Merge pull request #161752 from helsinki-systems/upd/envoy

envoy: 1.19.1 -> 1.21.1

pkgs/servers/http/envoy/0002-Add-upb-patch-to-make-it-compile-under-GCC10.patch

@@ -1,91 +0,0 @@
-From 8b531c41f956b27e4be32b430db2e7a44e0cdd3e Mon Sep 17 00:00:00 2001
-From: Luke Granger-Brown <git@lukegb.com>
-Date: Thu, 7 Jan 2021 11:09:18 +0000
-Subject: [PATCH] Add upb patch to make it compile under GCC10
-
----
- bazel/repositories.bzl |  5 +++-
- bazel/upb2.patch       | 55 ++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 59 insertions(+), 1 deletion(-)
- create mode 100644 bazel/upb2.patch
-
-diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
-index 64d61ea49..c6cadc9df 100644
---- a/bazel/repositories.bzl
-+++ b/bazel/repositories.bzl
-@@ -811,7 +811,10 @@ def _com_github_grpc_grpc():
- def _upb():
-     _repository_impl(
-         name = "upb",
--        patches = ["@envoy//bazel:upb.patch"],
-+        patches = [
-+            "@envoy//bazel:upb.patch",
-+            "@envoy//bazel:upb2.patch",
-+        ],
-         patch_args = ["-p1"],
-     )
- 
-diff --git a/bazel/upb2.patch b/bazel/upb2.patch
-new file mode 100644
-index 000000000..6e436c61b
---- /dev/null
-+++ b/bazel/upb2.patch
-@@ -0,0 +1,55 @@
-+From 9bd23dab4240b015321a53c45b3c9e4847fbf020 Mon Sep 17 00:00:00 2001
-+From: Joshua Haberman <jhaberman@gmail.com>
-+Date: Tue, 7 Apr 2020 15:22:11 -0700
-+Subject: [PATCH] Changed upb status to suit GCC10's warning about strncpy().
-+ (#268)
-+
-+Added tests for all cases. Also removed ellipses from truncated
-+messages, they were more trouble than they are worth.
-+---
-+ tests/test_generated_code.c | 33 +++++++++++++++++++++++++++++++++
-+ upb/upb.c                   | 17 +++--------------
-+ 2 files changed, 36 insertions(+), 14 deletions(-)
-+
-+diff --git a/upb/upb.c b/upb/upb.c
-+index cb2cdfd9d..258192d79 100644
-+--- a/upb/upb.c
-++++ b/upb/upb.c
-+@@ -11,17 +11,6 @@
-+ 
-+ #include "upb/port_def.inc"
-+ 
-+-/* Guarantee null-termination and provide ellipsis truncation.
-+- * It may be tempting to "optimize" this by initializing these final
-+- * four bytes up-front and then being careful never to overwrite them,
-+- * this is safer and simpler. */
-+-static void nullz(upb_status *status) {
-+-  const char *ellipsis = "...";
-+-  size_t len = strlen(ellipsis);
-+-  UPB_ASSERT(sizeof(status->msg) > len);
-+-  memcpy(status->msg + sizeof(status->msg) - len, ellipsis, len);
-+-}
-+-
-+ /* upb_status *****************************************************************/
-+ 
-+ void upb_status_clear(upb_status *status) {
-+@@ -37,8 +26,8 @@ const char *upb_status_errmsg(const upb_status *status) { return status->msg; }
-+ void upb_status_seterrmsg(upb_status *status, const char *msg) {
-+   if (!status) return;
-+   status->ok = false;
-+-  strncpy(status->msg, msg, sizeof(status->msg));
-+-  nullz(status);
-++  strncpy(status->msg, msg, UPB_STATUS_MAX_MESSAGE - 1);
-++  status->msg[UPB_STATUS_MAX_MESSAGE - 1] = '\0';
-+ }
-+ 
-+ void upb_status_seterrf(upb_status *status, const char *fmt, ...) {
-+@@ -52,7 +41,7 @@ void upb_status_vseterrf(upb_status *status, const char *fmt, va_list args) {
-+   if (!status) return;
-+   status->ok = false;
-+   _upb_vsnprintf(status->msg, sizeof(status->msg), fmt, args);
-+-  nullz(status);
-++  status->msg[UPB_STATUS_MAX_MESSAGE - 1] = '\0';
-+ }
-+ 
-+ /* upb_alloc ******************************************************************/
--- 
-2.29.2
-

pkgs/servers/http/envoy/default.nix

@@ -1,6 +1,8 @@
 { lib
+, bazel_4
 , buildBazelPackage
 , fetchFromGitHub
+, fetchpatch
 , stdenv
 , cmake
 , gn
@@ -8,6 +10,7 @@
 , jdk
 , ninja
 , python3
+, linuxHeaders
 , nixosTests
 }:
 
@@ -17,23 +20,24 @@ let
     # However, the version string is more useful for end-users.
     # These are contained in a attrset of their own to make it obvious that
     # people should update both.
-    version = "1.19.1";
-    commit = "a2a1e3eed4214a38608ec223859fcfa8fb679b14";
+    version = "1.21.1";
+    rev = "af50070ee60866874b0a9383daf9364e884ded22";
   };
 in
 buildBazelPackage rec {
   pname = "envoy";
-  version = srcVer.version;
+  inherit (srcVer) version;
+  bazel = bazel_4;
   src = fetchFromGitHub {
     owner = "envoyproxy";
     repo = "envoy";
-    rev = srcVer.commit;
-    hash = "sha256:1v1hv4blrppnhllsxd9d3k2wl6nhd59r4ydljy389na3bb41jwf9";
+    inherit (srcVer) rev ;
+    hash = "sha256:11mm72zmb479ss585jzqzhklyyqmdadnvr91ghzvjxc0j2a1hrr4";
 
     extraPostFetch = ''
       chmod -R +w $out
       rm $out/.bazelversion
-      echo ${srcVer.commit} > $out/SOURCE_VERSION
+      echo ${srcVer.rev} > $out/SOURCE_VERSION
       sed -i 's/GO_VERSION = ".*"/GO_VERSION = "host"/g' $out/bazel/dependency_imports.bzl
     '';
   };
@@ -48,6 +52,14 @@ buildBazelPackage rec {
       --replace '"''$$WEE8_BUILD_ARGS"' '"''$$WEE8_BUILD_ARGS use_gold=false"'
   '';
 
+  patches = [
+    # make linux/tcp.h relative. drop when upgrading to >1.21
+    (fetchpatch {
+      url = "https://github.com/envoyproxy/envoy/commit/68448aae7a78a3123097b6ea96016b270457e7b8.patch";
+      sha256 = "123kv3x37p8fgfp29jhw5xg5js5q5ipibs8hsm7gzfd5bcllnpfh";
+    })
+  ];
+
   nativeBuildInputs = [
     cmake
     python3
@@ -57,8 +69,12 @@ buildBazelPackage rec {
     ninja
   ];
 
+  buildInputs = [
+    linuxHeaders
+  ];
+
   fetchAttrs = {
-    sha256 = "sha256:0vnl0gq6nhvyzz39jg1bvvna0xyhxalg71bp1jbxib7ql026004r";
+    sha256 = "0f7mls2zrpjjvbz6pgkzrvr55bv05xn2l76j9i1r0cf367qqfkz8";
     dontUseCmakeConfigure = true;
     dontUseGnConfigure = true;
     preInstall = ''
@@ -84,7 +100,7 @@ buildBazelPackage rec {
     dontUseGnConfigure = true;
     dontUseNinjaInstall = true;
     preConfigure = ''
-      sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/tools/build_defs/framework.bzl
+      sed -i 's,#!/usr/bin/env bash,#!${stdenv.shell},' $bazelOut/external/rules_foreign_cc/foreign_cc/private/framework/toolchains/linux_commands.bzl
 
       # Add paths to Nix store back.
       sed -i \