinary:
+    runs-on: ubuntu-latest
+    timeout-minutes: 1440 # 12 hours
+    name: Build MetaProtocolProxy
+    env:
+      LOG_DIR: /tmp/test_logs
+      LOG_PATH: /tmp/test_logs/${{ matrix.protocal }}.log
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Build
+        run: |
+          bash ${GITHUB_WORKSPACE}/ci/ci_dev.sh

Makefile

@@ -12,19 +12,11 @@
 ## See the License for the specific language governing permissions and
 ## limitations under the License.
 
-SHELL := /bin/bash
-CC := clang-10
-CXX := clang++-10
-PATH := /home/ubuntu/clang+llvm-10.0.0-linux-gnu/bin:$(PATH)
 
-BAZEL_CONFIG = -s --sandbox_debug --verbose_failures --verbose_explanations --explain=build.log --host_force_python=PY3
-BAZEL_CONFIG_DEV  = $(BAZEL_CONFIG) --config=libc++
-BAZEL_CONFIG_REL  = $(BAZEL_CONFIG_DEV) --config=release
 BAZEL_TARGETS = envoy
 
 build:
-	export PATH=$(PATH) CC=$(CC) CXX=$(CXX) && \
-	bazel build $(BAZEL_CONFIG_DEV) $(BAZEL_TARGETS)
+	bazel build $(BAZEL_TARGETS)
 
 release:
 	export PATH=$(PATH) CC=$(CC) CXX=$(CXX) && \

WORKSPACE

@@ -58,7 +58,10 @@ http_archive(
     sha256 = ENVOY_SHA256,
     strip_prefix = ENVOY_REPO + "-" + ENVOY_SHA,
     url = "https://github.com/" + ENVOY_ORG + "/" + ENVOY_REPO + "/archive/" + ENVOY_SHA + ".tar.gz",
-    patches = ["//:patches/0001-expose-some-build-file-as-public.patch"],
+    patches = [
+        "//:patches/0001-expose-some-build-file-as-public.patch",
+        "//:patches/0002-envoy-bazel-repo-location.patch",
+        "//:patches/0003-envoy-bazel-repo-location.patch"],
 )
 
 load("@envoy//bazel:api_binding.bzl", "envoy_api_binding")
@@ -95,6 +98,16 @@ load("@envoy//bazel:dependency_imports.bzl", "envoy_dependency_imports")
 
 envoy_dependency_imports()
 
+load("@bazel_gazelle//:deps.bzl", "go_repository")
+
+go_repository(
+    name = "org_golang_x_tools",
+    importpath = "golang.org/x/tools",
+    sum = "h1:po9/4sTYwOU9QPo1XTU8+YLNBPyXgS4nSdIjxNBXtxg=",
+    version = "v0.1.12",
+    build_external = "external",
+)
+
 # Bazel @rules_pkg
 
 http_archive(

ci/Dockerfile-envoy

@@ -0,0 +1,109 @@
+ARG BUILD_OS=ubuntu
+ARG BUILD_TAG=20.04
+ARG ENVOY_VRP_BASE_IMAGE=envoy-base
+
+
+FROM scratch AS binary
+COPY ci/docker-entrypoint.sh /
+ADD configs/envoyproxy_io_proxy.yaml /etc/envoy/envoy.yaml
+# See https://github.com/docker/buildx/issues/510 for why this _must_ be this way
+ARG TARGETPLATFORM
+ENV TARGETPLATFORM="${TARGETPLATFORM:-linux/amd64}"
+ADD "${TARGETPLATFORM}/release.tar.zst" /usr/local/bin/
+
+
+# STAGE: envoy-base
+FROM ${BUILD_OS}:${BUILD_TAG} AS envoy-base
+ENV DEBIAN_FRONTEND=noninteractive
+EXPOSE 10000
+CMD ["envoy", "-c", "/etc/envoy/envoy.yaml"]
+RUN mkdir -p /etc/envoy \
+    && adduser --group --system envoy
+ENTRYPOINT ["/docker-entrypoint.sh"]
+# NB: Adding this here means that following steps, for example updating the system packages, are run
+#   when the version file changes. This should mean that a release version will always update.
+#   In PRs this will just use cached layers unless either this file changes or the version has changed.
+ADD VERSION.txt /etc/envoy
+RUN --mount=type=tmpfs,target=/var/cache/apt \
+    --mount=type=tmpfs,target=/var/lib/apt/lists \
+    apt-get -qq update \
+    && apt-get -qq upgrade -y \
+    && apt-get -qq install --no-install-recommends -y ca-certificates \
+    && apt-get -qq autoremove -y
+
+
+# STAGE: envoy
+FROM envoy-base AS envoy
+COPY --from=binary --chown=0:0 --chmod=644 \
+    /etc/envoy/envoy.yaml /etc/envoy/envoy.yaml
+COPY --from=binary --chown=0:0 --chmod=755 \
+    /docker-entrypoint.sh /
+COPY --from=binary --chown=0:0 --chmod=755 \
+    /usr/local/bin/utils/su-exec /usr/local/bin/
+ARG ENVOY_BINARY=envoy
+ARG ENVOY_BINARY_PREFIX=
+COPY --from=binary --chown=0:0 --chmod=755 \
+    "/usr/local/bin/${ENVOY_BINARY_PREFIX}${ENVOY_BINARY}" /usr/local/bin/envoy
+COPY --from=binary --chown=0:0 --chmod=755 \
+    /usr/local/bin/${ENVOY_BINARY_PREFIX}${ENVOY_BINARY}\.* /usr/local/bin/
+
+
+# STAGE: envoy-tools
+FROM envoy AS envoy-tools
+# See https://github.com/docker/buildx/issues/510 for why this _must_ be this way
+ARG TARGETPLATFORM
+ENV TARGETPLATFORM="${TARGETPLATFORM:-linux/amd64}"
+COPY --chown=0:0 --chmod=755 \
+    "${TARGETPLATFORM}/schema_validator_tool" /usr/local/bin/schema_validator_tool
+
+
+# STAGE: envoy-distroless
+# gcr.io/distroless/base-nossl-debian11:nonroot
+FROM gcr.io/distroless/base-nossl-debian11:nonroot@sha256:f10e1fbf558c630a4b74a987e6c754d45bf59f9ddcefce090f6b111925996767 AS envoy-distroless
+EXPOSE 10000
+ENTRYPOINT ["/usr/local/bin/envoy"]
+CMD ["-c", "/etc/envoy/envoy.yaml"]
+COPY --from=binary --chown=0:0 --chmod=644 \
+    /etc/envoy/envoy.yaml /etc/envoy/envoy.yaml
+COPY --from=binary --chown=0:0 --chmod=755 \
+    /usr/local/bin/envoy /usr/local/bin/
+
+
+# STAGE: envoy-google-vrp-base
+FROM ${ENVOY_VRP_BASE_IMAGE} AS envoy-google-vrp-base
+EXPOSE 10000
+EXPOSE 10001
+CMD ["supervisord", "-c", "/etc/supervisor.conf"]
+ENTRYPOINT []
+ADD --chown=0:0 --chmod=644 \
+    configs/google-vrp/*.yaml /etc/envoy/
+ADD --chown=0:0 --chmod=755 \
+    configs/google-vrp/launch_envoy.sh /usr/local/bin/launch_envoy.sh
+ADD --chown=0:0 --chmod=644 \
+    test/config/integration/certs/serverkey.pem /etc/envoy/certs/serverkey.pem
+ADD --chown=0:0 --chmod=644 \
+    test/config/integration/certs/servercert.pem /etc/envoy/certs/servercert.pem
+RUN --mount=type=tmpfs,target=/var/cache/apt \
+    --mount=type=tmpfs,target=/var/lib/apt/lists \
+    apt-get -qq update \
+    && apt-get -qq upgrade -y \
+    && apt-get -qq install -y libc++1 supervisor gdb strace tshark \
+    && apt-get autoremove -y \
+    && chmod 777 /var/log/supervisor
+ADD --chown=0:0 --chmod=755 configs/google-vrp/supervisor.conf /etc/supervisor.conf
+
+
+# STAGE: envoy-google-vrp
+FROM envoy-google-vrp-base as envoy-google-vrp
+COPY  --from=binary --chown=0:0 --chmod=755 \
+    /usr/local/bin/envoy /usr/local/bin/envoy
+
+
+# STAGE: envoy-google-vrp-custom
+FROM envoy-google-vrp-base as envoy-google-vrp-custom
+ARG ENVOY_CTX_BINARY_PATH
+ADD "${ENVOY_CTX_BINARY_PATH}" /usr/local/bin/envoy
+
+
+# Make envoy image as last stage so it is built by default
+FROM envoy

ci/Dockerfile-envoy-windows

@@ -0,0 +1,22 @@
+ARG BUILD_OS=mcr.microsoft.com/windows/servercore
+ARG BUILD_TAG=ltsc2019
+
+FROM $BUILD_OS:$BUILD_TAG
+
+USER ContainerAdministrator
+RUN net accounts /MaxPWAge:unlimited
+RUN net user /add "EnvoyUser" /expires:never
+RUN net localgroup "Network Configuration Operators" "EnvoyUser" /add
+
+RUN mkdir "C:\\Program\ Files\\envoy"
+RUN setx /M path "%path%;c:\Program Files\envoy"
+ADD ["windows/amd64/envoy.exe", "C:/Program Files/envoy/"]
+
+RUN mkdir "C:\\ProgramData\\envoy"
+ADD ["configs/envoyproxy_io_proxy.yaml", "C:/ProgramData/envoy/envoy.yaml"]
+
+EXPOSE 10000
+
+COPY ci/docker-entrypoint.bat C:/
+ENTRYPOINT ["C:/docker-entrypoint.bat"]
+CMD ["envoy.exe", "-c", "C:\\ProgramData\\envoy\\envoy.yaml"]