From 5e02c2d8212bce58b474266e24b009710eb97f93 Mon Sep 17 00:00:00 2001
From: Harvey Tuch <htuch@google.com>
Date: Wed, 18 Nov 2020 10:53:07 -0500
Subject: [PATCH 1/3] examples: add VRP runtime validation to verify_examples.

This is a regression test to cover the issue underlying
https://github.com/envoyproxy/envoy/pull/14066.

Risk level: Low
Testing: Validating manually verify.sh passes, CI.

Signed-off-by: Harvey Tuch <htuch@google.com>
---
 examples/verify-common.sh               |  3 ++-
 examples/vrp-litmus/Dockerfile-vrp      |  1 +
 examples/vrp-litmus/README.md           |  3 +++
 examples/vrp-litmus/docker-compose.yaml | 17 +++++++++++++++++
 examples/vrp-litmus/verify.sh           | 14 ++++++++++++++
 5 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 examples/vrp-litmus/Dockerfile-vrp
 create mode 100644 examples/vrp-litmus/README.md
 create mode 100644 examples/vrp-litmus/docker-compose.yaml
 create mode 100755 examples/vrp-litmus/verify.sh

diff --git a/examples/verify-common.sh b/examples/verify-common.sh
index 277336170f82..3e4489ba0b63 100644
--- a/examples/verify-common.sh
+++ b/examples/verify-common.sh
@@ -6,6 +6,7 @@ MANUAL="${MANUAL:-}"
 NAME="${NAME:-}"
 PATHS="${PATHS:-.}"
 UPARGS="${UPARGS:-}"
+EXTRA_CURL_ARGS="${EXTRA_CURL_ARGS:-}"
 
 
 run_log () {
@@ -72,7 +73,7 @@ cleanup () {
 
 _curl () {
     local arg curl_command
-    curl_command=(curl -s)
+    curl_command=(curl -s "${EXTRA_CURL_ARGS[@]}")
     if [[ ! "$*" =~ "-X" ]]; then
         curl_command+=(-X GET)
     fi
diff --git a/examples/vrp-litmus/Dockerfile-vrp b/examples/vrp-litmus/Dockerfile-vrp
new file mode 100644
index 000000000000..f0e6704d6d21
--- /dev/null
+++ b/examples/vrp-litmus/Dockerfile-vrp
@@ -0,0 +1 @@
+FROM envoyproxy/envoy-google-vrp-dev:latest
diff --git a/examples/vrp-litmus/README.md b/examples/vrp-litmus/README.md
new file mode 100644
index 000000000000..58c14b3fd8cb
--- /dev/null
+++ b/examples/vrp-litmus/README.md
@@ -0,0 +1,3 @@
+Simple litmus test to verify the VRP image in CI. For more details on VRP,
+please see
+https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/security/google_vrp.
diff --git a/examples/vrp-litmus/docker-compose.yaml b/examples/vrp-litmus/docker-compose.yaml
new file mode 100644
index 000000000000..46eefcafb9aa
--- /dev/null
+++ b/examples/vrp-litmus/docker-compose.yaml
@@ -0,0 +1,17 @@
+version: "3.7"
+services:
+
+  vrp:
+    build:
+      context: .
+      dockerfile: Dockerfile-vrp
+    environment:
+      ENVOY_EDGE_EXTRA_ARGS: ""
+      ENVOY_ORIGIN_EXTRA_ARGS: ""
+    networks:
+      - envoymesh
+    ports:
+      - "10000:10000"
+
+networks:
+  envoymesh: {}
diff --git a/examples/vrp-litmus/verify.sh b/examples/vrp-litmus/verify.sh
new file mode 100755
index 000000000000..3cf039b4003e
--- /dev/null
+++ b/examples/vrp-litmus/verify.sh
@@ -0,0 +1,14 @@
+#!/bin/bash -e
+
+export NAME=vrp-litmus
+export DELAY=10
+export EXTRA_CURL_ARGS=(-k)
+
+# shellcheck source=examples/verify-common.sh
+. "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh"
+
+
+run_log "Test proxy"
+responds_with \
+    normal \
+    https://localhost:10000/content

From fcc550caef6b3293939c275218aafc43de79c3f7 Mon Sep 17 00:00:00 2001
From: Harvey Tuch <htuch@google.com>
Date: Thu, 19 Nov 2020 13:58:20 -0500
Subject: [PATCH 2/3] wip

Signed-off-by: Harvey Tuch <htuch@google.com>
---
 examples/verify-common.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/examples/verify-common.sh b/examples/verify-common.sh
index 3e4489ba0b63..277336170f82 100644
--- a/examples/verify-common.sh
+++ b/examples/verify-common.sh
@@ -6,7 +6,6 @@ MANUAL="${MANUAL:-}"
 NAME="${NAME:-}"
 PATHS="${PATHS:-.}"
 UPARGS="${UPARGS:-}"
-EXTRA_CURL_ARGS="${EXTRA_CURL_ARGS:-}"
 
 
 run_log () {
@@ -73,7 +72,7 @@ cleanup () {
 
 _curl () {
     local arg curl_command
-    curl_command=(curl -s "${EXTRA_CURL_ARGS[@]}")
+    curl_command=(curl -s)
     if [[ ! "$*" =~ "-X" ]]; then
         curl_command+=(-X GET)
     fi

From 7b891d5db5f1ed86a70105e298625237cb9be000 Mon Sep 17 00:00:00 2001
From: Harvey Tuch <htuch@google.com>
Date: Thu, 19 Nov 2020 13:58:46 -0500
Subject: [PATCH 3/3] Use existing curl extra args support.

Signed-off-by: Harvey Tuch <htuch@google.com>
---
 examples/vrp-litmus/verify.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/vrp-litmus/verify.sh b/examples/vrp-litmus/verify.sh
index 3cf039b4003e..02791785c628 100755
--- a/examples/vrp-litmus/verify.sh
+++ b/examples/vrp-litmus/verify.sh
@@ -2,7 +2,6 @@
 
 export NAME=vrp-litmus
 export DELAY=10
-export EXTRA_CURL_ARGS=(-k)
 
 # shellcheck source=examples/verify-common.sh
 . "$(dirname "${BASH_SOURCE[0]}")/../verify-common.sh"
@@ -11,4 +10,5 @@ export EXTRA_CURL_ARGS=(-k)
 run_log "Test proxy"
 responds_with \
     normal \
-    https://localhost:10000/content
+    https://localhost:10000/content \
+    -k