Skip to content

Make http/ratelimit exception free#38629

Merged
yanavlasov merged 2 commits into
envoyproxy:mainfrom
mathetake:ratelimitexceptionfree
Mar 5, 2025
Merged

Make http/ratelimit exception free#38629
yanavlasov merged 2 commits into
envoyproxy:mainfrom
mathetake:ratelimitexceptionfree

Conversation

@mathetake

Copy link
Copy Markdown
Member

Commit Message: Make http/ratelimit exception free
Additional Description: n/a
Risk Level: low
Testing: existing ones
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a

Signed-off-by: Takeshi Yoneda <t.y.mathetake@gmail.com>
@repokitteh-read-only

Copy link
Copy Markdown

As a reminder, PRs marked as draft will not be automatically assigned reviewers,
or be handled by maintainer-oncall triage.

Please mark your PR as ready when you want it to be reviewed!

🐱

Caused by: #38629 was opened by mathetake.

see: more, trace.

Signed-off-by: Takeshi Yoneda <t.y.mathetake@gmail.com>
@mathetake mathetake marked this pull request as ready for review March 3, 2025 18:26
@mathetake mathetake requested a review from mattklein123 as a code owner March 3, 2025 18:26
@yanavlasov yanavlasov merged commit c98f2b7 into envoyproxy:main Mar 5, 2025
@mathetake mathetake deleted the ratelimitexceptionfree branch March 5, 2025 00:41
jewertow pushed a commit to jewertow/envoy that referenced this pull request Apr 2, 2025
Risk Level: low
Testing: existing ones 
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a

---------

Signed-off-by: Takeshi Yoneda <t.y.mathetake@gmail.com>
agrawroh pushed a commit to agrawroh/envoy that referenced this pull request Apr 9, 2025
Risk Level: low
Testing: existing ones 
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a

---------

Signed-off-by: Takeshi Yoneda <t.y.mathetake@gmail.com>
yanavlasov pushed a commit that referenced this pull request Jul 16, 2026
…#46111)

Migrate the ratelimit, rbac, and ext_authz network filter config
factories from the throwing `Common::FactoryBase` to
`Common::ExceptionFreeFactoryBase`, so config validation returns
`absl::StatusOr` instead of throwing. This mirrors the already merged
HTTP twins (#38629, #46035) and continues the exception free migration
tracked in #27412. Error messages and failure semantics are unchanged
(`EnvoyException` becomes `absl::InvalidArgumentError` with identical
text).

rbac's factory validation was the only throw in its directory, so its
entry is removed from the `tools/code_format/config.yaml` exception
allowlist, locking the directory throw free via `check_format`.
ratelimit and ext_authz keep their entries: both retain throws outside
the config validation surface (descriptor formatter, per connection
client creation), left for a follow-up.

The network read filter fuzz harness relied on factories throwing for
invalid configs (`.value()` inside a `catch (EnvoyException)`). It now
checks the returned status first, mirroring the HTTP fuzz harness, so
error statuses keep exiting setup early instead of escaping as
`BadStatusOrAccess` (caught by the `ext_authz_2` corpus entry, a V2
config).

**Commit Message:** network: migrate ratelimit, rbac, ext_authz filters
to exception free

**Additional Description:** see above

**Risk Level:** Low. Behavior preserving refactor, no user visible
change.

**Testing:** The three `config_test` targets and
`//test/extensions/filters/network/common/fuzz:network_readfilter_fuzz_test`
(which exercises the migrated error path via the `ext_authz_2` corpus)
pass in the CI clang image. Added `DeprecatedV2TransportApiVersion`
negative tests for ratelimit and ext_authz; rbac's `checkRule`
expectations converted from `EXPECT_THROW` to status assertions.
`check_format` passes with the rbac allowlist entry removed.

**Docs Changes:** N/A

**Release Notes:** N/A (internal refactor)

**Platform Specific Features:** N/A

Part of #27412

**Generative AI disclosure:** Developed with AI assistance (Claude
Code); I reviewed and understand every line and take full ownership of
the submission.

Signed-off-by: David Vo <davidvo@lyft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants